[] Web Spider: Found 42 links in URL: http://xxxx/
[] DNS subdomain bruteforcer: 9.38% percent done...
[] DNS subdomain bruteforcer: 9.43% percent done...
[] DNS subdomain bruteforcer: 9.49% percent done...
[] DNS subdomain bruteforcer: 9.54% percent done...
[] DNS subdomain bruteforcer: 9.59% percent done...
[!] GoLismero: Error processing message!
Traceback (most recent call last):
File "/home/xxxx/golismero/main/orchestrator.py", line 476, in run
self.dispatch_msg(message)
File "/home/xxxx/golismero/main/orchestrator.py", line 335, in dispatch_msg
if self.auditManager.dispatch_msg(message):
File "/home/xxxx/golismero/managers/auditmanager.py", line 235, in dispatch_msg
return self.get_audit(message.audit_name).dispatch_msg(message)
File "/home/xxxx/golismero/managers/auditmanager.py", line 755, in dispatch_msg
return self.dispatch_msg(message)
File "/home/xxxx/golismero/managers/auditmanager.py", line 838, in __dispatch_msg
queue = list(data.discovered) # Make sure it's a copy.
File "/home/xxxx/golismero/api/data/resource/url.py", line 294, in discovered
result = FolderUrl.from_url(self.url)
File "/home/xxxx/golismero/api/data/resource/url.py", line 470, in from_url
return [FolderUrl(x) for x in folder_urls]
File "/home/xxxx/golismero/api/data/resource/url.py", line 424, in __init
raise ValueError("URL does not point to a folder!")
ValueError: URL does not point to a folder!

It would be very useful for Golismero to support an RPC/REST API. This would allow for easier integration in to other tools as a subcomponent.

I have a website with a *.xyz TLD and it just says
[!] GoLismero: [Errno -5] No address associated with hostname
[!] GoLismero: Error: Failed to add new audit, reason: [Errno -5] No address associated with hostname

Received this error after my OpenVAS server finished a report

Error parsing OpenVAS results: Expected str or file, got '<type 'Element'>' instead

on Xubuntu 14.04 done according to OpenVAS setup on github

Love Golismero, however have to update my OpenVAS for a few reasons, meaning i have not now been using Golismero for anything.
[!] OpenVAS: Plugin disabled, reason: Remote host is running an unsupported version of OpenVAS. Only OpenVAS 6 is currently supported.
Noticed you had made some changes to openvas recently and wondered if this was in the works?
Would love to see some support for newer versions

When I try to run a scan:

/opt/golismero/plugins/testing/scan/openvas.py:161: UserWarning: OpenVAS plugin not initialized, please run setup.py
 warn("OpenVAS plugin not initialized, please run setup.py")

when I run ./golismero/plugins/testing/scan/openvas_pluging/setup.py

usage: setup.py [-h] [-o OUTPUT_BBDD] -p OPENVAS_PLUGINS [-v] [-d]
                [--rules RULES] [--display-processed] [--display-non-match]
setup.py: error: argument -p is required

what is the golismero architecture?

how the managers and message work together?

the readdoc only has the comment of code,I want to know more about the architecture,because sometimes the process will be stock,I want to know more about golismero.

Hello,

When I run golismero I have this error:

sudo python3 golismero.py -h
  File "/golismero/golismero.py", line 655
    print colorize "-= %s plugins =-" % stage.title(), "yellow"
    ^^^^^^^^^^^^^^

Can anyone help me?

A greeting and thanks

Hi. If a site redirects unknown URLs to certain web page, the tool considers the URL disclosure has happened, which is not true.

Hi dear,
you can use Maryam for the user interface. If you use Maryam, your program will a framework like Metasploit.
If you wanted, please ask how to work.
http://github.com/saeeddhqan/maryam

Hi, this is a wonderful project. I have seen that there is an IDE for writing plugins, but how do I access the IDE, what are the steps for integrating/running custom plugins ..would there be some limitations ?
Lastly, is there a Java wrapper out there ....thanks.

python golismero.py SCAN -f urls.txt
error: no targets selected for audit (did you misspell the database filename?)

python golismero.py -f urls.txt
golismero.py: error: too few arguments

Is this project still active?

Getting errors for keywords like areacode for Shodan, and time_zone for IP Geolocator.

Thanks.

Hi, got the above error and then Golismero just stop running BUT not exiting from the script.

Anybody can help to modify the python script to check if target server is running on OpenSSL before the attack start?

