Skip to content

Commit 2f3fdbc

Browse files
codingocodingo
authored
Update README.md
1 parent 5988002 commit 2f3fdbc

File tree

1 file changed

+10
-8
lines changed

1 file changed

+10
-8
lines changed

README.md

Lines changed: 10 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -17,13 +17,6 @@ A virtual host scanner that can be used with pivot tools, detect catch-all scena
1717

1818
![VHOSTScan Feature Map](https://github.com/codingo/codingo.github.io/blob/master/assets/featureMap.PNG)
1919

20-
## Screenshots
21-
### Using included wordlist for Virtual Host Checks
22-
![VHOSTScan Wordlist example](https://github.com/codingo/codingo.github.io/blob/master/assets/Bank%20VHOST%20Example.png)
23-
24-
### Using STDIN (pipe) to pass wordlist information for Virtual Host Checks
25-
![VHOSTScan STDIN Example](https://github.com/codingo/codingo.github.io/blob/master/assets/Bank%20VHOST%20Pipe%20Example.png)
26-
2720
# Usage
2821

2922
| Argument | Description |
@@ -40,12 +33,18 @@ A virtual host scanner that can be used with pivot tools, detect catch-all scena
4033
| --ssl | If set then connections will be made over HTTPS instead of HTTP. |
4134

4235
## Usage Examples
36+
37+
___Note that a number of these examples reference 10.10.10.29. This IP refers to BANK.HTB, a retired target machine from HackTheBox (https://www.hackthebox.eu/).___
38+
4339
### Quick Example
4440
The most straightforward example runs the default wordlist against example.com using the default of port 80:
4541

4642
```bash
4743
$ VHostScan.py -t example.com
4844
```
45+
46+
![VHOSTScan Wordlist example](https://github.com/codingo/codingo.github.io/blob/master/assets/Bank%20VHOST%20Example.png)
47+
4948
### Port forwarding
5049
Say you have an SSH port forward listening on port 4444 fowarding traffic to port 80 on example.com's development machine. You could use the following to make VHostScan connect through your SSH tunnel via localhost:4444 but format the header requests to suit connecting straight to port 80:
5150

@@ -56,8 +55,11 @@ $ VHostScan.py -t localhost -b example.com -p 4444 -r 80
5655
### STDIN
5756
If you want to pipe information into VHostScan you can use the ```-``` flag:
5857
```bash
59-
$ cat vhostname | VHostScan.py -t localhost -
58+
$ cat bank.htb | VHostScan.py -t 10.10.10.29 -
6059
```
60+
61+
![VHOSTScan STDIN Example](https://github.com/codingo/codingo.github.io/blob/master/assets/Bank%20VHOST%20Pipe%20Example.png)
62+
6163
### STDIN and WordList
6264
You can still specify a wordlist to use along with stdin. In these cases wordlist information will be appended to stdin. For example:
6365
```bash

0 commit comments

Comments
 (0)