Fast and customizable vulnerability scanner For JIRA written in Python

Related tags

Security related resourcessecurityjirascannerpython3bugbountyjira-rest-apivulnerability-scannerssecurity-tools
Overview


Fast and customizable vulnerability scanner For JIRA.

πŸ€” What is this?

Jira-Lens πŸ” is a Python Based vulnerability Scanner for JIRA. Jira is a proprietary issue tracking product developed by Atlassian that allows bug tracking and agile project management. This tool Performs 25+ Checks including CVE's and Multiple Disclosures on the Provided JIRA Instance.

πŸš€ Usage

Jira-Lens can be easily used from the command line

  • Clone this Repo Using git clone https://github.com/MayankPandey01/Jira-Lens.git
  • Complete the setup using python3 setup.py install
  • python3 Jira-Lens.py -u {URL}

render1636911439843

Additional Arguments can be passed to use tool in different way:

  • -u : To Provide a Single URL of JIRA Instance for Testing
  • -f : Path of File Containing List of URL's of JIRA Instance, properly Formatted and 1 url par Line
  • -o : To Provide a Custom Output Folder Location [ default= output/]

πŸ”§ Installation

πŸ”¨ Using pip

$ pip install Jira-Lens

πŸ”¨ Using Git

  • git clone https://github.com/MayankPandey01/Jira-Lens.git
  • After Installation run the setup.py file to set up the tool.

πŸ§ͺ Recommended Python Version:

  • This Tool Only Supports Python 3.
  • The recommended version for Python 3 is 3.8.x.

β›³ Dependencies:

The dependencies can be installed using the requirements file:

Installation on Windows:

  • python.exe -m pip3 install -r requirements.txt.

Installation on Linux:

  • sudo python3 pip3 install -r requirements.txt.

🐞 Bug Bounties

This tool is focused mainly on Bug Bounty Hunters and Security Professionals . You Can Use Jira-Lens to Scan JIRA Instance of the Target Company.

Why Use This ❓

  • It Provides a Detailed output After the Scan is Completed With all the Findings.
  • Take Inputs From File To Scan Multiple Instance
  • Fast and Easy to Setup ⚑
  • Can Be Added Directly To Your Automation Scripts
  • Regularly Updated Scanning Database

🎯 Contribution PRs Welcome

We Love to Get Contribution from the Open Source Community πŸ’™ . You are Welcome to Provide your Important Suggestions to make this tool more Awesome. Open a PR and we will See to it ASAP.

Ways to contribute

  • Suggest a feature
  • Adding CVE's and Disclosures Check
  • Report a bug
  • Fix something and open a pull request
  • Create a browser extension
  • Help me document the code
  • Spread the word

πŸ“š DISCLAIMER

This project is a personal development. Please respect its philosophy and don't use it for evil purposes. By using Jira-Lens, you agree to the MIT license included in the repository. For more details at The MIT License β€” OpenSource.

Using Jira-Lens for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state, and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program. Happy Hacking ✨ ✨

πŸ“ƒ Licensing

This project is licensed under the MIT license.

You might also like...
Nmap automated port scanner written in Python

port-scanner Nmap automated port scanner written in Python. USE: Clone the module Import the module: from portscanModule import portscanner Use: ports

Brayden Karnes 1 Dec 3, 2021
Sqli-Scanner is a python3 script written to scan websites for SQL injection vulnerabilities

Sqli-Scanner is a python3 script written to scan websites for SQL injection vulnerabilities Features 1 Scan one website 2 Scan multiple websites Insta

Anontemitayo 9 Dec 30, 2022
This python script will automate the testing for the Log4J vulnerability for HTTP and HTTPS connections.

Log4J-Huntress-Automate-Script This python script will automate the testing for the Log4J vulnerability for HTTP and HTTPS connections. Pre-Requisits

null 1 Dec 16, 2021
open detection and scanning tool for discovering and fuzzing for Log4J RCE CVE-2021-44228 vulnerability
open detection and scanning tool for discovering and fuzzing for Log4J RCE CVE-2021-44228 vulnerability

CVE-2021-44228-log4jVulnScanner-metasploit open detection and scanning tool for discovering and fuzzing for Log4J RCE CVE-2021-44228 vulnerability pre

Taroballz 7 Nov 9, 2022
Simple Python 3 script to detect the
Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading

log4j-detect Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading The script

VΓ­ctor GarcΓ­a 187 Jan 3, 2023
Simple Python 3 script to detect the
Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading

log4j-detect Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading The script

Wade 1 Dec 15, 2021
Python script to tamper with pages to test for Log4J Shell vulnerability.

log4jShell Scanner This shell script scans a vulnerable web application that is using a version of apache-log4j 2.15.0. This application is a static

GoVanguard 8 Oct 20, 2022
A simple python script to dump remote files through a local file read or local file inclusion web vulnerability.
A simple python script to dump remote files through a local file read or local file inclusion web vulnerability.

A simple python script to dump remote files through a local file read or local file inclusion web vulnerability. Features Dump a single file w

Podalirius 48 Dec 3, 2022
😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.
😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.

😭 WSOB (CVE-2022-29464) 😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464. CVE-2022-29464 details:

0p 25 Oct 14, 2022
Comments
  • Add --cookie option to set cookies during a scan

    Add --cookie option to set cookies during a scan

    While performing a penetration test on a Jira instance we used your tool to perform a preliminary scan. Since in our case, we needed a cookie from an SSO login we had to manually edit your code: here's the result. Maybe you want to include it in the official repository.

