search

SasanLabs / owasp-zap-jwt-addon

OWASP ZAP addon for finding vulnerabilities in JWT Implementations
https://www.zaproxy.org/
Apache License 2.0
30 stars 12 forks source link

Decoding JWT tokens #37

Open njmulsqb opened 2 years ago

njmulsqb commented 2 years ago

This addon should contain the ability to encode/decode JWT tokens found in the request, so that JWT tokens can be tested on fly

preetkaran20 commented 2 years ago

Hi @njmulsqb,

Are you looking for decoding under request tab in ZAP like we show the http request?

thanks, Karan

njmulsqb commented 2 years ago

Hi Preet,

I am inspired by the JWT extension of Burp, if we can replicate that in Zap, it would be awesome. Check out the burp extension https://portswigger.net/bappstore/26aaa5ded2f74beea19e2ed8345a93dd

buksmr commented 5 months ago

Can I look at adding this feature?

preetkaran20 commented 5 months ago

@buksmr Thanks a lot. I have assigned this task to you.