Skip to content

Automate the progress of changing the algorithm of input JWT Token and then generate the new JWT based on changed algorithm. Break JWT Token with Algorithm 'None' or 'HS256/384/512'.

Notifications You must be signed in to change notification settings

rubaljain/JWTweak

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

30 Commits
 
 
 
 
 
 
 
 

Repository files navigation

JWTweak

Introduction

With the global increase in JSON Web Token (JWT) usage, the attack surface has also increased significantly. Having said that, this utility is designed with the aim to generate the new JWT token with little or no time which would help security enthusiasts to find security flaws in JWT implementation. This tool is designed to automate the process of modifying the JWT algorithm of input JWT Token and then generate the new JWT based on the new algorithm.

Features

  • Detects the algorithm of the input JWT Token
  • Base64 decode the input JWT Token
  • Generate new JWT Token by changing the algorithm of the input JWT to 'None'
  • Generate new JWT Token by changing the algorithm of the input JWT to 'HS256'
  • Generate new JWT Token by changing the algorithm of the input JWT to 'HS384'
  • Generate new JWT Token by changing the algorithm of the input JWT to 'HS512'

Read where it can help

Please connect on Linkedin and Twitter, if you have any query or suggestion.

About

Automate the progress of changing the algorithm of input JWT Token and then generate the new JWT based on changed algorithm. Break JWT Token with Algorithm 'None' or 'HS256/384/512'.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%