Implementing Signature Verification for Webhooks (GitHub HMAC verification)
In this video, you will learn how to implement signature verification for webhooks as we use GitHub webhooks to demonstrate how to achieve this.
0:00 - Introduction
0:57 - The demo project
1:37 - The unrestricted webhook URL vulnerability
3:18 - Setting up a GitHub webhook with a secret key
4:21 - Implementing signature verification on the webhook endpoint
7:38 - Testing the HMAC verification with an unauthorized client
9:48 - Testing the HMAC verification with a GitHub webhook
Видео Implementing Signature Verification for Webhooks (GitHub HMAC verification) канала Hookdeck
0:00 - Introduction
0:57 - The demo project
1:37 - The unrestricted webhook URL vulnerability
3:18 - Setting up a GitHub webhook with a secret key
4:21 - Implementing signature verification on the webhook endpoint
7:38 - Testing the HMAC verification with an unauthorized client
9:48 - Testing the HMAC verification with a GitHub webhook
Видео Implementing Signature Verification for Webhooks (GitHub HMAC verification) канала Hookdeck
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
![How to receive and replay Pipedrive webhooks on localhost](https://i.ytimg.com/vi/L9h55lOEgnQ/default.jpg)
![Stripe & Hookdeck: Sending emails from webhooks](https://i.ytimg.com/vi/OpLF903gch8/default.jpg)
![Stripe & Hookdeck: Filtering events](https://i.ytimg.com/vi/MFzZl39pitY/default.jpg)
![Stripe & Hookdeck: Adding a connection](https://i.ytimg.com/vi/ZK4HbxwbtYU/default.jpg)
![Installing the Hookdeck CLI on Windows](https://i.ytimg.com/vi/qxr0Tbwc7Kg/default.jpg)
![Retrieving your CLI Key with the Hookdeck CLI](https://i.ytimg.com/vi/OtZD8haZ21c/default.jpg)
![Using the Hookdeck CLI in Docker](https://i.ytimg.com/vi/gq0Sq2M-vAY/default.jpg)
![Using the Hookdeck CLI in Docker with a custom network](https://i.ytimg.com/vi/WND9eEbvbG0/default.jpg)
![Installing the Hookdeck CLI on Linux (no package manager)](https://i.ytimg.com/vi/KukFCcPui3E/default.jpg)
![How to implement signature verification to prevent payload manipulation (Shopify example)](https://i.ytimg.com/vi/JCEz4ZN-zu0/default.jpg)
![How to implement signature verfication with timestamp to prevent replay attacks. (Stripe example)](https://i.ytimg.com/vi/q8WcTtQS88c/default.jpg)
![Getting Started with Discord webhooks using the Discord API](https://i.ytimg.com/vi/xh-EaV2DyAM/default.jpg)
![Getting started with Discord Webhooks](https://i.ytimg.com/vi/YHTdnl2zKig/default.jpg)
![How to verify Shopify Webhooks](https://i.ytimg.com/vi/MXjSQsmR3EU/default.jpg)
![Getting Started with Shopify webhooks using the Shopify API](https://i.ytimg.com/vi/V1TblKLSu30/default.jpg)
![Getting Started with Shopify webhooks using the Shopify Admin](https://i.ytimg.com/vi/VIvp8Adze_E/default.jpg)
![Troubleshooting CircleCI Webhooks](https://i.ytimg.com/vi/_w2_r8urSPs/default.jpg)
![Getting Started with CircleCI Webhooks](https://i.ytimg.com/vi/ymV82L0DP-A/default.jpg)
![Troubleshooting GitHub Webhooks](https://i.ytimg.com/vi/wvmOIBlXVTQ/default.jpg)
![Tutorial for GitHub Webhooks](https://i.ytimg.com/vi/C_b773aUjpc/default.jpg)