--help / -h / -? |
Help. |
--proxy |
Set tor proxy [Ex: socks://localhost:9050].
User proxy [Ex: http://12.231.54.87:8080 / list.txt]. |
--random |
Random all proxy / engine / agent. |
--pr |
Random proxy. |
--mr |
Random engine. |
--br |
Random agent. |
--dork/-d |
dork to search [Ex: house,cars,hotel] |
--level/-l |
Scan level (+- Number of search engine results) |
-m |
Set engine motor [Bing = 1][Google = 2][Ask = 3][Yandex = 4][Sogou = 5][All = all] |
--save/-s |
Output. |
-t |
Target [http://site.com] |
-p |
Set test parameter EX:id,cat,product_ID |
--time |
Set browser time out. default 10s. |
--host |
Domaine name Ex: site.com |
--exp |
Set exploit/payload |
--valid/-v |
Validate by string. |
--vpost |
Validate post data forms by string. |
--unique |
Get urls with exact dork matching |
--ifinurl |
Validate target url by string. |
--status |
Validate by http header status. |
--noquery |
Remove Query string from url. [url like: site.com/index.php?id=] |
--replace |
Exact string to replace |
--full |
--replace --full Will replace all url parametres from string to the end. |
--with |
string to replace with |
--xss |
Xss scan |
--lfi |
local file inclusion |
--wp |
get wordpress sites |
--joom |
Get joomla sites |
--joomrfi |
joomla local file inclusion scan |
--shell |
shell link [Ex: http://www.site.com/shell.txt] |
--data |
Data. See examples |
--post |
Use post method |
--get |
Use get method |
--wpafd |
get wordpress sites with arbitery file download |
--admin |
get site admin page |
--shost |
get site subdomains |
--port |
port |
--udp |
UDP port |
--tcp |
TCP port |
--sites |
sites in the server |
--upload |
get sites with upload files |
--zip |
get sites with zip files |
--md5 |
convert to md5 |
--encode64 |
encode base64 string |
--decode64 |
decode base64 string |
--email |
Extract e-mails |
--ip |
Extract IPs. |
--regex |
Crawl to get strings matching regex |
--sregex |
Get only urls with matching regex |
rang(x-y) |
EX: --exp /index.php?id=rang(1-2) --xss will try id=1 then id=2 |
repeat(string-y) |
EX: --exp /index.php?id=repeat(../-3)wp-config.php
OR -t site.com/index.php?id=repeat(../-3)wp-config.php
means ../ will be repeated progressively 3 times:
will try id=../wp-config.php then id=../../wp-config.php then id=../../../wp-config.php. |
--command |
External Command |
--TARGET |
Will be replaced by target in extern commands |
--HOST |
Will be replaced by hostname in extern commands |
--HOSTIP |
Will be replaced by target IP in extern commands |
--nobanner |
Hide tool banner |
--noinfo |
Jump extra results info. |
--options |
Show scan configuration. |
--beep |
Produce beep sound if positive scan found |
--ifend |
Produce beep sound when scan process is finished. |
--pause |
Pause scan when first result found. |
--update |
Update. |
--uninstall |
Uninstall Tool. |