jwt-secret

Bruteforce a JWT against a list of passwords

Your JWT is only as secure as the secret used to sign it. Test a JWT against any arbitrary list of secrets.

Install

Ensure you have Node.js version 4+ installed. Then run the following:

$ npm install --global jwt-secret

Usage

$ jwt-secret --help

  Usage
    $ jwt-secret <token>

    --file   Read secrets from file path
    --stdin  Read secrets from stdin

  Examples
    $ jwt-secret --file ./passwords.txt eyJhbGciOiJIUzI1...
    $ curl -sL https://git.io/vP5n1 | jwt-secret --stdin eyJhbGciOiJIUzI1...

Secrets

Secrets must be newline separated. Try using a list from SecLists.

Example:

123456
password
12345678
qwerty
123456789
12345
1234
111111
1234567
dragon

jwt-secret

jwt-secret

Install

Usage

Secrets

License

Readme

Keywords

Package Sidebar

Install

Repository

Homepage

Weekly Downloads

Version

License

Last publish

Collaborators

jwt-secret

jwt-secret

Install

Usage

Secrets

License

Readme

Keywords

Package Sidebar

Install

Repository

Homepage

DownloadsWeekly Downloads

Version

License

Last publish

Collaborators

Weekly Downloads