Cracking JSON Web Tokens - Ethical Hacking

Tools used:

1. jwt_tool: a tool for methodologies, techniques and exploits for json web tokens.

Source code: https://github.com/ticarpi/jwt_tool

Misconfigurations:

1. Using decode function instead of verify function to check for valid JWT tokens on the server.

Other techniques:

1. Algorithm confusion

2. Header injections