Skip to content
GitLab

Command line user interface · Changes

Page history
Switched id attributes to name authored by Tasos Laskos's avatar Tasos Laskos
Hide whitespace changes
Inline Side-by-side
guides/user/Command-line-user-interface.md
View page @ f1c2d3a4
......@@ -154,9 +154,9 @@ in the [knowledge base](http://support.arachni-scanner.com/kb/).
* [Timeout (--timeout)](#timeout)
* [Suspend (--timeout-suspend)](#timeout-suspend)
<h2 id='generic'><a href='#generic'>Generic</a></h2>
<h2 name='generic'><a href='#generic'>Generic</a></h2>
<h3 id='version'><a href='#version'>Version (--version)</a></h3>
<h3 name='version'><a href='#version'>Version (--version)</a></h3>
**Expects**: `<n/a>`
......@@ -166,7 +166,7 @@ in the [knowledge base](http://support.arachni-scanner.com/kb/).
Outputs the Arachni banner and version information.
<h3 id='authorized-by'><a href='#authorized-by'>Authorized by (--authorized-by)</a></h3>
<h3 name='authorized-by'><a href='#authorized-by'>Authorized by (--authorized-by)</a></h3>
**Expects**: `string`
......@@ -177,9 +177,9 @@ Outputs the Arachni banner and version information.
The string passed to this option will be used as the value for the `From` HTTP reuest header field.
The option value should be the e-mail address of the person who authorized the scan.
<h2 id='output'><a href='#output'>Output</a></h2>
<h2 name='output'><a href='#output'>Output</a></h2>
<h3 id='output-verbose'><a href='#output-verbose'>Verbose (--output-verbose)</a></h3>
<h3 name='output-verbose'><a href='#output-verbose'>Verbose (--output-verbose)</a></h3>
**Expects**: `<n/a>`
......@@ -189,7 +189,7 @@ The option value should be the e-mail address of the person who authorized the s
When verbose messages are enabled, Arachni will give you detailed information about what's going on during the whole process.
<h4 id='output-verbose_example'><a href='#output-verbose_example'>Example</a></h4>
<h4 name='output-verbose_example'><a href='#output-verbose_example'>Example</a></h4>
Let's give this a try:
......@@ -337,7 +337,7 @@ Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Cookie: ASP.NET_SessionId=e4h4wy45jmb5vkrg0wl1rj45;amSessionId=15420499882
```
<h3 id='output-debug'><a href='#output-debug'>Debug (--output-debug)</a></h3>
<h3 name='output-debug'><a href='#output-debug'>Debug (--output-debug)</a></h3>
**Expects**: `integer`
......@@ -355,7 +355,7 @@ If you don't want to be flooded by annoying and obscure messages, you can pipe d
arachni http://example.com --output-debug 2> debug.log
```
<h3 id='output-only-positives'><a href='#output-only-positives'>Only positives (--output-only-positives)</a></h3>
<h3 name='output-only-positives'><a href='#output-only-positives'>Only positives (--output-only-positives)</a></h3>
**Expects**: `<n/a>`
......@@ -366,11 +366,11 @@ arachni http://example.com --output-debug 2> debug.log
This will suppress all messages except for for the ones denoting sucess -- usually regarding the discovery of some issue.
<h2 id='scope'><a href='#scope'>Scope</a></h2>
<h2 name='scope'><a href='#scope'>Scope</a></h2>
* `pattern` refers to valid Ruby regular expressions without being enclosed by `/`.
<h3 id='scope-include-pattern'><a href='#scope-include-pattern'>Include (--scope-include-pattern)</a></h3>
<h3 name='scope-include-pattern'><a href='#scope-include-pattern'>Include (--scope-include-pattern)</a></h3>
**Expects**: `pattern`
......@@ -380,7 +380,7 @@ This will suppress all messages except for for the ones denoting sucess -- usual
Restricts the scope of the scan to resources whose URL matches the pattern.
<h3 id='scope-include-subdomains'><a href='#scope-include-subdomains'>Include subdomains (--scope-include-subdomains)</a></h3>
<h3 name='scope-include-subdomains'><a href='#scope-include-subdomains'>Include subdomains (--scope-include-subdomains)</a></h3>
**Expects**: `<n/a>`
......@@ -390,7 +390,7 @@ Restricts the scope of the scan to resources whose URL matches the pattern.
Allow the system to include subdomains in the scan.
