Skip to content
GitLab

Command line user interface · Changes

Page history
Updated Command-line-user-interface (markdown) authored by Tasos Laskos's avatar Tasos Laskos
Show whitespace changes
Inline Side-by-side
guides/user/Command-line-user-interface.md
View page @ 0c1d463c
...@@ -98,10 +98,8 @@ in the [knowledge base](http://support.arachni-scanner.com/kb/). ...@@ -98,10 +98,8 @@ in the [knowledge base](http://support.arachni-scanner.com/kb/).
* [Scope](#scope) * [Scope](#scope)
* [Include (--scope-include-pattern)](#scope-include-pattern) * [Include (--scope-include-pattern)](#scope-include-pattern)
* [Include subdomains (--scope-include-subdomains)](#scope-include-subdomains) * [Include subdomains (--scope-include-subdomains)](#scope-include-subdomains)
* [Exclude (--exclude/-e)](#exclude) * [Exclude (--scope-exclude-patterns)](#scope-exclude-patterns)
* [Example](#exclude_example) * [Exclude page by content (--exclude-content-pattern)](#exclude-content-pattern)
* [Exclude page by content (--exclude-page)](#exclude-page)
* [Example](#exclude-page_example)
* [Redundant (--redundant)](#redundant) * [Redundant (--redundant)](#redundant)
* [Auto-redundant (--auto-redundant)](#auto-redundant) * [Auto-redundant (--auto-redundant)](#auto-redundant)
* [Example](#auto-redundant_example) * [Example](#auto-redundant_example)
...@@ -474,7 +472,7 @@ Cookies, as a string, to be sent to the web application. ...@@ -474,7 +472,7 @@ Cookies, as a string, to be sent to the web application.
<h4 id='http-cookie-string_example'><a href='#http-cookie-string_example'>Example</a></h4> <h4 id='http-cookie-string_example'><a href='#http-cookie-string_example'>Example</a></h4>
--cookie-string='userid=19;sessionid=deadbeefbabe' --http-cookie-string='userid=19;sessionid=deadbeefbabe'
<h3 id='http-authentication-username'><a href='#http-authentication-username'>Authentication username (--http-authentication-username)</a></h3> <h3 id='http-authentication-username'><a href='#http-authentication-username'>Authentication username (--http-authentication-username)</a></h3>
...@@ -614,115 +612,26 @@ Restricts the scope of the scan to resources whose URL matches any of the specif ...@@ -614,115 +612,26 @@ Restricts the scope of the scan to resources whose URL matches any of the specif
Allow the system to include subdomains in the scan. Allow the system to include subdomains in the scan.
<h3 id='exclude'><a href='#exclude'>Exclude (--exclude/-e)</a></h3> <h3 id='scope-exclude-patterns'><a href='#scope-exclude-patterns'>Exclude (--scope-exclude-patterns)</a></h3>
**Expects**: `regexp` **Expects**: `pattern`
**Default**: `disabled` **Default**: `disabled`
**Multiple invocations?**: `yes` **Multiple invocations?**: `yes`
The `--exclude` option expects a regular expression or plain string and excludes URLs matching that expression from the crawling process. Excludes resources whose URL matches any of these patterns.
<h4 id='exclude_example'><a href='#exclude_example'>Example</a></h4>
In this simple example we tell Arachni to exclude all URLs that contain the string _xss_.
Thus no further action was taken.
```
$ arachni http://testfire.net --modules=xss --exclude=testfire
Arachni - Web Application Security Scanner Framework v0.4.2
Author: Tasos "Zapotek" Laskos <tasos.laskos@gmail.com>
(With the support of the community and the Arachni Team.) <h3 id='exclude-content-pattern'><a href='#exclude-content-pattern'>Exclude page by content (--exclude-content-pattern)</a></h3>
Website: http://arachni-scanner.com **Expects**: `pattern`
Documentation: http://arachni-scanner.com/wiki
[~] No audit options were specified.
[~] -> Will audit links, forms and cookies.
[*] Initialising...
[*] Waiting for plugins to settle...
[*] Resolver: Resolving hostnames...
[*] Resolver: Done!
[*] Dumping audit results in '2012-09-09 02.38.18 +0300.afr'.
[*] Done!
[+] Web Application Security Report - Arachni Framework
[~] Report generated on: 2012-09-09 02:38:18 +0300
[~] Report false positives at: http://github.com/Arachni/arachni/issues
[+] System settings:
[~] ---------------
[~] Version: 0.4.1dev
[~] Revision: 0.2.7
[~] Audit started on: Sun Sep 9 02:38:15 2012
[~] Audit finished on: Sun Sep 9 02:38:16 2012
[~] Runtime: 00:00:01
[~] URL: http://testfire.net/
[~] User agent: Arachni/v0.4.2
[*] Audited elements:
[~] * Links
[~] * Forms
[~] * Cookies
[*] Modules: xss
[*] Filters:
[~] Exclude:
[~] (?-mix:testfire)
[~] =
[+] 0 issues were detected.
[+] Plugin data:
[~] ---------------
[~] 0.0% [=> ] 100%
[~] Est. remaining time: --:--:--
[~] Crawling, discovered 0 pages and counting.
[~] Sent 0 requests.
[~] Received and analyzed 0 responses.
[~] In 00:00:01
[~] Average: 0 requests/second.
[~] Burst response time total 0
[~] Burst response count total 0
[~] Burst average response time 0
[~] Burst average 0 requests/second
[~] Timed-out requests 0
[~] Original max concurrency 20
[~] Throttled max concurrency 20
```
<h3 id='exclude-page'><a href='#exclude-page'>Exclude page by content (--exclude-page)</a></h3>
**Expects**: `regexp`
**Default**: `disabled` **Default**: `disabled`
**Multiple invocations?**: `yes` **Multiple invocations?**: `yes`
The `--exclude-page` option expects a regular expression or plain string Excludes pages whose content matches any of the given patterns.
and excludes pages whose content matching that expression from the crawl process.
<h3 id='redundant'><a href='#redundant'>Redundant (--redundant)</a></h3> <h3 id='redundant'><a href='#redundant'>Redundant (--redundant)</a></h3>
......