Red Teaming and Malware Analysis
Red Teaming and Malware Analysis
@sirpedrotavares
seguranca-informatica.pt
0xSI_f33d
About
Red Teaming
Cheat Sheet
Active Directory 101
Fuzzing and Web
Initial Foothold
Privilege Escalation (Privesc)
Lateral Movement (Pivoting)
Persistence
Command and Control (C&C)
Data Exfiltration
CVE & Exploits / CTF
Tools
OSINT
DNS
WEB
API and WS Hacking
Web Discovery
Web Fuzzing
Path Traversal
GraphQL
JWT
Infrastructure and Network
Privilege Escalation
Exfiltration
Persistence
Password & Cracking
Static Code Analysis
Reporting
Resources
Malware Analysis
Unpacking
Tools
Resources
Mobile
Tools
Reverse iOS ipa
Reverse Android APKs
Basic tips
Resources
IoT / ARM / Firmware
Basic tips
Reverse IoT devices
Tools
Resources
Powered by GitBook

JWT

​jwt-key-id-injector: Simple python script to check against hypothetical JWT vulnerability.

python3 injector.py eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.zbgd5BNF1cqQ_prCEqIvBTjSxMS8bDLnJAE_wE-0Cxg

MyJWT: This cli is for pentesters, CTF players, or dev. You can modify your jwt, sign, inject ,etc…

Previous
GraphQL
Next
Infrastructure and Network
Last updated 4 months ago