secator 0.1.0__py2.py3-none-any.whl

secator/tasks/msfconsole.py

@@ -0,0 +1,176 @@
+"""Attack tasks."""
+
+import logging
+
+from rich.panel import Panel
+
+from secator.decorators import task
+from secator.definitions import (DELAY, FOLLOW_REDIRECT, HEADER, HOST,
+							   OPT_NOT_SUPPORTED, PROXY, RATE_LIMIT, RETRIES,
+							   DATA_FOLDER, THREADS, TIMEOUT, USER_AGENT)
+from secator.tasks._categories import VulnMulti
+from secator.utils import get_file_timestamp
+
+logger = logging.getLogger(__name__)
+
+
+@task()
+class msfconsole(VulnMulti):
+	"""CLI to access and work with the Metasploit Framework."""
+	cmd = 'msfconsole --quiet'
+	version_flag = OPT_NOT_SUPPORTED
+	input_type = HOST
+	input_chunk_size = 1
+	output_types = []
+	output_return_type = str
+	opt_prefix = '--'
+	opts = {
+		'resource': {'type': str, 'help': 'Metasploit resource script.', 'short': 'r'},
+		'execute_command': {'type': str, 'help': 'Metasploit command.', 'short': 'x'},
+		'environment': {'type': str, 'help': 'Environment variables string KEY=VALUE.', 'short': 'e'}
+	}
+	opt_key_map = {
+		'x': 'execute_command',
+		'r': 'resource',
+		HEADER: OPT_NOT_SUPPORTED,
+		DELAY: OPT_NOT_SUPPORTED,
+		FOLLOW_REDIRECT: OPT_NOT_SUPPORTED,
+		PROXY: OPT_NOT_SUPPORTED,
+		RATE_LIMIT: OPT_NOT_SUPPORTED,
+		RETRIES: OPT_NOT_SUPPORTED,
+		THREADS: OPT_NOT_SUPPORTED,
+		TIMEOUT: OPT_NOT_SUPPORTED,
+		USER_AGENT: OPT_NOT_SUPPORTED,
+		THREADS: OPT_NOT_SUPPORTED,
+	}
+	encoding = 'ansi'
+	ignore_return_code = True
+	# install_cmd = 'wget -O - https://raw.githubusercontent.com/freelabz/secator/main/scripts/msfinstall.sh | sh'
+
+	@staticmethod
+	def validate_input(self, input):
+		"""No list input supported for this command. Pass a single input instead."""
+		if isinstance(input, list):
+			return False
+		return True
+
+	@staticmethod
+	def on_init(self):
+		command = self.get_opt_value('execute_command')
+		script_path = self.get_opt_value('resource')
+		environment = self.run_opts.pop('environment', '')
+		env_vars = {}
+		if environment:
+			env_vars = dict(map(lambda x: x.split('='), environment.strip().split(',')))
+		env_vars['RHOST'] = self.input
+		env_vars['RHOSTS'] = self.input
+
+		# Passing msfconsole command directly, simply add RHOST / RHOSTS from host input and run then exit
+		if command:
+			self.run_opts['msfconsole.execute_command'] = (
+				f'setg RHOST {self.input}; '
+				f'setg RHOSTS {self.input}; '
+				f'{command.format(**env_vars)}; '
+				f'exit;'
+			)
+
+		# Passing resource script, replace vars inside by our environment variables if any, write to a temp file, and
+		# pass this temp file instead of the original one.
+		elif script_path:
+
+			# Read from original resource script
+			with open(script_path, 'r') as f:
+				content = f.read().replace('exit', '') + 'exit'
+
+			# Make a copy and replace vars inside by env vars passed on the CLI
+			timestr = get_file_timestamp()
+			out_path = f'{DATA_FOLDER}/msfconsole_{timestr}.rc'
+			logger.debug(
+				f'Writing formatted resource script to new temp file {out_path}'
+			)
+			with open(out_path, 'w') as f:
+				content = content.format(**env_vars)
+				f.write(content)
+
+			script_name = script_path.split('/')[-1]
+			self._print(Panel(content, title=f'[bold magenta]{script_name}', expand=False))
+
+			# Override original command with new resource script
+			self.run_opts['msfconsole.resource'] = out_path
+
+		# Nothing passed, error out
+		else:
+			raise ValueError('At least one of "inline_script" or "resource_script" must be passed.')
