Skip to content
GitLab

RPC client · Changes

Page history
Updated RPC-client (markdown) authored by Tasos Laskos's avatar Tasos Laskos
Hide whitespace changes
Inline Side-by-side
guides/user/RPC-client.md
View page @ ed1a4c4b
## Version 0.4.2 ## Version 0.4.3
The RPC client command line interface is similar to the The RPC client command line interface is similar to the
[[Command line user interface | Command line user interface]]. [[Command line user interface | Command line user interface]].
...@@ -7,11 +7,11 @@ The differences between the two are: ...@@ -7,11 +7,11 @@ The differences between the two are:
* The `--server` option -- The URL of the RPC Dispatcher server to connect to in * The `--server` option -- The URL of the RPC Dispatcher server to connect to in
the form of `host:port` the form of `host:port`
* Support for Grid/distribution option. * Support for distribution options.
* Support for SSL peer verification for Dispatch server. * Support for SSL peer verification for Dispatch server.
``` ```
Arachni - Web Application Security Scanner Framework v0.4.2 Arachni - Web Application Security Scanner Framework v0.4.3
Author: Tasos "Zapotek" Laskos <tasos.laskos@gmail.com> Author: Tasos "Zapotek" Laskos <tasos.laskos@gmail.com>
(With the support of the community and the Arachni Team.) (With the support of the community and the Arachni Team.)
...@@ -20,6 +20,7 @@ Arachni - Web Application Security Scanner Framework v0.4.2 ...@@ -20,6 +20,7 @@ Arachni - Web Application Security Scanner Framework v0.4.2
Documentation: http://arachni-scanner.com/wiki Documentation: http://arachni-scanner.com/wiki
Usage: arachni_rpc --server host:port [options] url
Usage: arachni_rpc --server host:port [options] url Usage: arachni_rpc --server host:port [options] url
Supported options: Supported options:
...@@ -59,9 +60,9 @@ Arachni - Web Application Security Scanner Framework v0.4.2 ...@@ -59,9 +60,9 @@ Arachni - Web Application Security Scanner Framework v0.4.2
Specify custom headers to be included in the HTTP requests. Specify custom headers to be included in the HTTP requests.
(Can be used multiple times.) (Can be used multiple times.)
--authed-by=<string> Who authorized the scan, include name and e-mail address. --authed-by=<string> E-mail address of the person who authorized the scan.
(It'll make it easier on the sys-admins during log reviews.) (It'll make it easier on the sys-admins during log reviews.)
(Will be appended to the user-agent string.) (Will be used as a value for the 'From' HTTP header.)
--login-check-url=<url> A URL used to verify that the scanner is still logged in to the web application. --login-check-url=<url> A URL used to verify that the scanner is still logged in to the web application.
(Requires 'login-check-pattern'.) (Requires 'login-check-pattern'.)
...@@ -172,8 +173,8 @@ Arachni - Web Application Security Scanner Framework v0.4.2 ...@@ -172,8 +173,8 @@ Arachni - Web Application Security Scanner Framework v0.4.2
(Can be used multiple times.) (Can be used multiple times.)
-m <modname,modname..> -m <modname,modname,...>
--modules=<modname,modname..> --modules=<modname,modname,...>
Comma separated list of modules to load. Comma separated list of modules to load.
(Modules are referenced by their filename without the '.rb' extension, use '--lsmod' to list all. (Modules are referenced by their filename without the '.rb' extension, use '--lsmod' to list all.
...@@ -219,6 +220,19 @@ Arachni - Web Application Security Scanner Framework v0.4.2 ...@@ -219,6 +220,19 @@ Arachni - Web Application Security Scanner Framework v0.4.2
(Plugins are referenced by their filename without the '.rb' extension, use '--lsplug' to list all.) (Plugins are referenced by their filename without the '.rb' extension, use '--lsplug' to list all.)
(Can be used multiple times.) (Can be used multiple times.)
Platforms ----------------------
--lsplat List available platforms.
--no-fingerprinting Disable platform fingerprinting.
(By default, the system will try to identify the deployed server-side platforms automatically
in order to avoid sending irrelevant payloads.)
--platforms=<platform,platform,...>
Comma separated list of platforms (by shortname) to audit.
(The given platforms will be used *in addition* to fingerprinting. In order to restrict the audit to
these platforms enable the '--no-fingerprinting' option.)
Proxy -------------------------- Proxy --------------------------
...@@ -235,14 +249,18 @@ Arachni - Web Application Security Scanner Framework v0.4.2 ...@@ -235,14 +249,18 @@ Arachni - Web Application Security Scanner Framework v0.4.2
--server=<address:port> Dispatcher server to use. --server=<address:port> Dispatcher server to use.
(Used to provide scanner Instances.) (Used to provide scanner Instances.)
--spawns=<integer> How many slaves to spawn for a high-performance distributed scan. --spawns=<integer> How many slaves to spawn for a high-performance mult-Instance scan.
(Slaves will all be from the same Dispatcher machine.) (When no grid mode has been specified, all slaves will all be from the same Dispatcher machine.
(*WARNING*: This feature is experimental.) When a grid-mode has been specified, this option will be treated as a possible maximum and
not a hard value.)
--grid-mode=<mode> Sets the Grid mode of operation for this scan.
Valid modes are:
* balance -- Slaves will be provided by the least burdened Grid Dispatchers.
* aggregate -- In addition to balancing, slaves will all be from Dispatchers
with unique bandwidth Pipe-IDs to result in application-level line-aggregation.
--grid Tell the scanner to use the Grid for a High-Performance scan. --grid Shorthand for '--grid-mode=balance'.
(Slaves will all be from the Dispatchers running
on machines with unique bandwidth pipe.)
(*WARNING*: This feature is experimental.)
SSL -------------------------- SSL --------------------------
......