aress31 / jwtcat
A CPU-based JSON Web Token (JWT) cracker and - to some extent - scanner.
☆293Updated 6 months ago
Related projects ⓘ
Alternatives and complementary repositories for jwtcat
- PNG IDAT chunks XSS payload generator☆170Updated 2 years ago
- Security Testing Scripts for JWT☆308Updated 2 years ago
- Issues with WebSocket reverse proxying allowing to smuggle HTTP requests☆335Updated 2 months ago
- Python based scanner to find potential SSRF parameters☆283Updated 7 months ago
- Payloads for CRLF Injection☆215Updated 3 weeks ago
- SSRF testing tool☆241Updated last year
- Wordlists that have been compiled using Commonspeak2. This repo is updated every time new wordlists are generated.☆524Updated 6 years ago
- An hourly updated list of subdomains gathered from certificate transparency logs☆341Updated 3 years ago
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆508Updated 9 months ago
- HTTP file upload scanner for Burp Proxy☆397Updated last year
- NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.☆355Updated 3 years ago
- Subdomain Takeover Scanner | Subdomain Takeover Tool | by 0x94☆353Updated last year
- HTTP Request Smuggling over HTTP/2 Cleartext (h2c)☆650Updated 2 years ago
- Automatic tool for DNS rebinding-based SSRF attacks☆293Updated 4 years ago
- Second-order subdomain takeover scanner☆378Updated last year
- The Serverless Blind XSS App☆327Updated 7 months ago
- Default signature for Jaeles Scanner☆319Updated 2 years ago
- A pentesting tool that dumps the source code from .git even when the directory traversal is disabled☆217Updated 2 years ago
- Content discovery wordlists generated using BigQuery☆557Updated 4 years ago
- BFAC (Backup File Artifacts Checker): An automated tool that checks for backup artifacts that may disclose the web-application's source c…☆530Updated 2 years ago
- A simple variable based template editor using handlebarjs+strapdownjs. The idea is to use variables in markdown based files to easily rep…☆249Updated last year
- DOM XSS scanner for Single Page Applications☆394Updated 3 months ago
- HTTP file upload scanner for Burp Proxy☆481Updated 10 months ago
- You can read the writeup on this script here☆267Updated 4 years ago
- Crack the shared secret of a HS256-signed JWT☆221Updated last year
- This repository contains all the XSS cheatsheet data to allow contributions from the community.☆403Updated this week
- TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.☆308Updated last year
- Smart ssrf scanner using different methods like parameter brute forcing in post and get...☆274Updated 3 years ago
- bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.☆511Updated last year