Intercept your target web request.
Select your injection point (e.g. URL, POST data or HTTP header).
Upload your injection list (e.g. SQLi, XSS, LFI/RFI, RCE, Shell-shock).
Define any pre-injection strings such as listening IP and listening port.
Replay the requests and observe the results in the browser.
Maybe you have a feature request, a bug to report or just have a question. Please ensure you have updated to the latest version before submitting a bug. Thanks!