PortSwigger/json-web-token-attacker external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

PortSwigger/json-web-token-attacker

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/PortSwigger/json-web-token-attacker)

Close

PortSwigger / json-web-token-attackerView on GitHubMore

• External links
• Readme badge

☆108Feb 4, 2022Updated 4 years ago

Alternatives and similar repositories for json-web-token-attacker

Users that are interested in json-web-token-attacker are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• threedr3am / tomcat-cluster-session-sync-exp

  View on GitHub
  tomcat使用了自带session同步功能时，不安全的配置（没有使用EncryptInterceptor）导致存在的反序列化漏洞，通过精心构造的数据包， 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484，9484…
  ☆212May 19, 2020Updated 5 years ago
• pwntester / JRE8u20_RCE_Gadget

  View on GitHub
  JRE8u20_RCE_Gadget
  ☆255Jul 1, 2016Updated 9 years ago
• knqyf263 / CVE-2019-6467

  View on GitHub
  CVE-2019-6467 (BIND nxdomain-redirect)
  ☆26Apr 25, 2019Updated 6 years ago
• 0Kee-Team / JavaProbe

  View on GitHub
  A Java runtime information-gathering tool which uses the Java Attach API for information acquisition
  ☆204Apr 26, 2021Updated 4 years ago
• veracode-research / solr-injection

  View on GitHub
  Apache Solr Injection Research
  ☆580Jan 28, 2020Updated 6 years ago
• DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• r3dxpl0it / Apache-Superset-Remote-Code-Execution-PoC-CVE-2018-8021

  View on GitHub
  CVE-2018-8021 Proof-Of-Concept and Exploit
  ☆106Dec 3, 2018Updated 7 years ago
• yolosec / ysoserial

  View on GitHub
  A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
  ☆34Sep 19, 2016Updated 9 years ago
• mpgn / CVE-2019-7238

  View on GitHub
  🐱‍💻 Poc of CVE-2019-7238 - Nexus Repository Manager 3 Remote Code Execution 🐱‍💻
  ☆153Feb 25, 2019Updated 7 years ago
• Ch1ngg / GetWindowsKernelExploitsKB

  View on GitHub
  获取系统KB补丁对于的MS号
  ☆24Aug 18, 2019Updated 6 years ago
• l1nk3rlin / CVE-2019-2890

  View on GitHub
  ☆85Dec 6, 2019Updated 6 years ago
• ZeddYu / HTTP-Smuggling-Lab

  View on GitHub
  Use HTTP Smuggling Lab to learn HTTP Smuggling.
  ☆346Nov 20, 2022Updated 3 years ago
• venenof7 / VCTF-Platform

  View on GitHub
  One CTF Platform
  ☆20Dec 4, 2019Updated 6 years ago
• wuppp / shiro_rce_exp

  View on GitHub
  Shiro RCE (Padding Oracle Attack)
  ☆148Nov 15, 2019Updated 6 years ago
• bit4woo / burp_collaborator_http_api

  View on GitHub
  Burp Suite Collaborator HTTP API
  ☆45May 27, 2018Updated 7 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
• TheTwitchy / xxer

  View on GitHub
  A blind XXE injection callback handler. Uses HTTP and FTP to extract information. Originally written in Ruby by ONsec-Lab.
  ☆518Jul 29, 2020Updated 5 years ago
• milo2012 / CVE-2018-13382

  View on GitHub
  CVE-2018-13382
  ☆147Aug 13, 2019Updated 6 years ago
• sisoc-tokyo / Real-timeDetectionAD_journal

  View on GitHub
  ☆24Mar 19, 2020Updated 6 years ago
• Slzdude / behinder_source

  View on GitHub
  Behinder3.0 Beta4 源码（Decompile and Fixed）
  ☆207Sep 1, 2020Updated 5 years ago
• 7dog7 / flash-hijack

