secator 0.10.1a12__py3-none-any.whl → 0.11.0__py3-none-any.whl

secator/celery.py

@@ -223,10 +223,11 @@ def forward_results(results):
 
 
 @app.task
-def mark_runner_started(runner, enable_hooks=True):
+def mark_runner_started(results, runner, enable_hooks=True):
 	"""Mark a runner as started and run on_start hooks.
 
 	Args:
+		results (List): Previous results.
 		runner (Runner): Secator runner instance.
 		enable_hooks (bool): Enable hooks.
 
@@ -234,9 +235,12 @@ def mark_runner_started(runner, enable_hooks=True):
 		list: Runner results
 	"""
 	debug(f'Runner {runner.unique_name} has started, running mark_started', sub='celery')
+	if results:
+		runner.results = forward_results(results)
 	runner.enable_hooks = enable_hooks
-	runner.mark_started()
-	return forward_results(runner.results)
+	if not runner.dry_run:
+		runner.mark_started()
+	return runner.results
 
 
 @app.task
@@ -254,8 +258,9 @@ def mark_runner_completed(results, runner, enable_hooks=True):
 	debug(f'Runner {runner.unique_name} has finished, running mark_completed', sub='celery')
 	results = forward_results(results)
 	runner.enable_hooks = enable_hooks
-	[runner.add_result(item) for item in results]
-	runner.mark_completed()
+	if not runner.dry_run:
+		[runner.add_result(item) for item in results]
+		runner.mark_completed()
 	return runner.results
 
 

secator/celery_signals.py

@@ -65,16 +65,6 @@ def setup_idle_timer(timeout):
     timer.start()
 
 
-def maybe_override_logging():
-    def decorator(func):
-        if CONFIG.celery.override_default_logging:
-            return signals.setup_logging.connect(func)
-        else:
-            return func
-    return decorator
-
-
-@maybe_override_logging()
 def setup_logging(*args, **kwargs):
     """Override celery's logging setup to prevent it from altering our settings.
     github.com/celery/celery/issues/1867
@@ -134,8 +124,9 @@ def worker_shutdown_handler(**kwargs):
 
 
 def setup_handlers():
+    if CONFIG.celery.override_default_logging:
+        signals.setup_logging.connect(setup_logging)
     signals.celeryd_after_setup.connect(capture_worker_name)
-    signals.setup_logging.connect(setup_logging)
     signals.task_prerun.connect(task_prerun_handler)
     signals.task_postrun.connect(task_postrun_handler)
     signals.task_revoked.connect(task_revoked_handler)

secator/cli.py

@@ -18,14 +18,14 @@ from rich.table import Table
 
 from secator.config import CONFIG, ROOT_FOLDER, Config, default_config, config_path
 from secator.decorators import OrderedGroup, register_runner
-from secator.definitions import ADDONS_ENABLED, ASCII, DEV_PACKAGE, OPT_NOT_SUPPORTED, VERSION, STATE_COLORS
+from secator.definitions import ADDONS_ENABLED, ASCII, DEV_PACKAGE, VERSION, STATE_COLORS
 from secator.installer import ToolInstaller, fmt_health_table_row, get_health_table, get_version_info, get_distro_config
 from secator.output_types import FINDING_TYPES, Info, Warning, Error
 from secator.report import Report
 from secator.rich import console
 from secator.runners import Command, Runner
 from secator.serializers.dataclass import loads_dataclass
-from secator.template import TemplateLoader
+from secator.template import TEMPLATES, TemplateLoader
 from secator.utils import (
 	debug, detect_host, discover_tasks, flatten, print_version, get_file_date,
 	sort_files_by_date, get_file_timestamp, list_reports, get_info_from_report_path, human_to_timedelta
@@ -34,17 +34,18 @@ from secator.utils import (
 click.rich_click.USE_RICH_MARKUP = True
 
 ALL_TASKS = discover_tasks()
-ALL_CONFIGS = TemplateLoader.load_all()
-ALL_WORKFLOWS = ALL_CONFIGS.workflow
-ALL_SCANS = ALL_CONFIGS.scan
+ALL_WORKFLOWS = [t for t in TEMPLATES if t.type == 'workflow']
+ALL_SCANS = [t for t in TEMPLATES if t.type == 'scan']
 FINDING_TYPES_LOWER = [c.__name__.lower() for c in FINDING_TYPES]
+CONTEXT_SETTINGS = dict(help_option_names=['-h', '--help'])
 
