jwtforge. Attacker-minded, 100% client-side JWT toolkit — decode, audit & forge tokens. Generates alg:none, key-confusion, kid-injection & brute-force attacks with ready-to-run curl/Burp/nuclei exports. The security alternative to jwt.io.

github.com/devploit/jwtforge

Problem

Audience

Updates

No founder updates yet. Check back soon.