metadata: synchronize tool metadata

Author: termuxhub-bot

metadata/readme/0154.md

@@ -3,10 +3,9 @@
   <img src="docs/static/images/logo.png" alt="dalfox" width="400px;">
 </div>
 <p align="center">
+  <a href="https://github.com/hahwul/dalfox/blob/main/CONTRIBUTING.md"><img src="https://img.shields.io/badge/CONTRIBUTIONS-WELCOME-30365e?style=for-the-badge&labelColor=%2330365e&color=%2330365e"></a>
   <a href="https://github.com/hahwul/dalfox/releases/latest"><img src="https://img.shields.io/github/v/release/hahwul/dalfox?style=for-the-badge&logoColor=%2330365e&label=dalfox&labelColor=%2330365e&color=%2330365e"></a>
-  <a href="https://dalfox.hahwul.com/page/overview/"><img src="https://img.shields.io/badge/documents---.svg?style=for-the-badge&labelColor=%2330365e&color=%2330365e"></a>
-  <a href="https://x.com/intent/follow?screen_name=hahwul"><img src="https://img.shields.io/twitter/follow/hahwul?style=for-the-badge&logo=x&labelColor=%2330365e&color=%2330365e"></a>
-  <a href="https://github.com/hahwul/dalfox/blob/main/CONTRIBUTING.md"><img src="https://img.shields.io/badge/contributions-welcome-brightgreen.svg?style=for-the-badge&labelColor=%2330365e&color=%2330365e"></a>
+  <a href="https://www.rust-lang.org"><img src="https://img.shields.io/badge/Rust-30365e?style=for-the-badge&logo=rust&logoColor=white&labelColor=%2330365e"></a>
 </p>
 
 > **Looking for the Go (v2.x) version?** Dalfox v3 is a complete rewrite in Rust. The Go codebase is preserved on the [`v2` branch](https://github.com/hahwul/dalfox/tree/v2) and continues to receive security backports. See [SECURITY.md](https://raw.githubusercontent.com/hahwul/dalfox/main/./SECURITY.md) for the support policy.
@@ -15,12 +14,13 @@ Dalfox is a powerful open-source tool that focuses on automation, making it idea
 
 ## Key features
 
-* Modes: `URL`, `SXSS`, `Pipe`, `File`, `Server`, `Payload`
+* Subcommands: `scan` (URL / file / pipe / raw-HTTP, auto-detected), `server`, `payload`, `mcp`
 * Discovery: Parameter analysis, static analysis, BAV testing, parameter mining
-* XSS Scanning: Reflected, Stored, DOM-based, with optimization and DOM/AST verification
+* XSS Scanning: Reflected, Stored (SXSS), DOM-based, with optimization and DOM/AST verification
+* WAF: Fingerprinting with confidence scoring, bypass tracking, and tunable `--waf-min-confidence`
 * HTTP Options: Custom headers, cookies, methods, proxy, and more
-* Output: JSON/JSONL/Plain/Markdown/SARIF formats, silence mode, detailed reports
-* Extensibility: REST API, custom payloads, remote wordlists
+* Output: JSON/JSONL/Plain/Markdown/SARIF/TOML formats, silence mode, detailed reports
+* Extensibility: REST API, MCP stdio server, custom payloads, remote wordlists
 
 And the various options required for the testing :D
 

metadata/readme/0157.md

@@ -86,6 +86,14 @@ OUTPUT:
    -j, -json           write output in JSON lines format
    -csv                write output in csv format
 
+SERVICES-DISCOVERY:
+   -sD, -service-discovery           identify services by port number
+   -sV, -service-version             detect service versions using nmap-service-probes
+   -sV-fast                          only probe port-hinted services (faster, skips fallback)
+   -sV-timeout duration              timeout for service version probes (default 5s)
+   -sV-workers int                   number of concurrent service version workers (default 25)
+   -sV-probes string                 custom nmap-service-probes file path (auto-detected if empty)
+
 CONFIGURATION:
    -config string                   path to the naabu configuration file (default $HOME/.config/naabu/config.yaml)
    -scan-all-ips, -sa               scan all the IP's associated with DNS record
@@ -366,6 +374,35 @@ PORT     STATE SERVICE       VERSION
 8443/tcp open  ssl/https-alt cloudflare
 ```
 
+# Service Version Detection
+
+Naabu has built-in service version detection using nmap's service probes database. This runs in parallel with port scanning for maximum performance.
+
+```sh
+naabu -host scanme.sh -sV
+```
+
+```console
+scanme.sh:22 [ssh OpenSSH/6.6.1p1]
+scanme.sh:80 [http Apache httpd/2.4.7]
+scanme.sh:9929 [nping-echo Nping echo]
+
+[INF] Found 3 ports on host scanme.sh (45.33.32.156) with 3 services identified
+```
+
+Available flags:
+
+| Flag | Description |
+|------|-------------|
+| `-sV` | Enable service version detection |
+| `-sV-fast` | Only probe port-hinted services (faster, skips fallback probes) |
+| `-sV-timeout duration` | Timeout for service version probes (default 5s) |
+| `-sV-workers int` | Number of concurrent service version workers (default 25) |
+| `-sV-probes string` | Custom nmap-service-probes file path (auto-detected if empty) |
+| `-sD` | Service discovery (match port number to service name, no active probing) |
+
+The `-sV` flag requires the `nmap-service-probes` database file. Naabu automatically looks for it in standard nmap installation paths. To use a custom file, specify the path with `-sV-probes`.
+
 # CDN/WAF Exclusion
 
 Naabu also supports excluding CDN/WAF IPs being port scanned. If used, only `80` and `443` ports get scanned for those IPs. This feature can be enabled by using `exclude-cdn` flag.