The Burp extension to check JWT (JSON Web Tokens) for using keys from known from public sources
☆142Sep 21, 2020Updated 5 years ago
Alternatives and similar repositories for jwt-heartbreaker
Users that are interested in jwt-heartbreaker are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆1,115Mar 12, 2025Updated last year
- ☆16May 3, 2021Updated 5 years ago
- Sonar is a security researcher's Swiss army knife for finding and exploiting vulnerabilities that require out-of-band interactions☆21Jun 16, 2026Updated last week
- Simple python script to check against hypothetical JWT vulnerability.☆51Nov 29, 2020Updated 5 years ago
- Detect, manage and exploit Blind Cross-site scripting (XSS) vulnerabilities.☆39Jan 20, 2023Updated 3 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Adds extensibility to Burp by using a list of payloads to pattern match on HTTP responses highlighting interesting and potentially vulner…☆16Aug 4, 2023Updated 2 years ago
- take a list of resolved subdomains and output any corresponding CNAMES en masse.☆18Jan 29, 2026Updated 4 months ago
- Continuous kerberoast monitor☆45Aug 24, 2023Updated 2 years ago
- Salesforce Policy Deviation Checker☆30Sep 30, 2020Updated 5 years ago
- ☆37Jan 22, 2025Updated last year
- Messy BurpSuite plugin for SQL Truncation vulnerabilities.☆65Apr 17, 2020Updated 6 years ago
- DNS Takeover tool written in Go☆2,094Mar 16, 2026Updated 3 months ago
- The objective of this Burp Suite extension is the flexible and dynamic extraction, correlation, and structured presentation of informatio…☆60Dec 31, 2022Updated 3 years ago
- ☆20Oct 5, 2020Updated 5 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Framework for blind boolean-based sql injections exploatation. Use it if sqlmap does shit.☆29Mar 26, 2022Updated 4 years ago
- Passive reconnaissance/enumeration of interesting targets by watching for SSL certificates being issued☆67Oct 11, 2022Updated 3 years ago
- A simple tool which makes creating nuclei templates even easier.☆37Jun 23, 2024Updated 2 years ago
- ☆67Dec 9, 2021Updated 4 years ago
- ☆43Aug 5, 2022Updated 3 years ago
- Various wordlists for bruteforce☆35Nov 9, 2021Updated 4 years ago
- GraphQL application security testing helper☆20May 22, 2023Updated 3 years ago
- Burp Suite extension to detect Web Cache Deception vulnerabilities, now compatible with the Community Edition. Automates advanced cache …☆19Jun 11, 2026Updated 2 weeks ago
- Create tar/zip archives that try to exploit zipslip vulnerability.☆48Sep 20, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A collection of utilities to simplify the creation of Burp Suite plugins☆23Dec 14, 2023Updated 2 years ago
- Burp extension to generate multi-step CSRF POC.☆31Sep 23, 2019Updated 6 years ago
- SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibil…☆157Aug 21, 2020Updated 5 years ago
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations☆412Dec 24, 2022Updated 3 years ago
- Another Subdomain ENumeration Tool☆14Oct 15, 2022Updated 3 years ago
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆358Oct 14, 2020Updated 5 years ago
- Quickly add http and https domains to BurpSuite's scope with all paths.☆16Jun 2, 2016Updated 10 years ago
- This is a burp plugin that extracts keywords from response using regexes and test for reflected XSS on the target scope.☆75Nov 5, 2020Updated 5 years ago
- Validate proxies for specific domain☆39Aug 14, 2021Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- qsinject (Query String Inject) is a tool that allows you to quickly substitute query string values with regex matches, one-at-a-time.☆30May 6, 2020Updated 6 years ago
- Python utility to takeover domains vulnerable to AWS NS Takeover☆86Feb 2, 2023Updated 3 years ago
- Burp Automator - A Burp Suite Automation Tool. It provides a high level CLI and Python interfaces to Burp Suite scanner and can be used t…☆291Sep 2, 2025Updated 9 months ago
- Tool for catching and logging different types of requests.☆220Nov 20, 2020Updated 5 years ago
- REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications☆1,362Aug 7, 2025Updated 10 months ago
- FirePrint is a security tool for finding misconfigured Firebase realtime databases in Android or iOS applications.☆22Apr 4, 2024Updated 2 years ago
- Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities☆48Jan 11, 2023Updated 3 years ago