 
 #-----#
 # CLI #
 #-----#
 
-@click.group(cls=OrderedGroup, invoke_without_command=True)
+
+@click.group(cls=OrderedGroup, invoke_without_command=True, context_settings=CONTEXT_SETTINGS)
 @click.option('--version', '-version', is_flag=True, default=False)
 @click.pass_context
 def cli(ctx, version):
@@ -119,11 +120,12 @@ for config in sorted(ALL_SCANS, key=lambda x: x['name']):
 @click.option('-Q', '--queue', type=str, default='', help='Listen to a specific queue.')
 @click.option('-P', '--pool', type=str, default='eventlet', help='Pool implementation.')
 @click.option('--quiet', is_flag=True, help='Quiet mode.')
+@click.option('--loglevel', type=str, default='INFO', help='Log level.')
 @click.option('--check', is_flag=True, help='Check if Celery worker is alive.')
 @click.option('--dev', is_flag=True, help='Start a worker in dev mode (celery multi).')
 @click.option('--stop', is_flag=True, help='Stop a worker in dev mode (celery multi).')
 @click.option('--show', is_flag=True, help='Show command (celery multi).')
-def worker(hostname, concurrency, reload, queue, pool, quiet, check, dev, stop, show):
+def worker(hostname, concurrency, reload, queue, pool, quiet, loglevel, check, dev, stop, show):
 	"""Run a worker."""
 
 	# Check Celery addon is installed
@@ -169,6 +171,7 @@ def worker(hostname, concurrency, reload, queue, pool, quiet, check, dev, stop,
 
 	cmd += f' -P {pool}' if pool else ''
 	cmd += f' -c {concurrency}' if concurrency else ''
+	cmd += f' -l {loglevel}' if loglevel else ''
 
 	if reload:
 		patterns = "celery.py;tasks/*.py;runners/*.py;serializers/*.py;output_types/*.py;hooks/*.py;exporters/*.py"
@@ -862,7 +865,7 @@ def health(json, debug, strict):
 		error = False
 		for tool, info in status['tools'].items():
 			if not info['installed']:
-				console.print(Error(message=f'{tool} not installed and strict mode is enabled.'))
+				console.print(Error(message=f'{tool} is not installed.'))
 				error = True
 		if error:
 			sys.exit(1)
@@ -878,21 +881,21 @@ def run_install(title=None, cmd=None, packages=None, next_steps=None):
 	if CONFIG.offline_mode:
 		console.print(Error(message='Cannot run this command in offline mode.'))
 		return
-	with console.status(f'[bold yellow] Installing {title}...'):
-		if cmd:
-			from secator.installer import SourceInstaller
-			status = SourceInstaller.install(cmd)
-		elif packages:
-			from secator.installer import PackageInstaller
-			status = PackageInstaller.install(packages)
-		return_code = 1
-		if status.is_ok():
-			return_code = 0
-			if next_steps:
-				console.print('[bold gold3]:wrench: Next steps:[/]')
-				for ix, step in enumerate(next_steps):
-					console.print(f'   :keycap_{ix}: {step}')
-		sys.exit(return_code)
+	# with console.status(f'[bold yellow] Installing {title}...'):
+	if cmd:
+		from secator.installer import SourceInstaller
+		status = SourceInstaller.install(cmd)
+	elif packages:
+		from secator.installer import PackageInstaller
+		status = PackageInstaller.install(packages)
+	return_code = 1
+	if status.is_ok():
+		return_code = 0
+		if next_steps:
+			console.print('[bold gold3]:wrench: Next steps:[/]')
+			for ix, step in enumerate(next_steps):
+				console.print(f'   :keycap_{ix}: {step}')
+	sys.exit(return_code)
 
 
 @cli.group()
@@ -1051,8 +1054,9 @@ def install_ruby():
 
