
Jaeles is a powerful, flexible and easily extensible framework written in Go for building your own Web Application Scanner.
Installation
Download precompiled version here.
If you have a Go environment, make sure you have Go >= 1.13 with Go Modules enable and run the following command.
GO111MODULE=on go get -u github.com/jaeles-project/jaeles
Please visit the Official Documention for more details.
Note: Checkout Signature Repo for base signature and passive signature.
Usage
More usage here
Example commands.
jaeles scan -s 'jira' -s 'ruby' -u target.com
jaeles scan -c 50 -s 'java' -x 'tomcat' -U list_of_urls.txt
jaeles scan -c 50 -s '/tmp/custom-signature/.*' -U list_of_urls.txt
cat urls.txt | grep 'interesting' | jaeles scan -c 50 -s 'fuzz/.*' -U list_of_urls.txt --proxy http://127.0.0.1:8080
jaeles server --verbose -s sqli
Showcases
Apache server status
Tableau Server Unauthenticated DOM XSS (CVE-2019-19719)
Rabbitmq Management Default Credentials
Jenkins Unauthenticated Gitlab XSS (CVE-2020-2096)
More showcase can be found here
Burp Integration
Plugin can be found here and Video Guide here
Mentions
My introduction slide about Jaeles
Planned Features
- Adding more signatures.
- Adding more input sources.
- Adding more APIs to get access to more properties of the request.
- Adding proxy plugins to directly receive input from browser of http client.
Adding passive signature for passive checking each request.- Adding more action on Web UI.
- Integrate with many other tools.
Contribute
If you have some new idea about this project, issue, feedback or found some valuable tool feel free to open an issue for just DM me via @j3ssiejjj. Feel free to submit new signature to this repo.
Credits
- Special thanks to chaitin team for sharing ideas to me for build the architecture.
- React components is powered by Carbon and carbon-tutorial.
- Awesomes artworks are powered by Freepik at flaticon.com.
In distributions
Contributors
Code Contributors
This project exists thanks to all the people who contribute. [Contribute].
Financial Contributors
Become a financial contributor and help us sustain our community. [Contribute]
Individuals
Organizations
Support this project with your organization. Your logo will show up here with a link to your website. [Contribute]
License
Jaeles
is made with ♥ by @j3ssiejjj and it is released under the MIT license.
More information: https://jaeles-project.github.io
More demo videos: https://www.youtube.com/playlist?list=PLqpLl_iGMLnCBBC-TQZVxQAoFXWjTlGoV
Author

- Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.
Latest Articles
Blog2022.12.13What are the Common Security Weaknesses of Cloud Based Networks?
Blog2022.10.12Vulnerability management with Wazuh open source XDR
Blog2022.08.29Deception Technologies: Improving Incident Detection and Response by Alex Vakulov
Blog2022.08.25Exploring the Heightened Importance of Cybersecurity in Mobile App Development by Jeff Kalwerisky