secator 0.1.0__py2.py3-none-any.whl

secator/exporters/json.py

@@ -0,0 +1,14 @@
+from secator.exporters._base import Exporter
+from secator.rich import console
+from secator.serializers.dataclass import dumps_dataclass
+
+
+class JsonExporter(Exporter):
+	def send(self):
+		json_path = f'{self.report.output_folder}/report.json'
+
+		# Save JSON report to file
+		with open(json_path, 'w') as f:
+			f.write(dumps_dataclass(self.report.data, indent=2))
+
+		console.print(f':file_cabinet: Saved JSON report to {json_path}')

secator/exporters/table.py

@@ -0,0 +1,7 @@
+from secator.exporters._base import Exporter
+from secator.utils import print_results_table
+
+
+class TableExporter(Exporter):
+	def send(self):
+		print_results_table(self.report.runner.results, self.report.title)

secator/exporters/txt.py

@@ -0,0 +1,24 @@
+from secator.exporters._base import Exporter
+from secator.rich import console
+
+
+class TxtExporter(Exporter):
+    def send(self):
+        results = self.report.data['results']
+        txt_paths = []
+
+        for output_type, items in results.items():
+            items = [str(i) for i in items]
+            if not items:
+                continue
+            txt_path = f'{self.report.output_folder}/report.txt'
+            with open(txt_path, 'w') as f:
+                f.write('\n'.join(items))
+            txt_paths.append(txt_path)
+
+        if len(txt_paths) == 1:
+            txt_paths_str = txt_paths[0]
+        else:
+            txt_paths_str = '\n   • ' + '\n   • '.join(txt_paths)
+
+        console.print(f':file_cabinet: Saved TXT reports to {txt_paths_str}')

