CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
AI Score
Confidence
High
EPSS
Percentile
99.8%
Jaeles is a powerful, flexible and easily extensible framework written in Go for building your own Web Application Scanner.
Installation
Download precompiled version here.
If you have a Go environment, make sure you have Go >= 1.13 with Go Modules enable and run the following command.
GO111MODULE=on go get -u github.com/jaeles-project/jaeles
Please visit the Official Documention for more details.
Checkout Signature Repo for base signature and passive signature.
Usage
More usage here
Example commands.
jaeles [scan](<https://www.kitploit.com/search/label/Scan> "scan" ) -u http://example.com
jaeles scan -s signatures/common/phpdebug.yaml -U /tmp/list_of_urls.txt
jaeles scan -v --passive --verbose -s "signatures/cves/jira-*" -U /tmp/list_of_urls.txt -o /tmp/vuls
jaeles server --verbose -s sqli
Showcases
More showcase here
Detect Jira SSRF CVE-2019-8451
Burp Integration
Plugin can be found here and Video Guide here
Mentions
My introduction slide about Jaeles
Planned Features
Credits
Special thanks to chaitin team for sharing ideas to me for build the architecture.
React components is powered by Carbon and carbon-tutorial.
Awesomes artworks are powered by Freepik at flaticon.com.
github.com/carbon-design-system/carbon-tutorial
github.com/chaitin/xray
github.com/jaeles-project/jaeles
github.com/jaeles-project/jaeles-plugins/blob/master/jaeles-burp.py
github.com/jaeles-project/jaeles-signatures
github.com/jaeles-project/jaeles/releases
jaeles-project.github.io/
jaeles-project.github.io/showcases/
jaeles-project.github.io/usage/
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
AI Score
Confidence
High
EPSS
Percentile
99.8%