Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/jaeles-project/jaeles-signatures

Default signature for Jaeles Scanner
https://github.com/jaeles-project/jaeles-signatures

bugbounty jaeles jaeles-signatures security vulnerability-scanner

Last synced: 9 days ago
JSON representation

Default signature for Jaeles Scanner

Host: GitHub
URL: https://github.com/jaeles-project/jaeles-signatures
Owner: jaeles-project
Created: 2019-11-14T08:45:26.000Z (about 5 years ago)
Default Branch: master
Last Pushed: 2022-04-09T08:18:38.000Z (over 2 years ago)
Last Synced: 2024-10-29T22:37:19.258Z (16 days ago)
Topics: bugbounty, jaeles, jaeles-signatures, security, vulnerability-scanner
Homepage: https://jaeles-project.github.io/signatures/
Size: 473 KB
Stars: 318
Watchers: 33
Forks: 72
Open Issues: 7
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml

Awesome Lists containing this project

README

        


  

  


    This project was part of Osmedeus Engine. Check out how it was integrated at @OsmedeusEngine

  


***



  


    This repo only contain Default Signatures for Jaeles project. Pull requests or any ideas are welcome.

  

  

  Please read the Official Documentation here for writing your own signature.

  


***

### Installation

```

jaeles config init

```

Or

Try to clone signatures folder to somewhere like this

```

git clone --depth=1 https://github.com/jaeles-project/jaeles-signatures /tmp/jaeles-signatures/

```

then reload them in the DB with this command.

```

jaeles config -a reload --signDir /tmp/jaeles-signatures

```

### Usage

```

Scan Usage example:

  jaeles scan -s  -u 

  jaeles scan -c 50 -s  -U  -L 

  jaeles scan -c 50 -s  -U 

  jaeles scan -c 50 -s  -U  -p 'dest=xxx.burpcollaborator.net'

  jaeles scan -c 50 -s  -U  -f 'noti_slack "{{.vulnInfo}}"'

  jaeles scan -v -c 50 -s  -U list_target.txt -o /tmp/output

  jaeles scan -s  -s  -u http://example.com

  jaeles scan -G -s  -s  -x  -u http://example.com

  cat list_target.txt | jaeles scan -c 100 -s 

  jaeles scan -s '/tmp/custom-signature/sensitive/.*' -L 2 --fi

Examples:

  jaeles scan -s 'jira' -s 'ruby' -u target.com

  jaeles scan -c 50 -s 'java' -x 'tomcat' -U list_of_urls.txt

  jaeles scan -G -c 50 -s '/tmp/custom-signature/.*' -U list_of_urls.txt

  jaeles scan -v -s '~/my-signatures/products/wordpress/.*' -u 'https://wp.example.com/blog/' -p 'root=[[.URL]]'

  cat urls.txt | grep 'interesting' | jaeles scan -c 50 -s /tmp/jaeles-signatures/cves/sample.yaml -U list_of_urls.txt --proxy http://127.0.0.1:8080

Config Command examples:

  # Init default signatures

  jaeles config init

  # Update latest signatures

  jaeles config update

  jaeles config update --repo http://github.com/jaeles-project/another-signatures --user admin --pass admin

  jaeles config update --repo [email protected]/jaeles-project/another-signatures -K your_private_key

  # Reload signatures from a standard signatures folder (contain passives + resources)

  jaeles config reload --signDir ~/standard-signatures/

  # Add custom signatures from folder

  jaeles config add --signDir ~/custom-signatures/

  # Clean old stuff

  jaeles config clean

  # More examples

  jaeles config add --signDir /tmp/standard-signatures/

  jaeles config cred --user sample --pass not123456

For full Usage:

  jaeles -hh

```

***

### Structure of the Repo

Jaeles look for signature as a single file so you can structure it as whatever you want. This is just an example.

| Page           | Description                        |

|----------------|------------------------------------|

| **common**     | Implement misconfiguration for some popular apps  |

| **cves**       | Implement some CVE |

| **sensitvie**       | Some common path with sensitive information |

| **probe**      | Used for detect some technology used by the target|

| **passives**      | Used for [passive detection](https://jaeles-project.github.io/signatures/passive/)|

| **fuzz**       | Some common case for fuzz mode (I know a lot of false positive here) |

| **routines**       | Routines example |

## Note for using Fuzz signatures

Fuzz signatures may have many false positive because I can't defined exactly what is vulnerable for everything. So make sure you gotta know what are you doing here.

## Showcases

|  [![asciicast](https://asciinema.org/a/392827.svg)](https://asciinema.org/a/392827) [**Jenkins Gitlab XSS CVE-2020-2096**](https://asciinema.org/a/392827)  |  [![asciicast](https://asciinema.org/a/392822.svg)](https://asciinema.org/a/392822) [**Grafana DoS Probing CVE-2020-13379**](https://asciinema.org/a/392822) |

|:----------:|:-------------:|

| [![asciicast](https://asciinema.org/a/392824.svg)](https://asciinema.org/a/392824) [**SolarWindsOrion LFI CVE-2020-10148**](https://asciinema.org/a/392824) | [![asciicast](https://asciinema.org/a/392821.svg)](https://asciinema.org/a/392821) [**Nginx Vhost XSS**](https://asciinema.org/a/392821) |

 More showcase can be found here



***

## What should I do if Jaeles found a vulnerability?

1. Read the signature file.

2. Seriously, read the signature file.

3. Remember that you were warned twice about reading the signature file.

4. Read the references and detection part to understand why Jaeles said it's vulnerable.

5. Manually verify the vulnerability.

### Financial Contributors

Become a financial contributor and help us sustain our community. [[Contribute](https://opencollective.com/jaeles-project/contribute)]

## Special Thanks







Explore the latest vulnerabilities at cvebase.com



## License

`Jaeles` is made with ♥  by [@j3ssiejjj](https://twitter.com/j3ssiejjj) and it is released under the MIT license.

## Donation

[![paypal](https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif)](https://paypal.me/j3ssiejjj)

[!["Buy Me A Coffee"](https://www.buymeacoffee.com/assets/img/custom_images/orange_img.png)](https://www.buymeacoffee.com/j3ssie)