PyPI - secator - Versions diffs - 0.15.0__py3-none-any.whl → 0.16.0__py3-none-any.whl - Mend

secator 0.15.0py3-none-any.whl → 0.16.0py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of secator might be problematic. Click here for more details.

Files changed (106) hide show

secator/celery.py +40 -24
secator/celery_signals.py +71 -68
secator/celery_utils.py +43 -27
secator/cli.py +520 -280
secator/cli_helper.py +394 -0
secator/click.py +87 -0
secator/config.py +67 -39
secator/configs/profiles/http_headless.yaml +6 -0
secator/configs/profiles/http_record.yaml +6 -0
secator/configs/profiles/tor.yaml +1 -1
secator/configs/scans/domain.yaml +4 -2
secator/configs/scans/host.yaml +1 -1
secator/configs/scans/network.yaml +1 -4
secator/configs/scans/subdomain.yaml +13 -1
secator/configs/scans/url.yaml +1 -2
secator/configs/workflows/cidr_recon.yaml +6 -4
secator/configs/workflows/code_scan.yaml +1 -1
secator/configs/workflows/host_recon.yaml +29 -3
secator/configs/workflows/subdomain_recon.yaml +67 -16
secator/configs/workflows/url_crawl.yaml +44 -15
secator/configs/workflows/url_dirsearch.yaml +4 -4
secator/configs/workflows/url_fuzz.yaml +25 -17
secator/configs/workflows/url_params_fuzz.yaml +7 -0
secator/configs/workflows/url_vuln.yaml +33 -8
secator/configs/workflows/user_hunt.yaml +2 -1
secator/configs/workflows/wordpress.yaml +5 -3
secator/cve.py +718 -0
secator/decorators.py +0 -454
secator/definitions.py +49 -30
secator/exporters/_base.py +2 -2
secator/exporters/console.py +2 -2
secator/exporters/table.py +4 -3
secator/exporters/txt.py +1 -1
secator/hooks/mongodb.py +2 -4
secator/installer.py +77 -49
secator/loader.py +116 -0
secator/output_types/_base.py +3 -0
secator/output_types/certificate.py +63 -63
secator/output_types/error.py +4 -5
secator/output_types/info.py +2 -2
secator/output_types/ip.py +3 -1
secator/output_types/progress.py +5 -9
secator/output_types/state.py +17 -17
secator/output_types/tag.py +3 -0
secator/output_types/target.py +10 -2
secator/output_types/url.py +19 -7
secator/output_types/vulnerability.py +11 -7
secator/output_types/warning.py +2 -2
secator/report.py +27 -15
secator/rich.py +18 -10
secator/runners/_base.py +447 -234
secator/runners/_helpers.py +133 -24
secator/runners/command.py +182 -102
secator/runners/scan.py +33 -5
secator/runners/task.py +13 -7
secator/runners/workflow.py +105 -72
secator/scans/__init__.py +2 -2
secator/serializers/dataclass.py +20 -20
secator/tasks/__init__.py +4 -4
secator/tasks/_categories.py +39 -27
secator/tasks/arjun.py +9 -5
secator/tasks/bbot.py +53 -21
secator/tasks/bup.py +19 -5
secator/tasks/cariddi.py +24 -3
secator/tasks/dalfox.py +26 -7
secator/tasks/dirsearch.py +10 -4
secator/tasks/dnsx.py +70 -25
secator/tasks/feroxbuster.py +11 -3
secator/tasks/ffuf.py +42 -6
secator/tasks/fping.py +20 -8
secator/tasks/gau.py +3 -1
secator/tasks/gf.py +5 -4
secator/tasks/gitleaks.py +2 -2
secator/tasks/gospider.py +7 -1
secator/tasks/grype.py +5 -4
secator/tasks/h8mail.py +2 -1
secator/tasks/httpx.py +18 -5
secator/tasks/katana.py +35 -15
secator/tasks/maigret.py +4 -4
secator/tasks/mapcidr.py +3 -3
secator/tasks/msfconsole.py +4 -4
secator/tasks/naabu.py +5 -4
secator/tasks/nmap.py +12 -14
secator/tasks/nuclei.py +3 -3
secator/tasks/searchsploit.py +6 -5
secator/tasks/subfinder.py +2 -2
secator/tasks/testssl.py +264 -263
secator/tasks/trivy.py +5 -5
secator/tasks/wafw00f.py +21 -3
secator/tasks/wpprobe.py +90 -83
secator/tasks/wpscan.py +6 -5
secator/template.py +218 -104
secator/thread.py +15 -15
secator/tree.py +196 -0
secator/utils.py +131 -123
secator/utils_test.py +60 -19
secator/workflows/__init__.py +2 -2
{secator-0.15.0.dist-info → secator-0.16.0.dist-info}/METADATA +37 -36
secator-0.16.0.dist-info/RECORD +132 -0
secator/configs/profiles/default.yaml +0 -8
secator/configs/workflows/url_nuclei.yaml +0 -11
secator/tasks/dnsxbrute.py +0 -42
secator-0.15.0.dist-info/RECORD +0 -128
{secator-0.15.0.dist-info → secator-0.16.0.dist-info}/WHEEL +0 -0
{secator-0.15.0.dist-info → secator-0.16.0.dist-info}/entry_points.txt +0 -0
{secator-0.15.0.dist-info → secator-0.16.0.dist-info}/licenses/LICENSE +0 -0

