jwt_bruteforce
Discover vulnerabilities in HS256/HS384/HS512 JWTs by bruteforcing the secret using a common or custom wordlist, enabling secure JWT validation.
Instructions
Bruteforce the secret for HS256/HS384/HS512 JWTs using a common wordlist or a custom one.
Input Schema
Name | Required | Description | Default |
---|---|---|---|
token | Yes | ||
wordlist | No |
Input Schema (JSON Schema)
{
"properties": {
"token": {
"title": "Token",
"type": "string"
},
"wordlist": {
"anyOf": [
{
"items": {},
"type": "array"
},
{
"type": "null"
}
],
"default": null,
"title": "Wordlist"
}
},
"required": [
"token"
],
"title": "jwt_bruteforceArguments",
"type": "object"
}