Decode, explore, and sign JWTs

Overview

JWT Explorer

A utility for inspecting, modifying, and attacking JWTs.

Supports Windows and Linux and probably also works on macOS but this has not been tested.

Overview of JWT Explorer

Usage

cargo run --release

Or download the latest release for your platform from the releases page!

Features

  • Decode JWTs and inspect the headers and claims
  • Automatically try some common secrets
  • Generate alg:none attack payloads
  • Easily update iat and exp with various offsets
  • Sign and encode tokens with common algorithms
  • Accept and encode invalid JSON payloads
  • Alter the claims while retaining the original signature
  • Signature types: HMAC-SHA, ECDSA, RSASSA-PKCS1-v1_5

Attacks

alg:none
"Sign" the JWT with an empty signature and set the algorithm type to "None". Accepted by some implementations which trust the JWT's choice of signature algorithm. Some parsers check for "none" but don't check for e.g. "nOnE". Make sure to try with and without the trailing dot.
Null signature
Leave the original header intact but don't provide a signature. Make sure to try with and without the trailing dot.
Retain original signature
Tamper with the claims while leaving the original signature intact.
Guess common secrets
If the token has been signed with an HMAC then try a few common secrets. This is not a substitute for passing the token to Hashcat, but can get some easy wins.

License

JWT Explorer is available under the terms of either the MIT license or the Apache License (Version 2.0).

Fonts used are distributed under the terms of the Open Font License.

JWT Explorer binaries include a statically linked copy of OpenSSL which is distributed under the terms of the Apache License 2.0.

See LICENSE-APACHE, LICENSE-MIT, and fonts/*/LICENSE for details.

Releases(v0.4.0)
Owner
David Young
Mostly Rust and embedded systems
David Young
Highly flexible library to manage and orchestrate JWT workflow

JWT Vault Highly flexible library to manage and orchestrate JWT workflow Examples | Website | Chat TODO Add more examples Improve coverage Features Ma

Saurav Gupta 59 Sep 29, 2021
A OAuth2 server library, for use in combination with actix or other frontends, featuring a set of configurable and pluggable backends.

oxide-auth A OAuth2 server library, for use in combination with common web servers, featuring a set of configurable and pluggable backends. About oxid

null 343 Nov 22, 2021
An oauth2 client implementation providing the Device, Installed and Service Account flows.

yup-oauth2 is a utility library which implements several OAuth 2.0 flows. It's mainly used by google-apis-rs, to authenticate against Google services.

Lewin Bormann 135 Nov 24, 2021
OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards.

OpenSK This repository contains a Rust implementation of a FIDO2 authenticator. We developed this as a Tock OS application and it has been successfull

Google 2.1k Nov 28, 2021
Fast, simple and REST compliant file-server with public/private key authentication written in Rust

stormi Stormi is a fast and simple file-server with public/private key authentication How does it work? Stormi accepts multipart/form-data form with m

Polygon 2 Nov 19, 2021
decode a byte stream of varint length-encoded messages into a stream of chunks

length-prefixed-stream decode a byte stream of varint length-encoded messages into a stream of chunks This crate is similar to and compatible with the

James Halliday 3 Sep 9, 2021
Decode Metaplex mint account metadata into a JSON file.

Simple Metaplex Decoder (WIP) Install From Source Install Rust. curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh Clone the source: git c

Samuel Vanderwaal 4 Oct 23, 2021
Extensible open world rogue like game with pixel art. Players can explore the wilderness and ruins.

Rusted Ruins Extensible open world rogue like game with pixel art. Players can explore the wilderness and ruins. This game is written in Rust. Screens

T. Okubo 353 Nov 22, 2021
Explore the WWW and find the shortest path between two HTML documents

explore Find shortest path between two web resources. About I decided to create this project because some day I started to wonder: In how many clicks

Eryk Andrzejewski 1 Oct 20, 2021
Simple playground project to explore the YUV4MPEG2 format.

2mpeg4yuv Simple playground project to explore the YUV4MPEG2 format. Quick Start Install the Rust Compiler Preview $ ./build.sh $ ./2mpeg4yuv preview

Tsoding 17 Oct 7, 2021
Explore from the safety of your shell

turtlescan Explore from the safety of your shell Installation: cargo install turtlescan tui Starts a little tui which connects to your JSON-RPC server

Brian Cloutier 4 Sep 27, 2021
Travis CI and AppVeyor template to test your Rust crate on 5 architectures and publish binary releases of it for Linux, macOS and Windows

trust Travis CI and AppVeyor template to test your Rust crate on 5 architectures and publish binary releases of it for Linux, macOS and Windows Featur

Jorge Aparicio 1.1k Nov 19, 2021
A crate to convert bytes to something more useable and the other way around in a way Compatible with the Confluent Schema Registry. Supporting Avro, Protobuf, Json schema, and both async and blocking.

