Updated Functionality (markdown)

Thomas 2017-10-28 12:48:08 -05:00
parent f611b7d7b8
commit d867281ee1

@ -1,31 +1,90 @@
# Extensive breakdown of all flags and what they do
***
#### Mandatory options
* `-d/--dork <DORK>` Run a single dork through Zeus
* `-l/--dork-list <FILE-PATH>` Run a list of dorks through Zeus one per line
### Mandatory Options:
#### These options have to be used in order for Zeus to run
#### Attack options
* `-s/--sqli` Run the found URL's through sqlmaps API to scan for SQL injection flaws
* `-p/--port-scan` Run a port scan using nmaps API on the found URL's
* `-i/--intel-check` Run a check to see if the websites host IP is vulnerable to Intel ME AMT (CVE-2017-5689) exploit
* `-a/--admin-panel` Try to bruteforce the websites admin panel
* `--sqlmap-args <ARGUMENTS>` Pass arguments to the sqlmap API. The arguments must be in the format that the API understands. See [here](https://github.com/Ekultek/Zeus-Scanner/wiki/Passing-flags-to-sqlmap) for a list.
* `--auto-start` Attempt to automatically find and start the sqlmap API on your system (SLOW)
* `--search-here <PATH-TO-START>` Used in conjunction with `--auto-start` to choose the starting search path
* `--show-sqlmap` Show a list of arguments that the sqlmap API understands
* `--nmap-args <ARGUMENTS>` Pass arguments to the nmap API, the arguments must be seperated by a pipe `|`. For a list of available arguments run `--show-nmap`
* `--show-nmap` Show the arguments accepted by nmap API
-d DORK, --dork=DORK
Specify a singular Google dork to use for queries
-l FILE-PATH, --dork-list=FILE-PATH
Specify a file full of dorks to run through
-r, --rand-dork Use a random dork from the etc/dorks.txt file to
perform the scan
-b URL, --blackwidow=URL
Spider a single webpage for all available URL's
-f FILE-PATH, --url-file=FILE-PATH
Run an attack on URL's in a given file
#### Search engine options
* `-D/--search-engine-ddg` Use DuckDuckGo as the search engine
* `-B/--search-engine-bing` Use Bing as the search engine
* `-A/--search-engine-aol` Use AOL as the search engine
### Attack arguments:
#### These arguments will give you the choice on how you want to check the
websites
#### Misc options
* `--verbose` Run Zeus in verbose mode, expect more output
* `--proxy <PROXY-STRING>` Configure a proxy to use for the scanning
* `--random-agent` Use a random user-agent as the header from `etc/agents.txt`
* `--show-requests` Show all HTTP requests that are sent from Zeus, use in conjunction with `--verbose` for extreme verbose output
-s, --sqli Run a Sqlmap SQLi scan on the discovered URL's
-p, --port-scan Run a Nmap port scan on the discovered URL's
-i, --intel-check Check if a URL's host is exploitable via Intel ME AMT
(CVE-2017-5689)
-a, --admin-panel Search for the websites admin panel
-x, --xss-scan Run an XSS scan on the found URL's
-w, --whois-lookup Perform a WhoIs lookup on the provided domain
--show-readable Show human readable output from the WhoIs lookup
--sqlmap-args=SQLMAP-ARGS
Pass the arguments to send to the sqlmap API within
quotes & separated by a comma. IE 'dbms mysql, verbose
3, level 5'
--nmap-args=NMAP-ARGS
Pass the arguments to send to the nmap API within
quotes & separated by a pipe. IE '-O|-p 445, 1080'
--show-sqlmap Show the arguments that the sqlmap API understands
--show-nmap Show the arguments that nmap understands
-P, --show-possibles
Show all connections made during the admin panel
search
--tamper=TAMPER-SCRIPT
Send the XSS payloads through tampering before sending
to the target
--run-ip-address Run the Intel ME AMT exploit against the found host IP
address instead of the hostname
--auto Automatically start the sqlmap API (or at least try
to)
### Search options:
#### Arguments that will control the search criteria
-L HOW-MANY-LINKS, --links=HOW-MANY-LINKS
Specify how many links to try and search on Google
-M, --multi Search multiple pages of Google
-E, --exclude-none Do not exclude URLs because they do not have a
GET(query) parameter in them
-W, --webcache Parse webcache URLs for the redirect in them
### Anonymity arguments:
#### Arguments that help with anonymity and hiding identity
--proxy=PROXY-STRING
Use a proxy to do the scraping, will not auto
configure to the API's
--proxy-file=FILE-PATH
Grab a random proxy from a given file of proxies
--random-agent Use a random user-agent from the etc/agents.txt file
--agent=USER-AGENT Use your own personal user-agent
### Search engine arguments:
#### Arguments to change the search engine used (default is Google)
-D, --search-engine-ddg
Use DuckDuckGo as the search engine
-B, --search-engine-bing
Use Bing as the search engine
-A, --search-engine-aol
Use AOL as the search engine
### Misc Options:
#### These options affect how the program will run
--verbose Run the application in verbose mode (more output)
--show-requests Show all HTTP requests made by the application
--batch Skip the questions and run in default batch mode
--update Update to the latest development version
--hide Hide the banner during running
--version Show the current version and exit