🔐 JWT Decoder & Analyzer
Decode any JWT — inspect the header and payload, and get an automatic vulnerability analysis. The signature is never transmitted; all decoding is done server-side with no external calls.
⚡ The alg:none Attack — Interactive Demo
See how an attacker forges a JWT by stripping the signature when the server accepts alg:none.
Attacker intercepts a token belonging to a regular user (role: "user").
eyJzdWIiOiJ1c2VyXzEyMyIsInJvbGUiOiJhZG1pbiJ9 (role: admin)
Changes alg to "none" in the header, role to "admin" in the payload. Both are just base64 — no key needed.
If the server accepts alg:none, it skips signature verification — and the attacker is now "admin".
The fix: Always explicitly whitelist allowed algorithms server-side. Never accept alg:none from untrusted input. Use a JWT library that rejects alg:none by default — most modern ones do.
📚 How JWTs Work and Common Vulnerabilities
A JWT (JSON Web Token) is a compact, URL-safe string that carries claims between parties. It has three parts separated by dots: Header.Payload.Signature.
Header — declares the token type and signing algorithm (e.g. HS256, RS256).
Payload — contains the claims: who the user is, their role, when the token expires. This is encoded (base64), not encrypted — anyone can read it.
Signature — a cryptographic hash of the header + payload using a secret key. Prevents tampering — if the server validates it.
Key insight: The payload is public data. Never store passwords, secrets, or sensitive PII in a JWT. The signature only proves the token wasn't modified — it provides no confidentiality.