  View on GitHub
  flash 劫持轮子，CSRF，劫持，跳转，swf 有需求可以提issues ，src挖掘,劫持response
  ☆86Nov 9, 2019Updated 6 years ago
• codeplutos / java-security-manager-bypass

  View on GitHub
  ☆153Jun 24, 2019Updated 6 years ago
• l3m0n / WebFuzzAttack

  View on GitHub
  web模糊测试 - 将漏洞可能性放大
  ☆145Apr 23, 2019Updated 6 years ago
• lightless233 / Java-Unserialization-Study

  View on GitHub
  QAQ Just study unserialize vulnerabilities in Java :)
  ☆196Aug 22, 2018Updated 7 years ago
• modzero / mod0BurpUploadScanner

  View on GitHub
  HTTP file upload scanner for Burp Proxy
  ☆491Dec 25, 2023Updated 2 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• mpgn / CVE-2019-9580

  View on GitHub
  CVE-2019-9580 - StackStorm: exploiting CORS misconfiguration (null origin) to gain RCE
  ☆31Mar 13, 2019Updated 7 years ago
• orangetw / awesome-jenkins-rce-2019

  View on GitHub
  There is no pre-auth RCE in Jenkins since May 2017, but this is the one!
  ☆607May 17, 2019Updated 6 years ago
• l3m0n / oauth2

  View on GitHub
  oauth2研究: 实现代码、漏洞利用、修复方案
  ☆19May 21, 2019Updated 6 years ago
• lcatro / browser_vuln_check

  View on GitHub
  browser_vuln_check ,利用已知的浏览器漏洞PoC 来快速检测Webview 和浏览器环境是否存在安全漏洞,只需要访问run.html 即可获取所有扫描结果,适用场景包含:APP 发布之前的内部安全测试,第三方Webview 漏洞检测等(browser_vu…
  ☆118Aug 16, 2017Updated 8 years ago
• shadow-horse / CVE-2019-17571

  View on GitHub
  Apache Log4j 1.2.X存在反序列化远程代码执行漏洞
  ☆78Dec 25, 2019Updated 6 years ago
• jiangsir404 / pbscan

  View on GitHub
  基于burpsuite headless 的代理式被动扫描系统
  ☆95Feb 10, 2020Updated 6 years ago
• iSafeBlue / fastjson-autotype-bypass-demo

  View on GitHub
  fastjson 1.2.68 版本 autotype bypass
  ☆142Jun 17, 2022Updated 3 years ago
• doyensec / ajpfuzzer

  View on GitHub
  A command-line fuzzer for the Apache JServ Protocol (ajp13)
  ☆97Nov 15, 2022Updated 3 years ago
• mogwailabs / rmi-deserialization

  View on GitHub
  Slides/Demos from the BSides Munich 2019 talk "Attacking Java RMI in 2019"
  ☆101Sep 20, 2019Updated 6 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• Lonely-night / fastjson_gadgets_scanner

  View on GitHub
  ☆131Jun 17, 2022Updated 3 years ago
• jas502n / Java-Compressed-file-security

  View on GitHub
  java web 压缩文件 安全 漏洞
  ☆20Mar 17, 2020Updated 6 years ago
• Artemis1029 / Java_xmlhack

  View on GitHub
  帮助java环境下任意文件下载情况自动化读取源码的小工具
  ☆166Apr 5, 2019Updated 6 years ago
• vulhub / java

  View on GitHub
  Java every minor versions.
  ☆74Apr 19, 2023Updated 2 years ago
• mhaskar / CVE-2020-8813

  View on GitHub
  The official exploit for Cacti v1.2.8 Remote Code Execution CVE-2020-8813
  ☆68Feb 22, 2020Updated 6 years ago
• mtxiaowangzi / CAFJE

  View on GitHub
  又一个Java Web代码审计工具
  ☆100May 7, 2018Updated 7 years ago
• NickstaDB / BaRMIe

  View on GitHub
  Java RMI enumeration and attack tool.
  ☆745Sep 28, 2017Updated 8 years ago