Home

Awesome

             logo<br>                            Stars NPM Version License: GPL v3 contribution PyPi Python Versions Demo Youtube <br>                                                    An automated web hacking framework for web applications

Table of Content

Detailed insight about Vajra can be found at

https://hackwithproxy.medium.com/introducing-vajra-an-advanced-web-hacking-framework-bd8307a01aa8 <br>

About Vajra

logo<br>

Vajra is an automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing. Vajra has highly customizable target scope based scan feature. Instead of running all the scan on target, it runs only those scan selected by you which will minimize unnecessary traffic and stores output in one place at CouchDB.

Vajra uses most common open source tools which every Bug Hunter runs during their testing on target. It does all the stuffs through web browser with very simple UI that makes it absolute beginner friendly framework.

Analyzing your data from scan result is very important in Bug Bounty. The chances of missing anything is less only if you could visualize your data in proper way and Vajra does so with a lot of filters.

I created this project for my personal use (about 6 months ago) but looking at its usefulness, I decided to make it open-source so that it can save your time and can get some more improvement from community.

Currently, I added only 27 unique bug bounty feature to it but more will be added in near future.

<br>

Demo

Demo Video

Key Features

What Vajra does

Total Scans

scans <br>

Result of Scan

result <br>

Found Subdomains

subdomains <br>

Subdomain Monitoring

subdomain monitor <br>

Installation

All the installation instructions are available at wiki page. Find the wiki documentation here:

https://github.com/r3curs1v3-pr0xy/vajra/wiki/Installation

Running with docker-compose

  1. git clone --recursive https://github.com/r3curs1v3-pr0xy/vajra.git
  2. Make changes to files (add api tokens, etc.) [You can skip this]
  3. Run docker-compose up.

If you wanna make changes later then update files and run docker-compose build and docker-compose up again.

For detailed instructions, follow this URL

Tools used by Vajra

All the tools used by Vajra are listed here: Link

Contributing

Thank you for your consideration for making your valuable contributions to Vajra! Start by taking a look at the below mentioned points

Financial Contributors:

Deviner ABHISAR PANDEY

Code Contributors:

Anas Jamal

If you have some new idea about this project, issue, feedback or found some valuable tool feel free to open an issue or just DM me via @r3curs1v3_pr0xy

If you like Vajra and wants to support

cofee

Paypal: https://www.paypal.me/r3curs1v3pr0xy<br>

Bitcoin: 3EB5AsRrzSjMXnPDwSuxnyW1cc2APSHEWr

10% of total donation will go to Animal Aid Unilimited.

License

It is distributed under the GNU GPL v3 license License. See LICENSE for more information.

Future Plans/Under Development

Credits

Please take a look at CREDITS.md. Thanks to @maniac_en for helping with version control and repo management.

Disclaimer

Most of these tools have been developed by the authors of the tool that has been listed in CREDITS.md. I just put all the pieces together, plus some extra magic.

This tool is for educational purposes only. You are responsible for your own actions. If you mess something up or break any laws while using this software, it's your fault, and your fault only.

FAQ

=> Vajra uses only open source tools and scripts so its accuracy depends upon those tools.

=> It depends upon the resources you provide to run it.

-=> Although Vajra uses asynchronous methods but still it takes some time to complete all the scan. You can see your running scans through ongoing scan tab