Jwt token decoder and modifier & jwt Editor keys plugins

[0xtr1]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help us know what to work on
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request

Description

Caido should introduce a plugin for viewing, decoding, and modifying JWTs because it would streamline security testing involving token-based authentication systems. Security professionals often need to inspect JWT claims, manipulate tokens, and test vulnerabilities like signature misconfigurations or weak encryption. A built-in JWT editor with key management would allow users to easily modify headers, payloads, and signatures, re-sign tokens, and test different algorithms, enhancing penetration testing efficiency. Additionally, this feature would simplify the testing of access control, session management, and token replay vulnerabilities, making Caido more versatile for modern web application security testing.

[JacoZwarts]

@Sytten would love to contribute, started working on it: https://github.com/JacoZwarts/JWTZcoder

[Sytten]

@JacoZwarts Alright, dont hesitate to reach out if you need help. We are present on discord for instant messaging or here otherwise :) Thank you in advance for your contribution, we appreciate it very much :)