 @install.command('tools')
 @click.argument('cmds', required=False)
-@click.option('--cleanup', is_flag=True, default=False)
-def install_tools(cmds, cleanup):
+@click.option('--cleanup', is_flag=True, default=False, help='Clean up tools after installation.')
+@click.option('--fail-fast', is_flag=True, default=False, help='Fail fast if any tool fails to install.')
+def install_tools(cmds, cleanup, fail_fast):
 	"""Install supported tools."""
 	if CONFIG.offline_mode:
 		console.print(Error(message='Cannot run this command in offline mode.'))
@@ -1069,10 +1073,12 @@ def install_tools(cmds, cleanup):
 		console.print(Error(message=f'No tools found for {cmd_str}.'))
 		return
 	for ix, cls in enumerate(tools):
-		with console.status(f'[bold yellow][{ix + 1}/{len(tools)}] Installing {cls.__name__} ...'):
-			status = ToolInstaller.install(cls)
-			if not status.is_ok():
-				return_code = 1
+		# with console.status(f'[bold yellow][{ix + 1}/{len(tools)}] Installing {cls.__name__} ...'):
+		status = ToolInstaller.install(cls)
+		if not status.is_ok():
+			return_code = 1
+			if fail_fast:
+				sys.exit(return_code)
 		console.print()
 	if cleanup:
 		distro = get_distro_config()
@@ -1132,14 +1138,13 @@ def update(all):
 		return_code = 0
 		for cls in ALL_TASKS:
 			cmd = cls.cmd.split(' ')[0]
-			version_flag = cls.version_flag or f'{cls.opt_prefix}version'
-			version_flag = None if cls.version_flag == OPT_NOT_SUPPORTED else version_flag
+			version_flag = cls.get_version_flag()
 			info = get_version_info(cmd, version_flag, cls.install_github_handle)
 			if not info['installed'] or info['status'] == 'outdated' or not info['latest_version']:
-				with console.status(f'[bold yellow]Installing {cls.__name__} ...'):
-					status = ToolInstaller.install(cls)
-					if not status.is_ok():
-						return_code = 1
+				# with console.status(f'[bold yellow]Installing {cls.__name__} ...'):
+				status = ToolInstaller.install(cls)
+				if not status.is_ok():
+					return_code = 1
 		sys.exit(return_code)
 
 #-------#
@@ -1250,24 +1255,35 @@ def test():
 	pass
 
 
-def run_test(cmd, name):
+def run_test(cmd, name=None, exit=True, verbose=False):
 	"""Run a test and return the result.
 
 	Args:
-		cmd: Command to run.
-		name: Name of the test.
+		cmd (str): Command to run.
+		name (str, optional): Name of the test.
+		exit (bool, optional): Exit after running the test with the return code.
+		verbose (bool, optional): Print verbose output.
+
+	Returns:
+		Return code of the test.
 	"""
-	result = Command.execute(cmd, name=name + ' tests', cwd=ROOT_FOLDER)
-	if result.return_code == 0:
-		console.print(f':tada: {name.capitalize()} tests passed !', style='bold green')
-	sys.exit(result.return_code)
+	cmd_name = name + ' tests' if name else 'tests'
+	result = Command.execute(cmd, name=cmd_name, cwd=ROOT_FOLDER, quiet=not verbose)
+	if name:
+		if result.return_code == 0:
+			console.print(f':tada: {name.capitalize()} tests passed !', style='bold green')
+		else:
+			console.print(f':x: {name.capitalize()} tests failed !', style='bold red')
+	if exit:
+		sys.exit(result.return_code)
+	return result.return_code
 
 
 @test.command()
 def lint():
 	"""Run lint tests."""
 	cmd = f'{sys.executable} -m flake8 secator/'
-	run_test(cmd, 'lint')
+	run_test(cmd, 'lint', verbose=True)
 
 
 @test.command()
@@ -1285,13 +1301,21 @@ def unit(tasks, workflows, scans, test):
 	os.environ['SECATOR_HTTP_STORE_RESPONSES'] = '0'
 	os.environ['SECATOR_RUNNERS_SKIP_CVE_SEARCH'] = '1'
 
+	if not test:
+		if tasks:
+			test = 'test_tasks'
+		elif workflows:
+			test = 'test_workflows'
+		elif scans:
+			test = 'test_scans'
+
 	import shutil
 	shutil.rmtree('/tmp/.secator', ignore_errors=True)
 	cmd = f'{sys.executable} -m coverage run --omit="*test*" --data-file=.coverage.unit -m pytest -s -v tests/unit'
 	if test:
 		test_str = ' or '.join(test.split(','))
 		cmd += f' -k "{test_str}"'
-	run_test(cmd, 'unit')
+	run_test(cmd, 'unit', verbose=True)
 
