spray/config.yaml

input:
  append-files: [] # Files, when found valid path, use append file new word with current path
  append-rules: [] # Files, when found valid path, use append rule generator new word with current path
  dictionaries: [] # Files, Multi,dict files, e.g.: -d 1.txt -d 2.txt
  filter-rule: "" # String, filter rule, e.g.: --rule-filter '>8 <4'
  rules: [] # Files, rule files, e.g.: -r rule1.txt -r rule2.txt
  word: "" # String, word generate dsl, e.g.: -w test{?ld#4}

functions:
  extension: "" # String, add extensions (separated by commas), e.g.: -e jsp,jspx
  exclude-extension: "" # String, exclude extensions (separated by commas), e.g.: --exclude-extension jsp,jspx
  force-extension: false # Bool, force add extensions
  remove-extension: "" # String, remove extensions (separated by commas), e.g.: --remove-extension jsp,jspx
  prefix: [] # Strings, add prefix, e.g.: --prefix aaa --prefix bbb
  suffix: [] # Strings, add suffix, e.g.: --suffix aaa --suffix bbb
  upper: false # Bool, upper wordlist, e.g.: --uppercase
  lower: false # Bool, lower wordlist, e.g.: --lowercase
  replace: null # Strings, replace string, e.g.: --replace aaa:bbb --replace ccc:ddd
  skip: [ ] # String, skip word when generate. rule, e.g.: --skip aaa

misc:
  mod: path # String, path/host spray
  client: auto # String, Client type
  thread: 20 # Int, number of threads per pool
  pool: 5 # Int, Pool size
  timeout: 5 # Int, timeout with request (seconds)
  deadline: 999999 # Int, deadline (seconds)
  proxy: "" # String, proxy address, e.g.: --proxy socks5://127.0.0.1:1080
  quiet: false # Bool, Quiet
  debug: false # Bool, output debug info
  verbose: [] # Bool, log verbose level, default 0, level1: -v, level2 -vv
  no-bar: false # Bool, No progress bar
  no-color: false # Bool, no color

mode:
  # status
  black-status: "400,410" # Strings (comma split), custom black status
  fuzzy-status: "500,501,502,503" # Strings (comma split), custom fuzzy status
  unique-status: "403,200,404" # Strings (comma split), custom unique status
  white-status: "200" # Strings (comma split), custom white status

  # check
  check-only: false # Bool, check only
  check-period: 200 # Int, check period when request
  error-period: 10 # Int, check period when error
  error-threshold: 20 # Int, break when the error exceeds the threshold

  # recursive
  recursive: current.IsDir() # String, custom recursive rule, e.g.: --recursive current.IsDir()
  depth: 0 # Int, recursive depth

  # crawl
  scope: [] # String, custom scope, e.g.: --scope *.example.com
  no-scope: false # Bool, no scope

  # other
  index: / # String, custom index path
  random: "" # String, custom random path
  unique: false # Bool, unique response
  distance: 5 # Int, simhash distance for unique response
  force: false # Bool, skip error break
  rate-limit: 0 # Int, request rate limit (rate/s), e.g.: --rate-limit 100
  retry: 0 # Int, retry count

output:
  output-file: "" # String, output filename
  auto-file: false # Bool, auto generator output and fuzzy filename
  dump: false # Bool, dump all request
  dump-file: "" # String, dump all request, and write to filename
  fuzzy: false # Bool, open fuzzy output
  fuzzy-file: "" # String, fuzzy output filename
  filter: "" # String, custom filter function, e.g.: --filter 'current.Body contains "hello"'
  match: "" # String, custom match function, e.g.: --match 'current.Status != 200''
  format: "" # String, output format, e.g.: --format 1.json
  output_probe: "" # String, output probes

plugins:
  all: false # Bool, enable all plugin
  bak: false # Bool, enable bak found
  common: false # Bool, enable common file found
  crawl: false # Bool, enable crawl
  crawl-depth: 3 # Int, crawl depth
  extract: [] # Strings, extract response, e.g.: --extract js --extract ip --extract version:(.*?)
  file-bak: false # Bool, enable valid result bak found, equal --append-rule rule/filebak.txt
  finger: false # Bool, enable active finger detect
  recon: false # Bool, enable recon

request:
  cookies: [] # Strings, custom cookie
  headers: [] # Strings, custom headers, e.g.: --headers 'Auth: example_auth'
  max-body-length: 100 # Int, max response body length (kb), default 100k, e.g. -max-length 1000
  useragent: "" # String, custom user-agent, e.g.: --user-agent Custom
  random-useragent: false # Bool, use random with default user-agent
  read-all: false # Bool, read all response body
support config.yaml 2024-02-12 16:49:44 +08:00			`input:`
			`append-files: [] # Files, when found valid path, use append file new word with current path`
			`append-rules: [] # Files, when found valid path, use append rule generator new word with current path`
			`dictionaries: [] # Files, Multi,dict files, e.g.: -d 1.txt -d 2.txt`
			`filter-rule: "" # String, filter rule, e.g.: --rule-filter '>8 <4'`
			`rules: [] # Files, rule files, e.g.: -r rule1.txt -r rule2.txt`
			`word: "" # String, word generate dsl, e.g.: -w test{?ld#4}`

