Category: Web Vulnerability Analysis

Burp Suite extension token

sessionless: Burp Suite extension for editing, signing, verifying various signed web tokens

Sessionless Sessionless is a Burp Suite extension for editing, signing, verifying, and attacking signed tokens: Django TimestampSigner, ItsDangerous Signer, Express cookie-session middleware, OAuth2 Proxy, and Tornado’s signed cookies. It provides automatic detection and in-line editing of tokens within HTTP...

File upload restrictions bypass

Upload_Bypass: File upload restrictions bypass

Upload_Bypass Upload_Bypass is a powerful tool designed to assist Pentesters and Bug Hunters in testing file upload mechanisms. It leverages various bug bounty techniques to simplify the process of identifying and exploiting vulnerabilities, ensuring thorough...