Jaeles is a powerful, flexible and easily extensible framework written in Go for building your own Web Application Scanner.
Installation
go get -u github.com/jaeles-project/jaeles
USAGE
Modes;
– Scan Mode
– Fuzz Mode
Jaeles – The Swiss Army knife for automated Web Application Testing beta v0.1 by @j3ssiejjj
>>Usage:
jaeles [command]
>> Available Commands:
config Configuration CLI
help Help about any command
scan Do the Scan
server Run server
>> Flags:
-c, –concurrency int concurrency (default 20)
–config string config file (default is $HOME/.jaeles/config.yaml)
–debug Debug
-h, –help help for jaeles
–no-output Do not store raw output
-o, –output string output folder name (default “out”)
–proxy string proxy
–refresh int Refresh (default 10)
–retry int retry (default 3)
–rootDir string root Project (default “~/.jaeles/”)
–save-raw save raw request
–scanID string Scan ID
–signDir string signFolder (default “~/.jaeles/signatures-base/”)
–timeout int timeout (default 20)
-v, –verbose Verbose
>> Use “jaeles [command] –help” for more information about a command.
Also Read – NetAss2 : Network Assessment Assistance Framework (PenTest Toolkit)
Scan
Scan list of URLs based on signatures
Usage:
jaeles scan [flags]
Flags:
-h, –help help for scan
-s, –sign string Provide custom header seperate by ‘;’
–ssrf string Fill your BurpCollab
-u, –url string URL of target
-U, –urls string URLs file of target
Examples Command
#scan all signature for single url
jaeles scan -u http://example.com
#scan phpdebug.yaml signature for list of urls
jaeles scan -s signatures/common/phpdebug.yaml -U /tmp/list_of_urls.txt
#scan all signatures with “aem” prefix for list of urls
jaeles scan –retry 3 –verbose -s “signatures/cves/aem-*” -U /tmp/list_of_urls.txt
Fuzz
Start API Server
Usage:
jaeles server [flags]
Flags:
-h, –help help for server
–host string IP address to bind the server (default “127.0.0.1”)
-l, –level int16 Provide custom header seperate by ‘;’ (default 1)
–port string Port (default “5000”)
-s, –sign string Provide custom header seperate by ‘;’
Examples Command
#Scan API server on http://127.0.0.1:5000
jaeles server
#Scan API server on http://127.0.0.1:5000 with default signature sqli
jaeles –verbose server -s sqli
List Signature with list of Urls
Single Signature with list of Urls
Fuzzing mode with Burp
Got it! Below is the updated README.md file with instructions for downloading the project on…
Termo-Kali bridges the gap between powerful Linux capabilities and the convenience of mobile devices by…
Welcome to the Ethical Hacking Quiz Application, designed to help learners test their knowledge of…
The WPA2 Handshake Automation Tool is a Python3 script designed to simplify the process of setting up…
A custom bash script designed to streamline your startup process and enhance your scripting skills.…
Welcome to the Cybersecurity Toolkit, a collection of essential Python tools designed for penetration testing…