JSON Web Token Hack Toolkit
β972Feb 23, 2026Updated last week
Alternatives and similar repositories for jwt-hack
Users that are interested in jwt-hack are comparing it to the libraries listed below
Sorting:
- ππ¦ Dalfox is a powerful open-source XSS scanner and utility focused on automation.β4,851Feb 24, 2026Updated last week
- Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hacβ¦β1,153Jan 21, 2026Updated last month
- A toolkit for testing, tweaking and cracking JSON Web Tokensβ6,389May 1, 2025Updated 10 months ago
- A fast tool to scan client-side prototype pollution vulnerability written in Rust. π¦β659Aug 28, 2025Updated 6 months ago
- Hidden parameters discovery suiteβ2,027Sep 8, 2024Updated last year
- The Swiss Army knife for automated Web Application Testingβ2,322May 8, 2024Updated last year
- declutters url lists for crawling/pentestingβ1,531Feb 23, 2025Updated last year
- Automatic SSRF fuzzer and exploitation toolβ3,489Sep 4, 2025Updated 5 months ago
- BBT - Bug Bounty Tools (examplesπ‘)β1,883Apr 5, 2024Updated last year
- Burpsuite Extension to bypass 403 restricted directoryβ1,669Jun 29, 2023Updated 2 years ago
- Automation for javascript recon in bug bounty.β1,069Sep 9, 2023Updated 2 years ago
- π΅ Gee is tool of stdin to each files and stdout. It is similar to the tee command, but there are more functions for convenience. In addiβ¦β85Sep 30, 2025Updated 5 months ago
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirectsβ970Dec 8, 2021Updated 4 years ago
- Quick SQLMap Tamper Suggesterβ1,397Jul 18, 2022Updated 3 years ago
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.β4,837Jan 1, 2025Updated last year
- Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probingβ3,010Jun 24, 2024Updated last year
- Rockyou for web fuzzingβ3,028Feb 11, 2026Updated 2 weeks ago
- A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secretsβ1,524Jan 15, 2026Updated last month
- Burp Extension to find potential endpoints, parameters, and generate a custom target wordlistβ1,497Jan 8, 2026Updated last month
- βοΈ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-huntingβ4,525Feb 15, 2026Updated 2 weeks ago
- A python script that finds endpoints in JavaScript filesβ4,286Apr 13, 2024Updated last year
- A collection of awesome one-liner scripts especially for bug bounty tips.β3,077Jul 29, 2024Updated last year
- π Enumerate git repository URL from list of URL / User / Org. Friendly to pipelineβ56Nov 24, 2024Updated last year
- A fast tool to scan CRLF vulnerability written in Goβ1,519Feb 23, 2026Updated last week
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the acβ¦β1,774Apr 26, 2024Updated last year
- HTTP parameter discovery suite.β6,091Feb 20, 2025Updated last year
- GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grepβ1,401Sep 13, 2024Updated last year
- Accept URLs on stdin, replace all query string values with a user-supplied valueβ865Nov 23, 2022Updated 3 years ago
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3β2,062Jan 2, 2024Updated 2 years ago
- GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)β1,631Mar 11, 2024Updated last year
- π« Advanced tool for security researchers to bypass 403/40X restrictions through smart techniques and adaptive request manipulation. Fastβ¦β1,519Updated this week
- SSRF (Server Side Request Forgery) testing resourcesβ2,483Oct 12, 2024Updated last year
- A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attβ¦β5,775Updated this week
- Scope aggregation tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!β1,272Updated this week
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one plβ¦β1,039Aug 23, 2025Updated 6 months ago
- Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokensβ¦β5,223Jan 31, 2026Updated last month
- fuzzuli is a url fuzzing tool that aims to find critical backup files by creating a dynamic wordlist based on the domain.β937Aug 24, 2023Updated 2 years ago
- π Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.β427Feb 20, 2026Updated last week
- SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript filesβ2,392May 26, 2024Updated last year