 
 @test.command()
@@ -1307,6 +1331,14 @@ def integration(tasks, workflows, scans, test):
 	os.environ['SECATOR_DIRS_DATA'] = '/tmp/.secator'
 	os.environ['SECATOR_RUNNERS_SKIP_CVE_SEARCH'] = '1'
 
+	if not test:
+		if tasks:
+			test = 'test_tasks'
+		elif workflows:
+			test = 'test_workflows'
+		elif scans:
+			test = 'test_scans'
+
 	import shutil
 	shutil.rmtree('/tmp/.secator', ignore_errors=True)
 
@@ -1314,7 +1346,7 @@ def integration(tasks, workflows, scans, test):
 	if test:
 		test_str = ' or '.join(test.split(','))
 		cmd += f' -k "{test_str}"'
-	run_test(cmd, 'integration')
+	run_test(cmd, 'integration', verbose=True)
 
 
 @test.command()
@@ -1337,7 +1369,82 @@ def performance(tasks, workflows, scans, test):
 	if test:
 		test_str = ' or '.join(test.split(','))
 		cmd += f' -k "{test_str}"'
-	run_test(cmd, 'performance')
+	run_test(cmd, 'performance', verbose=True)
+
+
+@test.command()
+@click.argument('name', type=str)
+@click.option('--verbose', '-v', is_flag=True, default=False, help='Print verbose output')
+def task(name, verbose):
+	"""Test task."""
+	task = [task for task in ALL_TASKS if task.__name__ == name]
+	warnings = []
+	exit_code = 0
+
+	# Check if task is correctly registered
+	check_error(task, 'Check task is registered', 'Task is not registered. Make sure there is no syntax errors in the task class definition.', warnings)  # noqa: E501
+	task = task[0]
+	task_name = task.__name__
+
+	# Run install
+	console.print(f'\n[bold gold3]:wrench: Running install tests for task {name} ...[/]') if verbose else None
+	cmd = f'secator install tools {task_name}'
+	ret_code = Command.execute(cmd, name='install', quiet=not verbose, cwd=ROOT_FOLDER)
+	version_info = task.get_version_info()
+	check_error(version_info['installed'], 'Check task is installed', 'Failed to install command. Fix your installation command.', warnings)  # noqa: E501
+	check_error(any(cmd for cmd in [task.install_cmd, task.install_github_handle]), 'Check task installation command is defined', 'Task has no installation command. Please define a `install_cmd` or `install_github_handle` class attribute.', warnings)  # noqa: E501
+	check_error(version_info['version'], 'Check task version can be fetched', 'Failed to detect version info. Fix your `version_flag` class attribute.', warnings)  # noqa: E501
+
+	# Run task-specific tests
+	console.print(f'\n[bold gold3]:wrench: Running task-specific tests for {name} ...[/]') if verbose else None
+	check_error(task.__doc__, 'Check task description is set (cls.__doc__)', 'Task has no description (class docstring).', warnings)  # noqa: E501
+	check_error(task.cmd, 'Check task command is set (cls.cmd)', 'Task has no cmd attribute.', warnings)
+	check_error(task.input_type, 'Check task input type is set (cls.input_type)', 'Task has no input_type attribute.', warnings)  # noqa: E501
+	check_error(task.output_types, 'Check task output types is set (cls.output_types)', 'Task has no output_types attribute.', warnings)  # noqa: E501
+
+	# Print all warnings
+	exit_code = 1 if len(warnings) > 0 else 0
+	if exit_code == 1:
+		console.print()
+		console.print("[bold red]Issues:[/]")
+		for warning in warnings:
+			console.print(warning)
+		console.print()
+		console.print(Info(message=f'Skipping unit and integration tests for {name} due to previous errors.'))
+		console.print(Error(message=f'Task {name} tests failed. Please fix the issues above before making a PR.'))
+		sys.exit(exit_code)
+
+	# Run unit tests
+	console.print(f'\n[bold gold3]:wrench: Running unit tests for {name} ...[/]') if verbose else None
+	cmd = f'secator test unit --tasks {name}'
+	ret_code = run_test(cmd, exit=False, verbose=verbose)
+	check_error(ret_code == 0, 'Check unit tests pass', 'Unit tests failed.', warnings)
+
+	# Run integration tests
+	console.print(f'\n[bold gold3]:wrench: Running integration tests for {name} ...[/]') if verbose else None
+	cmd = f'secator test integration --tasks {name}'
+	ret_code = run_test(cmd, exit=False, verbose=verbose)
+	check_error(ret_code == 0, 'Check integration tests pass', 'Integration tests failed.', warnings)
+
+	# Exit with exit code
+	exit_code = 1 if len(warnings) > 0 else 0
+	if exit_code == 0:
+		console.print(f':tada: Task {name} tests passed ! You are free to make a PR.', style='bold green')
+	else:
+		console.print(Error(message=f'Task {name} tests failed. Please fix the issues above before making a PR.'))
+
+	sys.exit(exit_code)
+
+
+def check_error(condition, message, error, warnings=[]):
+	console.print(f'[bold magenta]:zap: {message} ...[/]', end='')
+	if not condition:
+		warning = Warning(message=error)
+		warnings.append(warning)
+		console.print(' [bold red]FAILED[/]', style='dim')
+	else:
+		console.print(' [bold green]OK[/]', style='dim')
+	return True
 
