SasanLabs owasp-zap-jwt-addon issues

SasanLabs / owasp-zap-jwt-addon

OWASP ZAP addon for finding vulnerabilities in JWT Implementations

https://www.zaproxy.org/

Apache License 2.0

29 stars 10 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Reduce JWT scan rules false positives

#43 karthikuj closed 1 year ago
0
Static files leads to False positives

#42 itsdivyanshjain closed 1 year ago
1
Create getting started tutorial

#41 aulia-adil opened 1 year ago
2
Releasing newer version 1.0.3

#40 preetkaran20 closed 1 year ago
0
Incorrect Signature attach added

#39 killshotrevival closed 1 year ago
3
Adding Header Param Injection attacks

#38 preetkaran20 opened 1 year ago
0
Decoding JWT tokens

#37 njmulsqb opened 2 years ago
4
fix: Missing Rule Details - Ensure i18n always initialized

#36 kingthorin closed 2 years ago
0
Add support for Java Vuln? (CVE-2022-21449)

#35 kingthorin opened 2 years ago
2
Incorporating review comments

#34 preetkaran20 closed 2 years ago
1
Updating version

#33 preetkaran20 closed 2 years ago
0
Various Fixes

#32 preetkaran20 closed 2 years ago
4
When sending a JWT token with an Authorization header, the scanner doesn't send out any requests

#31 yaakov123 closed 2 years ago
11
chore: jwt: SAST (sonar) Fixes

#30 kingthorin closed 2 years ago
4
chore: Build and Dependency Updates

#29 kingthorin closed 2 years ago
0
Adding support for Elliptic Curve based vulnerabilities

#28 preetkaran20 opened 2 years ago
0
Analysis for other attack vectors on JWT

#27 preetkaran20 opened 2 years ago
4
JWT option in fuzzer is not shown if request doesn't contains JWT pattern

#26 preetkaran20 closed 1 year ago
4
Add getHelpIndex to Options panel for JWT

#25 preetkaran20 opened 2 years ago
0
SpotlessApply

#24 preetkaran20 closed 3 years ago
0
spotlessApply

#23 preetkaran20 closed 3 years ago
0
spotlessApply

#22 preetkaran20 closed 3 years ago
0
Adding license file

#21 preetkaran20 closed 3 years ago
1
New Release for JWT Support Addon.

#20 preetkaran20 closed 3 years ago
5
Updating changelog

#19 preetkaran20 closed 3 years ago
0
Integrate change log action

#18 preetkaran20 opened 3 years ago
0
Not stopping JWT active scanner on finding client side vulnerability

#17 preetkaran20 closed 3 years ago
2
[Analysis] Adding a rule which checks the difference between current time and token's expiry time and raise an alert if difference is more than X minutes

#16 preetkaran20 opened 3 years ago
0
Adding Custom Payload support for weak keys/publicly well known secrets

#15 preetkaran20 opened 3 years ago
2
Remove unused fuzz handler

#14 thc202 closed 3 years ago
2
change JWTActiveScanner to JWTActiveScanRule

#13 Keenal closed 3 years ago
2
Adding Attack vector for finding vulnerabilities related to JWE

#12 preetkaran20 opened 3 years ago
3
Publicly well known secret checking attack.

#11 preetkaran20 closed 3 years ago
10
Analysing the Brute force attack.

#10 preetkaran20 closed 3 years ago
0
Fuzzer changes

#9 preetkaran20 closed 3 years ago
0
Inconsistency in Truststore and Private key inputs

#8 preetkaran20 opened 3 years ago
0
ScanRule Naming Consistency

#7 kingthorin closed 3 years ago
4
JWT Fuzzer

#6 preetkaran20 closed 3 years ago
48
commonlib follow-up

#5 kingthorin closed 4 years ago
1
Use commonlib

#4 kingthorin closed 4 years ago
2
Replace forked sharedutils component with use of commonlib

#3 kingthorin closed 4 years ago
2
Incorporating review comments

#2 preetkaran20 closed 4 years ago
3
Incorporating review comments

#1 preetkaran20 closed 4 years ago
0