UltyScan/docs/configuration.md

Configuration Guide

UltyScan is highly configurable. You can adjust scan intensity, timeout settings, and integrate external API keys for enhanced data gathering.

Main Configuration File

The main configuration file is located at: /usr/share/sniper/sniper.conf

To use a custom configuration for a specific scan, make a copy of this file, edit it, and pass it with the -c flag:

cp /usr/share/sniper/sniper.conf ~/my_custom.conf
nano ~/my_custom.conf
# Edit settings...
sudo sniper -c ~/my_custom.conf -t example.com

Common Settings to Tweak

• sc0pe_vulnerable_search: Set to 1 to search for specific vulnerabilities.
• RISK_LEVEL: Adjust the sensitivity of vulnerability scanners.
• THREADS: Increase number of threads for faster (but noisier) scans.

---

API Integration

To unlock the full power of UltyScan, you should configure API keys for services like Shodan, Censys, and Hunter.io.

Setting up Keys

1. Locate or Create the Key Config: The system looks for keys in /root/.sniper_api_keys.conf.

2. Edit the File:

   sudo nano /root/.sniper_api_keys.conf
   

3. Enter your Keys: Add or update the lines for the services you have access to.

   # SHODAN API KEY
   SHODAN_API_KEY="your_shodan_key_here"
   
   # CENSYS API KEY
   CENSYS_API_ID="your_censys_id"
   CENSYS_API_SECRET="your_censys_secret"
   
   # HUNTER.IO API KEY
   HUNTER_API_KEY="your_hunter_key"
   
   # GITHUB API KEY
   GITHUB_API_KEY="your_github_token"
   

4. Save and Exit: Press Ctrl+X, then Y, then Enter.

Supported Integrations

• Shodan: For discovering internet-connected devices.
• Censys: For attack surface visibility.
• Hunter.io: For email and contact discovery.
• GitHub: For repo scanning and updates.
• OWASP ZAP: For web application scanning.
• BurpSuite Pro: For advanced web scanning (requires manual config).
• Metasploit: For exploit validation.

---

Return to README