secator/hooks/mongodb.py

@@ -0,0 +1,212 @@
+import logging
+import os
+import time
+
+import pymongo
+from bson.objectid import ObjectId
+from celery import shared_task
+
+from secator.definitions import DEFAULT_PROGRESS_UPDATE_FREQUENCY
+from secator.output_types import OUTPUT_TYPES
+from secator.runners import Scan, Task, Workflow
+from secator.utils import debug, escape_mongodb_url
+
+# import gevent.monkey
+# gevent.monkey.patch_all()
+
+MONGODB_URL = os.environ.get('MONGODB_URL', 'mongodb://localhost')
+MONGODB_UPDATE_FREQUENCY = int(os.environ.get('MONGODB_UPDATE_FREQUENCY', DEFAULT_PROGRESS_UPDATE_FREQUENCY))
+MAX_POOL_SIZE = 100
+
+logger = logging.getLogger(__name__)
+
+client = pymongo.MongoClient(escape_mongodb_url(MONGODB_URL), maxPoolSize=MAX_POOL_SIZE)
+
+
+def update_runner(self):
+	db = client.main
+	type = self.config.type
+	collection = f'{type}s'
+	update = self.toDict()
+	debug_obj = {'type': 'runner', 'name': self.name, 'status': self.status}
+	chunk = update.get('chunk')
+	_id = self.context.get(f'{type}_chunk_id') if chunk else self.context.get(f'{type}_id')
+	debug('update', sub='hooks.mongodb', id=_id, obj=update, obj_after=True, level=4)
+	start_time = time.time()
+	if _id:
+		delta = start_time - self.last_updated if self.last_updated else MONGODB_UPDATE_FREQUENCY
+		if self.last_updated and delta < MONGODB_UPDATE_FREQUENCY and self.status == 'RUNNING':
+			debug(f'skipped ({delta:>.2f}s < {MONGODB_UPDATE_FREQUENCY}s)',
+				  sub='hooks.mongodb', id=_id, obj=debug_obj, obj_after=False, level=3)
+			return
+		db = client.main
+		start_time = time.time()
+		db[collection].update_one({'_id': ObjectId(_id)}, {'$set': update})
+		end_time = time.time()
+		elapsed = end_time - start_time
+		debug(
+			f'[dim gold4]updated in {elapsed:.4f}s[/]', sub='hooks.mongodb', id=_id, obj=debug_obj, obj_after=False, level=2)
+		self.last_updated = start_time
+	else:  # sync update and save result to runner object
+		runner = db[collection].insert_one(update)
+		_id = str(runner.inserted_id)
+		if chunk:
+			self.context[f'{type}_chunk_id'] = _id
+		else:
+			self.context[f'{type}_id'] = _id
+		end_time = time.time()
+		elapsed = end_time - start_time
+		debug(f'created in {elapsed:.4f}s', sub='hooks.mongodb', id=_id, obj=debug_obj, obj_after=False, level=2)
+
+
+def update_finding(self, item):
+	start_time = time.time()
+	db = client.main
+	update = item.toDict()
+	_id = ObjectId(item._uuid) if ObjectId.is_valid(item._uuid) else None
+	if _id:
+		finding = db['findings'].update_one({'_id': _id}, {'$set': update})
+		status = 'UPDATED'
+	else:
+		finding = db['findings'].insert_one(update)
+		item._uuid = str(finding.inserted_id)
+		status = 'CREATED'
+	end_time = time.time()
+	elapsed = end_time - start_time
+	debug(f'in {elapsed:.4f}s', sub='hooks.mongodb', id=str(item._uuid), obj={'finding': status}, obj_after=False)
+	return item
+
+
+def find_duplicates(self):
+	ws_id = self.toDict().get('context', {}).get('workspace_id')
+	if not ws_id:
+		return
+	celery_id = tag_duplicates.delay(ws_id)
+	debug(f'running duplicate check on workspace {ws_id}', id=celery_id, sub='hooks.mongodb')
+
+
+def load_finding(obj):
+	finding_type = obj['_type']
+	klass = None
+	for otype in OUTPUT_TYPES:
+		if finding_type == otype.get_name():
+			klass = otype
+			item = klass.load(obj)
+			item._uuid = str(obj['_id'])
+			return item
+	debug('could not load Secator output type from MongoDB object', obj=obj, sub='hooks.mongodb')
+	return None
+
+
+def load_findings(objs):
+	findings = [load_finding(obj) for obj in objs]
+	return [f for f in findings if f is not None]
+
+
+@shared_task
+def tag_duplicates(ws_id: str = None):
+	"""Tag duplicates in workspace.
