secator 0.10.1a12__py3-none-any.whl → 0.15.1__py3-none-any.whl

secator/runners/command.py

@@ -30,6 +30,8 @@ class Command(Runner):
 	# Base cmd
 	cmd = None
 
+	# Tags
+	tags = []
 	# Meta options
 	meta_opts = {}
 
@@ -71,6 +73,7 @@ class Command(Runner):
 
 	# Flag to take a file as input
 	file_flag = None
+	file_eof_newline = False
 
 	# Flag to enable output JSON
 	json_flag = None
@@ -83,6 +86,7 @@ class Command(Runner):
 	install_post = None
 	install_cmd = None
 	install_github_handle = None
+	install_version = None
 
 	# Serializer
 	item_loader = None
@@ -164,6 +168,9 @@ class Command(Runner):
 		# Process
 		self.process = None
 
+		# Sudo
+		self.requires_sudo = False
+
 		# Proxy config (global)
 		self.proxy = self.run_opts.pop('proxy', False)
 		self.configure_proxy()
@@ -177,6 +184,10 @@ class Command(Runner):
 		# Run on_cmd hook
 		self.run_hooks('on_cmd')
 
+		# Add sudo to command if it is required
+		if self.requires_sudo:
+			self.cmd = f'sudo {self.cmd}'
+
 		# Build item loaders
 		instance_func = getattr(self, 'item_loader', None)
 		item_loaders = self.item_loaders.copy()
@@ -228,6 +239,22 @@ class Command(Runner):
 			dict(self.opts, **self.meta_opts),
 			opt_prefix=self.config.name)
 
+	@classmethod
+	def get_version_flag(cls):
+		if cls.version_flag == OPT_NOT_SUPPORTED:
+			return None
+		return cls.version_flag or f'{cls.opt_prefix}version'
+
+	@classmethod
+	def get_version_info(cls):
+		from secator.installer import get_version_info
+		return get_version_info(
+			cls.cmd.split(' ')[0],
+			cls.get_version_flag(),
+			cls.install_github_handle,
+			cls.install_cmd
+		)
+
 	@classmethod
 	def get_supported_opts(cls):
 		def convert(d):
@@ -346,6 +373,12 @@ class Command(Runner):
 			if self.has_children:
 				return
 
+			# Abort if dry run
+			if self.dry_run:
+				self._print('')
+				self.print_command()
+				return
+
 			# Print task description
 			self.print_description()
 
@@ -464,15 +497,12 @@ class Command(Runner):
 		if line is None:
 			return
 
+		# Yield line if no items were yielded
+		yield line
+
 		# Run item_loader to try parsing as dict
-		item_count = 0
 		for item in self.run_item_loaders(line):
 			yield item
-			item_count += 1
-
-		# Yield line if no items were yielded
-		if item_count == 0:
-			yield line
 
 		# Skip rest of iteration (no process mode)
 		if self.no_process:
@@ -499,6 +529,7 @@ class Command(Runner):
 				cmd_str += f' [dim gray11]({self.chunk}/{self.chunk_count})[/]'
 			self._print(cmd_str, color='bold cyan', rich=True)
 		self.debug('Command', obj={'cmd': self.cmd}, sub='init')
+		self.debug('Options', obj={'opts': self.cmd_options}, sub='init')
 
 	def handle_file_not_found(self, exc):
 		"""Handle case where binary is not found.
@@ -687,11 +718,17 @@ class Command(Runner):
 			opt_value_map (dict, str | Callable): A dict to map option values with their actual values.
 			opt_prefix (str, default: '-'): Option prefix.
 			command_name (str | None, default: None): Command name.
+
+		Returns:
+			dict: Processed options dict.
 		"""
-		opts_str = ''
+		opts_dict = {}
 		for opt_name, opt_conf in opts_conf.items():
 			debug('before get_opt_value', obj={'name': opt_name, 'conf': opt_conf}, obj_after=False, sub='command.options', verbose=True)  # noqa: E501
 
+			# Save original opt name
+			original_opt_name = opt_name
+
 			# Get opt value
 			default_val = opt_conf.get('default')
 			opt_val = Command._get_opt_value(
@@ -743,15 +780,10 @@ class Command(Runner):
 
