The Burp extension to check JWT (JSON Web Tokens) for using keys from known from public sources
☆138Sep 21, 2020Updated 5 years ago
Alternatives and similar repositories for jwt-heartbreaker
Users that are interested in jwt-heartbreaker are comparing it to the libraries listed below
Sorting:
- ☆16May 3, 2021Updated 4 years ago
- ☆1,056Mar 12, 2025Updated 11 months ago
- ☆19Oct 5, 2020Updated 5 years ago
- Detect, manage and exploit Blind Cross-site scripting (XSS) vulnerabilities.☆39Jan 20, 2023Updated 3 years ago
- Simple python script to check against hypothetical JWT vulnerability.☆51Nov 29, 2020Updated 5 years ago
- ☆65Dec 9, 2021Updated 4 years ago
- Salesforce Policy Deviation Checker☆30Sep 30, 2020Updated 5 years ago
- take a list of resolved subdomains and output any corresponding CNAMES en masse.☆18Jan 29, 2026Updated last month
- Passive reconnaissance/enumeration of interesting targets by watching for SSL certificates being issued☆69Oct 11, 2022Updated 3 years ago
- Messy BurpSuite plugin for SQL Truncation vulnerabilities.☆63Apr 17, 2020Updated 5 years ago
- Continuous kerberoast monitor☆45Aug 24, 2023Updated 2 years ago
- SQLi Query Tampering extends and adds custom Payload Generator/Processor in Burp Suite's Intruder. This extension gives you the flexibil…☆156Aug 21, 2020Updated 5 years ago
- ☆28Aug 9, 2020Updated 5 years ago
- qsinject (Query String Inject) is a tool that allows you to quickly substitute query string values with regex matches, one-at-a-time.☆30May 6, 2020Updated 5 years ago
- Burp Automator - A Burp Suite Automation Tool. It provides a high level CLI and Python interfaces to Burp Suite scanner and can be used t…☆294Sep 2, 2025Updated 6 months ago
- Another Subdomain ENumeration Tool☆14Oct 15, 2022Updated 3 years ago
- Create tar/zip archives that try to exploit zipslip vulnerability.☆48Sep 20, 2024Updated last year
- Quick Start/Setup of CI/CD for Offensive/Defensive Purposes☆21Sep 4, 2021Updated 4 years ago
- Burp Extension that copies a request and builds a FFUF skeleton☆113Sep 29, 2023Updated 2 years ago
- ☆88Apr 24, 2024Updated last year
- Exactly what it sounds like, which is something rad☆22Oct 12, 2022Updated 3 years ago
- GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations☆409Dec 24, 2022Updated 3 years ago
- Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"☆356Oct 14, 2020Updated 5 years ago
- Burp extension that performs a passive scan to identify cloud buckets and then test them for publicly accessible vulnerabilities☆48Jan 11, 2023Updated 3 years ago
- An another JWT cracker but really fast!☆12Jan 26, 2023Updated 3 years ago
- Mimikatz built as a static library.☆12Feb 9, 2022Updated 4 years ago
- CloudFlare Worker Shell☆14Aug 29, 2020Updated 5 years ago
- Simple tools to handle string and generate subdomain permutations☆15Jun 8, 2022Updated 3 years ago
- Everything you need about Burp Extension Generation☆157Jan 6, 2023Updated 3 years ago
- Search exposed EBS volumes for secrets☆302Apr 24, 2023Updated 2 years ago
- A collection of utilities to simplify the creation of Burp Suite plugins☆22Dec 14, 2023Updated 2 years ago
- PoC MSI payload based on ASEC/AhnLab's blog post☆24Sep 19, 2022Updated 3 years ago
- Contextual Content Discovery Tool☆3,106Apr 29, 2024Updated last year
- Distribute ordinary bash commands over many systems☆167Aug 29, 2022Updated 3 years ago
- S3 bucket finder from html,js and bucket misconfiguration testing tool☆34Feb 10, 2020Updated 6 years ago
- Client Side Prototype Pollution Scanner☆522Sep 17, 2022Updated 3 years ago
- This burpsuite extender provides a solution on testing Enterprise applications that involve security Authorization tokens into every HTTP…☆47Feb 27, 2019Updated 7 years ago
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable …☆753Dec 19, 2023Updated 2 years ago
- Cross Origin Resource Sharing MisConfiguration Scanner☆172Nov 17, 2021Updated 4 years ago