bb_jwt_attack
Test JSON Web Tokens for vulnerabilities including none signature, KID injection, and algorithm confusion (RS256 to HS256) to bypass authentication.
Instructions
JWT 攻击 — None 签名/KID 注入/算法混淆 (RS256→HS256)
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| mode | No | none | |
| token | Yes | ||
| public_key | No | ||
| verify_url | No | ||
| payload_override | No |
Output Schema
| Name | Required | Description | Default |
|---|---|---|---|
| result | Yes |