{"id":28989643,"url":"https://github.com/eshanized/jwtkit","last_synced_at":"2026-02-24T03:01:20.722Z","repository":{"id":289544433,"uuid":"971617507","full_name":"eshanized/JWTKit","owner":"eshanized","description":"JWTKit is a powerful web-based JWT hacking toolkit designed for ethical hackers and security researchers. Built with Flask and React, it allows you to analyze, manipulate, and exploit JSON Web Tokens for penetration testing. Ideal for discovering JWT vulnerabilities in web apps. Fast, intuitive, and open-source.","archived":false,"fork":false,"pushed_at":"2025-10-27T20:42:02.000Z","size":1724,"stargazers_count":0,"open_issues_count":25,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-10-30T00:55:01.828Z","etag":null,"topics":["cybersecurity","eshanized","javascript","jsonwebtoken","kit","python"],"latest_commit_sha":null,"homepage":"https://localhost:3000","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/eshanized.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":".github/SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-04-23T19:48:38.000Z","updated_at":"2025-04-28T21:08:01.000Z","dependencies_parsed_at":"2025-04-23T20:40:46.725Z","dependency_job_id":"6d2b28c7-d2ac-44f0-87d4-489d19bcdfee","html_url":"https://github.com/eshanized/JWTKit","commit_stats":null,"previous_names":["eshanized/jwtkit"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/eshanized/JWTKit","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eshanized%2FJWTKit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eshanized%2FJWTKit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eshanized%2FJWTKit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eshanized%2FJWTKit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/eshanized","download_url":"https://codeload.github.com/eshanized/JWTKit/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eshanized%2FJWTKit/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29770205,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-24T01:40:24.820Z","status":"online","status_checked_at":"2026-02-24T02:00:07.497Z","response_time":75,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cybersecurity","eshanized","javascript","jsonwebtoken","kit","python"],"created_at":"2025-06-24T23:11:59.264Z","updated_at":"2026-02-24T03:01:20.681Z","avatar_url":"https://github.com/eshanized.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# JWTKit - The Ultimate JWT Security Toolkit\n\n\u003cp align=\"center\"\u003e\n \u003cimg src=\"frontend/public/logo.svg\" alt=\"JWTKit Logo\" width=\"120\" /\u003e\n \u003ch1 align=\"center\" style=\"font-family: 'Segoe UI', Tahoma, Geneva, Verdana, sans-serif; color: #4A90E2;\"\u003eJWTKit\u003c/h1\u003e\n \u003cp align=\"center\" style=\"font-size: 1.2em; color: #666;\"\u003e\n \u003cstrong\u003eComprehensive JWT Security Analysis \u0026 Testing Platform\u003c/strong\u003e\n \u003c/p\u003e\n\u003c/p\u003e\n\n---\n\n## ๐Ÿš€ Features\n\n| Feature | Description |\n|---------|-------------|\n| ๐Ÿ” **JWT Decoder** | Decode and analyze JWT structure with color-coded visualization |\n| ๐Ÿ›ก๏ธ **Vulnerability Scanner** | Detect 20+ common JWT security issues |\n| ๐Ÿ” **Signature Verification** | Support for HS256, RS256, ES256 algorithms |\n| โšก **Performance Testing** | Benchmark JWT processing speed |\n| ๐Ÿ“Š **Security Reports** | Generate detailed security assessment reports |\n| ๐Ÿงช **Test Suite** | 50+ pre-built test cases for JWT validation |\n| ๐ŸŽญ **Attack Vectors** | Test various JWT attack vectors (Algorithm Confusion, Brute Force, Key Injection) |\n\n---\n\n## ๐Ÿ“ฆ Installation\n\n```bash\n# Clone the repository\ngit clone https://github.com/eshanized/JWTKit.git\ncd JWTKit\n\n# Install backend dependencies\npip install -r requirements.txt\n\n# Install frontend dependencies\ncd frontend\nnpm install --legacy-peer-deps\ncd ..\n\n# Start the backend\npython app.py\n\n# Start the frontend (in a new terminal)\ncd frontend\nnpm start\n```\n\n---\n\n## ๐Ÿ–ฅ๏ธ Modern Frontend UI\n\nThe JWTKit frontend features a modern, responsive UI built with:\n\n- **Material UI** - Sleek component library for consistent design\n- **Framer Motion** - Smooth animations for a dynamic feel\n- **Dark/Light Mode** - Toggle between themes for comfortable viewing\n- **Interactive Editors** - Visually edit JWT headers and payloads\n- **Reactive Visualization** - Real-time updates as you modify tokens\n\nThe interface is designed to be intuitive and user-friendly while providing powerful features for both security professionals and developers.\n\n---\n\n## ๐ŸŒŸ Features in Detail\n\n### Advanced Security Analysis\n- Algorithm confusion testing to detect signature bypasses\n- Signature verification with multiple algorithms\n- Expiration and claim validation\n- Issuer and audience checks for token authenticity\n\n### Offensive Security Tools\n- JWT cracking with dictionary attacks\n- Key injection attacks simulation\n- JWKS URL spoofing testing\n- Expiration-bypass techniques\n\n### Developer Tools\n- JWT generator with customizable payloads\n- Payload and header editors for token manipulation\n- Signature brute-forcing engine for security testing\n- Performance benchmarking for token processing speed\n\n---\n\n## ๐Ÿค Contributing\n\nWe welcome contributions! Follow these steps:\n\n1. Fork the project \n2. Create your feature branch (`git checkout -b feature/AmazingFeature`) \n3. Commit your changes (`git commit -m 'Add some amazing feature'`) \n4. Push to the branch (`git push origin feature/AmazingFeature`) \n5. Open a Pull Request and describe your changes\n\n---\n\n## ๐Ÿ“… Roadmap\n\n- [x] Core JWT analysis \n- [x] Vulnerability scanning \n- [x] Modern UI implementation\n- [ ] Mobile app support \n- [ ] CI/CD integration \n- [ ] Comprehensive API documentation \n\n---\n\n## โ“ FAQ\n\n**Q: Is JWTKit free to use?** \nA: Yes, JWTKit is fully open-source under the MIT license.\n\n**Q: Can I use JWTKit in production?** \nA: JWTKit is designed primarily for testing and security analysis, not for production use.\n\n---\n\n## ๐Ÿ“„ License\n\nDistributed under the MIT License. See the `LICENSE` file for details.\n\n---\n\n## ๐Ÿ“ฌ Contact\n\n**Eshanized** \nGitHub: [@eshanized](https://github.com/eshanized) \nEmail: m.eshanized@gmail.com \n\nProject Link: [https://github.com/eshanized/JWTKit](https://github.com/eshanized/JWTKit)\n\n---\n\n## ๐Ÿ™ Acknowledgements\n\n- [JWT.io](https://jwt.io) - JWT standard and tools \n- [OWASP](https://owasp.org) - Security best practices \n- [RFC 7519](https://tools.ietf.org/html/rfc7519) - JWT specification \n- [Material UI](https://mui.com/) - UI component library\n\n---\n\n\u003cp align=\"center\" style=\"font-size: 0.9em; color: #999;\"\u003e\n Made with โค๏ธ by the JWTKit Team\n\u003c/p\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feshanized%2Fjwtkit","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Feshanized%2Fjwtkit","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feshanized%2Fjwtkit/lists"}