<h3 id='scope-exclude-patterns'><a href='#scope-exclude-patterns'>Exclude (--scope-exclude-patterns)</a></h3>
<h3 name='scope-exclude-patterns'><a href='#scope-exclude-patterns'>Exclude (--scope-exclude-patterns)</a></h3>
**Expects**: `pattern`
......@@ -401,7 +401,7 @@ Allow the system to include subdomains in the scan.
Excludes resources whose URL matches the pattern.
<h3 id='scope-exclude-content-pattern'><a href='#scope-exclude-content-pattern'>Exclude page by content (--scope-exclude-content-pattern)</a></h3>
<h3 name='scope-exclude-content-pattern'><a href='#scope-exclude-content-pattern'>Exclude page by content (--scope-exclude-content-pattern)</a></h3>
**Expects**: `pattern`
......@@ -411,7 +411,7 @@ Excludes resources whose URL matches the pattern.
Excludes pages whose content matches the pattern.
<h3 id='scope-exclude-binaries'><a href='#scope-exclude-binaries'>Exclude binaries (--scope-exclude-binaries)</a></h3>
<h3 name='scope-exclude-binaries'><a href='#scope-exclude-binaries'>Exclude binaries (--scope-exclude-binaries)</a></h3>
**Expects**: `<n/a>`
......@@ -424,7 +424,7 @@ Excludes pages with binary content.
**Note**: Binary content can confuse passive check that perform pattern matching.
<h3 id='scope-redundant-path-pattern'><a href='#scope-redundant-path-pattern'>Redundant (--scope-redundant-path-pattern)</a></h3>
<h3 name='scope-redundant-path-pattern'><a href='#scope-redundant-path-pattern'>Redundant (--scope-redundant-path-pattern)</a></h3>
**Expects**: `pattern:integer`
......@@ -440,7 +440,7 @@ This will cause URLs that contain `calendar.php` to be crawled only 3 times.
This option is useful when scanning websites that have a lot of redundant pages like a photo gallery or a dynamically generated calendar.
<h3 id='scope-auto-redundant'><a href='#scope-auto-redundant'>Auto-redundant (--scope-auto-redundant)</a></h3>
<h3 name='scope-auto-redundant'><a href='#scope-auto-redundant'>Auto-redundant (--scope-auto-redundant)</a></h3>
**Expects**: `integer`
......@@ -453,7 +453,7 @@ This option limits how many resources with URLs with identical parameters should
This can prevent infinite loops caused by pages like photo galleries or catalogues.
<h4 id='scope-auto-redundant_example'><a href='#scope-auto-redundant_example'>Example</a></h4>
<h4 name='scope-auto-redundant_example'><a href='#scope-auto-redundant_example'>Example</a></h4>
With `--scope-auto-redundant=2` and given the following list of URLs:
......@@ -478,7 +478,7 @@ http://test.com/?stuff=blah&stuff2=2
http://test.com/path.php?stuff=blah&stuff2=1
```
<h3 id='scope-directory-depth-limit'><a href='#scope-directory-depth-limit'>Directory depth limit (--scope-directory-depth-limit)</a></h3>
<h3 name='scope-directory-depth-limit'><a href='#scope-directory-depth-limit'>Directory depth limit (--scope-directory-depth-limit)</a></h3>
**Expects**: `integer`
......@@ -489,7 +489,7 @@ http://test.com/path.php?stuff=blah&stuff2=1
This option limits how deep into the site structure the scan should go.
<h3 id='scope-page-limit'><a href='#scope-page-limit'>Page limit (--scope-page-limit)</a></h3>
<h3 name='scope-page-limit'><a href='#scope-page-limit'>Page limit (--scope-page-limit)</a></h3>
**Expects**: `integer`
......@@ -500,7 +500,7 @@ This option limits how deep into the site structure the scan should go.
This option limits how many pages should be included in the scan.
<h3 id='scope-extend-paths'><a href='#scope-extend-paths'>Extend paths (--scope-extend-paths)</a></h3>
<h3 name='scope-extend-paths'><a href='#scope-extend-paths'>Extend paths (--scope-extend-paths)</a></h3>
**Expects**: `filepath`
......@@ -513,7 +513,7 @@ Allows you to extend the scope of the scan by seeding the system with the paths
**Note**: The file must contains one path per line.
<h3 id='scope-restrict-paths'><a href='#scope-restrict-paths'>Restrict paths (--scope-restrict-paths)</a></h3>
<h3 name='scope-restrict-paths'><a href='#scope-restrict-paths'>Restrict paths (--scope-restrict-paths)</a></h3>
**Expects**: `filepath`
......@@ -526,7 +526,7 @@ Uses the paths contained within the given file instead of performing a crawl.
