The vulnerabilities that cause the most damage are rarely the ones that traditional security scanners are designed to find. Authentication bypasses and business logic flaws require understanding context—how different parts of an application interact, what assumptions developers made, and where those assumptions break down. For decades, finding these issues has required human expertise: experienced penetration testers who can think creatively about how systems might fail.
Last month, our autonomous AI found exactly this kind of vulnerability chain in a client's SaaS platform. The application had passed multiple manual penetration tests over the years. The issues our AI uncovered had been there the whole time.
Finding the First Thread
The discovery began during what we'd call routine reconnaissance. Our AI agent was examining the client's authentication system when it noticed something curious about the JWT token structure. A traditional scanner would have checked the token against a list of known weaknesses and moved on. Our AI took a different approach: it analyzed the token's claims, studied the expiration logic, and investigated how the application validated each component of the authentication flow.
Through this analysis, the AI discovered that the application accepted multiple algorithms for JWT validation—a configuration that's more common than it should be. By switching from RS256 to HS256, it became possible to sign tokens using the application's public key as a symmetric secret. In practical terms, this meant an attacker could forge valid authentication tokens without ever knowing the private key.
{
"alg": "HS256",
"typ": "JWT"
}
{
"sub": "attacker@example.com",
"role": "admin",
"iat": 1673366400,
"exp": 1673452800
}
This vulnerability alone would have been serious. But what happened next illustrates why autonomous AI testing represents such a significant advance over traditional approaches.
Following the Chain
Having gained the ability to forge admin credentials, our AI didn't simply log the finding and move on. Instead, it began exploring what an administrator could actually do within the application—and whether those capabilities introduced additional vulnerabilities.
The first thing it discovered was a flaw in the team invitation system. The "invite team member" functionality allowed administrators to bring new users into an organization and assign them roles. The problem was that the role assignment wasn't properly validated. An attacker who had forged admin credentials could invite themselves to any organization with elevated privileges. Even if the JWT vulnerability were later discovered and patched, this secondary account would persist, providing ongoing access to the compromised organization.
The AI then examined the data export functionality available to administrators. Here it found that the endpoint trusted JWT claims entirely for authorization decisions but failed to verify that the requesting admin actually belonged to the organization whose data they were attempting to export. The implications were significant: any admin account—including the attacker-controlled accounts our AI had demonstrated could be created—could export sensitive data from any organization on the platform.
The Complete Picture
Taken together, these vulnerabilities allowed an unauthenticated attacker to forge valid admin credentials using the algorithm confusion flaw, create persistent admin accounts in any organization through the team invitation bypass, and then export all customer data across the entire platform via the broken authorization check. This represented a complete compromise of the application's security model.
The entire chain was discovered autonomously, without human intervention.
The question worth asking is why traditional security testing missed these issues despite multiple assessments. Signature-based detection tools are built to recognize known vulnerability patterns, but novel attack chains don't match any signature. Simple fuzzing tests individual endpoints in isolation without understanding how they relate to each other. And manual penetration testing, while capable of finding these issues in principle, operates under time constraints that limit how deeply testers can explore any given application.
Our AI approaches the problem differently. It builds a working model of how the application functions, traces authentication flows from end to end, and explores business logic paths that human testers might overlook or simply not have time to investigate thoroughly.
Recommendations for JWT Implementations
For organizations using JWT authentication, this case study highlights several important practices. Applications should explicitly define which algorithms they accept and reject all others. The algorithm specified in an incoming token header should never be trusted—the server should enforce its own algorithm selection. Authorization checks belong at every endpoint, and those checks should validate organizational boundaries on all data access, not just rely on the presence of valid credentials.
As applications grow more complex, the attack surface expands beyond what human testers can reasonably cover in the time available. Autonomous security testing ensures comprehensive coverage while continuously adapting to new patterns of vulnerability—exactly the kind of capability this engagement demonstrated.
Want to see what MindFort can find in your applications? Get started today.