mirror of
https://github.com/Ekultek/Zeus-Scanner.git
synced 2026-03-11 08:55:51 +00:00
Updated Functionality (markdown)
parent
f611b7d7b8
commit
d867281ee1
1 changed files with 83 additions and 24 deletions
107
Functionality.md
107
Functionality.md
|
|
@ -1,31 +1,90 @@
|
|||
# Extensive breakdown of all flags and what they do
|
||||
|
||||
|
||||
***
|
||||
|
||||
#### Mandatory options
|
||||
* `-d/--dork <DORK>` Run a single dork through Zeus
|
||||
* `-l/--dork-list <FILE-PATH>` Run a list of dorks through Zeus one per line
|
||||
### Mandatory Options:
|
||||
#### These options have to be used in order for Zeus to run
|
||||
|
||||
#### Attack options
|
||||
* `-s/--sqli` Run the found URL's through sqlmaps API to scan for SQL injection flaws
|
||||
* `-p/--port-scan` Run a port scan using nmaps API on the found URL's
|
||||
* `-i/--intel-check` Run a check to see if the websites host IP is vulnerable to Intel ME AMT (CVE-2017-5689) exploit
|
||||
* `-a/--admin-panel` Try to bruteforce the websites admin panel
|
||||
* `--sqlmap-args <ARGUMENTS>` Pass arguments to the sqlmap API. The arguments must be in the format that the API understands. See [here](https://github.com/Ekultek/Zeus-Scanner/wiki/Passing-flags-to-sqlmap) for a list.
|
||||
* `--auto-start` Attempt to automatically find and start the sqlmap API on your system (SLOW)
|
||||
* `--search-here <PATH-TO-START>` Used in conjunction with `--auto-start` to choose the starting search path
|
||||
* `--show-sqlmap` Show a list of arguments that the sqlmap API understands
|
||||
* `--nmap-args <ARGUMENTS>` Pass arguments to the nmap API, the arguments must be seperated by a pipe `|`. For a list of available arguments run `--show-nmap`
|
||||
* `--show-nmap` Show the arguments accepted by nmap API
|
||||
-d DORK, --dork=DORK
|
||||
Specify a singular Google dork to use for queries
|
||||
-l FILE-PATH, --dork-list=FILE-PATH
|
||||
Specify a file full of dorks to run through
|
||||
-r, --rand-dork Use a random dork from the etc/dorks.txt file to
|
||||
perform the scan
|
||||
-b URL, --blackwidow=URL
|
||||
Spider a single webpage for all available URL's
|
||||
-f FILE-PATH, --url-file=FILE-PATH
|
||||
Run an attack on URL's in a given file
|
||||
|
||||
#### Search engine options
|
||||
* `-D/--search-engine-ddg` Use DuckDuckGo as the search engine
|
||||
* `-B/--search-engine-bing` Use Bing as the search engine
|
||||
* `-A/--search-engine-aol` Use AOL as the search engine
|
||||
### Attack arguments:
|
||||
#### These arguments will give you the choice on how you want to check the
|
||||
websites
|
||||
|
||||
#### Misc options
|
||||
* `--verbose` Run Zeus in verbose mode, expect more output
|
||||
* `--proxy <PROXY-STRING>` Configure a proxy to use for the scanning
|
||||
* `--random-agent` Use a random user-agent as the header from `etc/agents.txt`
|
||||
* `--show-requests` Show all HTTP requests that are sent from Zeus, use in conjunction with `--verbose` for extreme verbose output
|
||||
-s, --sqli Run a Sqlmap SQLi scan on the discovered URL's
|
||||
-p, --port-scan Run a Nmap port scan on the discovered URL's
|
||||
-i, --intel-check Check if a URL's host is exploitable via Intel ME AMT
|
||||
(CVE-2017-5689)
|
||||
-a, --admin-panel Search for the websites admin panel
|
||||
-x, --xss-scan Run an XSS scan on the found URL's
|
||||
-w, --whois-lookup Perform a WhoIs lookup on the provided domain
|
||||
--show-readable Show human readable output from the WhoIs lookup
|
||||
--sqlmap-args=SQLMAP-ARGS
|
||||
Pass the arguments to send to the sqlmap API within
|
||||
quotes & separated by a comma. IE 'dbms mysql, verbose
|
||||
3, level 5'
|
||||
--nmap-args=NMAP-ARGS
|
||||
Pass the arguments to send to the nmap API within
|
||||
quotes & separated by a pipe. IE '-O|-p 445, 1080'
|
||||
--show-sqlmap Show the arguments that the sqlmap API understands
|
||||
--show-nmap Show the arguments that nmap understands
|
||||
-P, --show-possibles
|
||||
Show all connections made during the admin panel
|
||||
search
|
||||
--tamper=TAMPER-SCRIPT
|
||||
Send the XSS payloads through tampering before sending
|
||||
to the target
|
||||
--run-ip-address Run the Intel ME AMT exploit against the found host IP
|
||||
address instead of the hostname
|
||||
--auto Automatically start the sqlmap API (or at least try
|
||||
to)
|
||||
|
||||
### Search options:
|
||||
#### Arguments that will control the search criteria
|
||||
|
||||
-L HOW-MANY-LINKS, --links=HOW-MANY-LINKS
|
||||
Specify how many links to try and search on Google
|
||||
-M, --multi Search multiple pages of Google
|
||||
-E, --exclude-none Do not exclude URLs because they do not have a
|
||||
GET(query) parameter in them
|
||||
-W, --webcache Parse webcache URLs for the redirect in them
|
||||
|
||||
### Anonymity arguments:
|
||||
#### Arguments that help with anonymity and hiding identity
|
||||
|
||||
--proxy=PROXY-STRING
|
||||
Use a proxy to do the scraping, will not auto
|
||||
configure to the API's
|
||||
--proxy-file=FILE-PATH
|
||||
Grab a random proxy from a given file of proxies
|
||||
--random-agent Use a random user-agent from the etc/agents.txt file
|
||||
--agent=USER-AGENT Use your own personal user-agent
|
||||
|
||||
### Search engine arguments:
|
||||
#### Arguments to change the search engine used (default is Google)
|
||||
|
||||
-D, --search-engine-ddg
|
||||
Use DuckDuckGo as the search engine
|
||||
-B, --search-engine-bing
|
||||
Use Bing as the search engine
|
||||
-A, --search-engine-aol
|
||||
Use AOL as the search engine
|
||||
|
||||
### Misc Options:
|
||||
#### These options affect how the program will run
|
||||
|
||||
--verbose Run the application in verbose mode (more output)
|
||||
--show-requests Show all HTTP requests made by the application
|
||||
--batch Skip the questions and run in default batch mode
|
||||
--update Update to the latest development version
|
||||
--hide Hide the banner during running
|
||||
--version Show the current version and exit
|
||||
Loading…
Reference in a new issue