-
Notifications
You must be signed in to change notification settings - Fork 246
Functionality
Thomas edited this page Nov 27, 2017
·
8 revisions
-d DORK, --dork=DORK
Specify a singular Google dork to use for queries
-l FILE-PATH, --dork-list=FILE-PATH
Specify a file full of dorks to run through
-r, --rand-dork Use a random dork from the etc/dorks.txt file to
perform the scan
-b URL, --blackwidow=URL
Spider a single webpage for all available URL's
-f FILE-PATH, --url-file=FILE-PATH
Run an attack on URL's in a given file
-s, --sqli Run a Sqlmap SQLi scan on the discovered URL's
-p, --port-scan Run a Nmap port scan on the discovered URL's
-a, --admin-panel Search for the websites admin panel
-x, --xss-scan Run an XSS scan on the found URL's
-w, --whois-lookup Perform a WhoIs lookup on the provided domain
-c, --clickjacking Perform a clickjacking scan on a provided URL
-g, --github-search
Perform a Github Gist search for any information on
the found websites
--sqlmap-args=SQLMAP-ARGS
Pass the arguments to send to the sqlmap API within
quotes & separated by a comma. IE 'dbms mysql, verbose
3, level 5'
--sqlmap-conf=CONFIG-FILE-PATH
Pass a configuration file that contains the sqlmap
arguments
--nmap-args=NMAP-ARGS
Pass the arguments to send to the nmap API within
quotes & separated by a pipe. IE '-O|-p 445, 1080'
--show-sqlmap Show the arguments that the sqlmap API understands
--show-nmap Show the arguments that nmap understands
-P, --show-possibles
Show all connections made during the admin panel
search
--tamper=TAMPER-SCRIPT
Send the XSS payloads through tampering before sending
to the target
--thread Run multiple threads on functions that support multi-
threading
--auto Automatically start the sqlmap API (or at least try
to)
-L HOW-MANY-LINKS, --links=HOW-MANY-LINKS
Specify how many links to try and search on Google
-M, --multi Search multiple pages of Google
-E, --exclude-none Do not exclude URLs because they do not have a
GET(query) parameter in them
-W, --webcache Parse webcache URLs for the redirect in them
--x-forward Add a header called 'X-Forwarded-For' with three
random IP addresses
--time-sec=SECONDS Control the sleep time to the WhoIS lookup to prevent
errors
--proxy=PROXY-STRING
Use a proxy to do the scraping, will not auto
configure to the API's
--proxy-file=FILE-PATH
Grab a random proxy from a given file of proxies
--random-agent Use a random user-agent from the etc/agents.txt file
--agent=USER-AGENT Use your own personal user-agent
--tor Use Tor connection as the proxy and set the firefox
browser settings to mimic Tor
-D, --search-engine-ddg
Use DuckDuckGo as the search engine
-B, --search-engine-bing
Use Bing as the search engine
-A, --search-engine-aol
Use AOL as the search engine
--verbose Run the application in verbose mode (more output)
--batch Skip the questions and run in default batch mode
--update Update to the latest development version
--hide Hide the banner during running
--version Show the current version and exit
-T THREAD-AMOUNT, --x-threads=THREAD-AMOUNT
Specify how many threads you want to pass
--show-success Calculate the dorks success rate and output the
calculation in human readable form