secator 0.15.1__py3-none-any.whl → 0.16.0__py3-none-any.whl

secator/runners/task.py

@@ -1,7 +1,6 @@
-import uuid
 from secator.config import CONFIG
 from secator.runners import Runner
-from secator.utils import discover_tasks
+from secator.loader import discover_tasks
 from celery import chain
 
 
@@ -47,16 +46,23 @@ class Task(Runner):
 		opts['hooks'] = hooks
 		opts['context'] = self.context.copy()
 		opts['reports_folder'] = str(self.reports_folder)
-		opts['enable_reports'] = False  # Task will handle reports
-		opts['enable_duplicate_check'] = False  # Task will handle duplicate check
+
+		# Task class will handle those
+		opts['enable_reports'] = False
+		opts['enable_profiles'] = False
+		opts['enable_duplicate_check'] = False
+		opts['print_start'] = False
+		opts['print_end'] = False
+		opts['print_target'] = False
 		opts['has_parent'] = False
 		opts['skip_if_no_inputs'] = False
 		opts['caller'] = 'Task'
 
 		# Create task signature
-		task_id = str(uuid.uuid4())
-		sig = run_command.si(self.results, self.config.name, self.inputs, opts).set(queue=task_cls.profile, task_id=task_id)
-		self.add_subtask(task_id, self.config.name, self.config.description or '')
+		profile = task_cls.profile(opts) if callable(task_cls.profile) else task_cls.profile
+		sig = run_command.si(self.results, self.config.name, self.inputs, opts).set(queue=profile)
+		task_id = sig.freeze().task_id
+		self.add_subtask(task_id, self.config.name, self.description)
 		return chain(sig)
 
 	@staticmethod

secator/runners/workflow.py

@@ -1,8 +1,10 @@
-import uuid
+from dotmap import DotMap
 
 from secator.config import CONFIG
+from secator.output_types import Info
 from secator.runners._base import Runner
 from secator.runners.task import Task
+from secator.tree import build_runner_tree, walk_runner_tree
 from secator.utils import merge_opts
 
 
@@ -30,16 +32,18 @@ class Workflow(Runner):
 			celery.Signature: Celery task signature.
 		"""
 		from celery import chain
-		from secator.celery import mark_runner_started, mark_runner_completed
+		from secator.celery import mark_runner_started, mark_runner_completed, forward_results
 
 		# Prepare run options
 		opts = self.run_opts.copy()
 		opts.pop('output', None)
 		opts.pop('no_poll', False)
+		opts.pop('print_profiles', False)
 
 		# Set hooks and reports
-		self.enable_reports = True  # Workflow will handle reports
 		self.enable_hooks = False   # Celery will handle hooks
+		self.enable_reports = True  # Workflow will handle reports
+		self.print_item = not self.sync
 
 		# Get hooks
 		hooks = self._hooks.get(Task, {})
@@ -52,84 +56,113 @@ class Workflow(Runner):
 		opts['skip_if_no_inputs'] = True
 		opts['caller'] = 'Workflow'
 
-		forwarded_opts = {}
-		if chain_previous_results:
-			forwarded_opts = {k: v for k, v in self.run_opts.items() if k.endswith('_')}
-
-		# Build task signatures
-		sigs = self.get_tasks(
-			self.config.tasks.toDict(),
-			self.inputs,
-			self.config.options,
-			opts,
-			forwarded_opts=forwarded_opts
-		)
+		# Remove workflow config prefix from opts
+		for k, v in opts.copy().items():
+			if k.startswith(self.config.name + '_'):
+				opts[k.replace(self.config.name + '_', '')] = v
 
-		start_sig = mark_runner_started.si([], self, enable_hooks=True).set(queue='results')
-		if chain_previous_results:
-			start_sig = mark_runner_started.s(self, enable_hooks=True).set(queue='results')
+		# Remove dynamic opts from parent runner
+		opts = {k: v for k, v in opts.items() if k not in self.dynamic_opts}
 
-		# Build workflow chain with lifecycle management
-		return chain(
-			start_sig,
-			*sigs,
-			mark_runner_completed.s(self, enable_hooks=True).set(queue='results'),
-		)
+		# Forward workflow opts to first task if needed
+		forwarded_opts = {}
+		if chain_previous_results:
+			forwarded_opts = self.dynamic_opts
 
-	def get_tasks(self, config, inputs, workflow_opts, run_opts, forwarded_opts={}):
-		"""Get tasks recursively as Celery chains / chords.
+		# Build workflow tree
+		tree = build_runner_tree(self.config)
+		current_id = tree.root_nodes[0].id
+		ix = 0
+		sigs = []
 
-		Args:
-			config (dict): Tasks config dict.
-			inputs (list): Inputs.
-			workflow_opts (dict): Workflow options.
-			run_opts (dict): Run options.
-			forwarded_opts (dict): Opts forwarded from parent runner (e.g: scan).
-			sync (bool): Synchronous mode (chain of tasks, no chords).
+		def process_task(node, force=False, parent_ix=None):
+			from celery import chain, group
+			from secator.utils import debug
+			nonlocal ix
+			sig = None
+
+			if node.id is None:
+				return
+
+			if node.type == 'task':
+				if node.parent.type == 'group' and not force:
+					return
+
+				# Skip task if condition is not met
+				condition = node.opts.pop('if', None)
+				local_ns = {'opts': DotMap(opts)}
+				if condition:
+					# debug(f'{node.id} evaluating {condition} with opts {opts}', sub=self.config.name)
+					result = eval(condition, {"__builtins__": {}}, local_ns)
+					if not result:
+						debug(f'{node.id} skipped task because condition is not met: {condition}', sub=self.config.name)
+						self.add_result(Info(message=f'Skipped task [bold gold3]{node.name}[/] because condition is not met: [bold green]{condition}[/]'))  # noqa: E501
+						return
 
-		Returns:
-			tuple (List[celery.Signature], List[str]): Celery signatures, Celery task ids.
-		"""
-		from celery import chain, group
-		sigs = []
-		ix = 0
-		for task_name, task_opts in config.items():
-			# Task opts can be None
-			task_opts = task_opts or {}
-
-			# If it's a group, process the sublevel tasks as a Celery chord.
-			if task_name.startswith('_group'):
-				tasks = self.get_tasks(
-					task_opts,
-					inputs,
-					workflow_opts,
-					run_opts
-				)
-				sig = group(*tasks)
-			elif task_name == '_chain':
-				tasks = self.get_tasks(
-					task_opts,
-					inputs,
-					workflow_opts,
-					run_opts
-				)
-				sig = chain(*tasks)
-			else:
 				# Get task class
-				task = Task.get_task_class(task_name)
+				task = Task.get_task_class(node.name)
 
 				# Merge task options (order of priority with overrides)
-				opts = merge_opts(workflow_opts, task_opts, run_opts)
-				if ix == 0 and forwarded_opts:
-					opts.update(forwarded_opts)
-				opts['name'] = task_name
+				task_opts = merge_opts(self.config.default_options.toDict(), node.opts, opts)
+				if (ix == 0 or parent_ix == 0) and forwarded_opts:
+					task_opts.update(forwarded_opts)
 
 				# Create task signature
-				task_id = str(uuid.uuid4())
-				opts['context'] = self.context.copy()
-				sig = task.s(inputs, **opts).set(queue=task.profile, task_id=task_id)
-				self.add_subtask(task_id, task_name, task_opts.get('description', ''))
+				task_opts['name'] = node.name
+				task_opts['context'] = self.context.copy()
+				task_opts['context']['node_id'] = node.id
+				task_opts['context']['ancestor_id'] = None if (ix == 0 or parent_ix == 0) else current_id
+				task_opts['aliases'] = [node.id, node.name]
+				if task.__name__ != node.name:
+					task_opts['aliases'].append(task.__name__)
+				profile = task.profile(task_opts) if callable(task.profile) else task.profile
+				sig = task.s(self.inputs, **task_opts).set(queue=profile)
+				task_id = sig.freeze().task_id
+				debug(f'{node.id} sig built ix: {ix}, parent_ix: {parent_ix}', sub=self.config.name)
+				# debug(f'{node.id} opts', obj=task_opts, sub=f'workflow.{self.config.name}')
+				debug(f'{node.id} ancestor id: {task_opts.get("context", {}).get("ancestor_id")}', sub=self.config.name)
+				self.add_subtask(task_id, node.name, task_opts.get('description', ''))
 				self.output_types.extend(task.output_types)
 				ix += 1
-			sigs.append(sig)
-		return sigs
+
+			elif node.type == 'group' and node.children:
+				parent_ix = ix
+				tasks = [sig for sig in [process_task(child, force=True, parent_ix=parent_ix) for child in node.children] if sig]
+				debug(f'{node.id} group built with {len(tasks)} tasks', sub=self.config.name)
+				if len(tasks) == 1:
+					debug(f'{node.id} downgraded group to task', sub=self.config.name)
+					sig = tasks[0]
+				elif len(tasks) > 1:
+					sig = group(*tasks)
+					last_sig = sigs[-1] if sigs else None
+					if sig and isinstance(last_sig, group):  # cannot chain 2 groups without bridge task
+						debug(f'{node.id} previous is group, adding bridge task forward_results', sub=self.config.name)
+						sigs.append(forward_results.s())
+				else:
+					debug(f'{node.id} group built with 0 tasks', sub=self.config.name)
+				ix += 1
+
+			elif node.type == 'chain' and node.children:
+				tasks = [sig for sig in [process_task(child, force=True, parent_ix=ix) for child in node.children] if sig]
+				sig = chain(*tasks) if tasks else None
+				debug(f'{node.id} chain built with {len(tasks)} tasks', sub=self.config.name)
+				ix += 1
+
+			if sig and node.parent.type != 'group':
+				debug(f'{node.id} added to workflow', sub=self.config.name)
+				sigs.append(sig)
+
+			return sig
+
+		walk_runner_tree(tree, process_task)
+
+		# Build workflow chain with lifecycle management
+		start_sig = mark_runner_started.si([], self, enable_hooks=True).set(queue='results')
+		if chain_previous_results:
+			start_sig = mark_runner_started.s(self, enable_hooks=True).set(queue='results')
+		sig = chain(
+			start_sig,
+			*sigs,
+			mark_runner_completed.s(self, enable_hooks=True).set(queue='results'),
+		)
+		return sig

secator/scans/__init__.py

@@ -1,4 +1,4 @@
-from secator.cli import ALL_SCANS
+from secator.loader import get_configs_by_type
 from secator.runners import Scan
 
 
@@ -21,7 +21,7 @@ class DynamicScan(Scan):
 
 
 DYNAMIC_SCANS = {}
-for scan in ALL_SCANS:
+for scan in get_configs_by_type('scan'):
 	instance = DynamicScan(scan)
 	DYNAMIC_SCANS[scan.name] = instance
 

secator/serializers/dataclass.py

@@ -5,35 +5,35 @@ from secator.output_types import OUTPUT_TYPES
 
 
 class DataclassEncoder(json.JSONEncoder):
-    def default(self, obj):
-        if hasattr(obj, 'toDict'):
-            return obj.toDict()
-        elif isinstance(obj, PosixPath):
-            return str(obj)
-        elif isinstance(obj, (datetime, date)):
-            return obj.isoformat()
-        else:
-            return json.JSONEncoder.default(self, obj)
+	def default(self, obj):
+		if hasattr(obj, 'toDict'):
+			return obj.toDict()
+		elif isinstance(obj, PosixPath):
+			return str(obj)
+		elif isinstance(obj, (datetime, date)):
+			return obj.isoformat()
+		else:
+			return json.JSONEncoder.default(self, obj)
 
 
 def get_output_cls(type):
-    try:
-        return [cls for cls in OUTPUT_TYPES if cls.get_name() == type][0]
-    except IndexError:
-        return None
+	try:
+		return [cls for cls in OUTPUT_TYPES if cls.get_name() == type][0]
+	except IndexError:
+		return None
 
 
 def dataclass_decoder(obj):
-    if '_type' in obj:
-        output_cls = get_output_cls(obj['_type'])
-        if output_cls:
-            return output_cls.load(obj)
-    return obj
+	if '_type' in obj:
+		output_cls = get_output_cls(obj['_type'])
+		if output_cls:
+			return output_cls.load(obj)
+	return obj
 
 
 def dumps_dataclass(obj, indent=None):
-    return json.dumps(obj, cls=DataclassEncoder, indent=indent)
+	return json.dumps(obj, cls=DataclassEncoder, indent=indent)
 
 
 def loads_dataclass(obj):
-    return json.loads(obj, object_hook=dataclass_decoder)
+	return json.loads(obj, object_hook=dataclass_decoder)

secator/tasks/__init__.py

@@ -1,8 +1,8 @@
-from secator.utils import discover_tasks
+from secator.loader import discover_tasks
 TASKS = discover_tasks()
 __all__ = [
-    cls.__name__
-    for cls in TASKS
+	cls.__name__
+	for cls in TASKS
 ]
 for cls in TASKS:
-    exec(f'from .{cls.__name__} import {cls.__name__}')
+	exec(f'from .{cls.__name__} import {cls.__name__}')

secator/tasks/_categories.py

@@ -8,7 +8,7 @@ import requests
 from bs4 import BeautifulSoup
 from cpe import CPE
 
-from secator.definitions import (CIDR_RANGE, CVSS_SCORE, DELAY, DEPTH, DESCRIPTION, FILTER_CODES,
+from secator.definitions import (CIDR_RANGE, CVSS_SCORE, DATA, DELAY, DEPTH, DESCRIPTION, FILTER_CODES,
 								 FILTER_REGEX, FILTER_SIZE, FILTER_WORDS, FOLLOW_REDIRECT, HEADER, HOST, ID, IP,
 								 MATCH_CODES, MATCH_REGEX, MATCH_SIZE, MATCH_WORDS, METHOD, NAME, PATH, PROVIDER, PROXY,
 								 RATE_LIMIT, REFERENCES, RETRIES, SEVERITY, TAGS, THREADS, TIMEOUT, URL, USER_AGENT,
@@ -16,7 +16,15 @@ from secator.definitions import (CIDR_RANGE, CVSS_SCORE, DELAY, DEPTH, DESCRIPTI
 from secator.output_types import Ip, Port, Subdomain, Tag, Url, UserAccount, Vulnerability
 from secator.config import CONFIG
 from secator.runners import Command
-from secator.utils import debug, process_wordlist
+from secator.utils import debug, process_wordlist, headers_to_dict
+
+
+def process_headers(headers_dict):
+	headers = []
+	for key, value in headers_dict.items():
+		headers.append(f'{key}:{value}')
+	return headers
+
 
 USER_AGENTS = {
 	'chrome_134.0_win10': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36',  # noqa: E501
@@ -25,18 +33,19 @@ USER_AGENTS = {
 
 
 OPTS = {
-	HEADER: {'type': str, 'help': 'Custom header to add to each request in the form "KEY1:VALUE1; KEY2:VALUE2"', 'default': 'User-Agent: ' + USER_AGENTS['chrome_134.0_win10']},  # noqa: E501
+	HEADER: {'type': str, 'short': 'H', 'help': 'Custom header to add to each request in the form "KEY1:VALUE1;; KEY2:VALUE2"', 'pre_process': headers_to_dict, 'process': process_headers, 'default': 'User-Agent: ' + USER_AGENTS['chrome_134.0_win10']},  # noqa: E501
+	DATA: {'type': str, 'help': 'Data to send in the request body'},
 	DELAY: {'type': float, 'short': 'd', 'help': 'Delay to add between each requests'},
 	DEPTH: {'type': int, 'help': 'Scan depth'},
 	FILTER_CODES: {'type': str, 'short': 'fc', 'help': 'Filter out responses with HTTP codes'},
 	FILTER_REGEX: {'type': str, 'short': 'fr', 'help': 'Filter out responses with regular expression'},
-	FILTER_SIZE: {'type': str, 'short': 'fs', 'help': 'Filter out responses with size'},
-	FILTER_WORDS: {'type': str, 'short': 'fw', 'help': 'Filter out responses with word count'},
+	FILTER_SIZE: {'type': int, 'short': 'fs', 'help': 'Filter out responses with size'},
+	FILTER_WORDS: {'type': int, 'short': 'fw', 'help': 'Filter out responses with word count'},
 	FOLLOW_REDIRECT: {'is_flag': True, 'short': 'frd', 'help': 'Follow HTTP redirects'},
 	MATCH_CODES: {'type': str, 'short': 'mc', 'help': 'Match HTTP status codes e.g "201,300,301"'},
 	MATCH_REGEX: {'type': str, 'short': 'mr', 'help': 'Match responses with regular expression'},
-	MATCH_SIZE: {'type': str, 'short': 'ms', 'help': 'Match respones with size'},
-	MATCH_WORDS: {'type': str, 'short': 'mw', 'help': 'Match responses with word count'},
+	MATCH_SIZE: {'type': int, 'short': 'ms', 'help': 'Match responses with size'},
+	MATCH_WORDS: {'type': int, 'short': 'mw', 'help': 'Match responses with word count'},
 	METHOD: {'type': str, 'help': 'HTTP method to use for requests'},
 	PROXY: {'type': str, 'help': 'HTTP(s) / SOCKS5 proxy'},
 	RATE_LIMIT: {'type':  int, 'short': 'rl', 'help': 'Rate limit, i.e max number of requests per second'},
@@ -56,7 +65,7 @@ OPTS_HTTP_CRAWLERS = OPTS_HTTP + [
 	MATCH_CODES
 ]
 
