testing-for-json-web-token-vulnerabilities

# Testing for JSON Web Token Vulnerabilities ## When to Use - When testing applications using JWT for authentication and session management - During API security assessments where JWTs are used for authorization - When evaluating OAuth 2.0 or OpenID Connect implementations using JWT - During penetration testing of single sign-on (SSO) systems - When auditing JWT library configurations for known vulnerabilities ## Prerequisites - jwt_tool (Python JWT exploitation toolkit) - Burp Suite with JWT Editor extension - jwt.io for decoding and inspecting JWT structure - Understanding of JWT structure (header.payload.signature) and algorithms (HS256, RS256) - hashcat or john for brute-forcing weak JWT secrets - Python PyJWT library for custom JWT forging scripts - Access to application using JWT-based authentication > **Legal Notice:** This skill is for authorized security testing and educational purposes only. Unauthorized use against systems you do not own or have written permission to test is illegal and may violate computer fraud laws. ## Workflow ### Step 1 — Decode and Analyze JWT Structure ```bash # Install jwt_tool pip install pyjwt git clone https://github.com/ticarpi/jwt_tool.git # Decode JWT without verification python3 jwt_tool.py <JWT_TOKEN> # Decode manually with base64 echo "<header_base64>" | base64 -d echo "<payload_base64>" | base64 -d # Examine JWT in jwt.io # Check: algorithm (alg), key ID (kid), issuer (iss), audience (aud) # Check: expiration (exp), not-b...