**Note**: The file must contains one path per line.
<h3 id='scope-url-rewrite'><a href='#scope-url-rewrite'>URL rewrite (--scope-url-rewrite)</a></h3>
<h3 name='scope-url-rewrite'><a href='#scope-url-rewrite'>URL rewrite (--scope-url-rewrite)</a></h3>
**Expects**: `pattern:substitution`
......@@ -540,7 +540,7 @@ This option expects a pattern and a substitution, like so:
The above will rewrite the URL `http://test.com/articles/some-stuff/23` as `http://test.com/articles.php?id=23`.
<h3 id='scope-dom-depth-limit'><a href='#scope-dom-depth-limit'>DOM depth limit (--scope-dom-depth-limit)</a></h3>
<h3 name='scope-dom-depth-limit'><a href='#scope-dom-depth-limit'>DOM depth limit (--scope-dom-depth-limit)</a></h3>
**Expects**: `integer`
......@@ -553,7 +553,7 @@ This option limits how deep into each page's DOM structure the scan should go.
**Note**: DOM levels are counted as stacked interactions with the page's interface.
<h3 id='scope-https-only'><a href='#scope-https-only'>HTTPS only (--scope-https-only)</a></h3>
<h3 name='scope-https-only'><a href='#scope-https-only'>HTTPS only (--scope-https-only)</a></h3>
**Expects**: `<n/a>`
......@@ -566,9 +566,9 @@ Forces the system to only follow HTTPS URLs.
**Note**: The target URL must be an HTTPS one as well.
<h2 id='audit'><a href='#audit'>Audit</a></h2>
<h2 name='audit'><a href='#audit'>Audit</a></h2>
<h3 id='audit-links'><a href='#audit-links'>Audit links (--audit-links)</a></h3>
<h3 name='audit-links'><a href='#audit-links'>Audit links (--audit-links)</a></h3>
**Expects**: `<n/a>`
......@@ -579,7 +579,7 @@ Forces the system to only follow HTTPS URLs.
Enable auditing of links.
<h3 id='audit-forms'><a href='#audit-forms'>Audit forms (--audit-forms)</a></h3>
<h3 name='audit-forms'><a href='#audit-forms'>Audit forms (--audit-forms)</a></h3>
**Expects**: `<n/a>`
......@@ -590,7 +590,7 @@ Enable auditing of links.
Enable auditing of forms.
<h3 id='audit-cookies'><a href='#audit-cookies'>Audit cookies (--audit-cookies)</a></h3>
<h3 name='audit-cookies'><a href='#audit-cookies'>Audit cookies (--audit-cookies)</a></h3>
**Expects**: `<n/a>`
......@@ -601,7 +601,7 @@ Enable auditing of forms.
Enable auditing of cookies.
<h3 id='audit-cookies-extensively'><a href='#audit-cookies-extensively'>Audit cookies extensively (--audit-cookies-extensively)</a></h3>
<h3 name='audit-cookies-extensively'><a href='#audit-cookies-extensively'>Audit cookies extensively (--audit-cookies-extensively)</a></h3>
**Expects**: `<n/a>`
......@@ -614,7 +614,7 @@ If enabled the system will submit all links and forms of the page along with the
**Warning**: Will severely increase the scan-time.
<h3 id='audit-headers'><a href='#audit-headers'>Audit headers (--audit-headers)</a></h3>
<h3 name='audit-headers'><a href='#audit-headers'>Audit headers (--audit-headers)</a></h3>
**Expects**: `<n/a>`
......@@ -629,7 +629,7 @@ Audit HTTP request headers.
**Warning**: Enabling this option will result in increased requests, maybe by an order of magnitude.
<h3 id='audit-link-template'><a href='#audit-link-template'>Link template (--audit-link-template)</a></h3>
<h3 name='audit-link-template'><a href='#audit-link-template'>Link template (--audit-link-template)</a></h3>
**Expects**: `pattern`
......@@ -640,13 +640,13 @@ Audit HTTP request headers.
This option allows you to extract and audit inputs from generic paths based on a specified template
in the form of a Ruby regular expression using names groups.
