View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0007238||Kali Linux||[All Projects] New Tool Requests||public||2021-06-25 14:28||2021-06-25 14:44|
|Status||resolved||Resolution||no change required|
|Target Version||Fixed in Version|
|Summary||0007238: Want to submit two PowerShell modules as tool requests...can I?|
|Description||Hello, before I go through the process of submitting these, would Kali accept PowerShell modules given that the latest version comes with 7.1.3? I've developed the two of these on Ubuntu and tested them on Kali. The first is a JWT/JWK (JSON Web Token/JSON Web Key) module that allows a tester to determine weaknesses in a JWT validation endpoint by crafting various attacks as well as brute-forcing HS256 signed JWTs. Examples in the Readme under "JWT attacks": https://github.com/anthonyg-1/PSJsonWebToken|
The second is a GraphQL module that at this time contains a single cmdlet, Invoke-GraphQLQuery which allows a tester to perform postive and negative testing against a GraphQL endpoint. I posted the solutions to the "Damn Vulnerable GraphQL application" in the Readme here: https://github.com/anthonyg-1/PSGraphQL
I've used both of the above in combination to validate the security of GraphQL endpoints as most of these endpoints employ JWTs for authentication/authorization.
Thanks in advance!
|Steps To Reproduce||Tool request so n/a|