ronin-vulns 0.1.5 → 0.2.0.rc1

data/man/ronin-vulns-reflected-xss.1

@@ -1,95 +1,100 @@
-.\" Generated by kramdown-man 0.1.9
+.\" Generated by kramdown-man 1.0.1
 .\" https://github.com/postmodern/kramdown-man#readme
 .TH ronin-vulns-reflected-xss 1 "May 2022" Ronin "User Manuals"
-.LP
+.SH NAME
+.PP
+ronin\-vulns\-reflected\-xss \- Scans URL(s) for Reflected Cross Site Scripting (XSS) vulnerabilities
 .SH SYNOPSIS
-.LP
 .PP
-\fBronin-vulns reflected-xss\fR \[lB]\fIoptions\fP\[rB] \[lC]\fIURL\fP \.\.\. \[or] \fB--input\fR \fIFILE\fP\[rC]
-.LP
+\fBronin\-vulns reflected\-xss\fR \[lB]\fIoptions\fP\[rB] \[lC]\fIURL\fP \.\.\. \[or] \fB\-\-input\fR \fIFILE\fP\[rC]
 .SH DESCRIPTION
-.LP
 .PP
 Scans URL(s) for reflected Cross Site Scripting (XSS) vulnerabilities\. The URLs
 to scan can be given as additional arguments or read from a file using the
-\fB--input\fR option\.
-.LP
+\fB\-\-input\fR option\.
 .SH ARGUMENTS
-.LP
 .TP
 \fIURL\fP
 A URL to scan\.
-.LP
 .SH OPTIONS
-.LP
 .TP
-\fB--first\fR
+\fB\-\-db\fR \fINAME\fP
+The database name to connect to\. Defaults to \fBdefault\fR if not given\.
+.TP
+\fB\-\-db\-uri\fR \fIURI\fP
+The database URI to connect to
+(ex: \fBpostgres:\[sl]\[sl]user:password\[at]host\[sl]db\fR)\.
+.TP
+\fB\-\-db\-file\fR \fIPATH\fP
+The sqlite3 database file to use\.
+.TP
+\fB\-\-import\fR
+Imports discovered vulnerabilities into the database\.
+.TP
+\fB\-\-first\fR
 Only find the first vulnerability for each URL\.
-.LP
 .TP
-\fB-A\fR, \fB--all\fR
+\fB\-A\fR, \fB\-\-all\fR
 Find all vulnerabilities for each URL\.
-.LP
 .TP
-\fB-H\fR, \fB--header\fR \[lq]\fIName\fP: \fIvalue\fP\[rq]
+\fB\-\-print\-curl\fR
+Also prints an example \fBcurl\fR command for each vulnerability\.
+.TP
+\fB\-\-print\-http\fR
+Also prints an example HTTP request for each vulnerability\.
+.TP
+\fB\-M\fR, \fB\-\-request\-method\fR \fBCOPY\fR\[or]\fBDELETE\fR\[or]\fBGET\fR\[or]\fBHEAD\fR\[or]\fBLOCK\fR\[or]\fBMKCOL\fR\[or]\fBMOVE\fR\[or]\fBOPTIONS\fR\[or]\fBPATCH\fR\[or]\fBPOST\fR\[or]\fBPROPFIND\fR\[or]\fBPROPPATCH\fR\[or]\fBPUT\fR\[or]\fBTRACE\fR\[or]\fBUNLOCK\fR
+Sets the HTTP request method to use\.
+.TP
+\fB\-H\fR, \fB\-\-header\fR \[lq]\fIName\fP: \fIvalue\fP\[rq]
 Sets an additional header using the given \fIName\fP and \fIvalue\fP\.
-.LP
 .TP
