Pipeline
smugglex reads URLs from stdin, making it easy to integrate into security testing pipelines.
With subfinder + httpx
subfinder -d target.com | httpx | smugglex
From a file
cat urls.txt | smugglex -f json -o results.json
With custom recon
echo "https://target.com" | smugglex -c cl-te,te-cl --fingerprint
JSON Processing
Pipe JSON output to jq for filtering:
smugglex -f json https://target.com | jq '.checks[] | select(.vulnerable)'
Through a Proxy
Route all traffic through an intercepting proxy like Burp Suite:
cat urls.txt | smugglex -x http://127.0.0.1:8080
CI/CD Integration
Use JSON + exit codes for reliable automation. The tool exits with:
0— no vulnerabilities1— vulnerabilities found2— input/usage error
# Recommended for agents/CI
smugglex -q --json -o report.json https://staging.example.com
echo $? # inspect exit code
# Or pipe directly
cat urls.txt | smugglex --json | jq '.summary.vulnerable_targets'
Fast Scan for Large Target Lists
Limit payloads per check type and increase concurrency for faster scans:
cat urls.txt | smugglex -j 5 --max-payloads 20 -q