secator/utils_test.py CHANGED Viewed

@@ -1,6 +1,7 @@
 import contextlib
 import json
 import os
+import re
 import sys
 import unittest.mock
@@ -11,11 +12,11 @@ from secator.definitions import (CIDR_RANGE, DELAY, DEPTH, EMAIL,
 							   METHOD, PROXY, RATE_LIMIT, RETRIES,
 							   THREADS, TIMEOUT, URL, USER_AGENT, USERNAME, PATH,
 							   DOCKER_IMAGE, GIT_REPOSITORY)
-from secator.cli import ALL_WORKFLOWS, ALL_TASKS, ALL_SCANS
+from secator.loader import get_configs_by_type
 from secator.output_types import EXECUTION_TYPES, STAT_TYPES
-from secator.runners import Command
+from secator.runners import Command, Task
 from secator.rich import console
-from secator.utils import load_fixture, debug
+from secator.utils import load_fixture, debug, traceback_as_string
 #---------#
 # GLOBALS #
@@ -24,33 +25,37 @@ USE_PROXY = bool(int(os.environ.get('USE_PROXY', '0')))
 TEST_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) + '/tests/'
 FIXTURES_DIR = f'{TEST_DIR}/fixtures'
 USE_PROXY = bool(int(os.environ.get('USE_PROXY', '0')))
+TASKS = get_configs_by_type('task')
+WORKFLOWS = get_configs_by_type('workflow')
+SCANS = get_configs_by_type('scan')
 #------------#
 # TEST TASKS #
 #------------#
 TEST_TASKS = os.environ.get('TEST_TASKS', '')
 if TEST_TASKS:
-	TEST_TASKS = [cls for cls in ALL_TASKS if cls.__name__ in TEST_TASKS.split(',')]
+	TEST_TASKS = [config for config in TASKS if config.name in TEST_TASKS.split(',')]
 else:
-	TEST_TASKS = ALL_TASKS
+	TEST_TASKS = TASKS
 #----------------#
 # TEST WORKFLOWS #
 #----------------#
 TEST_WORKFLOWS = os.environ.get('TEST_WORKFLOWS', '')
 if TEST_WORKFLOWS:
-	TEST_WORKFLOWS = [config for config in ALL_WORKFLOWS if config.name in TEST_WORKFLOWS.split(',')]
+	TEST_WORKFLOWS = [config for config in WORKFLOWS if config.name in TEST_WORKFLOWS.split(',')]
 else:
-	TEST_WORKFLOWS = ALL_WORKFLOWS
+	TEST_WORKFLOWS = WORKFLOWS
 #------------#
 # TEST SCANS #
 #------------#
 TEST_SCANS = os.environ.get('TEST_SCANS', '')
 if TEST_SCANS:
-	TEST_SCANS = [config for config in ALL_SCANS if config.name in TEST_SCANS.split(',')]
+	TEST_SCANS = [config for config in SCANS if config.name in TEST_SCANS.split(',')]
 else:
-	TEST_SCANS = ALL_SCANS
+	TEST_SCANS = SCANS
 #-------------------#
 # TEST INPUTS_TASKS #
@@ -71,15 +76,16 @@ INPUTS_TASKS = {
 # TEST FIXTURES_TASKS #
 #---------------------#
 FIXTURES_TASKS = {
-	tool_cls: load_fixture(f'{tool_cls.__name__}_output', FIXTURES_DIR)
-	for tool_cls in TEST_TASKS
+	Task.get_task_class(task.name): load_fixture(f'{task.name}_output', FIXTURES_DIR)
+	for task in TASKS
+	if task.name in [t.name for t in TEST_TASKS]
 }
 #-----------#
 # TEST OPTS #
 #-----------#
 META_OPTS = {
-	HEADER: 'User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1',
+	HEADER: 'User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1;; Hello: World',
 	DELAY: 0,
 	DEPTH: 2,
 	FOLLOW_REDIRECT: True,
@@ -159,6 +165,10 @@ def mock_command(cls, inputs=[], opts={}, fixture=None, method=''):
 class CommandOutputTester:  # Mixin for unittest.TestCase
+	@staticmethod
+	def get_item_str(item):
+		return f"Item: {repr(item)}\nItem dict: {json.dumps(item.toDict(), default=str, indent=2)}"
 	def _test_runner_output(
 			self,
 			runner,
@@ -166,10 +176,12 @@ class CommandOutputTester:  # Mixin for unittest.TestCase
 			expected_output_types=[],
 			expected_results=[],
 			expected_status='SUCCESS',
-			empty_results_allowed=False):
+			empty_results_allowed=False,
+			additional_checks=[]):
 		console.print(f'\t[dim]Testing {runner.config.type} {runner.name} ...[/]', end='')
 		debug('', sub='unittest')
+		debug('-' * 10 + f' RUNNER {runner.name} STARTING ' + '-' * 10, sub='unittest')
 		if not runner.inputs:
 			console.print('[dim gold3] skipped (no inputs defined).[/]')
@@ -183,8 +195,11 @@ class CommandOutputTester:  # Mixin for unittest.TestCase
 			# Run runner
 			results = runner.run()
-			for result in results:
-				debug(result.toDict(), sub='unittest')
+			results_str = "\n".join([repr(r) for r in results])
+			debug(f'{runner.name} yielded results\n{results_str}', sub='unittest')
+			debug(f'{runner.name} yielded results\n{json.dumps([r.toDict() for r in results], default=str, indent=2)}', sub='unittest.dict', verbose=True)  # noqa: E501
+			debug('-' * 10 + f' RUNNER {runner.name} TESTS ' + '-' * 10, sub='unittest')
 			# Add execution types to allowed output types
 			expected_output_types.extend(EXECUTION_TYPES + STAT_TYPES)
@@ -205,13 +220,17 @@ class CommandOutputTester:  # Mixin for unittest.TestCase
 			self.assertEqual(runner.status, expected_status, f'{runner.name} should have the status {expected_status}. Errors: {runner.errors}')  # noqa: E501
 			# Check results
+			failures = []
+			debug('-' * 10 + f' RUNNER {runner.name} ITEM TESTS ' + '-' * 10, sub='unittest')
 			for item in results:
-				debug(f'{runner.name} yielded {repr(item)}', sub='unittest')
-				debug(f'{runner.name} yielded (JSON): {json.dumps(item.toDict(), default=str)}', sub='unittest.dict', verbose=True)
+				item_str = self.get_item_str(item)
+				debug('--' * 5, sub='unittest')
+				debug(f'{runner.name} item {repr(item)}', sub='unittest')
+				debug(f'{runner.name} item [{item.toDict()}]', sub='unittest.item', verbose=True)
 				if expected_output_types:
 					debug(f'{runner.name} item should have an output type in {[_._type for _ in expected_output_types]}', sub='unittest')  # noqa: E501
-					self.assertIn(type(item), expected_output_types, f'{runner.name}: item has an unexpected output type "{type(item)}"')  # noqa: E501
+					self.assertIn(type(item), expected_output_types, f'{runner.name}: item has an unexpected output type "{type(item)}". Expected types: {expected_output_types}.\n{item_str}')  # noqa: E501
 				if expected_output_keys:
 					keys = [k for k in list(item.keys()) if not k.startswith('_')]
@@ -219,7 +238,29 @@ class CommandOutputTester:  # Mixin for unittest.TestCase
 					self.assertEqual(
 						set(keys).difference(set(expected_output_keys)),
 						set(),
-						f'{runner.name}: item is missing expected keys {set(expected_output_keys)}. Item keys: {keys}')  # noqa: E501
+						f'{runner.name}: item is missing expected keys {set(expected_output_keys)}.\nItem keys: {keys}.\n{item_str}')  # noqa: E501
+				if additional_checks and item.__class__ in additional_checks.get('output_types', {}):
+					config = additional_checks['output_types'][item.__class__]
+					runner_regex = config.get('runner', '*')
+					if not re.match(runner_regex, runner.name):
+						continue
+					checks = config.get('checks', [])
+					for check in checks:
+						error = check['error']
+						info = check['info']
+						func = check['function']
+						debug(f'{runner.name} item {info}', sub='unittest')
+						try:
+							result = func(item)
+							if not result:
+								failures.append(f'ERROR ({runner.name}): {error}.\n{item_str}')
+						except Exception as e:
+							failures.append(f'ERROR ({runner.name}): {error}.\n{item_str}\n{traceback_as_string(e)}')
+			# Additional checks failures
+			if failures:
+				self.fail("\n\n" + "\n\n".join(failures))
 			# Check if runner results in expected results
 			if expected_results:

