Skip to content

Using the help

Jump to bottom Edit New page
7a edited this page Sep 21, 2012 · 1 revision

This will be obvious for most but calling owtf with no arguments will show you the help:

		./owtf.py
		
		                  __       ___  
		                 /\ \__  /'___\ 
		  ___   __  __  _\ \ ,_\/\ \__/ 
		 / __`\/\ \/\ \/\ \ \ \/\ \ ,__\ 
		/\ \_\ \ \ \_/ \_/ \ \ \_\ \ \_/
		\ \____/\ \___x___/'\ \__\\ \_\ 
		 \/___/  \/__//__/   \/__/ \/_/ 
		
		OWASP OWTF, the Offensive (Web) Testing Framework, is an OWASP+PTES-focused try to unite great tools and make pen testing more efficient @owtfp http://owtf.org
		Author: Abraham Aranguren <name.surname@gmail.com> - http://7-a.org - Twitter: @7a_
		OWTF Version: 0.14 "London"
		
		Current Path: ./owtf.py
		Syntax: owtf.py [ options ] <target1 target2 target3 ..> where target can be: <target URL / hostname / IP>
		                                        NOTE: targets can also be provided via a text file
		
		 -l <web/net/aux>:              list available plugins in the plugin group (web, net or aux)
		 -f:                            force plugin result overwrite (default is avoid overwrite)
		 -i <yes/no>                    interactive: yes (default, more control) / no (script-friendly)
		 -e <except plugin1,2,..>       comma separated list of plugins to be ignored in the test
		 -o <only plugin1,2,..> comma separated list of the only plugins to be used in the test
		 -p (ip:)port            setup an inbound proxy for manual site analysis
		 -x ip:port                     send all owtf requests using the proxy for the given ip and port
		 -s                             Do not do anything, simply simulate how plugins would run
		 -m <g:f,w:f,n:f,r:f>           Use my profile: 'f' = valid config file. g: general config, w: web plugin order, n: net plugin order, r: resources file
		 -a <depth/breadth>             Multi-target algorithm: breadth (default)=each plugin runs for all targets first | depth=all plugins run for each target first
		
		 -g <web/net/aux>               Initial plugin group: web (default) = targets are interpreted as URLs = web assessment only
		                                net = targets are interpreted as hosts/network ranges = traditional network discovery and probing
		                                aux = targets are NOT interpreted, it is up to the plugin/resource definition to decide what to do with the target
		
		 -t <plugin type>               For web plugins: passive, semi_passive, quiet (passive + semi_passive), grep, active, all (default)
		                                NOTE: grep plugins run automatically after semi_passive and active in the default profile
		
		Examples:
		
		Run all web plugins:                                            owtf.py http://my.website.com
		Run only passive + semi_passive plugins:                        owtf.py -t quiet http://my.website.com
		Run only active plugins:                                        owtf.py -t active http://my.website.com
		
		Run all plugins except 'OWASP-CM-001: Testing_for_SSL-TLS':     owtf.py -e 'OWASP-CM-001' http://my.website.com
		Run all plugins except 'OWASP-CM-001: Testing_for_SSL-TLS':     owtf.py -e 'Testing_for_SSL-TLS' http://my.website.com
		
		Run only 'OWASP-CM-001: Testing_for_SSL-TLS':                   owtf.py -o 'OWASP-CM-001' http://my.website.com
		Run only 'OWASP-CM-001: Testing_for_SSL-TLS':                   owtf.py -o 'Testing_for_SSL-TLS' http://my.website.com
		
		Run only OWASP-IG-005 and OWASP-WU-VULN:                        owtf.py -o 'OWASP-IG-005,OWASP-WU-VULN' http://my.website.com
		Run using my resources file and proxy:                  owtf.py -m r:/home/me/owtf_resources.cfg -x 127.0.0.1:8080 http://my.website.com
Add a custom footer
Add a custom sidebar
Clone this wiki locally