 			# Append opt name + opt value to option string.
 			# Note: does not append opt value if value is True (flag)
-			opts_str += f' {opt_name}'
-			shlex_quote = opt_conf.get('shlex', True)
-			if opt_val is not True:
-				if shlex_quote:
-					opt_val = shlex.quote(str(opt_val))
-				opts_str += f' {opt_val}'
-			debug('final', obj={'name': opt_name, 'value': opt_val}, sub='command.options', obj_after=False, verbose=True)
+			opts_dict[original_opt_name] = {'name': opt_name, 'value': opt_val, 'conf': opt_conf}
+			debug('final', obj={'name': original_opt_name, 'value': opt_val}, sub='command.options', obj_after=False, verbose=True)  # noqa: E501
 
-		return opts_str.strip()
+		return opts_dict
 
 	@staticmethod
 	def _validate_chunked_input(self, inputs):
@@ -806,27 +838,57 @@ class Command(Runner):
 		if self.json_flag:
 			self.cmd += f' {self.json_flag}'
 
+		# Opts str
+		opts_str = ''
+		opts = {}
+
 		# Add options to cmd
-		opts_str = Command._process_opts(
+		opts_dict = Command._process_opts(
 			self.run_opts,
 			self.opts,
 			self.opt_key_map,
 			self.opt_value_map,
 			self.opt_prefix,
 			command_name=self.config.name)
-		if opts_str:
-			self.cmd += f' {opts_str}'
 
 		# Add meta options to cmd
-		meta_opts_str = Command._process_opts(
+		meta_opts_dict = Command._process_opts(
 			self.run_opts,
 			self.meta_opts,
 			self.opt_key_map,
 			self.opt_value_map,
 			self.opt_prefix,
 			command_name=self.config.name)
-		if meta_opts_str:
-			self.cmd += f' {meta_opts_str}'
+
+		if opts_dict:
+			opts.update(opts_dict)
+		if meta_opts_dict:
+			opts.update(meta_opts_dict)
+
+		if opts:
+			for opt_conf in opts.values():
+				conf = opt_conf['conf']
+				internal = conf.get('internal', False)
+				if internal:
+					continue
+				if conf.get('requires_sudo', False):
+					self.requires_sudo = True
+				opts_str += ' ' + Command._build_opt_str(opt_conf)
+		self.cmd_options = opts
+		self.cmd += opts_str
+
+	@staticmethod
+	def _build_opt_str(opt):
+		"""Build option string."""
+		conf = opt['conf']
+		opts_str = f'{opt["name"]}'
+		shlex_quote = conf.get('shlex', True)
+		value = opt['value']
+		if value is not True:
+			if shlex_quote:
+				value = shlex.quote(str(value))
+			opts_str += f' {value}'
+		return opts_str
 
 	def _build_cmd_input(self):
 		"""Many commands take as input a string or a list. This function facilitate this based on whether we pass a
@@ -859,6 +921,8 @@ class Command(Runner):
 			# Write the input to a file
 			with open(fpath, 'w') as f:
 				f.write('\n'.join(inputs))
+				if self.file_eof_newline:
+					f.write('\n')
 
 			if self.file_flag == OPT_PIPE_INPUT:
 				cmd = f'cat {fpath} | {cmd}'

secator/runners/scan.py

@@ -33,9 +33,12 @@ class Scan(Runner):
 		sigs = []
 		for name, workflow_opts in self.config.workflows.items():
 			run_opts = self.run_opts.copy()
+			run_opts.pop('profiles', None)
 			run_opts['no_poll'] = True
+			run_opts['caller'] = 'Scan'
 			opts = merge_opts(scan_opts, workflow_opts, run_opts)
-			config = TemplateLoader(name=f'workflows/{name}')
+			name = name.split('/')[0]
+			config = TemplateLoader(name=f'workflow/{name}')
 			workflow = Workflow(
 				config,
 				self.inputs,
@@ -44,13 +47,13 @@ class Scan(Runner):
 				hooks=self._hooks,
 				context=self.context.copy()
 			)
-			celery_workflow = workflow.build_celery_workflow()
+			celery_workflow = workflow.build_celery_workflow(chain_previous_results=True)
 			for task_id, task_info in workflow.celery_ids_map.items():
 				self.add_subtask(task_id, task_info['name'], task_info['descr'])
 			sigs.append(celery_workflow)
 
 		return chain(
-			mark_runner_started.si(self).set(queue='results'),
+			mark_runner_started.si([], self).set(queue='results'),
 			*sigs,
 			mark_runner_completed.s(self).set(queue='results'),
 		)

secator/runners/task.py

@@ -32,6 +32,7 @@ class Task(Runner):
 		# Run opts
 		opts = self.run_opts.copy()
 		opts.pop('output', None)
+		opts.pop('profiles', None)
 		opts.pop('no_poll', False)
 
