kali工具箱

Arachni Package Description

Arachni is an Open Source, feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications.

It is smart, it trains itself by learning from the HTTP responses it receives during the audit process and is able to perform meta-analysis using a number of factors in order to correctly assess the trustworthiness of results and intelligently identify false-positives.

It is versatile enough to cover a great deal of use cases, ranging from a simple command line scanner utility, to a global high performance grid of scanners, to a Ruby library allowing for scripted audits, to a multi-user multi-scan web collaboration platform.

Source: http://arachni-scanner.com/
Arachni Homepage | Kali Arachni Repo

Author: Tasos “Zapotek” Laskos
License: Apache-2.0

Tools included in the arachni package

arachni_web – The Arachni web scanner

[email protected]:~# arachni_web -h

Usage: rackup [ruby options] [rack options] [rackup config]



Ruby options:

  -e, --eval LINE          evaluate a LINE of code

  -b BUILDER_LINE,         evaluate a BUILDER_LINE of code as a builder script

      --builder

  -d, --debug              set debugging flags (set $DEBUG to true)

  -w, --warn               turn warnings on for your script

  -I, --include PATH       specify $LOAD_PATH (may be used more than once)

  -r, --require LIBRARY    require the library, before executing your script



Rack options:

  -s, --server SERVER      serve using SERVER (thin/puma/webrick/mongrel)

  -o, --host HOST          listen on HOST (default: 0.0.0.0)

  -p, --port PORT          use PORT (default: 9292)

  -O NAME[=VALUE],         pass VALUE to the server as option NAME. If no VALUE, sets it to true. Run '/usr/share/arachni/bin/../system/gems/bin/rackup -s SERVER -h' to get a list of options for SERVER

      --option

  -E, --env ENVIRONMENT    use ENVIRONMENT for defaults (default: development)

  -D, --daemonize          run daemonized in the background

  -P, --pid FILE           file to store PID (default: rack.pid)



Common options:

  -h, -?, --help           Show this message

      --version            Show version

arachni_web Usage Example

[email protected]:~# arachni_web

>> Thin web server (v1.5.1 codename Straight Razor)

>> Maximum connections set to 1024

>> Listening on 0.0.0.0:9292, CTRL+C to stop