All Projects → aress31 → Jwtcat

aress31 / Jwtcat

Licence: apache-2.0
A CPU-based JSON Web Token (JWT) cracker and - to some extent - scanner.

Programming Languages

python
139335 projects - #7 most used programming language

Projects that are alternatives of or similar to Jwtcat

Zydra
Stars: ✭ 178 (-1.66%)
Mutual labels:  bruteforce, cracking
Jwt Hack
🔩 jwt-hack is tool for hacking / security testing to JWT. Supported for En/decoding JWT, Generate payload for JWT attack and very fast cracking(dict/brutefoce)
Stars: ✭ 172 (-4.97%)
Mutual labels:  jwt, cracking
Buddy Sign
High level message signing library.
Stars: ✭ 86 (-52.49%)
Mutual labels:  jwt, signature
Ethaddrgen
Custom Ethereum vanity address generator made in Rust
Stars: ✭ 84 (-53.59%)
Mutual labels:  bruteforce, cracking
Jose2go
Golang (GO) implementation of Javascript Object Signing and Encryption specification
Stars: ✭ 150 (-17.13%)
Mutual labels:  jwt, signature
Thecollective
The Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (-53.04%)
Mutual labels:  pentesting, cybersecurity
Web Brutator
Fast Modular Web Interfaces Bruteforcer
Stars: ✭ 97 (-46.41%)
Mutual labels:  pentesting, bruteforce
Wssh
WSSH Is a tool for brute forcing servers that has port 22 open via ssh, wssh is probably the fastest ssh brute forcer available
Stars: ✭ 21 (-88.4%)
Mutual labels:  bruteforce, cracking
Jwtxploiter
A tool to test security of json web token
Stars: ✭ 130 (-28.18%)
Mutual labels:  jwt, pentesting
Ratel
RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Stars: ✭ 121 (-33.15%)
Mutual labels:  pentesting, cybersecurity
Cloudfail
Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network
Stars: ✭ 1,239 (+584.53%)
Mutual labels:  pentesting, bruteforce
Oscp Pentest Methodologies
备考 OSCP 的各种干货资料/渗透测试干货资料
Stars: ✭ 166 (-8.29%)
Mutual labels:  pentesting, cybersecurity
Prismatica
Responsive Command and Control System
Stars: ✭ 81 (-55.25%)
Mutual labels:  pentesting, cybersecurity
Content Bruteforcing Wordlist
Wordlist for content(directory) bruteforce discovering with Burp or dirsearch
Stars: ✭ 173 (-4.42%)
Mutual labels:  pentesting, bruteforce
Rsf
The Robot Security Framework (RSF), Robot Security Framework (RSF), a standardized methodology to perform security assessments in robotics.
Stars: ✭ 76 (-58.01%)
Mutual labels:  pentesting, cybersecurity
Flask Unsign
Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.
Stars: ✭ 90 (-50.28%)
Mutual labels:  pentesting, bruteforce
Jose Jwt
Ultimate Javascript Object Signing and Encryption (JOSE) and JSON Web Token (JWT) Implementation for .NET and .NET Core
Stars: ✭ 692 (+282.32%)
Mutual labels:  jwt, signature
Hashtopolis
A Hashcat wrapper for distributed hashcracking
Stars: ✭ 835 (+361.33%)
Mutual labels:  pentesting, cracking
Defaultcreds Cheat Sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Stars: ✭ 1,949 (+976.8%)
Mutual labels:  pentesting, cybersecurity
Webhashcat
Hashcat web interface
Stars: ✭ 151 (-16.57%)
Mutual labels:  pentesting, cracking

JSON Web Token Cracker

jwtcat

Language License Rawsec's CyberSecurity Inventory

A CPU-based JSON Web Token (JWT) cracker and - to some extent - scanner

jwtcat is a Python script designed to detect and exploit well-known cryptographic flaws present in JSON Web Token (JWT). These vulnerabilities, if successfully exploited by an adversary could allow authentication bypass, information disclosure and could ultimately lead to the compromise of an entire information system.

More information about JWT vulnerabilities can be found at: https://auth0.com/blog/critical-vulnerabilities-in-json-web-token-libraries/


Features

  • Test against the following vulnerabilitie(s):
    • CVE-2018-1000531: JWT signature bypass due to the use of None hashing algorithm (alg=none)
  • Guessing attacks against JWT private keys signed with the HS256 hashing algorithm:
    • Brute-force attacks
    • Wordlist attacks

Requirements

jwtcat is written in Python 3 (and therefore requires a minimum of Python 3.6) in addition to the following libraries:


Installation

  1. Clone/download the repository:
git clone https://github.com/AresS31/jwtcat
cd jwtcat
  1. (Optional but recommended) Create and activate a new Python virtual environment:

    • Create the virtual environment: python -m venv env
    • Activate the newly created environment:
      • On POSIX: source ./env/bin/activate
      • On Windows: ./env/Scripts/Activate.ps1
  2. Install jwtcat's dependencies:

python -m pip install -r requirements.txt

Usage

To get a list of options and switches use:

python jwtcat.py -h

To get a list of options and switches for brute force attacks:

python jwtcat.py brute-force -h

brute-force-demo

To get a list of options and switches for wordlist attacks:

python jwtcat.py wordlist -h

wordlist-demo

To test a JWT against CVE-2018-1000531 and HS256 brute-force attacks:

python jwtcat.py vulnerable -h

vulnerable-demo


Sponsor ♥

If you use jwtcat a lot (especially if it's used commercially), please consider donating as a lot of time and effort went into building and maintaining this project.

Press the "Sponsor" button on the top of this page to see ways of donating/sponsoring to this project.


Contributions

Your feedback and contributions will be much appreciated.


Roadmap

  • [ ] Implement additional attack vectors
  • [ ] Implement support for multithreading or multiprocessing
  • [ ] Implement support for the -tF, --token-file swicth
  • [ ] Improve the code logic for:
    • [ ] TQDM integration with the logger
  • [ ] Improve the script performances

Changelog

v1.1 - May 2020:

  • Added checks to see if jwt is signed with HS256
  • Added checks to see if jwt is vulnerable to CVE-2018-1000531
  • Added potfile options
  • Added support for brute-force attacks
  • Code refactoring
  • Improved the standard output formatting
  • Switched from python-colorlog to coloredlogs

License

Copyright (C) 2017 - 2020 Alexandre Teyar

See LICENSE file for details.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].