{"id":14585,"date":"2021-07-23T16:38:27","date_gmt":"2021-07-23T11:08:27","guid":{"rendered":"https:\/\/kalilinuxtutorials.com\/?p=14585"},"modified":"2021-07-23T16:38:27","modified_gmt":"2021-07-23T11:08:27","slug":"jwtweak","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/jwtweak\/","title":{"rendered":"JWTweak : Detects The Algorithm Of Input JWT Token And Provide Options To Generate The New JWT Token Based On The User Selected Algorithm"},"content":{"rendered":"\n<p><strong>JWTweak<\/strong> is a tool to detects The Algorithm Of Input JWT Token And Provide Options To Generate The New JWT Token Based On The User Selected Algorithm. With the global increase in JSON Web Token (JWT) usage, the attack surface has also increased significantly. Having said that, this utility is designed with the aim to generate the new JWT token with little or no time which would help security enthusiasts to find security flaws in JWT implementation. This tool is designed to automate the process of modifying the JWT algorithm of input JWT Token and then generate the new JWT based on the new algorithm.<\/p>\n\n\n\n<p class=\"has-text-align-center has-vivid-green-cyan-background-color has-background\"><strong>Requirements<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Python 3 (tested and working fine in python-3.7.7\/Kali and python-3.8.2\/Windows 10)<\/li><li>pip3 install pycryptodomex<\/li><\/ul>\n\n\n\n<p class=\"has-text-align-center has-vivid-green-cyan-background-color has-background\"><strong>Features<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Detects the algorithm of the input JWT Token<\/li><li>Base64 decode the input JWT Token<\/li><li>Generate new JWT by changing the algorithm of the input JWT to &#8216;none&#8217;<\/li><li>Generate new JWT by changing the algorithm of the input JWT to &#8216;HS256&#8217;<\/li><li>Generate new JWT by changing the algorithm of the input JWT to &#8216;HS384&#8217;<\/li><li>Generate new JWT by changing the algorithm of the input JWT to &#8216;HS512&#8217;<\/li><li>Generate new JWT by changing the algorithm of the input JWT to &#8216;RS256&#8217;<\/li><li>Generate new JWT by changing the algorithm of the input JWT to &#8216;RS384&#8217;<\/li><li>Generate new JWT by changing the algorithm of the input JWT to &#8216;RS512&#8217;<\/li><\/ul>\n\n\n\n<p class=\"has-text-align-center has-vivid-green-cyan-background-color has-background\"><strong>Download Link<\/strong><\/p>\n\n\n\n<p><strong>JWTweak.py<\/strong><\/p>\n\n\n\n<p class=\"has-text-align-center has-vivid-green-cyan-background-color has-background\"><strong>POC<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/1.bp.blogspot.com\/-9zaMONOsLGY\/YOxWPxczZsI\/AAAAAAAAJ-A\/HpqoWy1ch9E4PwCIydCO-zrNxmWeZ6pugCLcBGAsYHQ\/s910\/11.png\" alt=\"\"\/><\/figure>\n\n\n\n<div class=\"wp-block-buttons is-content-justification-center is-layout-flex wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button is-style-outline is-style-outline--1\"><a class=\"wp-block-button__link has-vivid-cyan-blue-background-color has-background\" href=\"https:\/\/github.com\/rishuranjanofficial\/JWTweak\"><strong>Download<\/strong><\/a><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>JWTweak is a tool to detects The Algorithm Of Input JWT Token And Provide Options To Generate The New JWT Token Based On The User Selected Algorithm. With the global increase in JSON Web Token (JWT) usage, the attack surface has also increased significantly. Having said that, this utility is designed with the aim to [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":16972,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/1.bp.blogspot.com\/-7HBNoDfocfs\/YPUFZZdLvTI\/AAAAAAAAKHU\/YMjY0czbkcQTpepzyhcd1PiPaiiV9eMmwCLcBGAsYHQ\/s420\/19764405%2B%25281%2529.png","fifu_image_alt":"JWTweak : Detects The Algorithm Of Input JWT Token And Provide Options To Generate The New JWT Token Based On The User Selected Algorithm","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[28],"tags":[129,1763,1767],"class_list":["post-14585","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-kali","tag-algorithm","tag-jwt-token","tag-jwtweak"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>JWTweak : Detects The Algorithm Of Input JWT Token<\/title>\n<meta name=\"description\" content=\"JWTweak is a tool to detects The Algorithm Of Input JWT Token And Provide Options To Generate The New JWT Token .\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/jwtweak\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"JWTweak : Detects The Algorithm Of Input JWT Token\" \/>\n<meta property=\"og:description\" content=\"JWTweak is a tool to detects The Algorithm Of Input JWT Token And Provide Options To Generate The New JWT Token .\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/jwtweak\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2021-07-23T11:08:27+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/1.bp.blogspot.com\/-7HBNoDfocfs\/YPUFZZdLvTI\/AAAAAAAAKHU\/YMjY0czbkcQTpepzyhcd1PiPaiiV9eMmwCLcBGAsYHQ\/s420\/19764405%2B%25281%2529.png\" \/>\n<meta name=\"author\" content=\"R K\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/1.bp.blogspot.com\/-7HBNoDfocfs\/YPUFZZdLvTI\/AAAAAAAAKHU\/YMjY0czbkcQTpepzyhcd1PiPaiiV9eMmwCLcBGAsYHQ\/s420\/19764405%2B%25281%2529.png\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"R K\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/jwtweak\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/jwtweak\/\"},\"author\":{\"name\":\"R K\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\"},\"headline\":\"JWTweak : Detects The Algorithm Of Input JWT Token And Provide Options To Generate The New JWT Token Based On The User Selected Algorithm\",\"datePublished\":\"2021-07-23T11:08:27+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/jwtweak\/\"},\"wordCount\":255,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/jwtweak\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/1.bp.blogspot.com\/-7HBNoDfocfs\/YPUFZZdLvTI\/AAAAAAAAKHU\/YMjY0czbkcQTpepzyhcd1PiPaiiV9eMmwCLcBGAsYHQ\/s420\/19764405%2B%25281%2529.png\",\"keywords\":[\"Algorithm\",\"JWT Token\",\"JWTweak\"],\"articleSection\":[\"Kali Linux\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/jwtweak\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/jwtweak\/\",\"name\":\"JWTweak : Detects The Algorithm Of Input JWT Token\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/jwtweak\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/jwtweak\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/1.bp.blogspot.com\/-7HBNoDfocfs\/YPUFZZdLvTI\/AAAAAAAAKHU\/YMjY0czbkcQTpepzyhcd1PiPaiiV9eMmwCLcBGAsYHQ\/s420\/19764405%2B%25281%2529.png\",\"datePublished\":\"2021-07-23T11:08:27+00:00\",\"description\":\"JWTweak is a tool to detects The Algorithm Of Input JWT Token And Provide Options To Generate The New JWT Token .\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/jwtweak\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/jwtweak\/#primaryimage\",\"url\":\"https:\/\/1.bp.blogspot.com\/-7HBNoDfocfs\/YPUFZZdLvTI\/AAAAAAAAKHU\/YMjY0czbkcQTpepzyhcd1PiPaiiV9eMmwCLcBGAsYHQ\/s420\/19764405%2B%25281%2529.png\",\"contentUrl\":\"https:\/\/1.bp.blogspot.com\/-7HBNoDfocfs\/YPUFZZdLvTI\/AAAAAAAAKHU\/YMjY0czbkcQTpepzyhcd1PiPaiiV9eMmwCLcBGAsYHQ\/s420\/19764405%2B%25281%2529.png\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\",\"name\":\"R K\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"caption\":\"R K\"},\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"JWTweak : Detects The Algorithm Of Input JWT Token","description":"JWTweak