    Good job, thanks for making our job easier :smile:

    opened by 5amu 1
  • add Dockerfile

    add Dockerfile

    Hi @MayankPandey01,

    Thanks for sharing this tool! I added a Dockerfile to make it easier to install and use. Perhaps others can benefit from this as well.

    Cheers, 0xbad53c

    opened by 0xbad53c 0
  • Jira Lens Disabling SSL certificate verification option

    Jira Lens Disabling SSL certificate verification option

    The changes I made in "/Jira-Lens/Jira-Lens.py" is focused on adding ssl certificate verification option. With this update, users can use "-i" flag to disable ssl verification check and ssl errors. "-i" flag and explanation also added to main readme file.

    opened by Laronax 0
Releases(v1.0.2)
Owner
Mayank Pandey
QWx3YXlzIExlYXJuaW5nLi4=
Mayank Pandey
GitHub Repository
This is a Crypto asset tracker that I built to aid my personal journey in cryptocurrencies.

Wallet Tracker This is a Crypto asset tracker that I built to aid my personal journey in cryptocurrencies. build docker build -t wallet-tracker . run

2 Mar 21, 2022
Reverse engineered Parler API

Parler's unofficial API with all endpoints present in their iOS app as of 08/12/2020. For the most part undocumented, but the error responses are alre

393 Nov 26, 2022
A semi-automatic osint/recon framework.

Smog Framework A semi-automatic osint/recon framework. Requirements git Python = 3.8 How to use it

toast 22 Oct 17, 2022
Lightweight and beneficial Dependency Injection plugin for apscheduler

Implementation of dependency injection for apscheduler Prerequisites: apscheduler-di solves the problem since apscheduler doesn't support Dependency I

Glib 11 Dec 07, 2022
Python Toolkit containing different Cyber Attacks Tools

Helikopter Python Toolkit containing different Cyber Attacks Tools. Tools in Helikopter Toolkit 1. FattyNigger (PYTHON WORM) 2. Taxes (PYTHON PASS EXT

Saqlain Naqvi 22 Dec 04, 2022
An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.

RonnieColemanYARAParser This script is named after Ronnie Coleman, and peforms bulk lifts on arbitary file features using YARA console logging. Requir

Steve 20 Dec 13, 2022
Fetch Chrome, Firefox, WiFi password and system info

DISCLAIMER : OUR TOOLS ARE FOR EDUCATIONAL PURPOSES ONLY. DON'T USE THEM FOR ILLEGAL ACTIVITIES. YOU ARE THE ONLY RESPONSABLE FOR YOUR ACTIONS! OUR TO

Genos 59 Nov 17, 2022
Update of uncaptcha2 from 2019

YouTube Video Proof of Concept I created a new YouTube Video with technical Explanation for breaking Google's Audio reCAPTCHAs: Click on the image bel

Nikolai Tschacher 153 Dec 20, 2022
test application for the licence key web app.

licence_software_test_app Make sure you set your database values in a .env file to the folder. Install MYSQL connector: pip install mysql-connector-py

Carl Beattie 1 Oct 28, 2021
This is a partial and quick and dirty proof of concept implementation of the following specifications to configure a tor client to use trusted exit relays only.

This is a partial and quick and dirty proof of concept implementation of the following specifications to configure a tor client to use trusted exit re

22 Nov 09, 2022
Get important strings inside [Info.plist] & and Binary file also all output of result it will be saved in [app_binary].json , [app_plist_file].json file

Get important strings inside [Info.plist] & and Binary file also all output of result it will be saved in [app_binary].json , [app_plist_file].json file

12 Sep 28, 2022
A Simple File Encryptor/Decryptor

Ec: A Simple File Encryptor/Decryptor This has been made for educational reasons only, any constructive criticism/advice/comments are welcome! Also, p

1 Dec 10, 2021
Tools Crack Fb Terbaru

Tools Crack Fb Terbaru

Jeeck 12 Jan 06, 2022
evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.

Introduction evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files. It can process a high numbe

NVISO 116 Dec 29, 2022
Using python 3 and Flask an MVC system where the AES 128 CBC and Trivium algorithms

This project was developed using python 3 and Flask, it is an MVC system where the AES 128 CBC and Trivium algorithms can be tested through a communication between the computer and a device such as a

Brandon Israel Camacho Reyes 1 Dec 26, 2021
Steal Files on a Windows Machine

File-Stealer Steal Files on a Windows Machine About This Script will steal certain Files on a Windows Machine and sends them to a FTP Server. Preview

Marcel 5 Nov 17, 2022
APKLeaks - Scanning APK file for URIs, endpoints & secrets.

APKLeaks - Scanning APK file for URIs, endpoints & secrets.

dw1 3.5k Jan 09, 2023
Providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account.

We are providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account. The script enables security teams

Mitiga 13 Jan 04, 2022
Encrypted Python Password Manager

PyPassKeep Encrypted Python Password Manager About PyPassKeep (PPK for short) is an encrypted python password manager used to secure your passwords fr

KrisIsHere 1 Nov 17, 2021
Undetectable Keylogger that reports to Discord

FUD Keylogger That Reports To Discord This python script will capture all of the keystrokes within a given time frame and report them to a Discord Ser

Dimitris Kalopisis 36 Dec 20, 2022