Jaeles v0.4 - The Swiss Army Knife For Automated Web Application Testing

Jaeles is a powerful, flexible and easily extensible framework written in Go for building your own Web Application Scanner.

Installation
Download precompiled version here.
If you have a Go environment, make sure you have Go >= 1.13 with Go Modules enable and run the following command.

GO111MODULE=on go get -u github.com/jaeles-project/jaeles

Please visit the Official Documention for more details.
Checkout Signature Repo for base signature and passive signature.

Usage
More usage here
Example commands.

jaeles scan -u http://example.com

jaeles scan -s signatures/common/phpdebug.yaml -U /tmp/list_of_urls.txt

jaeles scan -v --passive --verbose -s "signatures/cves/jira-*" -U /tmp/list_of_urls.txt -o /tmp/vuls

jaeles server --verbose -s sqli

Showcases
More showcase here

Detect Jira SSRF CVE-2019-8451

Burp Integration

Plugin can be found here and Video Guide here

Mentions
My introduction slide about Jaeles

Planned Features

Adding more signatures.
Adding more input sources.
Adding more APIs to get access to more properties of the request.
Adding proxy plugins to directly receive input from browser of http client.
~~Adding passive signature for passive checking each request.~~
Adding more action on Web UI.
Integrate with many other tools.

Credits

Special thanks to chaitin team for sharing ideas to me for build the architecture.
React components is powered by Carbon and carbon-tutorial.
Awesomes artworks are powered by Freepik at flaticon.com.

Download Jaeles

Jaeles v0.4 - The Swiss Army Knife For Automated Web Application Testing

Posting Komentar

Stegseek - Worlds Fastest Steghide Cracker, Chewing Through Millions Of Passwords Per Second

Formulir Kontak