search

r3curs1v3-pr0xy / vajra

Vajra is a highly customizable target and scope based automated web hacking framework to automate boring recon tasks and same scans for multiple target during web applications penetration testing.
GNU General Public License v3.0
689 stars 159 forks source link

Need help #8

Closed bootyhunt3r closed 3 years ago

bootyhunt3r commented 3 years ago

Hello @r3curs1v3-pr0xy , this framework is truly awesome , but can you tell me how to use it to finding everything for all the subdomains ? Like I want to do directory bruteforcing , but how can I add all the subdomains for that ?

r3curs1v3-pr0xy commented 3 years ago

Thanks for your feedback @bootyhunt3r

If you want to include subdomains in any of the scan then make sure you find subdomains first. I mean to say subdomains must be available in database as the scans are dependent on it.

After getting all subdomains, select your type of scans and include subdomains in it.

Note: Currently, Fuzzing with Custom Generated Wordlist is not supported on subdomains. You can use it on root domain only. Rest two of the options are available for both root domain and subdomains.

For more on Usage Guide, read this blog post: https://hackwithproxy.medium.com/introducing-vajra-an-advanced-web-hacking-framework-bd8307a01aa8

bootyhunt3r commented 3 years ago

Yeah , but how to include subdomains , just click on the subdomains section ?