GitBook: [master] one page modified

Author: carlospolop

pentesting-web/hacking-jwt-json-web-tokens.md

@@ -161,7 +161,7 @@ Try to **change this header to an URL under your control** and check if any requ
 To forge a new token using a certificate controlled by you, you need to create the certificate and extract the public and private keys:
 
 ```bash
-openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout attacker.key -outattacker.crt
+openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout attacker.key -out attacker.crt
 openssl x509 -pubkey -noout -in attacker.crt > publicKey.pem
 ```