is a tool to detects The Algorithm Of Input JWT Token And Provide Options To Generate The New JWT Token .","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/jwtweak\/","og_locale":"en_US","og_type":"article","og_title":"JWTweak : Detects The Algorithm Of Input JWT Token","og_description":"JWTweak is a tool to detects The Algorithm Of Input JWT Token And Provide Options To Generate The New JWT Token .","og_url":"https:\/\/kalilinuxtutorials.com\/jwtweak\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2021-07-23T11:08:27+00:00","og_image":[{"url":"https:\/\/1.bp.blogspot.com\/-7HBNoDfocfs\/YPUFZZdLvTI\/AAAAAAAAKHU\/YMjY0czbkcQTpepzyhcd1PiPaiiV9eMmwCLcBGAsYHQ\/s420\/19764405%2B%25281%2529.png","type":"","width":"","height":""}],"author":"R K","twitter_card":"summary_large_image","twitter_image":"https:\/\/1.bp.blogspot.com\/-7HBNoDfocfs\/YPUFZZdLvTI\/AAAAAAAAKHU\/YMjY0czbkcQTpepzyhcd1PiPaiiV9eMmwCLcBGAsYHQ\/s420\/19764405%2B%25281%2529.png","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"R K","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/jwtweak\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/jwtweak\/"},"author":{"name":"R K","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad"},"headline":"JWTweak : Detects The Algorithm Of Input JWT Token And Provide Options To Generate The New JWT Token Based On The User Selected Algorithm","datePublished":"2021-07-23T11:08:27+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/jwtweak\/"},"wordCount":255,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/jwtweak\/#primaryimage"},"thumbnailUrl":"https:\/\/1.bp.blogspot.com\/-7HBNoDfocfs\/YPUFZZdLvTI\/AAAAAAAAKHU\/YMjY0czbkcQTpepzyhcd1PiPaiiV9eMmwCLcBGAsYHQ\/s420\/19764405%2B%25281%2529.png","keywords":["Algorithm","JWT Token","JWTweak"],"articleSection":["Kali Linux"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/jwtweak\/","url":"https:\/\/kalilinuxtutorials.com\/jwtweak\/","name":"JWTweak : Detects The Algorithm Of Input JWT Token","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/jwtweak\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/jwtweak\/#primaryimage"},"thumbnailUrl":"https:\/\/1.bp.blogspot.com\/-7HBNoDfocfs\/YPUFZZdLvTI\/AAAAAAAAKHU\/YMjY0czbkcQTpepzyhcd1PiPaiiV9eMmwCLcBGAsYHQ\/s420\/19764405%2B%25281%2529.png","datePublished":"2021-07-23T11:08:27+00:00","description":"JWTweak is a tool to detects The Algorithm Of Input JWT Token And Provide Options To Generate The New JWT Token .","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/jwtweak\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/jwtweak\/#primaryimage","url":"https:\/\/1.bp.blogspot.com\/-7HBNoDfocfs\/YPUFZZdLvTI\/AAAAAAAAKHU\/YMjY0czbkcQTpepzyhcd1PiPaiiV9eMmwCLcBGAsYHQ\/s420\/19764405%2B%25281%2529.png","contentUrl":"https:\/\/1.bp.blogspot.com\/-7HBNoDfocfs\/YPUFZZdLvTI\/AAAAAAAAKHU\/YMjY0czbkcQTpepzyhcd1PiPaiiV9eMmwCLcBGAsYHQ\/s420\/19764405%2B%25281%2529.png"},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad","name":"R K","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","caption":"R K"},"url":"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/"}]}},"jetpack_featured_media_url":"https:\/\/1.bp.blogspot.com\/-7HBNoDfocfs\/YPUFZZdLvTI\/AAAAAAAAKHU\/YMjY0czbkcQTpepzyhcd1PiPaiiV9eMmwCLcBGAsYHQ\/s420\/19764405%2B%25281%2529.png","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":10948,"url":"https:\/\/kalilinuxtutorials.com\/token-breaker\/","url_meta":{"origin":14585,"position":0},"title":"Token Breaker : JSON RSA To HMAC &#038; None Algorithm Vulnerability POC","author":"R K","date":"July 17, 2020","format":false,"excerpt":"Token Breaker is focused on 2 particular vulnerability related to JWT tokens. None AlgorithmRSAtoHMAC Refer to this link about insights of the vulnerability and how an attacker can