Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/jaeles-project/jaeles
The Swiss Army knife for automated Web Application Testing
https://github.com/jaeles-project/jaeles
bugbounty golang hacking infosec jaeles scanner security-tools vulnerabilities web-scanner
Last synced: 7 days ago
JSON representation
The Swiss Army knife for automated Web Application Testing
- Host: GitHub
- URL: https://github.com/jaeles-project/jaeles
- Owner: jaeles-project
- License: mit
- Created: 2019-11-15T04:57:24.000Z (about 5 years ago)
- Default Branch: master
- Last Pushed: 2024-05-08T10:05:21.000Z (7 months ago)
- Last Synced: 2024-10-29T15:35:11.850Z (about 1 month ago)
- Topics: bugbounty, golang, hacking, infosec, jaeles, scanner, security-tools, vulnerabilities, web-scanner
- Language: Go
- Homepage: https://jaeles-project.github.io/
- Size: 573 KB
- Stars: 2,158
- Watchers: 78
- Forks: 318
- Open Issues: 33
-
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
Awesome Lists containing this project
- awesome-bugbounty-tools - jaeles - The Swiss Army knife for automated Web Application Testing (Miscellaneous / Vulnerability Scanners)
- WebHackersWeapons - jaeles - project/jaeles?label=%20)|[`live-audit`](/categorize/tags/live-audit.md)|![linux](/images/linux.png)![macos](/images/apple.png)![windows](/images/windows.png)[![Go](/images/go.png)](/categorize/langs/Go.md)| (Weapons / Tools)
- awesome-hacking-lists - jaeles-project/jaeles - The Swiss Army knife for automated Web Application Testing (Go)
- StarryDivineSky - jaeles-project/jaeles
README
**Jaeles** is a powerful, flexible and easily extensible framework written in Go for building your own Web Application
Scanner.![Architecture](https://github.com/jaeles-project/jaeles-plugins/blob/master/imgs/jaeles-architecture.png?raw=true)
## Installation
Download [precompiled version here](https://github.com/jaeles-project/jaeles/releases).
If you have a Go environment, make sure you have **Go >= 1.17** with Go Modules enable and run the following command.
```shell
go install github.com/jaeles-project/jaeles@latest
```Please visit the [Official Documention](https://jaeles-project.github.io/) for more details.
### **Note**: Checkout [Signatures Repo](https://github.com/jaeles-project/jaeles-signatures) for install signature.
## Usage
```shell
# Scan Usage example:
jaeles scan -s -u
jaeles scan -c 50 -s -U -L
jaeles scan -c 50 -s -U
jaeles scan -c 50 -s -U -p 'dest=xxx.burpcollaborator.net'
jaeles scan -c 50 -s -U -f 'noti_slack "{{.vulnInfo}}"'
jaeles scan -v -c 50 -s -U list_target.txt -o /tmp/output
jaeles scan -s -s -u http://example.com
jaeles scan -G -s -s -x -u http://example.com
cat list_target.txt | jaeles scan -c 100 -s# Examples:
jaeles scan -s 'jira' -s 'ruby' -u target.com
jaeles scan -c 50 -s 'java' -x 'tomcat' -U list_of_urls.txt
jaeles scan -G -c 50 -s '/tmp/custom-signature/.*' -U list_of_urls.txt
jaeles scan -v -s '~/my-signatures/products/wordpress/.*' -u 'https://wp.example.com' -p 'root=[[.URL]]'
cat urls.txt | grep 'interesting' | jaeles scan -L 5 -c 50 -s 'fuzz/.*' -U list_of_urls.txt --proxy http://127.0.0.1:8080
jaeles server -s '/tmp/custom-signature/sensitive/.*' -L 2 --fi```
More usage can be found [here](https://jaeles-project.github.io/usage/)
## Run with Docker
```shell
docker pull j3ssie/jaeles
docker run j3ssie/jaeles scan -s '' -u http://example.com
```## Showcases
| [![asciicast](https://asciinema.org/a/392827.svg)](https://asciinema.org/a/392827) [**Jenkins Gitlab XSS CVE-2020-2096**](https://asciinema.org/a/392827) | [![asciicast](https://asciinema.org/a/392822.svg)](https://asciinema.org/a/392822) [**Grafana DoS Probing CVE-2020-13379**](https://asciinema.org/a/392822) |
|:----------:|:-------------:|
| [![asciicast](https://asciinema.org/a/392824.svg)](https://asciinema.org/a/392824) [**SolarWindsOrion LFI CVE-2020-10148**](https://asciinema.org/a/392824) | [![asciicast](https://asciinema.org/a/392821.svg)](https://asciinema.org/a/392821) [**Nginx Vhost XSS**](https://asciinema.org/a/392821) |More showcase can be found here
***
### HTML Report summary
![HTML Report](https://github.com/jaeles-project/jaeles-plugins/blob/master/assets/jaeles-report.png?raw=true)
### Burp Integration
![Burp Integration](https://github.com/jaeles-project/jaeles-plugins/blob/master/imgs/Burp-Integration.gif?raw=true)
Plugin can be found [here](https://github.com/jaeles-project/jaeles-plugins/blob/master/jaeles-burp.py) and Video
Guide [here](https://youtu.be/1lxsYhfTq3M)## Mentions
[My introduction slide about Jaeles](https://speakerdeck.com/j3ssie/jaeles-the-swiss-army-knife-for-automated-web-application-testing)
### Planned Features
* Adding more signatures.
* Adding more input sources.
* Adding more APIs to get access to more properties of the request.
* Adding proxy plugins to directly receive input from browser of http client.
* Adding more action on Web UI.
* Integrate with many other tools.## Painless integrate Jaeles into your recon workflow?
This project was part of Osmedeus Engine. Check out how it was integrated at @OsmedeusEngine
## Contribute
If you have some new idea about this project, issue, feedback or found some valuable tool feel free to open an issue for
just DM me via @j3ssiejjj. Feel free to submit new signature to
this [repo](https://github.com/jaeles-project/jaeles-signatures).### Credits
* Special thanks to [chaitin](https://github.com/chaitin/xray) team for sharing ideas to me for build the architecture.
* React components is powered by [Carbon](https://www.carbondesignsystem.com/)
and [carbon-tutorial](https://github.com/carbon-design-system/carbon-tutorial).* Awesomes artworks are powered by [Freepik](http://freepik.com) at [flaticon.com](http://flaticon.com).
## In distributions
[![Packaging status](https://repology.org/badge/vertical-allrepos/jaeles.svg)](https://repology.org/project/jaeles/versions)
## Contributors
### Code Contributors
This project exists thanks to all the people who contribute. [[Contribute](CONTRIBUTING.md)].
### Financial Contributors
Become a financial contributor and help us sustain our
community. [[Contribute](https://opencollective.com/jaeles-project/contribute)]#### Individuals
#### Organizations
Support this project with your organization. Your logo will show up here with a link to your
website. [[Contribute](https://opencollective.com/jaeles-project/contribute)]## License
`Jaeles` is made with ♥ by [@j3ssiejjj](https://twitter.com/j3ssiejjj) and it is released under the MIT license.
## Donation
[![paypal](https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif)](https://paypal.me/j3ssiejjj)
[!["Buy Me A Coffee"](https://www.buymeacoffee.com/assets/img/custom_images/orange_img.png)](https://www.buymeacoffee.com/j3ssie)