From 5be45d06de1c45631a7c98059a43f198125e2878 Mon Sep 17 00:00:00 2001 From: blshkv Date: Sat, 21 Mar 2020 16:41:01 +0800 Subject: [PATCH] arachni-bin: remove this crappy project. It was never good and it came to the end finally --- net-analyzer/arachni-bin/Manifest | 1 - .../arachni-bin/arachni-bin-1.5.1.ebuild | 77 --- .../files/arachni-webui-daemon.confd | 10 - .../files/arachni-webui-daemon.initd | 34 -- net-analyzer/arachni-bin/files/man/arachni.1 | 471 ----------------- .../arachni-bin/files/man/arachni_console.1 | 135 ----- .../arachni-bin/files/man/arachni_multi.1 | 452 ---------------- .../files/man/arachni_rest_server.1 | 96 ---- .../arachni-bin/files/man/arachni_rpc.1 | 481 ------------------ .../arachni-bin/files/man/arachni_rpcd.1 | 126 ----- .../files/man/arachni_rpcd_monitor.1 | 60 --- .../arachni-bin/files/man/arachni_web.1 | 82 --- net-analyzer/arachni-bin/metadata.xml | 8 - 13 files changed, 2033 deletions(-) delete mode 100644 net-analyzer/arachni-bin/Manifest delete mode 100644 net-analyzer/arachni-bin/arachni-bin-1.5.1.ebuild delete mode 100644 net-analyzer/arachni-bin/files/arachni-webui-daemon.confd delete mode 100644 net-analyzer/arachni-bin/files/arachni-webui-daemon.initd delete mode 100644 net-analyzer/arachni-bin/files/man/arachni.1 delete mode 100644 net-analyzer/arachni-bin/files/man/arachni_console.1 delete mode 100644 net-analyzer/arachni-bin/files/man/arachni_multi.1 delete mode 100644 net-analyzer/arachni-bin/files/man/arachni_rest_server.1 delete mode 100644 net-analyzer/arachni-bin/files/man/arachni_rpc.1 delete mode 100644 net-analyzer/arachni-bin/files/man/arachni_rpcd.1 delete mode 100644 net-analyzer/arachni-bin/files/man/arachni_rpcd_monitor.1 delete mode 100644 net-analyzer/arachni-bin/files/man/arachni_web.1 delete mode 100644 net-analyzer/arachni-bin/metadata.xml diff --git a/net-analyzer/arachni-bin/Manifest b/net-analyzer/arachni-bin/Manifest deleted file mode 100644 index b2f05de58..000000000 --- a/net-analyzer/arachni-bin/Manifest +++ /dev/null @@ -1 +0,0 @@ -DIST arachni-1.5.1-0.5.12-linux-x86_64.tar.gz 150869608 BLAKE2B 0cdaa03b97a4b3bbac6d9980de066bcb2f9ad07a160bd3e902e0c34567a7a6ed7543e8ebed02fe4164760fcb1e8aead124b9b0d534eefade5a26ac735b311987 SHA512 bd300ee9c04a970dd3f724e083c1848962cbf7e9511322117352f7a06ae3e8d81bf9e0e3587cc7e109fb82e43343d29855f3f6a9f806e99a37053aaa122e3bd9 diff --git a/net-analyzer/arachni-bin/arachni-bin-1.5.1.ebuild b/net-analyzer/arachni-bin/arachni-bin-1.5.1.ebuild deleted file mode 100644 index 6ff112111..000000000 --- a/net-analyzer/arachni-bin/arachni-bin-1.5.1.ebuild +++ /dev/null @@ -1,77 +0,0 @@ -# Copyright 1999-2019 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -# this package has been included a some version of the WebUI -# check before bump it -WEBUI_PV="0.5.12" - -MY_PN="${PN%-bin}" -MY_P="${MY_PN}-${PV}-${WEBUI_PV}" - -inherit user - -DESCRIPTION="Web Application Security Scanner Framework" -HOMEPAGE="https://www.arachni-scanner.com https://github.com/Arachni/arachni" -SRC_URI="https://github.com/Arachni/arachni/releases/download/v${PV}/${MY_P}-linux-x86_64.tar.gz" -LICENSE="APSL-1" -SLOT="0" -KEYWORDS="-* ~amd64" -IUSE="" -QA_PREBUILT="*" - -# you need the only dev-lang/ruby for launch it -DEPEND="" -RDEPEND="${DEPEND} - dev-lang/ruby:=" - -S="${WORKDIR}"/${MY_P} - -pkg_setup() { - enewgroup ${MY_PN} - enewuser ${MY_PN} -1 -1 /dev/null ${MY_PN} -} - -src_prepare() { - # cleanup - rm -r "system/usr/share" "system/usr/etc/fonts/" \ - "system/gems/gems/ffi-1.9.18/ext/ffi_c/libffi-x86_64-linux/include/ffitarget.h" \ - || die "Failed to install!" - - default -} - -src_install() { - dodir "/opt/${PN}" - - cp -R . "${D}/opt/${PN}" || die "Failed to install!" - - fowners -R ${MY_PN}:${MY_PN} "/opt/${PN}/system" - fperms -R g=u "/opt/${PN}/system" - - for l in $(ls "bin/"); do - dosym "../../opt/${PN}/bin"/${l} "/usr/bin"/${l} - done - dosym "../../../../usr/share" "/opt/${PN}/system/usr/share" - - newinitd "${FILESDIR}"/arachni-webui-daemon.initd arachni-webui-daemon - newconfd "${FILESDIR}"/arachni-webui-daemon.confd arachni-webui-daemon - - doman "${FILESDIR}"/man/* - dodoc README TROUBLESHOOTING -} - -pkg_postinst() { - elog "\nJust run 'gpasswd -a ${MY_PN}', then have re-login." - elog "\nIf you want to use the Web User Interface, run this command:" - elog " ~# rc-service arachni-webui-daemon start" - elog "and open in browser http://127.0.0.1:9292\n" - elog "Defaults for the administrator account:" - elog " Login: admin@admin.admin" - elog " Passwd: administrator\n" - - elog "See documentation:" - elog " https://github.com/Arachni/arachni/wiki" - elog " https://github.com/Arachni/arachni-ui-web/wiki\n" -} diff --git a/net-analyzer/arachni-bin/files/arachni-webui-daemon.confd b/net-analyzer/arachni-bin/files/arachni-webui-daemon.confd deleted file mode 100644 index 2227f6d76..000000000 --- a/net-analyzer/arachni-bin/files/arachni-webui-daemon.confd +++ /dev/null @@ -1,10 +0,0 @@ -# /etc/conf.d/arachni-webui-daemon: config file for /etc/init.d/arachni-webui-daemon - -# Address and port service will listen on -# Default: localhost -#WEBUI_HOST="127.0.0.1" -# Default: 9292 -#WEBUI_PORT="9292" - -# See manpage: man 1 arachni_web -#WEBUI_OPTS="" diff --git a/net-analyzer/arachni-bin/files/arachni-webui-daemon.initd b/net-analyzer/arachni-bin/files/arachni-webui-daemon.initd deleted file mode 100644 index af31fa4ef..000000000 --- a/net-analyzer/arachni-bin/files/arachni-webui-daemon.initd +++ /dev/null @@ -1,34 +0,0 @@ -#!/sbin/openrc-run -# Copyright 1999-2019 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -PID_DIR=${PID_DIR:-/run/${RC_SVCNAME}} -PID_FILE=${PID_DIR}/${RC_SVCNAME}.pid - -USER="arachni" -GROUP="arachni" - -description="Arachni's web user interface" -command="/usr/bin/arachni_web" -command_user="${USER}:${GROUP}" -command_args="-D -P ${PID_FILE} -o ${WEBUI_HOST:-127.0.0.1} -p ${WEBUI_PORT:-9292} ${WEBUI_OPTS}" -pidfile="${PID_FILE}" -retry="${WEBUI_TERMTIMEOUT:-"TERM/25/KILL/5"}" - -extra_commands="checkconfig" - -depend() { - after net -} - -checkconfig() { - if ! [ -d "${PID_DIR}" ]; then - checkpath -q -d -o ${USER}:${GROUP} -m 0755 "${PID_DIR}" || return 1 - fi -} - -start_pre() { - checkconfig || return 1 -} - -# vim: set ft=gentoo-init-d ts=4 : diff --git a/net-analyzer/arachni-bin/files/man/arachni.1 b/net-analyzer/arachni-bin/files/man/arachni.1 deleted file mode 100644 index e9a41615a..000000000 --- a/net-analyzer/arachni-bin/files/man/arachni.1 +++ /dev/null @@ -1,471 +0,0 @@ -.