-
Notifications
You must be signed in to change notification settings - Fork 236
Home
Options for add user/pass, cookie authentication, etc -> Authentication
Options for modifying request at HTTP level, like proxy, persistent connection, threads, personalized User-Agent, etc -> Requests
Options for processing payloads, like path recursion, adding an extension, inspect for a particular interesting content, etc -> Payload
Options for filtering responses, like skipping 403 code, nasty false 200 codes, list of sizes not interesting, etc -> Filtering
Options for modifying console output, like show content type or full path -> Output
There are two mandatory parameters: '-u' with the target URL and '-p' with the desired payload.
$ cansina.py -u <target> -p <payload>
It will start cansina with 4 threads and will ban 404 code responses from GET requests.
This is a very basic shoot. A previous careful manual inspection is recommended in order to fine tuning arguments and reduce false positives.
You can also used the standard out using '-' in case you want to preprocess the payloads, for example sorting them or cat a couple of files:
$ cat <payload.txt> | sort | cansina.py -u <target> -p -
All your results will be stored in dir 'output' inside a sqlite file.
You have a convenient tool 'util/viewer.py' to browse/filter/output the content.
Resume last interrupted session with all options and payload with former linenumber.
$ cansina.py -r <resume_file>