Sjord/ jwtcrack
Need help with jwtcrack?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.
About the developer
128 Stars 
51 Forks 
GNU Affero General Public License v3.0 
23 Commits 
1 Opened issues 
Description
Crack the shared secret of a HS256-signed JWT
Services available
Contributors list
Readme
Crack a HS256, HS384 or HS512-signed JWT. You need
PyJWTfor these scripts:
pip install PyJWT
crackjwt.py
crackjwt.py JWT dictionary.txt
Try to verify the signature on the JWT using all words in
dictionary.txt(one per line).
jwt2john
jwt2john.py JWT
Convert a JWT to a format John the Ripper can understand.
John the Ripper now supports the JWT format, so converting the token is no longer necessary. John has a size limit on the data it will take. If you run into this limit, consider changing
SALT_LIMBSin the source code.