+
+		# Clear host input
+		self.input = ''
+
+
+# TODO: This is better as it goes through an RPC API to communicate with
+# metasploit rpc server, but it does not give any output.
+# Seems like output is available only in Metasploit Pro, so keeping this in case
+# we add support for it later.
+#
+# from pymetasploit3.msfrpc import MsfRpcClient
+# class msfrpcd():
+#
+#     opts = {
+#         'uri': {'type': str, 'default': '/api/', 'help': 'msfrpcd API uri'},
+#         'port': {'type': int, 'default': 55553, 'help': 'msfrpcd port'},
+#         'server': {'type': str, 'default': 'localhost', 'help': 'msfrpcd host'},
+#         'token': {'type': str, 'help': 'msfrpcd token'},
+#         'username': {'type': str, 'default': 'msf', 'help': 'msfrpcd username'},
+#         'password': {'type': str, 'default': 'test', 'help': 'msfrpcd password'},
+#         'module': {'type': str, 'required': True, 'help': 'Metasploit module to run'}
+#     }
+#
+#     def __init__(self, input, ctx={}, **run_opts):
+#         self.module = run_opts.pop('module')
+#         pw = run_opts.pop('password')
+#         self.run_opts = run_opts
+#         self.RHOST = input
+#         self.RHOSTS = input
+#         self.LHOST = self.get_lhost()
+#         # self.start_msgrpc()
+#         self.client = MsfRpcClient(pw, ssl=True, **run_opts)
+#
+#     # def start_msgrpc(self):
+#     #     code, out = run_command(f'msfrpcd -P {self.password}')
+#     #     logger.info(out)
+#
+#     def get_lhost(self):
+#         try:
+#             u = miniupnpc.UPnP()
+#             u.discoverdelay = 200
+#             u.discover()
+#             u.selectigd()
+#             return u.externalipaddress()
+#         except Exception:
+#             return 'localhost'
+#
+#     def run(self):
+#         """Run a metasploit module.
+#
+#         Args:
+#             modtype: Module type amongst 'auxiliary', 'exploit', 'post',
+#                 'encoder', 'nop', 'payload'.
+#             modname: Module name e.g 'auxiliary/scanner/ftp/ftp_version
+#             kwargs (dict): Module kwargs e.g RHOSTS, LHOST
+#         Returns:
+#             dict: Job results.
+#         """
+#         modtype = self.module.split('/')[0].rstrip('s')
+#         job = self.client.modules.execute(
+# 			modtype,
+# 			self.module,
+# 			RHOST=self.RHOST,
+# 			RHOSTS=self.RHOSTS,
+# 			LHOST=self.LHOST)
+#         if job.get('error', False):
+#             logger.error(job['error_message'])
+#         job_info = self.client.jobs.info_by_uuid(job['uuid'])
+#         while (job_info['status'] in ['running', 'ready']):
+#             job_info = self.client.jobs.info_by_uuid(job['uuid'])
+#         job_info.update(job)
+#         print(type(job_info['result']['127.0.0.1']))
+#         return job_info

secator/tasks/naabu.py

@@ -0,0 +1,52 @@
+from secator.decorators import task
+from secator.definitions import (DELAY, HOST, OPT_NOT_SUPPORTED, PORT, PORTS,
+								 PROXY, RATE_LIMIT, RETRIES, STATE, THREADS,
+								 TIMEOUT, TOP_PORTS)
+from secator.output_types import Port
+from secator.tasks._categories import ReconPort
+
+
+@task()
+class naabu(ReconPort):
+	"""Port scanning tool written in Go."""
