Jaeles is a powerful, flexible and easily extensible tool written in Go for making a Web Application Scanner.
Installation
Download the precompiled version from here
If you have a Go environment, make sure you have Go> = 1,13 with the Go units enabled and run the following command:
GO111MODULE=on go get github.com/jaeles-project/ jaeles
Use
# Scan Usage example:
jaeles scan -s signature> -u url>
jaeles scan -c 50 -s signature> -U list_urls> -L level-of-signatures>
jaeles scan -c 50 -s signature> -U list_urls>
jaeles scan -c 50 -s signature> -U list_urls> -p 'dest = xxx.burpcollaborator.net'
jaeles scan -c 50 -s signature> -U list_urls> -f 'noti_slack “{{.vulnInfo}}”'
jaeles scan -v -c 50 -s signature> -U list_target.txt -o / tmp / output
jaeles scan -s signature> -s another-selector> -u http://example.com
jaeles scan -G -s signature> -s another-selector> -x exclude-selector> -u http://example.com
cat list_target.txt | jaeles scan -c 100 -s signature>
#Examples:
jaeles scan -s 'jira' -s 'ruby' -u target.com
jaeles scan -c 50 -s 'Java' -x 'tomcat' -U list_of_urls.txt
jaeles scan -G -c 50 -s '/tmp/custom-signature/.*' -U list_of_urls.txt
jaeles scan -v -s '~ / my-signatures / products / wordpress /.*' -u 'https://wp.example.com' -p 'root = [[. URL]]'
cat urls.txt | grep 'interesting' | jaeles scan -L 5 -c 50 -s 'fuzz /.*' -U list_of_urls.txt –proxy http://127.0.0.1:8080
Snapshots application
https://www.youtube.com/watch?v=nkBcIvzi3H4
Burp Integration
HTML Report summary
https://www.youtube.com/watch?v=JfihhEOEWSE
https://www.youtube.com/watch?v=ed4n1sCNu3s
https://www.youtube.com/watch?v=EG7Qmt8kt58
Plugin you can find here and Video guide here