PortSwigger / json-web-token-attacker
☆108Updated 3 years ago
Alternatives and similar repositories for json-web-token-attacker:
Users that are interested in json-web-token-attacker are comparing it to the libraries listed below
- A vulnerable application exposing Spring Boot Actuators☆122Updated 6 years ago
- Atlassian JIRA Template injection vulnerability RCE☆93Updated 5 years ago
- JWT fuzzer☆106Updated 6 years ago
- ☆111Updated 5 years ago
- An Out-of-Band XXE server for retrieving file contents over FTP.☆181Updated 4 years ago
- Sample Spring Boot App Demonstrating RCE via Exposed env Actuator and H2 Database☆106Updated 5 years ago
- ☆42Updated 5 years ago
- X41 BeanStack - Stack Trace Fingerprinting BETA☆52Updated 4 years ago
- Apache Tomcat + MongoDB Remote Code Execution☆114Updated 4 years ago
- ☆63Updated 5 years ago
- Jsdir is a Burp Suite extension that extracts hidden paths from js files and beautifies it for further reading.☆117Updated 4 years ago
- 用Kali 2.0复现Apache Tomcat Session反序列化代码执行漏洞☆52Updated 4 years ago
- Fuzzing script for redirect URL validator☆50Updated 5 years ago
- Exploitation toolkit for RichFaces☆103Updated last year
- Exploit for WebSocket Vulnerability in Apache Tomcat☆166Updated 4 years ago
- Java serialization brute force attack tool.☆123Updated 7 years ago
- Exploitation Tool for CVE-2017-3066 targeting Adobe Coldfusion 11/12☆94Updated 2 years ago
- HTTPWookiee is an HTTP server and proxy stress tool (respect of RFC, HTTP Smuggling issues, etc). If you run an HTTP server project conta…☆50Updated 7 years ago
- 🐱💻 Poc of CVE-2019-7238 - Nexus Repository Manager 3 Remote Code Execution 🐱💻☆150Updated 6 years ago
- DupeKeyInjector☆135Updated 3 years ago
- Here you can get full exploit for SAP NetWeaver AS JAVA☆76Updated 7 years ago
- An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions☆122Updated 7 years ago
- RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl☆209Updated 6 years ago
- This repo contains the files required to perform a CSRF attack using Flash and HTTP 307 redirections.☆76Updated 7 years ago
- ☆106Updated 4 years ago
- Compiled dataset of Java deserialization CVEs☆61Updated 4 years ago
- Apache Solr RCE (ENABLE_REMOTE_JMX_OPTS="true")☆101Updated 5 years ago
- YSOSERIAL Integration with burp suite☆165Updated 2 years ago
- Ghazi is a BurpSuite Plugins For Testing various PayLoads Like "XSS,SQLi,SSTI,SSRF,RCE and LFI" through Different tabs , Where Each Tab W…☆110Updated 6 years ago
- Slides/Demos from the BSides Munich 2019 talk "Attacking Java RMI in 2019"☆101Updated 5 years ago