Skip to content

Commit

Permalink
Merge pull request #2227 from blacklanternsecurity/update-docs
Browse files Browse the repository at this point in the history 
Automated Docs Update
  • Loading branch information
@TheTechromancer
TheTechromancer authored Jan 30, 2025
2 parents b9885a9 + 628bce9 commit 703a313
Show file tree
Hide file tree
Showing 3 changed files with 22 additions and 21 deletions.
40 changes: 19 additions & 21 deletions docs/scanning/advanced.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,9 +42,9 @@ usage: bbot [-h] [-t TARGET [TARGET ...]] [-w WHITELIST [WHITELIST ...]]
[--current-preset] [--current-preset-full] [-o DIR]
[-om MODULE [MODULE ...]] [-lo] [--json] [--brief]
[--event-types EVENT_TYPES [EVENT_TYPES ...]] [--exclude-cdn]
[--no-deps | --force-deps | --retry-deps | --ignore-failed-deps | --install-all-deps]
[--version] [--proxy HTTP_PROXY]
[-H CUSTOM_HEADERS [CUSTOM_HEADERS ...]]
[--no-deps | --force-deps | --retry-deps |
--ignore-failed-deps | --install-all-deps] [--version]
[--proxy HTTP_PROXY] [-H CUSTOM_HEADERS [CUSTOM_HEADERS ...]]
[--custom-yara-rules CUSTOM_YARA_RULES]
[--user-agent USER_AGENT]
Expand All @@ -54,41 +54,40 @@ options:
-h, --help show this help message and exit
Target:
-t TARGET [TARGET ...], --targets TARGET [TARGET ...]
-t, --targets TARGET [TARGET ...]
Targets to seed the scan
-w WHITELIST [WHITELIST ...], --whitelist WHITELIST [WHITELIST ...]
-w, --whitelist WHITELIST [WHITELIST ...]
What's considered in-scope (by default it's the same as --targets)
-b BLACKLIST [BLACKLIST ...], --blacklist BLACKLIST [BLACKLIST ...]
-b, --blacklist BLACKLIST [BLACKLIST ...]
Don't touch these things
--strict-scope Don't consider subdomains of target/whitelist to be in-scope
Presets:
-p [PRESET ...], --preset [PRESET ...]
-p, --preset [PRESET ...]
Enable BBOT preset(s)
-c [CONFIG ...], --config [CONFIG ...]
-c, --config [CONFIG ...]
Custom config options in key=value format: e.g. 'modules.shodan.api_key=1234'
-lp, --list-presets List available presets.
Modules:
-m MODULE [MODULE ...], --modules MODULE [MODULE ...]
-m, --modules MODULE [MODULE ...]
Modules to enable. Choices: affiliates,ajaxpro,anubisdb,apkpure,asn,azure_realm,azure_tenant,baddns,baddns_direct,baddns_zone,badsecrets,bevigil,binaryedge,bucket_amazon,bucket_azure,bucket_digitalocean,bucket_file_enum,bucket_firebase,bucket_google,bufferoverrun,builtwith,bypass403,c99,censys,certspotter,chaos,code_repository,credshed,crt,dastardly,dehashed,digitorus,dnsbimi,dnsbrute,dnsbrute_mutations,dnscaa,dnscommonsrv,dnsdumpster,dnstlsrpt,docker_pull,dockerhub,dotnetnuke,emailformat,extractous,ffuf,ffuf_shortnames,filedownload,fingerprintx,fullhunt,generic_ssrf,git,git_clone,github_codesearch,github_org,github_workflows,gitlab,google_playstore,gowitness,hackertarget,host_header,httpx,hunt,hunterio,iis_shortnames,internetdb,ip2location,ipneighbor,ipstack,jadx,leakix,myssl,newsletters,ntlm,nuclei,oauth,otx,paramminer_cookies,paramminer_getparams,paramminer_headers,passivetotal,pgp,portfilter,portscan,postman,postman_download,rapiddns,robots,securitytrails,securitytxt,shodan_dns,sitedossier,skymem,smuggler,social,sslcert,subdomaincenter,subdomainradar,telerik,trickest,trufflehog,url_manipulation,urlscan,vhost,viewdns,virustotal,wafw00f,wappalyzer,wayback,wpscan,zoomeye
-l, --list-modules List available modules.
-lmo, --list-module-options
Show all module config options
-em MODULE [MODULE ...], --exclude-modules MODULE [MODULE ...]
-em, --exclude-modules MODULE [MODULE ...]
Exclude these modules.
-f FLAG [FLAG ...], --flags FLAG [FLAG ...]
-f, --flags FLAG [FLAG ...]