forge the tokens Try out this vulnerability here TheNone Usage Usage: TheNone.py [-h] -t TOKENTokenBreaker: 1.TheNoneAlgorithmOptional Arguments:-h, --help show this help message\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":11746,"url":"https:\/\/kalilinuxtutorials.com\/jwt-hack\/","url_meta":{"origin":14585,"position":1},"title":"JWT-Hack : Hack the JWT(JSON Web Token)","author":"R K","date":"November 4, 2020","format":false,"excerpt":"JWT-Hack is tool for hacking \/ security testing to JWT. Supported for En\/decoding JWT, Generate payload for JWT attack and very fast cracking(dict\/brutefoce). Installation go-get(dev version) $ go get -u github.com\/hahwul\/jwt-hack homebrew $ brew tap hahwul\/jwt-hack $ brew install jwt-hack snapcraft $ sudo snap install jwt-hack Usage d8p 8d8 d88\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":5027,"url":"https:\/\/kalilinuxtutorials.com\/jwt-tool\/","url_meta":{"origin":14585,"position":2},"title":"JWT Tool : A Toolkit For Testing, Tweaking &#038; Cracking JSON Web Tokens","author":"R K","date":"May 18, 2019","format":false,"excerpt":"JWT Tool(jwt_tool.py) is a toolkit for validating, forging and cracking JWTs (JSON Web Tokens). Its functionality includes: Checking the validity of a tokenTesting for the RS\/HS256 public key mismatch vulnerabilityTesting for the alg=None signature-bypass vulnerabilityTesting the validity of a secret\/key\/key fileIdentifying weak keys via a High-speed Dictionary AttackForging new token\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":15299,"url":"https:\/\/kalilinuxtutorials.com\/tokentactics\/","url_meta":{"origin":14585,"position":3},"title":"TokenTactics : Azure JWT Token Manipulation Toolset","author":"R K","date":"July 30, 2021","format":false,"excerpt":"TokenTactics is a Azure JSON Web Token (\"JWT\") Manipulation Toolset. Azure access tokens allow you to authenticate to certain endpoints as a user who signs in with a device code. Even if they used multi-factor authentication. Once you have a user's access token, it may be possible to access certain\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":10373,"url":"https:\/\/kalilinuxtutorials.com\/rs256-2-hs256\/","url_meta":{"origin":14585,"position":4},"title":"RS256-2-HS256 : JWT Attack To Change Algorithm RS256 to HS256","author":"R K","date":"April 23, 2020","format":false,"excerpt":"RS256-2-HS256 is a JWT Attack to change the algorithm RS256 to HS256. Usage Usage: RS256_2_HS256_JWT.py [-h] payload pubkeyPositional Arguments: payload JSON payload from JWT to attack pubkey Public key file to use for signingOptional Arguments:-h, --help show this help message and exit Also Read - Burp-Exporter : Request To Clipboard\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":10408,"url":"https:\/\/kalilinuxtutorials.com\/githubfind3r\/","url_meta":{"origin":14585,"position":5},"title":"GithubFind3r : Fast Command Line Repo\/User\/Commit Search Tool","author":"R K","date":"April 26, 2020","format":false,"excerpt":"GithubFind3r is a very fast command line repo\/user\/commit search tool. Also Read - RS256-2-HS256 : JWT Attack To Change Algorithm RS256 to HS256 Installation git clone https:\/\/github.com\/atmoner\/githubFind3r.git cd githubFind3r npm install Run It node githubFind3r.js Download","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/14585","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=14585"}],"version-history":[{"count":0,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/14585\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media\/16972"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=14585"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=14585"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=14585"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}