Joro is a web exploitation framework for penetration testing. It bundles an intercepting HTTP/HTTPS proxy, blind vulnerability detection, web shell generation, C2 integration, and collaboration tools into a single binary with an embedded web UI.

1. Installation
2. Getting-Started
3. Configuration

The Joro web UI's top navigation bar, in order. Each page documents the features available on that tab.

1. Dashboard
2. Map
3. History
4. Intercept
5. Manipulate
6. Fuzz
7. Generate
8. Execute
9. Interact
10. Notes
11. Transform
12. Plugins
13. Settings

Joro has three run modes:

• Proxy mode (the default) is covered by the tab pages above. The other two run on a publicly reachable host and are configured from Settings on the proxy side.

• Listener-Mode: out-of-band DNS and HTTP callback server for blind-vulnerability detection and XSS Hunter integration.

• Team-Server: listener mode plus authenticated team collaboration (shared chat, shared notes, active user presence).