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.6. -.TH ARACHNI "1" "May 2019" "Arachni - Web Application Security Scanner Framework v1.5.1" "User Commands" -.SH NAME -Arachni \- manual page for Arachni - Web Application Security Scanner Framework v1.5.1 -.SH SYNOPSIS -.B arachni -[\fI\,options\/\fR] \fI\,URL\/\fR -.SH DESCRIPTION -Arachni \- Web Application Security Scanner Framework v1.5.1 -.IP -Author: Tasos "Zapotek" Laskos -.IP -(With the support of the community and the Arachni Team.) -.TP -Website: -http://arachni\-scanner.com -.IP -Documentation: http://arachni\-scanner.com/wiki -.PP -Generic -.TP -\fB\-h\fR, \fB\-\-help\fR -Output this message. -.TP -\fB\-\-version\fR -Show version information. -.TP -\fB\-\-daemon\-friendly\fR -Enable this option when running the process in the background. -.TP -\fB\-\-authorized\-by\fR EMAIL_ADDRESS -E\-mail address of the person who authorized the scan. -.TP -(It'll make it easier on the sys\-admins during log reviews.) -(Will be used as a value for the 'From' HTTP request header.) -.PP -Output -.TP -\fB\-\-output\-verbose\fR -Show verbose output. -.TP -\fB\-\-output\-debug\fR [LEVEL 1\-4] -Show debugging information. -.HP -\fB\-\-output\-only\-positives\fR Only output positive results. -.PP -Scope -.TP -\fB\-\-scope\-include\-pattern\fR PATTERN -Only include resources whose path/action matches PATTERN. -.IP -(Can be used multiple times.) -.TP -\fB\-\-scope\-include\-subdomains\fR -Follow links to subdomains. -.IP -(Default: false) -.TP -\fB\-\-scope\-exclude\-pattern\fR PATTERN -Exclude resources whose path/action matches PATTERN. -.IP -(Can be used multiple times.) -.TP -\fB\-\-scope\-exclude\-file\-extensions\fR EXTENSION,EXTENSION2,.. -Exclude resources with the specified extensions. -.TP -\fB\-\-scope\-exclude\-content\-pattern\fR PATTERN -Exclude pages whose content matches PATTERN. -.IP -(Can be used multiple times.) -.TP -\fB\-\-scope\-exclude\-binaries\fR -Exclude non text\-based pages. -.IP -(Binary content can confuse passive checks that perform pattern matching.) -.TP -\fB\-\-scope\-redundant\-path\-pattern\fR PATTERN:LIMIT -Limit crawl on redundant pages like galleries or catalogs. -.TP -(URLs matching PATTERN will be crawled LIMIT amount of times.) -(Can be used multiple times.) -.TP -\fB\-\-scope\-auto\-redundant\fR [LIMIT] -Only follow URLs with identical query parameter names LIMIT amount of times. -.IP -(Default: 10) -.TP -\fB\-\-scope\-directory\-depth\-limit\fR LIMIT -Directory depth limit. -.TP -(Default: inf) -(How deep Arachni should go into the site structure.) -.TP -\fB\-\-scope\-page\-limit\fR LIMIT -How many pages to crawl and audit. -.IP -(Default: inf) -.TP -\fB\-\-scope\-extend\-paths\fR FILE -Add the paths in FILE to the ones discovered by the crawler. -.IP -(Can be used multiple times.) -.TP -\fB\-\-scope\-restrict\-paths\fR FILE -Use the paths in FILE instead of crawling. -.IP -(Can be used multiple times.) -.TP -\fB\-\-scope\-url\-rewrite\fR PATTERN:SUBSTITUTION -Rewrite URLs based on the given PATTERN and SUBSTITUTION. -.TP -To convert: -http://example.com/articles/some\-stuff/23 to http://example.com/articles.php?id=23 -.TP -Use: -articles/[\ew\-]+/(\ed+):articles.php?id=\e1 -.TP -\fB\-\-scope\-dom\-depth\-limit\fR LIMIT -How deep to go into the DOM tree of each page, for pages with JavaScript code. -.TP -(Default: 5) -(Setting it to '0' will disable browser analysis.) -.TP -\fB\-\-scope\-dom\-event\-limit\fR LIMIT -How many DOM events to trigger for each DOM depth, for pages with JavaScript code. -.IP -(Default: inf) -.TP -\fB\-\-scope\-https\-only\fR -Forces the system to only follow HTTPS URLs. -(Default: false) -.PP -Audit -.TP -\fB\-\-audit\-links\fR -Audit links. -.TP -\fB\-\-audit\-forms\fR -Audit forms. -.TP -\fB\-\-audit\-cookies\fR -Audit cookies. -.TP -\fB\-\-audit\-cookies\-extensively\fR -Submit all links and forms of the page along with the cookie permutations. -.IP -(*WARNING*: This will severely increase the scan\-time.) -.TP -\fB\-\-audit\-headers\fR -Audit headers. -.TP -\fB\-\-audit\-link\-template\fR TEMPLATE -Regular expression with named captures to use to extract input information from generic paths. -.TP -To extract the 'input1' and 'input2' inputs from: -http://example.com/input1/value1/input2/value2 -.TP -Use: -input1/(?\ew+)/input2/(?\ew+) -.IP -(Can be used multiple times.) -.TP -\fB\-\-audit\-jsons\fR -Audit JSON request inputs. -.TP -\fB\-\-audit\-xmls\fR -Audit XML request inputs. -.TP -\fB\-\-audit\-ui\-inputs\fR -Audit orphan elements with events. -.TP -\fB\-\-audit\-ui\-forms\fR -Audit UI Forms. -Input and button groups that do not belong to a parent
element. -.HP -\fB\-\-audit\-parameter\-names\fR Inject payloads into parameter names. -.TP -\fB\-\-audit\-with\-raw\-payloads\fR -Inject payloads with and without HTTP encoding. -.TP -\fB\-\-audit\-with\-extra\-parameter\fR -Inject payloads into extra element parameters. -.TP -\fB\-\-audit\-with\-both\-methods\fR -Audit elements with both GET and POST requests. -.IP -(*WARNING*: This will severely increase the scan\-time.) -.TP -\fB\-\-audit\-exclude\-vector\fR PATTERN -Exclude input vectors whose name matches PATTERN. -.IP -(Can be used multiple times.) -.TP -\fB\-\-audit\-include\-vector\fR PATTERN -Include only input vectors whose name matches PATTERN. -.IP -(Can be used multiple times.) -.PP -Input -.TP -\fB\-\-input\-value\fR PATTERN:VALUE -PATTERN to match against input names and VALUE to use for them. -.IP -(Can be used multiple times.) -.TP -\fB\-\-input\-values\-file\fR FILE -YAML file containing a Hash object with regular expressions, to match against input names, as keys and input values as values. -.TP -\fB\-\-input\-without\-defaults\fR -Do not use the system default input values. -.TP -\fB\-\-input\-force\fR -Fill\-in even non\-empty inputs. -.PP -HTTP -.TP -\fB\-\-http\-user\-agent\fR USER_AGENT -Value for the 'User\-Agent' HTTP request header. -.IP -(Default: Arachni/v1.5.1) -.TP -\fB\-\-http\-request\-concurrency\fR MAX_CONCURRENCY -Maximum HTTP request concurrency. -.TP -(Default: 20) -(Be careful not to kill your server.) -(*NOTE*: If your scan seems unresponsive try lowering the limit.) -.TP -\fB\-\-http\-request\-timeout\fR TIMEOUT -HTTP request timeout in milliseconds. -.IP -(Default: 10000) -.TP -\fB\-\-http\-request\-redirect\-limit\fR LIMIT -Maximum amount of redirects to follow for each HTTP request. -.IP -(Default: 5) -.TP -\fB\-\-http\-request\-queue\-size\fR QUEUE_SIZE -Maximum amount of requests to keep in the queue. -.TP -Bigger size means better scheduling and better performance, -smaller means less RAM consumption. -(Default: 100) -.TP -\fB\-\-http\-request\-header\fR NAME=VALUE -Specify custom headers to be included in the HTTP requests. -.IP -(Can be used multiple times.) -.TP -\fB\-\-http\-response\-max\-size\fR LIMIT -Do not download response bodies larger than the specified LIMIT, in bytes. -.IP -(Default: 500000) -.TP -\fB\-\-http\-cookie\-jar\fR COOKIE_JAR_FILE -Netscape\-styled HTTP cookiejar file. -.TP -\fB\-\-http\-cookie\-string\fR COOKIE -Cookie representation as a 'Set\-Cookie' HTTP response header. -.IP -Example: my_cookie=my_value; Path=/, other_cookie=other_value; Path=/test -.TP -\fB\-\-http\-authentication\-username\fR USERNAME -Username for HTTP authentication. -.TP -\fB\-\-http\-authentication\-password\fR PASSWORD -Password for HTTP authentication. -.TP -\fB\-\-http\-authentication\-type\fR auto,basic,digest,digest_ie,negotiate,ntlm -HTTP authentication type. -.IP -(Default: auto) -.TP -\fB\-\-http\-proxy\fR ADDRESS:PORT -Proxy to use. -.TP -\fB\-\-http\-proxy\-authentication\fR USERNAME:PASSWORD -Proxy authentication credentials. -.TP -\fB\-\-http\-proxy\-type\fR http,http_1_0,socks4,socks4a,socks5,socks5h -Proxy type. -.IP -(Default: auto) -.TP -\fB\-\-http\-ssl\-verify\-peer\fR -Verify SSL peer. -(Default: false) -.TP -\fB\-\-http\-ssl\-verify\-host\fR -Verify SSL host. -(Default: false) -.TP -\fB\-\-http\-ssl\-certificate\fR PATH -SSL certificate to use. -.TP -\fB\-\-http\-ssl\-certificate\-type\fR pem,der -SSL certificate type. -.TP -\fB\-\-http\-ssl\-key\fR PATH -SSL private key to use. -.TP -\fB\-\-http\-ssl\-key\-type\fR pem,der -SSL key type. -.TP -\fB\-\-http\-ssl\-key\-password\fR PASSWORD -Password for the SSL private key. -.TP -\fB\-\-http\-ssl\-ca\fR PATH -File holding one or more certificates with which to verify the peer. -.TP -\fB\-\-http\-ssl\-ca\-directory\fR PATH -Directory holding multiple certificate files with which to verify the peer. -.TP -\fB\-\-http\-ssl\-version\fR