-\fB-C\fR, \fB--cookie\fR \fICOOKIE\fP
+\fB\-U\fR, \fB\-\-user\-agent\-string\fR \fISTRING\fP
+Sets the \fBUser\-Agent\fR header string\.
+.TP
+\fB\-u\fR, \fB\-\-user\-agent\fR \fBchrome\-linux\fR\[or]\fBchrome\-macos\fR\[or]\fBchrome\-windows\fR\[or]\fBchrome\-iphone\fR\[or]\fBchrome\-ipad\fR\[or]\fBchrome\-android\fR\[or]\fBfirefox\-linux\fR\[or]\fBfirefox\-macos\fR\[or]\fBfirefox\-windows\fR\[or]\fBfirefox\-iphone\fR\[or]\fBfirefox\-ipad\fR\[or]\fBfirefox\-android\fR\[or]\fBsafari\-macos\fR\[or]\fBsafari\-iphone\fR\[or]\fBsafari\-ipad\fR\[or]\fBedge\fR
+Sets the \fBUser\-Agent\fR header\.
+.TP
+\fB\-C\fR, \fB\-\-cookie\fR \fICOOKIE\fP
 Sets the raw \fBCookie\fR header\.
-.LP
 .TP
-\fB-c\fR, \fB--cookie-param\fR \fINAME\fP\fB=\fR\fIVALUE\fP
+\fB\-c\fR, \fB\-\-cookie\-param\fR \fINAME\fP\fB\[eq]\fR\fIVALUE\fP
 Sets an additional \fBCookie\fR param using the given \fINAME\fP and \fIVALUE\fP\.
-.LP
 .TP
-\fB-R\fR, \fB--referer\fR \fIURL\fP
+\fB\-R\fR, \fB\-\-referer\fR \fIURL\fP
 Sets the \fBReferer\fR header\.
-.LP
 .TP
-\fB-F\fR, \fB--form-param\fR \fINAME\fP\fB=\fR\fIVALUE\fP
+\fB\-F\fR, \fB\-\-form\-param\fR \fINAME\fP\fB\[eq]\fR\fIVALUE\fP
 Sets an additional form param using the given \fINAME\fP and \fIVALUE\fP\.
-.LP
 .TP
-\fB--test-query-param\fR \fINAME\fP
+\fB\-\-test\-query\-param\fR \fINAME\fP
 Tests the URL query param name\.
-.LP
 .TP
-\fB--test-all-query-params\fR
+\fB\-\-test\-all\-query\-params\fR
 Test all URL query param names\.
-.LP
 .TP
-\fB--test-header-name\fR \fINAME\fP
+\fB\-\-test\-header\-name\fR \fINAME\fP
 Tests the HTTP Header name\.
-.LP
 .TP
-\fB--test-cookie-param\fR \fINAME\fP
+\fB\-\-test\-cookie\-param\fR \fINAME\fP
 Tests the HTTP Cookie name\.
-.LP
 .TP
-\fB--test-all-cookie-params\fR
+\fB\-\-test\-all\-cookie\-params\fR
 Test all Cookie param names\.
-.LP
 .TP
-\fB--test-form-param\fR \fINAME\fP
+\fB\-\-test\-form\-param\fR \fINAME\fP
 Tests the form param name\.
-.LP
 .TP
-\fB-i\fR, \fB--input\fR \fIFILE\fP
+\fB\-i\fR, \fB\-\-input\fR \fIFILE\fP
 Reads URLs from the given \fIFILE\fP\.
-.LP
 .TP
-\fB-h\fR, \fB--help\fR
+\fB\-h\fR, \fB\-\-help\fR
 Print help information\.
-.LP
 .SH AUTHOR
-.LP
 .PP
 Postmodern 
 .MT postmodern\.mod3\[at]gmail\.com
 .ME
-.LP
 .SH SEE ALSO
-.LP
 .PP
-ronin\-vulns\-scan(1)
+.BR ronin\-vulns\-scan (1)

