JWTCracker is a very simple command line application used to look for JWT secret using brute force method.
This library is created purely for learning pouropses- if you are looking for real tool for cracking JSON Web Token you should probably take a look on Hashcat, JohnTheRipper, or c-jwt-cracker.
The application takes JWT as the only argument- it should automatically detect used alghoritm and start looking for the valid signature.
go run . <jwt-you-want-to-crack>
go build .
./<name of the created executable> <jwt-you-want-to-crack>
- HS256
- HS384
- HS512
Thanks to u/gnisten_ for fixing header recognition.