My System Info:-

1. Running VM on VMWare Workstation Pro 12 v12.5.7 build-5813279
2. Host OS: Windows 10 Enterprise
3. Guest OS: Linux version 4.11.0-parrot6-amd64 ([email protected]) (gcc version 6.3.0 20170516 (Debian 6.3.0-18) ) #1 SMP Parrot 4.11.6-1parrot6 (2017-06-28)

Error:
[!] OpenSSL Heartbleed Attack: Error: Execution timeout reached.
[*] GoLismero: Current stage: Reporting
[!] OpenSSL Heartbleed Attack: Error: 'NoneType' object has no attribute 'getitem'
/usr/share/golismero/golismero/messaging/notifier.py:418: UserWarning: Got an unexpected ACK for data ID 36698d5c0d5e994c5e1b23de6a38bab1-8a2146f2fe501ad3b3a760f71ee15de9 from plugin testing/attack/heartbleed
warn(msg % (identity, plugin_id))

In case there is a * record in DNS all the host reported as detected and even scanned one-by-one, if over x record resolve to the same IP, then it should generate a random record and request that, in case that's still the same address then terminate that loop.

During an scan I got:

[!] IP Geolocator: Error: init() got an unexpected keyword argument 'area_code'

Then it continued scan.

/----------------------------------------------
| GoLismero 2.0.0b3 - The Web Knife |
| Contact: [email protected] |
| |
| Daniel Garcia Garcia a.k.a cr0hn (@ggdaniel) |
| Mario Vilas (@Mario_Vilas) |
----------------------------------------------/

GoLismero started at 2014-08-24 07:16:59.333888 UTC
[] GoLismero: Audit name: golismero-INIANSfJ
[!] OpenVAS: Plugin disabled, reason: no element found: line 1, column 0
[] GoLismero: Added 3 new targets to the database.

By default using the "golismero info openvas" it says that uses the port port -> 9390

but mine openvas is on port -> 9392, so in my user.config i change it to this:

[openvas]
host = 127.0.0.1
user = admin
*password = mypassword
port=9392

But when i run it got the error below:

OpenVAS: Plugin disabled, reason: no element found: line 1, column 0

Python 2.x will no longer be supported by their upstream developers in 2020. Thus Debian developers are actively removing Python 2 support in Debian Testing with the goal of getting rid of Python 2 in Debian 11 (bullseye).

Since Kali is based on Debian Testing, we have to follow the move and since golismero is part of Kali we would like it to work with Python 3. All your dependencies are already available for Python 3 so there should be no real blockers.

Thank you in advance.

Tracking bug in Kali: https://gitlab.com/kalilinux/packages/golismero/issues/1

I have wrote a demo plugin for backup file checking.This plugin works well for checking backup files, but the text report in console has no "Location" value. I have already checked my code, but found nothing.I'm new to Python from PHP, Pls help!

here is the core code in the plugin's run()

        results = []
        # Check if backup file exists
        for f in self.test_files:
            for backup_ext in self.backup_extensions[:]:
                backup_url = 'http://' + info.hostname + '/' + f + backup_ext
                Logger.log_verbose("Testing %s..." % backup_url)
                response = HTTP.get_url(backup_url, method="HEAD")

                if response.status == "200":
                    Logger.log_verbose("Found backup :%s" % backup_url)
                    results.append(SuspiciousURL(URL(backup_url)))

        return results

Hello

I am running a freshly updated, very new version of Kali Debian Kali-Linux-2016.1-vbox-amd64 in a virtualbox using Oracle VM VirtualBox Manager 4.3.26.

I have used Golismero in the past and automated it with very good results using crontab midnight runs and then had custom scripts to collect up the reports.

It gets stuck on random positions, but mostly during Web Server Fingerprinting and SSLScan or sometimes Nmap. With 'get stuck' meaning that no more output is shown nor any other sign of life remains. The process is not terminated. It just does nothing for infinity (max tested 15 hours).

This happens after just a simple:
golismero scan --brief --forbid-subdomains -d theharvester -o testoutput.txt

...but also with variations, such as without --brief, with various parts of it (-d) disabled (I've tried disabling theharvester, punkspider, openvas, dns etc) and aiming at a specific website address (my own web service) that has its address set in the Kali Debian's hostfile.

Having added some custom code that runs Golismero process I can follow very closely system resources and exact timing of each output.I stress however, that this occurs just running Golismero from the command line.