data/man/ronin-vulns-reflected-xss.1.md

@@ -1,5 +1,9 @@
 # ronin-vulns-reflected-xss 1 "May 2022" Ronin "User Manuals"
 
+## NAME
+
+ronin-vulns-reflected-xss - Scans URL(s) for Reflected Cross Site Scripting (XSS) vulnerabilities
+
 ## SYNOPSIS
 
 `ronin-vulns reflected-xss` [*options*] {*URL* ... \| `--input` *FILE*}
@@ -13,54 +17,82 @@ to scan can be given as additional arguments or read from a file using the
 ## ARGUMENTS
 
 *URL*
-  A URL to scan.
+: A URL to scan.
 
 ## OPTIONS
 
+`--db` *NAME*
+: The database name to connect to. Defaults to `default` if not given.
+
+`--db-uri` *URI*
+: The database URI to connect to
+  (ex: `postgres://user:password@host/db`).
+
+`--db-file` *PATH*
+: The sqlite3 database file to use.
+
+`--import`
+: Imports discovered vulnerabilities into the database.
+
 `--first`
-  Only find the first vulnerability for each URL.
+: Only find the first vulnerability for each URL.
 
 `-A`, `--all`
-  Find all vulnerabilities for each URL.
+: Find all vulnerabilities for each URL.
+
+`--print-curl`
+: Also prints an example `curl` command for each vulnerability.
+
+`--print-http`
+: Also prints an example HTTP request for each vulnerability.
+
+`-M`, `--request-method` `COPY`|`DELETE`|`GET`|`HEAD`|`LOCK`|`MKCOL`|`MOVE`|`OPTIONS`|`PATCH`|`POST`|`PROPFIND`|`PROPPATCH`|`PUT`|`TRACE`|`UNLOCK`
+: Sets the HTTP request method to use.
 
 `-H`, `--header` "*Name*: *value*"
-  Sets an additional header using the given *Name* and *value*.
+: Sets an additional header using the given *Name* and *value*.
+
+`-U`, `--user-agent-string` *STRING*
+: Sets the `User-Agent` header string.
+
+`-u`, `--user-agent` `chrome-linux`\|`chrome-macos`\|`chrome-windows`\|`chrome-iphone`\|`chrome-ipad`\|`chrome-android`\|`firefox-linux`\|`firefox-macos`\|`firefox-windows`\|`firefox-iphone`\|`firefox-ipad`\|`firefox-android`\|`safari-macos`\|`safari-iphone`\|`safari-ipad`\|`edge`
+: Sets the `User-Agent` header.
 
 `-C`, `--cookie` *COOKIE*
-  Sets the raw `Cookie` header.
+: Sets the raw `Cookie` header.
 
 `-c`, `--cookie-param` *NAME*`=`*VALUE*
-  Sets an additional `Cookie` param using the given *NAME* and *VALUE*.
+: Sets an additional `Cookie` param using the given *NAME* and *VALUE*.
 
 `-R`, `--referer` *URL*
-  Sets the `Referer` header.
+: Sets the `Referer` header.
 
 `-F`, `--form-param` *NAME*`=`*VALUE*
-  Sets an additional form param using the given *NAME* and *VALUE*.
+: Sets an additional form param using the given *NAME* and *VALUE*.
 
 `--test-query-param` *NAME*
-  Tests the URL query param name.
+: Tests the URL query param name.
 
 `--test-all-query-params`
-  Test all URL query param names.
+: Test all URL query param names.
 
 `--test-header-name` *NAME*
-  Tests the HTTP Header name.
+: Tests the HTTP Header name.
 
 `--test-cookie-param` *NAME*
-  Tests the HTTP Cookie name.
+: Tests the HTTP Cookie name.
 
 `--test-all-cookie-params`
-  Test all Cookie param names.
+: Test all Cookie param names.
 
 `--test-form-param` *NAME*
-  Tests the form param name.
+: Tests the form param name.
 
 `-i`, `--input` *FILE*
-  Reads URLs from the given *FILE*.
+: Reads URLs from the given *FILE*.
 
 `-h`, `--help`
-  Print help information.
+: Print help information.
 
 ## AUTHOR
 
@@ -68,4 +100,4 @@ Postmodern <postmodern.mod3@gmail.com>
 
 ## SEE ALSO
 
-ronin-vulns-scan(1)
+[ronin-vulns-scan](ronin-vulns-scan.1.md)