+
+	Args:
+		ws_id (str): Workspace id.
+	"""
+	db = client.main
+	workspace_query = list(
+		db.findings.find({'_context.workspace_id': str(ws_id), '_tagged': True}).sort('_timestamp', -1))
+	untagged_query = list(
+		db.findings.find({'_context.workspace_id': str(ws_id)}).sort('_timestamp', -1))
+	# TODO: use this instead when duplicate removal logic is final
+	# untagged_query = list(
+	# 	db.findings.find({'_context.workspace_id': str(ws_id), '_tagged': False}).sort('_timestamp', -1))
+	if not untagged_query:
+		debug('no untagged findings. Skipping.', id=ws_id, sub='hooks.mongodb')
+		return
+
+	untagged_findings = load_findings(untagged_query)
+	workspace_findings = load_findings(workspace_query)
+	non_duplicates = []
+	duplicates = []
+	for item in untagged_findings:
+		# If already seen in duplicates
+		seen = [f for f in duplicates if f._uuid == item._uuid]
+		if seen:
+			continue
+
+		# Check for duplicates
+		tmp_duplicates = []
+
+		# Check if already present in list of workspace_findings findings, list of duplicates, or untagged_findings
+		workspace_dupes = [f for f in workspace_findings if f == item and f._uuid != item._uuid]
+		untagged_dupes = [f for f in untagged_findings if f == item and f._uuid != item._uuid]
+		seen_dupes = [f for f in duplicates if f == item and f._uuid != item._uuid]
+		tmp_duplicates.extend(workspace_dupes)
+		tmp_duplicates.extend(untagged_dupes)
+		tmp_duplicates.extend(seen_dupes)
+		debug(
+			f'for item {item._uuid}',
+			obj={
+				'workspace dupes': len(workspace_dupes),
+				'untagged dupes': len(untagged_dupes),
+				'seen dupes': len(seen_dupes)
+			},
+			id=ws_id,
+			sub='hooks.mongodb')
+		tmp_duplicates_ids = list(dict.fromkeys([i._uuid for i in tmp_duplicates]))
+		debug(f'duplicate ids: {tmp_duplicates_ids}', id=ws_id, sub='hooks.mongodb')
+
+		# Update latest object as non-duplicate
+		if tmp_duplicates:
+			duplicates.extend([f for f in tmp_duplicates])
+			db.findings.update_one({'_id': ObjectId(item._uuid)}, {'$set': {'_related': tmp_duplicates_ids}})
+			debug(f'adding {item._uuid} as non-duplicate', id=ws_id, sub='hooks.mongodb')
+			non_duplicates.append(item)
+		else:
+			debug(f'adding {item._uuid} as non-duplicate', id=ws_id, sub='hooks.mongodb')
+			non_duplicates.append(item)
+
+	# debug(f'found {len(duplicates)} total duplicates')
+
+	# Update objects with _tagged and _duplicate fields
+	duplicates_ids = list(dict.fromkeys([n._uuid for n in duplicates]))
+	non_duplicates_ids = list(dict.fromkeys([n._uuid for n in non_duplicates]))
+
+	search = {'_id': {'$in': [ObjectId(d) for d in duplicates_ids]}}
+	update = {'$set': {'_context.workspace_duplicate': True, '_tagged': True}}
+	db.findings.update_many(search, update)
+
+	search = {'_id': {'$in': [ObjectId(d) for d in non_duplicates_ids]}}
+	update = {'$set': {'_context.workspace_duplicate': False, '_tagged': True}}
+	db.findings.update_many(search, update)
+	debug(
+		'completed duplicates check for workspace.',
+		id=ws_id,
+		obj={
+			'processed': len(untagged_findings),
+			'duplicates': len(duplicates_ids),
+			'non-duplicates': len(non_duplicates_ids)
+		},
+		sub='hooks.mongodb')
+
+
+MONGODB_HOOKS = {
+	Scan: {
+		'on_start': [update_runner],
+		'on_iter': [update_runner],
+		'on_duplicate': [update_finding],
+		'on_end': [update_runner],
+	},
+	Workflow: {
+		'on_start': [update_runner],
+		'on_iter': [update_runner],
+		'on_duplicate': [update_finding],
+		'on_end': [update_runner],
+	},
+	Task: {
+		'on_init': [update_runner],
+		'on_start': [update_runner],
+		'on_item': [update_finding],
+		'on_duplicate': [update_finding],
+		'on_iter': [update_runner],
+		'on_end': [update_runner]
+	}
+}