			`functions:`
			`extension: "" # String, add extensions (separated by commas), e.g.: -e jsp,jspx`
			`exclude-extension: "" # String, exclude extensions (separated by commas), e.g.: --exclude-extension jsp,jspx`
			`force-extension: false # Bool, force add extensions`
			`remove-extension: "" # String, remove extensions (separated by commas), e.g.: --remove-extension jsp,jspx`
			`prefix: [] # Strings, add prefix, e.g.: --prefix aaa --prefix bbb`
			`suffix: [] # Strings, add suffix, e.g.: --suffix aaa --suffix bbb`
			`upper: false # Bool, upper wordlist, e.g.: --uppercase`
			`lower: false # Bool, lower wordlist, e.g.: --lowercase`
			`replace: null # Strings, replace string, e.g.: --replace aaa:bbb --replace ccc:ddd`
			`skip: [ ] # String, skip word when generate. rule, e.g.: --skip aaa`

			`misc:`
			`mod: path # String, path/host spray`
			`client: auto # String, Client type`
			`thread: 20 # Int, number of threads per pool`
			`pool: 5 # Int, Pool size`
			`timeout: 5 # Int, timeout with request (seconds)`
			`deadline: 999999 # Int, deadline (seconds)`
			`proxy: "" # String, proxy address, e.g.: --proxy socks5://127.0.0.1:1080`
			`quiet: false # Bool, Quiet`
			`debug: false # Bool, output debug info`
			`verbose: [] # Bool, log verbose level, default 0, level1: -v, level2 -vv`
			`no-bar: false # Bool, No progress bar`
			`no-color: false # Bool, no color`

			`mode:`
			`# status`
			`black-status: "400,410" # Strings (comma split), custom black status`
			`fuzzy-status: "500,501,502,503" # Strings (comma split), custom fuzzy status`
			`unique-status: "403,200,404" # Strings (comma split), custom unique status`
			`white-status: "200" # Strings (comma split), custom white status`

			`# check`
			`check-only: false # Bool, check only`
			`check-period: 200 # Int, check period when request`
			`error-period: 10 # Int, check period when error`
			`error-threshold: 20 # Int, break when the error exceeds the threshold`

			`# recursive`
			`recursive: current.IsDir() # String, custom recursive rule, e.g.: --recursive current.IsDir()`
			`depth: 0 # Int, recursive depth`

			`# crawl`
			`scope: [] # String, custom scope, e.g.: --scope *.example.com`
			`no-scope: false # Bool, no scope`

			`# other`
			`index: / # String, custom index path`
			`random: "" # String, custom random path`
			`unique: false # Bool, unique response`
			`distance: 5 # Int, simhash distance for unique response`
			`force: false # Bool, skip error break`
			`rate-limit: 0 # Int, request rate limit (rate/s), e.g.: --rate-limit 100`
			`retry: 0 # Int, retry count`

			`output:`
			`output-file: "" # String, output filename`
			`auto-file: false # Bool, auto generator output and fuzzy filename`
			`dump: false # Bool, dump all request`
			`dump-file: "" # String, dump all request, and write to filename`
			`fuzzy: false # Bool, open fuzzy output`
			`fuzzy-file: "" # String, fuzzy output filename`
			`filter: "" # String, custom filter function, e.g.: --filter 'current.Body contains "hello"'`
			`match: "" # String, custom match function, e.g.: --match 'current.Status != 200''`
			`format: "" # String, output format, e.g.: --format 1.json`
			`output_probe: "" # String, output probes`

			`plugins:`
			`all: false # Bool, enable all plugin`
			`bak: false # Bool, enable bak found`
			`common: false # Bool, enable common file found`
			`crawl: false # Bool, enable crawl`
			`crawl-depth: 3 # Int, crawl depth`
			`extract: [] # Strings, extract response, e.g.: --extract js --extract ip --extract version:(.*?)`
			`file-bak: false # Bool, enable valid result bak found, equal --append-rule rule/filebak.txt`
			`finger: false # Bool, enable active finger detect`
			`recon: false # Bool, enable recon`

			`request:`
			`cookies: [] # Strings, custom cookie`
			`headers: [] # Strings, custom headers, e.g.: --headers 'Auth: example_auth'`
			`max-body-length: 100 # Int, max response body length (kb), default 100k, e.g. -max-length 1000`
			`useragent: "" # String, custom user-agent, e.g.: --user-agent Custom`
			`random-useragent: false # Bool, use random with default user-agent`
			`read-all: false # Bool, read all response body`