+	cmd = 'naabu -Pn -silent'
+	input_flag = '-host'
+	file_flag = '-list'
+	json_flag = '-json'
+	opts = {
+		PORTS: {'type': str, 'short': 'p', 'help': 'Ports'},
+		TOP_PORTS: {'type': str, 'short': 'tp', 'help': 'Top ports'},
+		'scan_type': {'type': str, 'help': 'Scan type (SYN (s)/CONNECT(c))'},
+		# 'health_check': {'is_flag': True, 'short': 'hc', 'help': 'Health check'}
+	}
+	opt_key_map = {
+		DELAY: OPT_NOT_SUPPORTED,
+		PROXY: 'proxy',
+		RATE_LIMIT: 'rate',
+		RETRIES: 'retries',
+		TIMEOUT: 'timeout',
+		THREADS: 'c',
+
+		# naabu opts
+		PORTS: 'port',
+		'scan_type': 's',
+		# 'health_check': 'hc'
+	}
+	opt_value_map = {
+		TIMEOUT: lambda x: x*1000 if x and x > 0 else None,  # convert to milliseconds
+		RETRIES: lambda x: 1 if x == 0 else x,
+		PROXY: lambda x: x.replace('socks5://', '')
+	}
+	output_map = {
+		Port: {
+			PORT: lambda x: x['port'],
+			HOST: lambda x: x['host'] if 'host' in x else x['ip'],
+			STATE: lambda x: 'open'
+		}
+	}
+	output_types = [Port]
+	install_cmd = 'sudo apt install -y libpcap-dev && go install -v github.com/projectdiscovery/naabu/v2/cmd/naabu@latest'
+	proxychains = False
+	proxy_socks5 = True
+	proxy_http = False
+	profile = 'io'

secator/tasks/nmap.py

@@ -0,0 +1,341 @@
+import logging
+import os
+import re
+
+import xmltodict
+
+from secator.decorators import task
+from secator.definitions import (CONFIDENCE, CVSS_SCORE, DELAY,
+								 DESCRIPTION, EXTRA_DATA, FOLLOW_REDIRECT,
+								 HEADER, HOST, ID, IP, MATCHED_AT, NAME,
+								 OPT_NOT_SUPPORTED, OUTPUT_PATH, PORT, PORTS, PROVIDER,
+								 PROXY, RATE_LIMIT, REFERENCE, REFERENCES,
+								 RETRIES, SCRIPT, SERVICE_NAME, STATE, TAGS,
+								 THREADS, TIMEOUT, USER_AGENT)
+from secator.output_types import Exploit, Port, Vulnerability
+from secator.tasks._categories import VulnMulti
+
+logger = logging.getLogger(__name__)
+
+
+@task()
+class nmap(VulnMulti):
+	"""Network Mapper is a free and open source utility for network discovery and security auditing."""
+	cmd = 'nmap -sT -sV -Pn'
+	input_flag = None
+	input_chunk_size = 1
+	file_flag = '-iL'
+	opt_prefix = '--'
+	output_types = [Port, Vulnerability, Exploit]
+	opts = {
+		PORTS: {'type': str, 'help': 'Ports to scan', 'short': 'p'},
+		SCRIPT: {'type': str, 'default': 'vulners', 'help': 'NSE scripts'},
+		# 'tcp_connect': {'type': bool, 'short': 'sT', 'default': False, 'help': 'TCP Connect scan'},
+		'tcp_syn_stealth': {'is_flag': True, 'short': 'sS', 'default': False, 'help': 'TCP SYN Stealth'},
+		'output_path': {'type': str, 'short': 'oX', 'default': None, 'help': 'Output XML file path'}
+	}
+	opt_key_map = {
+		HEADER: OPT_NOT_SUPPORTED,
+		DELAY: 'scan-delay',
+		FOLLOW_REDIRECT: OPT_NOT_SUPPORTED,
+		PROXY: None,  # TODO: supports --proxies but not in TCP mode [https://github.com/nmap/nmap/issues/1098]
+		RATE_LIMIT: 'max-rate',
+		RETRIES: 'max-retries',
+		THREADS: OPT_NOT_SUPPORTED,
+		TIMEOUT: 'max-rtt-timeout',
+		USER_AGENT: OPT_NOT_SUPPORTED,
+
+		# Nmap opts
+		PORTS: '-p',
+		'output_path': '-oX'
+	}
+	opt_value_map = {
+		PORTS: lambda x: ','.join([str(p) for p in x]) if isinstance(x, list) else x
+	}
+	install_cmd = (
+		'sudo apt install -y nmap && sudo git clone https://github.com/scipag/vulscan /opt/scipag_vulscan || true && '
+		'sudo ln -s /opt/scipag_vulscan /usr/share/nmap/scripts/vulscan || true'
+	)
+	proxychains = True
+	proxychains_flavor = 'proxychains4'
+	proxy_socks5 = False
+	proxy_http = False
+	profile = 'io'
+
+	@staticmethod
+	def on_init(self):
+		output_path = self.get_opt_value(OUTPUT_PATH)
+		if not output_path:
+			output_path = f'{self.reports_folder}/.outputs/{self.unique_name}.xml'
+		self.output_path = output_path
+		self.cmd += f' -oX {self.output_path}'
+
+	def yielder(self):
+		yield from super().yielder()
+		if self.return_code != 0:
+			return
+		self.results = []
+		note = f'nmap XML results saved to {self.output_path}'
+		if self.print_line:
+			self._print(note)
+		if os.path.exists(self.output_path):
+			nmap_data = self.xml_to_json()
+			yield from nmap_data
+
+	def xml_to_json(self):
+		results = []
+		with open(self.output_path, 'r') as f:
+			content = f.read()
+			try:
+				results = xmltodict.parse(content)  # parse XML to dict
+			except Exception as e:
+				logger.exception(e)
+				logger.error(
+					f'Cannot parse nmap XML output {self.output_path} to valid JSON.')
