JMSDigger is an open source and GUI-based tool from Foundstone used for penetration testing ActiveMQ based JMS applications with a number of features.

Generic JMS operations

  • Anonymous and manual authentication checks.
  • Automated credential brute force and fuzzing.
  • Retrieve messages from topics, queues, and durable subscribers.
  • Create new durable subscribers and erase existing durable subscribers.

ActiveMQ Specific Operations

  • Retrieve ActiveMQ broker and destination statistics.
  • Create new destinations (topics or queues).
  • ActiveMQ password decryption.

System Requirements
Java 7.0 and above

Download this tool now