weyne/kaliwiki
1
0
Fork 0
mirror of https://github.com/mubix/kaliwiki.git synced 2025-10-29 16:59:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #86 from pwnwiki/Partial-Web-App

Browse Source 
Partial web app (part 4)
This commit is contained in:
WebBreacher
2014-04-24 23:44:51 -04:00
parent 2706c5d63e 5d4094db31
commit 3e1c05d23a
13 changed files with 838 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
tools/cadaver.md Normal file
View File

@@ -0,0 +1,27 @@
# cadaver
Notes
-------
Help Text
-------
```
dav:!> help
Available commands:
ls cd pwd put get mget mput
edit less mkcol cat delete rmcol copy
move lock unlock discover steal showlocks version
checkin checkout uncheckout history label propnames chexec
propget propdel propset search set open close
echo quit unset lcd lls lpwd logout
help describe about
Aliases: rm=delete, mkdir=mkcol, mv=move, cp=copy, more=less, quit=exit=bye
```
Example Usage
-------
Links
-------

35
tools/davtest.md Normal file
View File

@@ -0,0 +1,35 @@
# davtest
Notes
-------
Help Text
-------
```
/usr/bin/davtest -url <url> [options]
-auth+ Authorization (user:password)
-cleanup delete everything uploaded when done
-directory+ postfix portion of directory to create
-debug+ DAV debug level 1-3 (2 & 3 log req/resp to /tmp/perldav_debug.txt)
-move PUT text files then MOVE to executable
-nocreate don't create a directory
-quiet only print out summary
-rand+ use this instead of a random string for filenames
-sendbd+ send backdoors:
auto - for any succeeded test
ext - extension matching file name(s) in backdoors/ dir
-uploadfile+ upload this file (requires -uploadloc)
-uploadloc+ upload file to this location/name (requires -uploadfile)
-url+ url of DAV location
Example: /usr/bin/davtest -url http://localhost/davdir
```
Example Usage
-------
Links
-------

53
tools/deblaze.md Normal file
View File

@@ -0,0 +1,53 @@
# deblaze
Notes
-------
Help Text
-------
```
Usage: deblaze [option]
A remote enumeration tool for Flex Servers
Options:
--version show program's version number and exit
-h, --help show this help message and exit
-u URL, --url=URL URL for AMF Gateway
-s SERVICE, --service=SERVICE
Remote service to call
-m METHOD, --method=METHOD
Method to call
-p PARAMS, --params=PARAMS
Parameters to send pipe seperated
'param1|param2|param3'
-f SWF, --fullauto=SWF
URL to SWF - Download SWF, find remoting services,
methods,and parameters
--fuzz Fuzz parameter values
-c CREDS, --creds=CREDS
Username and password for service in u:p format
-b COOKIE, --cookie=COOKIE
Send cookies with request
-A USERAGENT, --user-agent=USERAGENT
User-Agent string to send to the server
-1 BRUTESERVICE, --bruteService=BRUTESERVICE
File to load services for brute forcing (mutually
exclusive to -s)
-2 BRUTEMETHOD, --bruteMethod=BRUTEMETHOD
File to load methods for brute forcing (mutually
exclusive to -m)
-d, --debug Enable pyamf/AMF debugging
-v, --verbose Print http request/response
-r, --report Generate HTML report
-n, --nobanner Do not display banner
-q, --quiet Do not display messages
```
Example Usage
-------
Links
-------

