secator 0.10.1a12__py3-none-any.whl → 0.15.1__py3-none-any.whl

secator/tasks/cariddi.py

@@ -13,12 +13,20 @@ from secator.tasks._categories import HttpCrawler
 @task()
 class cariddi(HttpCrawler):
 	"""Crawl endpoints, secrets, api keys, extensions, tokens..."""
-	cmd = 'cariddi -info -s -err -e -ext 1'
-	input_type = URL
+	cmd = 'cariddi'
+	tags = ['url', 'crawl']
+	input_types = [URL]
 	input_flag = OPT_PIPE_INPUT
 	output_types = [Url, Tag]
 	file_flag = OPT_PIPE_INPUT
 	json_flag = '-json'
+	opts = {
+		'info': {'is_flag': True, 'short': 'info', 'help': 'Hunt for useful informations in websites.'},
+		'secrets': {'is_flag': True, 'short': 'secrets', 'help': 'Hunt for secrets.'},
+		'errors': {'is_flag': True, 'short': 'err', 'help': 'Hunt for errors in websites.'},
+		'juicy_extensions': {'type': int, 'short': 'jext', 'help': 'Hunt for juicy file extensions. Integer from 1(juicy) to 7(not juicy)'},  # noqa: E501
+		'juicy_endpoints': {'is_flag': True, 'short': 'jep', 'help': 'Hunt for juicy endpoints.'}
+	}
 	opt_key_map = {
 		HEADER: 'headers',
 		DELAY: 'd',
@@ -38,10 +46,15 @@ class cariddi(HttpCrawler):
 		RETRIES: OPT_NOT_SUPPORTED,
 		THREADS: 'c',
 		TIMEOUT: 't',
-		USER_AGENT: 'ua'
+		USER_AGENT: 'ua',
+		'secrets': 's',
+		'errors': 'err',
+		'juicy_endpoints': 'e',
+		'juicy_extensions': 'ext'
 	}
 	item_loaders = [JSONSerializer()]
-	install_cmd = 'go install -v github.com/edoardottt/cariddi/cmd/cariddi@latest'
+	install_version = 'v1.3.6'
+	install_cmd = 'go install -v github.com/edoardottt/cariddi/cmd/cariddi@[install_version]'
 	install_github_handle = 'edoardottt/cariddi'
 	encoding = 'ansi'
 	proxychains = False

secator/tasks/dalfox.py

@@ -21,7 +21,8 @@ DALFOX_TYPE_MAP = {
 class dalfox(VulnHttp):
 	"""Powerful open source XSS scanning tool."""
 	cmd = 'dalfox'
-	input_type = URL
+	tags = ['url', 'fuzz']
+	input_types = [URL]
 	input_flag = 'url'
 	file_flag = 'file'
 	# input_chunk_size = 1
@@ -55,7 +56,8 @@ class dalfox(VulnHttp):
 			SEVERITY: lambda x: x['severity'].lower()
 		}
 	}
-	install_cmd = 'go install -v github.com/hahwul/dalfox/v2@v2.9.3'
+	install_version = 'v2.11.0'
+	install_cmd = 'go install -v github.com/hahwul/dalfox/v2@latest'
 	install_github_handle = 'hahwul/dalfox'
 	encoding = 'ansi'
 	proxychains = False

secator/tasks/dirsearch.py

@@ -9,7 +9,7 @@ from secator.definitions import (CONTENT_LENGTH, CONTENT_TYPE, DELAY, DEPTH,
 							   MATCH_CODES, MATCH_REGEX, MATCH_SIZE,
 							   MATCH_WORDS, METHOD, OPT_NOT_SUPPORTED, OUTPUT_PATH, PROXY,
 							   RATE_LIMIT, RETRIES, STATUS_CODE,
-							   THREADS, TIMEOUT, USER_AGENT, WORDLIST)
+							   THREADS, TIMEOUT, USER_AGENT, WORDLIST, URL)
 from secator.output_types import Url, Info, Error
 from secator.tasks._categories import HttpFuzzer
 
@@ -18,6 +18,8 @@ from secator.tasks._categories import HttpFuzzer
 class dirsearch(HttpFuzzer):
 	"""Advanced web path brute-forcer."""
 	cmd = 'dirsearch'
+	tags = ['url', 'fuzz']
+	input_types = [URL]
 	input_flag = '-u'
 	file_flag = '-l'
 	json_flag = '-O json'
@@ -52,7 +54,7 @@ class dirsearch(HttpFuzzer):
 			STATUS_CODE: 'status'
 		}
 	}
-	install_cmd = 'pipx install --force git+https://github.com/maurosoria/dirsearch'
+	install_cmd = 'pipx install git+https://github.com/maurosoria/dirsearch.git --force'
 	proxychains = True
 	proxy_socks5 = True
 	proxy_http = True

secator/tasks/dnsx.py

@@ -1,5 +1,5 @@
 from secator.decorators import task
-from secator.definitions import (OPT_PIPE_INPUT, RATE_LIMIT, RETRIES, THREADS)
+from secator.definitions import (HOST, OPT_PIPE_INPUT, RATE_LIMIT, RETRIES, THREADS)
 from secator.output_types import Record, Ip, Subdomain
 from secator.output_types.ip import IpProtocol
 from secator.tasks._categories import ReconDns
@@ -11,8 +11,10 @@ from secator.utils import extract_domain_info
 class dnsx(ReconDns):
 	"""dnsx is a fast and multi-purpose DNS toolkit designed for running various retryabledns library."""
 	cmd = 'dnsx -resp -recon'
+	tags = ['dns', 'fuzz']
 	json_flag = '-json'
 	input_flag = OPT_PIPE_INPUT
+	input_types = [HOST]
 	file_flag = OPT_PIPE_INPUT
 	output_types = [Record, Ip, Subdomain]
 	opt_key_map = {
@@ -26,7 +28,8 @@ class dnsx(ReconDns):
 		'wildcard_domain': {'type': str, 'short': 'wd', 'help': 'Domain name for wildcard filtering'},
 	}
 	item_loaders = [JSONSerializer()]
-	install_cmd = 'go install -v github.com/projectdiscovery/dnsx/cmd/dnsx@latest'
+	install_version = 'v1.2.2'
+	install_cmd = 'go install -v github.com/projectdiscovery/dnsx/cmd/dnsx@[install_version]'
 	install_github_handle = 'projectdiscovery/dnsx'
 	profile = 'io'
 

secator/tasks/dnsxbrute.py

@@ -11,8 +11,10 @@ from secator.utils import process_wordlist
 class dnsxbrute(ReconDns):
     """dnsx is a fast and multi-purpose DNS toolkit designed for running various library."""
     cmd = 'dnsx'
+    tags = ['dns', 'fuzz']
     json_flag = '-json'
     input_flag = '-domain'
+    input_types = [HOST]
     file_flag = '-domain'
     opt_key_map = {
         RATE_LIMIT: 'rate-limit',
@@ -34,6 +36,7 @@ class dnsxbrute(ReconDns):
 			}
         }
     }
-    install_cmd = 'go install -v github.com/projectdiscovery/dnsx/cmd/dnsx@latest'
+    install_version = 'v1.2.2'
+    install_cmd = 'go install -v github.com/projectdiscovery/dnsx/cmd/dnsx@[install_version]'
     install_github_handle = 'projectdiscovery/dnsx'
     profile = 'io'

secator/tasks/feroxbuster.py

@@ -6,7 +6,7 @@ from secator.definitions import (CONTENT_TYPE, DELAY, DEPTH, FILTER_CODES,
 							   MATCH_REGEX, MATCH_SIZE, MATCH_WORDS, METHOD,
 							   OPT_NOT_SUPPORTED, OPT_PIPE_INPUT, PROXY,
 							   RATE_LIMIT, RETRIES, STATUS_CODE,
-							   THREADS, TIMEOUT, USER_AGENT, WORDLIST, WORDS, DEFAULT_FEROXBUSTER_FLAGS)
+							   THREADS, TIMEOUT, USER_AGENT, WORDLIST, WORDS, URL)
 from secator.output_types import Url
 from secator.serializers import JSONSerializer
 from secator.tasks._categories import HttpFuzzer
@@ -15,7 +15,9 @@ from secator.tasks._categories import HttpFuzzer
 @task()
 class feroxbuster(HttpFuzzer):
 	"""Simple, fast, recursive content discovery tool written in Rust"""
-	cmd = f'feroxbuster {DEFAULT_FEROXBUSTER_FLAGS}'
+	cmd = 'feroxbuster --auto-bail --no-state'
+	tags = ['url', 'fuzz']
+	input_types = [URL]
 	input_flag = '--url'
 	input_chunk_size = 1
 	file_flag = OPT_PIPE_INPUT
@@ -62,6 +64,7 @@ class feroxbuster(HttpFuzzer):
 	install_pre = {
 		'*': ['curl', 'bash']
 	}
+	install_version = 'v2.11.0'
 	install_cmd = (
 		f'cd /tmp && curl -sL https://raw.githubusercontent.com/epi052/feroxbuster/master/install-nix.sh | bash -s {CONFIG.dirs.bin}'  # noqa: E501
 	)

secator/tasks/ffuf.py

@@ -7,7 +7,7 @@ from secator.definitions import (AUTO_CALIBRATION, CONTENT_LENGTH,
 								 MATCH_WORDS, METHOD, OPT_NOT_SUPPORTED,
 								 PERCENT, PROXY, RATE_LIMIT, RETRIES,
 								 STATUS_CODE, THREADS, TIME, TIMEOUT,
-								 USER_AGENT, WORDLIST)
+								 USER_AGENT, WORDLIST, URL)
 from secator.output_types import Progress, Url
 from secator.serializers import JSONSerializer, RegexSerializer
 from secator.tasks._categories import HttpFuzzer
@@ -18,7 +18,9 @@ FFUF_PROGRESS_REGEX = r':: Progress: \[(?P<count>\d+)/(?P<total>\d+)\] :: Job \[
 @task()
 class ffuf(HttpFuzzer):
 	"""Fast web fuzzer written in Go."""
-	cmd = 'ffuf -noninteractive -recursion'
+	cmd = 'ffuf -noninteractive'
+	tags = ['url', 'fuzz']
+	input_types = [URL]
 	input_flag = '-u'
 	input_chunk_size = 1
 	file_flag = None
@@ -30,6 +32,7 @@ class ffuf(HttpFuzzer):
 	]
 	opts = {
 		AUTO_CALIBRATION: {'is_flag': True, 'short': 'ac', 'help': 'Auto-calibration'},
+		'recursion': {'is_flag': True, 'default': True, 'short': 'recursion', 'help': 'Recursion'},
 	}
 	opt_key_map = {
 		HEADER: 'H',
@@ -70,7 +73,8 @@ class ffuf(HttpFuzzer):
 		},
 	}
 	encoding = 'ansi'
-	install_cmd = 'go install -v github.com/ffuf/ffuf@latest'
+	install_version = 'v2.1.0'
+	install_cmd = 'go install -v github.com/ffuf/ffuf/v2@[install_version]'
 	install_github_handle = 'ffuf/ffuf'
 	proxychains = False
 	proxy_socks5 = True

secator/tasks/fping.py

@@ -11,8 +11,10 @@ from secator.tasks._categories import ReconIp
 class fping(ReconIp):
 	"""Send ICMP echo probes to network hosts, similar to ping, but much better."""
 	cmd = 'fping -a'
+	tags = ['ip', 'recon']
 	file_flag = '-f'
 	input_flag = None
+	input_types = [IP]
 	opt_prefix = '--'
 	opt_key_map = {
 		DELAY: 'period',
@@ -26,9 +28,10 @@ class fping(ReconIp):
 		DELAY: lambda x: x * 1000,  # convert s to ms
 		TIMEOUT: lambda x: x * 1000  # convert s to ms
 	}
-	input_type = IP
+	input_types = [IP]
 	output_types = [Ip]
 	install_pre = {'*': ['fping']}
+	ignore_return_code = True
 
 	@staticmethod
 	def item_loader(self, line):

secator/tasks/gau.py

@@ -4,7 +4,7 @@ from secator.definitions import (DELAY, DEPTH, FILTER_CODES, FILTER_REGEX,
 							   HEADER, MATCH_CODES, MATCH_REGEX, MATCH_SIZE,
 							   MATCH_WORDS, METHOD, OPT_NOT_SUPPORTED,
 							   OPT_PIPE_INPUT, PROXY, RATE_LIMIT, RETRIES,
-							   THREADS, TIMEOUT, USER_AGENT)
+							   THREADS, TIMEOUT, USER_AGENT, URL)
 from secator.serializers import JSONSerializer
 from secator.tasks._categories import HttpCrawler
 
@@ -13,6 +13,8 @@ from secator.tasks._categories import HttpCrawler
 class gau(HttpCrawler):
 	"""Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, Common Crawl, and URLScan."""
 	cmd = 'gau'
+	tags = ['pattern', 'scan']
+	input_types = [URL]
 	file_flag = OPT_PIPE_INPUT
 	json_flag = '--json'
 	opt_prefix = '--'
@@ -44,7 +46,8 @@ class gau(HttpCrawler):
 	install_pre = {
 		'apk': ['libc6-compat']
 	}
-	install_cmd = 'go install -v github.com/lc/gau/v2/cmd/gau@latest'
+	install_version = 'v2.2.4'
+	install_cmd = 'go install -v github.com/lc/gau/v2/cmd/gau@[install_version]'
 	install_github_handle = 'lc/gau'
 	proxychains = False
 	proxy_socks5 = True

secator/tasks/gf.py

@@ -8,6 +8,7 @@ from secator.tasks._categories import Tagger
 class gf(Tagger):
 	"""Wrapper around grep, to help you grep for things."""
 	cmd = 'gf'
+	tags = ['pattern', 'scan']
 	file_flag = OPT_PIPE_INPUT
 	input_flag = OPT_PIPE_INPUT
 	version_flag = OPT_NOT_SUPPORTED
@@ -17,7 +18,7 @@ class gf(Tagger):
 	opt_key_map = {
 		'pattern': ''
 	}
-	input_type = URL
+	input_types = [URL]
 	install_cmd = (
 		'go install -v github.com/tomnomnom/gf@latest && '
 		'git clone https://github.com/1ndianl33t/Gf-Patterns $HOME/.gf || true'
@@ -30,5 +31,6 @@ class gf(Tagger):
 
 	@staticmethod
 	def on_item(self, item):
-		item.extra_data = {'source': 'url'}
+		if isinstance(item, Tag):
+			item.extra_data = {'source': 'url'}
 		return item

secator/tasks/gitleaks.py

@@ -0,0 +1,79 @@
+import click
+import os
+import yaml
+
+from secator.config import CONFIG
+from secator.decorators import task
+from secator.runners import Command
+from secator.definitions import (OUTPUT_PATH, PATH, GIT_REPOSITORY)
+from secator.utils import caml_to_snake
+from secator.output_types import Tag, Info, Error
+
+
+@task()
+class gitleaks(Command):
+	"""Tool for detecting secrets like passwords, API keys, and tokens in git repos, files, and stdin."""
+	cmd = 'gitleaks'
+	tags = ['secret', 'scan']
+	input_types = [PATH, GIT_REPOSITORY]
+	input_flag = None
+	json_flag = '-f json'
+	opt_prefix = '--'
+	opts = {
+		'ignore_path': {'type': str, 'help': 'Path to .gitleaksignore file or folder containing one'},
+		'mode': {'type': click.Choice(['git', 'dir']), 'default': 'dir', 'help': 'Gitleaks mode', 'internal': True, 'display': True},  # noqa: E501
+		'config': {'type': str, 'short': 'config', 'help': 'Gitleaks config file path'}
+	}
+	opt_key_map = {
+		"ignore_path": "gitleaks-ignore-path"
+	}
+	input_type = "folder"
+	output_types = [Tag]
+	output_map = {
+		Tag: {
+			'name': 'RuleID',
+			'match': lambda x: f'{x["File"]}:{x["StartLine"]}:{x["StartColumn"]}',
+			'extra_data': lambda x: {caml_to_snake(k): v for k, v in x.items() if k not in ['RuleID', 'File']}
+		}
+	}
+	install_pre = {'*': ['git', 'make']}
+	install_version = 'v8.24.3'
+	install_cmd = (
+		f'git clone https://github.com/gitleaks/gitleaks.git {CONFIG.dirs.share}/gitleaks_[install_version] || true &&'
+		f'cd {CONFIG.dirs.share}/gitleaks_[install_version] && make build &&'
+		f'mv {CONFIG.dirs.share}/gitleaks_[install_version]/gitleaks {CONFIG.dirs.bin}'
+	)
+	install_github_handle = 'gitleaks/gitleaks'
+
+	@staticmethod
+	def on_cmd(self):
+		# replace fake -mode opt by subcommand
+		mode = self.get_opt_value('mode')
+		self.cmd = self.cmd.replace(f'{gitleaks.cmd} ', f'{gitleaks.cmd} {mode} ')
+
+		# add output path
+		output_path = self.get_opt_value(OUTPUT_PATH)
+		if not output_path:
+			output_path = f'{self.reports_folder}/.outputs/{self.unique_name}.json'
+		self.output_path = output_path
+		self.cmd += f' -r {self.output_path}'
+		self.cmd += ' --exit-code 0'
+
+	@staticmethod
+	def on_cmd_done(self):
+		if not os.path.exists(self.output_path):
+			yield Error(message=f'Could not find JSON results in {self.output_path}')
+			return
+
+		yield Info(message=f'JSON results saved to {self.output_path}')
+		with open(self.output_path, 'r') as f:
+			results = yaml.safe_load(f.read())
+		for result in results:
+			yield Tag(
+				name=result['RuleID'],
+				match='{File}:{StartLine}:{StartColumn}'.format(**result),
+				extra_data={
+					caml_to_snake(k): v for k, v in result.items()
+					if k not in ['RuleID', 'File']
+				}
+			)

secator/tasks/gospider.py

@@ -15,9 +15,11 @@ from secator.tasks._categories import HttpCrawler
 @task()
 class gospider(HttpCrawler):
 	"""Fast web spider written in Go."""
-	cmd = 'gospider --js'
+	cmd = 'gospider'
+	tags = ['url', 'crawl']
 	file_flag = '-S'
 	input_flag = '-s'
+	input_types = [URL]
 	json_flag = '--json'
 	opt_prefix = '--'
 	opt_key_map = {
@@ -53,7 +55,8 @@ class gospider(HttpCrawler):
 			CONTENT_LENGTH: 'length',
 		}
 	}
-	install_cmd = 'go install -v github.com/jaeles-project/gospider@latest'
+	install_version = 'v1.1.6'
+	install_cmd = 'go install -v github.com/jaeles-project/gospider@[install_version]'
 	install_github_handle = 'jaeles-project/gospider'
 	proxychains = False
 	proxy_socks5 = True  # with leaks... https://github.com/jaeles-project/gospider/issues/61

secator/tasks/grype.py

@@ -2,7 +2,7 @@ from secator.config import CONFIG
 from secator.decorators import task
 from secator.definitions import (DELAY, FOLLOW_REDIRECT, HEADER,
 							   OPT_NOT_SUPPORTED, PROXY, RATE_LIMIT, RETRIES,
-							   THREADS, TIMEOUT, USER_AGENT)
+							   THREADS, TIMEOUT, USER_AGENT, PATH, DOCKER_IMAGE)
 from secator.output_types import Vulnerability
 from secator.tasks._categories import VulnCode
 
@@ -11,6 +11,8 @@ from secator.tasks._categories import VulnCode
 class grype(VulnCode):
 	"""Vulnerability scanner for container images and filesystems."""
 	cmd = 'grype --quiet'
+	tags = ['vuln', 'scan']
+	input_types = [PATH, DOCKER_IMAGE]
 	input_flag = ''
 	file_flag = OPT_NOT_SUPPORTED
 	json_flag = None
@@ -30,6 +32,7 @@ class grype(VulnCode):
 	install_pre = {
 		'*': ['curl']
 	}
+	install_version = 'v0.91.2'
 	install_cmd = (
 		f'curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b {CONFIG.dirs.bin}'
 	)
@@ -66,7 +69,7 @@ class grype(VulnCode):
 		if vuln_id.startswith('GHSA'):
 			data['provider'] = 'github.com'
 			data['references'] = [f'https://github.com/advisories/{vuln_id}']
-			vuln = VulnCode.lookup_ghsa(vuln_id)
+			vuln = VulnCode.lookup_cve_from_ghsa(vuln_id)
 			if vuln:
 				data.update(vuln)
 				data['severity'] = data['severity'] or severity.lower()

secator/tasks/h8mail.py

@@ -11,9 +11,10 @@ from secator.output_types import UserAccount, Info, Error
 class h8mail(OSInt):
 	"""Email information and password lookup tool."""
 	cmd = 'h8mail'
+	tags = ['user', 'recon', 'email']
 	json_flag = '--json '
 	input_flag = '--targets'
-	input_type = EMAIL
+	input_types = [EMAIL]
 	file_flag = '-domain'
 	version_flag = '--help'
 	opt_prefix = '--'
@@ -21,7 +22,8 @@ class h8mail(OSInt):
 		'config': {'type': str, 'help': 'Configuration file for API keys'},
 		'local_breach': {'type': str, 'short': 'lb', 'help': 'Local breach file'}
 	}
-	install_cmd = 'pipx install h8mail && pipx upgrade h8mail'
+	install_version = '2.5.6'
+	install_cmd = 'pipx install h8mail==[install_version] --force'
 
 	@staticmethod
 	def on_start(self):

secator/tasks/httpx.py

@@ -3,7 +3,7 @@ import os
 from secator.decorators import task
 from secator.definitions import (DELAY, DEPTH, FILTER_CODES, FILTER_REGEX, FILTER_SIZE, FILTER_WORDS, FOLLOW_REDIRECT,
 								 HEADER, MATCH_CODES, MATCH_REGEX, MATCH_SIZE, MATCH_WORDS, METHOD, OPT_NOT_SUPPORTED,
-								 PROXY, RATE_LIMIT, RETRIES, THREADS, TIMEOUT, URL, USER_AGENT)
+								 PROXY, RATE_LIMIT, RETRIES, THREADS, TIMEOUT, URL, USER_AGENT, HOST, IP)
 from secator.config import CONFIG
 from secator.output_types import Url, Subdomain
 from secator.serializers import JSONSerializer
@@ -15,8 +15,10 @@ from secator.utils import (sanitize_url, extract_domain_info, extract_subdomains
 class httpx(Http):
 	"""Fast and multi-purpose HTTP toolkit."""
 	cmd = 'httpx'
+	tags = ['url', 'probe']
 	file_flag = '-l'
 	input_flag = '-u'
+	input_types = [HOST, IP, URL]
 	json_flag = '-json'
 	opts = {
 		# 'silent': {'is_flag': True, 'default': False, 'help': 'Silent mode'},
@@ -33,7 +35,7 @@ class httpx(Http):
 		'system_chrome': {'is_flag': True, 'default': False, 'help': 'Use local installed Chrome for screenshot'},
 		'headless_options': {'is_flag': False, 'short': 'ho', 'default': None, 'help': 'Headless Chrome additional options'},
 		'follow_host_redirects': {'is_flag': True, 'short': 'fhr', 'default': None, 'help': 'Follow redirects on the same host'},  # noqa: E501
-		'tech_detect': {'is_flag': True, 'short': 'td', 'default': True, 'help': 'Tech detection'},
+		'tech_detect': {'is_flag': True, 'short': 'td', 'default': False, 'help': 'Tech detection'},
 		'tls_grab': {'is_flag': True, 'short': 'tlsg', 'default': False, 'help': 'Grab some informations from the tls certificate'},  # noqa: E501
 		'rstr': {'type': int, 'default': CONFIG.http.response_max_size_bytes, 'help': 'Max body size to read (bytes)'},
 		'rsts': {'type': int, 'default': CONFIG.http.response_max_size_bytes, 'help': 'Max body size to save (bytes)'}
@@ -68,7 +70,8 @@ class httpx(Http):
 	install_pre = {
 		'apk': ['chromium']
 	}
-	install_cmd = 'go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest'
+	install_version = 'v1.7.0'
+	install_cmd = 'go install -v github.com/projectdiscovery/httpx/cmd/httpx@[install_version]'
 	install_github_handle = 'projectdiscovery/httpx'
 	proxychains = False
 	proxy_socks5 = True

secator/tasks/katana.py

@@ -17,8 +17,10 @@ from secator.tasks._categories import HttpCrawler
 class katana(HttpCrawler):
 	"""Next-generation crawling and spidering framework."""
 	cmd = 'katana'
+	tags = ['url', 'crawl']
 	file_flag = '-list'
 	input_flag = '-u'
+	input_types = [URL]
 	json_flag = '-jsonl'
 	opts = {
 		'headless': {'is_flag': True, 'short': 'hl', 'help': 'Headless mode'},
@@ -26,8 +28,8 @@ class katana(HttpCrawler):
 		'form_extraction': {'is_flag': True, 'short': 'fx', 'help': 'Detect forms'},
 		'store_responses': {'is_flag': True, 'short': 'sr', 'default': CONFIG.http.store_responses, 'help': 'Store responses'},  # noqa: E501
 		'form_fill': {'is_flag': True, 'short': 'ff', 'help': 'Enable form filling'},
-		'js_crawl': {'is_flag': True, 'short': 'jc', 'default': True, 'help': 'Enable endpoint parsing / crawling in javascript file'},  # noqa: E501
-		'jsluice': {'is_flag': True, 'short': 'jsl', 'default': True, 'help': 'Enable jsluice parsing in javascript file (memory intensive)'},  # noqa: E501
+		'js_crawl': {'is_flag': True, 'short': 'jc', 'default': False, 'help': 'Enable endpoint parsing / crawling in javascript file'},  # noqa: E501
+		'jsluice': {'is_flag': True, 'short': 'jsl', 'default': False, 'help': 'Enable jsluice parsing in javascript file (memory intensive)'},  # noqa: E501
 		'known_files': {'type': str, 'short': 'kf', 'default': 'all', 'help': 'Enable crawling of known files (all, robotstxt, sitemapxml)'},  # noqa: E501
 		'omit_raw': {'is_flag': True, 'short': 'or', 'default': True, 'help': 'Omit raw requests/responses from jsonl output'},  # noqa: E501
 		'omit_body': {'is_flag': True, 'short': 'ob', 'default': True, 'help': 'Omit response body from jsonl output'},
@@ -78,7 +80,8 @@ class katana(HttpCrawler):
 	install_pre = {
 		'apk': ['libc6-compat']
 	}
-	install_cmd = 'go install -v github.com/projectdiscovery/katana/cmd/katana@latest'
+	install_version = 'v1.1.3'
+	install_cmd = 'go install -v github.com/projectdiscovery/katana/cmd/katana@[install_version]'
 	install_github_handle = 'projectdiscovery/katana'
 	proxychains = False
 	proxy_socks5 = True

secator/tasks/maigret.py

@@ -17,8 +17,10 @@ logger = logging.getLogger(__name__)
 class maigret(ReconUser):
 	"""Collect a dossier on a person by username."""
 	cmd = 'maigret'
+	tags = ['user', 'recon', 'username']
 	file_flag = None
 	input_flag = None
+	input_types = [USERNAME]
 	json_flag = '--json ndjson'
 	opt_prefix = '--'
 	opts = {
@@ -32,7 +34,7 @@ class maigret(ReconUser):
 		TIMEOUT: 'timeout',
 		THREADS: OPT_NOT_SUPPORTED
 	}
-	input_type = USERNAME
+	input_types = [USERNAME]
 	output_types = [UserAccount]
 	output_map = {
 		UserAccount: {
@@ -41,7 +43,7 @@ class maigret(ReconUser):
 			EXTRA_DATA: lambda x: x['status'].get('ids', {})
 		}
 	}
-	install_cmd = 'pipx install git+https://github.com/soxoj/maigret'
+	install_cmd = 'pipx install git+https://github.com/soxoj/maigret --force'
 	socks5_proxy = True
 	profile = 'io'
 

secator/tasks/mapcidr.py

@@ -10,15 +10,17 @@ from secator.tasks._categories import ReconIp
 @task()
 class mapcidr(ReconIp):
 	"""Utility program to perform multiple operations for a given subnet/cidr ranges."""
-	cmd = 'mapcidr -silent'
+	cmd = 'mapcidr'
+	tags = ['ip', 'recon']
 	input_flag = '-cidr'
 	file_flag = '-cl'
 	install_pre = {
 		'apk': ['libc6-compat']
 	}
-	install_cmd = 'go install -v github.com/projectdiscovery/mapcidr/cmd/mapcidr@latest'
+	install_version = 'v1.1.34'
+	install_cmd = 'go install -v github.com/projectdiscovery/mapcidr/cmd/mapcidr@[install_version]'
 	install_github_handle = 'projectdiscovery/mapcidr'
-	input_type = CIDR_RANGE
+	input_types = [CIDR_RANGE]
 	output_types = [Ip]
 	opt_key_map = {
 		THREADS: OPT_NOT_SUPPORTED,

secator/tasks/msfconsole.py

@@ -6,8 +6,8 @@ from rich.panel import Panel
 
 from secator.config import CONFIG
 from secator.decorators import task
-from secator.definitions import (DELAY, FOLLOW_REDIRECT, HEADER, HOST, OPT_NOT_SUPPORTED, PROXY, RATE_LIMIT, RETRIES,
-								 THREADS, TIMEOUT, USER_AGENT)
+from secator.definitions import (DELAY, FOLLOW_REDIRECT, HEADER, HOST, IP, OPT_NOT_SUPPORTED, PROXY, RATE_LIMIT,
+								 RETRIES, THREADS, TIMEOUT, USER_AGENT, URL)
 from secator.tasks._categories import VulnMulti
 from secator.utils import get_file_timestamp
 
@@ -18,8 +18,9 @@ logger = logging.getLogger(__name__)
 class msfconsole(VulnMulti):
 	"""CLI to access and work with the Metasploit Framework."""
 	cmd = 'msfconsole --quiet'
+	tags = ['exploit', 'attack']
 	version_flag = OPT_NOT_SUPPORTED
-	input_type = HOST
+	input_types = [HOST, IP, URL]
 	input_chunk_size = 1
 	output_types = []
 	opt_prefix = '--'
@@ -48,14 +49,15 @@ class msfconsole(VulnMulti):
 		'pacman': ['ruby-erb', 'postgresql-libs', 'make'],
 		'yum|zypper': ['postgresql-devel', 'make'],
 	}
+	install_version = '6.4.59'
 	install_cmd = (
-		f'git clone --depth 1 --single-branch https://github.com/rapid7/metasploit-framework.git {CONFIG.dirs.share}/metasploit-framework || true && '  # noqa: E501
-		f'cd {CONFIG.dirs.share}/metasploit-framework && '
+		f'git clone --depth 1 --single-branch -b [install_version] https://github.com/rapid7/metasploit-framework.git {CONFIG.dirs.share}/metasploit-framework_[install_version] || true && '  # noqa: E501
+		f'cd {CONFIG.dirs.share}/metasploit-framework_[install_version] && '
 		f'gem install bundler --user-install -n {CONFIG.dirs.bin} && '
 		f'bundle config set --local path "{CONFIG.dirs.share}" && '
 		'bundle lock --normalize-platforms &&'
 		'bundle install && '
-		f'ln -sf $HOME/.local/share/metasploit-framework/msfconsole {CONFIG.dirs.bin}/msfconsole'
+		f'ln -sf $HOME/.local/share/metasploit-framework_[install_version]/msfconsole {CONFIG.dirs.bin}/msfconsole'
 	)
 
 	@staticmethod