data/man/ronin-vulns-rfi.1

@@ -1,107 +1,109 @@
-.\" Generated by kramdown-man 0.1.9
+.\" Generated by kramdown-man 1.0.1
 .\" https://github.com/postmodern/kramdown-man#readme
 .TH ronin-vulns-rfi 1 "May 2022" Ronin "User Manuals"
-.LP
+.SH NAME
+.PP
+ronin\-vulns\-rfi \- Scans URL(s) for Remote File Inclusion (RFI) vulnerabilities
 .SH SYNOPSIS
-.LP
 .PP
-\fBronin-vulns rfi\fR \[lB]\fIoptions\fP\[rB] \[lC]\fIURL\fP \.\.\. \[or] \fB--input\fR \fIFILE\fP\[rC]
-.LP
+\fBronin\-vulns rfi\fR \[lB]\fIoptions\fP\[rB] \[lC]\fIURL\fP \.\.\. \[or] \fB\-\-input\fR \fIFILE\fP\[rC]
 .SH DESCRIPTION
-.LP
 .PP
 Scans URL(s) for Remote File Inclusion (RFI) vulnerabilities\. The URLs to scan
-can be given as additional arguments or read from a file using the \fB--input\fR
+can be given as additional arguments or read from a file using the \fB\-\-input\fR
 option\.
-.LP
 .SH ARGUMENTS
-.LP
 .TP
 \fIURL\fP
 A URL to scan\.
-.LP
 .SH OPTIONS
-.LP
 .TP
-\fB--first\fR
+\fB\-\-db\fR \fINAME\fP
+The database name to connect to\. Defaults to \fBdefault\fR if not given\.
+.TP
+\fB\-\-db\-uri\fR \fIURI\fP
+The database URI to connect to
+(ex: \fBpostgres:\[sl]\[sl]user:password\[at]host\[sl]db\fR)\.
+.TP
+\fB\-\-db\-file\fR \fIPATH\fP
+The sqlite3 database file to use\.
+.TP
+\fB\-\-import\fR
+Imports discovered vulnerabilities into the database\.
+.TP
+\fB\-\-first\fR
 Only find the first vulnerability for each URL\.
-.LP
 .TP
-\fB-A\fR, \fB--all\fR
+\fB\-A\fR, \fB\-\-all\fR
 Find all vulnerabilities for each URL\.
-.LP
 .TP
-\fB-H\fR, \fB--header\fR \[lq]\fIName\fP: \fIvalue\fP\[rq]
+\fB\-\-print\-curl\fR
+Also prints an example \fBcurl\fR command for each vulnerability\.
+.TP
+\fB\-\-print\-http\fR
+Also prints an example HTTP request for each vulnerability\.
+.TP
+\fB\-M\fR, \fB\-\-request\-method\fR \fBCOPY\fR\[or]\fBDELETE\fR\[or]\fBGET\fR\[or]\fBHEAD\fR\[or]\fBLOCK\fR\[or]\fBMKCOL\fR\[or]\fBMOVE\fR\[or]\fBOPTIONS\fR\[or]\fBPATCH\fR\[or]\fBPOST\fR\[or]\fBPROPFIND\fR\[or]\fBPROPPATCH\fR\[or]\fBPUT\fR\[or]\fBTRACE\fR\[or]\fBUNLOCK\fR
+Sets the HTTP request method to use\.
+.TP
+\fB\-H\fR, \fB\-\-header\fR \[lq]\fIName\fP: \fIvalue\fP\[rq]
 Sets an additional header using the given \fIName\fP and \fIvalue\fP\.
-.LP
 .TP
-\fB-C\fR, \fB--cookie\fR \fICOOKIE\fP
+\fB\-U\fR, \fB\-\-user\-agent\-string\fR \fISTRING\fP
+Sets the \fBUser\-Agent\fR header string\.
+.TP
+\fB\-u\fR, \fB\-\-user\-agent\fR \fBchrome\-linux\fR\[or]\fBchrome\-macos\fR\[or]\fBchrome\-windows\fR\[or]\fBchrome\-iphone\fR\[or]\fBchrome\-ipad\fR\[or]\fBchrome\-android\fR\[or]\fBfirefox\-linux\fR\[or]\fBfirefox\-macos\fR\[or]\fBfirefox\-windows\fR\[or]\fBfirefox\-iphone\fR\[or]\fBfirefox\-ipad\fR\[or]\fBfirefox\-android\fR\[or]\fBsafari\-macos\fR\[or]\fBsafari\-iphone\fR\[or]\fBsafari\-ipad\fR\[or]\fBedge\fR