131
tools/fimap.md Normal file
View File

@@ -0,0 +1,131 @@
# fimap
Notes
-------
Help Text
-------
```
fimap v.09 (For the Swarm)
:: Automatic LFI/RFI scanner and exploiter
:: by Iman Karim (fimap.dev@gmail.com)
Usage: ./fimap.py [options]
## Operating Modes:
-s , --single Mode to scan a single URL for FI errors.
Needs URL (-u). This mode is the default.
-m , --mass Mode for mass scanning. Will check every URL
from a given list (-l) for FI errors.
-g , --google Mode to use Google to aquire URLs.
Needs a query (-q) as google search query.
-H , --harvest Mode to harvest a URL recursivly for new URLs.
Needs a root url (-u) to start crawling there.
Also needs (-w) to write a URL list for mass mode.
-4 , --autoawesome With the AutoAwesome mode fimap will fetch all
forms and headers found on the site you defined
and tries to find file inclusion bugs thru them. Needs an
URL (-u).
## Techniques:
-b , --enable-blind Enables blind FI-Bug testing when no error messages are printed.
Note that this mode will cause lots of requests compared to the
default method. Can be used with -s, -m or -g.
-D , --dot-truncation Enables dot truncation technique to get rid of the suffix if
the default mode (nullbyte poison) failed. This mode can cause
tons of requests depending how you configure it.
By default this mode only tests windows servers.
Can be used with -s, -m or -g. Experimental.
-M , --multiply-term=X Multiply terminal symbols like '.' and '/' in the path by X.
## Variables:
-u , --url=URL The URL you want to test.
Needed in single mode (-s).
-l , --list=LIST The URL-LIST you want to test.
Needed in mass mode (-m).
-q , --query=QUERY The Google Search QUERY.
Example: 'inurl:include.php'
Needed in Google Mode (-g)
--skip-pages=X Skip the first X pages from the Googlescanner.
-p , --pages=COUNT Define the COUNT of pages to search (-g).
Default is 10.
--results=COUNT The count of results the Googlescanner should get per page.
Possible values: 10, 25, 50 or 100(default).
--googlesleep=TIME The time in seconds the Googlescanner should wait befor each
request to google. fimap will count the time between two requests
and will sleep if it's needed to reach your cooldown. Default is 5.
-w , --write=LIST The LIST which will be written if you have choosen
harvest mode (-H). This file will be opened in APPEND mode.
-d , --depth=CRAWLDEPTH The CRAWLDEPTH (recurse level) you want to crawl your target site
in harvest mode (-H). Default is 1.
-P , --post=POSTDATA The POSTDATA you want to send. All variables inside
will also be scanned for file inclusion bugs.
--cookie=COOKIES Define the cookie which should be send with each request.
Also the cookies will be scanned for file inclusion bugs.
Concatenate multiple cookies with the ';' character.
--ttl=SECONDS Define the TTL (in seconds) for requests. Default is 30 seconds.
--no-auto-detect Use this switch if you don't want to let fimap automaticly detect
the target language in blind-mode. In that case you will get some
options you can choose if fimap isn't sure which lang it is.
--bmin=BLIND_MIN Define here the minimum count of directories fimap should walk thru
in blind mode. The default number is defined in the generic.xml
--bmax=BLIND_MAX Define here the maximum count of directories fimap should walk thru.
--dot-trunc-min=700 The count of dots to begin with in dot-truncation mode.
--dot-trunc-max=2000 The count of dots to end with in dot-truncation mode.
--dot-trunc-step=50 The step size for each round in dot-truncation mode.
--dot-trunc-ratio=0.095 The maximum ratio to detect if dot truncation was successfull.
--dot-trunc-also-unix Use this if dot-truncation should also be tested on unix servers.
--force-os=OS Forces fimap to test only files for the OS.
OS can be 'unix' or 'windows'
## Attack Kit:
-x , --exploit Starts an interactive session where you can
select a target and do some action.
-T , --tab-complete Enables TAB-Completation in exploit mode. Needs readline module.
Use this if you want to be able to tab-complete thru remote
files\dirs. Eats an extra request for every 'cd' command.
## Disguise Kit:
-A , --user-agent=UA The User-Agent which should be sent.
--http-proxy=PROXY Setup your proxy with this option. But read this facts:
* The googlescanner will ignore the proxy to get the URLs,
but the pentest\attack itself will go thru proxy.
* PROXY should be in format like this: 127.0.0.1:8080
* It's experimental
--show-my-ip Shows your internet IP, current country and user-agent.
Useful if you want to test your vpn\proxy config.
## Plugins:
--plugins List all loaded plugins and quit after that.
-I , --install-plugins Shows some official exploit-mode plugins you can install
and\or upgrade.
## Other:
--update-def Checks and updates your definition files found in the
config directory.
--test-rfi A quick test to see if you have configured RFI nicely.
--merge-xml=XMLFILE Use this if you have another fimap XMLFILE you want to
include to your own fimap_result.xml.
-C , --enable-color Enables a colorful output. Works only in linux!
--force-run Ignore the instance check and just run fimap even if a lockfile
exists. WARNING: This may erase your fimap_results.xml file!
-v , --verbose=LEVEL Verbose level you want to receive.
LEVEL=3 -> Debug
LEVEL=2 -> Info(Default)
LEVEL=1 -> Messages
LEVEL=0 -> High-Level
--credits Shows some credits.
--greetings Some greetings ;)
-h , --help Shows this cruft.
## Examples:
1. Scan a single URL for FI errors:
./fimap.py -u 'http://localhost/test.php?file=bang&id=23'
2. Scan a list of URLS for FI errors:
./fimap.py -m -l '/tmp/urllist.txt'
3. Scan Google search results for FI errors:
./fimap.py -g -q 'inurl:include.php'
4. Harvest all links of a webpage with recurse level of 3 and
write the URLs to /tmp/urllist
./fimap.py -H -u 'http://localhost' -d 3 -w /tmp/urllist
```
Example Usage
-------
Links
-------