 
 @test.command()

secator/configs/workflows/url_params_fuzz.yaml

@@ -0,0 +1,23 @@
+type: workflow
+name: url_params_fuzz
+alias: url_params_fuzz
+description: Extract parameters from an URL and fuzz them
+tags: [http, fuzz]
+input_types:
+  - url
+tasks:
+  arjun:
+    description: Extract parameters from URLs
+  ffuf:
+    description: Fuzz URL params
+    wordlist: https://raw.githubusercontent.com/danielmiessler/SecLists/refs/heads/master/Discovery/Web-Content/burp-parameter-names.txt
+    targets_:
+      - type: url
+        field: url
+        condition: item._source.startswith('arjun')
+  httpx:
+    description: Probe fuzzed URLs
+    targets_:
+      - type: url
+        field: url
+        condition: item._source.startswith('ffuf')

secator/configs/workflows/wordpress.yaml

@@ -11,4 +11,7 @@ tasks:
       description: Nuclei Wordpress scan
       tags: wordpress
     wpscan:
-      description: WPScan
+      description: WPScan
+    wpprobe:
+      description: WPProbe
+      tags: wordpress

secator/decorators.py

@@ -19,16 +19,17 @@ RUNNER_OPTS = {
 	'print_stat': {'is_flag': True, 'short': 'stat', 'default': False, 'help': 'Print runtime statistics'},
 	'print_format': {'default': '', 'short': 'fmt', 'help': 'Output formatting string'},
 	'enable_profiler': {'is_flag': True, 'short': 'prof', 'default': False, 'help': 'Enable runner profiling'},
-	'show': {'is_flag': True, 'default': False, 'help': 'Show command that will be run (tasks only)'},
-	'no_process': {'is_flag': True, 'default': False, 'help': 'Disable secator processing'},
+	'show': {'is_flag': True, 'short': 'sh', 'default': False, 'help': 'Show command that will be run (tasks only)'},
+	'no_process': {'is_flag': True, 'short': 'nps', 'default': False, 'help': 'Disable secator processing'},
 	# 'filter': {'default': '', 'short': 'f', 'help': 'Results filter', 'short': 'of'}, # TODO add this
-	'quiet': {'is_flag': True, 'default': False, 'help': 'Enable quiet mode'},
+	'quiet': {'is_flag': True, 'short': 'q', 'default': False, 'help': 'Enable quiet mode'},
+	'dry_run': {'is_flag': True, 'short': 'dr', 'default': False, 'help': 'Enable dry run'},
 }
 
 RUNNER_GLOBAL_OPTS = {
 	'sync': {'is_flag': True, 'help': 'Run tasks synchronously (automatic if no worker is alive)'},
 	'worker': {'is_flag': True, 'default': False, 'help': 'Run tasks in worker'},
-	'no_poll': {'is_flag': True, 'default': False, 'help': 'Do not live poll for tasks results when running in worker'},
+	'no_poll': {'is_flag': True, 'short': 'np', 'default': False, 'help': 'Do not live poll for tasks results when running in worker'},  # noqa: E501
 	'proxy': {'type': str, 'help': 'HTTP proxy'},
 	'driver': {'type': str, 'help': 'Export real-time results. E.g: "mongodb"'}
 	# 'debug': {'type': int, 'default': 0, 'help': 'Debug mode'},
@@ -224,12 +225,16 @@ def decorate_command_options(opts):
 		for opt_name, opt_conf in reversed_opts.items():
 			conf = opt_conf.copy()
 			short_opt = conf.pop('short', None)
-			conf.pop('internal', None)
+			internal = conf.pop('internal', False)
+			display = conf.pop('display', True)
+			if internal and not display:
+				continue
 			conf.pop('prefix', None)
 			conf.pop('shlex', None)
 			conf.pop('meta', None)
 			conf.pop('supported', None)
 			conf.pop('process', None)
+			conf.pop('requires_sudo', None)
 			reverse = conf.pop('reverse', False)
 			long = f'--{opt_name}'
 			short = f'-{short_opt}' if short_opt else f'-{opt_name}'

