TokenTactics – Azure JWT Token Manipulation Toolset

Azure JSON Web Token (“JWT”) Manipulation Toolset Azure access tokens allow you to authenticate to certain endpoints as a user who signs in with a device code. Even if they used multi-factor authentication. Once you have a user’s access token, it may be possible to access certain apps such as Outlook, SharePoint, OneDrive, MSTeams andRead More

Ssh-Mitm – Ssh Mitm Server For Security Audits Supporting Public Key Authentication, Session Hijacking And File Manipulation

ssh-mitm is an intercepting (mitm) proxy server for security audits. Redirect/mirror Shell to another ssh client supported in 0.2.8 Replace File in SCP supported in 0.2.6 Replace File in SFTP supported in 0.2.3 Transparent proxy support in 0.2.2! – intercepting traffic to other hosts is now possible when using arp spoofing or proxy is usedRead More

Proxify – Swiss Army Knife Proxy Tool For HTTP/HTTPS Traffic Capture, Manipulation, And Replay On The Go

Swiss Army Knife Proxy for rapid deployments. Supports multiple operations such as request/response dump, filtering and manipulation via DSL language, upstream HTTP/Socks5 proxy. Additionally a replay utility allows to import the dumped traffic (request/responses with correct domain name) into burp or any other proxy by simply setting the upstream proxy to proxify. Features Simple andRead More