Home
Jiraffe 🦒 - One stop place for Jira security reconnaissance and exploitation in your proximity
Overview | Design philosophy | Architecture | Getting started | Documentation
Jiraffe is a modern security reconnaissance and controlled exploitation framework for Atlassian Jira deployments.
It is designed for security professionals who care about:
- correctness over noise
- signal quality over automation
- explicit control over exploit execution
- clean separation between discovery and exploitation
Jiraffe focuses on identifying misconfigurations, exposed APIs, weak signals, and known vulnerabilities across Jira Server, Data Center, and cloud-hosted environments.
Jiraffe follows a recon-first, exploit-second model.
Reconnaissance modules:
- are passive or minimally invasive
- identify conditions that may enable exploitation
- do not modify target state
- provide context before exploitation is attempted
Exploit modules:
- are explicit and opt-in
- validate compatibility before execution
- support safe “check-only” modes
- never auto-execute shells or payloads
This philosophy ensures assessments remain accurate, controlled, and defensible, especially in bug bounty, internal security reviews, and red-team engagements.
Jiraffe is intentionally modular.
-
Recon modules
- Passive discovery and weak-signal detection
- No exploitation logic
- Loaded dynamically at runtime
-
Exploit modules
- CVE-mapped vulnerability validation
- Optional exploitation with safety controls
- Compatibility-aware (version & deployment checks)
-
Shared helpers
- Jira version detection
- Deployment type detection (Server / DC / Cloud)
- AWS hosting heuristics
- SSRF helpers for metadata and IAM enumeration
This separation allows reconnaissance and exploitation to evolve independently without coupling or unsafe defaults.
❌ A mass-scanner
❌ A "one-click RCE" tool
❌ An automatic shell dropper
❌ A noisy exploitation framework
Jiraffe is designed to assist informed decision-making, not replace it.
Install via pip (recommended):
pip install jiraffeOr install from source:
git clone https://github.com/0x48piraj/jiraffe.git
cd jiraffe
python3 setup.py installRun:
$ python3 -m jiraffe --help
usage: jiraffe [-h] [-t https://jira.company.com]
/)/)
( ..\
___ __ _______ __ _______ _______ _______ /'-._)
| || \ / \ / \ / | / | / | /#/ v2.1.5
|| ||| | |: | / \ (: ______)(: ______)(: ______) /#/ @03C0
|: ||: | |_____/ ) /' /\ \ \/ | \/ | \/ |
___| / |. | // / // __' \ // ___) // ___) // ___)_
/ :|_/ )/\ |\ |: __ \ / / \\ \(: ( (: ( (: |
(_______/(__\_|_)|__| \___)(___/ \___)\__/ \__/ \_______)
optional arguments:
-h, --help show this help message and exit
-t https://jira.company.com, --target https://jira.company.com
Target Jira instance URL
-a, --auto Automatic mode
--check-only, --dry-run
Only check for vulnerabilities, do not run exploits
--list-exploits
--cmd CMD Command for CVE-2019-11581
--ssrf SSRF SSRF target URL
--user-agent USER_AGENT
Custom User-Agent header
--severity {LOW,MEDIUM,HIGH,CRITICAL,INFO}
Run only exploits of this severity
--json Output results in JSON format (for automation / scripting)
--insecure Disable TLS certificate verification (allow self-signed HTTPS)
-v, --verbose Enable verbose output (debug information)
$ python3 -m jiraffe -t https://jira.example.com
$ python3 -m jiraffe -t https://jira.example.com --auto
$ python3 -m jiraffe --list-exploits