From 68b63a9ca5e9e08532a27a16e26410ab6d752339 Mon Sep 17 00:00:00 2001
From: sandeep <sandeep@projectdiscovery.io>
Date: Fri, 15 Oct 2021 00:18:16 +0530
Subject: [PATCH] misc readme update

---
 token-spray/README.md | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/token-spray/README.md b/token-spray/README.md
index 24081b4662..e49667d4b7 100644
--- a/token-spray/README.md
+++ b/token-spray/README.md
@@ -1,15 +1,19 @@
 ## About
+
 This directory holds templates that have static API URL endpoints. Use these to test an API token against many API service endpoints. By providing token input using flag, Nuclei will test the token against all known API endpoints within the API templates, and return any successful results. By incorporating API checks as Nuclei Templates, users can test API keys that have no context (i.e., API keys that do not indicate for which API endpoint they are meant).
 
 ## Usage
-You do not need to specify an input URL to test a token against these API endpoints, as the API endpoints have static URLs. However, Nuclei requires an input (specified via `-u` for individual URLs or `-l` for a file containing URLs). Because of this requirement, we simply pass in `-u "null"`. Each template in the `token-spray` directory assumes the input API token will be provided using CLI `var` flag.
 
-```bash
-# Run Nuclei specifying all the api templates:
+**token-spray** are self-contained template and does not requires URLs as input as the API endpoints have static URLs predefined in the template. Each template in the `token-spray` directory assumes the input API token/s will be provided using CLI `var` flag.
 
-nuclei -u null -t token-spray/ -var token=thisIsMySecretTokenThatIWantToTest
+```console
+# Running token-spray templates against a single token to test
+nuclei -t token-spray/ -var token=random-token-to-test
+
+# Running token-spray templates against a file containing multiple new line delimited tokens
+nuclei -t token-spray/ -var token=file_with_tokens.txt
 ```
 
 ## Credits
-These API testing templates were inspired by the [streaak/keyhacks](https://github.com/streaak/keyhacks) repository. The Bishop Fox [Continuous Attack Surface Testing (CAST)](https://www.bishopfox.com/continuous-attack-surface-testing/how-cast-works/) team created additional API templates for testing API keys uncovered during investigations. You are welcome to add new templates based on the existing format to cover more APIs.
 
+These API testing templates were inspired by the [streaak/keyhacks](https://github.com/streaak/keyhacks) repository. The Bishop Fox [Continuous Attack Surface Testing (CAST)](https://www.bishopfox.com/continuous-attack-surface-testing/how-cast-works/) team created additional API templates for testing API keys uncovered during investigations. You are welcome to add new templates based on the existing format to cover more APIs.
\ No newline at end of file