RomanNum3ral
/
AutoRecon
mirror of https://github.com/Tib3rius/AutoRecon.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updated Usage (markdown)

Tib3rius 2022-01-24 02:12:42 -05:00
parent 8b602339d1
commit 87bdcc079e
1 changed files with 16 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
Usage.md

@ -165,7 +165,7 @@ Targets are the only required argument for AutoRecon to function. Targets are ac
autorecon 10.0.0.1 10.0.0.2 192.168.0.0/24 scanme.nmap.org
```
Alternatively, targets can be supplied by passing a valid target file to the `-t` or `--target-file` command line options. Targets within this file must be in the same acceptable formats, and be separated by a new line. An example file that matches the targets shown above would look like this:
Alternatively, targets can be supplied by passing a valid target file to the `-t` or `--target-file` options. Targets within this file must be in the same acceptable formats, and be separated by a new line. An example file that matches the targets shown above would look like this:
```
10.0.0.1
@ -183,7 +183,7 @@ autorecon --target-file /path/to/targets
## Ports
By default, AutoRecon scans ports according to the selected PortScan plugins, which are a top 1000 TCP port scan, an all (65,535) TCP port scan, and a top 100 UDP port scan (if AutoRecon is running with sufficient permissions). With the `-p` or `--ports` command line option, AutoRecon will only scan a subset of ports.
By default, AutoRecon scans ports according to the selected PortScan plugins, which are a top 1000 TCP port scan, an all (65,535) TCP port scan, and a top 100 UDP port scan (if AutoRecon is running with sufficient permissions). With the `-p` or `--ports` option, AutoRecon will only scan a subset of ports.
All PortScan plugins have access to the list of ports requested (which is empty if the user does not specify them), and it is ultimately up to the plugin author to decide whether or not the plugin should (a) scan the default ports, (b) scan the ports specified, or (c) not scan any ports at all. Option (a) should rarely be considered, while options (b) and (c) are recommended. For example, the top 1000 TCP port scan plugin checks to see if ports were specified by the user, and if they were, doesn't perform any scanning. Instead, the all TCP port scan and top 100 UDP port scan plugins will scan the specified ports.
@ -217,7 +217,7 @@ Since AutoRecon is multi-threaded, it can launch multiple scans against multiple
To prevent AutoRecon from port scanning too many targets at once and using up all scans, the number of scans reserved for PortScan plugins is calculated as 20% of the max. By default, the maximum number of scans is 50, so 10 are reserved for PortScans, with the other 40 reserved for ServiceScans. Note that when there are no more targets to port scan, AutoRecon will allow remaining ServiceScan plugins to use scans reserved for PortScans plugins.
The `-m` and `--max-scans` command line options control the maximum number of scans AutoRecon should be running at any time. It must be at least one, and cannot be less than the max-port-scans value (but can be equal to it). The following example sets the max number of scans to 10:
The `-m` and `--max-scans` options control the maximum number of scans AutoRecon should be running at any time. It must be at least one, and cannot be less than the max-port-scans value (but can be equal to it). The following example sets the max number of scans to 10:
```
autorecon -m 10 <target>
@ -226,7 +226,7 @@ autorecon -max-scans 10 <target>
## Max Port Scans
The max port scans option controls the maximum number of PortScans that can be running at any one time. This defaults to 20% of the max scans value (see above), however this can be overridden using the `-mp` and `--max-port-scans` command line options. It must be at least one, and cannot be more than the max scans value (but can be equal to it). Generally speaking, the higher the value, the more targets will be scanned concurrently, because the PortScan plugins run first. The following example sets the max number of port scans to 5:
The max port scans option controls the maximum number of PortScans that can be running at any one time. This defaults to 20% of the max scans value (see above), however this can be overridden using the `-mp` and `--max-port-scans` options. It must be at least one, and cannot be more than the max scans value (but can be equal to it). Generally speaking, the higher the value, the more targets will be scanned concurrently, because the PortScan plugins run first. The following example sets the max number of port scans to 5:
```
autorecon -mp 5 <target>
@ -244,7 +244,7 @@ autorecon --config /path/to/config.toml <target>
## Global File
Like the config file, AutoRecon looks in multiple places for its global file (global.toml). It will first check the current working directory for the file, and if not found, will use the one automatically created at ~/.config/AutoRecon/global.toml. The command line option `-g` and `--global` will override this behavior, and force AutoRecon to use the one specified:
Like the config file, AutoRecon looks in multiple places for its global file (global.toml). It will first check the current working directory for the file, and if not found, will use the one automatically created at ~/.config/AutoRecon/global.toml. The option `-g` and `--global` will override this behavior, and force AutoRecon to use the one specified:
```
autorecon -g /path/to/global.toml <target>
@ -255,7 +255,7 @@ autorecon --global /path/to/global.toml <target>
AutoRecon uses the concept of tags to enable / disable certain plugins at runtime. Plugins can be tagged with multiple tags, or no tags. If no tags are specified, and the tag attribute is not set to an empty list ([]), then the plugin will be automatically tagged as "default". Plugins tagged with "default" will be enabled by default. Other common tags include: safe (the plugin should not crash the target), long (the plugin could take a long time to complete), and unsafe (the plugin may crash the target). Plugin slugs (the shortened name of the plugin) can also be used as tags (e.g. "top-tcp-ports", "dirbuster").
There are 5 command-line options related to tags: `--tags`, `--exclude-tags`, `--port-scans`, `--service-scans`, and `--reports`.
There are 5 options related to tags: `--tags`, `--exclude-tags`, `--port-scans`, `--service-scans`, and `--reports`.
The `--tags` option is used to determine which plugins should be included. Group tags together by separating them with a plus symbol (+), and separate groups with a comma (,) to create multiple groups. For a plugin to be included, it must have all the tags specified in at least one group. For example, the following will only include plugins tagged with both "default" and "http", or plugins tagged "default-port-scan":
@ -281,4 +281,14 @@ A good example of these options used together would be the following, where only
```
autorecon --tags=http --exclude-tags=nmap-http --port-scans=all-tcp-ports <target>
```
## Plugins Directory
AutoRecon will import plugins from the default plugins directory, located at ~/.config/AutoRecon/plugins. AutoRecon will generate this directory when it is first run if it does not exist. The `--plugins-dir` option can be used to override this location. This is recommended if you wish to use a completely separate set of plugins, or if you want to make some temporary modifications to plugins.
If instead, you wish to simply import additional plugins without adding them to the main plugins directory, you can instead use the `--add-plugins-dir` to specify an additional directory which AutoRecon will load from after the main plugins have been loaded. Care should be taken to ensure that any additional plugins do not have the same name as any of the main plugins (AutoRecon will not load duplicate plugins).
```
autorecon --plugins-dir=/path/to/plugins --add-plugins-dir=/path/to/additional/plugins <target>
```