TLSv1,TLSv1_0,TLSv1_1,TLSv1_2,SSLv2,SSLv3 -SSL version to use. -.PP -Checks -.TP -\fB\-\-checks\-list\fR [GLOB] -List available checks based on the provided glob. -(If no glob is provided all checks will be listed.) -.TP -\fB\-\-checks\fR CHECK,CHECK2,... -Comma separated list of checks to load. -.TP -Checks are referenced by their filename without the '.rb' extension, use '\-\-checks\-list' to list all. -Use '*' as a check name to load all checks or as a wildcard, like so: -.TP -xss* -to load all XSS checks -.TP -sql_injection* -to load all SQL injection checks -.IP -etc. -.TP -You can exclude checks by prefixing their name with a minus sign: -\fB\-\-checks=\fR*,\-backup_files,\-xss -.IP -The above will load all checks except for the 'backup_files' and 'xss' checks. -.TP -Or mix and match: -\fB\-xss\fR* to unload all XSS checks. -.PP -Plugins -.TP -\fB\-\-plugins\-list\fR [GLOB] -List available plugins based on the provided glob. -(If no glob is provided all plugins will be listed.) -.TP -\fB\-\-plugin\fR 'PLUGIN:OPTION=VALUE,OPTION2=VALUE2' -PLUGIN is the name of the plugin as displayed by '\-\-plugins\-list'. -.TP -(Plugins are referenced by their filename without the '.rb' extension, use '\-\-plugins\-list' to list all.) -(Can be used multiple times.) -.PP -Platforms -.TP -\fB\-\-platforms\-list\fR -List available platforms. -.TP -\fB\-\-platforms\-no\-fingerprinting\fR -Disable platform fingerprinting. -.TP -(By default, the system will try to identify the deployed server\-side platforms automatically -in order to avoid sending irrelevant payloads.) -.TP -\fB\-\-platforms\fR PLATFORM,PLATFORM2,... -Comma separated list of platforms (by shortname) to audit. -.TP -(The given platforms will be used *in addition* to fingerprinting. In order to restrict the audit to -these platforms enable the '\-\-platforms\-no\-fingerprinting' option.) -.PP -Session -.TP -\fB\-\-session\-check\-url\fR URL URL to use to verify that the scanner is still logged in to the web application. -(Requires 'session\-check\-pattern'.) -.TP -\fB\-\-session\-check\-pattern\fR PATTERN -Pattern used against the body of the 'session\-check\-url' to verify that the scanner is still logged in to the web application. -.IP -(Requires 'session\-check\-url'.) -.PP -Profiles -.TP -\fB\-\-profile\-save\-filepath\fR FILEPATH -Save the current configuration profile/options to FILEPATH. -.TP -\fB\-\-profile\-load\-filepath\fR FILEPATH -Load a configuration profile from FILEPATH. -.PP -Browser cluster -.TP -\fB\-\-browser\-cluster\-local\-storage\fR FILE -Sets the browsers' local storage using the JSON data in FILE. -.TP -\fB\-\-browser\-cluster\-wait\-for\-element\fR PATTERN:CSS -Wait for element matching CSS to appear when visiting a page whose URL matches the PATTERN. -.TP -\fB\-\-browser\-cluster\-pool\-size\fR SIZE -Amount of browser workers to keep in the pool and put to work. -.IP -(Default: 6) -.TP -\fB\-\-browser\-cluster\-job\-timeout\fR SECONDS -Maximum allowed time for each job. -.IP -(Default: 10) -.TP -\fB\-\-browser\-cluster\-worker\-time\-to\-live\fR LIMIT -Re\-spawn the browser of each worker every LIMIT jobs. -.IP -(Default: 100) -.TP -\fB\-\-browser\-cluster\-ignore\-images\fR -Do not load images. -.TP -\fB\-\-browser\-cluster\-screen\-width\fR -Browser screen width. -.IP -(Default: 1600) -.TP -\fB\-\-browser\-cluster\-screen\-height\fR -Browser screen height. -.IP -(Default: 1200) -.PP -Report -.TP -\fB\-\-report\-save\-path\fR PATH Directory or file path where to store the scan report. -You can use the generated file to create reports in several formats with the 'arachni_reporter' executable. -.PP -Snapshot -.TP -\fB\-\-snapshot\-save\-path\fR PATH -Directory or file path where to store the snapshot of a suspended scan. -.IP -You can use the generated file to resume the scan with the 'arachni_restore' executable. -.PP -Timeout -.TP -\fB\-\-timeout\fR HOURS:MINUTES:SECONDS -Stop the scan after the given duration is exceeded. -.TP -\fB\-\-timeout\-suspend\fR -Suspend after the timeout. -You can use the generated file to resume the scan with the 'arachni_restore' executable. -.IP -Author: Tasos "Zapotek" Laskos -.IP -(With the support of the community and the Arachni Team.) -.TP -Website: -http://arachni\-scanner.com -.IP -Documentation: http://arachni\-scanner.com/wiki -.PP -Arachni 1.5.1 (ruby 2.2.3p173) [x86_64\-linux] -.SH "SEE ALSO" -The full documentation for -.B Arachni -is maintained as a Texinfo manual. If the -.B info -and -.B Arachni -programs are properly installed at your site, the command -.IP -.B info Arachni -.PP -should give you access to the complete manual. diff --git a/net-analyzer/arachni-bin/files/man/arachni_console.1 b/net-analyzer/arachni-bin/files/man/arachni_console.1 deleted file mode 100644 index 5fb0c247a..000000000 --- a/net-analyzer/arachni-bin/files/man/arachni_console.1 +++ /dev/null @@ -1,135 +0,0 @@ -.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.6. -.TH ARACHNI "1" "May 2019" "Arachni - Web Application Security Scanner Framework v1.5.1" "User Commands" -.SH NAME -Arachni \- manual page for Arachni - Web Application Security Scanner Framework v1.5.1 -.SH SYNOPSIS -.B irb.rb -[\fI\,options\/\fR] [\fI\,programfile\/\fR] [\fI\,arguments\/\fR] -.SH DESCRIPTION -Arachni \- Web Application Security Scanner Framework v1.5.1 -.IP -Author: Tasos "Zapotek" Laskos -.IP -(With the support of the community and the Arachni Team.) -.TP -Website: -http://arachni\-scanner.com -.IP -Documentation: http://arachni\-scanner.com/wiki -.PP -(Call the 'mute' method to mute framework output.) -.TP -\fB\-f\fR -Suppress read of ~/.irbrc -.TP -\fB\-m\fR -Bc mode (load mathn, fraction or matrix are available) -.TP -\fB\-d\fR -Set $DEBUG to true (same as `ruby \fB\-d\fR') -.TP -\fB\-r\fR load\-module -Same as `ruby \fB\-r\fR' -.TP -\fB\-I\fR path -Specify $LOAD_PATH directory -.TP -\fB\-U\fR -Same as `ruby \fB\-U\fR` -.TP -\fB\-E\fR enc -Same as `ruby \fB\-E\fR` -.TP -\fB\-w\fR -Same as `ruby \fB\-w\fR` -.TP -\fB\-W[level\fR=\fI\,2]\/\fR -Same as `ruby \fB\-W\fR` -.TP -\fB\-\-context\-mode\fR n -Set n[0\-3] to method to create Binding Object, -when new workspace was created -.TP -\fB\-\-echo\fR -Show result(default) -.TP -\fB\-\-noecho\fR -Don't show result -.TP -\fB\-\-inspect\fR -Use `inspect' for output (default except for bc mode) -.TP -\fB\-\-noinspect\fR -Don't use inspect for output -.TP -\fB\-\-readline\fR -Use Readline extension module -.TP -\fB\-\-noreadline\fR -Don't use Readline extension module -.TP -\fB\-\-prompt\fR prompt\-mode/\-\-prompt\-mode prompt\-mode -Switch prompt mode. Pre\-defined prompt modes are -`default', `simple', `xmp' and `inf\-ruby' -.TP -\fB\-\-inf\-ruby\-mode\fR -Use prompt appropriate for inf\-ruby\-mode on emacs. -Suppresses \fB\-\-readline\fR. -.TP -\fB\-\-sample\-book\-mode\fR/\-\-simple\-prompt -Simple prompt mode -.TP -\fB\-\-noprompt\fR -No prompt mode -.TP -\fB\-\-single\-irb\fR -Share self with sub\-irb. -.TP -\fB\-\-tracer\fR -Display trace for each execution of commands. -.TP -\fB\-\-back\-trace\-limit\fR n -Display backtrace top n and tail n. The default -value is 16. -.TP -\fB\-\-irb_debug\fR n -Set internal debug level to n (not for popular use) -.TP -\fB\-\-verbose\fR -Show details -.TP -\fB\-\-noverbose\fR -Don't show details -.TP -\fB\-v\fR, \fB\-\-version\fR -Print the version of irb -.TP -\fB\-h\fR, \fB\-\-help\fR -Print help -.TP -\fB\-\-\fR -Separate options of irb from the list of command\-line args -.IP -Author: Tasos "Zapotek" Laskos -.IP -(With the support of the community and the Arachni Team.) -.TP -Website: -http://arachni\-scanner.com -.IP -Documentation: http://arachni\-scanner.com/wiki -.PP -(Call the 'mute' method to mute framework output.) -irb 0.9.6(09/06/30) -.SH "SEE ALSO" -The full documentation for -.B Arachni -is maintained as a Texinfo manual. If the -.B info -and -.B Arachni -programs are properly installed at your site, the command -.IP -.B info Arachni -.PP -should give you access to the complete manual. diff --git a/net-analyzer/arachni-bin/files/man/arachni_multi.1 b/net-analyzer/arachni-bin/files/man/arachni_multi.1 deleted file mode 100644 index 181b32eff..000000000 --- a/net-analyzer/arachni-bin/files/man/arachni_multi.1 +++ /dev/null @@ -1,452 +0,0 @@ -.