Jaeles - The Swiss Army knife for automated Web Application Testing

Feb 21, 2020

Jaeles is a powerful, flexible and easily extensible framework written in Go for building your own Web Application Scanner.

Installation

Download precompiled version here.

If you have a Go environment, make sure you have Go >= 1.13 with Go Modules enable and run the following command.

GO111MODULE=on go get -u github.com/jaeles-project/jaeles

Please visit the Official Documention for more details.

Note: Checkout Signature Repo for base signature and passive signature.

Usage

More usage here

Example commands.

jaeles scan -s 'jira' -s 'ruby' -u target.com

jaeles scan -c 50 -s 'java' -x 'tomcat' -U list_of_urls.txt

jaeles scan -c 50 -s '/tmp/custom-signature/.*' -U list_of_urls.txt

cat urls.txt | grep 'interesting' | jaeles scan -c 50 -s 'fuzz/.*' -U list_of_urls.txt --proxy https://127.0.0.1:8080

jaeles server --verbose -s sqli

Showcases

Apache server status

Tableau Server Unauthenticated DOM XSS (CVE-2019-19719)

Rabbitmq Management Default Credentials

....

Author

Hakin9 TEAM
Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023