RedTeam
3.Web-Hacking
2.Cryptography
2.Encoding
JWT
Tools
Cookie Monster

What is CookieMonster?

CookieMonster is a versatile command-line tool and API developed for decoding and modifying vulnerable session cookies across multiple frameworks. It is specifically engineered to operate within automation pipelines, efficiently processing a large volume of cookies to swiftly uncover potential vulnerabilities. With extensibility at its core, CookieMonster seamlessly accommodates new cookie formats, making it an invaluable asset for security testing and web development.

Commands

CookieMonster offers a robust set of commands tailored for manipulating session cookies:

  • decode: Decodes and unsigns session cookies from various frameworks and raw JWTs.
  • inspect: Analyzes cookies associated with specific URLs, providing insights from both request and response cookies.
  • generate: Creates random cookies, useful for testing and development purposes.
  • resign: Limited support for resigning unsigned cookies, primarily for Django-decoded cookies.

Example

cookiemonster -cookie "gAJ9cQFYCgAAAHRlc3Rjb29raWVxAlgGAAAAd29ya2VkcQNzLg:1mgnkC:z5yDxzI06qYVAU3bkLaWYpADT4I"

More Information

CookieMonster can be installed by setting up Go and then utilizing the provided CLI installation command. It requires a cookie to unsign and a wordlist, with a default option available if none is provided. The tool supports cookies from frameworks like Laravel, Django, Flask, Rack, Express, and more. For users of the Express framework, CookieMonster accommodates cookies signed with cookie-session, although careful handling is advised. Additionally, CookieMonster offers an API package, enabling seamless integration into custom applications for enhanced performance. The project acknowledges its roots in various sources and includes wordlists from Flask-Unsign.