aurainfosec / jwt_key_confusion
JWT key confusion attack, i.e. re-sigining RS256 to HS256
☆13Updated 2 years ago
Alternatives and similar repositories for jwt_key_confusion:
Users that are interested in jwt_key_confusion are comparing it to the libraries listed below
- Security Advisories☆32Updated 2 weeks ago
- A collection of utilities for building extensions using Burp's Montoya API☆50Updated 10 months ago
- Unauthorized Access to Metadata and User Data like CTF☆26Updated 4 months ago
- ☆39Updated 2 months ago
- Enhanced 403 bypass header☆21Updated 2 years ago
- ☆27Updated 2 years ago
- Tools and Scripts used in CRTP☆12Updated 4 years ago
- A simple automation tool to detect lfi, rce and ssti vulnerability☆55Updated 3 years ago
- Nuclei template to detect Apache servers vulnerable to CVE-2024-38473☆28Updated 8 months ago
- Find CVEs that don't have a Detectify modules.☆21Updated 2 years ago
- CVE-2024-28995 POC Vulnerability Scanner☆12Updated 10 months ago
- This repo contain scripts written for finding subdomains using various available tools☆26Updated 4 years ago
- Simple PoC for demonstrating Race Conditions on Websockets☆56Updated last year
- SAP penetration testing Web and network cheatsheet☆16Updated 2 years ago
- Checks if files is accessible based on the source code.☆16Updated last year
- Exploit for Symfony CVE-2024-50340 (forked eos)☆28Updated 5 months ago
- An Vulnerability detection and Exploitation tool for CVE-2024-24919☆23Updated 10 months ago
- ☆62Updated 2 years ago
- This tool tries to find interesting stuff inside static files; mainly JavaScript and JSON files.☆62Updated last year
- The Repository contains various payloads, tools, tips and tricks from various hackers around the world. Please take a quick look down her…☆15Updated 4 months ago
- CTF challenges WriteUp☆14Updated 2 years ago
- Demo of various ways to exploit post based reflected XSS☆18Updated last year
- For unpacking base64:ed "Save items"-content from Burp (From search + proxy history)☆50Updated 2 months ago
- SAP Penetration Testing: A Comprehensive Analysis of SAP Security Issues☆38Updated last year
- A collection of one off hacks and simple scripts☆28Updated 2 years ago
- ElasticSearch exploit and Pentesting guide for penetration tester☆27Updated 2 years ago
- Automated iOS Frida Gadget injection and Testflight deployment using Frida and Fastlane☆11Updated 2 years ago
- Encode and Fuzz Custom Protobuf Messages in Burp Suite☆30Updated last month
- Application for showcasing Android Deep Link and WebView Vulnerabilities☆14Updated 2 years ago
- Use the GCP testIamPermissions functionality to bruteforce and discover your permissions☆31Updated 2 weeks ago