secator/workflows/__init__.py CHANGED Viewed

@@ -1,4 +1,4 @@
-from secator.cli import ALL_WORKFLOWS
+from secator.loader import get_configs_by_type
 from secator.runners import Workflow
@@ -21,7 +21,7 @@ class DynamicWorkflow(Workflow):
 DYNAMIC_WORKFLOWS = {}
-for workflow in ALL_WORKFLOWS:
+for workflow in get_configs_by_type('workflow'):
 	instance = DynamicWorkflow(workflow)
 	DYNAMIC_WORKFLOWS[workflow.name] = instance

{secator-0.15.0.dist-info → secator-0.16.0.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: secator
-Version: 0.15.0
+Version: 0.16.0
 Summary: The pentester's swiss knife.
 Project-URL: Homepage, https://github.com/freelabz/secator
 Project-URL: Issues, https://github.com/freelabz/secator/issues
@@ -21,6 +21,7 @@ Classifier: Programming Language :: Python :: 3.11
 Requires-Python: >=3.8
 Requires-Dist: beautifulsoup4<=5
 Requires-Dist: celery<6
+Requires-Dist: click<8.2.0
 Requires-Dist: cpe<2
 Requires-Dist: distro<2
 Requires-Dist: dotmap<2
@@ -121,41 +122,41 @@ and it is designed to improve productivity for pentesters and security researche
 `secator` integrates the following tools:
-| Name                                                          | Description                                                                    | Category        |
-|---------------------------------------------------------------|--------------------------------------------------------------------------------|-----------------|
-| [arjun](https://github.com/s0md3v/Arjun)                      | HTTP Parameter Discovery Suite.                                                |                 |
-| [gitleaks](https://github.com/gitleaks/gitleaks)              | Tool for detecting secrets like passwords, API keys, tokens, etc.              |                 |
-| [testssl](https://github.com/testssl/testssl.sh)              | SSL/TLS security scanner, including ciphers, protocols and cryptographic flaws.|                 |
-| [wafw00f](https://github.com/EnableSecurity/wafw00f)          | Web Application Firewall Fingerprinting tool.                                  |                 |
-| [wpprobe](https://github.com/Chocapikk/wpprobe)               | Fast wordpress plugin enumeration tool.                                        |                 |
-| [httpx](https://github.com/projectdiscovery/httpx)            | Fast HTTP prober.                                                              | `http`          |
-| [cariddi](https://github.com/edoardottt/cariddi)              | Fast crawler and endpoint secrets / api keys / tokens matcher.                 | `http/crawler`  |
-| [gau](https://github.com/lc/gau)                              | Offline URL crawler (Alien Vault, The Wayback Machine, Common Crawl, URLScan). | `http/crawler`  |
-| [gospider](https://github.com/jaeles-project/gospider)        | Fast web spider written in Go.                                                 | `http/crawler`  |
-| [katana](https://github.com/projectdiscovery/katana)          | Next-generation crawling and spidering framework.                              | `http/crawler`  |
-| [dirsearch](https://github.com/maurosoria/dirsearch)          | Web path discovery.                                                            | `http/fuzzer`   |
-| [feroxbuster](https://github.com/epi052/feroxbuster)          | Simple, fast, recursive content discovery tool written in Rust.                | `http/fuzzer`   |
-| [ffuf](https://github.com/ffuf/ffuf)                          | Fast web fuzzer written in Go.                                                 | `http/fuzzer`   |
-| [h8mail](https://github.com/khast3x/h8mail)                   | Email OSINT and breach hunting tool.                                           | `osint`         |
-| [dnsx](https://github.com/projectdiscovery/dnsx)              | Fast and multi-purpose DNS toolkit.                                            | `recon/dns`     |
-| [dnsxbrute](https://github.com/projectdiscovery/dnsx)         | Fast and multi-purpose DNS toolkit (bruteforce mode).                          | `recon/dns`     |
-| [subfinder](https://github.com/projectdiscovery/subfinder)    | Fast subdomain finder.                                                         | `recon/dns`     |
-| [fping](https://fping.org/)                                   | Find alive hosts on local networks.                                            | `recon/ip`      |
-| [mapcidr](https://github.com/projectdiscovery/mapcidr)        | Expand CIDR ranges into IPs.                                                   | `recon/ip`      |
-| [naabu](https://github.com/projectdiscovery/naabu)            | Fast port discovery tool.                                                      | `recon/port`    |
-| [maigret](https://github.com/soxoj/maigret)                   | Hunt for user accounts across many websites.                                   | `recon/user`    |
-| [gf](https://github.com/tomnomnom/gf)                         | A wrapper around grep to avoid typing common patterns.                         | `tagger`        |
-| [trivy](https://github.com/aquasecurity/trivy)                | Comprehensive and versatile security scanner.                                  | `vuln`          |
-| [grype](https://github.com/anchore/grype)                     | A vulnerability scanner for container images and filesystems.                  | `vuln/code`     |
-| [dalfox](https://github.com/hahwul/dalfox)                    | Powerful XSS scanning tool and parameter analyzer.                             | `vuln/http`     |
-| [msfconsole](https://docs.rapid7.com/metasploit/msf-overview) | CLI to access and work with the Metasploit Framework.                          | `vuln/http`     |
-| [wpscan](https://github.com/wpscanteam/wpscan)                | WordPress Security Scanner                                                     | `vuln/multi`    |
-| [nmap](https://github.com/nmap/nmap)                          | Vulnerability scanner using NSE scripts.                                       | `vuln/multi`    |
-| [nuclei](https://github.com/projectdiscovery/nuclei)          | Fast and customisable vulnerability scanner based on simple YAML based DSL.    | `vuln/multi`    |
-| [bbot](https://github.com/blacklanternsecurity/bbot)          | Multipurpose scanner.                                                          | `multi`         |
-| [searchsploit](https://gitlab.com/exploit-database/exploitdb) | Exploit searcher based on ExploitDB.                                           | `exploit/search`|
-| [bup](https://github.com/laluka/bypass-url-parser)            | 40X bypasser.                                                                  | `http`          |
+<!-- START_TOOLS_TABLE -->
+| Name                                                            | Description                                                                      | Category          |
+|-----------------------------------------------------------------|----------------------------------------------------------------------------------|-------------------|