secator/output_types/__init__.py

@@ -0,0 +1,24 @@
+__all__ = [
+    'OutputType',
+    'Ip',
+    'Port',
+    'Record',
+    'Subdomain',
+    'Url',
+    'UserAccount',
+    'Vulnerability'
+]
+from secator.output_types._base import OutputType  # noqa: F401
+from secator.output_types.progress import Progress  # noqa: F401
+from secator.output_types.ip import Ip
+from secator.output_types.exploit import Exploit
+from secator.output_types.port import Port
+from secator.output_types.subdomain import Subdomain
+from secator.output_types.tag import Tag
+from secator.output_types.target import Target
+from secator.output_types.url import Url
+from secator.output_types.user_account import UserAccount
+from secator.output_types.vulnerability import Vulnerability
+from secator.output_types.record import Record
+
+OUTPUT_TYPES = [Target, Progress, Subdomain, Ip, Port, Url, Tag, Exploit, UserAccount, Vulnerability, Record]

secator/output_types/_base.py

@@ -0,0 +1,95 @@
+import logging
+import re
+from dataclasses import _MISSING_TYPE, dataclass, fields
+
+logger = logging.getLogger(__name__)
+
+
+@dataclass
+class OutputType:
+	_table_fields = []
+	_sort_by = ()
+
+	def __gt__(self, other):
+		if not self.__eq__(other):
+			return False
+
+		# Point-based system based on number of non-empty extra-data present.
+		# In this configuration, a > b if a == b AND a has more non-empty fields than b
+		# extra_fields = [f for f in fields(self) if not f.compare]
+		# points1 = 0
+		# points2 = 0
+		# for field in extra_fields:
+		# 	v1 = getattr(self, field.name)
+		# 	v2 = getattr(other, field.name)
+		# 	if v1 and not v2:
+		# 		points1 += 1
+		# 	elif v2 and not v1:
+		# 		points2 += 1
+		# if points1 > points2:
+		# 	return True
+
+		# Timestamp-based system: return newest object
+		return self._timestamp > other._timestamp
+
+	def __ge__(self, other):
+		return self == other
+
+	def __lt__(self, other):
+		return other > self
+
+	def __le__(self, other):
+		return self == other
+
+	def __post_init__(self):
+		"""Initialize default fields to their proper types."""
+		for field in fields(self):
+			default_factory = field.default_factory
+			default = field.default
+			if getattr(self, field.name) is None:
+				if not isinstance(default, _MISSING_TYPE):
+					setattr(self, field.name, field.default)
+				elif not isinstance(default_factory, _MISSING_TYPE):
+					setattr(self, field.name, default_factory())
+
+	@classmethod
+	def load(cls, item, output_map={}):
+		new_item = {}
+
+		# Check for explicit _type keys
+		_type = item.get('_type')
+		if _type and _type != cls.get_name():
+			raise TypeError(f'Item has different _type set: {_type}')
+
+		for field in fields(cls):
+			key = field.name
+			if key in output_map:
+				mapped_key = output_map[key]
+				if callable(mapped_key):
+					mapped_val = mapped_key(item)
+				else:
+					mapped_val = item.get(mapped_key)
+				new_item[key] = mapped_val
+			elif key in item:
+				new_item[key] = item[key]
+
+		# All values None, raise an error
+		if all(val is None for val in new_item.values()):
+			raise TypeError(f'Item does not match {cls} schema')
+
+		new_item['_type'] = cls.get_name()
+		return cls(**new_item)
+
+	@classmethod
+	def get_name(cls):
+		return re.sub(r'(?<!^)(?=[A-Z])', '_', cls.__name__).lower()
+
+	@classmethod
+	def keys(cls):
+		return [f.name for f in fields(cls)]
+
+	def toDict(self, exclude=[]):
+		data = self.__dict__.copy()
+		if exclude:
+			return {k: v for k, v in data.items() if k not in exclude}
+		return data

secator/output_types/exploit.py

@@ -0,0 +1,50 @@
+import time
+from dataclasses import dataclass, field
+from secator.output_types import OutputType
+from secator.utils import rich_to_ansi
+from secator.definitions import MATCHED_AT, NAME, ID, EXTRA_DATA, REFERENCE
+
+
+@dataclass
+class Exploit(OutputType):
+	name: str
+	id: str
+	provider: str
+	matched_at: str = ''
+	ip: str = ''
+	reference: str = ''
+	cves: list = field(default_factory=list, compare=False)
+	tags: list = field(default_factory=list, compare=False)
+	extra_data: dict = field(default_factory=dict, compare=False)
+	_source: str = field(default='', repr=True)
+	_type: str = field(default='vulnerability', repr=True)
+	_timestamp: int = field(default_factory=lambda: time.time(), compare=False)
+	_uuid: str = field(default='', repr=True, compare=False)
+	_context: dict = field(default_factory=dict, repr=True, compare=False)
+	_tagged: bool = field(default=False, repr=True, compare=False)
+	_duplicate: bool = field(default=False, repr=True, compare=False)
+	_related: list = field(default_factory=list, compare=False)
+
+	_table_fields = [
+		MATCHED_AT,
+		NAME,
+		ID,
+		EXTRA_DATA,
+		REFERENCE
+	]
+	_sort_by = ('matched_at', 'name')
+
+	def __repr__(self):
+		s = f'[bold red]⍼[/]  \[[bold red]{self.name}'
+		if self.reference:
+			s += f' [link={self.reference}]🡕[/link]'
+		s += '[/]]'
+		if self.matched_at:
+			s += f' {self.matched_at}'
+		if self.tags:
+			tags_str = ', '.join(self.tags)
+			s += f' \[[cyan]{tags_str}[/]]'
+		if self.extra_data:
+			data = ', '.join([f'{k}:{v}' for k, v in self.extra_data.items()])
+			s += f' \[[yellow]{str(data)}[/]]'
+		return rich_to_ansi(s)

secator/output_types/ip.py

@@ -0,0 +1,33 @@
+import time
+from dataclasses import dataclass, field
+
+from secator.definitions import ALIVE, IP
+from secator.output_types import OutputType
+from secator.utils import rich_to_ansi
+
+
+@dataclass
+class Ip(OutputType):
+	ip: str
+	host: str = ''
+	alive: bool = False
+	_source: str = field(default='', repr=True)
+	_type: str = field(default='ip', repr=True)
+	_timestamp: int = field(default_factory=lambda: time.time(), compare=False)
+	_uuid: str = field(default='', repr=True, compare=False)
+	_context: dict = field(default_factory=dict, repr=True, compare=False)
+	_tagged: bool = field(default=False, repr=True, compare=False)
+	_duplicate: bool = field(default=False, repr=True, compare=False)
+	_related: list = field(default_factory=list, compare=False)
+
+	_table_fields = [IP, ALIVE]
+	_sort_by = (IP,)
+
+	def __str__(self) -> str:
+		return self.ip
+
+	def __repr__(self) -> str:
+		s = f'💻 [bold white]{self.ip}[/]'
+		if self.host:
+			s += f' \[[bold magenta]{self.host}[/]]'
+		return rich_to_ansi(s)

