JWTLens - Burp Suite extension for automated JWT security testing. 62 checks: passive scanning, algorithm confusion, signature bypass, KID injection, weak secret brute force, and a built-in JWT Forge tab. Works automatically as you browse.
☆30Mar 19, 2026Updated this week
Alternatives and similar repositories for JWTLens
Users that are interested in JWTLens are comparing it to the libraries listed below
Sorting:
- Two WinForms GUI tools for enumerating, searching, and exfiltrating data from M365 environments using application-level OAuth tokens☆140Mar 4, 2026Updated 2 weeks ago
- Password:ВсеБудеУкраїна☆16Mar 21, 2022Updated 3 years ago
- Password list collected from Cisco devices☆20Mar 25, 2019Updated 6 years ago
- top usernames from azure survey 2025☆15Apr 25, 2025Updated 10 months ago
- Python script analysing Spotify Stream History data☆11Dec 30, 2024Updated last year
- Hive v5 file decryption algorithm☆34Nov 28, 2022Updated 3 years ago
- ☆16Aug 25, 2025Updated 6 months ago
- Vagrant Files to create a Virtualbox VM for Malware Analysis☆13Jun 1, 2021Updated 4 years ago
- Your bloodhound for hidden info in those JS files.☆17May 13, 2024Updated last year
- ☆19Apr 27, 2022Updated 3 years ago
- ☆11Oct 15, 2024Updated last year
- Nmap - the Network Mapper. Github mirror of official SVN repository.☆15Sep 25, 2019Updated 6 years ago
- Automated GitHub secret scanning with smart alerting & monitoring.☆30Jan 15, 2026Updated 2 months ago
- 403 Bypasser With auto payload generation☆12Aug 8, 2024Updated last year
- Powerful LLM Query Framework with YAML Prompt Templates. Made for Automation☆34Sep 20, 2025Updated 5 months ago
- FTP-AnonHunter is a Python tool designed to automate the discovery of anonymous open FTP servers. Using Nmap’s ftp-anon script, the tool …☆10Oct 16, 2024Updated last year
- This repository contains random Nuclei templates I've created. Most of them based on recent security issues and exploits.☆18May 21, 2024Updated last year
- Cobalt Strike BOFS☆16Dec 20, 2023Updated 2 years ago
- Exploit for CVE-2023-3460. Unauthorized admin access for Ultimate Member plugin < v2.6.7☆35Jul 5, 2023Updated 2 years ago
- WhoDAT is an InfoSec Analyzer for Nerds using VirusTotal, Google Safe Browsing, URLScan, Hybrid-Analysis, and OpenAI. Scan URLs, emails, …☆13Jan 4, 2026Updated 2 months ago
- Reflector: A tool to check for reflected query parameter values.☆12Jan 13, 2023Updated 3 years ago
- Tips for manually detect & exploit SQL injection Vulnerability : MySQL☆17Aug 17, 2022Updated 3 years ago
- ☆10Jul 3, 2021Updated 4 years ago
- ☆17Mar 19, 2021Updated 5 years ago
- Artificial Bee Colony for generic feature tuning☆11Aug 2, 2023Updated 2 years ago
- Fuzzing All Native Android System Services with Interface Awareness and Coverage☆37Sep 8, 2025Updated 6 months ago
- AI-VAPT is an autonomous AI-driven Vulnerability Assessment & Penetration Testing framework combining traditional VAPT with neural intell…☆88Oct 7, 2025Updated 5 months ago
- Discover Non-Discoverable Bluetooth Classic devices☆13Oct 10, 2024Updated last year
- a custom 7z, which can use three keys instead of password to extract zip file.☆13Oct 5, 2018Updated 7 years ago
- Collection of useful Ghidra utilities and references☆14Apr 9, 2024Updated last year
- A highly efficient and powerful Go script designed to detect sensitive data leaks in JavaScript files.☆21Dec 9, 2025Updated 3 months ago
- A curated blocklist of Autonomous System Numbers (ASNs) associated with VPN providers, datacenters, and hosting services commonly used fo…☆15Mar 11, 2026Updated last week
- Dynamic_RDS - Plugin for Falcon Player (FPP) to manage an FM transmitter and custom RDS (radio data system) messages similar to what is s…☆13Mar 1, 2026Updated 2 weeks ago
- Tools used to extract Flash memory from locked MPC5566 (Hardwear.io 2025 talk)☆20May 30, 2025Updated 9 months ago
- ☆13Apr 14, 2024Updated last year
- Translate SQL Injection Cheat Sheet(http://ferruh.mavituna.com/sql-injection-cheatsheet-oku/) into Chinese.☆28Aug 11, 2015Updated 10 years ago
- ROPDump is a command-line tool designed to analyze binary executables for potential Return-Oriented Programming (ROP) gadgets, buffer ove…☆88May 11, 2024Updated last year
- ACVPatcher patches AndroidManifest and rewrites DEX files inside an APK not touching resources (unlike apktool)☆12Mar 1, 2026Updated 2 weeks ago
- Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.☆11Sep 22, 2023Updated 2 years ago