Pocsuite3pocsuite.ini Configuration
Configuration file example:
[Target]
; target url/cidr (e.g. "http://www.site.com/vuln.php?id=1")
url = https://www.google.com
; scan multiple targets given in a textual file (one per line)
url_file =
; add additional port to each target ([proto:]port, e.g. 8080,https:10000)
ports =
; Skip target's port, only use additional port
skip_target_port =
; load poc file from local or remote from seebug website
poc =
; filter poc by keyword, e.g. cve-2021-22005
poc_keyword = cve-2021-41773
[Mode]
; run poc with verify mode
; run poc with attack mode
; run poc with shell mode
mode = verify
[Request]
; http cookie header value
cookie =
; http host header value
host =
; http referer header value
referer =
; http user-agent header value (default random)
agent =
; use a proxy to connect to the target url (protocol://host:port)
proxy =
; proxy authentication credentials (name:password)
proxy_cred =
; seconds to wait before timeout connection (default 10)
timeout =
; time out retrials times (default 0)
retry =
; delay between two request of one thread
delay =
; extra headers (e.g. "key1: value1\nkey2: value2")
headers =
[Account]
; ceye token
ceye_token =
; oob server
oob_server =
; oob token
oob_token =
; seebug token
seebug_token =
; zoomeye token
zoomeye_token =
; Shodan token
shodan_token =
; fofa user
fofa_user =
; fofa token
fofa_token =
; quake token
quake_token =
; hunter token
hunter_token =
; Censys uid
censys_uid =
; Censys secret
censys_secret =
[Modules]
; zoomeye dork used for search
dork =
; zoomeye dork used for search
dork_zoomeye =
; shodan dork used for search
dork_shodan =
; censys dork used for search
dork_censys =
; fofa dork used for search
dork_fofa =
; quake dork used for search
dork_quake =
; hunter dork used for search
dork_hunter =
; max page used in search api
max_page = 1
; search type used in zoomeye api, web or host
search_type = host
; seebug keyword used for search
vul_keyword =
; seebug ssvid number for target poc
ssvid =
; connect back host for target poc in shell mode
connect_back_host =
; connect back port for target poc in shell mode
connect_back_port =
; enable TLS listener in shell mode
enable_tls_listener = False
; compare popular web search engines
comparison = False
; whether dork is in base64 format
dork_b64 = False
[Optimization]
; output file to write (json lines format)
output_path =
; load plugins to execute
plugins =
; user defined poc scripts path
pocs_path =
; max number of concurrent network requests (default 150)
threads =
; automatically choose defaut choice without asking
batch =
; check install_requires
check_requires = False
; activate quiet mode, working without logger
quiet = False
; hiden sensitive information when published to the network
ppt = False
; use scapy capture flow
pcap = False
; export suricata rules, default export request and response
rule = False
; only export suricata request rule
rule_req = False
; specify the name of the export rule file
rule_filename =
; Disable URL protocol correction and honeypot check
no_check =
[Poc options]
; show all definition options
show_options =