Top Rating
- Top Contributors
  Discover the Top Open Source contributors by country or by language
- Interviews
  Discover real stories from Open Source developers
Discover

Discover your Favorite Language
Discover the top trending repositories and projects on Github. Explore the latest trends in your preferred languages.

Dart

Elixir

Go

Assembly

Haskell

Solidity

OCaml

PowerShell

More Languages
Awesome

Awesome repositories
Discover the most awesome repositories and projects of your favorite languages. Inspired by the Awesome-* lists trend in GitHub.

Racket

R

Crystal

PHP

Elixir

Dart

Ada

Kotlin

More Languages
By Country

Rankings by Country
Discover the community of talented open source contributors in each country.

🇧🇯 Benin

🇵🇳 Pitcairn Islands

🇵🇷 Puerto Rico

🇺🇾 Uruguay

🇬🇬 Guernsey

🇭🇹 Haiti

🇧🇹 Bhutan

🇧🇪 Belgium

All Countries Compare Countries

andresriancho/jwt-fuzzer

Stars
104
Rank 330,604 (Top 7 %)
Language
Python
License
GNU General Publi...
Created almost 8 years ago
Updated over 1 year ago

andresriancho/jwt-fuzzer

andresriancho

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

JWT fuzzer

JSON Web Token Fuzzer

jwt-fuzzer is a simple command line tool that creates multiple, potentially invalid, strings from an initial JSON Web Token.

Installation

$ pip install -r requirements.txt

Usage

$ ./jwt-fuzzer --jwt={JSON Web Token} --output out.json
Generating test JSON Web Tokens...
Done!

Once the output file is generated you'll usually send the modified JWT using the utils/sender tool, which you'll have to customize for your specific case.

w3af

w3af: web application attack and audit framework, the open source web vulnerability scanner.

enumerate-iam

Enumerate the permissions associated with AWS credential set

nimbostratus

Tools for fingerprinting and exploiting Amazon cloud infrastructures

race-condition-exploit

Tool to help with the exploitation of web application race conditions

websocket-fuzzer

HTML5 WebSocket message fuzzer

mongo-objectid-predict

Predict Mongo ObjectIds

cc-lambda

Search the common crawl using lambda functions

secure-ubuntu-desktop

Maintain a list of tips and tricks to be used by Ubuntu users to secure their laptops.

w3af-webui

Django Web UI contributed by Yandex for w3af.

vpc-vpn-pivot

Pivot into private VPC networks using a VPN connection

django-moth

A Django vulnerable Web application for testing the w3af framework

w3af-moth

A set of vulnerable PHP scripts used to test w3af's vulnerability detection features.

w3af-kali

w3af packaging for Kali distribution

splunk-logger

A logging handler for Splunk. Lets you send information to Splunk directly from your Python code.

aws-audit-automation

Tools to automate AWS Cloud security assessments

nimbostratus-target

This repository holds a target infrastructure you can use for running the nimbostratus tools.

w3af-api-client

REST API client to consume w3af

pico-wavsep

A minimalistic way to run WAVSEP

docker-anomalies

Docker container anomaly detection

aws-backup

AWS Backup implementation in terraform

owaspantisamy

Automatically exported from code.google.com/p/owaspantisamy

pico

Tool to identify and exploit timing attacks

burp-proxy-search

Burp suite HTTP history advanced search

w3af-module

Tools to install w3af as a Python module

docker-tag-naming

A small tool that helps name docker tags

sentinela

Sentinela is a highly configurable operating system watchdog which can take actions based on pre-configured rules.

collector

Collect performance metrics for any software using AWS

w3af-api-docker

Docker image for w3af REST API with nginx, uwsgi and supervisord

w3af-packages

Files and utilities that define w3af packages and installers for Windows, Debian, FreeBSD, etc.

w3af-qa

Quality related stuff for w3af.

dirty-dependency-check

Vulnerability dependency check for Maven projects

django-uwsgi-nginx-ssh

Django 1.5.1 with uwsgi, nginx and SSH.

cryptopals

My solutions to the cryptopals challenge

hash-blender

Takes various inputs and separators, mixes them, applies a hash function and verifies if match was found

w3af-performance-analysis

Analysis tool for performance output generated by w3af

py-xchat-twitter

Twitter client written as an XChat plugin (Python)

pico-string-compare-local

String comparison scripts for pico

qotd

A simple quote of the day library

w3af-misc

Misc code loosely related to the w3af project.

burp-extensions

Collection of Burp extensions

w3af-kali-ci

A helper repository to build w3af-kali in CircleCI

django-registration

https://bitbucket.org/ubernostrum/django-registration with minor modifications

django-rest-framework-timing

Minimalistic Django REST framework to test timing attacks

high-entropy-json

Call Lyft's high-entropy-string for each string in a JSON document