PortSwigger / jwt-editor
A Burp Suite extension for creating and editing JSON Web Tokens. This tool supports signing and verification of JWS, encryption and decryption of JWE and automation of several well-known attacks against applications that consume JWT.
☆21Updated last month
Related projects ⓘ
Alternatives and complementary repositories for jwt-editor
- ☆78Updated 6 months ago
- WEB API fuzzing☆24Updated last year
- CVE-2023-34960 Chamilo PoC☆35Updated last year
- Time Based SQL Injection in Zabbix Server Audit Log --> RCE☆114Updated 5 months ago
- A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors☆85Updated 9 months ago
- Nuclei template and information about the POC for CVE-2024-25600☆27Updated 8 months ago
- Juniper Firewalls CVE-2023-36845 - RCE☆47Updated 10 months ago
- CVE-2022-46169 Cacti remote_agent.php Unauthenticated Command Injection.☆49Updated last year
- POC for CVE-2024-36401. This POC will attempt to establish a reverse shell from the vlun targets.☆34Updated 4 months ago
- Exploit for CVE-2024-20767 - Adobe ColdFusion☆33Updated 7 months ago
- Proof-of-concept exploit for CVE-2024-25153.☆43Updated 7 months ago
- Authentication Bypass in GoAnywhere MFT☆64Updated 9 months ago
- GeoServer Remote Code Execution☆73Updated 3 months ago
- Unofficial Acunetix CLI tool for automated pentesting and bug hunting across large scopes.☆71Updated last year
- VMWare Aria Operations for Networks (vRealize Network Insight) Static SSH key RCE (CVE-2023-34039)☆95Updated last year
- Endpoints Explorer is a Python script that employs multiple bypass rules to discover sensitive endpoints☆83Updated 5 months ago
- Find sources and sinks in js code that could lead to DOM XSS 🔎💧🚰☆22Updated 8 months ago
- Sensitive Discoverer, a Burp extension to discovers sensitive information inside HTTP messages.☆42Updated 2 weeks ago
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆20Updated 2 months ago
- A Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin < 1.997.☆110Updated 2 years ago
- ☆24Updated 5 months ago
- Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)☆85Updated 7 months ago
- CVE-2024-27956 WordPress Automatic < 3.92.1 - Unauthenticated SQL Injection☆18Updated 6 months ago
- Ivanti EPM AgentPortal RCE Vulnerability☆20Updated last month
- Burp Suite's extension to scan and crawl Single Page Applications☆99Updated last year
- Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability☆55Updated last year
- Proof of Concept for Path Traversal in Apache Struts ("CVE-2023-50164")☆58Updated 10 months ago
- CVE-2024-22274: Authenticated Remote Code Execution in VMware vCenter Server☆35Updated 4 months ago
- Apache Solr Backup/Restore APIs RCE Poc (CVE-2023-50386)☆63Updated 8 months ago
- 针对多个框架的高度自定义的内存马一键打入工具 | A highly customized memory shell one-click injection tool for multiple frameworks☆45Updated 9 months ago