| ... | @@ -3,6 +3,7 @@ _Some of those executables are only available via the self-contained packages._ |
... | @@ -3,6 +3,7 @@ _Some of those executables are only available via the self-contained packages._ |
|
|
* [arachni](#arachni)
|
|
* [arachni](#arachni)
|
|
|
* [arachni_reporter](#arachni_reporter)
|
|
* [arachni_reporter](#arachni_reporter)
|
|
|
* [arachni_restore](#arachni_restore)
|
|
* [arachni_restore](#arachni_restore)
|
|
|
|
* [arachni_reproduce](#arachni_reproduce)
|
|
|
* [arachni_rest_server](#arachni_rest_server)
|
|
* [arachni_rest_server](#arachni_rest_server)
|
|
|
* [arachni_rpc](#arachni_rpc)
|
|
* [arachni_rpc](#arachni_rpc)
|
|
|
* [arachni_rpcd](#arachni_rpcd)
|
|
* [arachni_rpcd](#arachni_rpcd)
|
| ... | @@ -32,6 +33,24 @@ Generates reports in various formats from AFR (Arachni Framework Report -- `.afr |
... | @@ -32,6 +33,24 @@ Generates reports in various formats from AFR (Arachni Framework Report -- `.afr |
|
|
Restores a suspended scan from an AFS (Arachni Framework Snapshot -- `.afs`) file.
|
|
Restores a suspended scan from an AFS (Arachni Framework Snapshot -- `.afs`) file.
|
|
|
(AFS files are generated by the `arachni` executable upon succesful suspension on a scan.)
|
|
(AFS files are generated by the `arachni` executable upon succesful suspension on a scan.)
|
|
|
|
|
|
|
|
|
## <a name="arachni_reproduce" href="#arachni_reproduce">arachni_reproduce</a>
|
|
|
|
|
|
|
|
`arachni_reproduce` let's you reproduce all issues in a report and then creates a new report containing only the issues that still exist.
|
|
|
|
|
|
|
|
For example, if you've got an Arachni report and are working to fix all the identified issues, you can pass that report to `arachni_reproduce` and get immediate feedback as to how you're doing instead of having to rerun a full scan.
|
|
|
|
|
|
|
|
For each run, `arachni_reproduce` will generate a new report that only includes unfixed issues, so, again, you won't have to spend time testing issues that you've already fixed.
|
|
|
|
|
|
|
|
In addition to that, you can specify individual issues to be reproduced, based on their digest, if you only care about particular issues rather than the entire report.
|
|
|
|
|
|
|
|
Lastly, during the reproduction of each issue, extra HTTP request headers are set that contain information about which issue is being reproduced, thus allowing you to set server-side debugging or instrumentation in order to make fixing it even easier:
|
|
|
|
|
|
|
|
1. `X-Arachni-Issue-Replay-Id`: Unique token for requests pertaining to individual issues.
|
|
|
|
* Differs for each run and can be used to group requests for each issue together.
|
|
|
|
1. `X-Arachni-Issue-Seed`: Seed payload used to identify the original issue.
|
|
|
|
* Initial payload used to identify the vulnerability in the given report.
|
|
|
|
1. `X-Arachni-Issue-Digest`: Digest uniquely identifying each issue across scans and reports.
|
|
|
|
|
|
|
## <a name="arachni_rest_server" href="#arachni_rest_server">arachni_rest_server</a>
|
|
## <a name="arachni_rest_server" href="#arachni_rest_server">arachni_rest_server</a>
|
|
|
|
|
|
|
|
Starts a [[REST server | REST-Server]].
|
|
Starts a [[REST server | REST-Server]].
|
| ... | | ... | |