secator/output_types/port.py

@@ -0,0 +1,45 @@
+import time
+from dataclasses import dataclass, field
+
+from secator.definitions import CPES, EXTRA_DATA, HOST, IP, PORT
+from secator.output_types import OutputType
+from secator.utils import rich_to_ansi
+
+
+@dataclass
+class Port(OutputType):
+	port: int
+	ip: str
+	state: str = 'UNKNOWN'
+	service_name: str = field(default='', compare=False)
+	cpes: list = field(default_factory=list, compare=False)
+	host: str = field(default='', repr=True, compare=False)
+	extra_data: dict = field(default_factory=dict, compare=False)
+	_timestamp: int = field(default_factory=lambda: time.time(), compare=False)
+	_source: str = field(default='', repr=True, compare=False)
+	_type: str = field(default='port', repr=True)
+	_uuid: str = field(default='', repr=True, compare=False)
+	_context: dict = field(default_factory=dict, repr=True, compare=False)
+	_tagged: bool = field(default=False, repr=True, compare=False)
+	_duplicate: bool = field(default=False, repr=True, compare=False)
+	_related: list = field(default_factory=list, compare=False)
+
+	_table_fields = [IP, PORT, HOST, CPES, EXTRA_DATA]
+	_sort_by = (PORT, IP)
+
+	def __gt__(self, other):
+		# favor nmap over other port detection tools
+		if self._source == 'nmap' and other._source != 'nmap':
+			return True
+		return super().__gt__(other)
+
+	def __str__(self) -> str:
+		return f'{self.host}:{self.port}'
+
+	def __repr__(self) -> str:
+		s = f'🔓 {self.ip}:[bold red]{self.port:<4}[/] [bold yellow]{self.state.upper()}[/]'
+		if self.service_name:
+			s += f' \[[bold purple]{self.service_name}[/]]'
+		if self.host:
+			s += f' \[[cyan]{self.host}[/]]'
+		return rich_to_ansi(s)

secator/output_types/progress.py

@@ -0,0 +1,35 @@
+import time
+from dataclasses import dataclass, field
+
+from secator.output_types import OutputType
+from secator.utils import rich_to_ansi
+
+
+@dataclass
+class Progress(OutputType):
+	duration: str
+	percent: int
+	errors: list = field(default_factory=list)
+	extra_data: dict = field(default_factory=dict)
+	_source: str = field(default='', repr=True)
+	_type: str = field(default='progress', repr=True)
+	_timestamp: int = field(default_factory=lambda: time.time(), compare=False)
+	_uuid: str = field(default='', repr=True, compare=False)
+	_context: dict = field(default_factory=dict, repr=True, compare=False)
+	_tagged: bool = field(default=False, repr=True, compare=False)
+	_duplicate: bool = field(default=False, repr=True, compare=False)
+	_related: list = field(default_factory=list, compare=False)
+
+	_table_fields = ['percent', 'duration']
+	_sort_by = ('percent',)
+
+	def __str__(self) -> str:
+		return f'{self.percent}%'
+
+	def __repr__(self) -> str:
+		s = f'[dim]⏳ {self.percent}% ' + '█' * (self.percent // 10) + '[/]'
+		if self.errors:
+			s += f' [dim red]errors={self.errors}[/]'
+		ed = ' '.join([f'{k}={v}' for k, v in self.extra_data.items() if k != 'startedAt' and v])
+		s += f' [dim yellow]{ed}[/]'
+		return rich_to_ansi(s)