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.6. -.TH ARACHNI "1" "May 2019" "Arachni - Web Application Security Scanner Framework v1.5.1" "User Commands" -.SH NAME -Arachni \- manual page for Arachni - Web Application Security Scanner Framework v1.5.1 -.SH SYNOPSIS -.B arachni_multi -[\fI\,options\/\fR] \fI\,URL\/\fR -.SH DESCRIPTION -Arachni \- Web Application Security Scanner Framework v1.5.1 -.IP -Author: Tasos "Zapotek" Laskos -.IP -(With the support of the community and the Arachni Team.) -.TP -Website: -http://arachni\-scanner.com -.IP -Documentation: http://arachni\-scanner.com/wiki -.PP -Generic -.TP -\fB\-h\fR, \fB\-\-help\fR -Output this message. -.TP -\fB\-\-version\fR -Show version information. -.TP -\fB\-\-authorized\-by\fR EMAIL_ADDRESS -E\-mail address of the person who authorized the scan. -.TP -(It'll make it easier on the sys\-admins during log reviews.) -(Will be used as a value for the 'From' HTTP request header.) -.PP -Scope -.TP -\fB\-\-scope\-include\-pattern\fR PATTERN -Only include resources whose path/action matches PATTERN. -.IP -(Can be used multiple times.) -.TP -\fB\-\-scope\-include\-subdomains\fR -Follow links to subdomains. -.IP -(Default: false) -.TP -\fB\-\-scope\-exclude\-pattern\fR PATTERN -Exclude resources whose path/action matches PATTERN. -.IP -(Can be used multiple times.) -.TP -\fB\-\-scope\-exclude\-file\-extensions\fR EXTENSION,EXTENSION2,.. -Exclude resources with the specified extensions. -.TP -\fB\-\-scope\-exclude\-content\-pattern\fR PATTERN -Exclude pages whose content matches PATTERN. -.IP -(Can be used multiple times.) -.TP -\fB\-\-scope\-exclude\-binaries\fR -Exclude non text\-based pages. -.IP -(Binary content can confuse passive checks that perform pattern matching.) -.TP -\fB\-\-scope\-redundant\-path\-pattern\fR PATTERN:LIMIT -Limit crawl on redundant pages like galleries or catalogs. -.TP -(URLs matching PATTERN will be crawled LIMIT amount of times.) -(Can be used multiple times.) -.TP -\fB\-\-scope\-auto\-redundant\fR [LIMIT] -Only follow URLs with identical query parameter names LIMIT amount of times. -.IP -(Default: 10) -.TP -\fB\-\-scope\-directory\-depth\-limit\fR LIMIT -Directory depth limit. -.TP -(Default: inf) -(How deep Arachni should go into the site structure.) -.TP -\fB\-\-scope\-page\-limit\fR LIMIT -How many pages to crawl and audit. -.IP -(Default: inf) -.TP -\fB\-\-scope\-extend\-paths\fR FILE -Add the paths in FILE to the ones discovered by the crawler. -.IP -(Can be used multiple times.) -.TP -\fB\-\-scope\-restrict\-paths\fR FILE -Use the paths in FILE instead of crawling. -.IP -(Can be used multiple times.) -.TP -\fB\-\-scope\-url\-rewrite\fR PATTERN:SUBSTITUTION -Rewrite URLs based on the given PATTERN and SUBSTITUTION. -.TP -To convert: -http://example.com/articles/some\-stuff/23 to http://example.com/articles.php?id=23 -.TP -Use: -articles/[\ew\-]+/(\ed+):articles.php?id=\e1 -.TP -\fB\-\-scope\-dom\-depth\-limit\fR LIMIT -How deep to go into the DOM tree of each page, for pages with JavaScript code. -.TP -(Default: 5) -(Setting it to '0' will disable browser analysis.) -.TP -\fB\-\-scope\-dom\-event\-limit\fR LIMIT -How many DOM events to trigger for each DOM depth, for pages with JavaScript code. -.IP -(Default: inf) -.TP -\fB\-\-scope\-https\-only\fR -Forces the system to only follow HTTPS URLs. -(Default: false) -.PP -Audit -.TP -\fB\-\-audit\-links\fR -Audit links. -.TP -\fB\-\-audit\-forms\fR -Audit forms. -.TP -\fB\-\-audit\-cookies\fR -Audit cookies. -.TP -\fB\-\-audit\-cookies\-extensively\fR -Submit all links and forms of the page along with the cookie permutations. -.IP -(*WARNING*: This will severely increase the scan\-time.) -.TP -\fB\-\-audit\-headers\fR -Audit headers. -.TP -\fB\-\-audit\-link\-template\fR TEMPLATE -Regular expression with named captures to use to extract input information from generic paths. -.TP -To extract the 'input1' and 'input2' inputs from: -http://example.com/input1/value1/input2/value2 -.TP -Use: -input1/(?\ew+)/input2/(?\ew+) -.IP -(Can be used multiple times.) -.TP -\fB\-\-audit\-jsons\fR -Audit JSON request inputs. -.TP -\fB\-\-audit\-xmls\fR -Audit XML request inputs. -.TP -\fB\-\-audit\-ui\-inputs\fR -Audit orphan elements with events. -.TP -\fB\-\-audit\-ui\-forms\fR -Audit UI Forms. -Input and button groups that do not belong to a parent element. -.HP -\fB\-\-audit\-parameter\-names\fR Inject payloads into parameter names. -.TP -\fB\-\-audit\-with\-raw\-payloads\fR -Inject payloads with and without HTTP encoding. -.TP -\fB\-\-audit\-with\-extra\-parameter\fR -Inject payloads into extra element parameters. -.TP -\fB\-\-audit\-with\-both\-methods\fR -Audit elements with both GET and POST requests. -.IP -(*WARNING*: This will severely increase the scan\-time.) -.TP -\fB\-\-audit\-exclude\-vector\fR PATTERN -Exclude input vectors whose name matches PATTERN. -.IP -(Can be used multiple times.) -.TP -\fB\-\-audit\-include\-vector\fR PATTERN -Include only input vectors whose name matches PATTERN. -.IP -(Can be used multiple times.) -.PP -Input -.TP -\fB\-\-input\-value\fR PATTERN:VALUE -PATTERN to match against input names and VALUE to use for them. -.IP -(Can be used multiple times.) -.TP -\fB\-\-input\-values\-file\fR FILE -YAML file containing a Hash object with regular expressions, to match against input names, as keys and input values as values. -.TP -\fB\-\-input\-without\-defaults\fR -Do not use the system default input values. -.TP -\fB\-\-input\-force\fR -Fill\-in even non\-empty inputs. -.PP -HTTP -.TP -\fB\-\-http\-user\-agent\fR USER_AGENT -Value for the 'User\-Agent' HTTP request header. -.IP -(Default: Arachni/v1.5.1) -.TP -\fB\-\-http\-request\-concurrency\fR MAX_CONCURRENCY -Maximum HTTP request concurrency. -.TP -(Default: 20) -(Be careful not to kill your server.) -(*NOTE*: If your scan seems unresponsive try lowering the limit.) -.TP -\fB\-\-http\-request\-timeout\fR TIMEOUT -HTTP request timeout in milliseconds. -.IP -(Default: 10000) -.TP -\fB\-\-http\-request\-redirect\-limit\fR LIMIT -Maximum amount of redirects to follow for each HTTP request. -.IP -(Default: 5) -.TP -\fB\-\-http\-request\-queue\-size\fR QUEUE_SIZE -Maximum amount of requests to keep in the queue. -.TP -Bigger size means better scheduling and better performance, -smaller means less RAM consumption. -(Default: 100) -.TP -\fB\-\-http\-request\-header\fR NAME=VALUE -Specify custom headers to be included in the HTTP requests. -.IP -(Can be used multiple times.) -.TP -\fB\-\-http\-response\-max\-size\fR LIMIT -Do not download response bodies larger than the specified LIMIT, in bytes. -.IP -(Default: 500000) -.TP -\fB\-\-http\-cookie\-jar\fR COOKIE_JAR_FILE -Netscape\-styled HTTP cookiejar file. -.TP -\fB\-\-http\-cookie\-string\fR COOKIE -Cookie representation as a 'Set\-Cookie' HTTP