SmartScanner Configuration File Guide
SmartScanner supports loading external JSON configuration files when running scans from the command line.
Use -c or --config to supply a file:
sms.exe -u https://example.com -c scan-config.json
A configuration file allows full control over tests, HTTP behavior, proxy usage, crawling depth, form-filling rules, authentication, attack vectors, technologies, and custom exclusions.
This page explains the structure of the JSON configuration file and the meaning of each section.
A sample file is available:
👉 Download sample configuration file
1. Tests
The tests array lists all vulnerability tests SmartScanner should run.
Example:
"tests": [
"SQL Injection/?error&time",
"OS Command Execution"
]
Test forms
SmartScanner supports two forms:
| Type | Example | Description |
|---|---|---|
| Simple test | "OS Command Execution" | Runs a single test |
| Test with options | "SQL Injection/?error&time" | Enables sub-checks or modes |
2. HTTP Settings
Controls how SmartScanner performs HTTP requests.
"http": {
"timeout": 60000,
"maxParallelRequests": 4,
"maxRequestsPerSecond": false,
"headers": [],
"cookies": [],
"userAgent": "Mozilla/5.0 ..."
}
| Field | Type | Description |
|---|---|---|
timeout | number | Milliseconds before request times out |
maxParallelRequests | number | Max concurrent requests |
maxRequestsPerSecond | number/false | Rate limit (false = unlimited) |
headers | array of objects | Extra HTTP headers |
cookies | array of objects | Cookies sent with every request |
userAgent | string | User-Agent string |
Header object format
| Field | Type | Description |
|---|---|---|
name | string | Header name |
value | string | Header value |
{"name": "Accept-Language", "value": "en-US"}
Cookie object format
| Field | Type |
|---|---|
name | string |
value | string |
3. Crawler
Defines how SmartScanner discovers URLs.
"crawler": {
"scope": {...},
"evaluteJsWithChromium": true,
"depth": false,
"count": 70000,
"fileExclusion": "*.zip,*.png,...",
"urlExclusion": ["*logout*", "*.git/+", ...]
}
| Field | Type | Description |
|---|---|---|
depth | number/false | Max levels to crawl |
count | number | Max URLs to crawl |
fileExclusion | string | Comma-separated patterns |
urlExclusion | array of strings | URL exclusion patterns |
evaluteJsWithChromium | boolean | Render JS pages |
scope | object | Crawl boundaries |
Scope object format
"scope": {
"crawlStartDepth": 0,
"type": "auto",
"scanSubDomains": false,
"scanAbovePath": false
}
| Field | Type | Description |
|---|---|---|
type | string | auto or manual |
crawlStartDepth | number | Starting depth |
scanSubDomains | boolean | Include subdomains |
scanAbovePath | boolean | Allow navigating above base path |
4. Proxy
Proxies are optional. If omitted, no proxy is used.
"proxy": {
"type": "system",
"host": "",
"port": 0,
"user": "",
"pass": ""
}
| Field | Type | Description |
|---|---|---|
type | string | system, http, or socks |
host | string | Proxy host/IP |
port | number | Port number |
user | string | Username (optional) |
pass | string | Password (optional) |
5. Authentication
Defines authentication modes.
"authentication": {
"manualLogin": false,
"http": []
}
| Field | Type | Description |
|---|---|---|
manualLogin | boolean | UI-only manual login mode |
http | array of objects | HTTP Basic Auth credentials |
HTTP authentication object
| Field | Type |
|---|---|
user | string |
pass | string |
6. Form Input Rules
SmartScanner can auto-fill forms using predefined input rules.
"form": { "inputs": [ ... ] }
Input rule format
Each element is a single string using SmartScanner’s rule syntax:
<urlPattern>;;<formPattern>;;<fieldPattern>;;<fieldType>;;<value>
| Component | Meaning |
|---|---|
urlPattern | Which URLs it applies to |
formPattern | Form selector |
fieldPattern | Field name pattern |
fieldType | Field type (text/password/email/etc.) |
value | Value SmartScanner will input |
Example:
"inputs": [
"*;;*;;email;;*;;[email protected]",
"*;;*;;password;;*;;Password123"
]
7. Vectors
Defines where SmartScanner injects payloads.
"vector": {
"vectors": ["GET", "POST", "Cookie", "Header", "Path"],
"parameterExclusion": ["*;;PHPSESSID;;Any;;*"]
}
Type: Object
| Field | Type | Description |
|---|---|---|
vectors | array of strings | Attack surfaces (GET, POST, Path, Header, Cookie) |
parameterExclusion | array of strings | Parameters SmartScanner should not modify |
parameterExclusion rule format
<urlPattern>;;<paramName>;;<method>;;<rule>
Example:
"parameterExclusion": ["*;;PHPSESSID;;Any;;*"]
8. Technologies
Used to optimize scanning for specific server/framework/CMS technologies.
"technologies": [ ... ]
Technology object format
| Field | Type | Description |
|---|---|---|
name | string | Technology name (e.g., WordPress) |
path | string | Where it is used (“” = global) |
Example:
"technologies": [
{"name": "WordPress", "path": "/blog/"}
]
9. Target
Reserved for future features.
"target": {}
Minimal Example
{
"tests": ["HTML Parser/?crawler", "XSS"],
"http": {"timeout": 30000},
"crawler": {"depth": 3},
"proxy": {"type": "system"},
"authentication": {"http": []},
"form": {"inputs": []},
"vector": {"vectors": ["GET", "POST"]},
"technologies": [],
"target": {}
}
⚠️ Note: Other command line options might overide configurations loaded from file.