-OPTS_HTTP_FUZZERS = OPTS_HTTP_CRAWLERS + [WORDLIST]
+OPTS_HTTP_FUZZERS = OPTS_HTTP_CRAWLERS + [WORDLIST, DATA]
 
 OPTS_RECON = [
 	DELAY, PROXY, RATE_LIMIT, RETRIES, THREADS, TIMEOUT
@@ -132,7 +141,7 @@ class Vuln(Command):
 		if os.path.exists(cve_path):
 			with open(cve_path, 'r') as f:
 				return json.load(f)
-		debug(f'CVE {cve_id} not found in cache', sub='cve')
+		debug(f'{cve_id}: not found in cache', sub='cve')
 		return None
 
 	# @staticmethod
@@ -215,10 +224,10 @@ class Vuln(Command):
 			dict: vulnerability data.
 		"""
 		if CONFIG.runners.skip_exploit_search:
-			debug(f'Skip remote query for {exploit_id} since config.runners.skip_exploit_search is set.', sub='cve')
+			debug(f'{exploit_id}: skipped remote query since config.runners.skip_exploit_search is set.', sub='cve.vulners')
 			return None
 		if CONFIG.offline_mode:
-			debug(f'Skip remote query for {exploit_id} since config.offline_mode is set.', sub='cve')
+			debug(f'{exploit_id}: skipped remote query since config.offline_mode is set.', sub='cve.vulners')
 			return None
 		try:
 			resp = requests.get(f'https://vulners.com/githubexploit/{exploit_id}', timeout=5)
@@ -234,7 +243,7 @@ class Vuln(Command):
 			cve_regex = re.compile(r'(CVE(?:-|_)\d{4}(?:-|_)\d{4,7})', re.IGNORECASE)
 			matches = cve_regex.findall(str(content))
 			if not matches:
-				debug(f'{exploit_id}: No CVE found in https://vulners.com/githubexploit/{exploit_id}.', sub='cve')
+				debug(f'{exploit_id}: no matching CVE found in https://vulners.com/githubexploit/{exploit_id}.', sub='cve.vulners')
 				return None
 			cve_id = matches[0].replace('_', '-').upper()
 			cve_data = Vuln.lookup_cve(cve_id, *cpes)
@@ -242,7 +251,7 @@ class Vuln(Command):
 				return cve_data
 
 		except requests.RequestException as e:
-			debug(f'Failed remote query for {exploit_id} ({str(e)}).', sub='cve')
+			debug(f'{exploit_id}: failed remote query ({str(e)}).', sub='cve.vulners')
 			return None
 
 	@cache
@@ -256,20 +265,26 @@ class Vuln(Command):
 		Returns:
 			dict | None: CVE data, None if no response or empty response.
 		"""
+		if CONFIG.runners.skip_cve_search:
+			debug(f'{cve_id}: skipped remote query since config.runners.skip_cve_search is set.', sub='cve.circl')
+			return None
+		if CONFIG.offline_mode:
+			debug(f'{cve_id}: skipped remote query since config.offline_mode is set.', sub='cve.circl')
+			return None
 		try:
 			resp = requests.get(f'https://vulnerability.circl.lu/api/cve/{cve_id}', timeout=5)
 			resp.raise_for_status()
 			cve_info = resp.json()
 			if not cve_info:
-				debug(f'Empty response from https://vulnerability.circl.lu/api/cve/{cve_id}', sub='cve')
+				debug(f'{cve_id}: empty response from https://vulnerability.circl.lu/api/cve/{cve_id}', sub='cve.circl')
 				return None
 			cve_path = f'{CONFIG.dirs.data}/cves/{cve_id}.json'
 			with open(cve_path, 'w') as f:
 				f.write(json.dumps(cve_info, indent=2))
-			debug(f'Downloaded {cve_id} to {cve_path}', sub='cve')
+			debug(f'{cve_id}: downloaded to {cve_path}', sub='cve.circl')
 			return cve_info
 		except requests.RequestException as e:
-			debug(f'Failed remote query for {cve_id} ({str(e)}).', sub='cve')
+			debug(f'{cve_id}: failed remote query ({str(e)}).', sub='cve.circl')
 			return None
 
