From securityonline.info
Features
- modify jwt (header/Payload)
- None Vulnerability
- RSA/HMAC confusion
- Sign a jwt with key
- Brute Force to guess the key
- crack jwt with regex to guess the key
- kid injection
- Jku Bypass
- X5u Bypass
MyJWT v1.4 releases: cracking, testing vulnerabilities on Json Web Token(JWT)