NotSoSecure / json_web_tokens
Repository to host scripts discussed in https://www.notsosecure.com/crafting-way-json-web-tokens/
☆14Updated 6 years ago
Related projects ⓘ
Alternatives and complementary repositories for json_web_tokens
- Burp Suite plugin that allow to deserialize Java objects and convert them in an XML format. Unpack also gzip responses. Based on BurpJDSe…☆20Updated 9 months ago
- A BurpSuite extension for beautifying .NET message parameters and hiding some of the extra clutter that comes with .NET web apps (i.e. __…☆12Updated 9 years ago
- A C# web handler that is vulnerable to XXE with PoC. This is to serve as an example of what vulnerable C# code looks like.☆26Updated 11 years ago
- Burp Intruder File Payload Generator☆18Updated 5 years ago
- Modified version of ActiveScan++ Burp Suite extension☆31Updated 7 years ago
- BurpJDSer-ng☆26Updated this week
- Check for .net padding oracle patch☆19Updated 6 years ago
- PHP tool to test XSS☆23Updated 5 years ago
- ☆20Updated 4 years ago
- Scripts for OSCE☆18Updated 5 years ago
- Squirtle the Browser-based NTLM Attack Toolkit☆18Updated 9 years ago
- Multithreaded Padding Oracle Attack on Oracle OAM (CVE-2018-2879)☆24Updated 5 years ago
- Communicate with a remote shell easily☆12Updated 6 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆31Updated 6 years ago
- Exploits developped by Outflank B.V. team members☆20Updated 7 years ago
- Slides of the talk on Injection attacks in apps with NoSQL Backends, given at null OWASP Bangalore monthly meet on 27th April 2019☆22Updated 5 years ago
- SharePoint scanner and fingerprinter based on WPScan☆25Updated 11 years ago
- Firework is a proof of concept tool to interact with Microsoft Workplaces creating valid files required for the provisioning process.☆44Updated 4 years ago
- An adaptive, intelligent XSS fuzzer that learns how the response is reflected and carefully crafts an XSS payload to match☆42Updated 12 years ago
- Converts John The Ripper/Cain format hashes (singular, or in bulk) to HashCat compatible hash format.☆33Updated 4 years ago
- ☆0Updated 5 years ago
- Generic Command Exploitation Engine for exploiting web application command-injection bugs,.☆31Updated 11 years ago
- Quickly add http and https domains to BurpSuite's scope with all paths.☆16Updated 8 years ago
- ☆15Updated last year
- Data exfiltration using reflective DNS resolution covert channel☆51Updated 6 years ago
- ☆17Updated 7 years ago
- Of the thousands of lazy reconnaissance scripts, this one is by far the one in this repository.☆11Updated 3 years ago
- Burp extension to decode NTLM SSP headers and extract domain/host information☆31Updated 3 years ago
- ☆35Updated 4 years ago