diff --git a/Functionality.md b/Functionality.md index 7180733..9900038 100644 --- a/Functionality.md +++ b/Functionality.md @@ -1,31 +1,90 @@ # Extensive breakdown of all flags and what they do - *** -#### Mandatory options -* `-d/--dork ` Run a single dork through Zeus -* `-l/--dork-list ` Run a list of dorks through Zeus one per line +### Mandatory Options: +#### These options have to be used in order for Zeus to run -#### Attack options -* `-s/--sqli` Run the found URL's through sqlmaps API to scan for SQL injection flaws -* `-p/--port-scan` Run a port scan using nmaps API on the found URL's -* `-i/--intel-check` Run a check to see if the websites host IP is vulnerable to Intel ME AMT (CVE-2017-5689) exploit -* `-a/--admin-panel` Try to bruteforce the websites admin panel -* `--sqlmap-args ` Pass arguments to the sqlmap API. The arguments must be in the format that the API understands. See [here](https://github.com/Ekultek/Zeus-Scanner/wiki/Passing-flags-to-sqlmap) for a list. -* `--auto-start` Attempt to automatically find and start the sqlmap API on your system (SLOW) -* `--search-here ` Used in conjunction with `--auto-start` to choose the starting search path -* `--show-sqlmap` Show a list of arguments that the sqlmap API understands -* `--nmap-args ` Pass arguments to the nmap API, the arguments must be seperated by a pipe `|`. For a list of available arguments run `--show-nmap` -* `--show-nmap` Show the arguments accepted by nmap API + -d DORK, --dork=DORK + Specify a singular Google dork to use for queries + -l FILE-PATH, --dork-list=FILE-PATH + Specify a file full of dorks to run through + -r, --rand-dork Use a random dork from the etc/dorks.txt file to + perform the scan + -b URL, --blackwidow=URL + Spider a single webpage for all available URL's + -f FILE-PATH, --url-file=FILE-PATH + Run an attack on URL's in a given file -#### Search engine options -* `-D/--search-engine-ddg` Use DuckDuckGo as the search engine -* `-B/--search-engine-bing` Use Bing as the search engine -* `-A/--search-engine-aol` Use AOL as the search engine +### Attack arguments: +#### These arguments will give you the choice on how you want to check the + websites -#### Misc options -* `--verbose` Run Zeus in verbose mode, expect more output -* `--proxy ` Configure a proxy to use for the scanning -* `--random-agent` Use a random user-agent as the header from `etc/agents.txt` -* `--show-requests` Show all HTTP requests that are sent from Zeus, use in conjunction with `--verbose` for extreme verbose output + -s, --sqli Run a Sqlmap SQLi scan on the discovered URL's + -p, --port-scan Run a Nmap port scan on the discovered URL's + -i, --intel-check Check if a URL's host is exploitable via Intel ME AMT + (CVE-2017-5689) + -a, --admin-panel Search for the websites admin panel + -x, --xss-scan Run an XSS scan on the found URL's + -w, --whois-lookup Perform a WhoIs lookup on the provided domain + --show-readable Show human readable output from the WhoIs lookup + --sqlmap-args=SQLMAP-ARGS + Pass the arguments to send to the sqlmap API within + quotes & separated by a comma. IE 'dbms mysql, verbose + 3, level 5' + --nmap-args=NMAP-ARGS + Pass the arguments to send to the nmap API within + quotes & separated by a pipe. IE '-O|-p 445, 1080' + --show-sqlmap Show the arguments that the sqlmap API understands + --show-nmap Show the arguments that nmap understands + -P, --show-possibles + Show all connections made during the admin panel + search + --tamper=TAMPER-SCRIPT + Send the XSS payloads through tampering before sending + to the target + --run-ip-address Run the Intel ME AMT exploit against the found host IP + address instead of the hostname + --auto Automatically start the sqlmap API (or at least try + to) + +### Search options: +#### Arguments that will control the search criteria + + -L HOW-MANY-LINKS, --links=HOW-MANY-LINKS + Specify how many links to try and search on Google + -M, --multi Search multiple pages of Google + -E, --exclude-none Do not exclude URLs because they do not have a + GET(query) parameter in them + -W, --webcache Parse webcache URLs for the redirect in them + +### Anonymity arguments: +#### Arguments that help with anonymity and hiding identity + + --proxy=PROXY-STRING + Use a proxy to do the scraping, will not auto + configure to the API's + --proxy-file=FILE-PATH + Grab a random proxy from a given file of proxies + --random-agent Use a random user-agent from the etc/agents.txt file + --agent=USER-AGENT Use your own personal user-agent + +### Search engine arguments: +#### Arguments to change the search engine used (default is Google) + + -D, --search-engine-ddg + Use DuckDuckGo as the search engine + -B, --search-engine-bing + Use Bing as the search engine + -A, --search-engine-aol + Use AOL as the search engine + +### Misc Options: +#### These options affect how the program will run + + --verbose Run the application in verbose mode (more output) + --show-requests Show all HTTP requests made by the application + --batch Skip the questions and run in default batch mode + --update Update to the latest development version + --hide Hide the banner during running + --version Show the current version and exit \ No newline at end of file