+| [arjun](https://github.com/s0md3v/Arjun)                                                           | HTTP Parameter Discovery Suite.                                                  | `url/fuzz/params` |
+| [bbot](https://github.com/blacklanternsecurity/bbot)                                                            | Multipurpose scanner.                                                            | `vuln/scan`       |
+| [bup](https://github.com/laluka/bypass-url-parser)                                                             | 40X bypasser.                                                                    | `url/bypass`      |
+| [cariddi](https://github.com/edoardottt/cariddi)                                                         | Crawl endpoints, secrets, api keys, extensions, tokens...                        | `url/crawl`       |
+| [dalfox](https://github.com/hahwul/dalfox)                                                          | Powerful open source XSS scanning tool.                                          | `url/fuzz`        |
+| [dirsearch](https://github.com/maurosoria/dirsearch)                                                       | Advanced web path brute-forcer.                                                  | `url/fuzz`        |
+| [dnsx](https://github.com/projectdiscovery/dnsx)                                                            | dnsx is a fast and multi-purpose DNS toolkit designed for running various retryabledns library. | `dns/fuzz`        |
+| [feroxbuster](https://github.com/epi052/feroxbuster)                                                     | Simple, fast, recursive content discovery tool written in Rust                   | `url/fuzz`        |
+| [ffuf](https://github.com/ffuf/ffuf)                                                            | Fast web fuzzer written in Go.                                                   | `url/fuzz`        |
+| [fping](https://github.com/schweikert/fping)                                                           | Send ICMP echo probes to network hosts, similar to ping, but much better.        | `ip/recon`        |
+| [gau](https://github.com/lc/gau)                                                             | Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, Common Crawl, and URLScan. | `pattern/scan`    |
+| [gf](https://github.com/tomnomnom/gf)                                                              | Wrapper around grep, to help you grep for things.                                | `pattern/scan`    |
+| [gitleaks](https://github.com/gitleaks/gitleaks)                                                        | Tool for detecting secrets like passwords, API keys, and tokens in git repos, files, and stdin. | `secret/scan`     |
+| [gospider](https://github.com/jaeles-project/gospider)                                                        | Fast web spider written in Go.                                                   | `url/crawl`       |
+| [grype](https://github.com/anchore/grype)                                                           | Vulnerability scanner for container images and filesystems.                      | `vuln/scan`       |
+| [h8mail](https://github.com/khast3x/h8mail)                                                          | Email information and password lookup tool.                                      | `user/recon/email` |
+| [httpx](https://github.com/projectdiscovery/httpx)                                                           | Fast and multi-purpose HTTP toolkit.                                             | `url/probe`       |
+| [katana](https://github.com/projectdiscovery/katana)                                                          | Next-generation crawling and spidering framework.                                | `url/crawl`       |
+| [maigret](https://github.com/soxoj/maigret)                                                         | Collect a dossier on a person by username.                                       | `user/recon/username` |
+| [mapcidr](https://github.com/projectdiscovery/mapcidr)                                                         | Utility program to perform multiple operations for a given subnet/cidr ranges.   | `ip/recon`        |
+| [msfconsole](https://docs.rapid7.com/metasploit/msf-overview/)                                                      | CLI to access and work with the Metasploit Framework.                            | `exploit/attack`  |
+| [naabu](https://github.com/projectdiscovery/naabu)                                                           | Port scanning tool written in Go.                                                | `port/scan`       |
+| [nmap](https://github.com/nmap/nmap)                                                            | Network Mapper is a free and open source utility for network discovery and security auditing. | `port/scan`       |
+| [nuclei](https://github.com/projectdiscovery/nuclei)                                                          | Fast and customisable vulnerability scanner based on simple YAML based DSL.      | `vuln/scan`       |
+| [searchsploit](https://gitlab.com/exploit-database/exploitdb)                                                    | Exploit searcher based on ExploitDB.                                             | `exploit/recon`   |
+| [subfinder](https://github.com/projectdiscovery/subfinder)                                                       | Fast passive subdomain enumeration tool.                                         | `dns/recon`       |
+| [testssl](https://github.com/testssl/testssl.sh)                                                         | SSL/TLS security scanner, including ciphers, protocols and cryptographic flaws.  | `dns/recon/tls`   |
+| [trivy](https://github.com/aquasecurity/trivy)                                                           | Comprehensive and versatile security scanner.                                    | `vuln/scan`       |
+| [wafw00f](https://github.com/EnableSecurity/wafw00f)                                                         | Web Application Firewall Fingerprinting tool.                                    | `waf/scan`        |
+| [wpprobe](https://github.com/Chocapikk/wpprobe)                                                         | Fast wordpress plugin enumeration tool.                                          | `vuln/scan/wordpress` |
+| [wpscan](https://github.com/wpscanteam/wpscan)                                                          | Wordpress security scanner.                                                      | `vuln/scan/wordpress` |
+<!-- END_TOOLS_TABLE -->
 Feel free to request new tools to be added by opening an issue, but please
 check that the tool complies with our selection criterias before doing so. If it doesn't but you still want to integrate it into `secator`, you can plug it in (see the [dev guide](https://docs.freelabz.com/for-developers/writing-custom-tasks)).