+		results['_host'] = self.input
+		return nmapData(results)
+
+
+class nmapData(dict):
+
+	def __iter__(self):
+		for host in self._get_hosts():
+			hostname = self._get_hostname(host)
+			ip = self._get_ip(host)
+			for port in self._get_ports(host):
+				# Get port number
+				port_number = port['@portid']
+				if not port_number or not port_number.isdigit():
+					continue
+				port_number = int(port_number)
+
+				# Get port state
+				state = port.get('state', {}).get('@state', '')
+
+				# Get extra data
+				extra_data = self._get_extra_data(port)
+
+				# Grab CPEs
+				cpes = extra_data.get('cpe', [])
+
+				# Grab service name
+				service_name = ''
+				if 'product' in extra_data:
+					service_name = extra_data['product']
+				elif 'name' in extra_data:
+					service_name = extra_data['name']
+				if 'version' in extra_data:
+					version = extra_data['version']
+					service_name += f'/{version}'
+
+				# Get script output
+				scripts = self._get_scripts(port)
+
+				# Yield port data
+				port = {
+					PORT: port_number,
+					HOST: hostname,
+					STATE: state,
+					SERVICE_NAME: service_name,
+					IP: ip,
+					EXTRA_DATA: extra_data
+				}
+				yield port
+
+				# Parse each script output to get vulns
+				for script in scripts:
+					script_id = script['id']
+					output = script['output']
+					extra_data = {'script': script_id}
+					if service_name:
+						extra_data['service_name'] = service_name
+					funcmap = {
+						'vulscan': self._parse_vulscan_output,
+						'vulners': self._parse_vulners_output,
+					}
+					func = funcmap.get(script_id)
+					metadata = {
+						MATCHED_AT: f'{hostname}:{port_number}',
+						IP: ip,
+						EXTRA_DATA: extra_data,
+					}
+					if not func:
+						# logger.debug(f'Script output parser for "{script_id}" is not supported YET.')
+						continue
+					for vuln in func(output, cpes=cpes):
+						vuln.update(metadata)
+						yield vuln
+
+	#---------------------#
+	# XML FILE EXTRACTORS #
+	#---------------------#
+	def _get_hosts(self):
+		hosts = self.get('nmaprun', {}).get('host', {})
+		if isinstance(hosts, dict):
+			hosts = [hosts]
+		return hosts
+
+	def _get_ports(self, host_cfg):
+		ports = host_cfg.get('ports', {}).get('port', [])
+		if isinstance(ports, dict):
+			ports = [ports]
+		return ports
+
+	def _get_hostname(self, host_cfg):
+		hostnames = host_cfg.get('hostnames', {})
+		hostname = self['_host']
+		if hostnames:
+			hostnames = hostnames.get('hostname', [])
+			if isinstance(hostnames, dict):
+				hostnames = [hostnames]
+			if hostnames:
+				hostname = hostnames[0]['@name']
+		else:
+			hostname = host_cfg.get('address', {}).get('@addr', None)
+		return hostname
+
+	def _get_ip(self, host_cfg):
+		return host_cfg.get('address', {}).get('@addr', None)
+
+	def _get_extra_data(self, port_cfg):
+		extra_datas = {
+			k.lstrip('@'): v
+			for k, v in port_cfg.get('service', {}).items()
+		}
+
+		# Strip product / version strings
+		if 'product' in extra_datas:
+			extra_datas['product'] = extra_datas['product'].lower()
+
+		if 'version' in extra_datas:
+			version_split = extra_datas['version'].split(' ')
+			version = None
+			os = None
+			if len(version_split) == 3:
+				version, os, extra_version = tuple(version_split)
+				version = f'{version}-{extra_version}'
+			elif len(version_split) == 2:
+				version, os = tuple(version_split)
+			elif len(version_split) == 1:
+				version = version_split[0]
+			else:
+				version = extra_datas['version']
+			if os:
+				extra_datas['os'] = os
+			if version:
+				extra_datas['version'] = version
+
+		# Grab CPEs
+		cpes = extra_datas.get('cpe', [])
+		if not isinstance(cpes, list):
+			cpes = [cpes]
+			extra_datas['cpe'] = cpes
+
+		return extra_datas
+
+	def _get_scripts(self, port_cfg):
+		scripts = port_cfg.get('script', [])
+		if isinstance(scripts, dict):
+			scripts = [scripts]
+		scripts = [
+			{k.lstrip('@'): v for k, v in script.items()}
+			for script in scripts
+		]
+		return scripts
+
+	#--------------#
+	# VULN PARSERS #
+	#--------------#
+	def _parse_vulscan_output(self, out, cpes=[]):
+		"""Parse nmap vulscan script output.
