dennii/UltyScan
1
0
Fork 0
mirror of https://github.com/DeNNiiInc/UltyScan.git synced 2026-04-17 18:26:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
f046dee832b94ddf0984b47ec6cadfb98a12c078
UltyScan/docs/usage.md

131 lines
3.5 KiB
Markdown
Raw Blame History

# Usage Guide
This guide covers how to use **UltyScan** effectively. The tool works by running the `sniper` command followed by a target and a mode.
## Basic Syntax
```bash
sudo sniper -t <TARGET> -m <MODE> [OPTIONS]
```
- `-t <TARGET>`: The domain (e.g., `example.com`) or IP address (e.g., `192.168.1.1`) you want to scan.
- `-m <MODE>`: The scanning mode (e.g., `normal`, `stealth`, `nuke`). if omitted, defaults to normal.
- `-w <WORKSPACE>`: (Optional) Save results to a specific workspace name.
---
## Scanning Modes
### 1. Normal Mode
**Best for:** General purpose scanning.
Performs a basic scan of targets and open ports using both active and passive checks. It balances speed and depth.
**Command:**
```bash
sudo sniper -t example.com
```
*Note: If no mode is specified, Normal mode is used.*
### 2. Stealth Mode
**Best for:** Avoiding detection.
Quickly enumerates targets using mostly non-intrusive scans to avoid WAF (Web Application Firewall) or IPS (Intrusion Prevention System) blocking.
**Command:**
```bash
sudo sniper -t example.com -m stealth
```
### 3. Flyover Mode
**Best for:** High-level overview of multiple targets.
Fast, multi-threaded scans of multiple targets. Great for collecting high-level data (like taking screenshots of web pages) on many hosts quickly.
**Command:**
```bash
sudo sniper -f targets.txt -m flyover -w my-flyover-scan
```
### 4. Airstrike Mode
**Best for:** Quick enumeration of a list of targets.
Quickly enumerates open ports and services on multiple hosts and performs basic fingerprinting.
**Command:**
```bash
sudo sniper -f targets.txt -m airstrike
```
*Note: `targets.txt` should contain a list of IPs or domains, one per line.*
### 5. Nuke Mode
**Best for:** COMPLETE DESTRUCTION (Deep Audit).
Launches a full audit of multiple hosts. This enables Brute-force, Full Port Scan, OSINT, Recon, Workspace, and Loot collection. **This is very loud and will likely lock accounts or trigger alarms.**
**Command:**
```bash
sudo sniper -f targets.txt -m nuke -w my-nuke-scan
```
### 6. Discover Mode
**Best for:** Internal Networks.
Parses all hosts on a subnet (CIDR) and initiates a scan against each active host.
**Command:**
```bash
sudo sniper -t 192.168.1.0/24 -m discover -w internal-scan
```
### 7. Web Mode
**Best for:** Web Application focus.
Adds full automatic web application scans to the results. Scans ports 80 (HTTP) and 443 (HTTPS) only.
**Command:**
```bash
sudo sniper -t example.com -m web
```
---
## Workspace Management
UltyScan saves all data into "Workspaces" to keep your scans organized.
### Creating/Using a Workspace
Simply add `-w <NAME>` to any command.
```bash
sudo sniper -t example.com -w project-alpha
```
### Listing Workspaces
See all your current workspaces.
```bash
sudo sniper --list
```
### Deleting a Workspace
Remove a workspace and all its data.
```bash
sudo sniper -w project-alpha -d
```
### Viewing Reports
To open the HTML report for a workspace:
```bash
sudo sniper --list
```
Then select the report HTML file from the output or navigate to:
`/usr/share/sniper/loot/workspace/<YOUR_WORKSPACE>/sniper-report.html`
---
## Advanced Options
| Flag | Description |
| :--- | :--- |
| `-o` / `--osint` | Enable OSINT (Open Source Intelligence) gathering. |
| `-re` / `--recon` | Enable Reconnaissance gathering. |
| `-b` | Enable Brute-force attacks (automatically tries passwords). |
| `-fp` | Full Port Only scan (scans all 65535 ports). |
| `--status` | Check the status of running scans. |
| `-u` / `--update` | Update **UltyScan** to the latest version. |
---
[Return to README](../README.md)
Reference in New Issue View Git Blame Copy Permalink