Enable modules by flag. Choices: active,affiliates,aggressive,baddns,cloud-enum,code-enum,deadly,email-enum,iis-shortnames,passive,portscan,report,safe,service-enum,slow,social-enum,subdomain-enum,subdomain-hijack,web-basic,web-paramminer,web-screenshots,web-thorough
-lf, --list-flags List available flags.
-rf FLAG [FLAG ...], --require-flags FLAG [FLAG ...]
-rf, --require-flags FLAG [FLAG ...]
Only enable modules with these flags (e.g. -rf passive)
-ef FLAG [FLAG ...], --exclude-flags FLAG [FLAG ...]
-ef, --exclude-flags FLAG [FLAG ...]
Disable modules with these flags. (e.g. -ef aggressive)
--allow-deadly Enable the use of highly aggressive modules
Scan:
-n SCAN_NAME, --name SCAN_NAME
Name of scan (default: random)
-n, --name SCAN_NAME Name of scan (default: random)
-v, --verbose Be more verbose
-d, --debug Enable debugging
-s, --silent Be quiet
Expand All @@ -101,9 +100,8 @@ Scan:
Show the current preset in its full form, including defaults
Output:
-o DIR, --output-dir DIR
Directory to output scan results
-om MODULE [MODULE ...], --output-modules MODULE [MODULE ...]
-o, --output-dir DIR Directory to output scan results
-om, --output-modules MODULE [MODULE ...]
Output module(s). Choices: asset_inventory,csv,discord,emails,http,json,mysql,neo4j,nmap_xml,postgres,python,slack,splunk,sqlite,stdout,subdomains,teams,txt,web_parameters,web_report,websocket
-lo, --list-output-modules
List available output modules
Expand All @@ -125,11 +123,11 @@ Module dependencies:
Misc:
--version show BBOT version and exit
--proxy HTTP_PROXY Use this proxy for all HTTP requests
-H CUSTOM_HEADERS [CUSTOM_HEADERS ...], --custom-headers CUSTOM_HEADERS [CUSTOM_HEADERS ...]
-H, --custom-headers CUSTOM_HEADERS [CUSTOM_HEADERS ...]
List of custom headers as key value pairs (header=value).
--custom-yara-rules CUSTOM_YARA_RULES, -cy CUSTOM_YARA_RULES
--custom-yara-rules, -cy CUSTOM_YARA_RULES
Add custom yara rules to excavate
--user-agent USER_AGENT, -ua USER_AGENT
--user-agent, -ua USER_AGENT
Set the user-agent for all HTTP requests
EXAMPLES
Expand Down
1 change: 1 addition & 0 deletions docs/scanning/configuration.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -399,6 +399,7 @@ Many modules accept their own configuration options. These options have the abil
| modules.sslcert.skip_non_ssl | bool | Don't try common non-SSL ports | True |
| modules.sslcert.timeout | float | Socket connect timeout in seconds | 5.0 |
| modules.telerik.exploit_RAU_crypto | bool | Attempt to confirm any RAU AXD detections are vulnerable | False |
| modules.telerik.include_subdirs | bool | Include subdirectories in the scan (off by default) | False |
| modules.url_manipulation.allow_redirects | bool | Allowing redirects will sometimes create false positives. Disallowing will sometimes create false negatives. Allowed by default. | True |
| modules.vhost.force_basehost | str | Use a custom base host (e.g. evilcorp.com) instead of the default behavior of using the current URL | |
| modules.vhost.lines | int | take only the first N lines from the wordlist when finding directories | 5000 |
Expand Down
2 changes: 2 additions & 0 deletions docs/scanning/presets_list.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -239,6 +239,7 @@ Comprehensive scan for all IIS/.NET specific modules and module settings
extensions: asp,aspx,ashx,asmx,ascx
telerik:
exploit_RAU_crypto: True
include_subdirs: True # Run against every directory, not the default first received URL per-host
```

Category: web
Expand Down Expand Up @@ -272,6 +273,7 @@ Comprehensive scan for all IIS/.NET specific modules and module settings
extensions: asp,aspx,ashx,asmx,ascx
telerik:
exploit_RAU_crypto: True
include_subdirs: True # Run against every directory, not the default first received URL per-host
```


Expand Down

0 comments on commit 703a313

Please sign in to comment.