Details

Category: Recon

Publisher: zaric

Created Date: 8/7/2023

Container: quay.io/trickest/zgrab2-http-simple:v0.0.1

Source URL: https://github.com/zmap/zgrab2

Parameters

sct
boolean
Command: --sct - Request Signed Certificate Timestamps during TLS Handshake
port
string
Command: --port - Specify port to grab on (default: 80)
time
string
Command: --time - Explicit request time to use, instead of clock. YYYYMMDDhhmmss format.
debug
boolean
Command: --debug - Include debug fields in the output.
flush
boolean
Command: --flush - Flush after each line of output.
input
string
required
Command: - Input target
method
string
Command: --method - Set HTTP request method type (default: GET)
no-sni
boolean
Command: --no-sni - Do not send domain name in TLS Handshake regardless of whether known
senders
string
Command: --senders - Number of send goroutines to use (default: 1000)
timeout
string
Command: --timeout - Set connection timeout (0 = no timeout) (default: 10s)
trigger
string
Command: --trigger - Invoke only on targets with specified tag
endpoint
string
Command: --endpoint - Send an HTTP request to an endpoint (default: /)
max-size
string
Command: --max-size - Max kilobytes to read in response to an HTTP request (default: 256)
maxbytes
string
Command: --maxbytes - Maximum byte read limit per scan (0 = defaults)
no-ecdhe
boolean
Command: --no-ecdhe - Do not allow ECDHE handshakes
root-cas
file
Command: --root-cas - Set of certificates to use when verifying server certificates
use-https
boolean
Command: --use-https - Perform an HTTPS connection on the initial host
gomaxprocs
string
Command: --gomaxprocs - Set GOMAXPROCS (default: 0)
heartbleed
boolean
Command: --heartbleed - Check if server is vulnerable to Heartbleed
input-file
file
required
Command: - Input file
prometheus
string
Command: --prometheus - Address to use for Prometheus server (e.g. localhost:8080). If empty, Prometheus is disabled
user-agent
string
Command: --user-agent - Set a custom user agent (default: Mozilla/5.0 zgrab/0.x)
dsa-enabled
boolean
Command: --dsa-enabled - Accept server DSA keys
max-version
string
Command: --max-version - The maximum SSL/TLS version that is acceptable. 0 means use the highest supported value.
min-version
string
Command: --min-version - The minimum SSL/TLS version that is acceptable. 0 means that SSLv3 is the minimum.
next-protos
file
Command: --next-protos - A list of supported application-level protocols
retry-https
boolean
Command: --retry-https - If the initial request fails, reconnect and try with HTTPS.
server-name
string
Command: --server-name - Server name used for certificate verification and (optionally) SNI
certificates
file
Command: --certificates - Set of certificates to present to the server
cipher-suite
string
Command: --cipher-suite - A comma-delimited list of hex cipher suites to advertise.
client-hello
string
Command: --client-hello - Set an explicit ClientHello (base64 encoded)
client-random
string
Command: --client-random - Set an explicit Client Random (base64 encoded)
max-redirects
string
Command: --max-redirects - Max number of redirects to follow (default: 0)
session-ticket
boolean
Command: --session-ticket - Send support for TLS Session Tickets and output ticket if presented
with-body-size
boolean
Command: --with-body-size - Enable the body_size attribute, for how many bytes actually read
certificate-map
file
Command: --certificate-map - A file mapping server names to certificates
extended-random
boolean
Command: --extended-random - Send TLS Extended Random Extension
keep-client-logs
boolean
Command: --keep-client-logs - Include the client-side logs in the TLS handshake
curve-preferences
string
Command: --curve-preferences - A list of elliptic curves used in an ECDHE handshake, in order of preference.
heartbeat-enabled
boolean
Command: --heartbeat-enabled - If set, include the heartbeat extension
override-sig-hash
boolean
Command: --override-sig-hash - Override the default SignatureAndHashes TLS option with more expansive default
redirects-succeed
boolean
Command: --redirects-succeed - Redirects are always a success, even if max-redirects is exceeded
fail-http-to-https
boolean
Command: --fail-http-to-https - Trigger retry-https logic on known HTTP/400 protocol mismatch responses
read-limit-per-host
string
Command: --read-limit-per-host - Maximum total kilobytes to read for a single host (default 96kb) (default: 96)
connections-per-host
string
Command: --connections-per-host - Number of times to connect to each host (results in more output) (default: 1)
custom-headers-names
file
Command: --custom-headers-names - CSV of custom HTTP headers to send to server
signature-algorithms
string
Command: --signature-algorithms - Signature and hash algorithms that are acceptable
custom-headers-values
file
Command: --custom-headers-values - CSV of custom HTTP header values to send to server. Should match order of custom-headers-names
extended-master-secret
boolean
Command: --extended-master-secret - Offer RFC 7627 Extended Master Secret extension
custom-headers-delimiter
string
Command: --custom-headers-delimiter - Delimiter for customer header name/value CSVs
verify-server-certificate
boolean
Command: --verify-server-certificate - ail if the server certificate does not match the server-name, or does not chain to a trusted root.
follow-localhost-redirects
boolean
Command: --follow-localhost-redirects - Follow HTTP redirects to localhost
compute-decoded-body-hash-algorithm
string
Command: --compute-decoded-body-hash-algorithm - Choose algorithm for BodyHash field (sha256 or sha1)