aurainfosec / jwt_key_confusion
JWT key confusion attack, i.e. re-sigining RS256 to HS256
☆13Updated 2 years ago
Alternatives and similar repositories for jwt_key_confusion:
Users that are interested in jwt_key_confusion are comparing it to the libraries listed below
- Security Advisories☆32Updated last year
- ElasticSearch exploit and Pentesting guide for penetration tester☆26Updated 2 years ago
- A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…☆29Updated 2 months ago
- Framework for blind boolean-based sql injections exploatation. Use it if sqlmap does shit.☆29Updated 3 years ago
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆30Updated 3 weeks ago
- A collection of utilities for building extensions using Burp's Montoya API☆47Updated 9 months ago
- ☆26Updated last week
- A tool for check available dependency packages across npmjs, PyPI or RubyGems registry.☆28Updated 3 years ago
- ☆21Updated 7 years ago
- Enhanced 403 bypass header☆21Updated 2 years ago
- EvenBetterExtensions allows you to quicky install and keep updated Caido extensions.☆23Updated 6 months ago
- Tool to find stored robots.txt files from the past☆17Updated last year
- This repository has workflows created for https://github.com/RikunjSindhwad/Task-Ninja☆24Updated 7 months ago
- A powerful AWS Cognito analysis and session hijacking toolkit designed for security researchers and penetration testers. CognitoHunter sp…☆20Updated 2 months ago
- Make better use of the embedded browser that comes by default with Burp☆43Updated last year
- Repro for Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!☆20Updated 7 months ago
- A collection of one off hacks and simple scripts☆28Updated 2 years ago
- ☆53Updated 2 years ago
- ☆39Updated last year
- Demo of various ways to exploit post based reflected XSS☆18Updated last year
- Returns results from Google search.☆49Updated 2 years ago
- Programs I Made while learning python for pentesters.☆18Updated 2 years ago
- Use the GCP testIamPermissions functionality to bruteforce and discover your permissions☆29Updated 6 months ago
- Tool for helping in the exploitation of path traversal vulnerabilities in Java web applications☆28Updated 2 years ago
- Scanner for Cross-Site WebSocket Hijacking☆42Updated 4 years ago
- Perform TE.CL HTTP Request Smuggling attacks by crafting HTTP Request automatically.☆70Updated 3 years ago
- Python script to launch burp scans automatically☆32Updated 3 years ago
- Performing automated scan using Burp Suite Pro & Vmware Burp Rest API☆49Updated 2 years ago
- DNS resolution tracing tool☆34Updated 3 years ago
- ☆27Updated 4 years ago