Skip to content

0xBl4nk/jwt-hammer

1 Branch0 Tags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

0xBl4nk0xBl4nk
Update README.md
Mar 10, 2025
a7cd1d7 · Mar 10, 2025

History

3 Commits
JWTHammer.go
JWTHammer.go
Mar 10, 2025
README.md
README.md
Mar 10, 2025

Repository files navigation

JWTHammer

A lightweight, CPU-based JWT signature brute force tool written in Go.

Overview

JWTHammer provides an alternative to GPU-based tools like Hashcat for cracking JWT signatures. It's designed to be simple, efficient, and work on systems without dedicated graphics hardware.

Features

  • Pure CPU implementation - no GPU required
  • Multithreaded design for better performance
  • Support for HMAC-SHA256 signatures (HS256)
  • Simple command-line interface
  • Memory-efficient wordlist processing

Installation

# Clone the repository
git clone https://github.com/yourusername/jwthammer
cd jwthammer

# Build the binary
go build -o jwthammer

# Or run directly
go run main.go <jwt_token> <wordlist_file>

Usage

./jwthammer <jwt_token> <wordlist_file>

Example

./jwthammer "<full-token>" rockyou.txt

Performance

Performance depends on your CPU and the size of your wordlist. JWTHammer automatically uses multiple workers to utilize available CPU cores.

Disclaimer

This tool is intended for security testing and educational purposes only. Always obtain proper authorization before testing security on any system you don't own.

About

brute-force jwt

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages