secator 0.12.0__py3-none-any.whl → 0.14.0__py3-none-any.whl

secator/report.py

@@ -55,7 +55,7 @@ class Report:
 					f'{str(e)}[/]\n[dim]{traceback_as_string(e)}[/]',
 				)
 
-	def build(self, extractors=[], dedupe=False):
+	def build(self, extractors=[], dedupe=CONFIG.runners.remove_duplicates):
 		# Trim options
 		from secator.decorators import DEFAULT_CLI_OPTIONS
 		opts = merge_opts(self.runner.config.options, self.runner.run_opts)
@@ -97,7 +97,7 @@ class Report:
 			if items:
 				if sort_by and all(sort_by):
 					items = sorted(items, key=operator.attrgetter(*sort_by))
-				if dedupe and CONFIG.runners.remove_duplicates:
+				if dedupe:
 					items = remove_duplicates(items)
 					# items = [item for item in items if not item._duplicate and item not in dedupe_from]
 				for extractor in extractors:

secator/runners/_base.py

@@ -130,13 +130,18 @@ class Runner:
 
 		# Determine inputs
 		self.inputs = [inputs] if not isinstance(inputs, list) else inputs
-		self.filter_results(results)
+		targets = [Target(name=target) for target in self.inputs]
+		self.filter_results(results + targets)
 
 		# Debug
 		self.debug('Inputs', obj=self.inputs, sub='init')
 		self.debug('Run opts', obj={k: v for k, v in self.run_opts.items() if v is not None}, sub='init')
 		self.debug('Print opts', obj={k: v for k, v in self.print_opts.items() if v is not None}, sub='init')
 
+		# Load profiles
+		profiles_str = run_opts.get('profiles', [])
+		self.load_profiles(profiles_str)
+
 		# Determine exporters
 		exporters_str = self.run_opts.get('output') or self.default_exporters
 		self.exporters = self.resolve_exporters(exporters_str)
@@ -952,6 +957,32 @@ class Runner:
 		]
 		return [cls for cls in classes if cls]
 
+	def load_profiles(self, profiles):
+		"""Load profiles and update run options.
+
+		Args:
+			profiles (list[str]): List of profile names to resolve.
+
+		Returns:
+			list: List of profiles.
+		"""
+		from secator.cli import ALL_PROFILES
+		if isinstance(profiles, str):
+			profiles = profiles.split(',')
+		templates = []
+		for pname in profiles:
+			matches = [p for p in ALL_PROFILES if p.name == pname]
+			if not matches:
+				self._print(Warning(message=f'Profile "{pname}" was not found'), rich=True)
+			else:
+				templates.append(matches[0])
+		opts = {}
+		for profile in templates:
+			self._print(Info(message=f'Loaded profile {profile.name} ({profile.description})'), rich=True)
+			opts.update(profile.opts)
+		opts = {k: v for k, v in opts.items() if k not in self.run_opts}
+		self.run_opts.update(opts)
+
 	@classmethod
 	def get_func_path(cls, func):
 		"""Get the full symbolic path of a function or method, including staticmethods, using function and method

secator/runners/_helpers.py

@@ -18,14 +18,25 @@ def run_extractors(results, opts, inputs=[], dry_run=False):
 	"""
 	extractors = {k: v for k, v in opts.items() if k.endswith('_')}
 	errors = []
+	computed_inputs = []
+	computed_opts = {}
 	for key, val in extractors.items():
 		key = key.rstrip('_')
 		values, err = extract_from_results(results, val)
 		errors.extend(err)
 		if key == 'targets':
-			inputs = ['<COMPUTED>'] if dry_run else deduplicate(values)
+			targets = ['<COMPUTED>'] if dry_run else deduplicate(values)
+			computed_inputs.extend(targets)
 		else:
-			opts[key] = ['<COMPUTED>'] if dry_run else deduplicate(values)
+			computed_opt = ['<COMPUTED>'] if dry_run else deduplicate(values)
+			if computed_opt:
+				computed_opts[key] = computed_opt
+				opts[key] = computed_opts[key]
+	if computed_inputs:
+		debug('computed_inputs', obj=computed_inputs, sub='extractors')
+		inputs = computed_inputs
+	if computed_opts:
+		debug('computed_opts', obj=computed_opts, sub='extractors')
 	return inputs, opts, errors
 
 

secator/runners/command.py

@@ -84,6 +84,7 @@ class Command(Runner):
 	install_post = None
 	install_cmd = None
 	install_github_handle = None
+	install_version = None
 
 	# Serializer
 	item_loader = None
@@ -246,7 +247,7 @@ class Command(Runner):
 	def get_version_info(cls):
 		from secator.installer import get_version_info
 		return get_version_info(
-			cls.__name__,
+			cls.cmd.split(' ')[0],
 			cls.get_version_flag(),
 			cls.install_github_handle,
 			cls.install_cmd

secator/runners/scan.py

@@ -33,6 +33,7 @@ class Scan(Runner):
 		sigs = []
 		for name, workflow_opts in self.config.workflows.items():
 			run_opts = self.run_opts.copy()
+			run_opts.pop('profiles', None)
 			run_opts['no_poll'] = True
 			run_opts['caller'] = 'Scan'
 			opts = merge_opts(scan_opts, workflow_opts, run_opts)

secator/runners/task.py

@@ -32,6 +32,7 @@ class Task(Runner):
 		# Run opts
 		opts = self.run_opts.copy()
 		opts.pop('output', None)
+		opts.pop('profiles', None)
 		opts.pop('no_poll', False)
 
 		# Set output types

secator/tasks/_categories.py

@@ -27,7 +27,7 @@ USER_AGENTS = {
 OPTS = {
 	HEADER: {'type': str, 'help': 'Custom header to add to each request in the form "KEY1:VALUE1; KEY2:VALUE2"', 'default': 'User-Agent: ' + USER_AGENTS['chrome_134.0_win10']},  # noqa: E501
 	DELAY: {'type': float, 'short': 'd', 'help': 'Delay to add between each requests'},
-	DEPTH: {'type': int, 'help': 'Scan depth', 'default': 2},
+	DEPTH: {'type': int, 'help': 'Scan depth'},
 	FILTER_CODES: {'type': str, 'short': 'fc', 'help': 'Filter out responses with HTTP codes'},
 	FILTER_REGEX: {'type': str, 'short': 'fr', 'help': 'Filter out responses with regular expression'},
 	FILTER_SIZE: {'type': str, 'short': 'fs', 'help': 'Filter out responses with size'},
@@ -41,7 +41,7 @@ OPTS = {
 	PROXY: {'type': str, 'help': 'HTTP(s) / SOCKS5 proxy'},
 	RATE_LIMIT: {'type':  int, 'short': 'rl', 'help': 'Rate limit, i.e max number of requests per second'},
 	RETRIES: {'type': int, 'help': 'Retries'},
-	THREADS: {'type': int, 'help': 'Number of threads to run', 'default': 50},
+	THREADS: {'type': int, 'help': 'Number of threads to run'},
 	TIMEOUT: {'type': int, 'help': 'Request timeout'},
 	USER_AGENT: {'type': str, 'short': 'ua', 'help': 'User agent, e.g "Mozilla Firefox 1.0"'},
 	WORDLIST: {'type': str, 'short': 'w', 'default': 'http', 'process': process_wordlist, 'help': 'Wordlist to use'}

secator/tasks/arjun.py

@@ -49,7 +49,8 @@ class arjun(Command):
 		'follow_redirect': '--follow-redirect',
 	}
 	output_types = [Url]
-	install_cmd = 'pipx install arjun && pipx upgrade arjun'
+	install_version = '2.2.7'
+	install_cmd = 'pipx install arjun==[install_version] --force'
 	install_github_handle = 's0md3v/Arjun'
 
 	@staticmethod

secator/tasks/bbot.py

@@ -121,6 +121,29 @@ BBOT_PRESETS = [
 	'web-screenshots',
 	'web-thorough'
 ]
+BBOT_FLAGS = [
+	'active',
+	'affiliates',
+	'aggressive',
+	'baddns',
+	'cloud-enum,'
+	'code-enum,deadly',
+	'email-enum',
+	'iis-shortnames',
+	'passive',
+	'portscan',
+	'report',
+	'safe',
+	'service-enum',
+	'slow',
+	'social-enum',
+	'subdomain-enum',
+	'subdomain-hijack',
+	'web-basic',
+	'web-paramminer',
+	'web-screenshots',
+	'web-thorough'
+]
 BBOT_MODULES_STR = ' '.join(BBOT_MODULES)
 BBOT_MAP_TYPES = {
 	'IP_ADDRESS': Ip,
@@ -159,12 +182,14 @@ class bbot(Command):
 	file_flag = None
 	version_flag = '--help'
 	opts = {
-		'modules': {'type': str, 'short': 'm', 'default': '', 'help': ','.join(BBOT_MODULES)},
-		'presets': {'type': str, 'short': 'ps', 'default': 'kitchen-sink', 'help': ','.join(BBOT_PRESETS), 'shlex': False},
+		'modules': {'type': str, 'short': 'm', 'help': ','.join(BBOT_MODULES)},
+		'presets': {'type': str, 'short': 'ps', 'help': ','.join(BBOT_PRESETS), 'shlex': False},
+		'flags': {'type': str, 'short': 'fl', 'help': ','.join(BBOT_FLAGS)}
 	}
 	opt_key_map = {
 		'modules': 'm',
-		'presets': 'p'
+		'presets': 'p',
+		'flags': 'f'
 	}
 	opt_value_map = {
 		'presets': lambda x: ' '.join(x.split(','))
@@ -222,7 +247,8 @@ class bbot(Command):
 		'apk': ['python3-dev', 'linux-headers', 'musl-dev', 'gcc', 'git', 'openssl', 'unzip', 'tar', 'chromium'],
 		'*': ['gcc', 'git', 'openssl', 'unzip', 'tar', 'chromium']
 	}
-	install_cmd = 'pipx install bbot && pipx upgrade bbot'
+	install_version = '2.4.2'
+	install_cmd = 'pipx install bbot==[install_version] --force'
 	install_post = {
 		'*': f'rm -fr {CONFIG.dirs.share}/pipx/venvs/bbot/lib/python3.12/site-packages/ansible_collections/*'
 	}

secator/tasks/bup.py

@@ -63,7 +63,8 @@ class bup(Http):
 			'stored_response_path': 'response_html_filename',
 		}
 	}
-	install_cmd = 'pipx install bypass-url-parser && pipx upgrade bypass-url-parser'
+	install_version = '0.4.4'
+	install_cmd = 'pipx install bypass-url-parser==[install_version] --force'
 
 	@staticmethod
 	def on_init(self):

secator/tasks/cariddi.py

@@ -13,12 +13,19 @@ from secator.tasks._categories import HttpCrawler
 @task()
 class cariddi(HttpCrawler):
 	"""Crawl endpoints, secrets, api keys, extensions, tokens..."""
-	cmd = 'cariddi -info -s -err -e -ext 1'
+	cmd = 'cariddi'
 	input_type = URL
 	input_flag = OPT_PIPE_INPUT
 	output_types = [Url, Tag]
 	file_flag = OPT_PIPE_INPUT
 	json_flag = '-json'
+	opts = {
+		'info': {'is_flag': True, 'short': 'info', 'help': 'Hunt for useful informations in websites.'},
+		'secrets': {'is_flag': True, 'short': 'secrets', 'help': 'Hunt for secrets.'},
+		'errors': {'is_flag': True, 'short': 'err', 'help': 'Hunt for errors in websites.'},
+		'juicy_extensions': {'type': int, 'short': 'jext', 'help': 'Hunt for juicy file extensions. Integer from 1(juicy) to 7(not juicy)'},  # noqa: E501
+		'juicy_endpoints': {'is_flag': True, 'short': 'jep', 'help': 'Hunt for juicy endpoints.'}
+	}
 	opt_key_map = {
 		HEADER: 'headers',
 		DELAY: 'd',
@@ -38,10 +45,15 @@ class cariddi(HttpCrawler):
 		RETRIES: OPT_NOT_SUPPORTED,
 		THREADS: 'c',
 		TIMEOUT: 't',
-		USER_AGENT: 'ua'
+		USER_AGENT: 'ua',
+		'secrets': 's',
+		'errors': 'err',
+		'juicy_endpoints': 'e',
+		'juicy_extensions': 'ext'
 	}
 	item_loaders = [JSONSerializer()]
-	install_cmd = 'go install -v github.com/edoardottt/cariddi/cmd/cariddi@latest'
+	install_version = 'v1.3.6'
+	install_cmd = 'go install -v github.com/edoardottt/cariddi/cmd/cariddi@[install_version]'
 	install_github_handle = 'edoardottt/cariddi'
 	encoding = 'ansi'
 	proxychains = False

secator/tasks/dalfox.py

@@ -55,7 +55,8 @@ class dalfox(VulnHttp):
 			SEVERITY: lambda x: x['severity'].lower()
 		}
 	}
-	install_cmd = 'go install -v github.com/hahwul/dalfox/v2@v2.9.3'
+	install_version = 'v2.11.0'
+	install_cmd = 'go install -v github.com/hahwul/dalfox/v2@latest'
 	install_github_handle = 'hahwul/dalfox'
 	encoding = 'ansi'
 	proxychains = False

secator/tasks/dirsearch.py

@@ -52,7 +52,7 @@ class dirsearch(HttpFuzzer):
 			STATUS_CODE: 'status'
 		}
 	}
-	install_cmd = 'pipx install --force git+https://github.com/maurosoria/dirsearch'
+	install_cmd = 'pipx install git+https://github.com/maurosoria/dirsearch.git --force'
 	proxychains = True
 	proxy_socks5 = True
 	proxy_http = True

secator/tasks/dnsx.py

@@ -26,7 +26,8 @@ class dnsx(ReconDns):
 		'wildcard_domain': {'type': str, 'short': 'wd', 'help': 'Domain name for wildcard filtering'},
 	}
 	item_loaders = [JSONSerializer()]
-	install_cmd = 'go install -v github.com/projectdiscovery/dnsx/cmd/dnsx@latest'
+	install_version = 'v1.2.2'
+	install_cmd = 'go install -v github.com/projectdiscovery/dnsx/cmd/dnsx@[install_version]'
 	install_github_handle = 'projectdiscovery/dnsx'
 	profile = 'io'
 

secator/tasks/dnsxbrute.py

@@ -34,6 +34,7 @@ class dnsxbrute(ReconDns):
 			}
         }
     }
-    install_cmd = 'go install -v github.com/projectdiscovery/dnsx/cmd/dnsx@latest'
+    install_version = 'v1.2.2'
+    install_cmd = 'go install -v github.com/projectdiscovery/dnsx/cmd/dnsx@[install_version]'
     install_github_handle = 'projectdiscovery/dnsx'
     profile = 'io'

secator/tasks/feroxbuster.py

@@ -6,7 +6,7 @@ from secator.definitions import (CONTENT_TYPE, DELAY, DEPTH, FILTER_CODES,
 							   MATCH_REGEX, MATCH_SIZE, MATCH_WORDS, METHOD,
 							   OPT_NOT_SUPPORTED, OPT_PIPE_INPUT, PROXY,
 							   RATE_LIMIT, RETRIES, STATUS_CODE,
-							   THREADS, TIMEOUT, USER_AGENT, WORDLIST, WORDS, DEFAULT_FEROXBUSTER_FLAGS)
+							   THREADS, TIMEOUT, USER_AGENT, WORDLIST, WORDS)
 from secator.output_types import Url
 from secator.serializers import JSONSerializer
 from secator.tasks._categories import HttpFuzzer
@@ -15,7 +15,7 @@ from secator.tasks._categories import HttpFuzzer
 @task()
 class feroxbuster(HttpFuzzer):
 	"""Simple, fast, recursive content discovery tool written in Rust"""
-	cmd = f'feroxbuster {DEFAULT_FEROXBUSTER_FLAGS}'
+	cmd = 'feroxbuster --auto-bail --no-state'
 	input_flag = '--url'
 	input_chunk_size = 1
 	file_flag = OPT_PIPE_INPUT
@@ -62,6 +62,7 @@ class feroxbuster(HttpFuzzer):
 	install_pre = {
 		'*': ['curl', 'bash']
 	}
+	install_version = 'v2.11.0'
 	install_cmd = (
 		f'cd /tmp && curl -sL https://raw.githubusercontent.com/epi052/feroxbuster/master/install-nix.sh | bash -s {CONFIG.dirs.bin}'  # noqa: E501
 	)

secator/tasks/ffuf.py

@@ -71,7 +71,8 @@ class ffuf(HttpFuzzer):
 		},
 	}
 	encoding = 'ansi'
-	install_cmd = 'go install -v github.com/ffuf/ffuf@latest'
+	install_version = 'v2.1.0'
+	install_cmd = 'go install -v github.com/ffuf/ffuf/v2@[install_version]'
 	install_github_handle = 'ffuf/ffuf'
 	proxychains = False
 	proxy_socks5 = True

secator/tasks/gau.py

@@ -44,7 +44,8 @@ class gau(HttpCrawler):
 	install_pre = {
 		'apk': ['libc6-compat']
 	}
-	install_cmd = 'go install -v github.com/lc/gau/v2/cmd/gau@latest'
+	install_version = 'v2.2.4'
+	install_cmd = 'go install -v github.com/lc/gau/v2/cmd/gau@[install_version]'
 	install_github_handle = 'lc/gau'
 	proxychains = False
 	proxy_socks5 = True

secator/tasks/gitleaks.py

@@ -35,10 +35,11 @@ class gitleaks(Command):
 		}
 	}
 	install_pre = {'*': ['git', 'make']}
+	install_version = 'v8.24.3'
 	install_cmd = (
-		f'git clone https://github.com/gitleaks/gitleaks.git {CONFIG.dirs.share}/gitleaks || true &&'
-		f'cd {CONFIG.dirs.share}/gitleaks && make build &&'
-		f'mv {CONFIG.dirs.share}/gitleaks/gitleaks {CONFIG.dirs.bin}'
+		f'git clone https://github.com/gitleaks/gitleaks.git {CONFIG.dirs.share}/gitleaks_[install_version] || true &&'
+		f'cd {CONFIG.dirs.share}/gitleaks_[install_version] && make build &&'
+		f'mv {CONFIG.dirs.share}/gitleaks_[install_version]/gitleaks {CONFIG.dirs.bin}'
 	)
 	install_github_handle = 'gitleaks/gitleaks'
 

secator/tasks/gospider.py

@@ -15,7 +15,7 @@ from secator.tasks._categories import HttpCrawler
 @task()
 class gospider(HttpCrawler):
 	"""Fast web spider written in Go."""
-	cmd = 'gospider --js'
+	cmd = 'gospider'
 	file_flag = '-S'
 	input_flag = '-s'
 	json_flag = '--json'
@@ -53,7 +53,8 @@ class gospider(HttpCrawler):
 			CONTENT_LENGTH: 'length',
 		}
 	}
-	install_cmd = 'go install -v github.com/jaeles-project/gospider@latest'
+	install_version = 'v1.1.6'
+	install_cmd = 'go install -v github.com/jaeles-project/gospider@[install_version]'
 	install_github_handle = 'jaeles-project/gospider'
 	proxychains = False
 	proxy_socks5 = True  # with leaks... https://github.com/jaeles-project/gospider/issues/61

secator/tasks/grype.py

@@ -30,6 +30,7 @@ class grype(VulnCode):
 	install_pre = {
 		'*': ['curl']
 	}
+	install_version = 'v0.91.2'
 	install_cmd = (
 		f'curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b {CONFIG.dirs.bin}'
 	)

secator/tasks/h8mail.py

@@ -21,7 +21,8 @@ class h8mail(OSInt):
 		'config': {'type': str, 'help': 'Configuration file for API keys'},
 		'local_breach': {'type': str, 'short': 'lb', 'help': 'Local breach file'}
 	}
-	install_cmd = 'pipx install h8mail && pipx upgrade h8mail'
+	install_version = '2.5.6'
+	install_cmd = 'pipx install h8mail==[install_version] --force'
 
 	@staticmethod
 	def on_start(self):

secator/tasks/httpx.py

@@ -33,7 +33,7 @@ class httpx(Http):
 		'system_chrome': {'is_flag': True, 'default': False, 'help': 'Use local installed Chrome for screenshot'},
 		'headless_options': {'is_flag': False, 'short': 'ho', 'default': None, 'help': 'Headless Chrome additional options'},
 		'follow_host_redirects': {'is_flag': True, 'short': 'fhr', 'default': None, 'help': 'Follow redirects on the same host'},  # noqa: E501
-		'tech_detect': {'is_flag': True, 'short': 'td', 'default': True, 'help': 'Tech detection'},
+		'tech_detect': {'is_flag': True, 'short': 'td', 'default': False, 'help': 'Tech detection'},
 		'tls_grab': {'is_flag': True, 'short': 'tlsg', 'default': False, 'help': 'Grab some informations from the tls certificate'},  # noqa: E501
 		'rstr': {'type': int, 'default': CONFIG.http.response_max_size_bytes, 'help': 'Max body size to read (bytes)'},
 		'rsts': {'type': int, 'default': CONFIG.http.response_max_size_bytes, 'help': 'Max body size to save (bytes)'}
@@ -68,7 +68,8 @@ class httpx(Http):
 	install_pre = {
 		'apk': ['chromium']
 	}
-	install_cmd = 'go install -v github.com/projectdiscovery/httpx/cmd/httpx@latest'
+	install_version = 'v1.7.0'
+	install_cmd = 'go install -v github.com/projectdiscovery/httpx/cmd/httpx@[install_version]'
 	install_github_handle = 'projectdiscovery/httpx'
 	proxychains = False
 	proxy_socks5 = True

secator/tasks/katana.py

@@ -26,8 +26,8 @@ class katana(HttpCrawler):
 		'form_extraction': {'is_flag': True, 'short': 'fx', 'help': 'Detect forms'},
 		'store_responses': {'is_flag': True, 'short': 'sr', 'default': CONFIG.http.store_responses, 'help': 'Store responses'},  # noqa: E501
 		'form_fill': {'is_flag': True, 'short': 'ff', 'help': 'Enable form filling'},
-		'js_crawl': {'is_flag': True, 'short': 'jc', 'default': True, 'help': 'Enable endpoint parsing / crawling in javascript file'},  # noqa: E501
-		'jsluice': {'is_flag': True, 'short': 'jsl', 'default': True, 'help': 'Enable jsluice parsing in javascript file (memory intensive)'},  # noqa: E501
+		'js_crawl': {'is_flag': True, 'short': 'jc', 'default': False, 'help': 'Enable endpoint parsing / crawling in javascript file'},  # noqa: E501
+		'jsluice': {'is_flag': True, 'short': 'jsl', 'default': False, 'help': 'Enable jsluice parsing in javascript file (memory intensive)'},  # noqa: E501
 		'known_files': {'type': str, 'short': 'kf', 'default': 'all', 'help': 'Enable crawling of known files (all, robotstxt, sitemapxml)'},  # noqa: E501
 		'omit_raw': {'is_flag': True, 'short': 'or', 'default': True, 'help': 'Omit raw requests/responses from jsonl output'},  # noqa: E501
 		'omit_body': {'is_flag': True, 'short': 'ob', 'default': True, 'help': 'Omit response body from jsonl output'},
@@ -78,7 +78,8 @@ class katana(HttpCrawler):
 	install_pre = {
 		'apk': ['libc6-compat']
 	}
-	install_cmd = 'go install -v github.com/projectdiscovery/katana/cmd/katana@latest'
+	install_version = 'v1.1.3'
+	install_cmd = 'go install -v github.com/projectdiscovery/katana/cmd/katana@[install_version]'
 	install_github_handle = 'projectdiscovery/katana'
 	proxychains = False
 	proxy_socks5 = True

secator/tasks/maigret.py

@@ -41,7 +41,7 @@ class maigret(ReconUser):
 			EXTRA_DATA: lambda x: x['status'].get('ids', {})
 		}
 	}
-	install_cmd = 'pipx install git+https://github.com/soxoj/maigret'
+	install_cmd = 'pipx install git+https://github.com/soxoj/maigret --force'
 	socks5_proxy = True
 	profile = 'io'
 

secator/tasks/mapcidr.py

@@ -16,7 +16,8 @@ class mapcidr(ReconIp):
 	install_pre = {
 		'apk': ['libc6-compat']
 	}
-	install_cmd = 'go install -v github.com/projectdiscovery/mapcidr/cmd/mapcidr@latest'
+	install_version = 'v1.1.34'
+	install_cmd = 'go install -v github.com/projectdiscovery/mapcidr/cmd/mapcidr@[install_version]'
 	install_github_handle = 'projectdiscovery/mapcidr'
 	input_type = CIDR_RANGE
 	output_types = [Ip]

secator/tasks/msfconsole.py

@@ -48,14 +48,15 @@ class msfconsole(VulnMulti):
 		'pacman': ['ruby-erb', 'postgresql-libs', 'make'],
 		'yum|zypper': ['postgresql-devel', 'make'],
 	}
+	install_version = '6.4.59'
 	install_cmd = (
-		f'git clone --depth 1 --single-branch https://github.com/rapid7/metasploit-framework.git {CONFIG.dirs.share}/metasploit-framework || true && '  # noqa: E501
-		f'cd {CONFIG.dirs.share}/metasploit-framework && '
+		f'git clone --depth 1 --single-branch -b [install_version] https://github.com/rapid7/metasploit-framework.git {CONFIG.dirs.share}/metasploit-framework_[install_version] || true && '  # noqa: E501
+		f'cd {CONFIG.dirs.share}/metasploit-framework_[install_version] && '
 		f'gem install bundler --user-install -n {CONFIG.dirs.bin} && '
 		f'bundle config set --local path "{CONFIG.dirs.share}" && '
 		'bundle lock --normalize-platforms &&'
 		'bundle install && '
-		f'ln -sf $HOME/.local/share/metasploit-framework/msfconsole {CONFIG.dirs.bin}/msfconsole'
+		f'ln -sf $HOME/.local/share/metasploit-framework_[install_version]/msfconsole {CONFIG.dirs.bin}/msfconsole'
 	)
 
 	@staticmethod

secator/tasks/naabu.py

@@ -10,7 +10,7 @@ from secator.tasks._categories import ReconPort
 @task()
 class naabu(ReconPort):
 	"""Port scanning tool written in Go."""
-	cmd = 'naabu -Pn'
+	cmd = 'naabu'
 	input_flag = '-host'
 	file_flag = '-list'
 	json_flag = '-json'
@@ -18,6 +18,7 @@ class naabu(ReconPort):
 		PORTS: {'type': str, 'short': 'p', 'help': 'Ports'},
 		TOP_PORTS: {'type': str, 'short': 'tp', 'help': 'Top ports'},
 		'scan_type': {'type': str, 'short': 'st', 'help': 'Scan type (SYN (s)/CONNECT(c))'},
+		'skip_host_discovery': {'is_flag': True, 'short': 'Pn', 'default': False, 'help': 'Skip host discovery'},
 		# 'health_check': {'is_flag': True, 'short': 'hc', 'help': 'Health check'}
 	}
 	opt_key_map = {
@@ -47,7 +48,8 @@ class naabu(ReconPort):
 		}
 	}
 	output_types = [Port]
-	install_cmd = 'go install -v github.com/projectdiscovery/naabu/v2/cmd/naabu@v2.3.3'
+	install_version = 'v2.3.3'
+	install_cmd = 'go install -v github.com/projectdiscovery/naabu/v2/cmd/naabu@[install_version]'
 	install_github_handle = 'projectdiscovery/naabu'
 	install_pre = {'apt': ['libpcap-dev'], 'apk': ['libpcap-dev', 'libc6-compat'], 'pacman|brew': ['libpcap']}
 	install_post = {'arch|alpine': 'sudo ln -sf /usr/lib/libpcap.so /usr/lib/libpcap.so.0.8'}

