OnionScan –help – Usage, Flags and Command Examples

Command Examples:

Having trouble? You can also run the web-version of onionscan at onionscan.io
Run without OnionScan Correlations Lab

./onionscan --timeout 60 --fingerprint  --depth 2 --verbose --webport 0 examplesite.onion

Basic Scan with Correlations Lab Running on http://localhost:8080/

./onionscan examplesite.onion

Help Printout:

$ ./onionscan
Usage of ./onionscan:
    onionscan [flags] hiddenservice | onionscan [flags] --list list | onionscan --mode analysis
  -batch int
        number of onions to scan concurrently (default 10)
  -cookie string
        if provided, onionscan will use this cookie
  -crawlconfigdir string
        A directory where crawl configurations are stored
  -dbdir string
        The directory where the crawl database will be 
        stored (default "./onionscandb")
  -depth int
        depth of directory scan recursion (default: 100) (default 100)
  -fingerprint
        true disables some deeper scans e.g. directory probing with the 
        aim of just getting a fingerprint of the service. (default true)
  -jsonReport
        print out a json report providing a detailed report of the scan.
  -jsonSimpleReport
        print out a simple report as json, false by default
  -list string
        If provided OnionScan will attempt to read from the given list, 
        rather than the provided hidden service
  -mode string
        one of scan or analysis. In analysis mode, webport must be set. 
        (default "scan")
  -reportFile string
        the file destination path for report file - if given, the prefix 
        of the file will be the scanned onion service. If not given, the report will be written to stdout
  -scans string
        a comma-separated list of scans to run e.g. web,tls,... 
        (default: run all)
  -simpleReport
        print out a simple report detailing what is wrong and how to fix it, 
        true by default (default true)
  -timeout int
        read timeout for connecting to onion services (default 120)
  -torProxyAddress string
        the address of the tor proxy to use (default "127.0.0.1:9050")
  -verbose
        print out a verbose log output of the scan
  -webport int
        if given, onionscan will expose a webserver on localhost:[port] 
        to enabled searching of the database (default 8080)