Simon McCabe

OSCP · OSWP · PWPP · PWPA · PAPA · EnCE · Linux+ · LPIC-1 · Network+ · Security+ · Pentest+ · eJPT · eWPT · BSc · PGCert

Shady Oaks Financial (JWT)

Bonus content:

Shady Oaks Financial Pt 2 (Flag Hunting)

Extra extra content:

Fetch in console

fetch('/api/admin/flag', { headers: { Authorization: 'Bearer <token here>' }}).then(r => r.json()).then(console.log)

curl

curl -k --http2 'https://<lab-url>/api/admin/flag' \
  -H 'Authorization: Bearer <token here>'

Thanks for following along!

LinkedIn X YouTube GitHub