aress31 / jwtcat

Related projects ⓘ

Alternatives and complementary repositories for jwtcat

• vavkamil / xss2png
  PNG IDAT chunks XSS payload generator
  ☆170Updated 2 years ago
• mazen160 / jwt-pwn
  Security Testing Scripts for JWT
  ☆308Updated 2 years ago
• 0ang3el / websocket-smuggle
  Issues with WebSocket reverse proxying allowing to smuggle HTTP requests
  ☆335Updated 2 months ago
• In3tinct / See-SURF
  Python based scanner to find potential SSRF parameters
  ☆283Updated 7 months ago
• cujanovic / CRLF-Injection-Payloads
  Payloads for CRLF Injection
  ☆215Updated 3 weeks ago
• daeken / SSRFTest
  SSRF testing tool
  ☆241Updated last year
• assetnote / commonspeak2-wordlists
  Wordlists that have been compiled using Commonspeak2. This repo is updated every time new wordlists are generated.
  ☆524Updated 6 years ago
• internetwache / CT_subdomains
  An hourly updated list of subdomains gathered from certificate transparency logs
  ☆341Updated 3 years ago
• whitel1st / docem
  A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)
  ☆508Updated 9 months ago
• PortSwigger / upload-scanner
  HTTP file upload scanner for Burp Proxy
  ☆397Updated last year
• Charlie-belmer / nosqli
  NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.
  ☆355Updated 3 years ago
• antichown / subdomain-takeover
  Subdomain Takeover Scanner | Subdomain Takeover Tool | by 0x94
  ☆353Updated last year
• BishopFox / h2csmuggler
  HTTP Request Smuggling over HTTP/2 Cleartext (h2c)
  ☆650Updated 2 years ago
• daeken / httprebind
  Automatic tool for DNS rebinding-based SSRF attacks
  ☆293Updated 4 years ago
• mhmdiaa / second-order
  Second-order subdomain takeover scanner
  ☆378Updated last year
• mazen160 / xless
  The Serverless Blind XSS App
  ☆327Updated 7 months ago
• jaeles-project / jaeles-signatures
  Default signature for Jaeles Scanner
  ☆319Updated 2 years ago
• Ebryx / GitDump
  A pentesting tool that dumps the source code from .git even when the directory traversal is disabled
  ☆217Updated 2 years ago
• pentester-io / commonspeak
  Content discovery wordlists generated using BigQuery
  ☆557Updated 4 years ago
• mazen160 / bfac
  BFAC (Backup File Artifacts Checker): An automated tool that checks for backup artifacts that may disclose the web-application's source c…
  ☆530Updated 2 years ago
• fransr / template-generator
  A simple variable based template editor using handlebarjs+strapdownjs. The idea is to use variables in markdown based files to easily rep…
  ☆249Updated last year
• fcavallarin / domdig
  DOM XSS scanner for Single Page Applications
  ☆394Updated 3 months ago
• modzero / mod0BurpUploadScanner
  HTTP file upload scanner for Burp Proxy
  ☆481Updated 10 months ago
• dark-warlord14 / JSScanner
  You can read the writeup on this script here
  ☆267Updated 4 years ago
• Sjord / jwtcrack
  Crack the shared secret of a HS256-signed JWT
  ☆221Updated last year
• PortSwigger / xss-cheatsheet-data
  This repository contains all the XSS cheatsheet data to allow contributions from the community.
  ☆403Updated this week
• lc / theftfuzzer
  TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.
  ☆308Updated last year
• Damian89 / extended-ssrf-search
  Smart ssrf scanner using different methods like parameter brute forcing in post and get...
  ☆274Updated 3 years ago
• LewisArdern / bXSS
  bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
  ☆511Updated last year