+Sets the \fBUser\-Agent\fR header\.
+.TP
+\fB\-C\fR, \fB\-\-cookie\fR \fICOOKIE\fP
 Sets the raw \fBCookie\fR header\.
-.LP
 .TP
-\fB-c\fR, \fB--cookie-param\fR \fINAME\fP\fB=\fR\fIVALUE\fP
+\fB\-c\fR, \fB\-\-cookie\-param\fR \fINAME\fP\fB\[eq]\fR\fIVALUE\fP
 Sets an additional \fBCookie\fR param using the given \fINAME\fP and \fIVALUE\fP\.
-.LP
 .TP
-\fB-R\fR, \fB--referer\fR \fIURL\fP
+\fB\-R\fR, \fB\-\-referer\fR \fIURL\fP
 Sets the \fBReferer\fR header\.
-.LP
 .TP
-\fB-F\fR, \fB--form-param\fR \fINAME\fP\fB=\fR\fIVALUE\fP
+\fB\-F\fR, \fB\-\-form\-param\fR \fINAME\fP\fB\[eq]\fR\fIVALUE\fP
 Sets an additional form param using the given \fINAME\fP and \fIVALUE\fP\.
-.LP
 .TP
-\fB--test-query-param\fR \fINAME\fP
+\fB\-\-test\-query\-param\fR \fINAME\fP
 Tests the URL query param name\.
-.LP
 .TP
-\fB--test-all-query-params\fR
+\fB\-\-test\-all\-query\-params\fR
 Test all URL query param names\.
-.LP
 .TP
-\fB--test-header-name\fR \fINAME\fP
+\fB\-\-test\-header\-name\fR \fINAME\fP
 Tests the HTTP Header name\.
-.LP
 .TP
-\fB--test-cookie-param\fR \fINAME\fP
+\fB\-\-test\-cookie\-param\fR \fINAME\fP
 Tests the HTTP Cookie name\.
-.LP
 .TP
-\fB--test-all-cookie-params\fR
+\fB\-\-test\-all\-cookie\-params\fR
 Test all Cookie param names\.
-.LP
 .TP
-\fB--test-form-param\fR \fINAME\fP
+\fB\-\-test\-form\-param\fR \fINAME\fP
 Tests the form param name\.
-.LP
 .TP
-\fB-i\fR, \fB--input\fR \fIFILE\fP
+\fB\-i\fR, \fB\-\-input\fR \fIFILE\fP
 Reads URLs from the given \fIFILE\fP\.
-.LP
 .TP
-\fB-B\fR, \fB--filter-bypass\fR \fBdouble-encode\fR\[or]\fBsuffix-escape\fR\[or]\fBnull-byte\fR
+\fB\-B\fR, \fB\-\-filter\-bypass\fR \fBdouble\-encode\fR\[or]\fBsuffix\-escape\fR\[or]\fBnull\-byte\fR
 Optional filter\-bypass strategy to use\.
-.LP
-.PP
-\fB-S\fR, \fB--script-lang\fR \fBasp\|\fRasp\.net\fB\|\fRcoldfusion\fB\|\fRjsp\fB\|\fRphp\fB\|\fRperl\`
+.TP
+\fB\-S\fR, \fB\-\-script\-lang\fR \fBasp\e\[or]\fRasp\.net\fB\e\[or]\fRcoldfusion\fB\e\[or]\fRjsp\fB\e\[or]\fRphp\fB\e\[or]\fRperl\`
 Explicitly specify the scripting language to test for\.
-.LP
 .TP
-\fB-T\fR, \fB--test-script-url\fR \fIURL\fP
+\fB\-T\fR, \fB\-\-test\-script\-url\fR \fIURL\fP
 Use an alternative test script \fIURL\fP\.
-.LP
 .TP
-\fB-h\fR, \fB--help\fR
+\fB\-h\fR, \fB\-\-help\fR
 Print help information\.
-.LP
 .SH AUTHOR
-.LP
 .PP
 Postmodern 
 .MT postmodern\.mod3\[at]gmail\.com
 .ME
-.LP
 .SH SEE ALSO
-.LP
 .PP
-ronin\-vulns\-scan(1)
+.BR ronin\-vulns\-scan (1)

