Skip to content

Usage

Jump to bottom
Anouar Ben Saad edited this page May 29, 2019 · 9 revisions
Clone this wiki locally

Usage

usage: vulnx [options]

  -u --url              url target to scan
  -D --dorks            search webs with dorks
  -o --output           specify output directory
  -t --timeout          http requests timeout
  -c --cms-info         search cms info[themes,plugins,user,version..]
  -e --exploit          searching vulnerability & run exploits
  -w --web-info         web informations gathering
  -d --domain-info      subdomains informations gathering
  -l, --dork-list       list names of dorks exploits
  -n, --number-page     number page of search engine(Google)
  -p, --ports           target ports scan.
  -i, --input           specify input file of domains to scan
  --threads             number of threads
  --dns                 dns informations gathering

Scan a single website

Option: -u or --url

Scanning the target you choose & auto cms detected.

vulnx -u http://example.com

Timeout

Option: --timeout | Default: 3

It is possible to specify a number of seconds to wait before considering the HTTP(S) request timed out.

vulnx -u http://example.com --timeout=4

Run Exploits

Option: --exploit or -e

Scanning the vulnerability on this target & if vuln true: auto shell inject.

vulnx -u http://example.com --exploit

CMS Informations Gathering

Option: --cms-info or -c

It is possible to specify the type of search example (version, themes, plugins, user or all)

vulnx -u http://example.com --cms-info all

Subdomains & IP Informations Gathering

Option: --domain-info or -d

Scanning the subdomains & ips from of target.

vulnx -u http://example.com --domain-info

Website Informations Gathering

Option: --web-info or -w

infromations gathering from url, like org, country , cloudflare ipaddress & more ...

vulnx -u http://example.com --web-info

Searching dorks

Option: --dorks or -D

Searching url target from dorks.

vulnx --dorks Blaze

Listing table of dorks

Option: --list-dorks or -l

Searching name exploits available.

vulnx `--list-dorks`

Number of threads

Option: --threads | Default: 1

While threads can help to speed up scanning, they might also trigger security mechanisms. A high number of threads can also bring down small websites. threads function is too fasting the scanning speed of number of threads

vulnx -u http://example.com -t 4

Searching google dork number page.

Option: --number-page or -n

While searching in dorks, you can now custom the number of page of search in search Engine example google with argument numberpage.

vulnx -D exploitname -n 6

Scanning Open Ports.

Option: --ports or -p

Now in informations gathering you can get ports open from target with --ports argument

vulnx -u http://example.com --ports

DNS Informations Gathering.

Option: --dns

Now in informations gathering you can get dns-server & mx from dnsdumpster

vulnx -u http://example.com --dns

Input file targets.

Option: --input

Now you can automate the scan with vulnx from text file you can choose targets & save as into a text file or you can automatic grabber targets from dorks.

vulnx -D Blaze -n 4 --output logs

the file will be export in format date-dorks.txt,

Filename : 2019-05-28-161752-Dorks.txt

vulnx --input logs/Dorks/2019-05-28-161752-Dorks.txt