naabu.conf

# Number of retries
# retries: 1
# Packets rate
# rate: 100
# Timeout is the seconds to wait for ports to respond
# timeout: 5
# Hosts are the host to find ports for
# host:
# 	- 10.10.10.10
# Ports is the ports to use for enumeration
# ports:
# 	- 80
# 	- 100
# ExcludePorts is the list of ports to exclude from enumeration
# exclude-ports:
# 	- 20
# 	- 30
# Verify is used to check if the ports found were valid using CONNECT method
# verify: false
# NoProbe skips probes to discover alive hosts
# no-probe: false
# Ping uses ping probes to discover fastest active host and discover dead hosts
# ping: true
# Port Probes (SYN-PORT, ACK-PORT)
# port-probes:
# 	- A80
# 	- S110
# Ips or cidr to be excluded from the scan
# exclude-ips:
# 	- 1.1.1.1
# 	- 2.2.2.2
# Top ports list
# top-ports: 100
# Attempts to run as root
# privileged: true
# Drop root privileges
# unprivileged: true
# Excludes ip of knows CDN ranges
# exclude-cdn: true
# IcmpEchoProbe before scanning
# icmp-echo-probe: true
# IcmpTimestampProbe before scanning
# icmp-timestamp-probe: false
# SourceIp to use in TCP packets
# source-ip: 10.10.10.10
# Interface to use for TCP packets
# interface: eth0
# WarmUpTime between scan phases
# warm-up-time: 2
# nmap command to invoke after scanning
nmap: nmap -sV --script vulners,dns-brute,http-auth-finder,http-chrono,http-cookie-flags,http-cors,http-cross-domain-policy,http-csrf,http-dombased-xss,http-enum,http-errors,http-git,http-grep,http-internal-ip-disclosure,http-jsonp-detection,http-malware-host,http-methods,http-passwd,http-phpself-xss,http-php-version,http-robots.txt,http-sitemap-generator,http-shellshock,http-stored-xss,http-title,http-unsafe-output-escaping,http-useragent-tester,http-vhosts,http-waf-detect,http-waf-fingerprint,http-xssed,traceroute-geolocation.nse,ssl-enum-ciphers,whois-domain,whois-ip -oA worldnamap