MyJWT – A Cli For Cracking, Testing Vulnerabilities On Json Web Token (JWT)

This cli is for pentesters, CTF players, or dev. You can modify your jwt, sign, inject ,etc… Check Documentation for more information. If you see problems or enhancement send an issue.I will respond as soon as possible. Enjoy 🙂 Documentation Documentation is available at http://myjwt.readthedocs.io Features copy new jwt to clipboard user Interface (thanks questionary)Read More

TokenBreaker – JSON RSA To HMAC And None Algorithm Vulnerability POC

[*] Token Breaker is focused on 2 particular vulnerability related to JWT tokens. None Algorithm RSAtoHMAC Refer to this link about insights of the vulnerability and how an attacker can forge the tokensTry out this vulnerability hereTheNone Usage usage: TheNone.py [-h] -t TOKENTokenBreaker: 1.TheNoneAlgorithmoptional arguments: -h, –help show this help message and exitrequired arguments: -tRead More

ApplicationInspector – A Source Code Analyzer Built For Surfacing Features Of Interest And Other Characteristics To Answer The Question ‘What’S In It’ Using Static Analysis With A Json Based Rules Engine

Microsoft Application Inspector is a software source code analysis tool that helps identify and surface well-known features and other interesting characteristics of source code to aid in determining what the software is or what it does.Application Inspector is different from traditional static analysis tools in that it doesn’t attempt to identify “good” or “bad” patterns;Read More

X