Locked JWT Tool - A Toolkit For Testing, Tweaking And Cracking JSON Web Tokens

itsMe · 2019-05-16T08:56:06+0000

This is the hidden content, please Sign In or Sign Up jwt_tool.py is a toolkit for validating, forging and cracking JWTs (JSON Web Tokens). Its functionality includes: Checking the validity of a token Testing for the RS/HS256 public key mismatch vulnerability Testing for the alg=None signature-bypass vulnerability Testing the validity of a secret/key/key file Identifying weak keys via a High-speed Dictionary Attack Forging new token header and payload values and creating a new signature with the key or via another attack method This is the hidden content, please Sign In or Sign Up

By itsMe
May 16, 2019 in Pentesting

Followers 0

Start new topic

Recommended Posts

itsMe

Posted May 16, 2019

- Share

Posted May 16, 2019

This is the hidden content, please

jwt_tool.py is a toolkit for validating, forging and cracking JWTs (JSON Web Tokens).

Its functionality includes:

Checking the validity of a token
Testing for the RS/HS256 public key mismatch vulnerability
Testing for the alg=None signature-bypass vulnerability
Testing the validity of a secret/key/key file
Identifying weak keys via a High-speed Dictionary Attack
Forging new token header and payload values and creating a new signature with the key or via another attack method

This is the hidden content, please

Link to comment

Share on other sites

This topic is now closed to further replies.

Followers 0

Go to topic listing

Similar Content
- Offence RAT v2.5
  
  By 2s4cx43k, April 2
  - remotely
  - hacker
  - (and 8 more)
    
    Tagged with:
    
    remotely
    
    hacker
    
    backdoor
    
    malware
    
    trojan
    
    tool
    
    administration
    
    remote
    
    rat
    
    control
  - 0 replies
  - 140 views
- rat BX RAT V1.3
  
  By 2s4cx43k, March 7
  - trojan
  - tool
  - (and 2 more)
    
    Tagged with:
    
    trojan
    
    tool
    
    administration
    
    remote
  - 2 replies
  - 274 views
- pulled site specific dorks but I am not getting any injectable URLs
  
  By Zeeohbrim, February 11
  - cracking
  - 0 answers
  - 89 views
- html 200 TEMPLATES WEBSITE PROFESSIONAL
  
  By ~~kevinsocute2~~ , December 31, 2023
  - website
  - web
  - (and 1 more)
    
    Tagged with:
    
    website
    
    web
    
    php
  - 0 replies
  - 229 views
- BLTools v2.8.0
  
  By ~~rivulet~~ , December 8, 2023
  - tool
  - 1 reply
  - 215 views

Sign In

Locked JWT Tool - A Toolkit For Testing, Tweaking And Cracking JSON Web Tokens

Recommended Posts

itsMe

Link to comment

Share on other sites

Similar Content

Offence RAT v2.5

rat BX RAT V1.3

pulled site specific dorks but I am not getting any injectable URLs

html 200 TEMPLATES WEBSITE PROFESSIONAL

BLTools v2.8.0

Browse

Activity

Store

Important Information