Hacksudo JWT X-Ray ์ ์์: Hacksudo
JWT inspection, analysis, builder and lightweight request modifier for security testing inside Firefox.
์คํ์ ์คํ์
Androidโข์ฉ Firefox์์ ์ฌ์ฉ ๊ฐ๋ฅAndroidโข์ฉ Firefox์์ ์ฌ์ฉ ๊ฐ๋ฅ
ํ์ฅ ๋ฉํ ๋ฐ์ดํฐ
์ ๋ณด
๐ก Hacksudo JWT X-Ray
JWT Inspection, Analysis, Builder & Lightweight Request Modifier
Built by Vishal Waghmare โ hacksudo.com
๐ OVERVIEW
Hacksudo JWT X-Ray is a Firefox extension designed for security researchers, bug bounty hunters, developers, and cybersecurity students.
It allows you to detect, decode, analyze, edit, and re-encode JWT tokens directly inside your browser.
โจ FEATURES
๐ Automatic JWT Detection
โข Detects JWT in Authorization headers
โข Detects JWT in cookies
โข Detects JWT in LocalStorage / SessionStorage
โข Stores detected tokens in history
๐ง Smart Security Analysis
โข Detects alg=none
โข Checks missing exp, iat, iss, aud
โข Detects expired tokens
โข Identifies long-lived tokens
โข Highlights sensitive claims (admin, role, scope, permissions)
๐งฉ Token Builder
โข Edit header & payload JSON
โข Re-encode unsigned tokens
โข Re-sign tokens using:
- HS256
- HS384
- HS512
โข Load edited token into decoder
๐ Token Compare
โข Compare two tokens
โข Highlight changed claims
โข Useful for privilege testing
๐ Rule-Based Request Modifier
โข Apply Authorization Bearer token
โข Inject cookies
โข URL-based rule matching (contains, startsWith, regex)
๐ Token History
โข Stores up to 50 detected tokens
โข Shows source, URL, timestamp
โข Click to instantly load
โ ๏ธ DISCLAIMER
This tool is intended strictly for:
โข Authorized penetration testing
โข Security research
โข Educational use
Do NOT use against systems without permission.
๐ Author
Vishal Waghmare
https://hacksudo.com
JWT Inspection, Analysis, Builder & Lightweight Request Modifier
Built by Vishal Waghmare โ hacksudo.com
๐ OVERVIEW
Hacksudo JWT X-Ray is a Firefox extension designed for security researchers, bug bounty hunters, developers, and cybersecurity students.
It allows you to detect, decode, analyze, edit, and re-encode JWT tokens directly inside your browser.
โจ FEATURES
๐ Automatic JWT Detection
โข Detects JWT in Authorization headers
โข Detects JWT in cookies
โข Detects JWT in LocalStorage / SessionStorage
โข Stores detected tokens in history
๐ง Smart Security Analysis
โข Detects alg=none
โข Checks missing exp, iat, iss, aud
โข Detects expired tokens
โข Identifies long-lived tokens
โข Highlights sensitive claims (admin, role, scope, permissions)
๐งฉ Token Builder
โข Edit header & payload JSON
โข Re-encode unsigned tokens
โข Re-sign tokens using:
- HS256
- HS384
- HS512
โข Load edited token into decoder
๐ Token Compare
โข Compare two tokens
โข Highlight changed claims
โข Useful for privilege testing
๐ Rule-Based Request Modifier
โข Apply Authorization Bearer token
โข Inject cookies
โข URL-based rule matching (contains, startsWith, regex)
๐ Token History
โข Stores up to 50 detected tokens
โข Shows source, URL, timestamp
โข Click to instantly load
โ ๏ธ DISCLAIMER
This tool is intended strictly for:
โข Authorized penetration testing
โข Security research
โข Educational use
Do NOT use against systems without permission.
๐ Author
Vishal Waghmare
https://hacksudo.com
0๋ช
์ด 0์ ์ผ๋ก ํ๊ฐํจ
๊ถํ ๋ฐ ๋ฐ์ดํฐ
ํ์ ๊ถํ:
- ๋ธ๋ผ์ฐ์ ํญ์ ์ ๊ทผ
- ๋ชจ๋ ์น์ฌ์ดํธ์์ ์ฌ์ฉ์์ ๋ฐ์ดํฐ์ ์ ๊ทผ
๋ฐ์ดํฐ ์์ง:
- ๊ฐ๋ฐ์๊ฐ ์ด ํ์ฅ ๊ธฐ๋ฅ์ ๋ฐ์ดํฐ ์์ง์ด ํ์ํ์ง ์๋ค๊ณ ํฉ๋๋ค.
์ถ๊ฐ ์ ๋ณด
- ๋ถ๊ฐ ๊ธฐ๋ฅ ๋งํฌ
- ๋ฒ์
- 1.1.2
- ํฌ๊ธฐ
- 20.82 KB
- ๋ง์ง๋ง ์ ๋ฐ์ดํธ
- 16์ผ ์ (2026๋ 2์ 16์ผ)
- ๊ด๋ จ ์นดํ ๊ณ ๋ฆฌ
- ๋ผ์ด์ ์ค
- Mozilla Public License 2.0
- ๊ฐ์ธ์ ๋ณด์ฒ๋ฆฌ๋ฐฉ์นจ
- ์ด ๋ถ๊ฐ ๊ธฐ๋ฅ์ ๋ํ ๊ฐ์ธ์ ๋ณด์ฒ๋ฆฌ๋ฐฉ์นจ ์ฝ๊ธฐ
- ๋ฒ์ ๋ชฉ๋ก
- ๋ชจ์์ง์ ์ถ๊ฐ