Skip to content

2. User Guide

Jump to bottom
Heitor Gouvêa edited this page Jun 29, 2021 · 4 revisions

Table of contents:

Introduction

This manual aims to illustrate/exemplify how a common user (Pentesters/Red Teamers) can make use of the spellbook, if you want to have a more advanced understanding of it or develop new features, we have a wiki focused on this topic: Developer Guide

Searching by modules

As the spellbook is based on modules, it has a local database where it stores the information of all modules. Currently the search can be done by all these values: name, id, description or category, the latter being the most effective.

Examples of search:

$ perl spellbook.pl --search exploit

Module: Exploit::CVE_2017_5487
Description: Read usernames leaked on WordPress API
=================================================

Module: Exploit::Shellshock
Description: Exploit for shellshock vuln
=================================================

Module: Exploit::Subdomain_Takeover_Check
Description: A checker for the possibility of subdomain takeover attack
=================================================

[...]

$ perl spellbook.pl --search recon  

Module: Recon::Find_Emails
Description: Find e-mails from a domain using hunter.io API
=================================================

Module: Recon::Get_Headers
Description: Get all HTTP headers from an web server
=================================================

Module: Recon::Extract_Links
Description: A module to extract all links from a web page
=================================================

[...]

Currently supported categories are: exploit, recon, helper, android, core and parser.

Using modules

TBD

Concatenating modules

TBD

Clone this wiki locally