Jaeles is a powerful, flexible and easily extensible framework written in Go for building your own Web Application Scanner.
Installation
go get -u github.com/jaeles-project/jaeles
USAGE
Modes;
– Scan Mode
– Fuzz Mode
Jaeles – The Swiss Army knife for automated Web Application Testing beta v0.1 by @j3ssiejjj
>>Usage:
jaeles [command]
>> Available Commands:
config Configuration CLI
help Help about any command
scan Do the Scan
server Run server
>> Flags:
-c, –concurrency int concurrency (default 20)
–config string config file (default is $HOME/.jaeles/config.yaml)
–debug Debug
-h, –help help for jaeles
–no-output Do not store raw output
-o, –output string output folder name (default “out”)
–proxy string proxy
–refresh int Refresh (default 10)
–retry int retry (default 3)
–rootDir string root Project (default “~/.jaeles/”)
–save-raw save raw request
–scanID string Scan ID
–signDir string signFolder (default “~/.jaeles/signatures-base/”)
–timeout int timeout (default 20)
-v, –verbose Verbose
>> Use “jaeles [command] –help” for more information about a command.
Also Read – NetAss2 : Network Assessment Assistance Framework (PenTest Toolkit)
Scan
Scan list of URLs based on signatures
Usage:
jaeles scan [flags]
Flags:
-h, –help help for scan
-s, –sign string Provide custom header seperate by ‘;’
–ssrf string Fill your BurpCollab
-u, –url string URL of target
-U, –urls string URLs file of target
Examples Command
#scan all signature for single url
jaeles scan -u http://example.com
#scan phpdebug.yaml signature for list of urls
jaeles scan -s signatures/common/phpdebug.yaml -U /tmp/list_of_urls.txt
#scan all signatures with “aem” prefix for list of urls
jaeles scan –retry 3 –verbose -s “signatures/cves/aem-*” -U /tmp/list_of_urls.txt
Fuzz
Start API Server
Usage:
jaeles server [flags]
Flags:
-h, –help help for server
–host string IP address to bind the server (default “127.0.0.1”)
-l, –level int16 Provide custom header seperate by ‘;’ (default 1)
–port string Port (default “5000”)
-s, –sign string Provide custom header seperate by ‘;’
Examples Command
#Scan API server on http://127.0.0.1:5000
jaeles server
#Scan API server on http://127.0.0.1:5000 with default signature sqli
jaeles –verbose server -s sqli
List Signature with list of Urls
Single Signature with list of Urls
Fuzzing mode with Burp
Imagine if you had a super-powered assistant who could automatically handle all the boring, repetitive…
Managing files efficiently is a core skill for anyone working in Linux, whether you're a…
Open ports act as communication endpoints between your Linux system and the outside world. Every…
Introduction In today’s cyber threat landscape, protecting endpoints such as computers, smartphones, and tablets from…
Introduction In today's fast-paced cybersecurity landscape, incident response is critical to protecting businesses from cyberattacks.…
Artificial Intelligence (AI) is changing how industries operate, automating processes, and driving new innovations. However,…