dennii/UltyScan
1
0
Fork 0
mirror of https://github.com/DeNNiiInc/UltyScan.git synced 2026-04-17 18:26:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
04465f8d29416f57f827ade0cc96282294384d84
UltyScan/docs/usage.md

260 lines
5.2 KiB
Markdown
Raw Blame History

# Usage Guide
## Overview
UltyScan can be used via the **Web Interface** or **Command Line**. Both methods provide access to all scan modes and options.
---
## Web Interface
### Accessing the Dashboard
Open your browser and navigate to:
```
http://<SERVER_IP>/ultyscan/
```
### Starting a Scan
1. Go to the **New Scan** tab
2. Enter your **Target** (domain or IP)
3. Select a **Scan Mode** from the dropdown
4. Enter a **Workspace Name** to organize results
5. Enable any **Additional Options** as needed
6. Click **Start Scan**
### Monitoring Progress
- The status badge in the header shows: **Idle** or **Scan Running**
- When running, a **Stop Scan** button appears
- Go to the **Console** tab to see live output
### Viewing Results
1. Go to the **Workspaces** tab
2. Click **View** on any workspace
3. The HTML report opens in a new tab
### Managing Workspaces
| Action | Description |
|--------|-------------|
| **Refresh** | Reload the workspace list |
| **View** | Open the scan report |
| **Export** | Create a tar archive |
| **Delete** | Remove the workspace |
---
## Command Line
### Basic Syntax
```bash
sniper -t <TARGET> [options]
```
### Examples
#### Simple Scan
```bash
sniper -t example.com
```
#### Scan with Workspace
```bash
sniper -t example.com -w myproject
```
#### Stealth Mode with OSINT
```bash
sniper -t example.com -m stealth -o
```
#### Full Aggressive Scan
```bash
sniper -t example.com -m nuke -w fullaudit -o -re -b -fp
```
#### Scan Multiple Targets
```bash
# Create target file
echo "target1.com" > targets.txt
echo "target2.com" >> targets.txt
echo "192.168.1.0/24" >> targets.txt
# Run mass scan
sniper -f targets.txt -m airstrike -w multiscan
```
---
## Scan Modes Explained
### Single Target Modes
| Mode | Best For | Speed | Depth |
|------|----------|-------|-------|
| `normal` | General testing | Medium | Medium |
| `stealth` | Avoiding detection | Slow | Low |
| `web` | Web applications | Fast | Medium |
| `webscan` | Deep web analysis | Slow | High |
| `fullportonly` | Port discovery | Slow | Complete |
| `port` | Single service | Fast | Targeted |
### Multi-Target Modes
| Mode | Description |
|------|-------------|
| `flyover` | Quick reconnaissance of many targets |
| `airstrike` | Fast enumeration across targets |
| `nuke` | Comprehensive audit of all targets |
| `massportscan` | Port scan multiple targets |
| `massweb` | Web scan multiple targets |
| `masswebscan` | Deep web scan multiple targets |
| `massvulnscan` | Vulnerability scan multiple targets |
### Network Modes
| Mode | Description |
|------|-------------|
| `discover` | Network/CIDR range scanning |
---
## Options Reference
### Target Options
| Flag | Description | Example |
|------|-------------|---------|
| `-t` | Single target | `-t example.com` |
| `-f` | Target file | `-f targets.txt` |
### Mode Options
| Flag | Description | Example |
|------|-------------|---------|
| `-m` | Scan mode | `-m stealth` |
| `-p` | Specific port | `-p 8080` |
### Feature Flags
| Flag | Description |
|------|-------------|
| `-o` | Enable OSINT gathering |
| `-re` | Enable subdomain recon |
| `-b` | Enable bruteforce attacks |
| `-fp` | Full port scan (1-65535) |
### Workspace Options
| Flag | Description | Example |
|------|-------------|---------|
| `-w` | Workspace name | `-w project-alpha` |
| `-d` | Delete workspace | `-w project-alpha -d` |
| `--list` | List workspaces | `sniper --list` |
| `--export` | Export workspace | `-w project-alpha --export` |
---
## Workspace Management
### List All Workspaces
```bash
sniper --list
```
### Delete a Workspace
```bash
sniper -w myproject -d
```
### Export a Workspace
```bash
sniper -w myproject --export
# Creates: /usr/share/sniper/loot/myproject.tar
```
### Reimport Results
```bash
sniper -w myproject --reimport
```
---
## Output and Reports
### Report Locations
| Type | Path |
|------|------|
| HTML Report | `/usr/share/sniper/loot/workspace/<NAME>/sniper-report.html` |
| Nmap Results | `/usr/share/sniper/loot/workspace/<NAME>/nmap/` |
| Screenshots | `/usr/share/sniper/loot/workspace/<NAME>/screenshots/` |
| Raw Output | `/usr/share/sniper/loot/workspace/<NAME>/output/` |
### Viewing Reports
#### Via Web Browser
```
http://<SERVER_IP>/loot/workspace/<NAME>/sniper-report.html
```
#### Via Command Line
```bash
firefox /usr/share/sniper/loot/workspace/<NAME>/sniper-report.html
```
---
## Scheduled Scans
Set up recurring scans:
```bash
# Daily scan
sniper -w myproject -s daily
# Weekly scan
sniper -w myproject -s weekly
# Monthly scan
sniper -w myproject -s monthly
```
---
## Tips and Best Practices
### 1. Always Use Workspaces
Organize your results by project or engagement:
```bash
sniper -t client.com -w client-pentest-2024
```
### 2. Start with Stealth
For initial reconnaissance, use stealth mode:
```bash
sniper -t target.com -m stealth -o
```
### 3. Enable OSINT for External Targets
Get maximum intelligence on internet-facing targets:
```bash
sniper -t target.com -o -re
```
### 4. Use Web Mode for Web Apps
Focus on web vulnerabilities:
```bash
sniper -t webapp.com -m webscan
```
### 5. Check Console Output
Monitor the Console tab or log files for detailed progress:
```bash
tail -f /var/log/ultyscan/scan_*.log
```
Reference in New Issue View Git Blame Copy Permalink