A vast collection of security tools for bug bounty, pentest and red teaming


JWTweak on offsec.tools

Detects JWT algorithm and provides options to generate a new JWT based on another algorithm.

JWT4B on offsec.tools

JWT Support for Burp Suite.

JOSEPH on offsec.tools

JavaScript Object Signing and Encryption Pentesting Helper.

jwt-hack on offsec.tools

JWT encoding/decoding, generates payloads for JWT attack and very fast cracking.

JWT Key ID Injector on offsec.tools
JWT Key ID Injector

Simple python script to check against hypothetical JWT vulnerability.

jwtear on offsec.tools

Modular command-line tool to parse, create and manipulate JWT tokens.

jwt-heartbreaker on offsec.tools

Burp Suite extension to check JWT for using keys from known from public sources.

JWT cracker on offsec.tools
JWT cracker

JWT brute force cracker written in C.

JWT Tool on offsec.tools
JWT Tool

A toolkit for testing, tweaking and cracking JSON Web Tokens.