https://github.com/yourpwnguy/jwt
Simple, fast, and efficient tool for decoding JWT tokens, supporting base64 and JSON Web Token (JWT) formats.
https://github.com/yourpwnguy/jwt
cli efficient jwt websecurity
Last synced: 11 days ago
JSON representation
Simple, fast, and efficient tool for decoding JWT tokens, supporting base64 and JSON Web Token (JWT) formats.
- Host: GitHub
- URL: https://github.com/yourpwnguy/jwt
- Owner: yourpwnguy
- License: mit
- Created: 2024-04-17T10:45:10.000Z (about 2 years ago)
- Default Branch: main
- Last Pushed: 2025-12-28T13:41:22.000Z (4 months ago)
- Last Synced: 2026-01-12T14:53:23.497Z (3 months ago)
- Topics: cli, efficient, jwt, websecurity
- Language: Go
- Homepage:
- Size: 89.8 KB
- Stars: 5
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
Simple, fast, and efficient tool for decoding JWT tokens, supporting base64 and JSON Web Token (JWT) formats..
## Features π‘
- Decode JWT tokens and print their contents in JSON format.
- Supports decoding JWT tokens provided as strings or stored in files.
## Installation π οΈ
To install the JWT tool, you can simply use the following command.
```bash
go install -v "github.com/yourpwnguy/jwt/cmd/jwt@latest"
# Do the below step only if your "~/go/bin" is not in PATH
cp ~/go/bin/refine /usr/local/bin/
```
## Usage π
```yaml
Usage: jwt [options]
Options: [flag] [argument] [Description]
INPUT:
-t string JWT token string to decode
-tL FILE File containing list of JWT tokens
DEBUG:
-v none Check current version
```
## Examples π
- Decoding a JWT String
```bash
$ jwt -t "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
Token 1:
{
"header": {
"alg": "HS256",
"typ": "JWT"
},
"payload": {
"iat": 1516239022,
"name": "John Doe",
"sub": "1234567890"
},
"signature": "SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
}
```
- Decode JWT tokens stored in a file:
```bash
$ jwt -tL tokens.txt
Token 1:
{
"header": {
"alg": "HS256",
"typ": "JWT"
},
"payload": {
"data_key": "secret",
"iat": 1516239022,
"name": "Breake",
"payload": "the text of the token in Token String"
},
"signature": "d2wZRIuXyfzjs4tXz7DfQgnB80heGvZoBIt1x4lIvZM"
}
Token 2:
{
"header": {
"alg": "HS256",
"kid": "12345",
"typ": "JWT"
},
"payload": {
"aud": [
"example.com",
"another-example.com"
],
"custom_claim": "custom_value",
"email": "john.doe@example.com",
"exp": 1716239022,
"iat": 1616239022,
"iss": "example.com",
"jti": "unique-token-id",
"metadata": {
"device": "iPhone",
"ip": "192.168.1.1",
"location": "San Francisco"
},
"name": "John Doe",
"nbf": 1616239022,
"permissions": {
"admin": [
"read",
"write",
"delete"
],
"user": [
"read"
]
},
"preferences": {
"language": "en-US",
"theme": "dark"
},
"roles": [
"admin",
"user"
],
"sub": "user123"
},
"signature": "SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
}
```
## But Why Use Our Toolβ
We understand and appreciate that jwt.io provides a web-based solution for decoding JWT tokens, however our CLI tool offers the advantage of decoding offline. By keeping your tokens local, there's no risk of sensitive information landing in a website's database, ensuring your data remains secure and private. Yes, we are talking about you privacy-conscious users.
## Contributing π€
Contributions are welcome! If you have any suggestions, bug reports, or feature requests, feel free to open an issue or submit a pull request.