This project is a tool for solving JWT-related labs from PortSwigger.
- Clone the repository:
git clone https://github.com/yourusername/jwt-portswigger-lab-solver.git- Navigate to the project directory:
cd jwt-portswigger-lab-solver- Install the required dependencies:
pip install -r requirements.txtRun the script with the following command:
python3 jwt-attack.py -s 'https://example.com/' -x '127.0.0.1:8080' -i --deleteReplace https://example.com/ with the target website URL.
-u,--username: Username to authenticate with (default: wiener)-p,--password: Password to authenticate with (default: peter)-s,--website: Base URL of the target website-x,--proxy: Proxy server to use (e.g., 127.0.0.1:8080)-i,--ignore-cert: Ignore SSL certificate validation-d,--delete: Delete Carlos-w,--wordlist: Path to JWT secrets wordlist file