secator 0.15.0__py3-none-any.whl → 0.16.0__py3-none-any.whl

secator/tasks/nmap.py

@@ -10,9 +10,8 @@ from secator.definitions import (CONFIDENCE, CVSS_SCORE, DELAY,
 								 DESCRIPTION, EXTRA_DATA, FOLLOW_REDIRECT,
 								 HEADER, HOST, ID, IP, PROTOCOL, MATCHED_AT, NAME,
 								 OPT_NOT_SUPPORTED, OUTPUT_PATH, PORT, PORTS, PROVIDER,
-								 PROXY, RATE_LIMIT, REFERENCE, REFERENCES,
-								 RETRIES, SCRIPT, SERVICE_NAME, SEVERITY, STATE, TAGS,
-								 THREADS, TIMEOUT, TOP_PORTS, USER_AGENT)
+								 PROXY, RATE_LIMIT, REFERENCE, REFERENCES, RETRIES, SCRIPT, SERVICE_NAME,
+								 SEVERITY, STATE, TAGS, THREADS, TIMEOUT, TOP_PORTS, USER_AGENT)
 from secator.output_types import Exploit, Port, Vulnerability, Info, Error
 from secator.tasks._categories import VulnMulti
 from secator.utils import debug, traceback_as_string
@@ -24,13 +23,12 @@ logger = logging.getLogger(__name__)
 class nmap(VulnMulti):
 	"""Network Mapper is a free and open source utility for network discovery and security auditing."""
 	cmd = 'nmap'
-	tags = ['port', 'scan']
-	input_flag = None
 	input_types = [HOST, IP]
+	output_types = [Port, Vulnerability, Exploit]
+	tags = ['port', 'scan']
 	input_chunk_size = 1
 	file_flag = '-iL'
 	opt_prefix = '--'
-	output_types = [Port, Vulnerability, Exploit]
 	opts = {
 		# Port specification and scan order
 		PORTS: {'type': str, 'short': 'p', 'help': 'Ports to scan (- to scan all)'},
@@ -248,7 +246,7 @@ class nmapData(dict):
 						EXTRA_DATA: extra_data,
 					}
 					if not func:
-						debug(f'Script output parser for "{script_id}" is not supported YET.', sub='cve')
+						debug(f'Script output parser for "{script_id}" is not supported YET.', sub='cve.nmap')
 						continue
 					for data in func(output, cpes=cpes):
 						data.update(metadata)
@@ -257,7 +255,7 @@ class nmapData(dict):
 							confidence = 'high' if version_exact else 'medium'
 						data[CONFIDENCE] = confidence
 						if (CONFIG.runners.skip_cve_low_confidence and data[CONFIDENCE] == 'low'):
-							debug(f'{data[ID]}: ignored (low confidence).', sub='cve')
+							debug(f'{data[ID]}: ignored (low confidence).', sub='cve.nmap')
 							continue
 						if data in datas:
 							continue
@@ -349,7 +347,7 @@ class nmapData(dict):
 		if not isinstance(cpes, list):
 			cpes = [cpes]
 			extra_data['cpe'] = cpes
-		debug(f'Found CPEs: {",".join(cpes)}', sub='cve')
+		debug(f'Found CPEs: {",".join(cpes)}', sub='cve.nmap')
 
 		# Grab confidence
 		conf = int(extra_data.get('conf', 0))
@@ -368,7 +366,7 @@ class nmapData(dict):
 			cpe = VulnMulti.create_cpe_string(product, version_cpe)
 			if cpe not in cpes:
 				cpes.append(cpe)
-				debug(f'Added new CPE from identified product and version: {cpe}', sub='cve')
+				debug(f'Added new CPE from identified product and version: {cpe}', sub='cve.nmap')
 
 		return extra_data
 
@@ -412,7 +410,7 @@ class nmapData(dict):
 				NAME: vuln_id,
 				DESCRIPTION: vuln_title,
 				PROVIDER: provider_name,
-				TAGS: [vuln_id, provider_name]
+				TAGS: [provider_name]
 			}
 			if provider_name == 'MITRE CVE':
 				data = VulnMulti.lookup_cve(vuln['id'], *cpes)
@@ -436,7 +434,6 @@ class nmapData(dict):
 			elems = tuple(line.split('\t'))
 
 			if len(elems) == 4:  # exploit
-				# TODO: Implement exploit processing
 				exploit_id, cvss_score, reference_url, _ = elems
 				name = exploit_id
 				# edb_id = name.split(':')[-1] if 'EDB-ID' in name else None
@@ -460,6 +457,7 @@ class nmapData(dict):
 					exploit[TAGS].extend(vuln[TAGS])
 					exploit[CONFIDENCE] = vuln[CONFIDENCE]
 				yield exploit
+				continue
 
 			elif len(elems) == 3:  # vuln
 				vuln = {}
@@ -483,6 +481,6 @@ class nmapData(dict):
 						vuln.update(data)
 					yield vuln
 				else:
-					debug(f'Vulners parser for "{vuln_type}" is not implemented YET.', sub='cve')
+					debug(f'Vulners parser for "{vuln_type}" is not implemented YET.', sub='cve.nmap')
 			else:
-				debug(f'Unrecognized vulners output: {elems}', sub='cve')
+				debug(f'Unrecognized vulners output: {elems}', sub='cve.nmap')

secator/tasks/nuclei.py

@@ -14,8 +14,9 @@ from secator.tasks._categories import VulnMulti
 class nuclei(VulnMulti):
 	"""Fast and customisable vulnerability scanner based on simple YAML based DSL."""
 	cmd = 'nuclei'
-	tags = ['vuln', 'scan']
 	input_types = [HOST, IP, URL]
+	output_types = [Vulnerability, Progress]
+	tags = ['vuln', 'scan']
 	file_flag = '-l'
 	input_flag = '-u'
 	json_flag = '-jsonl'
@@ -59,7 +60,6 @@ class nuclei(VulnMulti):
 		'exclude_tags': lambda x: ','.join(x) if isinstance(x, list) else x,
 	}
 	item_loaders = [JSONSerializer()]
-	output_types = [Vulnerability, Progress]
 	output_map = {
 		Vulnerability: {
 			ID: lambda x: nuclei.id_extractor(x),
@@ -77,7 +77,7 @@ class nuclei(VulnMulti):
 		},
 		Progress: {
 			PERCENT: lambda x: int(x['percent']),
-			EXTRA_DATA: lambda x: {k: v for k, v in x.items() if k not in ['duration', 'errors', 'percent']}
+			EXTRA_DATA: lambda x: {k: v for k, v in x.items() if k not in ['percent']}
 		}
 	}
 	install_pre = {

secator/tasks/searchsploit.py

@@ -3,7 +3,7 @@ import re
 from secator.config import CONFIG
 from secator.decorators import task
 from secator.definitions import (CVES, EXTRA_DATA, ID, MATCHED_AT, NAME,
-								 PROVIDER, REFERENCE, TAGS, TECHNOLOGY, OPT_NOT_SUPPORTED)
+								 PROVIDER, REFERENCE, TAGS, OPT_NOT_SUPPORTED, STRING)
 from secator.output_types import Exploit
 from secator.runners import Command
 from secator.serializers import JSONSerializer
@@ -16,9 +16,10 @@ SEARCHSPLOIT_TITLE_REGEX = re.compile(r'^((?:[a-zA-Z\-_!\.()]+\d?\s?)+)\.?\s*(.*
 class searchsploit(Command):
 	"""Exploit searcher based on ExploitDB."""
 	cmd = 'searchsploit'
+	input_types = [STRING]
+	output_types = [Exploit]
 	tags = ['exploit', 'recon']
-	input_flag = None
-	input_types = [TECHNOLOGY]
+	input_chunk_size = 1
 	json_flag = '--json'
 	version_flag = OPT_NOT_SUPPORTED
 	opts = {
@@ -26,7 +27,6 @@ class searchsploit(Command):
 	}
 	opt_key_map = {}
 	item_loaders = [JSONSerializer()]
-	output_types = [Exploit]
 	output_map = {
 		Exploit: {
 			NAME: 'Title',
@@ -51,7 +51,6 @@ class searchsploit(Command):
 	proxychains = False
 	proxy_socks5 = False
 	proxy_http = False
-	input_chunk_size = 1
 	profile = 'io'
 
 	@staticmethod
@@ -86,6 +85,8 @@ class searchsploit(Command):
 
 	@staticmethod
 	def on_item(self, item):
+		if not isinstance(item, Exploit):
+			return item
 		match = SEARCHSPLOIT_TITLE_REGEX.match(item.name)
 		# if not match:
 		# 	self._print(f'[bold red]{item.name} ({item.reference}) did not match SEARCHSPLOIT_TITLE_REGEX. Please report this issue.[/]')  # noqa: E501

secator/tasks/subfinder.py

@@ -10,8 +10,9 @@ from secator.tasks._categories import ReconDns
 class subfinder(ReconDns):
 	"""Fast passive subdomain enumeration tool."""
 	cmd = 'subfinder -cs'
-	tags = ['dns', 'recon']
 	input_types = [HOST]
+	output_types = [Subdomain]
+	tags = ['dns', 'recon']
 	file_flag = '-dL'
 	input_flag = '-d'
 	json_flag = '-json'
@@ -32,7 +33,6 @@ class subfinder(ReconDns):
 			DOMAIN: 'input',
 		}
 	}
-	output_types = [Subdomain]
 	install_version = 'v2.7.0'
 	install_cmd = 'go install -v github.com/projectdiscovery/subfinder/v2/cmd/subfinder@[install_version]'
 	install_github_handle = 'projectdiscovery/subfinder'