response header. -.IP -Example: my_cookie=my_value; Path=/, other_cookie=other_value; Path=/test -.TP -\fB\-\-http\-authentication\-username\fR USERNAME -Username for HTTP authentication. -.TP -\fB\-\-http\-authentication\-password\fR PASSWORD -Password for HTTP authentication. -.TP -\fB\-\-http\-authentication\-type\fR auto,basic,digest,digest_ie,negotiate,ntlm -HTTP authentication type. -.IP -(Default: auto) -.TP -\fB\-\-http\-proxy\fR ADDRESS:PORT -Proxy to use. -.TP -\fB\-\-http\-proxy\-authentication\fR USERNAME:PASSWORD -Proxy authentication credentials. -.TP -\fB\-\-http\-proxy\-type\fR http,http_1_0,socks4,socks4a,socks5,socks5h -Proxy type. -.IP -(Default: auto) -.TP -\fB\-\-http\-ssl\-verify\-peer\fR -Verify SSL peer. -(Default: false) -.TP -\fB\-\-http\-ssl\-verify\-host\fR -Verify SSL host. -(Default: false) -.TP -\fB\-\-http\-ssl\-certificate\fR PATH -SSL certificate to use. -.TP -\fB\-\-http\-ssl\-certificate\-type\fR pem,der -SSL certificate type. -.TP -\fB\-\-http\-ssl\-key\fR PATH -SSL private key to use. -.TP -\fB\-\-http\-ssl\-key\-type\fR pem,der -SSL key type. -.TP -\fB\-\-http\-ssl\-key\-password\fR PASSWORD -Password for the SSL private key. -.TP -\fB\-\-http\-ssl\-ca\fR PATH -File holding one or more certificates with which to verify the peer. -.TP -\fB\-\-http\-ssl\-ca\-directory\fR PATH -Directory holding multiple certificate files with which to verify the peer. -.TP -\fB\-\-http\-ssl\-version\fR TLSv1,TLSv1_0,TLSv1_1,TLSv1_2,SSLv2,SSLv3 -SSL version to use. -.PP -Checks -.TP -\fB\-\-checks\-list\fR [GLOB] -List available checks based on the provided glob. -(If no glob is provided all checks will be listed.) -.TP -\fB\-\-checks\fR CHECK,CHECK2,... -Comma separated list of checks to load. -.TP -Checks are referenced by their filename without the '.rb' extension, use '\-\-checks\-list' to list all. -Use '*' as a check name to load all checks or as a wildcard, like so: -.TP -xss* -to load all XSS checks -.TP -sql_injection* -to load all SQL injection checks -.IP -etc. -.TP -You can exclude checks by prefixing their name with a minus sign: -\fB\-\-checks=\fR*,\-backup_files,\-xss -.IP -The above will load all checks except for the 'backup_files' and 'xss' checks. -.TP -Or mix and match: -\fB\-xss\fR* to unload all XSS checks. -.PP -Plugins -.TP -\fB\-\-plugins\-list\fR [GLOB] -List available plugins based on the provided glob. -(If no glob is provided all plugins will be listed.) -.TP -\fB\-\-plugin\fR 'PLUGIN:OPTION=VALUE,OPTION2=VALUE2' -PLUGIN is the name of the plugin as displayed by '\-\-plugins\-list'. -.TP -(Plugins are referenced by their filename without the '.rb' extension, use '\-\-plugins\-list' to list all.) -(Can be used multiple times.) -.PP -Platforms -.TP -\fB\-\-platforms\-list\fR -List available platforms. -.TP -\fB\-\-platforms\-no\-fingerprinting\fR -Disable platform fingerprinting. -.TP -(By default, the system will try to identify the deployed server\-side platforms automatically -in order to avoid sending irrelevant payloads.) -.TP -\fB\-\-platforms\fR PLATFORM,PLATFORM2,... -Comma separated list of platforms (by shortname) to audit. -.TP -(The given platforms will be used *in addition* to fingerprinting. In order to restrict the audit to -these platforms enable the '\-\-platforms\-no\-fingerprinting' option.) -.PP -Session -.TP -\fB\-\-session\-check\-url\fR URL URL to use to verify that the scanner is still logged in to the web application. -(Requires 'session\-check\-pattern'.) -.TP -\fB\-\-session\-check\-pattern\fR PATTERN -Pattern used against the body of the 'session\-check\-url' to verify that the scanner is still logged in to the web application. -.IP -(Requires 'session\-check\-url'.) -.PP -Profiles -.TP -\fB\-\-profile\-save\-filepath\fR FILEPATH -Save the current configuration profile/options to FILEPATH. -.TP -\fB\-\-profile\-load\-filepath\fR FILEPATH -Load a configuration profile from FILEPATH. -.PP -Browser cluster -.TP -\fB\-\-browser\-cluster\-local\-storage\fR FILE -Sets the browsers' local storage using the JSON data in FILE. -.TP -\fB\-\-browser\-cluster\-wait\-for\-element\fR PATTERN:CSS -Wait for element matching CSS to appear when visiting a page whose URL matches the PATTERN. -.TP -\fB\-\-browser\-cluster\-pool\-size\fR SIZE -Amount of browser workers to keep in the pool and put to work. -.IP -(Default: 6) -.TP -\fB\-\-browser\-cluster\-job\-timeout\fR SECONDS -Maximum allowed time for each job. -.IP -(Default: 10) -.TP -\fB\-\-browser\-cluster\-worker\-time\-to\-live\fR LIMIT -Re\-spawn the browser of each worker every LIMIT jobs. -.IP -(Default: 100) -.TP -\fB\-\-browser\-cluster\-ignore\-images\fR -Do not load images. -.TP -\fB\-\-browser\-cluster\-screen\-width\fR -Browser screen width. -.IP -(Default: 1600) -.TP -\fB\-\-browser\-cluster\-screen\-height\fR -Browser screen height. -.IP -(Default: 1200) -.PP -Distribution -.TP -\fB\-\-instance\-spawns\fR SPAWNS -How many slaves to spawn for a high\-performance mult\-Instance scan. -.PP -Report -.TP -\fB\-\-report\-save\-path\fR PATH Directory or file path where to store the scan report. -You can use the generated file to create reports in several formats with the 'arachni_reporter' executable. -.PP -Timeout -.TP -\fB\-\-timeout\fR HOURS:MINUTES:SECONDS -Stop the scan after the given duration is exceeded. -.IP -Author: Tasos "Zapotek" Laskos -.IP -(With the support of the community and the Arachni Team.) -.TP -Website: -http://arachni\-scanner.com -.IP -Documentation: http://arachni\-scanner.com/wiki -.PP -Arachni 1.5.1 (ruby 2.2.3p173) [x86_64\-linux] -.SH "SEE ALSO" -The full documentation for -.B Arachni -is maintained as a Texinfo manual. If the -.B info -and -.B Arachni -programs are properly installed at your site, the command -.IP -.B info Arachni -.PP -should give you access to the complete manual. diff --git a/net-analyzer/arachni-bin/files/man/arachni_rest_server.1 b/net-analyzer/arachni-bin/files/man/arachni_rest_server.1 deleted file mode 100644 index e400886e7..000000000 --- a/net-analyzer/arachni-bin/files/man/arachni_rest_server.1 +++ /dev/null @@ -1,96 +0,0 @@ -.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.6. -.TH ARACHNI "1" "May 2019" "Arachni - Web Application Security Scanner Framework v1.5.1" "User Commands" -.SH NAME -Arachni \- manual page for Arachni - Web Application Security Scanner Framework v1.5.1 -.SH SYNOPSIS -.B arachni_rest_server -[\fI\,options\/\fR] -.SH DESCRIPTION -Arachni \- Web Application Security Scanner Framework v1.5.1 -.IP -Author: Tasos "Zapotek" Laskos -.IP -(With the support of the community and the Arachni Team.) -.TP -Website: -http://arachni\-scanner.com -.IP -Documentation: http://arachni\-scanner.com/wiki -.PP -Generic -.TP -\fB\-h\fR, \fB\-\-help\fR -Output this message. -.TP -\fB\-\-version\fR -Show version information. -.PP -Server -.TP -\fB\-\-address\fR ADDRESS -Hostname or IP address to bind to. -(Default: 127.0.0.1) -.TP -\fB\-\-port\fR NUMBER -Port to listen to. -(Default: 7331) -.PP -Output -.TP -\fB\-\-reroute\-to\-logfile\fR -Reroute scan output to log\-files under: /opt/arachni\-bin/bin/../system/logs/framework/ -.TP -\fB\-\-verbose\fR -Show verbose output. -(Only applicable when '\-\-reroute\-to\-logfile' is enabled.) -.TP -\fB\-\-debug\fR [LEVEL 1\-3] -Show debugging information. -(Only applicable when '\-\-reroute\-to\-logfile' is enabled.) -.TP -\fB\-\-only\-positives\fR -Only output positive results. -(Only applicable when '\-\-reroute\-to\-logfile' is enabled.) -.PP -Authentication -.TP -\fB\-\-authentication\-username\fR