#schema_registry_converter This library provides a way of using the Confluent Schema Registry in a way that is compliant with the Java client. The rel

Gerard Klijs 45 Nov 24, 2021
Warp is a blazingly fast, Rust-based terminal that makes you and your team more productive at running, debugging, and deploying code and infrastructure.

Warp is a blazingly fast, Rust-based terminal that makes you and your team more productive at running, debugging, and deploying code and infrastructure.

Warp 549 Nov 24, 2021
JiaShiwen 2 Nov 11, 2021
A GPU-accelerated cross-platform terminal emulator and multiplexer written by @wez and implemented in Rust

Wez's Terminal A GPU-accelerated cross-platform terminal emulator and multiplexer written by @wez and implemented in Rust User facing docs and guide a

Wez Furlong 2.6k Nov 27, 2021
IBC modules and relayer - Formal specifications and Rust implementation

ibc-rs Rust implementation of the Inter-Blockchain Communication (IBC) protocol. This project comprises primarily four crates: The ibc crate defines t

Informal Systems 137 Nov 24, 2021
Diemโ€™s mission is to build a trusted and innovative financial network that empowers people and businesses around the world.

Note to readers: On December 1, 2020, the Libra Association was renamed to Diem Association. The project repos are in the process of being migrated. A

Diem 16.2k Nov 27, 2021
Skybase is an extremely fast, secure and reliable real-time NoSQL database with automated snapshots and SSL

Skybase The next-generation NoSQL database What is Skybase? Skybase (or SkybaseDB/SDB) is an effort to provide the best of key/value stores, document

Skybase 492 Nov 29, 2021
GitHub Actions for mdBook (rust-lang/mdBook) โšก๏ธ Setup mdBook quickly and build your site fast. Linux (Ubuntu), macOS, and Windows are supported.

GitHub Actions for mdBook rust-lang/mdBook Setup Action. We can run mdBook on a virtual machine of GitHub Actions by this mdBook action. Linux, macOS,

Shohei Ueda 160 Nov 30, 2021
Docker images for compiling static Rust binaries using musl-libc and musl-gcc, with static versions of useful C libraries. Supports openssl and diesel crates.

rust-musl-builder: Docker container for easily building static Rust binaries Source on GitHub Changelog UPDATED: Major updates in this release which m

Eric Kidd 1k Nov 24, 2021
Execution of and interaction with external processes and pipelines

subprocess The subprocess library provides facilities for execution of and interaction with external processes and pipelines, inspired by Python's sub

Hrvoje Nikลกiฤ‡ 314 Nov 9, 2021
create and test the style and formatting of text in your terminal applications

description: create and test the style and formatting of text in your terminal applications docs: https://docs.rs/termstyle termstyle is a library tha

Rett Berg 18 Jul 3, 2021
Fast and efficient ed25519 signing and verification in Rust.

ed25519-dalek Fast and efficient Rust implementation of ed25519 key generation, signing, and verification in Rust. Documentation Documentation is avai

dalek cryptography 445 Nov 20, 2021
A rust drawing library for high quality data plotting for both WASM and native, statically and realtimely ๐Ÿฆ€ ๐Ÿ“ˆ๐Ÿš€

Plotters - A Rust drawing library focus on data plotting for both WASM and native applications ?? ?? ?? Plotters is drawing library designed for rende

Hao Hou 1.7k Nov 22, 2021
Victorem - easy UDP game server and client framework for creating simple 2D and 3D online game prototype in Rust.

Victorem Easy UDP game server and client framework for creating simple 2D and 3D online game prototype in Rust. Example Cargo.toml [dependencies] vict

Victor Winbringer 18 Nov 8, 2021
Rust bindings to Core Foundation and other low level libraries on Mac OS X and iOS

core-foundation-rs Compatibility Targets macOS 10.7 by default. To enable features added in macOS 10.8, set Cargo feature mac_os_10_8_features. To hav

Servo 486 Nov 25, 2021