mirror of
https://github.com/DeNNiiInc/UltyScan.git
synced 2026-04-17 18:26:00 +00:00
5.2 KiB
5.2 KiB
Usage Guide
Overview
UltyScan can be used via the Web Interface or Command Line. Both methods provide access to all scan modes and options.
Web Interface
Accessing the Dashboard
Open your browser and navigate to:
http://<SERVER_IP>/ultyscan/
Starting a Scan
- Go to the New Scan tab
- Enter your Target (domain or IP)
- Select a Scan Mode from the dropdown
- Enter a Workspace Name to organize results
- Enable any Additional Options as needed
- Click Start Scan
Monitoring Progress
- The status badge in the header shows: Idle or Scan Running
- When running, a Stop Scan button appears
- Go to the Console tab to see live output
Viewing Results
- Go to the Workspaces tab
- Click View on any workspace
- The HTML report opens in a new tab
Managing Workspaces
| Action | Description |
|---|---|
| Refresh | Reload the workspace list |
| View | Open the scan report |
| Export | Create a tar archive |
| Delete | Remove the workspace |
Command Line
Basic Syntax
sniper -t <TARGET> [options]
Examples
Simple Scan
sniper -t example.com
Scan with Workspace
sniper -t example.com -w myproject
Stealth Mode with OSINT
sniper -t example.com -m stealth -o
Full Aggressive Scan
sniper -t example.com -m nuke -w fullaudit -o -re -b -fp
Scan Multiple Targets
# Create target file
echo "target1.com" > targets.txt
echo "target2.com" >> targets.txt
echo "192.168.1.0/24" >> targets.txt
# Run mass scan
sniper -f targets.txt -m airstrike -w multiscan
Scan Modes Explained
Single Target Modes
| Mode | Best For | Speed | Depth |
|---|---|---|---|
normal |
General testing | Medium | Medium |
stealth |
Avoiding detection | Slow | Low |
web |
Web applications | Fast | Medium |
webscan |
Deep web analysis | Slow | High |
fullportonly |
Port discovery | Slow | Complete |
port |
Single service | Fast | Targeted |
Multi-Target Modes
| Mode | Description |
|---|---|
flyover |
Quick reconnaissance of many targets |
airstrike |
Fast enumeration across targets |
nuke |
Comprehensive audit of all targets |
massportscan |
Port scan multiple targets |
massweb |
Web scan multiple targets |
masswebscan |
Deep web scan multiple targets |
massvulnscan |
Vulnerability scan multiple targets |
Network Modes
| Mode | Description |
|---|---|
discover |
Network/CIDR range scanning |
Options Reference
Target Options
| Flag | Description | Example |
|---|---|---|
-t |
Single target | -t example.com |
-f |
Target file | -f targets.txt |
Mode Options
| Flag | Description | Example |
|---|---|---|
-m |
Scan mode | -m stealth |
-p |
Specific port | -p 8080 |
Feature Flags
| Flag | Description |
|---|---|
-o |
Enable OSINT gathering |
-re |
Enable subdomain recon |
-b |
Enable bruteforce attacks |
-fp |
Full port scan (1-65535) |
Workspace Options
| Flag | Description | Example |
|---|---|---|
-w |
Workspace name | -w project-alpha |
-d |
Delete workspace | -w project-alpha -d |
--list |
List workspaces | sniper --list |
--export |
Export workspace | -w project-alpha --export |
Workspace Management
List All Workspaces
sniper --list
Delete a Workspace
sniper -w myproject -d
Export a Workspace
sniper -w myproject --export
# Creates: /usr/share/sniper/loot/myproject.tar
Reimport Results
sniper -w myproject --reimport
Output and Reports
Report Locations
| Type | Path |
|---|---|
| HTML Report | /usr/share/sniper/loot/workspace/<NAME>/sniper-report.html |
| Nmap Results | /usr/share/sniper/loot/workspace/<NAME>/nmap/ |
| Screenshots | /usr/share/sniper/loot/workspace/<NAME>/screenshots/ |
| Raw Output | /usr/share/sniper/loot/workspace/<NAME>/output/ |
Viewing Reports
Via Web Browser
http://<SERVER_IP>/loot/workspace/<NAME>/sniper-report.html
Via Command Line
firefox /usr/share/sniper/loot/workspace/<NAME>/sniper-report.html
Scheduled Scans
Set up recurring scans:
# Daily scan
sniper -w myproject -s daily
# Weekly scan
sniper -w myproject -s weekly
# Monthly scan
sniper -w myproject -s monthly
Tips and Best Practices
1. Always Use Workspaces
Organize your results by project or engagement:
sniper -t client.com -w client-pentest-2024
2. Start with Stealth
For initial reconnaissance, use stealth mode:
sniper -t target.com -m stealth -o
3. Enable OSINT for External Targets
Get maximum intelligence on internet-facing targets:
sniper -t target.com -o -re
4. Use Web Mode for Web Apps
Focus on web vulnerabilities:
sniper -t webapp.com -m webscan
5. Check Console Output
Monitor the Console tab or log files for detailed progress:
tail -f /var/log/ultyscan/scan_*.log