Summary: Define reusable templates for external command-line tools like nmap or gobuster.

Configuring Tools

A Tool is a reusable template for an external command. This is where you define how to use programs like nmap or ffuf.

Commands and Parameters

A tool can have multiple "commands". Each command is just a label for a specific set of parameters. The key to flexibility is to add each parameter individually.

Example for `nmap`:

Create the tool:

tool add nmap

Add a 'quick-scan' command:

tool update nmap command quick-scan

Add parameters individually:

tool update nmap quick-scan param "-sV"
tool update nmap quick-scan param "-T4"
tool update nmap quick-scan param "$target.ip"

This creates a command that will be assembled as nmap -sV -T4 192.168.1.1.

Parameter & Value Separation

For tools where a parameter and its value are separate (e.g., gobuster dir -u <url>), you should add them as separate parameters in pwnity. This makes the tool configuration even more modular.

Example for `gobuster`:

tool add gobuster
tool update gobuster command dir
tool update gobuster dir param "-u"
tool update gobuster dir param "$target.base_url"
tool update gobuster dir param "-w"
tool update gobuster dir param "$wordlist.path"

This approach is more flexible than param "-u $target.base_url".

Reordering Parameters

Because parameters are stored as a list, you can change their order. This is useful if a tool requires a specific argument sequence.

Example: Let's say we want $target.ip to be the first parameter for our nmap quick-scan.

tool reorder nmap quick-scan 3 1

This moves the 3rd parameter ($target.ip) to the 1st position. The new command would be nmap $target.ip -sV -T4.

Sudo Handling

If a tool requires root privileges, you can mark it once. pwnity will then automatically handle the sudo prompt when you run it.

tool update nmap sudo true