fuchsiactl console client¶
The fuchsiactl console client lets you access the scanning node directly, bypassing the control node.
Usage¶
The fuchsiactl service can be used as follows:
The following commands are available:
| Command | Description |
|---|---|
cancel_scan |
Cancel the specified scan |
completion |
Generate an autocompletion script for the specified shell |
config |
Update and check runtime settings |
create_scangroup |
Create a scan group (experimental functionality) |
delete_scan |
Delete the specified scan and its associated data |
dump_requests |
Save all HTTP requests from the specified scan to a given directory |
dump_responses |
Save all HTTP responses from the specified scan to a given directory |
export |
Export the resources and endpoints of the specified scan |
get_deps |
Display a list of endpoints and their tags |
get_resources |
Display a list of resources and their tags |
get_scangroup |
Display information about the scan group with the specified ID (experimental functionality) |
get_tokenbudget_metrics |
Display the token budget metrics for the scan group with the specified ID (experimental functionality) |
help |
Help for any command |
list_modules |
Display the list of modules |
list_scangroups |
Display the list of all scan groups (experimental functionality) |
list_scans |
Display the list of scans |
logs |
Display logs |
pause_scan |
Pause the specified scan |
reload |
Reload the server configuration |
rescan |
Start a new scan identical to the specified one |
resume_scan |
Resume a paused scan |
scan |
Start a new scan |
scan_stats |
Display network statistics for a specific scan |
The following flags are available:
| Flag | Type | Description |
|---|---|---|
-h, --help |
Not specified | Help for fuchsiactl commands |
-v, --version |
Not specified | fuchsiactl version |
Global flags¶
The flags listed in the table below are available for all commands.
| Flag | Type | Description |
|---|---|---|
--addr |
string |
fuchsiad socket address. By default, unix:///run/fuchsia/fuchsiad.sock, or the value from the fuchsiactl configuration file, if present |
--ca |
string |
Path the CA certificates used for server verification. By default, the system certificate storage is used |
--cert |
string |
Path to the client certificate that can be used when communicating over TLS |
--insecure |
boolean |
Disables server certificate verification |
--key |
string |
Path to the private key of the client certificate |
--tls |
boolean |
Enables TLS for communication with the server |
cancel_scan command¶
Cancels the specified scan.
Usage¶
completion command¶
Generates an autocompletion script for the specified shell.
Usage¶
Shell types and working with them¶
bash shell¶
To load in the current session:
For future sessions (launch a new shell after executing the command for the changes to take effect):
fish shell¶
To load in the current session:
For future sessions (launch a new shell after executing the command for the changes to take effect):
powershell shell¶
To load in the current session:
For future sessions add the command above to your powershell profile.
zsh shell¶
If auto-completion has not been enabled previously in your environment, it needs to be enabled.
To load in the current session:
For future sessions (launch a new shell after executing the command for the changes to take effect):
Flags¶
| Flag | Type | Description |
|---|---|---|
--no-descriptions |
Not specified | Disables description output |
config command¶
Allows you to update and check runtime settings. Running the command without any flags displays the current values.
Usage¶
Flags¶
| Flag | Type | Description |
|---|---|---|
--concurrency |
int |
Maximum number of parallel jobs (0 — auto, -1 — reset, do not change default) |
--scan-concurrency |
int |
Maximum number of parallel scans (0 — unlimited, -1 — reset, do not change default) |
create_scangroup command¶
Creates a new scan group with the specified token budget (experimental functionality).
Usage¶
delete_scan command¶
Deletes the specified scan and its associated data.
Usage¶
dump_requests command¶
Saves all HTTP requests from the specified scan to a given directory. This command is only applicable to scans created with the --dumpRequests flag.
Usage¶
Flags¶
| Flag | Type | Description |
|---|---|---|
-o, --output |
string |
Directory for saving requests |
-s, --scan |
int |
Scan ID. By default -1 |
dump_responses command¶
Saves all HTTP responses from the specified scan to a given directory. This command is only applicable to scans created with the --dumpResponses flag.
Usage¶
Flags¶
| Flag | Type | Description |
|---|---|---|
-o, --output |
string |
Directory for saving responses |
-s, --scan |
int |
Scan ID. By default -1 |
export command¶
Exports the resources and endpoints of the specified scan.
Usage¶
Flags¶
| Flag | Type | Description |
|---|---|---|
--dest |
string |
File name for storing extracted data |
get_deps command¶
Displays a list of endpoints and their tags.
Usage¶
Flags¶
| Flag | Type | Description |
|---|---|---|
--json |
boolean |
Output in NDJSON format. By default false |
--per-page |
int32 |
The number of endpoints to display per API request. By default 100 |
get_resources command¶
Displays a list of resources and their tags.
Usage¶
Flags¶
| Flag | Type | Description |
|---|---|---|
--json |
boolean |
Output in NDJSON format. By default false |
--per-page |
int32 |
The number of resources to display per API request. By default 100 |
get_scangroup command¶
Displays information about the scan group with the specified group ID (experimental functionality).
Usage¶
get_tokenbudget_metrics command¶
Displays the token budget metrics for the scan group with the specified ID (experimental functionality).
Usage¶
help command¶
Displays help for the specified command.
Usage¶
list_modules command¶
Displays the list of modules.
Usage¶
list_scans command¶
Displays the list of scans.
