Summary: Use a global, persistent key-value store for data available across all sessions, like API keys or a User-Agent.

The Global Profile

The Profile is a global, persistent key-value store for data that you want to be available across all your sessions and targets. It's perfect for information that doesn't belong to a specific target.

Use Cases

• Storing a custom User-Agent string.
• Keeping a global session cookie for a web application.
• Storing API keys for services like Shodan or Hunter.io.
• Defining your name or handle for report templates.

Managing the Profile

Commands:

• profile update <key> <value...>: Adds or updates a setting.
• profile show: Displays all settings in the profile.
• profile delete <key>: Removes a setting.

Example:

profile update user_agent "MyCustomPentestBrowser/1.0"
profile update cookie "session=a1b2c3d4e5f6; tracking=false"

Using Profile Placeholders

You can access profile data in your tool commands using the $profile placeholder.

Example with curl:

tool add curl
tool update curl command get
tool update curl get param "-H 'User-Agent: $profile.user_agent'"
tool update curl get param "-H 'Cookie: $profile.cookie'"
tool update curl get param "$target.url"