Skip to content
GitLab

Command line user interface · Changes

Page history
Updated Command line user interface (textile) authored by Zapotek's avatar Zapotek
Show whitespace changes
Inline Side-by-side
guides/user/Command-line-user-interface.textile
View page @ e9304016
...@@ -118,7 +118,7 @@ h3. Command reference ...@@ -118,7 +118,7 @@ h3. Command reference
# "Modules":#modules # "Modules":#modules
## "List modules ==(--lsmod)==":#lsmod ## "List modules ==(--lsmod)==":#lsmod
##* "Example":#lsmod_example ##* "Example":#lsmod_example
## "Modules ==(--mods/-m)==":#mods ## "Modules ==(--modules/-m)==":#modules
##* "Example":#mods_example ##* "Example":#mods_example
# "Reports":#reports # "Reports":#reports
## "List reports ==(--lsrep)==":#lsrep ## "List reports ==(--lsrep)==":#lsrep
...@@ -150,7 +150,7 @@ When verbosity is enabled Arachni will give you detailed information about what' ...@@ -150,7 +150,7 @@ When verbosity is enabled Arachni will give you detailed information about what'
h4(#verbosity_example). "Example":#verbosity_example h4(#verbosity_example). "Example":#verbosity_example
Let's give this a try: Let's give this a try:
<pre><code>arachni -p --mods=xss http://localhost/zapotek/tests/forms/xss.php</code></pre> <pre><code>arachni -p --modules=xss http://localhost/zapotek/tests/forms/xss.php</code></pre>
This will load the XSS module and audit all the forms (-p) in "http://localhost/zapotek/tests/forms/xss.php". This will load the XSS module and audit all the forms (-p) in "http://localhost/zapotek/tests/forms/xss.php".
...@@ -455,7 +455,7 @@ This option allows you to save your current running configuration, all the optio ...@@ -455,7 +455,7 @@ This option allows you to save your current running configuration, all the optio
h4(#save-profile_example). "Example":#save-profile_example h4(#save-profile_example). "Example":#save-profile_example
<pre><code>arachni -pv --mods=xss http://site.com/ --save-profile=myprofile</code></pre> <pre><code>arachni -pv --modules=xss http://site.com/ --save-profile=myprofile</code></pre>
h3(#load-profile). "Load profile ==(--load-profile)==":#load-profile h3(#load-profile). "Load profile ==(--load-profile)==":#load-profile
...@@ -498,7 +498,7 @@ h4(#exclude_example). "Example":#exclude_example ...@@ -498,7 +498,7 @@ h4(#exclude_example). "Example":#exclude_example
In this simple example we tell Arachni to exclude all URLs that contain the string "xss". In this simple example we tell Arachni to exclude all URLs that contain the string "xss".
Thus no further action was taken. Thus no further action was taken.
<pre><code> <pre><code>
$ arachni --mods=xss http://localhost/zapotek/tests/forms/xss.php --exclude=xss $ arachni --modules=xss http://localhost/zapotek/tests/forms/xss.php --exclude=xss
Arachni - Web Application Security Scanner Framework v0.2.1 [0.2] Arachni - Web Application Security Scanner Framework v0.2.1 [0.2]
Author: Tasos "Zapotek" Laskos <tasos.laskos@gmail.com> Author: Tasos "Zapotek" Laskos <tasos.laskos@gmail.com>
<zapotek@segfault.gr> <zapotek@segfault.gr>
...@@ -861,7 +861,7 @@ Path: /home/zapotek/workspace/arachni/modules/audit/xss_path.rb ...@@ -861,7 +861,7 @@ Path: /home/zapotek/workspace/arachni/modules/audit/xss_path.rb
</code></pre> </code></pre>
h3(#mods). "Modules ==(--mods/-m)==":#mods h3(#modules). "Modules ==(--modules/-m)==":#modules
*Expects*: modname,modname,... OR '*' *Expects*: modname,modname,... OR '*'
*Default*: '*' -- all modules *Default*: '*' -- all modules
...@@ -877,7 +877,7 @@ h4(#mods_example). "Example":#mods_example ...@@ -877,7 +877,7 @@ h4(#mods_example). "Example":#mods_example
As CSV: As CSV:
<pre><code> <pre><code>
$ arachni --mods=xss,sqli,path_traversal http://localhost/ $ arachni --modules=xss,sqli,path_traversal http://localhost/
</code></pre> </code></pre>
All modules: All modules:
...@@ -887,7 +887,7 @@ $ arachni http://localhost/ ...@@ -887,7 +887,7 @@ $ arachni http://localhost/
Excluding modules: Excluding modules:
<pre><code> <pre><code>
$ arachni --mods=*,-backup_files,-xss http://www.test.com $ arachni --modules=*,-backup_files,-xss http://www.test.com
</code></pre> </code></pre>
The above will load all modules except for the 'backup_files' and 'xss' modules. The above will load all modules except for the 'backup_files' and 'xss' modules.
...@@ -1127,7 +1127,7 @@ h4(#report_example). "Example":#report_example ...@@ -1127,7 +1127,7 @@ h4(#report_example). "Example":#report_example
Running the HTML report with an outfile option: Running the HTML report with an outfile option:
<pre><code> <pre><code>
$ arachni --mods=xss http://localhost/~zapotek/tests/forms/xss.php --report=html:outfile=my_html_report.html $ arachni --modules=xss http://localhost/~zapotek/tests/forms/xss.php --report=html:outfile=my_html_report.html
Arachni - Web Application Security Scanner Framework v0.2.1 [0.2] Arachni - Web Application Security Scanner Framework v0.2.1 [0.2]
Author: Tasos "Zapotek" Laskos <tasos.laskos@gmail.com> Author: Tasos "Zapotek" Laskos <tasos.laskos@gmail.com>
<zapotek@segfault.gr> <zapotek@segfault.gr>
...@@ -1481,7 +1481,7 @@ Arachni - Web Application Security Scanner Framework v0.4.1dev ...@@ -1481,7 +1481,7 @@ Arachni - Web Application Security Scanner Framework v0.4.1dev
--load-profile=<filepath> Load a run profile from <filepath>. --load-profile=<filepath> Load a run profile from <filepath>.
(Can be used multiple times.) (Can be used multiple times.)
(You can complement it with more options, except for: (You can complement it with more options, except for:
* --mods * --modules
* --redundant) * --redundant)
--show-profile Will output the running profile as CLI arguments. --show-profile Will output the running profile as CLI arguments.
...@@ -1581,7 +1581,7 @@ Arachni - Web Application Security Scanner Framework v0.4.1dev ...@@ -1581,7 +1581,7 @@ Arachni - Web Application Security Scanner Framework v0.4.1dev
etc. etc.
You can exclude modules by prefixing their name with a minus sign: You can exclude modules by prefixing their name with a minus sign:
--mods=*,-backup_files,-xss --modules=*,-backup_files,-xss
The above will load all modules except for the 'backup_files' and 'xss' modules. The above will load all modules except for the 'backup_files' and 'xss' modules.
Or mix and match: Or mix and match:
......