jwt-attacks

Here are 3 public repositories matching this topic...

Rishurana2867 / price-manipulation-guide

A complete bug bounty guide on Price Manipulation & Business Logic vulnerabilities — Basic to Ninja level, Attack Chaining, Mobile Testing, Bypasses, Report Templates & Checklist.

owasp penetration-testing bug-bounty web-security business-logic ethical-hacking red-team bugcrowd hackerone security-research burp-suite race-condition jwt-attacks price-manipulation

Updated May 23, 2026

kedi / jwt-attacker

Star

tool to test and exploit common JWT security issues such as weak signing keys, alg:none bypasses, and RS/HS confusion attacks.

security jwt jwt-attacks

Updated Jul 5, 2025
Python

Zeeshanafridai / jwt-attack-suite

Star

A comprehensive JWT attack CLI covering every major vulnerability class — from alg:none bypass to RS256→HS256 algorithm confusion, HMAC secret bruteforce, kid header injection (SQLi + path traversal), jku/x5u spoofing with built-in JWKS server, and full token forgery. Built for bug bounty hunters and red teamers.

jwt web-security json-web-token jwt-security penetration-testing-tools bug-bounty-tools jwt-attacks token-forgery algorithm-confusion

Updated Apr 14, 2026
Python

Improve this page

Add a description, image, and links to the jwt-attacks topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the jwt-attacks topic, visit your repo's landing page and select "manage topics."

Learn more

Provide feedback

Saved searches

Use saved searches to filter your results more quickly