thomas.darimont at googlemail.com
Sat May 13 03:32:45 EDT 2017
I just stumbled upon the interesting tool JOSPEH (
that was presented at the OWASP AppSec EU Conference (
which I'd like to share.
JOSEPH is basically a BURP extension that allows to analyze JWE / JWS
structures in HTTP messages and to pentest endpoints which can process JWS
structures with a list of well-known attacks.
More information about the keycloak-dev