Updated setup docs

.gitignore

@@ -1,4 +1,5 @@
 .DS_Store
 mantis/
 logs/
-book/
+book/
+setup/

src/SUMMARY.md

@@ -3,14 +3,14 @@
 - [👋 Introduction](./introduction/introduction.md)
 - [🎉 Features](./features/features.md)
     - [Recon Automation](./features/recon_automation.md)
-    - [Super Easy Scan Customisation](./features/workflow_customisation.md)
+    - [Distributed Scanning](./features/distributed_scanning.md)
     - [Dashboard Support](./features/dashboard_support.md)
-    - [Integrate new scanner in minutes](./features/new_scanner.md)
-    - [Make your scans 2x faster](./features/2x_faster.md)
+    - [Super Easy Scan Customisation](./features/workflow_customisation.md)
+    - [Advanced Alerting](./features/advanced_alerting.md)
     - [Understanding Scan Efficiency](./features/scan_efficiency.md)
     - [Integrate DNS Services](./features/dns_services.md)
-    - [Advanced Alerting](./features/advanced_alerting.md)
     - [Secrets Scanning](./features/secrets_scanning.md)
+    - [Integrate new scanner in minutes](./features/new_scanner.md)
 - [⚙️ Installation and Setup](./installation/installation.md)
     - [Docker](./installation/installation-docker.md)
     - [Mac](./installation/installation-mac.md)

src/configuration/command-line.md

@@ -5,20 +5,93 @@ Mantis ships with a simple list of command line options.
 
 <img src="command-line.png" class="img-rounded" alt="Assets">
 
+## Quick Help
+
+```shell
+
+  usage: 
+        ONBOARD: (First time scan, Run this !!)
+
+        mantis onboard -o example_org -t www.example.org
+        mantis onboard -o example_org -f file.txt
+
+        SCAN:
+
+        mantis scan -o example_org
+        mantis scan -o example_org -a example_app
+
+
+options:
+  -h, --help      list command line options
+
+subparser:
+  {onboard,scan}
+    onboard       Onboard a target
+    scan          Scan an org
+```
+
+## Onboard Help
+
 ```shell
+usage: 
+        ONBOARD: (First time scan, Run this !!)
+
+        mantis onboard -o example_org -t example.tld
+        mantis onboard -o example_org -f file.txt
+
+
+
+options:
+  -h, --help            show this help message and exit
+  -t HOST, --host HOST  top level domain to scan
+  -f FILE_NAME, --file_input FILE_NAME
+                        path to file containing any combination of TLD, subdomain, IP-range, IP-CIDR
+  -w WORKFLOW, --workflow WORKFLOW
+                        workflow to be executed as specified in config file
+  -o ORG, --org ORG     name of the organisation
+  -a APP, --app APP     scan only subdomains that belong to an app
+  -p, --passive         run passive port scan
+  -s, --stale           mark domains as stale (domains purchased but not in use)
+  -i, --ignore_stale    ignore stale domains during scan
+  -tc THREAD_COUNT, --thread_count THREAD_COUNT
+                        thread count, default 10
+  -r, --use_ray         use ray framework for distributed scans
+  -n NUM_ACTORS, --num_actors NUM_ACTORS
+                        number of ray actors, default 10
+  -d, --delete_logs     delete logs of previous scans
+  -v, --verbose         print debug logs
+  -aws AWS_PROFILES, --aws_profiles AWS_PROFILES
+                        List of comma separated aws profiles for Route53
+
+```
+
+## Scan Help
+
+```shell
+usage: 
+        SCAN:
+
+        mantis scan -o example_org
+        mantis scan -o example_org -a example_app
+
 
-  --mode {onboard,scan}                   Select mode of operation
-  -h, --help                              list command line options
-  -t HOST, --host HOST                    top level domain to scan
-  -f FILE_NAME, --file_input FILE_NAME    path to file containing any combination of TLD, subdomain, IP-range, IP-CIDR
-  -w WORKFLOW, --workflow WORKFLOW        workflow to be executed as specified in config file
-  -o ORG, --org ORG                       name of the organisation
-  -a APP, --app APP                       scan only subdomains that belong to an app
-  -p, --passive                           run passive port scan
-  -s, --stale                             mark domains as stale (domains purchased but not in use)
-  -i, --ignore_stale                      ignore stale domains during scan
-  -r, --use_ray                           use ray framework for distributed scans
-  -n NUM_ACTORS, --num_actors NUM_ACTORS  number of ray actors, default 10
-  -d, --delete_logs                       delete logs of previous scans
+options:
+  -h, --help            show this help message and exit
+  -w WORKFLOW, --workflow WORKFLOW
+                        workflow to be executed as specified in config file
+  -o ORG, --org ORG     name of the organisation
+  -a APP, --app APP     scan only subdomains that belong to an app
+  -p, --passive         run passive port scan
+  -s, --stale           mark domains as stale (domains purchased but not in use)
+  -i, --ignore_stale    ignore stale domains during scan
+  -tc THREAD_COUNT, --thread_count THREAD_COUNT
+                        thread count, default 10
+  -r, --use_ray         use ray framework for distributed scans
+  -n NUM_ACTORS, --num_actors NUM_ACTORS
+                        number of ray actors, default 10
+  -d, --delete_logs     delete logs of previous scans
+  -v, --verbose         print debug logs
+  -aws AWS_PROFILES, --aws_profiles AWS_PROFILES
+                        List of comma separated aws profiles for Route53
 
