"JMT" stands for "Jinjja Michine Tool" and is a tool for diagnosing vulnerabilities in websites. Most web vulnerability diagnosis tools perform analysis by scanning URLs, but JMT is different from other tools because it uses the Google search engine to check open information on the web.
The reason why the vulnerability diagnosis tool was created using the Google search engine is that by combining individual email addresses and other information, you can get a larger amount of personal information than you think just by searching Google, and the search for websites is the same. Using the JMT tool prevents malicious users from collecting vulnerable information when gathering information about a website as a preliminary step to attacking a particular website.
Target :
- Information Security Manager
- Web Developer
| Check list | Requirements |
|---|---|
| OS | MacOS X |
| Safari | latest version |
| Python | python3.10 or higher |
Allow Safari automation :
Safari → Develop → Allow Remote Automation
Python module installation list:
$ pip3.x install PyQt5
$ pip3.x install bs4
$ pip3.x install seleniumDownload file :
$ git clone https://github.com/accio3014/JMT.gitRun JMT :
$ python3.x "Download path"/JMT/source/gui.pyInsert URL :
Select category in GHDB :
Waiting for result :
[Exploit] : There are search results..
[Fail] : No search results.
[reCAPTCHA] : Google reCAPTCHA detected.
Most reCAPTCHA are bypassed because they use the Safari web browser, but you can bypass them more effectively by additionally using the methods below :
1. Use a VPN
reCAPTCHA can be bypassed by using a VPN to change your country or region.
2. Restart your MAC
reCAPTCHA can be bypassed by restarting the Mac.
It doesn't matter which of the above two methods you use, but we recommend restarting your Mac.