ni8walk3r / JWT-Exploitation
Collection of different exploitation scenarios of JWT.
☆21Updated 3 years ago
Alternatives and similar repositories for JWT-Exploitation:
Users that are interested in JWT-Exploitation are comparing it to the libraries listed below
- ☆32Updated 5 years ago
- A Burp Suite content discovery plugin that add the smart into the Buster!☆31Updated 7 years ago
- This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…☆36Updated 2 years ago
- Auto Recon Bash Script☆31Updated 2 months ago
- Insecure Deserialization, PDF and lab☆17Updated 5 years ago
- Extract subdomains from rapiddns.io☆23Updated 2 years ago
- Burp Extension for copying requests safely. It redacts headers like Cookie, Authorization and X-CSRF-Token for now. More support can be a…☆17Updated 4 years ago
- URL-encode data streams via commandline☆14Updated 5 years ago
- ☆22Updated 3 years ago
- ☆20Updated 5 years ago
- Kubernetes Scanner☆40Updated 3 years ago
- Parse X509 certificates to get the (sub)domains in it.☆28Updated 6 years ago
- A commandline forced browsing tool for subdomain lists☆9Updated 4 years ago
- BurpSuite's payload-generation extension aiming at applying fuzzed test-cases depending on the type of payload (integer, string, path; JS…☆39Updated 4 years ago
- Slides of the talk on Injection attacks in apps with NoSQL Backends, given at null OWASP Bangalore monthly meet on 27th April 2019☆22Updated 5 years ago
- ☆10Updated 5 years ago
- Scripts for OSCE☆18Updated 6 years ago
- Burp extension to generate multi-step CSRF POC.☆29Updated 5 years ago
- burp extender for fuzzing☆10Updated 6 years ago
- A tool that turns the authoritative nameservers of DNS providers to resolvers and resolves the target domain list. Please think of this a…☆25Updated 5 years ago
- ☆38Updated 4 years ago
- A Mozilla Firefox extension which allows quick access to your google-dorking result☆19Updated 4 years ago
- Journey to conquer the OSCP!☆13Updated 5 years ago
- Just a simple SMTP server, implementation of @corpix smtpd library☆14Updated 4 years ago
- A penetration testing tool to enumerate and analyse Amazon S3 Buckets owned by a domain.☆27Updated 6 years ago
- Pythonize Intruder Payload☆13Updated 4 years ago
- Multithreaded Padding Oracle Attack on Oracle OAM (CVE-2018-2879)☆24Updated 5 years ago
- Unauthenticated RCE at Woody Ad Snippets / CVE-2019-15858 (PoC)☆32Updated last year
- A better dns bruteforcer written in golang☆13Updated 6 years ago
- web-based-fuzzer☆32Updated 4 years ago