secator-0.16.0.dist-info/RECORD ADDED Viewed

@@ -0,0 +1,132 @@
+secator/.gitignore,sha256=da8MUc3hdb6Mo0WjZu2upn5uZMbXcBGvhdhTQ1L89HI,3093
+secator/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+secator/celery.py,sha256=9sdgWHg1AgIu_RrqWffjBLSVFL0cbS71n4pjhmnFYiM,10037
+secator/celery_signals.py,sha256=R4ZNBPKSxUvesGCvZ7MXoRkWNOTMS5hraZzjLh5sQ0o,4191
+secator/celery_utils.py,sha256=vhL5ZxXDn3ODvyVxMijKyUTJ1dOisMDjF_PhFUyOVSA,9451
+secator/cli.py,sha256=lzgttr8-Hib1X6bGi8PCOfX90incum7ZFR5x46cDZ34,60887
+secator/cli_helper.py,sha256=EJFl80fd1HcgMYbmiddMZssCD32YDiFLnr-UbLp61aQ,13720
+secator/click.py,sha256=pg7XPI7-wAhhEhd4aeAC8vHSqKi-H0zeFRlh0T-ayYg,2662
+secator/config.py,sha256=4bZ5i5NuAhLDv4hYr9tXwnwavAZMd_P8YAt8_4YB6gQ,20778
+secator/cve.py,sha256=j47VOGyZjOvCY_xwVYS9fiXQPKHL5bPRtCnVAmbQthE,21356
+secator/decorators.py,sha256=uygU8MguxEO0BKXRvF4Nn2QEDnjqdIer8ReBj_j9ALg,88
+secator/definitions.py,sha256=sJaR9e_4aEgAo7cVzYQcD2lotXQPN_3lze_qWhKvo1M,3275
+secator/installer.py,sha256=oWHzUXrEp8D6oPiFHjWcOvDjqMLRhftB7kG-OcCg7PY,21120
+secator/loader.py,sha256=gXtjbn5f-890M7fI5ZWjBlli7eBrNpQt8o8I0C4LuS8,3870
+secator/report.py,sha256=4lEjW_GzDgsPBe1eQHX4ntcHWs0nsAMIbrNMw0UfWHc,4025
+secator/rich.py,sha256=jITAXV_Wgj32Q7FfkssDN-DMD8TxK1wwlrIlkaCNc70,3960
+secator/template.py,sha256=vLp-4cmg05YDKyvqmPtKoclH-b_NamRKvr_qprIPSGA,9905
+secator/thread.py,sha256=EqilUiqunUmVLHvZQiPl7GUYXHXVneDpI8crhqKKT_4,562
+secator/tree.py,sha256=zxZ1rXE5jzipyNNUVuTDoeq35qA-7h5yAZ4mE230ZUQ,7000
+secator/utils.py,sha256=TUVUjVNbKfp1vCItP8-PjWIUi1DBrCDr_kJXWFbZocg,21929
+secator/utils_test.py,sha256=cI8JRhKhgq9X5c8Lvvhs-T_C2UxxHY1wexVo4qBStS4,10131
+secator/configs/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+secator/configs/profiles/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+secator/configs/profiles/aggressive.yaml,sha256=CXsCD76zrS93Iy47H-SUeEm3Ofl58H12dOr6rhm5sUg,159
+secator/configs/profiles/http_headless.yaml,sha256=b-2VtoNWOgNLLX9P61syFtMpYRX4Qi_tfZPFJk4U1OU,121
+secator/configs/profiles/http_record.yaml,sha256=C6kUqiJI_8bENBRRtgGdLf6_rtKoeR1LNN2g1iGelMg,154
+secator/configs/profiles/insane.yaml,sha256=t3Z0fSy-tJkasMoPPViqxicTo0So5gnF3kfCBWIsR6Q,152
+secator/configs/profiles/paranoid.yaml,sha256=P3jONEyS9qIU5OPhBpEmlzc1AMJVC6ncIBR3GwJIr8Q,128
+secator/configs/profiles/polite.yaml,sha256=yZ2rtUMpSf-xMD7ZBFd6QS7XfYPEOSZ0Sn65lVF9M54,138
+secator/configs/profiles/sneaky.yaml,sha256=TOouDi-JQ3ZGZW9t7xbax-UvB-r2IsTr9sONwSRGo88,147
+secator/configs/profiles/tor.yaml,sha256=qQNUqKS236jHp_IuQlWRL6k9w4lMqvaaLmhjVxjgPbY,92
+secator/configs/scans/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+secator/configs/scans/domain.yaml,sha256=n0UJgnu8dAeSPnYSJW6xWr5AQI_kDNeXoeJf7goX19E,324
+secator/configs/scans/host.yaml,sha256=9O_fMcZSvy-FpFat2N5OWMUc-Nc2V0VKC7hx1_2Bd38,190
+secator/configs/scans/network.yaml,sha256=vfzboKoTiS3pNz-efxb2PgQGmp_6YuQVAwgqoGQrN3o,211
+secator/configs/scans/subdomain.yaml,sha256=brYaBbdnVVvSDiz6eVahKChxOUG0GBi806fR_tUaunk,330
+secator/configs/scans/url.yaml,sha256=xJwGADKMvFGxMgp_xnsUbSjSFBCeFoAXL7wBwtyFFz4,145
+secator/configs/workflows/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+secator/configs/workflows/cidr_recon.yaml,sha256=A5wg3bImdC8H1SoCSFYsgnrLm9FMD7GcQgKacGCmAOE,529
+secator/configs/workflows/code_scan.yaml,sha256=7mJi7Z42tr6vGG2j2Xy-nl5arITk9NyrRaQZeh7qC3Y,208
+secator/configs/workflows/host_recon.yaml,sha256=HKDAkBZXT3m5SzKovs8dJdJEn5uFHCVZq-0fFovZRKg,1571
+secator/configs/workflows/subdomain_recon.yaml,sha256=VOYcjYjHRRebe1TAYphh-zpSq8W5_q-6DDeMja2dlek,1896
+secator/configs/workflows/url_bypass.yaml,sha256=_uBzDhevJ2DOD9UkE25n7ZrmnjjfdU3lV3mnUudgdU0,180
+secator/configs/workflows/url_crawl.yaml,sha256=JqpTNw11NLsLCcHFHllTYSqQ9ingO1uwDoZ7c3YqxJI,1121