<h3 id='audit-link-template_example'><a href='#audit-link-template_example'>Example</a></h3>
<h3 name='audit-link-template_example'><a href='#audit-link-template_example'>Example</a></h3>
To extract the `input1` and `input2` inputs from: `http://test.com/input1/value1/input2/value2`
Use: `/input1\/(?<input1>\w+)\/input2\/(?<input2>\w+)/`
<h3 id='audit-with-both-methods'><a href='#audit-with-both-methods'>With both methods (--audit-with-both-methods)</a></h3>
<h3 name='audit-with-both-methods'><a href='#audit-with-both-methods'>With both methods (--audit-with-both-methods)</a></h3>
**Expects**: `<n/a>`
......@@ -659,7 +659,7 @@ If enabled, the system will submit all elements using both `GET` and `POST` HTTP
**Warning**: Will severely increase the scan-time.
<h3 id='audit-exclude-vector'><a href='#audit-exclude-vector'>Exclude vector (--audit-exclude-vector)</a></h3>
<h3 name='audit-exclude-vector'><a href='#audit-exclude-vector'>Exclude vector (--audit-exclude-vector)</a></h3>
**Expects**: `pattern`
......@@ -670,7 +670,7 @@ If enabled, the system will submit all elements using both `GET` and `POST` HTTP
Don't audit input vectors whose name matches the pattern.
<h3 id='audit-include-vector'><a href='#audit-include-vector'>Include vector (--audit-include-vector)</a></h3>
<h3 name='audit-include-vector'><a href='#audit-include-vector'>Include vector (--audit-include-vector)</a></h3>
**Expects**: `pattern`
......@@ -682,9 +682,9 @@ Don't audit input vectors whose name matches the pattern.
Only audit input vectors whose name matches the pattern.
<h2 id='http'><a href='#http'>HTTP</a></h2>
<h2 name='http'><a href='#http'>HTTP</a></h2>
<h3 id='http-user-agent'><a href='#http-user-agent'>User agent (--http-user-agent)</a></h3>
<h3 name='http-user-agent'><a href='#http-user-agent'>User agent (--http-user-agent)</a></h3>
**Expects**: `string`
......@@ -694,7 +694,7 @@ Only audit input vectors whose name matches the pattern.
Specify a value for the `User-Agent` request header field.
<h3 id='http-request-concurrency'><a href='#http-request-concurrency'>Request concurrency (--http-request-concurrency)</a></h3>
<h3 name='http-request-concurrency'><a href='#http-request-concurrency'>Request concurrency (--http-request-concurrency)</a></h3>
**Expects**: `integer`
......@@ -710,7 +710,7 @@ Sets the maximum amount of requests to be active at any given time; this usually
**Warning**: Given enough bandwidth and a high enough concurrency setting the scan could cause a DoS.
Be careful when setting this option too high, don't kill your server.
<h3 id='http-request-timeout'><a href='#http-request-timeout'>Request timeout (--http-request-timeout)</a></h3>
<h3 name='http-request-timeout'><a href='#http-request-timeout'>Request timeout (--http-request-timeout)</a></h3>
**Expects**: `integer (milliseconds)`
......@@ -721,7 +721,7 @@ Be careful when setting this option too high, don't kill your server.
Limit how long the client should wait for a response from the server.
<h3 id='http-request-redirect-limit'><a href='#http-request-redirect-limit'>Request redirect limit (--http-request-redirect-limit)</a></h3>
<h3 name='http-request-redirect-limit'><a href='#http-request-redirect-limit'>Request redirect limit (--http-request-redirect-limit)</a></h3>
**Expects**: `integer`
......@@ -732,7 +732,7 @@ Limit how long the client should wait for a response from the server.
Limits the amount of redirects the client should follow for each request.
<h3 id='http-request-queue-size'><a href='#http-request-queue-size'>Request queue size (--http-request-queue-size)</a></h3>
<h3 name='http-request-queue-size'><a href='#http-request-queue-size'>Request queue size (--http-request-queue-size)</a></h3>
**Expects**: `integer`
......@@ -745,7 +745,7 @@ Maximum amount of requests to keep in the client queue.
**Note**: More means better scheduling and better performance, less means less RAM consumption.
<h3 id='http-request-header'><a href='#http-request-header'>Request header (--http-request-header)</a></h3>
<h3 name='http-request-header'><a href='#http-request-header'>Request header (--http-request-header)</a></h3>
**Expects**: `string`
......@@ -756,11 +756,11 @@ Maximum amount of requests to keep in the client queue.