USERNAME -Username to use for HTTP authentication. -.TP -\fB\-\-authentication\-password\fR PASSWORD -Password to use for HTTP authentication. -.PP -SSL -.TP -\fB\-\-ssl\-ca\fR FILE -Location of the CA certificate (.pem). -If provided, peer verification will be enabled, otherwise no verification will take place. -.TP -\fB\-\-ssl\-private\-key\fR FILE -Location of the SSL private key (.pem). -.TP -\fB\-\-ssl\-certificate\fR FILE -Location of the SSL certificate (.pem). -.IP -Author: Tasos "Zapotek" Laskos -.IP -(With the support of the community and the Arachni Team.) -.TP -Website: -http://arachni\-scanner.com -.IP -Documentation: http://arachni\-scanner.com/wiki -.PP -Arachni 1.5.1 (ruby 2.2.3p173) [x86_64\-linux] -.SH "SEE ALSO" -The full documentation for -.B Arachni -is maintained as a Texinfo manual. If the -.B info -and -.B Arachni -programs are properly installed at your site, the command -.IP -.B info Arachni -.PP -should give you access to the complete manual. diff --git a/net-analyzer/arachni-bin/files/man/arachni_rpc.1 b/net-analyzer/arachni-bin/files/man/arachni_rpc.1 deleted file mode 100644 index 8e81a3a1b..000000000 --- a/net-analyzer/arachni-bin/files/man/arachni_rpc.1 +++ /dev/null @@ -1,481 +0,0 @@ -.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.6. -.TH ARACHNI "1" "May 2019" "Arachni - Web Application Security Scanner Framework v1.5.1" "User Commands" -.SH NAME -Arachni \- manual page for Arachni - Web Application Security Scanner Framework v1.5.1 -.SH SYNOPSIS -.B arachni_rpc -[\fI\,options\/\fR] \fI\,--dispatcher-url HOST:PORT URL\/\fR -.SH DESCRIPTION -Arachni \- Web Application Security Scanner Framework v1.5.1 -.IP -Author: Tasos "Zapotek" Laskos -.IP -(With the support of the community and the Arachni Team.) -.TP -Website: -http://arachni\-scanner.com -.IP -Documentation: http://arachni\-scanner.com/wiki -.PP -Generic -.TP -\fB\-h\fR, \fB\-\-help\fR -Output this message. -.TP -\fB\-\-version\fR -Show version information. -.TP -\fB\-\-authorized\-by\fR EMAIL_ADDRESS -E\-mail address of the person who authorized the scan. -.TP -(It'll make it easier on the sys\-admins during log reviews.) -(Will be used as a value for the 'From' HTTP request header.) -.PP -Scope -.TP -\fB\-\-scope\-include\-pattern\fR PATTERN -Only include resources whose path/action matches PATTERN. -.IP -(Can be used multiple times.) -.TP -\fB\-\-scope\-include\-subdomains\fR -Follow links to subdomains. -.IP -(Default: false) -.TP -\fB\-\-scope\-exclude\-pattern\fR PATTERN -Exclude resources whose path/action matches PATTERN. -.IP -(Can be used multiple times.) -.TP -\fB\-\-scope\-exclude\-file\-extensions\fR EXTENSION,EXTENSION2,.. -Exclude resources with the specified extensions. -.TP -\fB\-\-scope\-exclude\-content\-pattern\fR PATTERN -Exclude pages whose content matches PATTERN. -.IP -(Can be used multiple times.) -.TP -\fB\-\-scope\-exclude\-binaries\fR -Exclude non text\-based pages. -.IP -(Binary content can confuse passive checks that perform pattern matching.) -.TP -\fB\-\-scope\-redundant\-path\-pattern\fR PATTERN:LIMIT -Limit crawl on redundant pages like galleries or catalogs. -.TP -(URLs matching PATTERN will be crawled LIMIT amount of times.) -(Can be used multiple times.) -.TP -\fB\-\-scope\-auto\-redundant\fR [LIMIT] -Only follow URLs with identical query parameter names LIMIT amount of times. -.IP -(Default: 10) -.TP -\fB\-\-scope\-directory\-depth\-limit\fR LIMIT -Directory depth limit. -.TP -(Default: inf) -(How deep Arachni should go into the site structure.) -.TP -\fB\-\-scope\-page\-limit\fR LIMIT -How many pages to crawl and audit. -.IP -(Default: inf) -.TP -\fB\-\-scope\-extend\-paths\fR FILE -Add the paths in FILE to the ones discovered by the crawler. -.IP -(Can be used multiple times.) -.TP -\fB\-\-scope\-restrict\-paths\fR FILE -Use the paths in FILE instead of crawling. -.IP -(Can be used multiple times.) -.TP -\fB\-\-scope\-url\-rewrite\fR PATTERN:SUBSTITUTION -Rewrite URLs based on the given PATTERN and SUBSTITUTION. -.TP -To convert: -http://example.com/articles/some\-stuff/23 to http://example.com/articles.php?id=23 -.TP -Use: -articles/[\ew\-]+/(\ed+):articles.php?id=\e1 -.TP -\fB\-\-scope\-dom\-depth\-limit\fR LIMIT -How deep to go into the DOM tree of each page, for pages with JavaScript code. -.TP -(Default: 5) -(Setting it to '0' will disable browser analysis.) -.TP -\fB\-\-scope\-dom\-event\-limit\fR LIMIT -How many DOM events to trigger for each DOM depth, for pages with JavaScript code. -.IP -(Default: inf) -.TP -\fB\-\-scope\-https\-only\fR -Forces the system to only follow HTTPS URLs. -(Default: false) -.PP -Audit -.TP -\fB\-\-audit\-links\fR -Audit links. -.TP -\fB\-\-audit\-forms\fR -Audit forms. -.TP -\fB\-\-audit\-cookies\fR -Audit cookies. -.TP -\fB\-\-audit\-cookies\-extensively\fR -Submit all links and forms of the page along with the cookie permutations. -.IP -(*WARNING*: This will severely increase the scan\-time.) -.TP -\fB\-\-audit\-headers\fR -Audit headers. -.TP -\fB\-\-audit\-link\-template\fR TEMPLATE -Regular expression with named captures to use to extract input information from generic paths. -.TP -To extract the 'input1' and 'input2' inputs from: -http://example.com/input1/value1/input2/value2 -.TP -Use: -input1/(?\ew+)/input2/(?\ew+) -.IP -(Can be used multiple times.) -.TP -\fB\-\-audit\-jsons\fR -Audit JSON request inputs. -.TP -\fB\-\-audit\-xmls\fR -Audit XML request inputs. -.TP -\fB\-\-audit\-ui\-inputs\fR -Audit orphan elements with events. -.TP -\fB\-\-audit\-ui\-forms\fR -Audit UI Forms. -Input and button groups that do not belong to a parent element. -.HP -\fB\-\-audit\-parameter\-names\fR Inject payloads into parameter names. -.TP -\fB\-\-audit\-with\-raw\-payloads\fR -Inject payloads with and without HTTP encoding. -.TP -\fB\-\-audit\-with\-extra\-parameter\fR -Inject payloads into extra element parameters. -.TP -\fB\-\-audit\-with\-both\-methods\fR -Audit elements with both GET and POST requests. -.IP -(*WARNING*: This will severely increase the scan\-time.) -.TP -\fB\-\-audit\-exclude\-vector\fR PATTERN -Exclude input vectors whose name matches PATTERN. -.IP -(Can be used multiple times.) -.TP -\fB\-\-audit\-include\-vector\fR PATTERN -Include only input vectors whose name matches PATTERN. -.IP -(Can be used multiple times.) -.PP -Input -.TP -\fB\-\-input\-value\fR PATTERN:VALUE -PATTERN to match against input names and VALUE to use for them. -.IP -(Can be used multiple times.) -.TP -\fB\-\-input\-values\-file\fR FILE -YAML file containing a Hash object with regular expressions, to match against input names, as keys and input values as values. -.TP -\fB\-\-input\-without\-defaults\fR -Do not use the system default input values. -.TP -\fB\-\-input\-force\fR -Fill\-in even non\-empty inputs. -.PP -HTTP -.TP -\fB\-\-http\-user\-agent\fR USER_AGENT -Value for the 'User\-Agent' HTTP request header. -.IP -(Default: Arachni/v1.5.1) -.TP -\fB\-\-http\-request\-concurrency\fR MAX_CONCURRENCY -Maximum HTTP request concurrency. -.TP -(Default: 20) -(Be careful not to kill your server.) -(*NOTE*: If your scan seems unresponsive try lowering the limit.) -.TP -\fB\-\-http\-request\-timeout\fR TIMEOUT -HTTP request timeout in milliseconds. -.IP -(Default: 10000) -.TP -\fB\-\-http\-request\-redirect\-limit\fR LIMIT -Maximum amount of redirects to follow for each HTTP request. -.IP -(Default: 5) -.TP -\fB\-\-http\-request\-queue\-size\fR QUEUE_SIZE -Maximum amount of requests to keep in the queue. -.TP -Bigger size means better scheduling