RemmyNine / Confusional
Python tool to generate crafted JWTs, exploiting the algorithm confusion vulnerability in JWT signature validation. Useful for security testing.
☆21Updated last week
Alternatives and similar repositories for Confusional:
Users that are interested in Confusional are comparing it to the libraries listed below
- Get some useful data from Clouds for your targets☆20Updated this week
- A tool for generating and detecting Unicode domains to identify phishing URLs, aimed at assisting cybersecurity professionals in recogniz…☆27Updated 3 months ago
- فایل ها و فیلم های ورکشاپ ردتیم 2024 با هانت لرن☆32Updated 6 months ago
- This script is used to search for cloud certificate entities such as Amazon, Azure, and others that have been extracted by the kaeferjaeg…☆42Updated 3 months ago
- AssetViz simplifies the visualization of subdomains from input files, presenting them as a coherent mind map. Ideal for penetration test…☆32Updated last year
- ☆12Updated 8 months ago
- This tools used for Automating finding of subdomain, and checking for alive subdomain, and gathering js files from all the subdomain and …☆19Updated 9 months ago
- This extension enhances Burp Suite by adding several UI and functional features, making it more user-friendly.☆67Updated 3 months ago
- RSEScan is a command-line utility for interacting with the RSECloud. It allows you to fetch subdomains and IPs from certificates for a gi…☆16Updated 9 months ago
- A Python tool for exploiting Django RCE via deserialization vulnerabilities in session cookies, allowing remote code execution through fo…☆13Updated 5 months ago
- Gouge is a simple Burp extension to extract or gouge all URLs which are seen in JS files as you visit different websites/webpages in Burp…☆28Updated 8 months ago
- Advanced test for proxy & waf☆13Updated 6 months ago
- Widget Options – The #1 WordPress Widget & Block Control Plugin <= 4.0.7 - Authenticated (Contributor+) Remote Code Execution☆12Updated 3 months ago
- SAPLAR - LFI & Path Traversal Scanner☆14Updated 3 weeks ago
- Proof of Concept Exploit for CVE-2024-9465☆29Updated 5 months ago
- A script to automatically dump all URLs present in /server-status to a file locally.☆23Updated last month
- CVE-2025-24016: Wazuh Unsafe Deserialization Remote Code Execution (RCE)☆33Updated last month
- JaelesFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc.. Vulnerabilities in Web Applications☆14Updated 11 months ago
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆15Updated 2 years ago
- CVE-2024-29895 PoC - Exploiting remote command execution in Cacti servers using the 1.3.X DEV branch builds☆21Updated 10 months ago
- This tool automates the process of running FFUF (Fuzz Faster U Fool) and post-processing its results to extract valid URLs. It supports b…☆34Updated 4 months ago
- Get list of subsidiaries for a selected company☆27Updated 3 months ago
- Nuclei templates for drupal vulns... far from perfect☆16Updated 2 months ago
- Exploit for CVE-2024-5009☆13Updated 8 months ago
- Passive Web Vulnerability Detection Tool☆31Updated 2 months ago
- Repro for Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!☆20Updated 7 months ago
- Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.☆44Updated last year
- Raven is a powerful and customizable web crawler written in Go.☆41Updated 6 months ago
- POC for CVE-2024-40348. Will attempt to read /etc/passwd from target☆30Updated 8 months ago
- Command-line tool to enumerate top-level domains, check response codes and find potential vulnerabilities for bug bounty hunters and secu…☆26Updated 2 years ago