docs: add beginner-friendly command examples to Usage.md

[StarDustNova-57]

Proposed change

This PR adds structured and beginner-friendly command examples to docs/Usage.md.

The goal is to help new users understand how to use Nettacker with clear, practical examples.

Added examples include:

• Basic scan of a single target
• Scanning multiple targets from a file
• Saving scan results to JSON format
• Using brute-force modules (ssh_brute)
• Scanning specific port ranges

This improves usability and reduces confusion for first-time users.

Fixes #740

Type of change

• Documentation/localization improvement

Checklist

• I've followed the contributing guidelines
• I've digitally signed all my commits in this PR
• I've run make pre-commit and confirm it didn't generate any warnings/changes
• I've run make test and I confirm all tests passed locally
• I've added/updated relevant documentation in the docs/ folder
• I've linked this PR with an open issue
• I've tested and verified that my changes work as intended
• I've attached screenshots demonstrating that my changes work (not applicable)
• I've checked all other open PRs to avoid submitting duplicate work
• I confirm that the code and comments are not direct unreviewed AI output
• I confirm that I am the sole responsible author for this contribution

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: f6d99b14-f3f8-4cf3-af65-bc503f6c66e5

📥 Commits

Reviewing files that changed from the base of the PR and between 20f6521 and ace7666.

📒 Files selected for processing (1)

• docs/Usage.md

✅ Files skipped from review due to trivial changes (1)

• docs/Usage.md

---

Summary by CodeRabbit

• Documentation
  • Expanded the usage guide with a new "Additional Examples for Beginners" section containing five practical command examples: basic port scan, multi-target scanning from a file, saving results as JSON, an SSH brute-force example, and a specific port-range scan.
  • Simplified an existing "Scan Specific Port Range" example for improved clarity.

Walkthrough

Updated docs/Usage.md to simplify one example and add an "Additional Examples for Beginners" section with five new command examples demonstrating common usage patterns (basic scan, file-based targets, JSON output, brute-force, and port-range scanning).

Changes

Cohort / File(s)	Summary
Documentation Examples docs/Usage.md	Replaced a complex "Scan Specific Port Range" example with a simplified -m port_scan -g 20-100 example. Added an "Additional Examples for Beginners" section containing five examples: basic port_scan, scanning targets from targets.txt with -m all, saving JSON output to result.json, ssh_brute using -U users.txt -P passwords.txt, and a dedicated port-range port_scan -g 20-100 example.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Suggested reviewers

• arkid15r

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 inconclusive)

Check name	Status	Explanation	Resolution
Linked Issues check	❓ Inconclusive	The PR partially addresses issue #740's objectives by adding command examples to help new users, but does not comprehensively cover all requested elements like localization flags (-L), verbosity (-v), API startup flags, or multiple credential/port combinations.	Verify that the added examples adequately cover the key elements from issue #740 (flags, output formats, target specifications, modules, credentials, and port ranges) to ensure new users have sufficient guidance.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main change: adding beginner-friendly command examples to the Usage.md documentation.
Description check	✅ Passed	The description is clearly related to the changeset, explaining the purpose of adding beginner-friendly command examples and listing the types of examples included.
Out of Scope Changes check	✅ Passed	The changes are limited to documentation updates in docs/Usage.md, directly addressing the linked issue #740's objective of providing command examples for new users.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@docs/Usage.md`:
- Around line 374-390: Add a language identifier (e.g., bash) to each fenced
command block that shows example invocations of nettacker (the blocks containing
"python nettacker.py -i example.com -m port_scan", "python nettacker.py -l
targets.txt -m all", "python nettacker.py -i example.com -o result.json",
"python nettacker.py -i example.com -m ssh_brute -U users.txt -P passwords.txt",
and "python nettacker.py -i example.com -m port_scan -g 20-100") so the markdown
fences become ```bash ... ``` to satisfy markdownlint MD040 and ensure
consistent rendering.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 570e3a9a-7b86-46f9-9334-735c20114847

📥 Commits

Reviewing files that changed from the base of the PR and between d177207 and 20f6521.

