| ... | ... | @@ -1454,7 +1454,7 @@ If enabled, the scan will be suspended when the `--timeout` is reached, instead |
|
|
|
|
|
|
|
```
|
|
|
|
$ arachni -h
|
|
|
|
Arachni - Web Application Security Scanner Framework v1.3.2
|
|
|
|
Arachni - Web Application Security Scanner Framework v1.4
|
|
|
|
Author: Tasos "Zapotek" Laskos <tasos.laskos@arachni-scanner.com>
|
|
|
|
|
|
|
|
(With the support of the community and the Arachni Team.)
|
| ... | ... | @@ -1479,7 +1479,7 @@ Generic |
|
|
|
Output
|
|
|
|
--output-verbose Show verbose output.
|
|
|
|
|
|
|
|
--output-debug [LEVEL 1-3]
|
|
|
|
--output-debug [LEVEL 1-4]
|
|
|
|
Show debugging information.
|
|
|
|
|
|
|
|
--output-only-positives Only output positive results.
|
| ... | ... | @@ -1498,6 +1498,9 @@ Scope |
|
|
|
Exclude resources whose path/action matches PATTERN.
|
|
|
|
(Can be used multiple times.)
|
|
|
|
|
|
|
|
--scope-exclude-file-extensions EXTENSION,EXTENSION2,..
|
|
|
|
Exclude resources with the specified extensions.
|
|
|
|
|
|
|
|
--scope-exclude-content-pattern PATTERN
|
|
|
|
Exclude pages whose content matches PATTERN.
|
|
|
|
(Can be used multiple times.)
|
| ... | ... | @@ -1578,6 +1581,9 @@ Audit |
|
|
|
|
|
|
|
--audit-parameter-names Inject payloads into parameter names.
|
|
|
|
|
|
|
|
--audit-with-raw-payloads
|
|
|
|
Inject payloads with and without HTTP encoding.
|
|
|
|
|
|
|
|
--audit-with-extra-parameter
|
|
|
|
Inject payloads into extra element parameters.
|
|
|
|
|
| ... | ... | @@ -1611,7 +1617,7 @@ Input |
|
|
|
HTTP
|
|
|
|
--http-user-agent USER_AGENT
|
|
|
|
Value for the 'User-Agent' HTTP request header.
|
|
|
|
(Default: Arachni/v1.3.2)
|
|
|
|
(Default: Arachni/v2.0dev)
|
|
|
|
|
|
|
|
--http-request-concurrency MAX_CONCURRENCY
|
|
|
|
Maximum HTTP request concurrency.
|
| ... | ... | @@ -1659,7 +1665,7 @@ HTTP |
|
|
|
--http-proxy-authentication USERNAME:PASSWORD
|
|
|
|
Proxy authentication credentials.
|
|
|
|
|
|
|
|
--http-proxy-type http,http_1_0,socks4,socks5,socks4a
|
|
|
|
--http-proxy-type http,http_1_0,socks4,socks4a,socks5,socks5h
|
|
|
|
Proxy type.
|
|
|
|
(Default: auto)
|
|
|
|
|
| ... | ... | @@ -1693,8 +1699,8 @@ HTTP |
|
|
|
|
|
|
|
|
|
|
|
Checks
|
|
|
|
--checks-list [PATTERN] List available checks based on the provided pattern.
|
|
|
|
(If no pattern is provided all checks will be listed.)
|
|
|
|
--checks-list [GLOB] List available checks based on the provided glob.
|
|
|
|
(If no glob is provided all checks will be listed.)
|
|
|
|
|
|
|
|
--checks CHECK,CHECK2,...
|
|
|
|
Comma separated list of checks to load.
|
| ... | ... | @@ -1713,9 +1719,8 @@ Checks |
|
|
|
|
|
|
|
|
|
|
|
Plugins
|
|
|
|
--plugins-list [PATTERN]
|
|
|
|
List available plugins based on the provided pattern.
|
|
|
|
(If no pattern is provided all plugins will be listed.)
|
|
|
|
--plugins-list [GLOB] List available plugins based on the provided glob.
|
|
|
|
(If no glob is provided all plugins will be listed.)
|
|
|
|
|
|
|
|
--plugin 'PLUGIN:OPTION=VALUE,OPTION2=VALUE2'
|
|
|
|
PLUGIN is the name of the plugin as displayed by '--plugins-list'.
|
| ... | ... | |
