Jaeles is a powerful, flexible and easily extensible framework written in Go for building your own Web Application Scanner.
Download precompiled version here.
If you have a Go environment, make sure you have Go >= 1.13 with Go Modules enable and run the following command.
GO111MODULE=on go get -u github.com/jaeles-project/jaeles
Please visit the Official Documention for more details.
Note: Checkout Signature Repo for base signature and passive signature.
More usage here
jaeles scan -s 'jira' -s 'ruby' -u target.com jaeles scan -c 50 -s 'java' -x 'tomcat' -U list_of_urls.txt jaeles scan -c 50 -s '/tmp/custom-signature/.*' -U list_of_urls.txt cat urls.txt | grep 'interesting' | jaeles scan -c 50 -s 'fuzz/.*' -U list_of_urls.txt --proxy http://127.0.0.1:8080 jaeles server --verbose -s sqli
|Apache Server Status||Tableau DOM XSS CVE-2019-19719|
|RabbitMQ Default Credentials||Jenkins XSS CVE-2020-2096|
- Adding more signatures.
- Adding more input sources.
- Adding more APIs to get access to more properties of the request.
- Adding proxy plugins to directly receive input from browser of http client.
Adding passive signature for passive checking each request.
- Adding more action on Web UI.
- Integrate with many other tools.
If you have some new idea about this project, issue, feedback or found some valuable tool feel free to open an issue for just DM me via @j3ssiejjj. Feel free to submit new signature to this repo.
Special thanks to chaitin team for sharing ideas to me for build the architecture.
This project exists thanks to all the people who contribute. [Contribute].
Become a financial contributor and help us sustain our community. [Contribute]
Support this project with your organization. Your logo will show up here with a link to your website. [Contribute]
Jaeles is made with ♥ by @j3ssiejjj and it is released under the MIT license.