33
tools/grabber.md Normal file
View File

@@ -0,0 +1,33 @@
# grabber
Notes
-------
Help Text
-------
```
Usage: grabber [options]
Options:
-h, --help show this help message and exit
-u ARCHIVES_URL, --url=ARCHIVES_URL
Adress to investigate
-s, --sql Look for the SQL Injection
-x, --xss Perform XSS attacks
-b, --bsql Look for blind SQL Injection
-z, --backup Look for backup files
-d SPIDER, --spider=SPIDER
Look for every files
-i, --include Perform File Insertion attacks
-j, --javascript Test the javascript code ?
-c, --crystal Simple crystal ball test.
-e, --session Session evaluations
```
Example Usage
-------
Links
-------

74
tools/joomscan.md Normal file
View File

@@ -0,0 +1,74 @@
# joomscan
Notes
-------
Help Text
-------
```
..|''|| '|| '||' '|' | .|'''.| '||''|.
.|' || '|. '|. .' ||| ||.. ' || ||
|| || || || | | || ''|||. ||...|'
'|. || ||| ||| .''''|. . '|| ||
''|...|' | | .|. .||. |'....|' .||.
=================================================================
OWASP Joomla! Vulnerability Scanner v0.0.4
(c) Aung Khant, aungkhant]at[yehg.net
YGN Ethical Hacker Group, Myanmar, http://yehg.net/lab
Update by: Web-Center, http://web-center.si (2011)
=================================================================
Vulnerability Entries: 611
Last update: February 2, 2012
Usage: ./joomscan.pl -u <string> -x proxy:port
-u <string> = joomla Url
==Optional==
-x <string:int> = proXy to tunnel
-c <string> = Cookie (name=value;)
-g "<string>" = desired useraGent string(within ")
-nv = No Version fingerprinting check
-nf = No Firewall detection check
-nvf/-nfv = No version+firewall check
-pe = Poke version only and Exit
-ot = Output to Text file (target-joexploit.txt)
-oh = Output to Html file (target-joexploit.htm)
-vu = Verbose (output every Url scan)
-sp = Show completed Percentage
~Press ENTER key to continue
Example: ./joomscan.pl -u victim.com -x localhost:8080
Check: ./joomscan.pl check
- Check if the scanner update is available or not.
Update: ./joomscan.pl update
- Check and update the local database if newer version is available.
Download: ./joomscan.pl download
- Download the scanner latest version as a single zip file - joomscan-latest.zip.
Defense: ./joomscan.pl defense
- Give a defensive note.
About: ./joomscan.pl story
- A short story about joomscan.
Read: ./joomscan.pl read DOCFILE
DOCFILE - changelog,release_note,readme,credits,faq,owasp_project
```
Example Usage
-------
Links
-------