Allows you to specify custom request headers in the form of key-value pairs.
<h4 id='http-request-header_example'><a href='#http-request-header_example'>Example</a></h4>
<h4 name='http-request-header_example'><a href='#http-request-header_example'>Example</a></h4>
--http-request-header='field_name=field value'
<h3 id='http-response-max-size'><a href='#http-response-max-size'>Response max size (--http-response-max-size)</a></h3>
<h3 name='http-response-max-size'><a href='#http-response-max-size'>Response max size (--http-response-max-size)</a></h3>
**Expects**: `integer`
......@@ -771,7 +771,7 @@ Allows you to specify custom request headers in the form of key-value pairs.
Limits the size of response bodies the client accepts. Essentially, the client will not download bodies of responses which have a `Content-Length` larger than the specified value.
<h3 id='http-cookie-jar'><a href='#http-cookie-jar'>Cookie jar (--http-cookie-jar)</a></h3>
<h3 name='http-cookie-jar'><a href='#http-cookie-jar'>Cookie jar (--http-cookie-jar)</a></h3>
**Expects**: `filepath`
......@@ -787,7 +787,7 @@ There's a number of ways to do that, I've found that Firebug's export cookie fea
**Note**: If you don't feel comfortable setting your own cookie-jar, you can use the `proxy` or `autologin` plugins to login to the web application.
<h3 id='http-cookie-string'><a href='#http-cookie-string'>Cookie string (--http-cookie-string)</a></h3>
<h3 name='http-cookie-string'><a href='#http-cookie-string'>Cookie string (--http-cookie-string)</a></h3>
**Expects**: `string`
......@@ -798,11 +798,11 @@ There's a number of ways to do that, I've found that Firebug's export cookie fea
Cookies, as a string, to be sent to the web application.
<h4 id='http-cookie-string_example'><a href='#http-cookie-string_example'>Example</a></h4>
<h4 name='http-cookie-string_example'><a href='#http-cookie-string_example'>Example</a></h4>
--http-cookie-string='userid=19;sessionid=deadbeefbabe'
<h3 id='http-authentication-username'><a href='#http-authentication-username'>Authentication username (--http-authentication-username)</a></h3>
<h3 name='http-authentication-username'><a href='#http-authentication-username'>Authentication username (--http-authentication-username)</a></h3>
**Expects**: `string`
......@@ -813,7 +813,7 @@ Cookies, as a string, to be sent to the web application.
Username to use for HTTP authentication.
<h3 id='http-authentication-password'><a href='#http-authentication-password'>Authentication password (--http-authentication-password)</a></h3>
<h3 name='http-authentication-password'><a href='#http-authentication-password'>Authentication password (--http-authentication-password)</a></h3>
**Expects**: `string`
......@@ -824,7 +824,7 @@ Username to use for HTTP authentication.
Password to use for HTTP authentication.
<h3 id='http-proxy'><a href='#http-proxy'>Proxy (--http-proxy)</a></h3>
<h3 name='http-proxy'><a href='#http-proxy'>Proxy (--http-proxy)</a></h3>
**Expects**: `server:port`
......@@ -835,7 +835,7 @@ Password to use for HTTP authentication.
Sets a proxy server for the client.
<h3 id='http-proxy-authentication'><a href='#http-proxy-authentication'>Proxy authentication (--http-proxy-auth)</a></h3>
<h3 name='http-proxy-authentication'><a href='#http-proxy-authentication'>Proxy authentication (--http-proxy-auth)</a></h3>
**Expects**: `username:password`
......@@ -846,7 +846,7 @@ Sets a proxy server for the client.
Sets authentication credentials for the specified proxy server.
<h3 id='http-proxy-type'><a href='#http-proxy-type'>Proxy type (--http-proxy-type)</a></h3>
<h3 name='http-proxy-type'><a href='#http-proxy-type'>Proxy type (--http-proxy-type)</a></h3>
**Expects**: `http, http_1_0, socks4, socks5, socks4a`
......@@ -857,9 +857,9 @@ Sets authentication credentials for the specified proxy server.
Sets the protocol for the specified proxy server.
<h2 id='input'><a href='#input'>Input</a></h2>
<h2 name='input'><a href='#input'>Input</a></h2>
<h3 id='input-value'><a href='#input-value'>Value (--input-value)</a></h3>
<h3 name='input-value'><a href='#input-value'>Value (--input-value)</a></h3>
**Expects**: `pattern:value`
......@@ -869,7 +869,7 @@ Sets the protocol for the specified proxy server.
