JWT dashboard extension for Burp.
- A single view for all JWTs (Because lets be honest it needs it) found during your testing that intigrates with all other (as of today) JWT tools found in the Burp extensions market place.
- Makes 1 single view to work with JWTs in the tool vs a dozen little windows.
- Adds a prompt to intigrate with Gen AI to expand on the other tools.
- Burp Suite Professional with or without AI features enabled
- Montoya API 2025.8 or later
- Java 17+ runtime environment
- Download the repo
- Open Burp Suite Professional
- Go to Extensions → Installed → Add
- Select Python as extension type
- Choose the py file and click Next
- Tool runs passive.
- It will look for JWTs in Proxy history if you turn on extensions in you scanner.
- From there you can stay in the tool or work with others ones through this extension
This tool is designed for authorized security testing only.
- ✅ Use only on systems you own or have explicit permission to test
- ✅ Follow responsible disclosure practices
- ✅ Designed for security improvements
- ❌ Not intended for malicious activities
This extension is designed for authorized security testing and educational purposes. Use responsibly and in accordance with applicable laws and regulations.
Credits: Readme inspired by https://github.com/PortSwigger/graphql-security-tester