#!/bin/bash

/root/pentest.sh | awk '{ print strftime("%Y-%m-%d %H:%M:%S"), $0; fflush(); }' &

echo $!
$mypenprocess=$!

#pause x hours
sleep 21600  #6 hours
#sleep 60

#check if abc is running
kill -KILL $mypenprocess 2> /dev/null

After twenty runs, trying to disable various parts .. I cannot pinpoint a specific point of failure. I also monitor performance and disc space of the host OS (Windows 7) and nothing interesting on that side.

/No, G isn't for Golismero.

$ ./golismero.py --profile=passive scan example.com

/----------------------------------------------
| GoLismero 2.0.0b2 - The Web Knife |
| Contact: [email protected] |
| |
| Daniel Garcia Garcia a.k.a cr0hn (@ggdaniel) |
| Mario Vilas (@Mario_Vilas) |
----------------------------------------------/

GoLismero started at 2013-12-09 15:07:09.362469
[] GoLismero: Audit name: golismero-fEk4Mmhg
[] GoLismero: Audit database: golismero-fEk4Mmhg.db
[!] GoLismero: Failed to add new audit, reason: 'Unknown plugin in whitelist: dns_analyzer'
[!] Fatal error! Failed to add new audit, reason: 'Unknown plugin in whitelist: dns_analyzer'
GoLismero finished at 2013-12-09 15:07:09.596224

when i install & setuping my golismero, i got two errors totally have no idea to solve it, pleas give some help @MarioVilas

my openvas: 9
golismero: GoLismero 2.0.0b6

C:\Users\aaa>golismero scan xxx.com -vvvv

/-------------------------------------------\
| GoLismero 2.0.0b6, The Web Knife          |
| Copyright (C) 2011-2014 GoLismero Project |
|                                           |
| Contact: [email protected]    |
\-------------------------------------------/

GoLismero started at 2018-01-24 07:12:10.839000 UTC
[*] GoLismero: Audit name: golismero-bFzVR3JW
[!] OpenVAS: Plugin disabled, reason: Missing status property in response
[!] OpenVAS: Traceback (most recent call last):
  File "D:\HackProgram\golismero-master\golismero\managers\pluginmanager.py", line 1535, in __check_plugin_params
    plugin.check_params()
  File "D:\HackProgram\golismero-master\plugins\testing\scan\openvas.py", line 147, in check_params
    VulnscanManager(m_host, m_user, m_password, m_port, m_timeout)
  File "D:\HackProgram\golismero-master\thirdparty_libs\openvas_lib\__init__.py", line 496, in __init__
    self.__manager = get_connector(host, user, password, port, m_time_out, ssl_verify)
  File "D:\HackProgram\golismero-master\thirdparty_libs\openvas_lib\common.py", line 73, in get_connector
    manager = ConnectionManager(host, username, password, port, timeout, ssl_verify)
  File "D:\HackProgram\golismero-master\thirdparty_libs\openvas_lib\common.py", line 149, in __init__
    self._connect()
  File "D:\HackProgram\golismero-master\thirdparty_libs\openvas_lib\common.py", line 200, in _connect
    self._authenticate(self.__username, self.__password)
  File "D:\HackProgram\golismero-master\thirdparty_libs\openvas_lib\common.py", line 229, in _authenticate
    self.make_xml_request(m_request)
  File "D:\HackProgram\golismero-master\thirdparty_libs\openvas_lib\common.py", line 379, in make_xml_request
    raise ValueError('Missing status property in response')
ValueError: Missing status property in response

[!] GoLismero: [Errno 11001] getaddrinfo failed
[!] GoLismero: Traceback (most recent call last):
  File "D:\HackProgram\golismero-master\golismero\managers\auditmanager.py", line 163, in new_audit
    audit.run()
  File "D:\HackProgram\golismero-master\golismero\managers\auditmanager.py", line 631, in run
    audit_scope = AuditScope(self.config)
  File "D:\HackProgram\golismero-master\golismero\main\scope.py", line 176, in __init__
    self.add_targets(audit_config)
  File "D:\HackProgram\golismero-master\golismero\main\scope.py", line 340, in add_targets
    for entry in getaddrinfo(domain, 80)
gaierror: [Errno 11001] getaddrinfo failed

[!] GoLismero: Error: Failed to add new audit, reason: [Errno 11001] getaddrinfo failed
Traceback (most recent call last):
  File "D:\HackProgram\golismero-master\golismero\managers\auditmanager.py", line 297, in dispatch_msg
    self.new_audit(message.message_info)
  File "D:\HackProgram\golismero-master\golismero\managers\auditmanager.py", line 177, in new_audit
    raise AuditException("Failed to add new audit, reason: %s" % e)
AuditException: Failed to add new audit, reason: [Errno 11001] getaddrinfo failed

GoLismero finished at 2018-01-24 07:12:12.066000 UTC

I want to create a new resource type: service, and there are http/ssh/rsync and etc in it.