 		# Set output types

secator/runners/workflow.py

@@ -20,9 +20,12 @@ class Workflow(Runner):
 		from secator.celery import run_workflow
 		return run_workflow.s(args=args, kwargs=kwargs)
 
-	def build_celery_workflow(self):
+	def build_celery_workflow(self, chain_previous_results=False):
 		"""Build Celery workflow for workflow execution.
 
+		Args:
+			chain_previous_results (bool): Chain previous results.
+
 		Returns:
 			celery.Signature: Celery task signature.
 		"""
@@ -49,21 +52,31 @@ class Workflow(Runner):
 		opts['skip_if_no_inputs'] = True
 		opts['caller'] = 'Workflow'
 
+		forwarded_opts = {}
+		if chain_previous_results:
+			forwarded_opts = {k: v for k, v in self.run_opts.items() if k.endswith('_')}
+
 		# Build task signatures
 		sigs = self.get_tasks(
 			self.config.tasks.toDict(),
 			self.inputs,
 			self.config.options,
-			opts)
+			opts,
+			forwarded_opts=forwarded_opts
+		)
+
+		start_sig = mark_runner_started.si([], self, enable_hooks=True).set(queue='results')
+		if chain_previous_results:
+			start_sig = mark_runner_started.s(self, enable_hooks=True).set(queue='results')
 
 		# Build workflow chain with lifecycle management
 		return chain(
-			mark_runner_started.si(self, enable_hooks=True).set(queue='results'),
+			start_sig,
 			*sigs,
 			mark_runner_completed.s(self, enable_hooks=True).set(queue='results'),
 		)
 
-	def get_tasks(self, config, inputs, workflow_opts, run_opts):
+	def get_tasks(self, config, inputs, workflow_opts, run_opts, forwarded_opts={}):
 		"""Get tasks recursively as Celery chains / chords.
 
 		Args:
@@ -71,6 +84,7 @@ class Workflow(Runner):
 			inputs (list): Inputs.
 			workflow_opts (dict): Workflow options.
 			run_opts (dict): Run options.
+			forwarded_opts (dict): Opts forwarded from parent runner (e.g: scan).
 			sync (bool): Synchronous mode (chain of tasks, no chords).
 
 		Returns:
@@ -78,6 +92,7 @@ class Workflow(Runner):
 		"""
 		from celery import chain, group
 		sigs = []
+		ix = 0
 		for task_name, task_opts in config.items():
 			# Task opts can be None
 			task_opts = task_opts or {}
@@ -105,6 +120,8 @@ class Workflow(Runner):
 
 				# Merge task options (order of priority with overrides)
 				opts = merge_opts(workflow_opts, task_opts, run_opts)
+				if ix == 0 and forwarded_opts:
+					opts.update(forwarded_opts)
 				opts['name'] = task_name
 
 				# Create task signature
@@ -113,5 +130,6 @@ class Workflow(Runner):
 				sig = task.s(inputs, **opts).set(queue=task.profile, task_id=task_id)
 				self.add_subtask(task_id, task_name, task_opts.get('description', ''))
 				self.output_types.extend(task.output_types)
+				ix += 1
 			sigs.append(sig)
 		return sigs

secator/tasks/_categories.py

@@ -18,11 +18,16 @@ from secator.config import CONFIG
 from secator.runners import Command
 from secator.utils import debug, process_wordlist
 
+USER_AGENTS = {
+	'chrome_134.0_win10': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36',  # noqa: E501
+	'chrome_134.0_macos': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36',  # noqa: E501
+}
+
 
