TARGET INPUT
To use gbounty to scan a website, you would first need to specify the target URL of the website you want to scan using the -u or --url flag. For example, if you wanted to scan the website at https://example.com, you would use the following command:
This would scan the https://example.com website using the default settings for gbounty. For example, to scan the https://example.com and https://example.com/redirect.php?url=/ URLs, you would use the -u flag like this:
Alternatively, you can specify a file containing a list of URLs to scan, with one URL per line, using the -uf or --urls-file flag. For example, if you had a file named urls.txt that contained the following lines:
You could use the -uf flag to tell gbounty to use the URLs contained in the urls.txt file as the targets for its scans.
You can use the --raw-request flag with gbounty to specify one or more raw request templates that gbounty should use when conducting its scans. The --raw-request flag can be used multiple times to specify multiple request templates.
Here is an example of how the -rr flag might be used:
The format of the raw request req1.txt could be something like this (first line the host with protocol, for example https://example.com or http://example.com):
The -rf or --requests-file flag can be used to specify a file containing a list of raw request that gbounty should use when conducting its scans. This flag allows users to specify a specific file containing the raw request that gbounty should use, rather than specifying the raw request files directly on the command line. The file that is specified with the -rf flag must be a zipped file containing one raw request per file. This allows users to organize their raw request into multiple files and then easily specify all of the raw requests at once using the -rf flag.
Here is an example of how the -rf flag might be used:
This command would tell gbounty to use the raw request contained in the requests.zip file when conducting its scans.
By default, gbounty does not scan any URLs or use any request templates unless the -u, -uf, -rf, or -rr flags are used to specify the target URL(s) and request templates.
You can then use additional flags to customize the behavior of the tool, such as specifying the profiles to use, the HTTP method to use for requests, and so on.
Options for –url (-u) and –urls-file (-uf):
-Xor--method: This flag allows you to specify a default HTTP method that gbounty should use when conducting its scans. The HTTP method specifies the type of action that the request is intended to perform, such asGET,POST,PUT, orDELETE. For example, you could use the-Xflag like this:gbounty -X POST -u https://example.com. This would tell gbounty to use thePOSTmethod as the default HTTP method for its scans (overriding the default method of the request and profiles.).-Hor--header: This flag allows you to specify default HTTP headers that gbounty should use when conducting its scans. HTTP headers are used to provide additional information about the request, such as the content type, encoding, or authentication credentials. The-Hflag can be used multiple times to specify multiple default headers. For example, you could use the-Hflag like this:gbounty -H "Accept: application/json" -H "Content-Type: application/json". This would tell gbounty to use theAcceptandContent-Typeheaders with the specified values as the default headers for its scans.-dor--data: This flag allows you to specify a default HTTP body data that gbounty should use when conducting its scans. The HTTP body data is the data that is sent along with the request, and it can be used to provide additional information or parameters for the request. For example, you could use the-dflag like this:gbounty -d "{\"username\":\"admin\",\"password\":\"password123\"}". This would tell gbounty to use the specified data as the default HTTP body data for its scans.
Last updated