📒 Files selected for processing (1)

• docs/Usage.md

[securestep9]

@coderabbitai remember to check for and flag any duplicate or conflicting PRs

[coderabbitai]

Tip

For best results, initiate chat on the files or code changes.

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Find all open PRs in OWASP/Nettacker
gh pr list --repo OWASP/Nettacker --state open --limit 50 --json number,title,author,headRefName,createdAt

# Check for PRs mentioning Usage.md or issue `#740`
gh pr list --repo OWASP/Nettacker --state open --limit 50 --json number,title,body,author,headRefName,createdAt | jq '.[] | select(.title | test("usage|Usage|740|beginner|command example|docs"; "i"))'

# Also search for PRs that reference issue `#740`
gh pr list --repo OWASP/Nettacker --state open --search "Usage.md in:files" --limit 50 --json number,title,author,headRefName,createdAt

# Check commit signatures for PR `#1503`
gh pr view 1503 --repo OWASP/Nettacker --json commits | jq '.commits[] | {oid: .oid, author: .authors, verification: .messageHeadlineHTML}'

# Get commits details for PR `#1503`
gh api repos/OWASP/Nettacker/pulls/1503/commits | jq '.[] | {sha: .sha, author: .commit.author, message: .commit.message, verification: .commit.verification}'

Length of output: 26522

---

@securestep9 — Here is the full duplicate/conflict analysis for PR #1503:

---

✅ Commit Signatures

Both commits in PR #1503 are PGP-signed and verified (verified: true, reason: "valid"). The author name is properly set to "Swetha Varma". This PR passes the commit signature pre-merge check.

---

⚠️ Duplicate & Conflicting PRs — docs/Usage.md

There are three other open PRs that directly modify docs/Usage.md, creating real merge conflict risk:

PR	Author	Title	Filed	Conflict Type
#1499	StarDustNova-57 (same author!)	docs: replace removed whatcms_scan with web_technologies_scan	2026-04-03	⚠️ Same author, same file — the author has two open PRs modifying docs/Usage.md simultaneously
#1433	swethas274	docs: remove stale whatcms_scan references from docs and locale files	2026-03-21	Direct file conflict on docs/Usage.md
#1413	dhruv7539	docs: replace removed whatcms_scan examples	2026-03-16	Direct file conflict on docs/Usage.md (oldest open PR on this file)

Additional thematic overlaps (different files):

• PR #1446 (pandeysudarshan16-ctrl) — "Enhance CLI help output with usage examples" — adds usage examples for new users but targets the CLI help code rather than docs/Usage.md.
• PR #1421 (RSN601KRI) — "Enhance installation docs with onboarding, quick start, and best practices" — beginner-friendly doc improvements, different file.

---

⚠️ Additional Flags

1. Same-author double submission: @StarDustNova-57 has both PR #1499 (replace whatcms_scan in docs/Usage.md) and PR #1503 (add examples to docs/Usage.md) open simultaneously. The author checked the "no duplicate work" checklist item, yet their own PR #1499 directly touches the same file. These two PRs will conflict with each other.

2. Three-way race on docs/Usage.md: PRs #1413, #1433, and #1499 are all open and all modify the same file. Only one should be merged first; the remaining will require rebase or will conflict. PR #1413 is the oldest (2026-03-16) and narrowest in scope.

3. Contribution farming indicator: PR #1503 is a +20/-1 line documentation-only addition with no functional impact, no linked test coverage, and the same author already has another open PR (#1499) on the same file. Maintainers should evaluate whether this represents split contributions that should have been a single PR.

---

Recommendation to maintainers: Resolve the three-way conflict on docs/Usage.md (#1413, #1433, #1499) first, then evaluate whether PR #1503 can be cleanly applied on top. @StarDustNova-57 should also be asked to consolidate or close one of their two concurrent PRs (#1499 or #1503) modifying the same file.