 OPTS = {
-	HEADER: {'type': str, 'help': 'Custom header to add to each request in the form "KEY1:VALUE1; KEY2:VALUE2"'},
+	HEADER: {'type': str, 'help': 'Custom header to add to each request in the form "KEY1:VALUE1; KEY2:VALUE2"', 'default': 'User-Agent: ' + USER_AGENTS['chrome_134.0_win10']},  # noqa: E501
 	DELAY: {'type': float, 'short': 'd', 'help': 'Delay to add between each requests'},
-	DEPTH: {'type': int, 'help': 'Scan depth', 'default': 2},
+	DEPTH: {'type': int, 'help': 'Scan depth'},
 	FILTER_CODES: {'type': str, 'short': 'fc', 'help': 'Filter out responses with HTTP codes'},
 	FILTER_REGEX: {'type': str, 'short': 'fr', 'help': 'Filter out responses with regular expression'},
 	FILTER_SIZE: {'type': str, 'short': 'fs', 'help': 'Filter out responses with size'},
@@ -36,7 +41,7 @@ OPTS = {
 	PROXY: {'type': str, 'help': 'HTTP(s) / SOCKS5 proxy'},
 	RATE_LIMIT: {'type':  int, 'short': 'rl', 'help': 'Rate limit, i.e max number of requests per second'},
 	RETRIES: {'type': int, 'help': 'Retries'},
-	THREADS: {'type': int, 'help': 'Number of threads to run', 'default': 50},
+	THREADS: {'type': int, 'help': 'Number of threads to run'},
 	TIMEOUT: {'type': int, 'help': 'Request timeout'},
 	USER_AGENT: {'type': str, 'short': 'ua', 'help': 'User agent, e.g "Mozilla Firefox 1.0"'},
 	WORDLIST: {'type': str, 'short': 'w', 'default': 'http', 'process': process_wordlist, 'help': 'Wordlist to use'}
@@ -68,19 +73,19 @@ OPTS_VULN = [
 
 class Http(Command):
 	meta_opts = {k: OPTS[k] for k in OPTS_HTTP_CRAWLERS}
-	input_type = URL
+	input_types = [URL]
 	output_types = [Url]
 
 
 class HttpCrawler(Command):
 	meta_opts = {k: OPTS[k] for k in OPTS_HTTP_CRAWLERS}
-	input_type = URL
+	input_types = [URL]
 	output_types = [Url]
 
 
 class HttpFuzzer(Command):
 	meta_opts = {k: OPTS[k] for k in OPTS_HTTP_FUZZERS}
-	input_type = URL
+	input_types = [URL]
 	output_types = [Url]
 
 
@@ -94,22 +99,22 @@ class Recon(Command):
 
 
 class ReconDns(Recon):
-	input_type = HOST
+	input_types = [HOST]
 	output_types = [Subdomain]
 
 
 class ReconUser(Recon):
-	input_type = USERNAME
+	input_types = [USERNAME]
 	output_types = [UserAccount]
 
 
 class ReconIp(Recon):
-	input_type = CIDR_RANGE
+	input_types = [CIDR_RANGE]
 	output_types = [Ip]
 
 
 class ReconPort(Recon):
-	input_type = IP
+	input_types = [IP]
 	output_types = [Port]
 
 
@@ -388,11 +393,11 @@ class Vuln(Command):
 
 	@cache
 	@staticmethod
-	def lookup_ghsa(ghsa_id):
+	def lookup_cve_from_ghsa(ghsa_id):
 		"""Search for a GHSA on Github and and return associated CVE vulnerability data.
 
 		Args:
-			ghsa (str): CVE ID in the form GHSA-*
+			ghsa (str): GHSA ID in the form GHSA-*
 
 		Returns:
 			dict: vulnerability data.
@@ -405,7 +410,10 @@ class Vuln(Command):
 			return None
 		soup = BeautifulSoup(resp.text, 'lxml')
 		sidebar_items = soup.find_all('div', {'class': 'discussion-sidebar-item'})
-		cve_id = sidebar_items[2].find('div').text.strip()
+		cve_id = sidebar_items[3].find('div').text.strip()
+		if not cve_id.startswith('CVE'):
+			debug(f'{ghsa_id}: No CVE_ID extracted from https://github.com/advisories/{ghsa_id}', sub='cve')
+			return None
 		vuln = Vuln.lookup_cve(cve_id)
 		if vuln:
 			vuln[TAGS].append('ghsa')
@@ -426,15 +434,15 @@ class Vuln(Command):
 
 
 class VulnHttp(Vuln):
-	input_type = HOST
+	input_types = [HOST]
 
 
 class VulnCode(Vuln):
-	input_type = PATH
+	input_types = [PATH]
 
 
 class VulnMulti(Vuln):
-	input_type = HOST
+	input_types = [HOST]
 	output_types = [Vulnerability]
 
