Skip to content

Help Contents

Jump to bottom
retbandit edited this page Nov 28, 2017 · 6 revisions
  • '-u' url (host URL to scan including HTTP/HTTPS)
  • '-c' crawl (crawl the site for links (CTRL-C to stop crawling))
  • '-f' frontpage (perform frontpage scans)
  • '-k' keyword (scrape identified pages for keywords (works well with crawl))
  • '-s' sharepoint (perform sharepoint scans)
  • '--sps' (discover sharepoint SOAP services)
  • '--users'(List users using Search Principals)
  • '-r' rpc ((COMING SOON) execute a specified Frontpage RPC query)
  • '-t' thread (set maximum amount of threads (10 default))
  • '-p' putable (COMING SOON) find putable directories)
  • '--cookie' (use a cookie for authenticated scans)
  • '-d' download' (download pdf, doc, docx, txt, config, xml, xls, xlsx, webpart, config, conf, stp, csv and asp/aspx(uninterpreted))
  • '-l' login (provide credentials for authentication to Sharepoint" ('domain\user:password'))
  • '-v' verbose ("Render verbose output. By default SPartan will only render found resources.)
  • '-i' ignore-ssl-verification' (Don't attempt to verify SSL certificates as valid before making a request. This is defaulted to false.)

Example:
python SPartan.py -u https://www.target.com -f -s --sps -i -v

Clone this wiki locally