#!/usr/bin/env python
# -*- coding:utf-8 -*-

from . import Resource
from .. import identity
from ...config import Config

from urlparse import urlunparse


class HTTP(Resource):

    data_subtype = "service"

    def __init__(self, scheme, host, port, server):
        """
        :param scheme: str, scheme
        :param host: str, hostname
        :param port: int, port
        :param server: str, server software
        """
        super(HTTP, self).__init__()
        self.depth = 0
        self.__scheme = scheme
        self.__host = host
        self.__port = port
        self.__server = server

    def __str__(self):
        return urlunparse(
            (
                self.scheme,
                self.host+str(self.port)
            )
        )

    def __repr__(self):
        return "<HTTP url=%r>" % self.__str()

    @property
    def display_name(self):
        return "HTTP Service"

    def is_in_scope(self, scope = None):
        if scope is None:
            scope = Config.audit_scope
        return self.host in scope

    @identity
    def scheme(self):
        """
        :return: str, scheme
        """
        return self.__scheme

    @identity
    def host(self):
        """
        :return: str, hostname
        """
        return self.__host

    @identity
    def port(self):
        """
        :return: int, port
        """
        return self.__port

    @identity
    def server(self):
        """
        :return: str, server software
        """
        return self.__server

Now my problem is I don't know how to add resource from a plugin. For example, I have a plugin test_a, which accepted_types is [IP], and I want to add resource HTTP from it to database. And use the resource in another plugin(which accepted_types is [HTTP])

Can you help me? Thx.

Have anyway to stop golismero main process without ctrl-c?

When I use kill -INT ${pid} just main process was stop, subprocess still running...

Someone that this error is generated?

[!] SpiderFoot: Plugin disabled, reason: Cannot connect to SpiderFoot, reason: invalid literal for int() with base 10: '0-BETA'

make the changes /usr/share/golismero/plugins/testing/recon/

Spiderfoot.golismero

[Arguments]
url = http://127.0.0.1:5001

Thanks!

I have my shodan API key in a user.conf file located in ~/.golismero/ but when I try scanning any target I get the error message Shodan: Error querying Shodan: HTTP Error 521: Origin Down.

Can it scan JavaScript rendered websites like next.js, angularjs and react?

I am trying to run the Golismero with Openvas plugin. Its gving the below error although all the parameters for the openvas is correctly modified. Please check into the below issue and help out with a solution.

The openvas conf is :
[openvas]
host = xxxxxxxxxxx
port = xxxxxx
user = admin
*password = admin

golismero scan xxxxxxxxxxx -e openvas

[!] OpenVAS: Plugin disabled, reason: Missing status property in response
[!] OpenVAS: Traceback (most recent call last):
File "/opt/golismero/golismero/managers/pluginmanager.py", line 1535, in check_plugin_params
plugin.check_params()
File "/opt/golismero/plugins/testing/scan/openvas.py", line 151, in check_params
VulnscanManager(m_host, m_user, m_password, m_port, m_timeout)
File "/opt/golismero/thirdparty_libs/openvas_lib/__init.py", line 490, in init
self.manager = get_connector(host, user, password, port, m_time_out)
File "/opt/golismero/thirdparty_libs/openvas_lib/common.py", line 69, in get_connector
manager = ConnectionManager(host, username, password, port, timeout)
File "/opt/golismero/thirdparty_libs/openvas_lib/common.py", line 144, in __init
self._connect()
File "/opt/golismero/thirdparty_libs/openvas_lib/common.py", line 183, in _connect
self._authenticate(self.__username, self.__password)
File "/opt/golismero/thirdparty_libs/openvas_lib/common.py", line 211, in _authenticate
self.make_xml_request(m_request)
File "/opt/golismero/thirdparty_libs/openvas_lib/common.py", line 360, in make_xml_request
raise ValueError('Missing status property in response')
ValueError: Missing status property in response

Hello
It would be great to make a tagged release in git for the next releases.
In kali we have tools that monitors web pages listing release, and it works well with github pages showing git tags. If you make a tagged release we will be automatically informed and we will update the package quickly.
Thanks

Hi guys,

Do you plan on adding OpenVAs 9 support ?

