Skip to content
/ ModifyRequestSignature Public

Burp extension to automatically modify JWT request signatures

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

swgee/ModifyRequestSignature

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
src/main/java
src/main/java
 
 
target
target
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
pom.xml
pom.xml
 
 

Repository files navigation

Modify Request Signature

Burp Suite Extension to support automatic resigning of requests.

Some applications may sign each HTTP request to prevent tampering in-flight. Since the request signature algorithm and secret must be known to the client, the extension can be configured to resign requests so dynamic testing is possible using tools like Repeater, Proxy Intercept, Scanner, and Intruder.

Currently only supports the following configurations:

  • Base64, Base64URL SHA256 hashing functions
  • Hashing the request body
  • HS256 JWT signatures

About

Burp extension to automatically modify JWT request signatures

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages