onsecru / jwt-hacking-challenges
APIs to practise diverse techniques to hack JWT Signatures
☆64Updated 2 years ago
Alternatives and similar repositories for jwt-hacking-challenges:
Users that are interested in jwt-hacking-challenges are comparing it to the libraries listed below
- GraphQL security workshop labs☆102Updated 7 months ago
- Enhanced fork with logging, OpenAPI 3.0 and Python 3 for security monitoring workshops☆42Updated last year
- Bruteforce a JWT against a list of passwords☆72Updated 7 years ago
- Fetch the details of assets hosted on AWS.☆86Updated last year
- A simple way of sending messages from the CLI output to your Slack with webhook.☆116Updated last year
- A Burp Suite extension for CSRF proof of concepts.☆49Updated last year
- A tool to perform permutations, mutations and alteration of subdomains in golang.☆157Updated last year
- A reverse whois tool based on Whoxy API.☆162Updated 10 months ago
- Burp Suite extension that offers a toolkit for testing GraphQL endpoints.☆189Updated 6 months ago
- Sometimes we want to fuzz a set of sub-domain URLs with a common wordlist. Fuzzing them one by one is a tedious task, not to mention the …☆51Updated 3 years ago
- Easily schedule commands to run multiple times at set intervals (like a cronjob, but with one command)☆84Updated 3 years ago
- FockCache - Minimalized Test Cache Poisoning☆110Updated 5 years ago
- A Python based scanner to find potential SSRF parameters in a web application.☆71Updated 3 years ago
- Unofficial documentation for the great tool Param Miner☆176Updated 2 years ago
- A Burp extension adding a passive scan check to flag parameters whose name or value may indicate a possible insertion point for SSRF or L…☆130Updated 4 years ago
- A custom built DNS bruteforcer with multi-threading, and handling of bad resolvers.☆57Updated 2 years ago
- Damn Vulnerable Java (EE) Application☆134Updated last year
- ☆25Updated 4 years ago
- MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts☆80Updated 2 years ago
- The Pixi module is a MEAN Stack web app with wildly insecure APIs!☆120Updated 2 years ago
- Prototype pollution scanner using headless chrome☆216Updated 2 years ago
- Takeover AWS ips and have a working POC for Subdomain Takeover.☆90Updated this week
- A collection of code for interacting with API sources directly to improve your understanding of those services.☆66Updated 4 years ago
- Let's check if your target is vulnerable for client side prototype pollution.☆64Updated last year
- A simple Bash one liner with aim to automate CRLF vulnerability scanning.☆68Updated 4 years ago
- ☆71Updated 4 years ago
- Script to test open Akamai ARL vulnerability.☆70Updated 3 years ago
- A Simple Tool to Pull Paid Bounty Scopes for Wide Recon Actvities☆103Updated 4 years ago
- Tarpit - A Web application seeded with vulnerabilities, rootkits, backdoors & data leaks☆78Updated 2 years ago
- 🔭 Collection of regexp pattern for security passive scanning☆115Updated 2 years ago