56
tools/padbuster.md Normal file
View File

@@ -0,0 +1,56 @@
# padbuster
Notes
-------
Help Text
-------
```
+-------------------------------------------+
| PadBuster - v0.3.3 |
| Brian Holyfield - Gotham Digital Science |
| labs@gdssecurity.com |
+-------------------------------------------+
Use: padBuster.pl URL EncryptedSample BlockSize [options]
Where: URL = The target URL (and query string if applicable)
EncryptedSample = The encrypted value you want to test. Must
also be present in the URL, PostData or a Cookie
BlockSize = The block size being used by the algorithm
Options:
-auth [username:password]: HTTP Basic Authentication
-bruteforce: Perform brute force against the first block
-ciphertext [Bytes]: CipherText for Intermediate Bytes (Hex-Encoded)
-cookies [HTTP Cookies]: Cookies (name1=value1; name2=value2)
-encoding [0-4]: Encoding Format of Sample (Default 0)
0=Base64, 1=Lower HEX, 2=Upper HEX
3=.NET UrlToken, 4=WebSafe Base64
-encodedtext [Encoded String]: Data to Encrypt (Encoded)
-error [Error String]: Padding Error Message
-headers [HTTP Headers]: Custom Headers (name1::value1;name2::value2)
-interactive: Prompt for confirmation on decrypted bytes
-intermediate [Bytes]: Intermediate Bytes for CipherText (Hex-Encoded)
-log: Generate log files (creates folder PadBuster.DDMMYY)
-noencode: Do not URL-encode the payload (encoded by default)
-noiv: Sample does not include IV (decrypt first block)
-plaintext [String]: Plain-Text to Encrypt
-post [Post Data]: HTTP Post Data String
-prefix [Prefix]: Prefix bytes to append to each sample (Encoded)
-proxy [address:port]: Use HTTP/S Proxy
-proxyauth [username:password]: Proxy Authentication
-resume [Block Number]: Resume at this block number
-usebody: Use response body content for response analysis phase
-verbose: Be Verbose
-veryverbose: Be Very Verbose (Debug Only)
```
Example Usage
-------
Links
-------

90
tools/skipfish.md Normal file
View File

@@ -0,0 +1,90 @@
# skipfish
Notes
-------
Help Text
-------
```
skipfish web application scanner - version 2.10b
Usage: skipfish [ options ... ] -W wordlist -o output_dir start_url [ start_url2 ... ]
Authentication and access options:
-A user:pass - use specified HTTP authentication credentials
-F host=IP - pretend that 'host' resolves to 'IP'
-C name=val - append a custom cookie to all requests
-H name=val - append a custom HTTP header to all requests
-b (i|f|p) - use headers consistent with MSIE / Firefox / iPhone
-N - do not accept any new cookies
--auth-form url - form authentication URL
--auth-user user - form authentication user
--auth-pass pass - form authentication password
--auth-verify-url - URL for in-session detection
Crawl scope options:
-d max_depth - maximum crawl tree depth (16)
-c max_child - maximum children to index per node (512)
-x max_desc - maximum descendants to index per branch (8192)
-r r_limit - max total number of requests to send (100000000)
-p crawl% - node and link crawl probability (100%)
-q hex - repeat probabilistic scan with given seed
-I string - only follow URLs matching 'string'
-X string - exclude URLs matching 'string'
-K string - do not fuzz parameters named 'string'
-D domain - crawl cross-site links to another domain
-B domain - trust, but do not crawl, another domain
-Z - do not descend into 5xx locations
-O - do not submit any forms
-P - do not parse HTML, etc, to find new links
Reporting options:
-o dir - write output to specified directory (required)
-M - log warnings about mixed content / non-SSL passwords
-E - log all HTTP/1.0 / HTTP/1.1 caching intent mismatches
-U - log all external URLs and e-mails seen
-Q - completely suppress duplicate nodes in reports
-u - be quiet, disable realtime progress stats
-v - enable runtime logging (to stderr)
Dictionary management options:
-W wordlist - use a specified read-write wordlist (required)
-S wordlist - load a supplemental read-only wordlist
-L - do not auto-learn new keywords for the site
-Y - do not fuzz extensions in directory brute-force
-R age - purge words hit more than 'age' scans ago
-T name=val - add new form auto-fill rule
-G max_guess - maximum number of keyword guesses to keep (256)
-z sigfile - load signatures from this file
Performance settings:
-g max_conn - max simultaneous TCP connections, global (40)
-m host_conn - max simultaneous connections, per target IP (10)
-f max_fail - max number of consecutive HTTP errors (100)
-t req_tmout - total request response timeout (20 s)
-w rw_tmout - individual network I/O timeout (10 s)
-i idle_tmout - timeout on idle HTTP connections (10 s)
-s s_limit - response size limit (400000 B)
-e - do not keep binary responses for reporting
Other settings:
-l max_req - max requests per second (0.000000)
-k duration - stop scanning after the given duration h:m:s
--config file - load the specified configuration file
Send comments and complaints to <heinenn@google.com>.
```
Example Usage
-------
Links
-------