Sets a value for inputs whose name matches the pattern.
<h3 id='input-values-from-file'><a href='#input-values-from-file'>Value (--input-values-from-file)</a></h3>
<h3 name='input-values-from-file'><a href='#input-values-from-file'>Value (--input-values-from-file)</a></h3>
**Expects**: `filepath`
......@@ -879,7 +879,7 @@ Sets a value for inputs whose name matches the pattern.
YAML file containing a `Hash` object with regular expressions, to match against input names, as keys and input values as values.
<h3 id='input-without-defaults'><a href='#input-without-defaults'>Without defaults (--input-without-defaults)</a></h3>
<h3 name='input-without-defaults'><a href='#input-without-defaults'>Without defaults (--input-without-defaults)</a></h3>
**Expects**: `<n/a>`
......@@ -889,7 +889,7 @@ YAML file containing a `Hash` object with regular expressions, to match against
If enabled, system default values won't be used.
<h3 id='input-force'><a href='#input-force'>Force (--input-force)</a></h3>
<h3 name='input-force'><a href='#input-force'>Force (--input-force)</a></h3>
**Expects**: `<n/a>`
......@@ -899,9 +899,9 @@ If enabled, system default values won't be used.
Forces the system to fill-in even non-empty inputs.
<h2 id='checks'><a href='#checks'>Checks</a></h2>
<h2 name='checks'><a href='#checks'>Checks</a></h2>
<h3 id='checks-list'><a href='#checks-list'>List (--checks-list)</a></h3>
<h3 name='checks-list'><a href='#checks-list'>List (--checks-list)</a></h3>
**Expects**: `pattern`
......@@ -914,7 +914,7 @@ Lists all available checks.
If an option has been provided, it will be treated as a pattern and be used to filter the displayed checks.
<h3 id='checks-checks'><a href='#checks-checks'>Load (--checks)</a></h3>
<h3 name='checks-checks'><a href='#checks-checks'>Load (--checks)</a></h3>
**Expects**: `string,string`
......@@ -930,7 +930,7 @@ You can prevent checks from being loaded by prefixing their name with a dash (`-
**Note**: Checks are referenced by their filename without the `.rb` extension, use `--checks-list` to see all.
<h4 id='checks-checks_example'><a href='#checks_checks_example'>Example</a></h4>
<h4 name='checks-checks_example'><a href='#checks_checks_example'>Example</a></h4>
As CSV:
......@@ -948,9 +948,9 @@ Excluding checks:
The above will load all checks except for the `backup_files` and `xss` ones.
<h2 id='plugins'><a href='#plugins'>Plugins</a></h2>
<h2 name='plugins'><a href='#plugins'>Plugins</a></h2>
<h3 id='plugins-list'><a href='#plugins-list'>List (--plugins-list)</a></h3>
<h3 name='plugins-list'><a href='#plugins-list'>List (--plugins-list)</a></h3>
**Expects**: `<n/a>`
......@@ -961,7 +961,7 @@ The above will load all checks except for the `backup_files` and `xss` ones.
Lists all available plugins.
<h3 id='plugin'><a href='#plugin'>Load (--plugin)</a></h3>
<h3 name='plugin'><a href='#plugin'>Load (--plugin)</a></h3>
**Expects**: `string`
......@@ -974,7 +974,7 @@ Loads a plugin by name and configures it with the given options.
**Note**: Plugins are referenced by their filename without the `.rb` extension, use `--plugins-list` to see all.
<h4 id='plugin_example'><a href='#plugin_example'>Example</a></h4>
<h4 name='plugin_example'><a href='#plugin_example'>Example</a></h4>
Excluding the logout URL and running the `autologin1 plugin to automatically login to a web application:
......@@ -984,9 +984,9 @@ arachni http://testfire.net --scope-page-limit=1 --checks=xss \
--scope-exclude-pattern logout
```
<h2 id='platforms'><a href='#platforms'>Platforms</a></h2>
<h2 name='platforms'><a href='#platforms'>Platforms</a></h2>
<h3 id='platforms-list'><a href='#platforms-list'>List (--platforms-list)</a></h3>
<h3 name='platforms-list'><a href='#platforms-list'>List (--platforms-list)</a></h3>
**Expects**: `<n/a>`
......@@ -996,7 +996,7 @@ arachni http://testfire.net --scope-page-limit=1 --checks=xss \
Lists all available platforms.
