From dadc0d8b13c24ac0197bad4507245c54cdc624c8 Mon Sep 17 00:00:00 2001 From: six2dez Date: Sun, 8 Jan 2023 23:37:08 +0100 Subject: [PATCH] update --- reconftw.cfg | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/reconftw.cfg b/reconftw.cfg index fd7b65e3..3b4e6e81 100644 --- a/reconftw.cfg +++ b/reconftw.cfg @@ -63,7 +63,7 @@ SUBSCRAPING=true # Subdomains extraction from web crawling SUBPERMUTE=true # DNS permutations SUBREGEXPERMUTE=true # Permutations by regex analysis PERMUTATIONS_OPTION=gotator # The alternative is "ripgen" (faster, not deeper) -GOTATOR_FLAGS="-depth 1 -numbers 3 -mindup -adv -md" # Flags for gotator +GOTATOR_FLAGS=" -depth 1 -numbers 3 -mindup -adv -md" # Flags for gotator SUBTAKEOVER=false # Check subdomain takeovers, false by default cuz nuclei already check this SUB_RECURSIVE_PASSIVE=false # Uses a lot of API keys queries DEEP_RECURSIVE_PASSIVE=10 # Number of top subdomains for recursion @@ -95,8 +95,8 @@ CDN_IP=true # Check which IPs belongs to CDN WAF_DETECTION=true # Detect WAFs NUCLEICHECK=true # Enable or disable nuclei NUCLEI_SEVERITY="info,low,medium,high,critical" # Set templates criticity -NUCLEI_FLAGS="-silent -t ~/nuclei-templates/ -retries 2" # Additional nuclei extra flags, don't set the severity here but the exclusions like "-etags openssh" -NUCLEI_FLAGS_JS="-silent -tags exposure,token -severity info,low,medium,high,critical" # Additional nuclei extra flags for js secrets +NUCLEI_FLAGS=" -silent -t ~/nuclei-templates/ -retries 2" # Additional nuclei extra flags, don't set the severity here but the exclusions like " -etags openssh" +NUCLEI_FLAGS_JS=" -silent -tags exposure,token -severity info,low,medium,high,critical" # Additional nuclei extra flags for js secrets URL_CHECK=true # Enable or disable URL collection URL_CHECK_PASSIVE=true # Search for urls, passive methods from Archive, OTX, CommonCrawl, etc URL_CHECK_ACTIVE=true # Search for urls by crawling the websites @@ -141,8 +141,8 @@ REMOVELOG=false # Delete logs after execution PROXY=false # Send to proxy the websites found SENDZIPNOTIFY=false # Send to zip the results (over notify) PRESERVE=true # set to true to avoid deleting the .called_fn files on really large scans -FFUF_FLAGS="-mc all -fc 404 -ac -sf" # Ffuf flags -HTTPX_FLAGS="-follow-redirects -random-agent -status-code -silent -title -web-server -tech-detect -location" # Httpx flags for simple web probing +FFUF_FLAGS=" -mc all -fc 404 -ac -sf" # Ffuf flags +HTTPX_FLAGS=" -follow-redirects -random-agent -status-code -silent -title -web-server -tech-detect -location" # Httpx flags for simple web probing # HTTP options HEADER="User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:72.0) Gecko/20100101 Firefox/72.0" # Default header @@ -204,7 +204,7 @@ AXIOM_FLEET_SHUTDOWN=true # # Enable or disable delete the fleet after the execu # This is a script on your reconftw host that might prep things your way... #AXIOM_POST_START="~/Tools/axiom_config.sh" # Useful to send your config files to the fleet AXIOM_EXTRA_ARGS="" # Leave empty if you don't want to add extra arguments -#AXIOM_EXTRA_ARGS="--rm-logs" # Example +#AXIOM_EXTRA_ARGS=" --rm-logs" # Example # BBRF BBRF_CONNECTION=false