38
tools/w3af.md Normal file
View File

@@ -0,0 +1,38 @@
# w3af
Notes
-------
I had to install this with my version of kali
Also recommended that pip is installed with the package
Help Text
-------
```
This is a graphical tool
w3af - Web Application Attack and Audit Framework
Usage:
./w3af_gui [OPTIONS]
Options:
-h or --help
Display this help message.
-p <profile> or --profile=<profile>
Run with the selected <profile>
For more info visit http://w3af.org/
```
Example Usage
-------
Links
-------

108
tools/wapti.md Normal file
View File

@@ -0,0 +1,108 @@
# wapti
Notes
-------
Help Text
-------
```
Wapiti-SVN - A web application vulnerability scanner
Usage: python wapiti.py http://server.com/base/url/ [options]
Supported options are:
-s <url>
--start <url>
To specify an url to start with
-x <url>
--exclude <url>
To exclude an url from the scan (for example logout scripts)
You can also use a wildcard (*)
Example : -x http://server/base/?page=*&module=test
or -x http://server/base/admin/* to exclude a directory
-p <url_proxy>
--proxy <url_proxy>
To specify a proxy
Example: -p http://proxy:port/
-c <cookie_file>
--cookie <cookie_file>
To use a cookie
-t <timeout>
--timeout <timeout>
To fix the timeout (in seconds)
-a <login%password>
--auth <login%password>
Set credentials for HTTP authentication
Doesn't work with Python 2.4
-r <parameter_name>
--remove <parameter_name>
Remove a parameter from URLs
-n <limit>
--nice <limit>
Define a limit of urls to read with the same pattern
Use this option to prevent endless loops
Must be greater than 0
-m <module_options>
--module <module_options>
Set the modules and HTTP methods to use for attacks.
Example: -m "-all,xss:get,exec:post"
-u
--underline
Use color to highlight vulnerables parameters in output
-v <level>
--verbose <level>
Set the verbosity level
0: quiet (default), 1: print each url, 2: print every attack
-b <scope>
--scope <scope>
Set the scope of the scan:
+ "page": to analyse only the page passed in the URL
+ "folder":to analyse all the links to the pages which are in the same folder as the URL passed to Wapiti.
+ "domain":to analyse all the links to the pages which are in the same domain as the URL passed to Wapiti.
If no scope is set, Wapiti scans all the tree under the given URL.
-f <type_file>
--reportType <type_file>
Set the type of the report
xml: Report in XML format
html: Report in HTML format
txt: Report in plain text
-o <output>
--output <output_file>
Set the name of the report file
If the selected report type is 'html', this parameter must be a directory
-i <file>
--continue <file>
This parameter indicates Wapiti to continue with the scan from the specified file, this file should contain data from a previous scan.
The file is optional, if it is not specified, Wapiti takes the default file from the "scans" folder.
-k <file>
--attack <file>
This parameter indicates Wapiti to perform attacks without scanning again the website and following the data of this file.
The file is optional, if it is not specified, Wapiti takes the default file from the "scans" folder.
-h
--help
To print this usage message
```
Example Usage
-------
Links
-------

19
tools/webshag-gui.md Normal file
View File

@@ -0,0 +1,19 @@
# webshag-gui
Notes
-------
Help Text
-------
```
This is a graphical tool
root@kali:~# webshag-gui
```
Example Usage
-------
Links
-------

