{% extends "base.html" %} {% block title %}{{ site.title }} - A JWT Security Testing Toolkit{% endblock %} {% block body %}
cryptography · security · toolkit · {{ page.extra.hero_badge }}

jwt-hack

{{ page.extra.hero_description }}

token.preview HS256 · 3-segment
header eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9
payload eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkhB...
sig SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQss...
$ jwt-hack decode <token>
capabilities

{{ page.extra.features_title }}

{{ page.extra.features_description }}

01

encode & decode

JWT and JWE tokens with multiple algorithms, custom headers, and DEFLATE compression.

02

verify signatures

Symmetric and asymmetric algorithms verified with secrets or keys, plus expiration validation.

03

advanced cracking

Crack JWT secrets via dictionary or brute-force, with support for compressed tokens.

04

attack payloads

Generate none-alg, algorithm confusion, and header manipulation attack variants.

05

high performance

Built in Rust with parallel processing for intensive operations — raw speed under load.

06

mcp server

Integrate with AI models via Model Context Protocol for intelligent JWT analysis.

open source

{{ page.extra.cta_title }}

{{ page.extra.cta_description }}

{{ page.extra.cta_button_text }}
{% endblock %}