Skip to content
View HiitCat's full-sized avatar
🔻
Red Team Operator
🔻
Red Team Operator
5 followers · 2 following

Achievements

Achievement: YOLOAchievement: Pull SharkAchievement: Public Sponsor

Achievements

Achievement: YOLOAchievement: Pull SharkAchievement: Public Sponsor

Highlights

  • Pro

Block or report HiitCat

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
HiitCat/README.md

Hey there 👋

I'm HitCat, welcome on my GitHub.

🔭 Currently going down the Azure / Entra ID rabbit hole.

⚔️ Web offensive is my main domain - client-side and server-side.

🚩 CTF player with fish3r

📫 Open an issue to contact me =]

Write-ups Root Me CTFTime

Pinned Loading

  1. JWT-Arsenal JWT-Arsenal Public

    100% client-side JWT exploitation toolkit for pentesters, CTF players & bug bounty hunters. Forge, inspect and exploit JWT vulnerabilities directly in your browser.

    TypeScript 1

  2. JWT-SecLabs JWT-SecLabs Public

    Hands-on JWT security labs - exploit alg:none, algorithm confusion, JWK/JKU injection, KID traversal and RSA key recovery in isolated Docker environments

    CSS 1

  3. BSCP-CheetSheet BSCP-CheetSheet Public

    Notes d'exploitation des différents labs de la Web Security Academy de PortSwigger.

    PHP 1 1

  4. Fuzzer-Payloads Fuzzer-Payloads Public

    List of payloads that can be used in fuzzing context