150
tools/whatweb.md Normal file
View File

@@ -0,0 +1,150 @@
# whatweb
Notes
-------
Help Text
-------
```
.$$$ $. .$$$ $.
$$$$ $$. .$$$ $$$ .$$$$$$. .$$$$$$$$$$. $$$$ $$. .$$$$$$$. .$$$$$$.
$ $$ $$$ $ $$ $$$ $ $$$$$$. $$$$$ $$$$$$ $ $$ $$$ $ $$ $$ $ $$$$$$.
$ `$ $$$ $ `$ $$$ $ `$ $$$ $$' $ `$ `$$ $ `$ $$$ $ `$ $ `$ $$$'
$. $ $$$ $. $$$$$$ $. $$$$$$ `$ $. $ :' $. $ $$$ $. $$$$ $. $$$$$.
$::$ . $$$ $::$ $$$ $::$ $$$ $::$ $::$ . $$$ $::$ $::$ $$$$
$;;$ $$$ $$$ $;;$ $$$ $;;$ $$$ $;;$ $;;$ $$$ $$$ $;;$ $;;$ $$$$
$$$$$$ $$$$$ $$$$ $$$ $$$$ $$$ $$$$ $$$$$$ $$$$$ $$$$$$$$$ $$$$$$$$$'
WhatWeb - Next generation web scanner.
Version 0.4.8-dev by Andrew Horton aka urbanadventurer
Homepage: http://www.morningstarsecurity.com/research/whatweb
Usage: whatweb [options] <URLs>
TARGET SELECTION:
<URLs> Enter URLs, filenames or nmap-format IP ranges.
Use /dev/stdin to pipe HTML directly
--input-file=FILE, -i Identify URLs found in FILE, eg. -i /dev/stdin
TARGET MODIFICATION:
--url-prefix Add a prefix to target URLs
--url-suffix Add a suffix to target URLs
--url-pattern Insert the targets into a URL. Requires --input-file,
eg. www.example.com/%insert%/robots.txt
AGGRESSION:
The aggression level controls the trade-off between speed/stealth and
reliability.
--aggression, -a=LEVEL Set the aggression level. Default: 1
Aggression levels are:
1. Stealthy Makes one HTTP request per target. Also follows redirects.
2. Unused
3. Aggressive Can make a handful of HTTP requests per target. This triggers
aggressive plugins for targets only when those plugins are
identified with a level 1 request first.
4. Heavy Makes a lot of HTTP requests per target. Aggressive tests from
all plugins are used for all URLs.
HTTP OPTIONS:
--user-agent, -U=AGENT Identify as AGENT instead of WhatWeb/0.4.8-dev.
--header, -H Add an HTTP header. eg "Foo:Bar". Specifying a default
header will replace it. Specifying an empty value, eg.
"User-Agent:" will remove the header.
--follow-redirect=WHEN Control when to follow redirects. WHEN may be `never',
`http-only', `meta-only', `same-site', `same-domain'
or `always'. Default: always
--max-redirects=NUM Maximum number of contiguous redirects. Default: 10
AUTHENTICATION:
--user, -u=<user:password> HTTP basic authentication
Add session cookies with --header, e.g. --header "Cookie: SESSID=1a2b3c;"
PROXY:
--proxy <hostname[:port]> Set proxy hostname and port
Default: 8080
--proxy-user <username:password> Set proxy user and password
PLUGINS:
--list-plugins, -l List all plugins
--plugins, -p=LIST Select plugins. LIST is a comma delimited set of
selected plugins. Default is all.
Each element can be a directory, file or plugin name and
can optionally have a modifier, eg. + or -
Examples: +/tmp/moo.rb,+/tmp/foo.rb
title,md5,+./plugins-disabled/
./plugins-disabled,-md5
-p + is a shortcut for -p +plugins-disabled
--info-plugins, -I=PLUGINS Display detailed information for plugins.
Optionally search with keywords in a comma delimited
list.
--grep, -g=STRING Search for STRING in HTTP responses. Reports with a
plugin named Grep
--custom-plugin=DEFINITION Define a custom plugin named Custom-Plugin,
Examples: ":text=>'powered by abc'"
":version=>/powered[ ]?by ab[0-9]/"
":ghdb=>'intitle:abc \"powered by abc\"'"
":md5=>'8666257030b94d3bdb46e05945f60b42'"
"{:text=>'powered by abc'},{:regexp=>/abc [ ]?1/i}"
--dorks=PLUGIN List google dorks for the selected plugin
--example-urls, -e=PLUGIN Update the target list with example URLs from
the selected plugins.
OUTPUT:
--verbose, -v Verbose output includes plugin descriptions. Use twice
for debugging.
--colour,--color=WHEN control whether colour is used. WHEN may be `never',
`always', or `auto'
--quiet, -q Do not display brief logging to STDOUT
--no-errors Suppress error messages
LOGGING:
--log-brief=FILE Log brief, one-line output
--log-verbose=FILE Log verbose output
--log-xml=FILE Log XML format
--log-json=FILE Log JSON format
--log-json-verbose=FILE Log JSON Verbose format
--log-magictree=FILE Log MagicTree XML format
--log-object=FILE Log Ruby object inspection format
--log-mongo-database Name of the MongoDB database
--log-mongo-collection Name of the MongoDB collection. Default: whatweb
--log-mongo-host MongoDB hostname or IP address. Default: 0.0.0.0
--log-mongo-username MongoDB username. Default: nil
--log-mongo-password MongoDB password. Default: nil
--log-errors=FILE Log errors
PERFORMANCE & STABILITY:
--max-threads, -t Number of simultaneous threads. Default: 25.
--open-timeout Time in seconds. Default: 15
--read-timeout Time in seconds. Default: 30
--wait=SECONDS Wait SECONDS between connections
This is useful when using a single thread.
HELP & MISCELLANEOUS:
--help, -h This help
--debug Raise errors in plugins
--version Display version information. (WhatWeb 0.4.8-dev)
EXAMPLE USAGE:
* Scan example.com
whatweb example.com
* Scan reddit.com slashdot.org with verbose plugin descriptions
whatweb -v reddit.com slashdot.org
* An aggressive scan of mashable.com detects the exact version of Wordpress
whatweb -a 3 mashable.com
* Scan the local network quickly with 255 threads and suppress errors
whatweb --no-errors -t 255 192.168.0.0/24
OPTIONAL DEPENDENCIES
--------------------------------------------------------------------------------
To enable MongoDB logging install the mongo gem.
WARNING: Ruby 1.9 support is experimental. For stable usage use Ruby 1.8 instead. Please report bugs at https://github.com/urbanadventurer/WhatWeb/issue
```
Example Usage
-------
Links
-------

