Support Advanced JWE Attack Features #85
Description
Description:
jwt-hack supports JWE encode/decode but lacks advanced attack capabilities for JWE, such as encrypted key brute-forcing or padding oracle attacks. As JWE usage grows, adding these features would make the tool more robust.
Proposed Solution:
- Add a JWE-specific crack mode for brute-forcing encrypted keys.
- Implement padding oracle attack detection for vulnerable JWE implementations.
- Enhance decode to flag potential JWE misconfigurations.
Use Case:
Security researchers testing modern APIs with JWE would benefit from targeted attack modules.