Skip to content

jwt_tool v2.1.0

Choose a tag to compare

View all tags
@ticarpi ticarpi released this 11 Nov 21:31
· 37 commits to master since this release
2.1.0
bbaab18
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

jwt_tool v2.1.0

[+] NEW exploit: null signature (-X n)
[+] NEW scanner mode: Inject Common Claims (-M cc)
[+] additional checks in 'Playbook' scan mode (-M pb)
[+] multiple custom headers now supported (-rh)
[+] reflective JWKS URL created automatically in config file - for JKU/Spoof JWKS attacks (-X s)
[+] checks added for old/incompatible config files
[+] report on long HTTP response times
[+] Bugfixes

Assets 2
Loading