secator/output_types/record.py

@@ -0,0 +1,34 @@
+import time
+from dataclasses import dataclass, field
+
+from secator.definitions import HOST, NAME, TYPE
+from secator.output_types import OutputType
+from secator.utils import rich_to_ansi
+
+
+@dataclass
+class Record(OutputType):
+	name: str
+	type: str
+	host: str = ''
+	extra_data: dict = field(default_factory=dict, compare=False)
+	_source: str = field(default='', repr=True)
+	_type: str = field(default='record', repr=True)
+	_timestamp: int = field(default_factory=lambda: time.time(), compare=False)
+	_uuid: str = field(default='', repr=True, compare=False)
+	_context: dict = field(default_factory=dict, repr=True, compare=False)
+	_tagged: bool = field(default=False, repr=True, compare=False)
+	_duplicate: bool = field(default=False, repr=True, compare=False)
+	_related: list = field(default_factory=list, compare=False)
+
+	_table_fields = [NAME, HOST, TYPE]
+	_sort_by = (TYPE, NAME)
+
+	def __str__(self) -> str:
+		return self.name
+
+	def __repr__(self) -> str:
+		s = f'🎤 [bold white]{self.name}[/] \[[green]{self.type}[/]] \[[magenta]{self.host}[/]]'
+		if self.extra_data:
+			s += ' \[[bold yellow]' + ','.join(f'{k}={v}' for k, v in self.extra_data.items()) + '[/]]'
+		return rich_to_ansi(s)

secator/output_types/subdomain.py

@@ -0,0 +1,42 @@
+import time
+from dataclasses import dataclass, field
+from typing import List
+
+from secator.definitions import DOMAIN, HOST, SOURCES
+from secator.output_types import OutputType
+from secator.utils import rich_to_ansi
+
+
+@dataclass
+class Subdomain(OutputType):
+	host: str
+	domain: str
+	sources: List[str] = field(default_factory=list, compare=False)
+	extra_data: dict = field(default_factory=dict, compare=False)
+	_source: str = field(default='', repr=True)
+	_type: str = field(default='subdomain', repr=True)
+	_timestamp: int = field(default_factory=lambda: time.time(), compare=False)
+	_uuid: str = field(default='', repr=True, compare=False)
+	_context: dict = field(default_factory=dict, repr=True, compare=False)
+	_tagged: bool = field(default=False, repr=True, compare=False)
+	_duplicate: bool = field(default=False, repr=True, compare=False)
+	_related: list = field(default_factory=list, compare=False)
+
+	_table_fields = [
+		HOST,
+		DOMAIN,
+		SOURCES
+	]
+	_sort_by = (HOST,)
+
+	def __str__(self):
+		return self.host
+
+	def __repr__(self):
+		sources_str = ', '.join([f'[magenta]{source}[/]' for source in self.sources])
+		s = f'🏰 [white]{self.host}[/]'
+		if sources_str:
+			s += f' [{sources_str}]'
+		if self.extra_data:
+			s += ' \[[bold yellow]' + ', '.join(f'{k}:{v}' for k, v in self.extra_data.items()) + '[/]]'
+		return rich_to_ansi(s)

secator/output_types/tag.py

@@ -0,0 +1,46 @@
+import time
+from dataclasses import dataclass, field
+
+from secator.output_types import OutputType
+from secator.utils import rich_to_ansi
+
+
+@dataclass
+class Tag(OutputType):
+	name: str
+	match: str
+	extra_data: dict = field(default_factory=dict, repr=True, compare=False)
+	_source: str = field(default='', repr=True)
+	_type: str = field(default='tag', repr=True)
+	_timestamp: int = field(default_factory=lambda: time.time(), compare=False)
+	_uuid: str = field(default='', repr=True, compare=False)
+	_context: dict = field(default_factory=dict, repr=True, compare=False)
+	_tagged: bool = field(default=False, repr=True, compare=False)
+	_duplicate: bool = field(default=False, repr=True, compare=False)
+	_related: list = field(default_factory=list, compare=False)
+
+	_table_fields = ['match', 'name', 'extra_data']
+	_sort_by = ('match', 'name')
+
+	def __post_init__(self):
+		super().__post_init__()
+
+	def __str__(self) -> str:
+		return self.match
+
+	def __repr__(self) -> str:
+		s = f'🏷️  [bold magenta]{self.name}[/]'
+		s += f' found @ [bold]{self.match}[/]'
+		ed = ''
+		if self.extra_data:
+			for k, v in self.extra_data.items():
+				sep = ' '
+				if not v:
+					continue
+				if len(v) >= 80:
+					v = v.replace('\n', '\n' + '  ').replace('...TRUNCATED', '\n[italic bold red]...truncated to 1000 chars[/]')
+					sep = '\n    '
+				ed += f'\n    [dim red]{k}[/]:{sep}[dim yellow]{v}[/]'
+		if ed:
+			s += ed
+		return rich_to_ansi(s)