-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathconfig.yaml
More file actions
44 lines (39 loc) · 1.55 KB
/
config.yaml
File metadata and controls
44 lines (39 loc) · 1.55 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
# ExploitGraph Configuration
# Edit this file to customize framework behavior.
# All settings can also be overridden with environment variables: EG_SECTION_KEY=value
framework:
version: "1.0.0"
max_threads: 10 # Concurrent threads for scanning
timeout: 8 # Default HTTP request timeout (seconds)
retry: 2 # Retry failed requests
user_agent: "ExploitGraph/1.0 (Security Research; +https://github.com/prajwalpawar/ExploitGraph)"
output_dir: "reports" # Default output directory
log_level: "INFO" # INFO | DEBUG | WARNING | ERROR
verify_ssl: false # Verify SSL certificates (disable for self-signed)
follow_redirects: false # Follow HTTP redirects during enumeration
wordlists:
http_paths: "data/wordlists/common_paths.txt"
s3_buckets: "data/wordlists/s3_buckets.txt"
backup_files: "data/wordlists/backup_files.txt"
subdomains: "data/wordlists/subdomains.txt"
aws:
profile: null # AWS CLI profile name (null = use default credentials)
region: "us-east-1" # Default AWS region
enabled: false # Set to true to enable boto3 cloud modules
reporting:
formats: ["html", "json"]
cvss_minimum: 0.0 # Minimum CVSS score to include in report
open_browser: false # Auto-open HTML report after generation
modules:
# Module-specific default overrides
http_enum:
threads: 10
timeout: 6
status_codes: "200,301,302,403,500"
s3_enum:
download_files: true
timeout: 8
file_secrets:
entropy_scan: true
api_exploit:
max_attempts: 50