aurainfosec / jwt_key_confusionLinks
JWT key confusion attack, i.e. re-sigining RS256 to HS256
☆13Updated 3 years ago
Alternatives and similar repositories for jwt_key_confusion
Users that are interested in jwt_key_confusion are comparing it to the libraries listed below
Sorting:
- Tool for helping in the exploitation of path traversal vulnerabilities in Java web applications☆32Updated 2 years ago
- A Burp Suite extension that helps track and manage multiple sessions simultaneously by color-coding HTTP requests based on custom pattern…☆27Updated 10 months ago
- Token Tailor is a Burp Suite Community Edition extension that aims to simplify security testing by automating JWT renewal.☆35Updated 2 weeks ago
- ☆31Updated 5 months ago
- Formatify is a Burp Suite extension that instantly converts HTTP requests into multiple formats like cURL, Python, PowerShell, and more—s…☆28Updated 3 weeks ago
- ☆76Updated 3 months ago
- ☆48Updated 8 months ago
- A tool for listing and extracting installed Android APKs and decrypted iOS IPAs (plus app storage) from rooted or jailbroken devices.☆34Updated 5 months ago
- A tool for inspecting and analyzing mobile application storage files.☆47Updated 5 months ago
- Archived Please go to https://github.com/adamjsturge/xsshunter-go☆31Updated last year
- This repo offers comprehensive information, necessary tools, and instructional videos for beginners in Android penetration testing, provi…☆21Updated 2 years ago
- SSLPinDetect is a tool for analyzing Android APKs to detect SSL pinning implementations by scanning for known patterns in decompiled code…☆41Updated last month
- ☆22Updated 3 years ago
- A tool to guess the rest of the shortnames provided by vulnerable IIS instances.☆42Updated 2 years ago
- Burp suite extension to find sensitive information by checking incoming text OR binary websocket messages☆54Updated 9 months ago
- Official TruffleHog Burp Suite Extension. Scan Burp Suite traffic for 800+ different types of secrets (API keys, passwords, SSH keys, etc…☆78Updated 7 months ago
- Chrome and Firefox extension that lists Amazon S3 Buckets while browsing☆126Updated 2 months ago
- This Chromium extension scans the page for external iFrames, Scripts, and Styles, logs them to the console, and checks if their domains a…☆54Updated 9 months ago
- ☆64Updated 2 years ago
- POC for CVE-2024-23897 Jenkins File-Read☆34Updated 8 months ago
- Security Advisories☆34Updated 2 weeks ago
- Advanced APK analysis tool with intelligent caching, pattern matching, and comprehensive security vulnerability detection☆71Updated last week
- Drupalwned is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆40Updated last year
- A collection of TUBs (Totally Useless Bambdas) for Burp Suite, created by Tib3rius & friends.☆31Updated last year
- Help recon of hostnames from specific ASN or CIDR, thanks to Robtex and BGP.HE☆54Updated 11 months ago
- Exploit for Symfony CVE-2024-50340 (forked eos)☆29Updated 10 months ago
- Adobe Experience Manager (AEM) hacking toolkit☆76Updated 2 weeks ago
- Automated JavaScript Debugging Tool using CDP - Automatically sets breakpoints for specified strings/patterns in JavaScript code☆93Updated 9 months ago
- Web cache poisoning vulnerability scanner.☆71Updated 3 years ago
- Just A list Of Some Multilingual XSS Payloads and other weird ones i made in my free time☆121Updated 2 weeks ago