 ```

src/features/2x_faster.md → src/features/distributed_scanning.md

@@ -1,4 +1,4 @@
-# Make your scans 2x faster
+# Distributed Scanning
 ---
 
 <product-team>product security teams</product-team>

src/features/secrets_scanning.md

@@ -14,8 +14,8 @@
 
 The basic responsibility of secrets scanning is to **identify secrets on the public internet**. Currently, it searches for:
 
-- Secrets in **WaybackURLs** 
-- Secrets in **JS Files**
+- Secrets in **Wayback URLs** 
+- Secrets in **Wayback JS Files**
 - Secrets in **Github** for an Organistaion [Coming Soon]
 - Secrets in **Swagger** [Coming Soon]
 - Secrets in **Postman Collections** [Coming Soon]

src/introduction/introduction.md

@@ -3,7 +3,7 @@
 
 ## 🥱 I'm lazy and i just want to get started
 
-> You can jump in directly to the [**Quick Start Guide**](/./installation/installation-single.md)
+> You can jump in directly to the [**Quick Start Guide**](/./installation/installation-docker.md)
 
 ## 🤔 What is Mantis ?
 

src/scan/scan.md

@@ -13,26 +13,26 @@ You want to onboard an org with its TLDs/IPs/IP-CIDRs/IP Range for the first tim
 
 #### TLD
 ```shell
-$ mantis -m onboard -o org_name -t example.in   
+$ python3 launch.py onboard -o org_name -t example.in   
 ```
 #### IP
 ```shell
-$ mantis -m onboard -o org_name -t 10.123.123.12
+$ python3 launch.py onboard -o org_name -t 10.123.123.12
 ```
 
 #### IP-Range
 ```shell
-$ mantis -m onboard -o org_name -t 203.0.113.0-203.0.113.255
+$ python3 launch.py onboard -o org_name -t 203.0.113.0-10
 ```
 
 #### IP-CIDR
 ```shell
-$ mantis -m onboard -o org_name -t 203.0.113.0/24
+$ python3 launch.py onboard -o org_name -t 203.0.113.0/24
 ```
 
 ### Onboard Known Assets and Scan
 ```shell
-$ mantis -m onboard -o org_name -f input.txt
+$ python3 launch.py onboard -o org_name -f input.txt
 ```
 
 ### Scan on all assets belonging to an organisation
@@ -41,13 +41,13 @@ $ mantis -m onboard -o org_name -f input.txt
 Now that you have onboarded, you just need to run scheduled scans for an org, you can just use the scan mode
 
 ```shell
-$ mantis -m scan -o org_name
+$ python3 launch.py scan -o org_name
 ```
 
 ### Scan on all assets belonging to an organisation and app
 ---
 
 ```shell
-$ mantis -m scan -o org_name -a app_name
+$ python3 launch.py scan -o org_name -a app_name
 ```
 

src/tools/tools.md

@@ -22,6 +22,7 @@ table {
 | Scan |  [Nuclei](https://github.com/projectdiscovery/nuclei)   | Vulnerability Scan  |
 | Scan  |  [DNS Twister](https://dnstwister.report/)   | Determine Phishing domains  |
 | Scan  |  [Csper](https://csper.io/)   | Identify CSP misconfigurations  |
+| Scan  |  [Corsy](https://github.com/s0md3v/Corsy)   | Identify CORS misconfigurations  |
 | Secrets  |  [GAU](https://github.com/lc/gau)   | Determine wayback URLs |
 | Secrets  |  [Gitleaks](https://github.com/gitleaks/gitleaks)   | Identify Secrets  |