View Issue Details
|Queued Tool Addition
|no change required
|0007238: Want to submit two PowerShell modules as tool requests...can I?
Hello, before I go through the process of submitting these, would Kali accept PowerShell modules given that the latest version comes with 7.1.3? I've developed the two of these on Ubuntu and tested them on Kali. The first is a JWT/JWK (JSON Web Token/JSON Web Key) module that allows a tester to determine weaknesses in a JWT validation endpoint by crafting various attacks as well as brute-forcing HS256 signed JWTs. Examples in the Readme under "JWT attacks": https://github.com/anthonyg-1/PSJsonWebToken
The second is a GraphQL module that at this time contains a single cmdlet, Invoke-GraphQLQuery which allows a tester to perform postive and negative testing against a GraphQL endpoint. I posted the solutions to the "Damn Vulnerable GraphQL application" in the Readme here: https://github.com/anthonyg-1/PSGraphQL
I've used both of the above in combination to validate the security of GraphQL endpoints as most of these endpoints employ JWTs for authentication/authorization.
Thanks in advance!
|Steps To Reproduce
Tool request so n/a
|new => resolved
|open => no change required
|Note Added: 0014854
|New Tool Requests => Queued Tool Addition