Usage¶
Flags¶
| Flag | Type | Description |
|---|---|---|
--per-page |
int32 |
The number of endpoints to display per API request. By default 100 |
list_scangroups command¶
Displays the list of all scan groups (experimental functionality).
Usage¶
logs command¶
Displays logs.
Usage¶
Flags¶
| Flag | Type | Description |
|---|---|---|
--all |
boolean |
Displays all logs. By default false |
--job |
int |
Job ID. Overrides other flags. By default -1 |
--log-type |
log-type |
Displays logs of a specific type. Valid types: authChecker, httpRequests, httpRequestsFull, output (default output). The httpRequestsFull type is available only for scans created with the --dumpRequests flag |
--modules |
strings |
A list of modules from which logs are being requested |
--scan |
int |
Scan ID. By default -1 |
pause_scan command¶
Pauses the specified scan.
Usage¶
reload command¶
Reloads the server configuration.
Usage¶
rescan command¶
Creates a new scan, identical to the specified one.
Usage¶
Flags¶
| Flag | Type | Description |
|---|---|---|
--login-proposal |
boolean |
If the automatic login module was involved in the specified scan, this flag allows reusing tags previously generated by this module as browser scripts in a new scan |
resume_scan command¶
Resumes a paused scan.
Usage¶
scan command¶
Starts a new scan.
Usage¶
Flags¶
| Flag | Type | Description |
|---|---|---|
--anomaly-checker-config |
string |
Path to the anomaly checker configuration file |
--cookie |
string |
Additional cookie file (passed to the original hostname of the scan). E.g. "name=value; name2=value2" |
--depDedupUrlRegexp |
array |
Regular expressions for deduplicating endpoints by URL. To specify multiple expressions, use the flag multiple times |
--depDeduplication |
enumerable | Endpoint deduplication mode (none, default, extended). By default default |
--dirbusting |
boolean |
Enables dirbusting with a default dictionary. By default true |
--domain-list |
array |
Comma-separated list of domains |
--domain-scope |
enumerable | Domain filtering mode (any, same, subdomain, secondlevel/second-level). By default second-level |
--dumpRequests |
boolean |
Mode for saving requests for later use. The following commands are used to display the saved requests: fuchsiactl logs with the --log-type httpRequestsFull flag or fuchsiactl dump_requests |
--extra-setting |
string |
Passes additional settings to modules. E.g. --extra-setting=${module}:${name}=${value}. The value parameter should be specified in JSON format. E.g. --extra-setting 'module_example:test_param="test_val"' |
--file |
string |
Passes additional files to modules. E.g. --file=${module}:${name}=${contents}, --file=${module}:${name}@${path}. Use „*“ to transfer the file to all modules |
--header |
string |
An additional HTTP header (passed to the original hostname of the scan). E.g. "X-Token: foobar" |
--import |
string |
Path to the file containing data for the imported scan. The specified file must be obtained using the fuchsiactl export command |
--max-rps |
float |
The maximum RPS value. It is not limited by default |
--modules |
array |
Module specifications, comma‑separated, in the format: module-name, %label, %role:label. The default value is %default. For more information, see the section |
--pageDedupUrlRegexp |
array |
Regular expressions for deduplicating pages by URL. To specify multiple expressions, use the flag multiple times |
--pageDeduplication |
boolean |
Enables page deduplication for modules that accept pages as input. By default true |
--password |
string |
Password for basic HTTP authentication (passed to the original hostname of the scan) |
--php-entrypoints |
string |
Comma-separated list of endpoints |
--proxy |
string |
Proxy server. E.g. http://127.0.0.1:8080 |
--replace-in-json |
object |
Replaces the value at the path with a new one (specified by the value key) in the JSON bodies of HTTP requests. E.g. --replace-in-json={"path": ["path", "to", "key"], "value": "newValue"} |
--scanRequest |
string |
Path to the JSON file containing the scan settings |
--scangroup |
int |
Starts a scan within the scan group with the specified ID |
--url |
string |
URL to scan |
--url-blacklist |
array |
Regular expressions for restricting the URLs included in the scan. To specify multiple expressions, use the flag multiple times |
--username |
string |
Username for basic HTTP authentication (passed to the original hostname of the scan) |
--modules flag¶
This flag specifies a comma‑separated list of module specifications to be used for scanning. A ! prefix can be used to exclude a specific module or module group from the scan list.
Supported formats:
- to use modules:
module-name;%label;%role:label;
- to exclude modules:
%label, !module-name;%label, !%label;%label, !%role:label.
Supported label values:
all— all modules are used;default— all modules are used except experimental ones (default);browser— modules that use a headless browser are used.
Supported role values:
discovery— only discovery modules are used;fuzzing— only fuzzing modules are used.
Examples of usage:
-
Use only the static web crawling module for scanning.
-
Use all modules for scanning except the static web crawling module.
Example of an incorrect command usage:
-
Use only non‑experimental discovery modules for scanning.
-
Use all modules for scanning that are neither experimental nor use a headless browser.
-
Use all modules for scanning except fuzzing modules.
Alternative variant:
scan_stats command¶
Displays network statistics for the specified scan.
Usage¶
Flags¶
| Flag | Type | Description |
|---|---|---|
-s, --scan |
int |
Scan ID. By default -1 |