After scanning I can't generate a report, anyone got the same problem?
this mostly happened after scanning vulnerable website with > 10 vulnerabilities

There's something wrong with sqlmap scanner.Even cannot detect a simple sql injection.Is there any way to scan a POST request directly?

python golismero.py 'http://localhost:8080/mysql.php' -a "sqlmap:args=--data 'username=allen'"

I did followed the installation steps mentioned but this message appeared... what should i do next ??

meshinator-Mac-mini:~ meshinator$ sudo -s
bash-3.2# easy_install-2.7 -U distribute
Searching for distribute
Reading https://pypi.python.org/simple/distribute/
Best match: distribute 0.7.3
Processing distribute-0.7.3-py2.7.egg
distribute 0.7.3 is already the active version in easy-install.pth

Using /Library/Python/2.7/site-packages/distribute-0.7.3-py2.7.egg
Processing dependencies for distribute
Finished processing dependencies for distribute
bash-3.2# easy_install install pip
Searching for install
Reading https://pypi.python.org/simple/install/
No local packages or download links found for install
error: Could not find suitable distribution for Requirement.parse('install')
bash-3.2#

It seems website is down

Currently GoLismero supports only version 6, which is hard to get these days. Support for version 8 (or 9 beta) would be appreciated.

I'm guessing these should just be anchor links or javascript, but currently they attempt to go to directories / files with those names in the same directory as the html report was created. Attempted with firefox, opera, chrome, midori on ubuntu.

Hey guys I was thinking of playing around with some Metasploit support, does anyone have any ideas on what type of integration We want to start off with? are We thinking version Scanners or are We talking full Metasploit pwnage via Python from the output of the Nmap scan?

I figured I'd ask for some guidance on the best course of attack for this design for first draft code design to submit to you guys.

I started adding new functionality (I need SOCKS5 and Tor-support) and then I discovered that so many problems need to be fixed first:

* doesn't recognise newer, longer TLDs

for example ./golismero.py heroic.academy fails with:

[!] OpenVAS: Plugin disabled, reason: Missing hostname
[!] GoLismero: [Errno -2] Name or service not known
[!] GoLismero: Error: Failed to add new audit, reason: [Errno -2] Name or service not known
     GoLismero finished

works with --forbid-subdomains though

* goes bezerk as soon as you try to use proxy (for some reason includes the proxy in the list of scanned targets instead of using it to connect to the targets):

LOG:
./golismero.py -pa 127.0.0.1 -pn 8118 --forbid-subdomains google.com
[...]

**[!] OpenVAS: Plugin disabled, reason: Missing hostname**    <-- ???????????
[*] GoLismero: **Added 4 new targets to the database.** <-- ???????????
[*] GoLismero: Launching tests...
[*] GoLismero: Current stage: Reconaissance
[!] theHarvester: Error: Invalid URL u'127.0.0.1:8118': No schema supplied
[!] PunkSPIDER: Error: Invalid URL u'127.0.0.1:8118': No schema supplied
[!] DNS Resolver: Error: Invalid URL u'127.0.0.1:8118': No schema supplied
[!] IP Geolocator: Error: Invalid URL u'127.0.0.1:8118': No schema supplied
[!] IP Geolocator: Error: Invalid URL u'127.0.0.1:8118': No schema supplied
[!] Web Spider: Error: Invalid URL u'127.0.0.1:8118': No schema supplied
[!] Robots.txt Analyzer: Error: Invalid URL u'127.0.0.1:8118': No schema supplied
[!] Web Server Fingerprinter: Error: Invalid URL u'127.0.0.1:8118': No schema supplied
[*] GoLismero: Current stage: Scanning (non-intrusive)
[!] Plecost: Error: Invalid URL u'127.0.0.1:8118': No schema supplied
[!] Bruteforce predictables discovery: Error: Invalid URL u'127.0.0.1:8118': No schema supplied
[!] DNS Bruteforcer: Error: Invalid URL u'127.0.0.1:8118': No schema supplied
[!] DNS Zone Transfer: Error: Invalid URL u'127.0.0.1:8118': No schema supplied
[!] Nmap: Error: Invalid URL u'127.0.0.1:8118': No schema supplied
[!] Nmap: Error: Invalid URL u'127.0.0.1:8118': No schema supplied
[!] Bruteforce file extensions discovery: Error: Invalid URL u'127.0.0.1:8118': No schema supplied
[!] Bruteforce suffixes discovery: Error: Invalid URL u'127.0.0.1:8118': No schema supplied
[!] Bruteforce prefixes discovery: Error: Invalid URL u'127.0.0.1:8118': No schema supplied
[!] Bruteforce permutations discovery: Error: Invalid URL u'127.0.0.1:8118': No schema supplied
[!] Bruteforce directories discovery: Error: Invalid URL u'127.0.0.1:8118': No schema supplied
[!] Nikto: Error: Invalid URL u'127.0.0.1:8118': No schema supplied
[*] GoLismero: Current stage: Exploitation (intrusive)
[!] SQLMap: Error: Invalid URL u'127.0.0.1:8118': No schema supplied
[!] XSSer: Error: Invalid URL u'127.0.0.1:8118': No schema supplied
[!] OpenSSL Heartbleed Attack: Error: Invalid URL u'127.0.0.1:8118': No schema supplied
[*] GoLismero: Current stage: Reporting

