Information Technology Service Management (ITSM) Processes. 1) Service Request Management Focuses on requests and responses for the IT help-desk items. The processes should be established and uniform. To reduce the workload on agents, organization may consider implementing self service options or chat-bots. 2) Service Catalogs Generally Service Catalogs is a central location/webpage with all the details for contacting the help-desk. It may also contain the self service options and solutions for common problems/issues. 3) Knowledge,Policy and Procedures. This is the knowledge base which controls the collection, maintenance and distribution of information sharing throughout the organization. It shall include the policies, standards, guidelines and the operating procedures for each process or tasks. 4) Incident Management. Defines process on how to handle a situation when an incident happens and how to fix the situation in an accelerated and organized manner. The objective is to reduce t
JSON Web Token (JWT) is a standard for securely transmitting information between parties as a JSON object. This information can be verified and trusted because as it is digitally signed using the public/private keys. In this post, i will be explaining about the JWT and how it can be manipulated to perform certain functions, especially during penetration testing.
Access the website that uses JWT token and open the developer tools in the web-browser to see the JWT token. To decode the token, we can use a handy website https://jwt.io .Copy the token and paste it on the website to decode.You can see the key pair values.
And if you want to generate your own customized JWT token, you can do it in the same way. Create the header and the payload data based on your desired fields. The jwt.io site generates and sign the key using the key-pairs. Then copy the encoded token and re-transmit to the target website to do manipulation.