data/man/ronin-vulns-rfi.1.md

@@ -1,5 +1,9 @@
 # ronin-vulns-rfi 1 "May 2022" Ronin "User Manuals"
 
+## NAME
+
+ronin-vulns-rfi - Scans URL(s) for Remote File Inclusion (RFI) vulnerabilities
+
 ## SYNOPSIS
 
 `ronin-vulns rfi` [*options*] {*URL* ... \| `--input` *FILE*}
@@ -13,63 +17,91 @@ option.
 ## ARGUMENTS
 
 *URL*
-  A URL to scan.
+: A URL to scan.
 
 ## OPTIONS
 
+`--db` *NAME*
+: The database name to connect to. Defaults to `default` if not given.
+
+`--db-uri` *URI*
+: The database URI to connect to
+  (ex: `postgres://user:password@host/db`).
+
+`--db-file` *PATH*
+: The sqlite3 database file to use.
+
+`--import`
+: Imports discovered vulnerabilities into the database.
+
 `--first`
-  Only find the first vulnerability for each URL.
+: Only find the first vulnerability for each URL.
 
 `-A`, `--all`
-  Find all vulnerabilities for each URL.
+: Find all vulnerabilities for each URL.
+
+`--print-curl`
+: Also prints an example `curl` command for each vulnerability.
+
+`--print-http`
+: Also prints an example HTTP request for each vulnerability.
+
+`-M`, `--request-method` `COPY`|`DELETE`|`GET`|`HEAD`|`LOCK`|`MKCOL`|`MOVE`|`OPTIONS`|`PATCH`|`POST`|`PROPFIND`|`PROPPATCH`|`PUT`|`TRACE`|`UNLOCK`
+: Sets the HTTP request method to use.
 
 `-H`, `--header` "*Name*: *value*"
-  Sets an additional header using the given *Name* and *value*.
+: Sets an additional header using the given *Name* and *value*.
+
+`-U`, `--user-agent-string` *STRING*
+: Sets the `User-Agent` header string.
+
+`-u`, `--user-agent` `chrome-linux`\|`chrome-macos`\|`chrome-windows`\|`chrome-iphone`\|`chrome-ipad`\|`chrome-android`\|`firefox-linux`\|`firefox-macos`\|`firefox-windows`\|`firefox-iphone`\|`firefox-ipad`\|`firefox-android`\|`safari-macos`\|`safari-iphone`\|`safari-ipad`\|`edge`
+: Sets the `User-Agent` header.
 
 `-C`, `--cookie` *COOKIE*
-  Sets the raw `Cookie` header.
+: Sets the raw `Cookie` header.
 
 `-c`, `--cookie-param` *NAME*`=`*VALUE*
-  Sets an additional `Cookie` param using the given *NAME* and *VALUE*.
+: Sets an additional `Cookie` param using the given *NAME* and *VALUE*.
 
 `-R`, `--referer` *URL*
-  Sets the `Referer` header.
+: Sets the `Referer` header.
 
 `-F`, `--form-param` *NAME*`=`*VALUE*
-  Sets an additional form param using the given *NAME* and *VALUE*.
+: Sets an additional form param using the given *NAME* and *VALUE*.
 
 `--test-query-param` *NAME*
-  Tests the URL query param name.
+: Tests the URL query param name.
 
 `--test-all-query-params`
-  Test all URL query param names.
+: Test all URL query param names.
 
 `--test-header-name` *NAME*
-  Tests the HTTP Header name.
+: Tests the HTTP Header name.
 
 `--test-cookie-param` *NAME*
-  Tests the HTTP Cookie name.
+: Tests the HTTP Cookie name.
 
 `--test-all-cookie-params`
-  Test all Cookie param names.
+: Test all Cookie param names.
 
 `--test-form-param` *NAME*
-  Tests the form param name.
+: Tests the form param name.
 
 `-i`, `--input` *FILE*
-  Reads URLs from the given *FILE*.
+: Reads URLs from the given *FILE*.
 
 `-B`, `--filter-bypass` `double-encode`\|`suffix-escape`\|`null-byte`
-  Optional filter-bypass strategy to use.
+: Optional filter-bypass strategy to use.
 
 `-S`, `--script-lang` `asp\|`asp.net`\|`coldfusion`\|`jsp`\|`php`\|`perl`
-  Explicitly specify the scripting language to test for.
+: Explicitly specify the scripting language to test for.
 
 `-T`, `--test-script-url` *URL*
-  Use an alternative test script *URL*.
+: Use an alternative test script *URL*.
 
 `-h`, `--help`
-  Print help information.
+: Print help information.
 
 ## AUTHOR
 
@@ -77,4 +109,4 @@ Postmodern <postmodern.mod3@gmail.com>
 
 ## SEE ALSO
 
-ronin-vulns-scan(1)
+[ronin-vulns-scan](ronin-vulns-scan.1.md)