 
@@ -443,7 +451,7 @@ class VulnMulti(Vuln):
 #--------------#
 
 class Tagger(Command):
-	input_type = URL
+	input_types = [URL]
 	output_types = [Tag]
 
 #----------------#

secator/tasks/arjun.py

@@ -0,0 +1,92 @@
+import os
+import yaml
+
+from secator.decorators import task
+from secator.definitions import (OUTPUT_PATH, RATE_LIMIT, THREADS, DELAY, TIMEOUT, METHOD, WORDLIST,
+								 HEADER, URL, FOLLOW_REDIRECT)
+from secator.output_types import Info, Url, Warning, Error
+from secator.runners import Command
+from secator.tasks._categories import OPTS
+from secator.utils import process_wordlist
+
+
+@task()
+class arjun(Command):
+	"""HTTP Parameter Discovery Suite."""
+	cmd = 'arjun'
+	tags = ['url', 'fuzz', 'params']
+	input_flag = '-u'
+	input_types = [URL]
+	version_flag = ' '
+	opts = {
+		'chunk_size': {'type': int, 'help': 'Control query/chunk size'},
+		'stable': {'is_flag': True, 'default': False, 'help': 'Use stable mode'},
+		'include': {'type': str, 'help': 'Include persistent data (e.g: "api_key=xxxxx" or {"api_key": "xxxx"})'},
+		'passive': {'is_flag': True, 'default': False, 'help': 'Passive mode'},
+		'casing': {'type': str, 'help': 'Casing style for params e.g. like_this, likeThis, LIKE_THIS, like_this'},  # noqa: E501
+		WORDLIST: {'type': str, 'short': 'w', 'default': None, 'process': process_wordlist, 'help': 'Wordlist to use (default: arjun wordlist)'},  # noqa: E501
+	}
+	meta_opts = {
+		THREADS: OPTS[THREADS],
+		DELAY: OPTS[DELAY],
+		TIMEOUT: OPTS[TIMEOUT],
+		RATE_LIMIT: OPTS[RATE_LIMIT],
+		METHOD: OPTS[METHOD],
+		HEADER: OPTS[HEADER],
+		FOLLOW_REDIRECT: OPTS[FOLLOW_REDIRECT],
+	}
+	opt_key_map = {
+		THREADS: 't',
+		DELAY: 'd',
+		TIMEOUT: 'T',
+		RATE_LIMIT: '--rate-limit',
+		METHOD: 'm',
+		WORDLIST: 'w',
+		HEADER: '--headers',
+		'chunk_size': 'c',
+		'stable': '--stable',
+		'passive': '--passive',
+		'casing': '--casing',
+		'follow_redirect': '--follow-redirect',
+	}
+	output_types = [Url]
+	install_version = '2.2.7'
+	install_cmd = 'pipx install arjun==[install_version] --force'
+	install_github_handle = 's0md3v/Arjun'
+
+	@staticmethod
+	def on_line(self, line):
+		if 'Processing chunks' in line:
+			return ''
+		return line
+
+	@staticmethod
+	def on_cmd(self):
+		follow_redirect = self.get_opt_value(FOLLOW_REDIRECT)
+		self.cmd = self.cmd.replace(' --follow-redirect', '')
+		if not follow_redirect:
+			self.cmd += ' --disable-redirects'
+
+		self.output_path = self.get_opt_value(OUTPUT_PATH)
+		if not self.output_path:
+			self.output_path = f'{self.reports_folder}/.outputs/{self.unique_name}.json'
+		self.cmd += f' -oJ {self.output_path}'
+
+	@staticmethod
+	def on_cmd_done(self):
+		if not os.path.exists(self.output_path):
+			yield Error(message=f'Could not find JSON results in {self.output_path}')
+			return
+		yield Info(message=f'JSON results saved to {self.output_path}')
+		with open(self.output_path, 'r') as f:
+			results = yaml.safe_load(f.read())
+			if not results:
+				yield Warning(message='No results found !')
+				return
+		for url, values in results.items():
+			for param in values['params']:
+				yield Url(
+					url=url + '?' + param + '=' + 'FUZZ',
+					headers=values['headers'],
+					method=values['method'],
+				)

secator/tasks/bbot.py

@@ -2,6 +2,7 @@ import shutil
 
 from secator.config import CONFIG
 from secator.decorators import task
+from secator.definitions import FILENAME, HOST, IP, ORG_NAME, PORT, URL, USERNAME
 from secator.runners import Command
 from secator.serializers import RegexSerializer
 from secator.output_types import Vulnerability, Port, Url, Record, Ip, Tag, Info, Error
@@ -121,6 +122,29 @@ BBOT_PRESETS = [
 	'web-screenshots',
 	'web-thorough'
 ]
+BBOT_FLAGS = [
+	'active',
+	'affiliates',
+	'aggressive',
+	'baddns',
+	'cloud-enum,'
+	'code-enum,deadly',
+	'email-enum',
+	'iis-shortnames',
+	'passive',
+	'portscan',
+	'report',
+	'safe',
+	'service-enum',
+	'slow',
+	'social-enum',
+	'subdomain-enum',
+	'subdomain-hijack',
+	'web-basic',
+	'web-paramminer',
+	'web-screenshots',
+	'web-thorough'
+]
 BBOT_MODULES_STR = ' '.join(BBOT_MODULES)
 BBOT_MAP_TYPES = {
 	'IP_ADDRESS': Ip,
@@ -154,17 +178,21 @@ def output_discriminator(self, item):
 class bbot(Command):
 	"""Multipurpose scanner."""
 	cmd = 'bbot -y --allow-deadly --force'
+	tags = ['vuln', 'scan']
 	json_flag = '--json'
 	input_flag = '-t'
+	input_types = [HOST, IP, URL, PORT, ORG_NAME, USERNAME, FILENAME]
 	file_flag = None
 	version_flag = '--help'
 	opts = {
-		'modules': {'type': str, 'short': 'm', 'default': '', 'help': ','.join(BBOT_MODULES)},
-		'presets': {'type': str, 'short': 'ps', 'default': 'kitchen-sink', 'help': ','.join(BBOT_PRESETS), 'shlex': False},
+		'modules': {'type': str, 'short': 'm', 'help': ','.join(BBOT_MODULES)},
+		'presets': {'type': str, 'short': 'ps', 'help': ','.join(BBOT_PRESETS), 'shlex': False},
+		'flags': {'type': str, 'short': 'fl', 'help': ','.join(BBOT_FLAGS)}
 	}
 	opt_key_map = {
 		'modules': 'm',
-		'presets': 'p'
+		'presets': 'p',
+		'flags': 'f'
 	}
 	opt_value_map = {
 		'presets': lambda x: ' '.join(x.split(','))
@@ -222,7 +250,8 @@ class bbot(Command):
 		'apk': ['python3-dev', 'linux-headers', 'musl-dev', 'gcc', 'git', 'openssl', 'unzip', 'tar', 'chromium'],
 		'*': ['gcc', 'git', 'openssl', 'unzip', 'tar', 'chromium']
 	}
-	install_cmd = 'pipx install bbot && pipx upgrade bbot'
+	install_version = '2.4.2'
+	install_cmd = 'pipx install bbot==[install_version] --force'
 	install_post = {
 		'*': f'rm -fr {CONFIG.dirs.share}/pipx/venvs/bbot/lib/python3.12/site-packages/ansible_collections/*'
 	}

secator/tasks/bup.py

@@ -16,8 +16,9 @@ from secator.tasks._categories import Http
 class bup(Http):
 	"""40X bypasser."""
 	cmd = 'bup'
+	tags = ['url', 'bypass']
 	input_flag = '-u'
-	input_type = URL
+	input_types = [URL]
 	json_flag = '--jsonl'
 	opt_prefix = '--'
 	opts = {
@@ -63,7 +64,8 @@ class bup(Http):
 			'stored_response_path': 'response_html_filename',
 		}
 	}
-	install_cmd = 'pipx install bypass-url-parser && pipx upgrade bypass-url-parser'
+	install_version = '0.4.4'
+	install_cmd = 'pipx install bypass-url-parser==[install_version] --force'
 
 	@staticmethod
 	def on_init(self):