# Adding One-Shot Modules Ax supports two types of scan modules: [Simple Modules](/fundamentals/scans/modules/adding-simple-modules.md) and One-Shot Modules. If a module contains the string `_target_` or `_safe-target_`, ax scan will execute it as a One-Shot Module. One-Shot Modules utilize [Interlace](https://github.com/codingo/Interlace) to convert single-threaded command-line applications into fast, multi-threaded applications. Specifically, ax scan uses Interlace (created by [codingo](https://x.com/codingo_) and [sml555](https://twitter.com/sml555_)) to manage threading for any binary or script. Here's an example of a One-Shot Module and its benefits: ``` [ { "command": "/home/op/go/bin/ffuf -w _wordlist_ -u _target_/FUZZ -of csv -o output/_cleantarget_ -ac", "wordlist": "/home/op/lists/seclists/Discovery/Web-Content/big.txt", "ext": "csv", "threads": "1" } ] ``` Some tools only accept one target at a time rather than a list of targets from a file. This is a prime example of why One-Shot Modules are beneficial. Typically, ax scan splits a target list (e.g., IPs or URLs) and uploads parts to each instance in the fleet, renaming all parts to "input". Instead of using a One-Shot Module, you could use a Simple Module with a bash loop, like this: {% hint style="info" %} **Extensions:** While One-Shot modules can use any [module extension](/fundamentals/scans/modules/merging-and-module-extensions.md) (e.g., `"ext": "csv"` in the above module), every One-Shot `"command:"` must output to a directory named `output`. In the above module, the output is `output/_cleantarget_`. The output directory on the remote instance (`/home/op/scan/$module+$timestamp/output`) is automatically created for you when using One-Shot modules. {% endhint %} ``` [ { "command": "for i in $(cat input); do ffuf -w _wordlist_ -u $i/FUZZ -of csv -o output/$(echo $i | tr -d ':' | tr -d '/') -ac; done", "wordlist": "/home/op/lists/seclists/Discovery/Web-Content/big.txt", "ext": "dir" } ] ``` The above command is valid syntax, and `ax scan` can execute any bash command you supply, including loops and sub-shells (as long as its valid JSON). However, notice that the output requires cleaning to remove colons and forward slashes from the HTTPS scheme, as files can't contain these characters. This method also doesn't support easy threading. This is where Interlace is useful. By integrating Interlace, we have enabled easy threading for Ax modules. To specify the number of threads, simply add the desired number next to "threads" in the JSON object. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://ax.attacksurge.com/fundamentals/scans/modules/adding-one-shot-modules.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.