--= Report =--

-# Summary #-

Audit started:   2017-08-10 14:40:15.725714 UTC
Audit ended:     2017-08-10 14:40:21.563186 UTC
Execution time:  0 days, 0 hours, 0 minutes and 5 seconds

**Scanned hosts:   3** <--- ????????
Vulnerabilities: 0

So the question is, will you be able to fix these before I even begin? I could actually fix or rewrite the proxy things myself, but for that I'd like to see these bugs above fixed, or else I'm gonna lose my mind :P

After running for golismero with with the -o option the audit began normally.
Things seemed to be going well as plugins executed.
After a specific time period the tool showed that a plugin had completed execution and then the program seemed to freeze for over 30mins. After which it began printing
.......
[] GoLismero: Current stage: Reconaissance
[] GoLismero: Current stage: Reconaissance
[] GoLismero: Current stage: Reconaissance
[] GoLismero: Current stage: Reconaissance
[] GoLismero: Current stage: Reconaissance
[] GoLismero: Current stage: Reconaissance
[] GoLismero: Current stage: Reconaissance
[] GoLismero: Current stage: Reconaissance
[*] GoLismero: Current stage: Reconaissance

in an infinite loop for over 6 hours.
after which I interrupted it. It exited with.

....................
[] GoLismero: Current stage: Reconaissance
[] GoLismero: Current stage: Reconaissance
^CUser cancel requested, stopping all audits...
[] GoLismero: Current stage: Reconaissance
[] GoLismero: Current stage: Reconaissance

Note: If we use Ctrl-C while the program is frozen it fails to does not exit nor does it continue in any manner.

Command usage 👍
python2.7 golismero.py scan reelmonk.com -o X.html

X.html does not exit after the program ended.

Hello,

On a fresh kali-rolling install, I'm unable to install golismero with the commands:

echo "deb http://old.kali.org/kali sana main non-free contrib" >> ./etc/apt/sources.list
apt-get install -y golismero

It looks like the dependency with python-docutils is the issues here. It's looking for the version 0.12+dfsg-1 where only the version 0.16+dfsg-4 is available. (see skavngr/rapidscan#25)

Thanks,

Hey Folks!
Trying to start container into my cluster like that:

apiVersion: batch/v1
kind: Job
metadata:
  name: job1
spec:
  template:
    spec:
      containers:
        - name: job
          image: treemo/golismero 
          args:
            - /bin/sh
            - -c
            - golismero scan -o report.hmtl https://mytarget.com**
      restartPolicy: Never

But i go errror:

[```
!] GoLismero: I don't know what to do with this: golismero scan -o report.html https://mytarget.com
[!] GoLismero: Error: Failed to add new audit, reason: I don't know what to do with this: golismero scan -o report.html https://mytarget.com
GoLismero finished at 2021-04-15 06:27:30.252147 UTC

Can you tell me what I do incorrect?

Hi,

if want to audit special URL(needn't spider) how to use it?
example：
i only need to audit the http://testfire.net/search.aspx?txtSearch=test, not all links of testfire site.
or only audit for some specifide URLS(needn't spider all URLS of site and audit it)

thanks

I really love using golismero for pentesting but I have no idea how to use a profile. I want to use the profile quick but don't know. Please help!

Kali 2018.2. Repository version of golismero.
Executed command:
golismero $target_url

Then golismero starts "doing something". Why? Help function should expose that scan is the default option (if that's a scan that it's doing), while it says:

COMMAND

like it were mandatory, but works like an optional:

[COMMAND]

Please correct --help output.