–h, —help Display help message and exit
–t TARGET_HOSTS Set the target host.
–b BASE_HOST Set host to be used during substitution in wordlist (default to TARGET).
–w WORDLISTS Set the wordlist(s) to use. You may specify multiple wordlists in comma delimited format (e.g. –w “./wordlists/simple.txt, ./wordlists/hackthebox.txt” (default ./wordlists/virtual–host–scanning.txt).
–p PORT Set the port to use (default 80).
–r REAL_PORT The real port of the web server to use in headers when not 80 (see RFC2616 14.23), useful when pivoting through ssh/nc etc (default to PORT).
—ignore–http–codes IGNORE_HTTP_CODES Comma–separated list of HTTP codes to ignore with virtual host scans (default 404).
—ignore–content–length IGNORE_CONTENT_LENGTH Ignore content lengths of specified amount.
—unique–depth UNIQUE_DEPTH Show likely matches of page content that is found x times (default 1).
—ssl If set then connections will be made over HTTPS instead of HTTP.
—fuzzy–logic If set then all unique content replies are compared and a similarity ratio is given for each pair. This helps to isolate vhosts in situations where a default page isn‘t static (such as having the time on it).
–no-lookups Disbale reverse lookups (identifies new targets and append to wordlist, on by default).
–rate-limit Amount of time in seconds to delay between each scan (default 0).
–random-agent If set, each scan will use a random user-agent from a predefined list.
–user-agent Specify a user agent to use for scans.
–waf If set then simple WAF bypass headers will be sent.
-oN OUTPUT_NORMAL Normal output printed to a file when the -oN option is specified with a filename argument.
-oJ OUTPUT_JSON JSON output printed to a file when the -oJ option is specified with a filename argument.
– By passing a blank ‘–‘ you tell VHostScan to expect input from stdin (pipe).
Source : DarkNet