29
webapp/index.md
View File

@@ -56,10 +56,29 @@ Web Crawlers
* [webscarab](../tools/webscarab.md)
* [webslayer](../tools/webslayer.md)
Web VUlnerability Scanners
Web Vulnerability Scanners
-----------
* [tool](../tools/foo.md)
* [tool](../tools/foo.md)
* [tool](../tools/foo.md)
* [burpsuite](../tools/burpsuite.md)
* [cadaver](../tools/cadaver.md)
* [davtest](../tools/davtest.md)
* [deblaze](../tools/deblaze.md)
* [fimap](../tools/fimap.md)
* [golismero](../tools/golismero.md)
* [grabber](../tools/grabber.md)
* [joomscan](../tools/joomscan.md)
* [nikto](../tools/nikto.md)
* [owasp-zap](../tools/owasp-zap.md)
* [padbusterl](../tools/padbuster.md)
* [proxystrike](../tools/proxystrike.md)
* [skipfish](../tools/skipfish.md)
* [sqlmap](../tools/sqlmap.md)
* [vega](../tools/vega.md)
* [w3af](../tools/w3af.md)
* [wapiti](../tools/wapti.md)
* [webscarab](../tools/webscarab.md)
* [webshag-gui](../tools/webshag-gui.md)
* [websploit](../tools/websploit.md)
* [whatweb](../tools/whatweb.md)
* [wpscan](../tools/wpscan.md)
* [xsser](../tools/xsser.md)