secator/definitions.py

@@ -107,6 +107,9 @@ TAGS = 'tags'
 WEBSERVER = 'webserver'
 WORDLIST = 'wordlist'
 WORDS = 'words'
+CERTIFICATE_STATUS_UNKNOWN = 'Unknown'
+CERTIFICATE_STATUS_TRUSTED = 'Trusted'
+CERTIFICATE_STATUS_REVOKED = 'Revoked'
 
 
 def is_importable(module_to_import):

secator/installer.py

@@ -11,6 +11,7 @@ import io
 from dataclasses import dataclass
 from datetime import datetime
 from enum import Enum
+from pathlib import Path
 
 import json
 import requests
@@ -227,10 +228,10 @@ class GithubInstaller:
 			return InstallerStatus.GITHUB_LATEST_RELEASE_NOT_FOUND
 
 		# Find the right asset to download
-		os_identifiers, arch_identifiers = cls._get_platform_identifier()
+		system, arch, os_identifiers, arch_identifiers = cls._get_platform_identifier()
 		download_url = cls._find_matching_asset(latest_release['assets'], os_identifiers, arch_identifiers)
 		if not download_url:
-			console.print(Error(message='Could not find a GitHub release matching distribution.'))
+			console.print(Error(message=f'Could not find a GitHub release matching distribution (system: {system}, arch: {arch}).'))  # noqa: E501
 			return InstallerStatus.GITHUB_RELEASE_NOT_FOUND
 
 		# Download and unpack asset
@@ -261,6 +262,8 @@ class GithubInstaller:
 			return latest_release
 		except requests.RequestException as e:
 			console.print(Warning(message=f'Failed to fetch latest release for {github_handle}: {str(e)}'))
+			if 'rate limit exceeded' in str(e):
+				console.print(Warning(message='Consider setting env variable SECATOR_CLI_GITHUB_TOKEN or use secator config set cli.github_token $TOKEN.'))  # noqa: E501
 			return None
 
 	@classmethod
@@ -285,16 +288,16 @@ class GithubInstaller:
 
 		# Enhanced architecture mapping to avoid conflicts
 		arch_mapping = {
-			'x86_64': ['amd64', 'x86_64'],
-			'amd64': ['amd64', 'x86_64'],
+			'x86_64': ['amd64', 'x86_64', '64bit', 'x64'],
+			'amd64': ['amd64', 'x86_64', '64bit', 'x64'],
 			'aarch64': ['arm64', 'aarch64'],
 			'armv7l': ['armv7', 'arm'],
-			'386': ['386', 'x86', 'i386'],
+			'386': ['386', 'x86', 'i386', '32bit', 'x32'],
 		}
 
 		os_identifiers = os_mapping.get(system, [])
 		arch_identifiers = arch_mapping.get(arch, [])
-		return os_identifiers, arch_identifiers
+		return system, arch, os_identifiers, arch_identifiers
 
 	@classmethod
 	def _find_matching_asset(cls, assets, os_identifiers, arch_identifiers):
@@ -348,6 +351,9 @@ class GithubInstaller:
 		elif url.endswith('.tar.gz'):
 			with tarfile.open(fileobj=io.BytesIO(response.content), mode='r:gz') as tar:
 				tar.extractall(path=temp_dir)
+		else:
+			with Path(f'{temp_dir}/{repo_name}').open('wb') as f:
+				f.write(response.content)
 
