Output
Plain Text
Default output format. Shows vulnerability status per check.
smugglex https://target.com
[VULNERABLE] CL.TE - https://target.com (payload #3)
Normal: 200 (45ms) | Attack: 200 (5023ms)
[OK] TE.CL - https://target.com
[OK] TE.TE - https://target.com
JSON (Machine Readable)
Use -f json or --json for clean, structured output suitable for AI agents, scripts, jq, and CI systems.
smugglex --json https://target.com
# or the equivalent:
smugglex -f json https://target.com
Key properties for automation:
- Stdout is pure JSON — no progress bars, no log lines.
- Exit code indicates findings:
0= clean,1= vulnerable found,2= input/usage error. - JSON mode always emits a batch envelope with
results[]+summary, even for a single target.
{
"smugglex_version": "0.2.0",
"timestamp": "...",
"results": [
{ "target": "...", "checks": [...] },
{ "target": "...", "checks": [], "error": "URL parse error: ..." },
...
],
"summary": {
"total_targets": 12,
"vulnerable_targets": 3,
"total_checks": 84,
"vulnerable_checks": 5
}
}
Write to file while keeping stdout clean:
smugglex --json -o report.json https://target.com
Export Payloads
Save vulnerable payloads as raw HTTP requests for manual verification.
smugglex --export-payloads ./payloads https://target.com
Creates files like payloads/cl-te-payload-3.txt containing the raw HTTP request.