A tool to test security of json web token

Node JS , Typescript , Express based reactive microservice starter project for REST and GraphQL APIs

OWASP PTK - application security browser extension.

JWTLens - Burp Suite extension for automated JWT security testing. 62 checks: passive scanning, algorithm confusion, signature bypass, KID injection, weak secret brute force, and a built-in JWT Forge tab. Works automatically as you browse.

Spring boot with JWT security and refresh token.

Implementing JWT security based using Spring boot

A comprehensive Food Delivery System built with Spring Boot providing RESTful APIs for managing restaurants, menu items, orders, and users. Features JWT authentication, role-based authorization, order tracking, and complete restaurant management capabilities.

🔭 JWTelescope is an advanced CLI tool for decoding, inspecting, and performing security analysis on JSON Web Tokens (JWTs). It is designed for bug bounty hunters, pentesters, and developers who want fast insight into JWT structure, claims, and common misconfigurations.

A browser-based JWT security toolkit that decodes, audits, brute-forces weak secrets, forges tampered tokens, and simulates real-world attacks — with instant Python/PyJWT fix code generation.

Detect and test JSON Web Tokens for security flaws with automated checks in Burp Suite extensions, including token analysis and active exploitation.

A lightweight offensive security recon framework for modern bug bounty workflows.

A .NET CLI tool that performs static analysis on C# source code to detect insecure or misconfigured JWT authentication patterns.

This project demonstrates production-ready JWT security with Spring Security 6, role-based access control, token revocation, and comprehensive API documentation. Includes H2 database, password encryption, and protected endpoints with full logout functionality.

A high-scale, task management ecosystem built with Spring Boot 4.0.2 and Java 25. Features a trustless JWT security model, cross-service orchestration via OpenFeign, and high availability through Resilience4j and Eureka service discover

JWT Analyzer is a C# CLI tool that reads, scans, and edits JSON Web Tokens for security analysis. It helps identify common JWT misconfigurations, decode claims, and modify tokens for testing purposes. Designed as an early-stage project for educational and authorized security testing.

Realtime Collaboration Lab for the Software Architecture (ARSW) course at Escuela Colombiana de Ingeniería Julio Garavito. This project integrates Socket.IO and STOMP/WebSocket protocols to enable live drawing synchronization across distributed clients with a secure JWT handoff from a React frontend to multiple backends with room and topic based.

TwitterLite Microservices & Auth0 project for the Enterprise Architecture (AREP) course at Escuela Colombiana de Ingeniería Julio Garavito. It demonstrates an architectural evolution from a Spring Boot Monolith to a Serverless AWS Lambda ecosystem. Secured with Auth0, the platform uses Amazon DynamoDB for NoSQL persistence, API Gateway, React SPA

JWT Security Analyzer is a security-focused web application built with FastAPI that inspects JSON Web Tokens, detects common misconfigurations and vulnerabilities, and provides a structured security report with a calculated risk score.

STOMP WebSocket Backend for the Software Architecture (ARSW) course at Escuela Colombiana de Ingeniería Julio Garavito. Built with Java 21 and Spring Boot 3.3, this service acts as a message broker for real-time collaborative drawing. It implements the STOMP protocol over WebSockets, featuring topic-based broadcasting, payload validation, and JWT.

React Modernization Lab for the Software Architecture (ARSW) course at Escuela Colombiana de Ingeniería Julio Garavito. This project transforms the classic Blueprints frontend into a high-performance Single Page Application (SPA) using React + Vite, Redux Toolkit for global state management, and Axios with JWT interceptors.