GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → lmammino → Jwt Cracker

lmammino / Jwt Cracker

Licence: mit
Simple HS256 JWT token brute force cracker

Programming Languages

javascript
184084 projects - #8 most used programming language

Labels

nodejscommand-linejwtbruteforcebrute-forcecommandsecrets

Projects that are alternatives of or similar to Jwt Cracker

instabrute
Instagram Brute Forcer
Stars: ✭ 135 (-63.01%)
Mutual labels:  bruteforce, brute-force
uberscan
Security program for recovering passwords and pen-testing servers, routers and IoT devices using brute-force password attacks.
Stars: ✭ 31 (-91.51%)
Mutual labels:  bruteforce, brute-force
d00r
Simple directory brute-force tool written with python.
Stars: ✭ 35 (-90.41%)
Mutual labels:  bruteforce, brute-force
Tsukae
🧑‍💻📊 Show off your most used shell commands
Stars: ✭ 345 (-5.48%)
Mutual labels:  command-line, command
Cliffy
NodeJS Framework for Interactive CLIs
Stars: ✭ 263 (-27.95%)
Mutual labels:  command-line, command
Brutegram
Instagram multi-bruteforce Platfrom
Stars: ✭ 183 (-49.86%)
Mutual labels:  bruteforce, brute-force
Bitcoin-wallet-cracker
Automated Bitcoin wallet generator that with mnemonic and passphrases bruteforces wallet addresses
Stars: ✭ 140 (-61.64%)
Mutual labels:  bruteforce, brute-force
PUPI
🛅 Passwords using personal information
Stars: ✭ 65 (-82.19%)
Mutual labels:  bruteforce, brute-force
Xbruteforcer
X Brute Forcer Tool 🔓 WordPress , Joomla , DruPal , OpenCart , Magento
Stars: ✭ 261 (-28.49%)
Mutual labels:  bruteforce, brute-force
Shodan-RPi
A simple SSH bruteforce script targeting (not necessarily) Raspbian devices.
Stars: ✭ 13 (-96.44%)
Mutual labels:  bruteforce, brute-force
psolving-paradigms
Common problems of dynamic programming methods and techniques, including prerequisites, for competitive programmers.
Stars: ✭ 34 (-90.68%)
Mutual labels:  bruteforce, brute-force
Shell Safe Rm
😎 Safe-rm: A drop-in and much safer replacement of bash rm with nearly full functionalities and options of the rm command! Safe-rm will act exactly the same as the original rm command.
Stars: ✭ 265 (-27.4%)
Mutual labels:  command-line, command
urlbuster
Powerful mutable web directory fuzzer to bruteforce existing and/or hidden files or directories.
Stars: ✭ 144 (-60.55%)
Mutual labels:  bruteforce, brute-force
password-list
Password lists with top passwords to optimize bruteforce attacks
Stars: ✭ 174 (-52.33%)
Mutual labels:  bruteforce, brute-force
Brute-Force-Login
Proof -Of-Concept Brute Force Login on a web-site with a good dictionary of words
Stars: ✭ 231 (-36.71%)
Mutual labels:  bruteforce, brute-force
smtplib-bruteforce
bruteforcing gmail (TLS/SSL)
Stars: ✭ 26 (-92.88%)
Mutual labels:  bruteforce, brute-force
phpmyadmin-authentication-bruteforce
phpMyAdmin Authentication Bruteforce Tool
Stars: ✭ 58 (-84.11%)
Mutual labels:  bruteforce, brute-force
weakpass generator
generates weak passwords based on current date
Stars: ✭ 36 (-90.14%)
Mutual labels:  bruteforce, brute-force
Discord-Nitro-BruteForce
simple discord nitro code generator and checker written in c#
Stars: ✭ 26 (-92.88%)
Mutual labels:  bruteforce, brute-force
Instahack
Instagram bruteforce tool
Stars: ✭ 265 (-27.4%)
Mutual labels:  bruteforce, brute-force
View All Similar Projects ➔

npm npm Rawsec's CyberSecurity Inventory GitHub stars GitHub license

jwt-cracker

Simple HS256 JWT token brute force cracker.

Effective only to crack JWT tokens with weak secrets. Recommendation: Use strong long secrets or RS256 tokens.

Install

With npm:

npm install --global jwt-cracker

Usage

From command line:

jwt-cracker <token> [<alphabet>] [<maxLength>]

Where:

  • token: the full HS256 JWT token string to crack
  • alphabet: the alphabet to use for the brute force (default: "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789")
  • maxLength: the max length of the string generated during the brute force (default: 12)

Requirements

This script requires Node.js version 6.0.0 or higher

Example

Cracking the default jwt.io example:

jwt-cracker "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ" "abcdefghijklmnopqrstuwxyz" 6

It takes about 2 hours in a Macbook Pro (2.5GHz quad-core Intel Core i7).

Contributing

Everyone is very welcome to contribute to this project. You can contribute just by submitting bugs or suggesting improvements by opening an issue on GitHub.

License

Licensed under MIT License. © Luciano Mammino.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].