3v4Si0N / RS256-2-HS256Links
JWT Attack to change the algorithm RS256 to HS256
☆33Updated 2 years ago
Alternatives and similar repositories for RS256-2-HS256
Users that are interested in RS256-2-HS256 are comparing it to the libraries listed below
Sorting:
- The tool exfiltrates data from Couchbase database by exploiting N1QL injection vulnerabilities.☆76Updated 4 years ago
- asnap aims to render recon phase easier by providing updated data about which companies owns which ipv4 or ipv6 addresses and allows the …☆26Updated 4 years ago
- XXE Injection Payloads☆28Updated 5 years ago
- ☆32Updated 6 years ago
- Simple python script to check against hypothetical JWT vulnerability.☆51Updated 4 years ago
- a parser + crawler for .DS_Store files exposed publically☆55Updated 2 years ago
- BURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.☆65Updated 2 months ago
- Unauthenticated RCE at Woody Ad Snippets / CVE-2019-15858 (PoC)☆32Updated 2 years ago
- Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack☆41Updated 2 years ago
- HTML5 Training material for Attack and Secure training sessions.☆43Updated 2 years ago
- Hacking Artifactory with server side template injection☆51Updated 5 years ago
- BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JS…☆41Updated 4 years ago
- Writeup of CVE-2020-15906☆48Updated 4 years ago
- This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…☆36Updated 2 years ago
- A Burp Suite extension implementing the Signing HTTP Messages draft-ietf-httpbis-message-signatures-01 draft.☆41Updated 2 years ago
- Slides of the talk on Injection attacks in apps with NoSQL Backends, given at null OWASP Bangalore monthly meet on 27th April 2019☆22Updated 6 years ago
- Unofficial api for cve.mitre.org☆40Updated 3 years ago
- psychoPATH - hunting file uploads & LFI in the dark. This tool is a customisable payload generator designed for blindly detecting LFI & w…☆19Updated 7 years ago
- This changes the style of Burp Suite's Repeater tabs to help the testers☆29Updated 6 years ago
- A JavaScript components vulnerability scanner, based on RetireJS☆37Updated 5 years ago
- RAS(RAndom Subdomain) Fuzzer☆42Updated 5 years ago
- Deploy a Private Burpsuite Collaborator using boto3 Python Library☆58Updated 5 years ago
- SSRF to TCP Port Scanning, Banner and Private IP Disclosure by abusing the FTP protocol/clients☆70Updated 3 years ago
- Collection of Some Good research Documentation☆27Updated 7 years ago
- Tools for auditing WAFS☆19Updated 3 years ago
- Simple Server Side Request Forgery services enumeration tool.☆55Updated 6 years ago
- Plattform to develop and experiment with existing java web attacks.☆31Updated 7 years ago
- Image Tragick Exploit Tool Using Burp Collaborator☆36Updated last year
- Burp extension to filter JSON on the fly with JQ queries in the HTTP message viewer.☆47Updated 4 years ago
- Collection of different exploitation scenarios of JWT.☆21Updated 3 years ago