 		# For archives, find and move the binary that matches the repo name
 		binary_path = cls._find_binary_in_directory(temp_dir, repo_name)
@@ -397,13 +403,11 @@ def get_version(version_cmd):
 	import re
 	regex = r'[0-9]+\.[0-9]+\.?[0-9]*\.?[a-zA-Z]*'
 	ret = Command.execute(version_cmd, quiet=True, print_errors=False)
-	return_code = ret.return_code
-	if not return_code == 0:
-		return '', ret.return_code
 	match = re.findall(regex, ret.output)
 	if not match:
-		return '', return_code
-	return match[0], return_code
+		console.print(Warning(message=f'Failed to find version in version command output. Command: {version_cmd}; Output: {ret.output}; Return code: {ret.return_code}'))  # noqa: E501
+		return None
+	return match[0]
 
 
 def parse_version(ver):
@@ -436,14 +440,21 @@ def get_version_info(name, version_flag=None, install_github_handle=None, instal
 		'name': name,
 		'installed': False,
 		'version': version,
+		'version_cmd': None,
 		'latest_version': None,
 		'location': None,
-		'status': ''
+		'status': '',
+		'errors': []
 	}
 
 	# Get binary path
 	location = which(name).output
+	if not location or not Path(location).exists():
+		info['installed'] = False
+		info['status'] = 'missing'
+		return info
 	info['location'] = location
+	info['installed'] = True
 
 	# Get latest version
 	latest_version = None
@@ -472,34 +483,35 @@ def get_version_info(name, version_flag=None, install_github_handle=None, instal
 					if ver:
 						latest_version = str(ver)
 						info['latest_version'] = latest_version
+			else:
+				error = f'Failed to get latest version for {name}. Command: apt-cache madison {name}'
+				info['errors'].append(error)
+				console.print(Warning(message=error))
 
 	# Get current version
-	version_ret = 1
 	version_flag = None if version_flag == OPT_NOT_SUPPORTED else version_flag
 	if version_flag:
 		version_cmd = f'{name} {version_flag}'
-		version, version_ret = get_version(version_cmd)
+		info['version_cmd'] = version_cmd
+		version = get_version(version_cmd)
 		info['version'] = version
-		if version_ret != 0:  # version command error
-			info['installed'] = False
-			info['status'] = 'missing'
+		if not version:
+			info['errors'].append(f'Error fetching version for command. Version command: {version_cmd}')
+			info['status'] = 'version fetch error'
 			return info
 
-	if location:
-		info['installed'] = True
-		if version and latest_version:
-			if parse_version(version) < parse_version(latest_version):
-				info['status'] = 'outdated'
-			else:
-				info['status'] = 'latest'
-		elif not version:
-			info['status'] = 'current unknown'
-		elif not latest_version:
-			info['status'] = 'latest unknown'
-			if CONFIG.offline_mode:
-				info['status'] += r' [dim orange1]\[offline][/]'
-	else:
-		info['status'] = 'missing'
+	# Check if up-to-date
+	if version and latest_version:
+		if parse_version(version) < parse_version(latest_version):
+			info['status'] = 'outdated'
+		else:
+			info['status'] = 'latest'
+	elif not version:
+		info['status'] = 'current unknown'
+	elif not latest_version:
+		info['status'] = 'latest unknown'
+		if CONFIG.offline_mode:
+			info['status'] += r' [dim orange1]\[offline][/]'
 
 	return info
 
@@ -578,6 +590,8 @@ def fmt_health_table_row(version_info, category=None):
 		_version = '[bold red]missing[/]'
 	elif status == 'ok':
 		_version = '[bold green]ok        [/]'
+	elif status == 'version fetch error':
+		_version = '[bold orange1]unknown[/]    [dim](current unknown)[/]'
 	elif status:
 		if not version and installed:
 			_version = '[bold green]ok        [/]'

secator/output_types/__init__.py

@@ -26,6 +26,7 @@ from secator.output_types.url import Url
 from secator.output_types.user_account import UserAccount
 from secator.output_types.vulnerability import Vulnerability
 from secator.output_types.record import Record
+from secator.output_types.certificate import Certificate
 from secator.output_types.info import Info
 from secator.output_types.warning import Warning
 from secator.output_types.error import Error
@@ -39,6 +40,6 @@ STAT_TYPES = [
 	Stat
 ]
 FINDING_TYPES = [
-	Subdomain, Ip, Port, Url, Tag, Exploit, UserAccount, Vulnerability
+	Subdomain, Ip, Port, Url, Tag, Exploit, UserAccount, Vulnerability, Certificate
 ]
 OUTPUT_TYPES = FINDING_TYPES + EXECUTION_TYPES + STAT_TYPES