+
+		Args:
+			out (str): Vulscan script output.
+
+		Returns:
+			list: List of Vulnerability dicts.
+		"""
+		provider_name = ''
+		for line in out.splitlines():
+			if not line:
+				continue
+			line = line.strip()
+			if not line.startswith('[') and line != 'No findings':  # provider line
+				provider_name, _ = tuple(line.split(' - '))
+				continue
+			reg = r'\[([ A-Za-z0-9_@./#&+-]*)\] (.*)'
+			matches = re.match(reg, line)
+			if not matches:
+				continue
+			vuln_id, vuln_title = matches.groups()
+			vuln = {
+				ID: vuln_id,
+				NAME: vuln_id,
+				DESCRIPTION: vuln_title,
+				PROVIDER: provider_name,
+				TAGS: [vuln_id, provider_name]
+			}
+			if provider_name == 'MITRE CVE':
+				vuln_data = VulnMulti.lookup_cve(vuln['id'], cpes=cpes)
+				if vuln_data:
+					vuln.update(vuln_data)
+				yield vuln
+			else:
+				# logger.debug(f'Vulscan provider {provider_name} is not supported YET.')
+				continue
+
+	def _parse_vulners_output(self, out, **kwargs):
+		cpes = []
+		provider_name = 'vulners'
+		for line in out.splitlines():
+			if not line:
+				continue
+			line = line.strip()
+			if line.startswith('cpe:'):
+				cpes.append(line)
+				continue
+			elems = tuple(line.split('\t'))
+			vuln = {}
+
+			if len(elems) == 4:  # exploit
+				# TODO: Implement exploit processing
+				exploit_id, cvss_score, reference_url, _ = elems
+				name = exploit_id
+				# edb_id = name.split(':')[-1] if 'EDB-ID' in name else None
+				vuln = {
+					ID: exploit_id,
+					NAME: name,
+					PROVIDER: provider_name,
+					REFERENCE: reference_url,
+					'_type': 'exploit'
+					# CVSS_SCORE: cvss_score,
+					# CONFIDENCE: 'low'
+				}
+				# TODO: lookup exploit in ExploitDB to find related CVEs
+				# if edb_id:
+				# 	print(edb_id)
+				# 	vuln_data = VulnMulti.lookup_exploitdb(edb_id)
+				yield vuln
+
+			elif len(elems) == 3:  # vuln
+				vuln_id, vuln_cvss, reference_url = tuple(line.split('\t'))
+				vuln_type = vuln_id.split('-')[0]
+				vuln = {
+					ID: vuln_id,
+					NAME: vuln_id,
+					PROVIDER: provider_name,
+					CVSS_SCORE: vuln_cvss,
+					REFERENCES: [reference_url],
+					TAGS: [],
+					CONFIDENCE: 'low'
+				}
+				if vuln_type == 'CVE':
+					vuln[TAGS].append('cve')
+					vuln_data = VulnMulti.lookup_cve(vuln_id, cpes=cpes)
+					if vuln_data:
+						vuln.update(vuln_data)
+					yield vuln
+				else:
+					logger.debug(f'Vulners parser for "{vuln_type}" is not implemented YET.')
