Need help with jwtcrack?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

128 Stars 51 Forks GNU Affero General Public License v3.0 23 Commits 1 Opened issues


Crack the shared secret of a HS256-signed JWT

Services available


Need anything else?

Contributors list

# 41,309
14 commits

Crack a HS256, HS384 or HS512-signed JWT. You need

for these scripts:
pip install PyJWT JWT dictionary.txt

Try to verify the signature on the JWT using all words in

(one per line).

jwt2john JWT

Convert a JWT to a format John the Ripper can understand.

John the Ripper now supports the JWT format, so converting the token is no longer necessary. John has a size limit on the data it will take. If you run into this limit, consider changing

in the source code.

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.