<h3 id='platforms-no-fingerprinting'><a href='#platforms-no-fingerprinting'>Disable fingerprinting (--platforms-no-fingerprinting)</a></h3>
<h3 name='platforms-no-fingerprinting'><a href='#platforms-no-fingerprinting'>Disable fingerprinting (--platforms-no-fingerprinting)</a></h3>
**Expects**: `<n/a>`
......@@ -1006,7 +1006,7 @@ Lists all available platforms.
Disables platform fingerprinting and results in all audit payloads being sent to the webapp.
<h3 id='platforms-platforms'><a href='#platforms-platforms'>Configure (--platforms)</a></h3>
<h3 name='platforms-platforms'><a href='#platforms-platforms'>Configure (--platforms)</a></h3>
**Expects**: `string,string,...`
......@@ -1017,9 +1017,9 @@ Disables platform fingerprinting and results in all audit payloads being sent to
Explicitly sets the platforms for the remote web application. You can use this to help
the system be more efficient in its scan.
<h2 id='session'><a href='#session'>Session</a></h2>
<h2 name='session'><a href='#session'>Session</a></h2>
<h3 id='session-check-url'><a href='#session-check-url'>Check URL (--session-check-url)</a></h3>
<h3 name='session-check-url'><a href='#session-check-url'>Check URL (--session-check-url)</a></h3>
**Expects**: `string`
......@@ -1035,7 +1035,7 @@ logged in to the web application.
If the HTTP response body of URL matches the [session-check-pattern](#session-check-pattern)
this should indicate that the system is logged in.
<h3 id='session-check-pattern'><a href='#session-check-pattern'>Check pattern (--session-check-pattern)</a></h3>
<h3 name='session-check-pattern'><a href='#session-check-pattern'>Check pattern (--session-check-pattern)</a></h3>
**Expects**: `string`
......@@ -1050,9 +1050,9 @@ verify that the system is still logged in to the web application.
A positive match should indicate that the system is logged in.
<h2 id='profiles'><a href='#profiles'>Profiles</a></h2>
<h2 name='profiles'><a href='#profiles'>Profiles</a></h2>
<h3 id='profile-save-filepath'><a href='#profile-save-filepath'>Save (--profile-save-filepath)</a></h3>
<h3 name='profile-save-filepath'><a href='#profile-save-filepath'>Save (--profile-save-filepath)</a></h3>
**Expects**: `filepath`
......@@ -1063,7 +1063,7 @@ A positive match should indicate that the system is logged in.
This option allows you to save your current running configuration, all the options passed to Arachni, to an Arachni Framework Profile (`.afp`) file.
<h3 id='profile-load-filepath'><a href='#profile-load-filepath'>Load (--profile-load-filepath)</a></h3>
<h3 name='profile-load-filepath'><a href='#profile-load-filepath'>Load (--profile-load-filepath)</a></h3>
**Expects**: `filepath`
......@@ -1076,9 +1076,9 @@ This option allows you to load and run a saved profile.
**Note**: This option does not impede your ability to specify more options or resave the profile.
<h2 id='browser-cluster'><a href='#browser-cluster'>Browser cluster</a></h2>
<h2 name='browser-cluster'><a href='#browser-cluster'>Browser cluster</a></h2>
<h3 id='browser-cluster-pool-size'><a href='#browser-cluster-pool-size'>Pool size (--browser-cluster-pool-size)</a></h3>
<h3 name='browser-cluster-pool-size'><a href='#browser-cluster-pool-size'>Pool size (--browser-cluster-pool-size)</a></h3>
**Expects**: `integer`
......@@ -1088,7 +1088,7 @@ This option allows you to load and run a saved profile.
Amount of browser workers (process) to maintain in the pool.
<h3 id='browser-cluster-job-timeout'><a href='#browser-cluster-job-timeout'>Job timeout (--browser-cluster-job-timeout)</a></h3>
<h3 name='browser-cluster-job-timeout'><a href='#browser-cluster-job-timeout'>Job timeout (--browser-cluster-job-timeout)</a></h3>
**Expects**: `integer`
......@@ -1098,7 +1098,7 @@ Amount of browser workers (process) to maintain in the pool.
Maximum allowed time for each job, measured in seconds.