secator/tasks/nuclei.py

@@ -18,17 +18,22 @@ class nuclei(VulnMulti):
 	input_flag = '-u'
 	json_flag = '-jsonl'
 	opts = {
-		'templates': {'type': str, 'short': 't', 'help': 'Templates'},
-		'tags': {'type': str, 'help': 'Tags'},
-		'exclude_tags': {'type': str, 'short': 'etags', 'help': 'Exclude tags'},
-		'exclude_severity': {'type': str, 'short': 'es', 'help': 'Exclude severity'},
-		'template_id': {'type': str, 'short': 'tid', 'help': 'Template id'},
+		'bulk_size': {'type': int, 'short': 'bs', 'help': 'Maximum number of hosts to be analyzed in parallel per template'},  # noqa: E501
 		'debug': {'type': str, 'help': 'Debug mode'},
+		'exclude_severity': {'type': str, 'short': 'es', 'help': 'Exclude severity'},
+		'exclude_tags': {'type': str, 'short': 'etags', 'help': 'Exclude tags'},
+		'input_mode': {'type': str, 'short': 'im', 'help': 'Mode of input file (list, burp, jsonl, yaml, openapi, swagger)'},
+		'hang_monitor': {'is_flag': True, 'short': 'hm', 'default': True, 'help': 'Enable nuclei hang monitoring'},
+		'headless_bulk_size': {'type': int, 'short': 'hbs', 'help': 'Maximum number of headless hosts to be analzyed in parallel per template'},  # noqa: E501
+		'new_templates': {'type': str, 'short': 'nt', 'help': 'Run only new templates added in latest nuclei-templates release'},  # noqa: E501
+		'automatic_scan': {'is_flag': True, 'short': 'as', 'help': 'Automatic web scan using wappalyzer technology detection to tags mapping'},  # noqa: E501
+		'omit_raw': {'is_flag': True, 'short': 'or', 'default': True, 'help': 'Omit requests/response pairs in the JSON, JSONL, and Markdown outputs (for findings only)'},  # noqa: E501
 		'stats': {'is_flag': True, 'short': 'stats', 'default': True, 'help': 'Display statistics about the running scan'},
 		'stats_json': {'is_flag': True, 'short': 'sj', 'default': True, 'help': 'Display statistics in JSONL(ines) format'},
-		'stats_interval': {'type': str, 'short': 'si', 'default': 20, 'help': 'Number of seconds to wait between showing a statistics update'},  # noqa: E501
-		'hang_monitor': {'is_flag': True, 'short': 'hm', 'default': True, 'help': 'Enable nuclei hang monitoring'},
-		'omit_raw': {'is_flag': True, 'short': 'or', 'default': True, 'help': 'Omit requests/response pairs in the JSON, JSONL, and Markdown outputs (for findings only)'}  # noqa: E501
+		'stats_interval': {'type': str, 'short': 'si', 'help': 'Number of seconds to wait between showing a statistics update'},  # noqa: E501
+		'tags': {'type': str, 'help': 'Tags'},
+		'templates': {'type': str, 'short': 't', 'help': 'Templates'},
+		'template_id': {'type': str, 'short': 'tid', 'help': 'Template id'},
 	}
 	opt_key_map = {
 		HEADER: 'header',
@@ -76,7 +81,8 @@ class nuclei(VulnMulti):
 	install_pre = {
 		'*': ['git']
 	}
-	install_cmd = 'go install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest'
+	install_version = 'v3.4.2'
+	install_cmd = 'go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@[install_version]'
 	install_github_handle = 'projectdiscovery/nuclei'
 	install_post = {
 		'*': 'nuclei -ut'

secator/tasks/searchsploit.py

@@ -41,9 +41,10 @@ class searchsploit(Command):
 	install_pre = {
 		'apk': ['ncurses']
 	}
+	install_version = '2025-04-23'
 	install_cmd = (
-		f'git clone  --depth 1 --single-branch https://gitlab.com/exploit-database/exploitdb.git {CONFIG.dirs.share}/exploitdb || true && '  # noqa: E501
-		f'ln -sf $HOME/.local/share/exploitdb/searchsploit {CONFIG.dirs.bin}/searchsploit'
+		f'git clone  --depth 1 --single-branch -b [install_version] https://gitlab.com/exploit-database/exploitdb.git {CONFIG.dirs.share}/exploitdb_[install_version] || true && '  # noqa: E501
+		f'ln -sf $HOME/.local/share/exploitdb_[install_version]/searchsploit {CONFIG.dirs.bin}/searchsploit'
 	)
 	proxychains = False
 	proxy_socks5 = False

secator/tasks/subfinder.py

@@ -31,7 +31,8 @@ class subfinder(ReconDns):
 		}
 	}
 	output_types = [Subdomain]
-	install_cmd = 'go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@latest'
+	install_version = 'v2.7.0'
+	install_cmd = 'go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@[install_version]'
 	install_github_handle = 'projectdiscovery/subfinder'
 	proxychains = False
 	proxy_http = True

secator/tasks/testssl.py

@@ -48,13 +48,14 @@ class testssl(Command):
     proxy_socks5 = False
     profile = 'io'
     install_pre = {
-        'apk': ['hexdump'],
+        'apk': ['hexdump', 'coreutils', 'procps'],
         'pacman': ['util-linux'],
         '*': ['bsdmainutils']
     }
+    install_version = 'v3.2.0'
     install_cmd = (
-        f'git clone --depth 1 https://github.com/drwetter/testssl.sh.git {CONFIG.dirs.share}/testssl.sh || true && '
-        f'ln -sf {CONFIG.dirs.share}/testssl.sh/testssl.sh {CONFIG.dirs.bin}'
+        f'git clone --depth 1 --single-branch -b [install_version] https://github.com/drwetter/testssl.sh.git {CONFIG.dirs.share}/testssl.sh_[install_version] || true && '  # noqa: E501
+        f'ln -sf {CONFIG.dirs.share}/testssl.sh_[install_version]/testssl.sh {CONFIG.dirs.bin}'
     )
 
     @staticmethod