aurainfosec / jwt_key_confusionLinks
JWT key confusion attack, i.e. re-sigining RS256 to HS256
☆13Updated 3 years ago
Alternatives and similar repositories for jwt_key_confusion
Users that are interested in jwt_key_confusion are comparing it to the libraries listed below
Sorting:
- ☆64Updated 2 years ago
- ☆56Updated 11 months ago
- A Burp Suite extension that helps track and manage multiple sessions simultaneously by color-coding HTTP requests based on custom pattern…☆27Updated last year
- Formatify is a Burp Suite extension that instantly converts HTTP requests into multiple formats like cURL, Python, PowerShell, and more—s…☆28Updated 3 months ago
- Tool for helping in the exploitation of path traversal vulnerabilities in Java web applications☆33Updated 3 years ago
- For unpacking base64:ed "Save items"-content from Burp (From search + proxy history)☆54Updated 10 months ago
- Simple PoC for demonstrating Race Conditions on Websockets☆55Updated 2 years ago
- A tool to guess the rest of the shortnames provided by vulnerable IIS instances.☆42Updated 2 years ago
- This extension adds a search bar to the Repeater tab that can be used to highlight all repeater tabs where the request and/or response ma…☆80Updated 2 years ago
- Web cache poisoning vulnerability scanner.☆73Updated 3 years ago
- ☆32Updated 2 years ago
- Information Security Information From Web☆28Updated 5 months ago
- A BurpSuite extension to create a custom word-list of endpoint and parameters for enumeration and fuzzing☆141Updated 2 years ago
- This Chromium extension scans the page for external iFrames, Scripts, and Styles, logs them to the console, and checks if their domains a…☆67Updated this week
- Archived Please go to https://github.com/adamjsturge/xsshunter-go☆31Updated last year
- Unicode characters that will translate a single character to multiple characters in domain names or TLD's☆49Updated last year
- SALSA 💃⚡ - SALesforce Scanner for Aura (and beyond). Enumeration of vulnerabilities and misconfigurations against Salesforce endpoint.☆24Updated 11 months ago
- convert case style of words☆56Updated last year
- Burp suite extension to find sensitive information by checking incoming text OR binary websocket messages☆55Updated 11 months ago
- This is a Burp Suite extension that allows users to easily add web addresses to the Burp Suite scope.☆97Updated last year
- This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.☆83Updated 2 years ago
- Adobe Experience Manager (AEM) hacking toolkit☆101Updated 3 months ago
- A tool for listing and extracting installed Android APKs and decrypted iOS IPAs (plus app storage) from rooted or jailbroken devices.☆38Updated 8 months ago
- A Burp Suite extension for finding DNS vulnerabilities in web applications!☆94Updated 2 years ago
- Help recon of hostnames from specific ASN or CIDR, thanks to Robtex and BGP.HE☆54Updated last year
- Enumerate old versions of robots.txt paths using Wayback Machine for content discovery☆53Updated 2 years ago
- Deploy a SOCKS5 proxy in DigitalOcean and autoconfigure the Burp proxy settings to route all traffic through the droplet☆57Updated last year
- ☆81Updated 6 months ago
- A demo PHP application used to exercise SQL injection techniques in a safe, local Docker environment☆46Updated last year
- Make better use of the embedded browser that comes by default with Burp☆44Updated 2 years ago