FlorianPicca / JWT-Key-Recovery
A tool that recovers the public key used to sign JWT tokens
☆107Updated last year
Related projects ⓘ
Alternatives and complementary repositories for JWT-Key-Recovery
- PP-finder Help you find gadget for prototype pollution exploitation☆138Updated 3 months ago
- Need any help bypassing CSP ?☆24Updated 4 years ago
- WConsole Extractor is a python library which automatically exploits a Werkzeug development server in debug mode. You just have to write a…☆43Updated 2 months ago
- A tool to inspect and attack version 1 GUIDs☆206Updated 2 years ago
- Deriving RSA public keys from message-signature pairs☆270Updated 6 months ago
- A python module to explore the object tree to extract paths to interesting objects in memory.☆79Updated 8 months ago
- Phar + JPG Polyglot generator and playground (CTF CODE)☆72Updated 5 years ago
- A python script to dump all the challenges locally of a CTFd-based Capture the Flag.☆134Updated this week
- Werkzeug has a debug console that requires a pin. It's possible to bypass this with an LFI vulnerability or use it as a local privilege e…☆52Updated 2 years ago
- A script to download all the challenges and files from the CTFd instance.☆48Updated 4 months ago
- Challenges I wrote for various CTF competitions☆40Updated 4 months ago
- A collection of Server-Side Prototype Pollution gadgets and exploits☆133Updated 2 months ago
- ☆88Updated 11 months ago
- A python based minimal DNS server to test/verify DNS rebinding attacks☆34Updated last year
- Unsecure time-based secret exploitation and Sandwich attack implementation Resources☆119Updated 2 weeks ago
- Root shell PoC for CVE-2021-3156☆62Updated 3 years ago
- Whitebox source code review cheatsheet (Based on AWAE syllabus)☆117Updated 2 years ago
- ☆83Updated 5 months ago
- HTTP/2 Single Packet Attack low Level Library / Tool based on Scapy + Exploit Timing Attacks☆143Updated 2 weeks ago
- TUDO - A vulnerable PHP Web Application.☆98Updated last year
- ☆73Updated 4 months ago
- Attack/Defense services for the 2nd International Cybersecurity Challenge @ San Diego, California USA☆36Updated last year
- This tool is for letting you know how strong your disable_functions is and how you can bypass that.☆113Updated 5 years ago
- ☆146Updated last year
- ☆166Updated 3 years ago
- ☆170Updated this week
- LFI to RCE via phpinfo() assistance or via controlled log file☆59Updated last year
- CVE-2022-39227 : Proof of Concept☆19Updated 8 months ago
- ☆111Updated 2 years ago
- ☆154Updated 2 years ago