JWT Tool(jwt_tool.py) is a toolkit for validating, forging and cracking JWTs (JSON Web Tokens). Its functionality includes: Checking the validity of a token Testing for the RS/HS256 public key mismatch vulnerability Testing for the alg=None signature-bypass vulnerability Testing the validity of a secret/key/key file Identifying weak keys via a High-speed Dictionary Attack Forging new token …
Continue reading “JWT Tool : A Toolkit For Testing, Tweaking & Cracking JSON Web Tokens”