GitHub - ememisya/jwt-hmac-bruteforcer: A simple Java application written to demonstrate bruteforcing JWT tokens using an insecure secret with an HMAC algorithm.

JWT HMAC Bruteforcer

A simple Java application written to demonstrate bruteforcing JWT tokens using an insecure secret with an HMAC algorithm.

Uses com.auth0.java-jwt library for parsing JWT tokens.

v0.1

HS256 simple bruteforcing

Sample Output:

#java -jar jwt-hmac-bruteforcer-0.1-jar-with-dependencies.jar eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJobWFjYXdlc29tZSEifQ.NKioJb2zs1WQpLAZHQd6_zoul-_k4JJFMExQRvKOf0M

Attempting to bruteforce JWT token ('HS256')...
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJobWFjYXdlc29tZSEifQ.NKioJb2zs1WQpLAZHQd6_zoul-_k4JJFMExQRvKOf0M
Secret is 'passy'. Time elapsed 39s

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
src		src
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
pom.xml		pom.xml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

JWT HMAC Bruteforcer

v0.1

About

Releases

Packages

Languages

License

ememisya/jwt-hmac-bruteforcer

Folders and files

Latest commit

History

Repository files navigation

JWT HMAC Bruteforcer

v0.1

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages