netscylla / JWT_HackingLinks
Collection of scripts that aid in penetration testing of JSON Web Tokens
☆59Updated 6 years ago
Alternatives and similar repositories for JWT_Hacking
Users that are interested in JWT_Hacking are comparing it to the libraries listed below
Sorting:
- Simple Server Side Request Forgery services enumeration tool.☆55Updated 7 years ago
- This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP…☆48Updated 6 years ago
- XXRF Shots - Useful for testing SSRF vulnerability☆74Updated 2 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆32Updated 7 years ago
- BURP extension providing a set of values for the HTTP request "Host" header for the "BURP Intruder" in order to abuse virtual host resolu…☆60Updated 7 years ago
- A tool for fetching archived URLs (to be rewritten in Go).☆41Updated 7 years ago
- Fuzzing for LFI using Burpsuite☆65Updated 8 years ago
- A python script that filters, checks the validity, generates clickable link(s) of subdomain(s), and reports their status☆89Updated 4 years ago
- OWASP Skanda - SSRF Exploitation Framework☆37Updated 12 years ago
- ZIP File Raider - Burp Extension for ZIP File Payload Testing☆72Updated 5 years ago
- A CRLF ( Carriage Return Line Feed ) Injection attack occurs when a user manages to submit a CRLF into an application. This is most commo…☆49Updated 3 years ago
- Unauthenticated RCE at Woody Ad Snippets / CVE-2019-15858 (PoC)☆32Updated 2 years ago
- A Burp extension to show the Collaborator client in a tab☆36Updated 2 years ago
- subdomain bruteforce list☆101Updated 11 months ago
- This is a small extension to make graphql readable☆30Updated 6 years ago
- A collection of scripts used to interact with the Burp Rest API☆52Updated 6 years ago
- A Burp Extension designed to identify argument injection vulnerabilities.☆122Updated 6 years ago
- Various tools for managing bug bounty recon and exploration.☆48Updated 2 years ago
- A Burp extension to detect and exploit versions of Telerik Web UI vulnerable to CVE-2017-9248.☆99Updated 7 years ago
- VyAPI - A cloud based vulnerable hybrid Android App☆86Updated 5 years ago
- ☆93Updated 2 years ago
- A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.☆26Updated 6 years ago
- Convert your masscan/subdomain-scan results (80,443,8080) into screenshots for better analysis☆37Updated 7 years ago
- A bash script that fetches and maintains thousands of DNS resolvers☆65Updated 5 years ago
- Scans tcl for command injection☆36Updated 6 years ago
- A sub-domain enumeration tool☆20Updated 5 years ago
- ☆32Updated 6 years ago
- Kubernetes Scanner☆40Updated 3 years ago
- A proof of concept to dump Django website's source code affected by NGINX's off-by-slash alias directive misconfiguration.☆24Updated 2 years ago
- Burp Suite extension to easily export sub domains☆44Updated 5 years ago