JSON | MrHacker

Severe Security Flaw Found in “jsonwebtoken” Library Used by 22,000+ Projects

A high-severity security flaw has been disclosed in the open source jsonwebtoken (JWT) library that, if successfully exploited, could lead to remote...

3.1K

Vulnerabilities

High-Severity RCE Vulnerability Reported in Popular Fastjson Library

Cybersecurity researchers have detailed a recently patched high-severity security vulnerability in the popular Fastjson library that could be potentially exploited to achieve...

4.4K

Data Security

Baby clothing giant Carter’s exposed trove of shoppers data

Reportedly, Carter’s failure to implement proper authentication protocols on the store’s parcel tracking pages exposed data and shoppers to scams. VpnMentor analysts...

924

Exploitation Tools

MyJWT – A Cli For Cracking, Testing Vulnerabilities On Json Web Token (JWT)

This cli is for pentesters, CTF players, or dev. You can modify your jwt, sign, inject ,etc… Check Documentation for more...

263

Vulnerability Analysis

MalwLess – Test Blue Team Detections Without Running Any Attack

MalwLess is an open source tool that allows you to simulate system compromise or attack behaviours without running processes or PoCs. The...

207

Information Gathering

CMSsc4n – Tool to identify if a domain is a CMS such as WordPress, Moodle, Joomla, Drupal or Prestashop

Tool to identify if a domain is a CMS such as WordPress, Moodle, Joomla, Drupal or Prestashop. Use python cmssc4n.py -h _____...

239

Exploitation Tools

ysoserial.net – Deserialization payload generator for a variety of .NET formatters

A proof-of-concept tool for generating payloads that exploit unsafe .NET object deserialization. Description ysoserial.net is a collection of utilities and property-oriented programming...