Jaeles is a powerful, flexible and easily extensible framework written in Go for building your own Web Application Scanner. Installation Download precompiled version here. If you have a Go environment, make sure you have Go >= 1.13 with Go Modules enable and run the following command. GO111MODULE=on go get -u github.com/jaeles-project/jaeles Please visit the Official Documention for more details. Note: Checkout Signature Repo for base signature and passive signature. Usage More usage here Example commands. jaeles scan -s 'jira' -s 'ruby' -u target.com jaeles scan -c 50 -s 'java' -x 'tomcat' -U list_of_urls.txt jaeles scan -c 50 -s '/tmp/custom-signature/.*' -U list_of_urls.txt cat urls.txt | grep 'interesting' | jaeles scan -c 50 -s 'fuzz/.*' -U list_of_urls.txt --proxy https://127.0.0.1:8080 jaeles server --verbose -s sqli Showcases Apache server status Tableau Server Unauthenticated DOM XSS (CVE-2019-19719) Rabbitmq Management Default Credentials Jenkins Unauthenticated Gitlab XSS (CVE-2020-2096) More showcase can be found here Burp Integration Plugin....
Read the rest of this story with a free account.
Already have an account? Sign in
- Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.
- BlogDecember 13, 2022What are the Common Security Weaknesses of Cloud Based Networks?
- BlogOctober 12, 2022Vulnerability management with Wazuh open source XDR
- BlogAugust 29, 2022Deception Technologies: Improving Incident Detection and Response by Alex Vakulov
- BlogAugust 25, 2022Exploring the Heightened Importance of Cybersecurity in Mobile App Development by Jeff Kalwerisky