<h3 id='browser-cluster-worker-time-to-live'><a href='#browser-cluster-worker-time-to-live'>Worker time to live (--browser-cluster-worker-time-to-live)</a></h3>
<h3 name='browser-cluster-worker-time-to-live'><a href='#browser-cluster-worker-time-to-live'>Worker time to live (--browser-cluster-worker-time-to-live)</a></h3>
**Expects**: `integer`
......@@ -1110,7 +1110,7 @@ Amount of jobs each worker should process before having its process respawned.
**Note**: Mainly used to prevent individual browser process from accumulating too much RAM.
<h3 id='browser-cluster-ignore-images'><a href='#browser-cluster-ignore-images'>Ignore images (--browser-cluster-ignore-images)</a></h3>
<h3 name='browser-cluster-ignore-images'><a href='#browser-cluster-ignore-images'>Ignore images (--browser-cluster-ignore-images)</a></h3>
**Expects**: `<n/a>`
......@@ -1120,7 +1120,7 @@ Amount of jobs each worker should process before having its process respawned.
If enabled, the browsers will not load any images.
<h3 id='browser-cluster-screen-width'><a href='#browser-cluster-screen-width'>Screen width (--browser-cluster-screen-width)</a></h3>
<h3 name='browser-cluster-screen-width'><a href='#browser-cluster-screen-width'>Screen width (--browser-cluster-screen-width)</a></h3>
**Expects**: `integer`
......@@ -1132,7 +1132,7 @@ Sets the browsers' screen width.
**Note**: Can be used to test responsive and mobile applications.
<h3 id='browser-cluster-screen-height'><a href='#browser-cluster-screen-height'>Screen height (--browser-cluster-screen-height)</a></h3>
<h3 name='browser-cluster-screen-height'><a href='#browser-cluster-screen-height'>Screen height (--browser-cluster-screen-height)</a></h3>
**Expects**: `integer`
......@@ -1144,9 +1144,9 @@ Sets the browsers' screen height.
**Note**: Can be used to test responsive and mobile applications.
<h2 id='report'><a href='#report'>Report</a></h2>
<h2 name='report'><a href='#report'>Report</a></h2>
<h3 id='report-save-path'><a href='#report-save-path'>Save path (--report-save-path)</a></h3>
<h3 name='report-save-path'><a href='#report-save-path'>Save path (--report-save-path)</a></h3>
**Expects**: `string`
......@@ -1158,9 +1158,9 @@ Directory or file path where to store the scan report.
**Note**: You can use the generated file to create reports in several formats with the `arachni_reporter` executable.
<h2 id='snapshot'><a href='#snapshot'>Snapshot</a></h2>
<h2 name='snapshot'><a href='#snapshot'>Snapshot</a></h2>
<h3 id='snapshot-save-path'><a href='#snapshot-save-path'>Save path (--snapshot-save-path)</a></h3>
<h3 name='snapshot-save-path'><a href='#snapshot-save-path'>Save path (--snapshot-save-path)</a></h3>
**Expects**: `string`
......@@ -1172,9 +1172,9 @@ Directory or file path where to store the snapshot of a suspended scan.
**Note**: You can use the generated file to resume the scan with the `arachni_restore` executable.
<h2 id='timeout'><a href='#timeout'>Timeout</a></h2>
<h2 name='timeout'><a href='#timeout'>Timeout</a></h2>
<h3 id='timeout-timeout'><a href='#timeout-timeout'>Timeout (--timeout)</a></h3>
<h3 name='timeout-timeout'><a href='#timeout-timeout'>Timeout (--timeout)</a></h3>
**Expects**: `hours:minutes:seconds`
......@@ -1184,7 +1184,7 @@ Directory or file path where to store the snapshot of a suspended scan.
Maximum amount of time to allow the scan to run.
<h3 id='timeout-suspend'><a href='#timeout-suspend'>Suspend (--timeout-suspend)</a></h3>
<h3 name='timeout-suspend'><a href='#timeout-suspend'>Suspend (--timeout-suspend)</a></h3>
**Expects**: `<n/a>`
......@@ -1195,7 +1195,7 @@ Maximum amount of time to allow the scan to run.
If enabled, the scan will be suspended when the `--timeout` is reached, instead of being aborted.
<h2 id='cli_help_output'><a href='#cli_help_output'>CLI Help Output</a></h2>
<h2 name='cli_help_output'><a href='#cli_help_output'>CLI Help Output</a></h2>
```
$ arachni -h
......