Commands

JWT-HACK provides a comprehensive set of commands for JWT security testing and analysis. Each command is designed for specific tasks in the JWT testing workflow.

Available Commands

decode - Decode and analyze JWT/JWE tokens
encode - Create JWT tokens with custom payloads
verify - Verify JWT signatures and expiration
crack - Crack JWT secrets using dictionary or brute force
payload - Generate attack payloads for security testing
scan - Scan for JWT vulnerabilities
server - Run JWT-HACK as an API server
mcp - Model Context Protocol server mode

Command Structure

All commands follow a consistent structure:

jwt-hack <command> [OPTIONS] <ARGUMENTS>

Get help for any command:

jwt-hack <command> --help

Commands

Available Commands

Command Structure

ON THIS PAGE