+			else:
+				logger.error(f'Unrecognized vulners output: {elems}')

secator/tasks/nuclei.py

@@ -0,0 +1,97 @@
+from secator.decorators import task
+from secator.definitions import (CONFIDENCE, CVSS_SCORE, DELAY, DESCRIPTION,
+								 EXTRA_DATA, FOLLOW_REDIRECT, HEADER, ID, IP,
+								 MATCHED_AT, NAME, OPT_NOT_SUPPORTED, PERCENT,
+								 PROVIDER, PROXY, RATE_LIMIT, REFERENCES,
+								 RETRIES, SEVERITY, TAGS, THREADS, TIMEOUT,
+								 USER_AGENT, DEFAULT_NUCLEI_FLAGS)
+from secator.output_types import Progress, Vulnerability
+from secator.tasks._categories import VulnMulti
+
+
+@task()
+class nuclei(VulnMulti):
+	"""Fast and customisable vulnerability scanner based on simple YAML based DSL."""
+	cmd = f'nuclei {DEFAULT_NUCLEI_FLAGS}'
+	file_flag = '-l'
+	input_flag = '-u'
+	json_flag = '-jsonl'
+	opts = {
+		'templates': {'type': str, 'short': 't', 'help': 'Templates'},
+		'tags': {'type': str, 'help': 'Tags'},
+		'exclude_tags': {'type': str, 'short': 'etags', 'help': 'Exclude tags'},
+		'exclude_severity': {'type': str, 'short': 'es', 'help': 'Exclude severity'},
+		'template_id': {'type': str, 'short': 'tid', 'help': 'Template id'},
+		'debug': {'type': str, 'help': 'Debug mode'},
+	}
+	opt_key_map = {
+		HEADER: 'header',
+		DELAY: OPT_NOT_SUPPORTED,
+		FOLLOW_REDIRECT: 'follow-redirects',
+		PROXY: 'proxy',
+		RATE_LIMIT: 'rate-limit',
+		RETRIES: 'retries',
+		THREADS: 'c',
+		TIMEOUT: 'timeout',
+		USER_AGENT: OPT_NOT_SUPPORTED,
+
+		# nuclei opts
+		'exclude_tags': 'exclude-tags',
+		'exclude_severity': 'exclude-severity',
+		'templates': 't'
+	}
+	opt_value_map = {
+		'tags': lambda x: ','.join(x) if isinstance(x, list) else x,
+		'templates': lambda x: ','.join(x) if isinstance(x, list) else x,
+		'exclude_tags': lambda x: ','.join(x) if isinstance(x, list) else x,
+	}
+	output_types = [Vulnerability, Progress]
+	output_map = {
+		Vulnerability: {
+			ID: lambda x: nuclei.id_extractor(x),
+			NAME: lambda x: nuclei.name_extractor(x),
+			DESCRIPTION: lambda x: x['info'].get('description'),
+			SEVERITY: lambda x: x['info'][SEVERITY],
+			CONFIDENCE: lambda x: 'high',
+			CVSS_SCORE: lambda x: x['info'].get('classification', {}).get('cvss-score') or 0,
+			MATCHED_AT:  'matched-at',
+			IP: 'ip',
+			TAGS: lambda x: x['info']['tags'],
+			REFERENCES: lambda x: x['info'].get('reference', []),
+			EXTRA_DATA: lambda x: nuclei.extra_data_extractor(x),
+			PROVIDER: 'nuclei',
+		},
+		Progress: {
+			PERCENT: lambda x: int(x['percent']),
+			EXTRA_DATA: lambda x: {k: v for k, v in x.items() if k not in ['duration', 'errors', 'percent']}
+		}
+	}
+	ignore_return_code = True
+	install_cmd = 'go install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest && nuclei update-templates'
+	proxychains = False
+	proxy_socks5 = True  # kind of, leaks data when running network / dns templates
+	proxy_http = True  # same
+	profile = 'cpu'
+
+	@staticmethod
+	def id_extractor(item):
+		cve_ids = item['info'].get('classification', {}).get('cve-id') or []
+		if len(cve_ids) > 0:
+			return cve_ids[0]
+		return None
+
+	@staticmethod
+	def extra_data_extractor(item):
+		data = {}
+		data['data'] = item.get('extracted-results', [])
+		data['template_id'] = item['template-id']
+		data['template_url'] = item.get('template-url', '')
+		return data
+
+	@staticmethod
+	def name_extractor(item):
+		name = item['template-id']
+		matcher_name = item.get('matcher-name', '')
+		if matcher_name:
+			name += f':{matcher_name}'
+		return name