and better performance, -smaller means less RAM consumption. -(Default: 100) -.TP -\fB\-\-http\-request\-header\fR NAME=VALUE -Specify custom headers to be included in the HTTP requests. -.IP -(Can be used multiple times.) -.TP -\fB\-\-http\-response\-max\-size\fR LIMIT -Do not download response bodies larger than the specified LIMIT, in bytes. -.IP -(Default: 500000) -.TP -\fB\-\-http\-cookie\-jar\fR COOKIE_JAR_FILE -Netscape\-styled HTTP cookiejar file. -.TP -\fB\-\-http\-cookie\-string\fR COOKIE -Cookie representation as a 'Set\-Cookie' HTTP response header. -.IP -Example: my_cookie=my_value; Path=/, other_cookie=other_value; Path=/test -.TP -\fB\-\-http\-authentication\-username\fR USERNAME -Username for HTTP authentication. -.TP -\fB\-\-http\-authentication\-password\fR PASSWORD -Password for HTTP authentication. -.TP -\fB\-\-http\-authentication\-type\fR auto,basic,digest,digest_ie,negotiate,ntlm -HTTP authentication type. -.IP -(Default: auto) -.TP -\fB\-\-http\-proxy\fR ADDRESS:PORT -Proxy to use. -.TP -\fB\-\-http\-proxy\-authentication\fR USERNAME:PASSWORD -Proxy authentication credentials. -.TP -\fB\-\-http\-proxy\-type\fR http,http_1_0,socks4,socks4a,socks5,socks5h -Proxy type. -.IP -(Default: auto) -.TP -\fB\-\-http\-ssl\-verify\-peer\fR -Verify SSL peer. -(Default: false) -.TP -\fB\-\-http\-ssl\-verify\-host\fR -Verify SSL host. -(Default: false) -.TP -\fB\-\-http\-ssl\-certificate\fR PATH -SSL certificate to use. -.TP -\fB\-\-http\-ssl\-certificate\-type\fR pem,der -SSL certificate type. -.TP -\fB\-\-http\-ssl\-key\fR PATH -SSL private key to use. -.TP -\fB\-\-http\-ssl\-key\-type\fR pem,der -SSL key type. -.TP -\fB\-\-http\-ssl\-key\-password\fR PASSWORD -Password for the SSL private key. -.TP -\fB\-\-http\-ssl\-ca\fR PATH -File holding one or more certificates with which to verify the peer. -.TP -\fB\-\-http\-ssl\-ca\-directory\fR PATH -Directory holding multiple certificate files with which to verify the peer. -.TP -\fB\-\-http\-ssl\-version\fR TLSv1,TLSv1_0,TLSv1_1,TLSv1_2,SSLv2,SSLv3 -SSL version to use. -.PP -Checks -.TP -\fB\-\-checks\-list\fR [GLOB] -List available checks based on the provided glob. -(If no glob is provided all checks will be listed.) -.TP -\fB\-\-checks\fR CHECK,CHECK2,... -Comma separated list of checks to load. -.TP -Checks are referenced by their filename without the '.rb' extension, use '\-\-checks\-list' to list all. -Use '*' as a check name to load all checks or as a wildcard, like so: -.TP -xss* -to load all XSS checks -.TP -sql_injection* -to load all SQL injection checks -.IP -etc. -.TP -You can exclude checks by prefixing their name with a minus sign: -\fB\-\-checks=\fR*,\-backup_files,\-xss -.IP -The above will load all checks except for the 'backup_files' and 'xss' checks. -.TP -Or mix and match: -\fB\-xss\fR* to unload all XSS checks. -.PP -Plugins -.TP -\fB\-\-plugins\-list\fR [GLOB] -List available plugins based on the provided glob. -(If no glob is provided all plugins will be listed.) -.TP -\fB\-\-plugin\fR 'PLUGIN:OPTION=VALUE,OPTION2=VALUE2' -PLUGIN is the name of the plugin as displayed by '\-\-plugins\-list'. -.TP -(Plugins are referenced by their filename without the '.rb' extension, use '\-\-plugins\-list' to list all.) -(Can be used multiple times.) -.PP -Platforms -.TP -\fB\-\-platforms\-list\fR -List available platforms. -.TP -\fB\-\-platforms\-no\-fingerprinting\fR -Disable platform fingerprinting. -.TP -(By default, the system will try to identify the deployed server\-side platforms automatically -in order to avoid sending irrelevant payloads.) -.TP -\fB\-\-platforms\fR PLATFORM,PLATFORM2,... -Comma separated list of platforms (by shortname) to audit. -.TP -(The given platforms will be used *in addition* to fingerprinting. In order to restrict the audit to -these platforms enable the '\-\-platforms\-no\-fingerprinting' option.) -.PP -Session -.TP -\fB\-\-session\-check\-url\fR URL URL to use to verify that the scanner is still logged in to the web application. -(Requires 'session\-check\-pattern'.) -.TP -\fB\-\-session\-check\-pattern\fR PATTERN -Pattern used against the body of the 'session\-check\-url' to verify that the scanner is still logged in to the web application. -.IP -(Requires 'session\-check\-url'.) -.PP -Profiles -.TP -\fB\-\-profile\-save\-filepath\fR FILEPATH -Save the current configuration profile/options to FILEPATH. -.TP -\fB\-\-profile\-load\-filepath\fR FILEPATH -Load a configuration profile from FILEPATH. -.PP -Browser cluster -.TP -\fB\-\-browser\-cluster\-local\-storage\fR FILE -Sets the browsers' local storage using the JSON data in FILE. -.TP -\fB\-\-browser\-cluster\-wait\-for\-element\fR PATTERN:CSS -Wait for element matching CSS to appear when visiting a page whose URL matches the PATTERN. -.TP -\fB\-\-browser\-cluster\-pool\-size\fR SIZE -Amount of browser workers to keep in the pool and put to work. -.IP -(Default: 6) -.TP -\fB\-\-browser\-cluster\-job\-timeout\fR SECONDS -Maximum allowed time for each job. -.IP -(Default: 10) -.TP -\fB\-\-browser\-cluster\-worker\-time\-to\-live\fR LIMIT -Re\-spawn the browser of each worker every LIMIT jobs. -.IP -(Default: 100) -.TP -\fB\-\-browser\-cluster\-ignore\-images\fR -Do not load images. -.TP -\fB\-\-browser\-cluster\-screen\-width\fR -Browser screen width. -.IP -(Default: 1600) -.TP -\fB\-\-browser\-cluster\-screen\-height\fR -Browser screen height. -.IP -(Default: 1200) -.PP -Distribution -.TP -\fB\-\-dispatcher\-url\fR HOST:PORT -Dispatcher server to use. -.TP -\fB\-\-spawns\fR SPAWNS -How many slaves to spawn for a high\-performance mult\-Instance scan. -(When no grid mode has been specified, all slaves will all be from the same Dispatcher machine. -When a grid\-mode has been specified, this option will be treated as a possible maximum and -not a hard value.) -.TP -\fB\-\-grid\-mode\fR balance,aggregate -Sets the Grid mode of operation for this scan. -.TP -Valid modes are: -* balance \fB\-\-\fR Slaves will be provided by the least burdened Grid Dispatchers. -* aggregate \fB\-\-\fR In addition to balancing, slaves will all be from Dispatchers -.IP -with unique bandwidth Pipe\-IDs to result in application\-level line\-aggregation. -.TP -\fB\-\-grid\fR -Shorthand for '\-\-grid\-mode=balance'. -.PP -SSL -.TP -\fB\-\-ssl\-ca\fR FILE -Location of the CA certificate (.pem). -.TP -\fB\-\-ssl\-private\-key\fR FILE -Location of the client SSL private key (.pem). -.TP -\fB\-\-ssl\-certificate\fR FILE -Location of the client SSL certificate (.pem). -.PP -Report -.TP -\fB\-\-report\-save\-path\fR PATH Directory or file path where to store the scan report. -You can use the generated file to create reports in several formats with the 'arachni_reporter' executable. -.PP -Timeout -.TP -\fB\-\-timeout\fR HOURS:MINUTES:SECONDS -Stop the scan after the given duration is exceeded. -.IP -Author: Tasos "Zapotek" Laskos -.IP -(With the support of the community and the Arachni Team.) -.TP -Website: -http://arachni\-scanner.com -.IP -Documentation: http://arachni\-scanner.com/wiki -.PP -Arachni 1.5.1 (ruby 2.2.3p173) [x86_64\-linux] -.SH "SEE ALSO" -The full documentation for -.B Arachni -is maintained as a Texinfo manual. If the -.B info -and -.B Arachni -programs are properly installed at your site, the command -.IP -.B info Arachni -.PP -should give you access to the complete manual. diff --git a/net-analyzer/arachni-bin/files/man/arachni_rpcd.1 b/net-analyzer/arachni-bin/files/man/arachni_rpcd.1 deleted file mode 100644 index b5684062a..000000000 --- a/net-analyzer/arachni-bin/files/man/arachni_rpcd.1 +++ /dev/null @@ -1,126 +0,0 @@ -.