+secator/configs/workflows/url_dirsearch.yaml,sha256=_4TdMSVLt2lIbx8ucn0R04tkMUqhG2i-m3JxCofx4mo,670
+secator/configs/workflows/url_fuzz.yaml,sha256=a-ZvZrcPBaeVhRrxox8fq25SKMJflyAkKWLqJeC3xD4,911
+secator/configs/workflows/url_params_fuzz.yaml,sha256=ufGbW4GUtEZee0M1WPVo0w6ZCEH6xmuDO6VCjPaw8AQ,796
+secator/configs/workflows/url_vuln.yaml,sha256=35uY0SpQGgaPulkBkQUcy0AdVwjslEJfVGhM9DQAXkk,1817
+secator/configs/workflows/user_hunt.yaml,sha256=f6LpXcPrFFy615n9FUfoRa3HOeE0IYCHvGvLwUcGDYc,182
+secator/configs/workflows/wordpress.yaml,sha256=n-I1uNZEPS6oVmF7Rn996K85csSenTtoVycJt0PWnzk,340
+secator/exporters/__init__.py,sha256=PnT9Ra4ArHt9VQTK5Cpc4CPY89XRwLLUGtZ8nUcknm0,415
+secator/exporters/_base.py,sha256=wM1UT1PsSP1gX4gylvpQjBeAsk59F2Q2eFrt7AFU7jM,68
+secator/exporters/console.py,sha256=vbmSln4UrIpzjCQCs6JdZ2VRxjX8qQ1gznCPx89xbX0,263
+secator/exporters/csv.py,sha256=gvwS0dgYhUKjjyNX-jal8SvKQrkjiUEwzDzC4zN8UO4,1068
+secator/exporters/gdrive.py,sha256=6Nj9RTOhraBOalm2H8Fp1tItD2ZrSfgtY4SiXViefcQ,4201
+secator/exporters/json.py,sha256=1ZtDf8RksPO_V0zIvnwDUxMUb630DCElAMM8_RQvyAo,474
+secator/exporters/table.py,sha256=zYNmwNGEyB6dTJ1ATVkrv-AOuPjrW6tvk1_4naLQo8Q,1114
+secator/exporters/txt.py,sha256=t_FykaJOxs4UUlqiH4k6HCccEqYqc8e3iNZndL_CKPg,739
+secator/hooks/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+secator/hooks/gcs.py,sha256=MIhntyWYz9BZdTXhWl5JznaczSq1_7fl3TVqPufuTSo,1490
+secator/hooks/mongodb.py,sha256=5Rbmjd6JuLNH_1GgkumMX1TeuMuU88gzYxoDMkHh1OY,7638
+secator/output_types/__init__.py,sha256=CJcYy2_Ek-opKiBz4wFlDHQBTm3t0JVwZ4w_2Jxoeuw,1291
+secator/output_types/_base.py,sha256=9iBqPdtlfJBldBiuC729KamHHGbKhwo69P-2UNwz-3Q,2874
+secator/output_types/certificate.py,sha256=IXW3GN0JRmuDgoedr8NV8ccuRQOuoInNZWnAKL8zeqY,3040
+secator/output_types/error.py,sha256=lA7DDNUb8iuw3nbanzMD0BjQjOEwUEQPAMZy_9sRs9o,1540
+secator/output_types/exploit.py,sha256=-BKTqPBg94rVgjw8YSmcYuBCI2x-73WwMd9ITP9qr3Y,1750
+secator/output_types/info.py,sha256=HcOwdF4OPw3Qni_X0c8bDSLqq2LZLMjIwwLgtEwBwHE,820
+secator/output_types/ip.py,sha256=wH06b0-_F4_7g0Bcfdh7EpDW50IdjESQoqZHPuVK0hg,1217
+secator/output_types/port.py,sha256=JdqXnEF8XuwaWFMT8Vghj7fKLwtsImuUdRfMmITgmWM,1879
+secator/output_types/progress.py,sha256=alRcuEUv-2_ExmYOEa0p2f6GIp-DerGglgI4JLdowjQ,1213
+secator/output_types/record.py,sha256=HnsKxlIhkgswA_Yjz7BZ1vDjP53l6OJ0BCOtCSDwCSY,1250
+secator/output_types/stat.py,sha256=7ZNWgfrJWONKeJx931eEFngEV4WhJaHs38AUUxxhZC8,1248
+secator/output_types/state.py,sha256=TofrVIL1oPTnq8-x6pATVVLEa7Z4GGYtUSqWmrcGxF4,981
+secator/output_types/subdomain.py,sha256=ivJ_2kmrJ8hdB8wmvRJYlKV1BcE3Cds_vAI_5wL7ES4,1344
+secator/output_types/tag.py,sha256=6oNyDWydngLt5Rj7ZIcUNbJV6EfRsw0lrPDHRdZYFKA,1641
+secator/output_types/target.py,sha256=8XTxV3YcJUb7cDSBOqtTk5e9_pf-vIQArXeJPDik5Ic,1052
+secator/output_types/url.py,sha256=rPbDek2zmvGK2mcjQfQoi6Ij7gKTyItIaDxMT04f2TE,3628
+secator/output_types/user_account.py,sha256=EvF3Ebg9eXS_-iDguU1dSHZ9wAsJimEJznDvpSt_RSY,1417
+secator/output_types/vulnerability.py,sha256=eWJDFCYf3sP5-hPKQT-4Kd5id9bJzTW2u-O_d_4P6EA,2849
+secator/output_types/warning.py,sha256=iy949Aj5OXJLWif7HFB5EvjcYrgKHAzIP9ffyLTV7LA,830
+secator/runners/__init__.py,sha256=EBbOk37vkBy9p8Hhrbi-2VtM_rTwQ3b-0ggTyiD22cE,290
+secator/runners/_base.py,sha256=dy07vXC4STyLepktW4WFpH4tBiyiJfe_MLxgGu555v0,40466
+secator/runners/_helpers.py,sha256=TeebZnpo4cp-9tpgPlDoFm_gmr00_CERAC1aOYhTzA4,6281
+secator/runners/celery.py,sha256=bqvDTTdoHiGRCt0FRvlgFHQ_nsjKMP5P0PzGbwfCj_0,425
+secator/runners/command.py,sha256=5fmwmqkUkomceLUSp2rtJvn_ydE2gI95rqS4WKWciYI,30200
+secator/runners/scan.py,sha256=axT_OmGhixogCPMUS1OUeMLnFtk8PxY7zL9NYCugFVU,2578
+secator/runners/task.py,sha256=PrkVns8UAGht2JbCmCUWycA6B39Z5oeMmAMq69KtXKI,2199
+secator/runners/workflow.py,sha256=YnpTSdmp54d55vORe4khWLSx2J7gtDFNryKfZXYAWnY,6076
+secator/scans/__init__.py,sha256=Tr-plKBxdv_QNqOGe63-UZwz_-GzGGJrLuPMmjFKwao,654
+secator/serializers/__init__.py,sha256=OP5cmFl77ovgSCW_IDcZ21St2mUt5UK4QHfrsK2KvH8,248
+secator/serializers/dataclass.py,sha256=Fo2ZVsVjSF0KMq81JT8mGZxsKsxyueShlDsh9PgwWHE,896
+secator/serializers/json.py,sha256=UJwAymRzjF-yBKOgz1MTOyBhQcdQg7fOKRXgmHIu8fo,411
+secator/serializers/regex.py,sha256=fh-fE0RGvKSGKByFtwmKsWriRpZR9PXZQsY9JybHBWI,489
+secator/tasks/__init__.py,sha256=Op0O0Aa8c124AfDG-cEB9VLRsXZ1wXTpVrT3g-wxMNg,184
+secator/tasks/_categories.py,sha256=yns_5PBKStp6TJEeaYB6yFUjkFMmLh7LEuxcNcADNro,14962
+secator/tasks/arjun.py,sha256=WdRZtTCd2Ejbv5HlLS_FoWVKgGpMsR6RCDekV2kR788,3061
+secator/tasks/bbot.py,sha256=moIkwd52jCKaeg1v6Nv4Gfmd4GPObo9c9nwOzQvf-2M,9236
+secator/tasks/bup.py,sha256=bl5NzoPr_YLy9Ei7JU9CM0-bW9iZsuFe3Ft8KJjN9ws,3849
+secator/tasks/cariddi.py,sha256=iT-2Aryw2PPrzPedc-N_E--DxKFz_gSrcJj4z5PGQf8,4142
+secator/tasks/dalfox.py,sha256=v-TI5B-PCZRe6dU9caQfGJPyAPSbRRCohdIlIFvNAq8,2551
+secator/tasks/dirsearch.py,sha256=_6xPZYpNsbwR4d9NFQw3NXxQKn5zyfO1lyrWzl5p7NY,2469
+secator/tasks/dnsx.py,sha256=2qNC-wSjS33geuHMOwuBapLwKEvWTlDgnmvM67ZSJVA,4220
+secator/tasks/feroxbuster.py,sha256=dz_DGw_CbVGw9AeFjtrAEQwoxDgKzYC-KT9VLwE5UlE,3022
+secator/tasks/ffuf.py,sha256=UjSnbbbeBE8fIOiy98akBqaO9gBtZWb7vYrNs9DjUX8,4119
+secator/tasks/fping.py,sha256=uTOq24DcNQpNgpXQlFV4xxBdn8P9gJWM5mmhkobqW-Y,1575
+secator/tasks/gau.py,sha256=SJaza2yQoMeJeE6TOCRrRv0udbwRIoiXX4gRE64GXoU,1804
+secator/tasks/gf.py,sha256=svNRzaBr_DYW3QGFoPmUBWZh0Xm07XDS2bbNH-tfcA4,1028
+secator/tasks/gitleaks.py,sha256=cajL0NDm7dRFpcq4fJOCSkQMpquUiOy9HODq93h36Xg,2638
+secator/tasks/gospider.py,sha256=5cEgBCCGWIGE05XfAkjMhTap9V-MwLK2lm1iqxcbj-M,2513
+secator/tasks/grype.py,sha256=OasQs5WQwgt--o6M2_uh3RYZZaA3-difweCS46Uc5-w,2573
+secator/tasks/h8mail.py,sha256=XsDnL8LPk_jIHfJhqeYMj2423epk0NADorjd_JhBa9o,2033
+secator/tasks/httpx.py,sha256=0Umt2ouL36TELxmoaZ4dKSGXgipN3ve__IQFgUKrWZQ,6498
+secator/tasks/katana.py,sha256=NQimtCi7qgIIK6npzzm8OKZSVsBWxuj950W_4VNUa8U,6164
+secator/tasks/maigret.py,sha256=QuQcRUghVx1PmXhZFVUD4-PGiWWN5niYOh2FJyviP6s,2161
+secator/tasks/mapcidr.py,sha256=tMTHQspHSs92F4R-9HVYjFBpiu9ZhxoJSNvpd8KwKKc,1057
+secator/tasks/msfconsole.py,sha256=3VjAEpwEAFDcGxyYMhKyDLHRObXELYFx_H306fzmtMw,6566
+secator/tasks/naabu.py,sha256=dI-NNb4MQzyCgnvfkstkn3IyjUpW0ORbftcsVFmx994,2443
+secator/tasks/nmap.py,sha256=bGfPrB_JD_XaVccUJTvMAN81cNfmWo2gI4Hd6P_ZRLI,16986
+secator/tasks/nuclei.py,sha256=F5r7DQu8XBGHn518QWs8DSKoRVEGSGGMMDTcOW5bEHk,5010
+secator/tasks/searchsploit.py,sha256=gwP05nLdu3yBnpMrAVu7S2CIjgCtcS3w9_1K0Tp9WBM,3503
+secator/tasks/subfinder.py,sha256=Q7YIBSyFxHWXSskmn2dEWPxU_HZ9rZCMU3Kl4sdvPwc,1297
+secator/tasks/testssl.py,sha256=rrpKerOYcNA4NJr9RQ_uAtAbl3W50FRp3bPo3yD8EEg,8787
+secator/tasks/trivy.py,sha256=loIVQeHlYzz-_mVI6-HrL1O3H-22LA0vl4J9Ja_fy2I,3307
+secator/tasks/wafw00f.py,sha256=9CnV9F7ZrykO27F3PAb5HtwULDMYEKGSTbz-jh0kc2g,3189
+secator/tasks/wpprobe.py,sha256=1QPJ-7JvhL7LFvjUTAmqpH2Krp-Qmi079lonso16YPQ,3229
+secator/tasks/wpscan.py,sha256=dBkbG9EODHDUBAA8uNVULX4SdVgTCAi_F1T1oCfRbsI,5852
+secator/workflows/__init__.py,sha256=XOviyjSylZ4cuVmmQ76yuqZRdmvOEghqAnuw_4cLmfk,702
+secator-0.16.0.dist-info/METADATA,sha256=BkmXHua4U9TX3HC4MeFAFGDDiyAtohXv-SCbW3giboE,17253
+secator-0.16.0.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
+secator-0.16.0.dist-info/entry_points.txt,sha256=lPgsqqUXWgiuGSfKy-se5gHdQlAXIwS_A46NYq7Acic,44
+secator-0.16.0.dist-info/licenses/LICENSE,sha256=19W5Jsy4WTctNkqmZIqLRV1gTDOp01S3LDj9iSgWaJ0,2867
+secator-0.16.0.dist-info/RECORD,,

secator/configs/profiles/default.yaml DELETED Viewed

@@ -1,8 +0,0 @@
-type: profile
-name: default
-description: "General scanning"
-opts:
-    rate_limit: 1000
-    delay: 0
-    timeout: 5
-    retries: 3

secator/configs/workflows/url_nuclei.yaml DELETED Viewed

@@ -1,11 +0,0 @@
-type: workflow
-name: url_nuclei
-alias: url_nuclei
-description: URL vulnerability scan (nuclei)
-tags: [http, nuclei]
-input_types:
-  - url
-tasks:
-  nuclei:
-    description: Search for HTTP vulns
-    exclude_tags: [network, ssl, file, dns, osint, token-spray, headers]

secator/tasks/dnsxbrute.py DELETED Viewed

@@ -1,42 +0,0 @@
-from secator.decorators import task
-from secator.definitions import (DOMAIN, HOST, RATE_LIMIT, RETRIES, THREADS, WORDLIST, EXTRA_DATA)
-from secator.config import CONFIG
-from secator.output_types import Subdomain
-from secator.serializers import JSONSerializer
-from secator.tasks._categories import ReconDns
-from secator.utils import process_wordlist
-@task()
-class dnsxbrute(ReconDns):
-    """dnsx is a fast and multi-purpose DNS toolkit designed for running various library."""
-    cmd = 'dnsx'
-    tags = ['dns', 'fuzz']
-    json_flag = '-json'
-    input_flag = '-domain'
-    input_types = [HOST]
-    file_flag = '-domain'
-    opt_key_map = {
-        RATE_LIMIT: 'rate-limit',
-        RETRIES: 'retry',
-        THREADS: 'threads',
-    }
-    opts = {
-        WORDLIST: {'type': str, 'short': 'w', 'default': CONFIG.wordlists.defaults.dns, 'process': process_wordlist, 'help': 'Wordlist to use'},  # noqa: E501
-        'trace': {'is_flag': True, 'default': False, 'help': 'Perform dns tracing'},
-    }
-    item_loaders = [JSONSerializer()]
-    output_map = {
-        Subdomain: {
-            HOST: 'host',
-            DOMAIN: lambda x: ".".join(x['host'].split('.')[1:]),
-            EXTRA_DATA: lambda x: {
-                'resolver': x['resolver'],
-                'status_code': x['status_code']
-			}
-        }
-    }
-    install_version = 'v1.2.2'
-    install_cmd = 'go install -v github.com/projectdiscovery/dnsx/cmd/dnsx@[install_version]'
-    install_github_handle = 'projectdiscovery/dnsx'
-    profile = 'io'

secator 0.15.0__py3-none-any.whl → 0.16.0__py3-none-any.whl

Potentially problematic release.

secator 0.15.0py3-none-any.whl → 0.16.0py3-none-any.whl