Awesome
<div align=center> <h1> <img src="https://github.com/user-attachments/assets/e93900d2-3fbb-4724-8d26-69659f2c5994" alt="JWT Online Cracker" /> </h1> </div>Brute-force HS256, HS384 or HS512 JWT Token from your browser. Using exclusively 100% client-side JavaScript. No installation needed.
<div align=center> <a href="https://jwt-cracker.online">https://jwt-cracker.online</a> </div>Demo :
https://github.com/user-attachments/assets/61c2abd2-5832-433a-bc92-54411db8860e
Made with Vue 3 (with TypeScript, 0 dependency) using web workers and a futuristic looking UI.
Contributions are welcome!
Features
- HS256, HS384, HS512
- Bruteforcing with custom character set
- Bruteforcing with custom length
- Dictionary attack with a preset of lists
- Custom dictionary (#1)
- Timer and other statistics
- Bruteforcing using webassembly (#2)
- Notification when finished (#3)
Running locally
Recommended IDE Setup
VSCode + Volar (and disable Vetur) + TypeScript Vue Plugin (Volar).
Type Support for .vue Imports in TS
TypeScript cannot handle type information for .vue imports by default, so we replace the tsc CLI with vue-tsc for type checking. In editors, we need TypeScript Vue Plugin (Volar) to make the TypeScript language service aware of .vue types.
If the standalone TypeScript plugin doesn't feel fast enough to you, Volar has also implemented a Take Over Mode that is more performant. You can enable it by the following steps:
- Disable the built-in TypeScript Extension
- Run
Extensions: Show Built-in Extensionsfrom VSCode's command palette - Find
TypeScript and JavaScript Language Features, right click and selectDisable (Workspace)
- Run
- Reload the VSCode window by running
Developer: Reload Windowfrom the command palette.
Customize configuration
See Vite Configuration Reference.
Project Setup
npm install
Compile and Hot-Reload for Development
npm run dev
Type-Check, Compile and Minify for Production
npm run build
Lint with ESLint
npm run lint