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.6. -.TH ARACHNI "1" "May 2019" "Arachni - Web Application Security Scanner Framework v1.5.1" "User Commands" -.SH NAME -Arachni \- manual page for Arachni - Web Application Security Scanner Framework v1.5.1 -.SH SYNOPSIS -.B arachni_rpcd -[\fI\,options\/\fR] -.SH DESCRIPTION -Arachni \- Web Application Security Scanner Framework v1.5.1 -.IP -Author: Tasos "Zapotek" Laskos -.IP -(With the support of the community and the Arachni Team.) -.TP -Website: -http://arachni\-scanner.com -.IP -Documentation: http://arachni\-scanner.com/wiki -.PP -Generic -.TP -\fB\-h\fR, \fB\-\-help\fR -Output this message. -.TP -\fB\-\-version\fR -Show version information. -.PP -Server -.TP -\fB\-\-address\fR ADDRESS -Hostname or IP address to bind to. -(Default: 127.0.0.1) -.TP -\fB\-\-external\-address\fR ADDRESS -Hostname or IP address to advertise. -.IP -(Default: 127.0.0.1) -.TP -\fB\-\-port\fR NUMBER -Port to listen to. -(Default: 7331) -.TP -\fB\-\-port\-range\fR BEGINNING\-END -Specify port range for the spawned RPC instances. -.IP -(Default: 1025\-65535) -.TP -\fB\-\-pool\-size\fR SIZE -How many Instances to have available at any given time. -(Default: 5) -.PP -Output -.TP -\fB\-\-reroute\-to\-logfile\fR -Reroute all output to log\-files under: /opt/arachni\-bin/bin/../system/logs/framework/ -.TP -\fB\-\-verbose\fR -Show verbose output. -(Only applicable when '\-\-reroute\-to\-logfile' is enabled.) -.TP -\fB\-\-debug\fR [LEVEL 1\-3] -Show debugging information. -(Only applicable when '\-\-reroute\-to\-logfile' is enabled.) -.TP -\fB\-\-only\-positives\fR -Only output positive results. -(Only applicable when '\-\-reroute\-to\-logfile' is enabled.) -.PP -Grid -.TP -\fB\-\-neighbour\fR URL -URL of a neighbouring Dispatcher. -.TP -\fB\-\-weight\fR FLOAT -Weight of this node. -.TP -\fB\-\-pipe\-id\fR ID -Identifier for the attached bandwidth pipe. -.TP -\fB\-\-nickname\fR NAME -Nickname for this Dispatcher. -.PP -SSL -.TP -\fB\-\-ssl\-ca\fR FILE -Location of the CA certificate (.pem). -.TP -\fB\-\-server\-ssl\-private\-key\fR FILE -Location of the server SSL private key (.pem). -.TP -\fB\-\-server\-ssl\-certificate\fR FILE -Location of the server SSL certificate (.pem). -.TP -\fB\-\-client\-ssl\-private\-key\fR FILE -Location of the client SSL private key (.pem). -.TP -\fB\-\-client\-ssl\-certificate\fR FILE -Location of the client SSL certificate (.pem). -.PP -Snapshot -.TP -\fB\-\-snapshot\-save\-path\fR DIRECTORY -Directory under which to store snapshots of suspended scans. -.IP -Author: Tasos "Zapotek" Laskos -.IP -(With the support of the community and the Arachni Team.) -.TP -Website: -http://arachni\-scanner.com -.IP -Documentation: http://arachni\-scanner.com/wiki -.PP -Arachni 1.5.1 (ruby 2.2.3p173) [x86_64\-linux] -.SH "SEE ALSO" -The full documentation for -.B Arachni -is maintained as a Texinfo manual. If the -.B info -and -.B Arachni -programs are properly installed at your site, the command -.IP -.B info Arachni -.PP -should give you access to the complete manual. diff --git a/net-analyzer/arachni-bin/files/man/arachni_rpcd_monitor.1 b/net-analyzer/arachni-bin/files/man/arachni_rpcd_monitor.1 deleted file mode 100644 index c223395b7..000000000 --- a/net-analyzer/arachni-bin/files/man/arachni_rpcd_monitor.1 +++ /dev/null @@ -1,60 +0,0 @@ -.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.6. -.TH ARACHNI "1" "May 2019" "Arachni - Web Application Security Scanner Framework v1.5.1" "User Commands" -.SH NAME -Arachni \- manual page for Arachni - Web Application Security Scanner Framework v1.5.1 -.SH SYNOPSIS -.B arachni_rpcd_monitor -[\fI\,options\/\fR] \fI\,DISPATCHER_URL\/\fR -.SH DESCRIPTION -Arachni \- Web Application Security Scanner Framework v1.5.1 -.IP -Author: Tasos "Zapotek" Laskos -.IP -(With the support of the community and the Arachni Team.) -.TP -Website: -http://arachni\-scanner.com -.IP -Documentation: http://arachni\-scanner.com/wiki -.PP -Generic -.TP -\fB\-h\fR, \fB\-\-help\fR -Output this message. -.TP -\fB\-\-version\fR -Show version information. -.PP -SSL -.TP -\fB\-\-ssl\-ca\fR FILE -Location of the CA certificate (.pem). -.TP -\fB\-\-ssl\-private\-key\fR FILE -Location of the client SSL private key (.pem). -.TP -\fB\-\-ssl\-certificate\fR FILE -Location of the client SSL certificate (.pem). -.IP -Author: Tasos "Zapotek" Laskos -.IP -(With the support of the community and the Arachni Team.) -.TP -Website: -http://arachni\-scanner.com -.IP -Documentation: http://arachni\-scanner.com/wiki -.PP -Arachni 1.5.1 (ruby 2.2.3p173) [x86_64\-linux] -.SH "SEE ALSO" -The full documentation for -.B Arachni -is maintained as a Texinfo manual. If the -.B info -and -.B Arachni -programs are properly installed at your site, the command -.IP -.B info Arachni -.PP -should give you access to the complete manual. diff --git a/net-analyzer/arachni-bin/files/man/arachni_web.1 b/net-analyzer/arachni-bin/files/man/arachni_web.1 deleted file mode 100644 index 211a84644..000000000 --- a/net-analyzer/arachni-bin/files/man/arachni_web.1 +++ /dev/null @@ -1,82 +0,0 @@ -.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.47.6. -.TH RACK "1" "May 2019" "Rack 1.3 (Release: 1.6.4)" "User Commands" -.SH NAME -Rack \- manual page for Rack 1.3 (Release: 1.6.4) -.SH SYNOPSIS -.B rackup -[\fI\,ruby options\/\fR] [\fI\,rack options\/\fR] [\fI\,rackup config\/\fR] -.SH DESCRIPTION -.SS "Ruby options:" -.TP -\fB\-e\fR, \fB\-\-eval\fR LINE -evaluate a LINE of code -.TP -\fB\-b\fR BUILDER_LINE, -evaluate a BUILDER_LINE of code as a builder script -.HP -\fB\-\-builder\fR -.TP -\fB\-d\fR, \fB\-\-debug\fR -set debugging flags (set $DEBUG to true) -.TP -\fB\-w\fR, \fB\-\-warn\fR -turn warnings on for your script -.TP -\fB\-q\fR, \fB\-\-quiet\fR -turn off logging -.TP -\fB\-I\fR, \fB\-\-include\fR PATH -specify $LOAD_PATH (may be used more than once) -.TP -\fB\-r\fR, \fB\-\-require\fR LIBRARY -require the library, before executing your script -.SS "Rack options:" -.TP -\fB\-s\fR, \fB\-\-server\fR SERVER -serve using SERVER (thin/puma/webrick/mongrel) -.TP -\fB\-o\fR, \fB\-\-host\fR HOST -listen on HOST (default: localhost) -.TP -\fB\-p\fR, \fB\-\-port\fR PORT -use PORT (default: 9292) -.TP -\fB\-O\fR NAME[=VALUE], -pass VALUE to the server as option NAME. If no VALUE, sets it to true. Run '/opt/arachni\-bin/bin/../system/gems/bin/rackup \fB\-s\fR SERVER \fB\-h\fR' to get a list of options for SERVER -.HP -\fB\-\-option\fR -.TP -\fB\-E\fR, \fB\-\-env\fR ENVIRONMENT -use ENVIRONMENT for defaults (default: development) -.TP -\fB\-D\fR, \fB\-\-daemonize\fR -run daemonized in the background -.TP -\fB\-P\fR, \fB\-\-pid\fR FILE -file to store PID -.SS "Common options:" -.TP -\fB\-h\fR, \-?, \fB\-\-help\fR -Show this message -.TP -\fB\-\-version\fR -Show version -.SS "Server-specific options for Rack::Handler::Puma:" -.TP -\fB\-O\fR Threads=MIN:MAX -min:max threads to use (default 0:16) -.TP -\fB\-O\fR Quiet -Don't report each request -.SH "SEE ALSO" -The full documentation for -.B Rack -is maintained as a Texinfo manual. If the -.B info -and -.B Rack -programs are properly installed at your site, the command -.IP -.B info Rack -.PP -should give you access to the complete manual. diff --git a/net-analyzer/arachni-bin/metadata.xml b/net-analyzer/arachni-bin/metadata.xml deleted file mode 100644 index c4511c144..000000000 --- a/net-analyzer/arachni-bin/metadata.xml +++ /dev/null @@ -1,8 +0,0 @@ - - - - - email@linxon.ru - Yury Martynov - -