netscylla / JWT_Hacking
Collection of scripts that aid in penetration testing of JSON Web Tokens
☆58Updated 5 years ago
Related projects ⓘ
Alternatives and complementary repositories for JWT_Hacking
- Simple Server Side Request Forgery services enumeration tool.☆54Updated 6 years ago
- Kubernetes Scanner☆41Updated 2 years ago
- A tool written in python for scraping firebase data☆42Updated 4 years ago
- ☆41Updated 4 years ago
- This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP…☆46Updated 5 years ago
- XSSor is a semi-automatic reflected and persistent XSS detector extension for Burp Suite. The tool was written in Python by Barak Tawily,…☆44Updated 3 years ago
- Cross-Site-Scripting (XSS) Automatic Scanner☆43Updated 4 years ago
- ☆31Updated 5 years ago
- A tool for fetching archived URLs (to be rewritten in Go).☆38Updated 6 years ago
- This tool will scan all the URL's in the file and will provide Content-Length, Status-Code, Server and more.☆37Updated 2 years ago
- Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities☆41Updated last year
- XXRF Shots - Useful for testing SSRF vulnerability☆74Updated last year
- Google Chrome Extension automates testing fundamental Web Problems via Chrome☆21Updated 3 years ago
- BURP extension providing a set of values for the HTTP request "Host" header for the "BURP Intruder" in order to abuse virtual host resolu…☆60Updated 7 years ago
- Burp extension that checks application requests and responses for indicators of vulnerability or targets for attack☆41Updated last year
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that improve an active and passive scanner by yourself. This …☆60Updated 2 years ago
- This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…☆36Updated last year
- Unauthenticated RCE at Woody Ad Snippets / CVE-2019-15858 (PoC)☆32Updated last year
- A CRLF ( Carriage Return Line Feed ) Injection attack occurs when a user manages to submit a CRLF into an application. This is most commo…☆46Updated 2 years ago
- A tool that can take a URL or list of URL and prints back SAML consume URL.☆35Updated 5 years ago
- RAS(RAndom Subdomain) Fuzzer☆43Updated 4 years ago
- A Burp extension to show the Collaborator client in a tab☆36Updated last year
- Burp Suite extension to easily export sub domains☆44Updated 4 years ago
- Maintaining account persistence via XSS and Oauth☆76Updated 5 years ago
- SubR3con is a script written in python. It uses Sublist3r to enumerate all subdomains of a specific target and then it checks for status …☆18Updated 5 years ago
- Clickjacking PoC Generator☆35Updated 4 years ago