cyberblackhole / TokenBreaker
JSON RSA to HMAC and None Algorithm Vulnerability POC
☆60Updated 5 years ago
Alternatives and similar repositories for TokenBreaker:
Users that are interested in TokenBreaker are comparing it to the libraries listed below
- BurpSuite using the document and some extensions☆68Updated 4 years ago
- A python based blind SQL injection exploitation script☆136Updated 5 years ago
- Small tool to automate SSRF wordpress and XMLRPC finder☆80Updated 2 years ago
- ☆71Updated 4 years ago
- A Burp Suite extension to add a custom header (e.g. JWT)☆19Updated 4 years ago
- A blazing fast & feature rich Amazon S3 bucket enumerator.☆97Updated 2 years ago
- HTTP parameter discovery suite.☆61Updated 4 years ago
- ASN reconnaissance script☆125Updated last year
- A simple Bash one liner with aim to automate CRLF vulnerability scanning.☆68Updated 4 years ago
- Vulnerable SAML infrastructure training applicaiton☆51Updated 2 years ago
- A reverse whois tool based on Whoxy API.☆164Updated 11 months ago
- XSS Payload without Anything.☆103Updated 5 years ago
- Enhanced fork with logging, OpenAPI 3.0 and Python 3 for security monitoring workshops☆42Updated last year
- API Pentesting notes.☆96Updated 4 months ago
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…☆131Updated 4 years ago
- This is a walkthrough about understanding the #BoF machine present in the #OSCP exam.☆64Updated 3 years ago
- ☆80Updated 3 years ago
- linuxprivchecker.py -- a Linux Privilege Escalation Check Script☆37Updated 5 years ago
- A Tool for Domain Flyovers☆100Updated 4 months ago
- Various Payload wordlists☆235Updated 4 years ago
- Detectify Crowdsource Challenge☆67Updated 2 years ago
- A list of "secrets" from JWT sample code and readme files.☆54Updated 4 years ago
- HTTP verb tampering & methods enumeration☆57Updated 3 years ago
- A combined wordlists for files and directory discovery☆124Updated 3 years ago
- part of my wordlist to bruteforce DNS to find subdoamains.☆62Updated 3 years ago
- Target practice for ffuf☆63Updated 3 years ago
- ☆39Updated last year
- Dotmil subdomain discovery tool that scrapes domains from official DoD website directories and certificate transparency logs☆96Updated 4 years ago
- Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the …☆51Updated 3 years ago
- xss development frameworks, with the goal of making payload writing easier.☆139Updated 7 months ago