Hi, thanks for this tool first. Because if I do the test on my 127.0.0.1:5000 server everything works, while if I create a request with burp suite of an X site, it doesn't work well for me? For example the portscan gives me all the open ports .. Surely I'm wrong something, but I don't understand what ...
As parameter -p I enter what Burp suite tells me for example:
Host: testphp.vulnweb.com
...
...
...
Referer: http://testphp.vulnweb.com/login.php
...
uname=&pass=

Burp gives me uname=&pass=
as a parameter and I enter this note...
-p uname=&pass=
It's right?

-p only suports one injection point at the time, you should specify only it's name i.e: -p uname -m readfiles