JSON Web Token Hack Toolkit
β980Mar 22, 2026Updated this week
Alternatives and similar repositories for jwt-hack
Users that are interested in jwt-hack are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ππ¦ Dalfox is a powerful open-source XSS scanner and utility focused on automation.β4,884Updated this week
- A toolkit for testing, tweaking and cracking JSON Web Tokensβ6,435May 1, 2025Updated 10 months ago
- π Enumerate git repository URL from list of URL / User / Org. Friendly to pipelineβ56Nov 24, 2024Updated last year
- Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hacβ¦β1,155Jan 21, 2026Updated 2 months ago
- The Swiss Army knife for automated Web Application Testingβ2,321May 8, 2024Updated last year
- A fast tool to scan client-side prototype pollution vulnerability written in Rust. π¦β660Aug 28, 2025Updated 6 months ago
- Hidden parameters discovery suiteβ2,033Sep 8, 2024Updated last year
- π΅ Gee is tool of stdin to each files and stdout. It is similar to the tee command, but there are more functions for convenience. In addiβ¦β85Sep 30, 2025Updated 5 months ago
- declutters url lists for crawling/pentestingβ1,538Feb 23, 2025Updated last year
- BBT - Bug Bounty Tools (examplesπ‘)β1,885Apr 5, 2024Updated last year
- Automatic SSRF fuzzer and exploitation toolβ3,505Sep 4, 2025Updated 6 months ago
- βοΈ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-huntingβ4,550Updated this week
- Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.β4,853Jan 1, 2025Updated last year
- Burpsuite Extension to bypass 403 restricted directoryβ1,674Jun 29, 2023Updated 2 years ago
- Automation for javascript recon in bug bounty.β1,069Sep 9, 2023Updated 2 years ago
- Quick SQLMap Tamper Suggesterβ1,399Jul 18, 2022Updated 3 years ago
- A python script that finds endpoints in JavaScript filesβ4,309Apr 13, 2024Updated last year
- Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probingβ3,025Mar 7, 2026Updated 2 weeks ago
- Accept URLs on stdin, replace all query string values with a user-supplied valueβ867Nov 23, 2022Updated 3 years ago
- Burp Extension to find potential endpoints, parameters, and generate a custom target wordlistβ1,503Jan 8, 2026Updated 2 months ago
- Rockyou for web fuzzingβ3,094Mar 11, 2026Updated last week
- A collection of awesome one-liner scripts especially for bug bounty tips.β3,084Jul 29, 2024Updated last year
- A fast tool to scan CRLF vulnerability written in Goβ1,522Feb 23, 2026Updated last month
- A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secretsβ1,533Mar 8, 2026Updated 2 weeks ago
- HTTP parameter discovery suite.β6,142Feb 20, 2025Updated last year
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirectsβ972Dec 8, 2021Updated 4 years ago
- A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attβ¦β5,820Updated this week
- GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grepβ1,409Sep 13, 2024Updated last year
- SSRF (Server Side Request Forgery) testing resourcesβ2,483Oct 12, 2024Updated last year
- Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource loadβ296Sep 22, 2024Updated last year
- Scope aggregation tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!β1,337Mar 5, 2026Updated 2 weeks ago
- Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3β2,063Jan 2, 2024Updated 2 years ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the acβ¦β1,787Apr 26, 2024Updated last year
- π Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.β426Feb 20, 2026Updated last month
- β‘οΈ Multiple target ZAP Scanningβ106Mar 14, 2026Updated last week
- SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript filesβ2,407May 26, 2024Updated last year
- GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)β1,640Mar 11, 2024Updated 2 years ago
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one plβ¦β1,039Aug 23, 2025Updated 7 months ago
- Making Favicon.ico based Recon Great again !β1,269Aug 29, 2023Updated 2 years ago