Skip to content

dkaufmann96/jwt-brute

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
.gitignore
.gitignore
 
 
CODE_OF_CONDUCT.md
CODE_OF_CONDUCT.md
 
 
README.md
README.md
 
 
__main__.py
__main__.py
 
 
bruteforce.py
bruteforce.py
 
 
signature_validation.py
signature_validation.py
 
 

Repository files navigation

jwt-brute

A Tool to brute force JSON Web Token secrets using a naive implementation. For educational purposes only.

Currently only supports tokens signed using HMAC-SHA256.

Usage

  • Clone repository with git clone git@github.com:dkaufmann96/jwt-brute.git
  • Start with python jwt-brute
  • Insert a valid JWT (e.g. from https://jwt.io) and the maximum length of keys to be guessed.

Todo

  • Add support for Python3
  • Validate JWT
  • Add support for more algorithms

About

A tool to brute force JSON Web Token secrets.

Topics

security jwt cryptography jwt-cracker security-tools hmac-sha256

Resources

Readme

Code of conduct

Code of conduct
Activity

Stars

3 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages