Home Tools


JWT Fuzzer

This tool generates fuzzing payloads based on a JWT given as input. The payloads are designed to test common JWT issues and bypasses, as well as attempt to cause server errors via invalid and missing values.

Web App Checklist

This page is an interactive tool of this page. It gives you the ability to create a new project and tick off each check that you have performed. All the data for this checklist application is STORED CLIENT-SIDE.

Sequential Payload Generator

This tool generates a list of sequential payloads starting and ending at the specified numbers. These values can be arbitrarily large and outputted as integers, HEX values, or base64 encoded strings.

BaseN Converter

This tool can convert from UTF-8 strings to BaseN. It can also convert from BaseN to UTF-8 or HEX.

XOR Encryption Cracker

This is a tool for breaking the encryption of messages that have been XOR encrypted using a repeated key. This tool uses statistics (letter frequencies and use of common words, bigrams, and trigrams) to find the most likely key length and and key. This works best for longer cipher-texts.

API Fuzzing Payloads

This tools contains a lists of payloads that may be useful when performing fuzzing attacks. This includes things like CR-LF, Interesting Files, Bad Strings, & JSON Parameter fuzzing.