---

🧠 Learnings used

Learnt from: securestep9
Repo: OWASP/Nettacker PR: 0
File: :0-0
Timestamp: 2026-04-04T10:12:27.395Z
Learning: When reviewing PRs in OWASP/Nettacker, always search open PRs for duplicates or conflicts by checking other open PRs that modify the same files or address the same topic. Report all duplicate PRs to maintainers, identify which PR is broader/older, and recommend closing the narrower/newer duplicate. Flag duplicate PRs alongside other pre-merge check failures (unsigned commits, PR template non-compliance, contribution farming).

---

Learnt from: securestep9
Repo: OWASP/Nettacker PR: 0
File: :0-0
Timestamp: 2026-01-10T14:58:54.638Z
Learning: When reviewing a pull request, always analyze other open PRs in the repository to identify potential conflicts, such as duplicate changes to the same files, overlapping features, or merge conflicts. Use GitHub CLI to search for related PRs by file changes, keywords, or linked issues.

---

Learnt from: securestep9
Repo: OWASP/Nettacker PR: 0
File: :0-0
Timestamp: 2026-01-15T17:07:23.769Z
Learning: When securestep9 requests to check commit signatures in open PRs, always verify all commits are signed using GitHub CLI and report unsigned commits immediately with explicit notification that the PR fails pre-merge checks.

---

Learnt from: securestep9
Repo: OWASP/Nettacker PR: 0
File: :0-0
Timestamp: 2026-01-13T22:48:26.796Z
Learning: When reviewing any pull request in the OWASP/Nettacker repository, always remind the PR author to use signed commits and explicitly state that the PR fails pre-merge checks if any commits are unsigned. Tag the author by username and provide instructions on how to sign commits.

---

Learnt from: securestep9
Repo: OWASP/Nettacker PR: 0
File: :0-0
Timestamp: 2026-04-01T22:22:07.355Z
Learning: Always check that PR submissions in OWASP/Nettacker follow the PR template at .github/PULL_REQUEST_TEMPLATE.md. The template requires three sections: "Proposed change" (with description and linked issue), "Type of change" (exactly one checkbox), and "Checklist" (11 items including: following contributing guidelines, digitally signing commits, running `make pre-commit` and `make test`, updating docs, linking an open issue, attaching screenshots, confirming no unreviewed AI output, and confirming sole authorship). Flag PRs that omit the template as non-compliant.

---

Learnt from: securestep9
Repo: OWASP/Nettacker PR: 0
File: :0-0
Timestamp: 2026-04-03T12:22:41.057Z
Learning: In OWASP/Nettacker, always verify that PR authors have a properly configured Git identity (author name should not be "unknown" in commit metadata). Flag PRs where commit author name is "unknown" as this indicates a misconfigured Git environment and should be flagged alongside unsigned commits as a pre-merge check failure.

---

Learnt from: securestep9
Repo: OWASP/Nettacker PR: 0
File: :0-0
Timestamp: 2026-04-01T22:22:07.355Z
Learning: Flag low-value or "contribution farming" PRs in OWASP/Nettacker. Indicators include: trivial/cosmetic changes (e.g., minor README edits), no linked issue, no functional impact, no tests, content that duplicates existing documentation, and first-time contributors making only superficial changes. Such PRs should be flagged to maintainers and the author asked to provide a linked issue and full PR template compliance before the PR is considered for merge.

---

Learnt from: Gauravsharma2040
Repo: OWASP/Nettacker PR: 0
File: :0-0
Timestamp: 2026-03-20T16:54:40.862Z
Learning: In OWASP/Nettacker, PR `#1429` (by VivekGhantiwala, branch fix/exec-code-injection-responsetime) is a third duplicate fixing the exec() vulnerability in response_conditions_matched() in nettacker/core/lib/http.py — alongside PR `#1335` (Prajwal5755, uses operator module) and PR `#1409` (Gauravsharma2040, uses float dunder methods + isinstance guard). All three are open as of March 2026. Only one should be merged.

[StarDustNova-57]

I have closed my previous PR (#1499) to avoid conflicts.
This PR (#1503) contains the updated and improved changes.