How can I see what attack requests arachni is actually doing?

Zukky's Avatar


12 May, 2017 11:29 PM


Like the title suggests, how can one see the attack requests at the URL provided? OWASP Zap shows a log in its GUI of the type of SQL injections, XSS attacks it is carrying out in real-time. How do I achieve this on Arachni?

  1. Support Staff 1 Posted by Tasos Laskos on 13 May, 2017 10:59 AM

    Tasos Laskos's Avatar

    You can set --output-debug=2 but the output data will be immense, resulting in GBs.
    You won't be able to see the raw requests though, just the input data, among other things.

  2. Support Staff 2 Posted by Tasos Laskos on 13 May, 2017 01:40 PM

    Tasos Laskos's Avatar

    I forgot to mention, if you're looking for something will less noise, you can use --output-verbose.

  3. 3 Posted by Zukky on 15 May, 2017 03:12 PM

    Zukky's Avatar

    Thank you! This worked nicely.

  4. Tasos Laskos closed this discussion on 16 May, 2017 03:16 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts


? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac