Hacksudo JWT X-Ray par Hacksudo
JWT inspection, analysis, builder and lightweight request modifier for security testing inside Firefox.
ExpérimentalExpérimental
Disponible sur Firefox pour AndroidâąDisponible sur Firefox pour Androidâą
2 utilisateurs·trices2 utilisateurs·trices
MĂ©tadonnĂ©es de lâextension
Ă propos de cette extension
đĄ Hacksudo JWT X-Ray
JWT Inspection, Analysis, Builder & Lightweight Request Modifier
Built by Vishal Waghmare â hacksudo.com
đ OVERVIEW
Hacksudo JWT X-Ray is a Firefox extension designed for security researchers, bug bounty hunters, developers, and cybersecurity students.
It allows you to detect, decode, analyze, edit, and re-encode JWT tokens directly inside your browser.
âš FEATURES
đ Automatic JWT Detection
âą Detects JWT in Authorization headers
âą Detects JWT in cookies
âą Detects JWT in LocalStorage / SessionStorage
âą Stores detected tokens in history
đ§ Smart Security Analysis
âą Detects alg=none
âą Checks missing exp, iat, iss, aud
âą Detects expired tokens
âą Identifies long-lived tokens
âą Highlights sensitive claims (admin, role, scope, permissions)
𧩠Token Builder
âą Edit header & payload JSON
âą Re-encode unsigned tokens
âą Re-sign tokens using:
- HS256
- HS384
- HS512
âą Load edited token into decoder
đ Token Compare
âą Compare two tokens
âą Highlight changed claims
âą Useful for privilege testing
đ Rule-Based Request Modifier
âą Apply Authorization Bearer token
âą Inject cookies
âą URL-based rule matching (contains, startsWith, regex)
đ Token History
âą Stores up to 50 detected tokens
âą Shows source, URL, timestamp
âą Click to instantly load
â ïž DISCLAIMER
This tool is intended strictly for:
âą Authorized penetration testing
âą Security research
âą Educational use
Do NOT use against systems without permission.
đ Author
Vishal Waghmare
https://hacksudo.com
JWT Inspection, Analysis, Builder & Lightweight Request Modifier
Built by Vishal Waghmare â hacksudo.com
đ OVERVIEW
Hacksudo JWT X-Ray is a Firefox extension designed for security researchers, bug bounty hunters, developers, and cybersecurity students.
It allows you to detect, decode, analyze, edit, and re-encode JWT tokens directly inside your browser.
âš FEATURES
đ Automatic JWT Detection
âą Detects JWT in Authorization headers
âą Detects JWT in cookies
âą Detects JWT in LocalStorage / SessionStorage
âą Stores detected tokens in history
đ§ Smart Security Analysis
âą Detects alg=none
âą Checks missing exp, iat, iss, aud
âą Detects expired tokens
âą Identifies long-lived tokens
âą Highlights sensitive claims (admin, role, scope, permissions)
𧩠Token Builder
âą Edit header & payload JSON
âą Re-encode unsigned tokens
âą Re-sign tokens using:
- HS256
- HS384
- HS512
âą Load edited token into decoder
đ Token Compare
âą Compare two tokens
âą Highlight changed claims
âą Useful for privilege testing
đ Rule-Based Request Modifier
âą Apply Authorization Bearer token
âą Inject cookies
âą URL-based rule matching (contains, startsWith, regex)
đ Token History
âą Stores up to 50 detected tokens
âą Shows source, URL, timestamp
âą Click to instantly load
â ïž DISCLAIMER
This tool is intended strictly for:
âą Authorized penetration testing
âą Security research
âą Educational use
Do NOT use against systems without permission.
đ Author
Vishal Waghmare
https://hacksudo.com
Noté 0 par 1 personne
Autorisations et données
Autorisations nécessaires :
- Accéder aux onglets du navigateur
- Accéder à vos données pour tous les sites web
Collecte de données :
- Le dĂ©veloppeur indique que cette extension nâa pas besoin de collecter de donnĂ©es.
Plus dâinformations
- Liens du module
- Version
- 1.1.2
- Taille
- 20,82Â Ko
- DerniĂšre mise Ă jour
- il y a 3 mois (16 févr. 2026)
- Catégories associées
- Licence
- Mozilla Public License 2.0
- Politique de confidentialité
- Lire la politique de confidentialité de ce module
- Historique des versions
- Ajouter Ă la collection