 	@cache
@@ -288,12 +303,6 @@ class Vuln(Command):
 
 		# Online CVE lookup
 		if not cve_info:
-			if CONFIG.runners.skip_cve_search:
-				debug(f'Skip remote query for {cve_id} since config.runners.skip_cve_search is set.', sub='cve')
-				return None
-			if CONFIG.offline_mode:
-				debug(f'Skip remote query for {cve_id} since config.offline_mode is set.', sub='cve')
-				return None
 			cve_info = Vuln.lookup_cve_from_cve_circle(cve_id)
 			if not cve_info:
 				return None
@@ -321,6 +330,10 @@ class Vuln(Command):
 			'cpes': cpes_affected,
 			'references': references
 		}
+		if not cpes_affected:
+			debug(f'{cve_id}: no CPEs found in CVE data', sub='cve.circl', verbose=True)
+		else:
+			debug(f'{cve_id}: {len(cpes_affected)} CPEs found in CVE data', sub='cve.circl', verbose=True)
 
 		# Match the CPE string against the affected products CPE FS strings from the CVE data if a CPE was passed.
 		# This allow to limit the number of False positives (high) that we get from nmap NSE vuln scripts like vulscan
@@ -328,15 +341,14 @@ class Vuln(Command):
 		# The check is not executed if no CPE was passed (sometimes nmap cannot properly detect a CPE) or if the CPE
 		# version cannot be determined.
 		cpe_match = False
-		tags = [cve_id]
-		if cpes:
+		tags = []
+		if cpes and cpes_affected:
 			for cpe in cpes:
 				cpe_fs = Vuln.get_cpe_fs(cpe)
 				if not cpe_fs:
 					debug(f'{cve_id}: Failed to parse CPE {cpe} with CPE parser', sub='cve.match', verbose=True)
 					tags.append('cpe-invalid')
 					continue
-				# cpe_version = cpe_obj.get_version()[0]
 				for cpe_affected in cpes_affected:
 					cpe_affected_fs = Vuln.get_cpe_fs(cpe_affected)
 					if not cpe_affected_fs:
@@ -345,12 +357,12 @@ class Vuln(Command):
 					debug(f'{cve_id}: Testing {cpe_fs} against {cpe_affected_fs}', sub='cve.match', verbose=True)
 					cpe_match = Vuln.match_cpes(cpe_fs, cpe_affected_fs)
 					if cpe_match:
-						debug(f'{cve_id}: CPE match found for {cpe}.', sub='cve')
+						debug(f'{cve_id}: CPE match found for {cpe}.', sub='cve.match')
 						tags.append('cpe-match')
 						break
 
 				if not cpe_match:
-					debug(f'{cve_id}: no CPE match found for {cpe}.', sub='cve')
+					debug(f'{cve_id}: no CPE match found for {cpe}.', sub='cve.match')
 
 		# Parse CVE id and CVSS
 		name = id = cve_info['id']

secator/tasks/arjun.py

@@ -4,7 +4,7 @@ import yaml
 from secator.decorators import task
 from secator.definitions import (OUTPUT_PATH, RATE_LIMIT, THREADS, DELAY, TIMEOUT, METHOD, WORDLIST,
 								 HEADER, URL, FOLLOW_REDIRECT)
-from secator.output_types import Info, Url, Warning, Error
+from secator.output_types import Info, Url, Warning
 from secator.runners import Command
 from secator.tasks._categories import OPTS
 from secator.utils import process_wordlist
@@ -14,9 +14,11 @@ from secator.utils import process_wordlist
 class arjun(Command):
 	"""HTTP Parameter Discovery Suite."""
 	cmd = 'arjun'
+	input_types = [URL]
+	output_types = [Url]
 	tags = ['url', 'fuzz', 'params']
 	input_flag = '-u'
-	input_types = [URL]
+	input_chunk_size = 1
 	version_flag = ' '
 	opts = {
 		'chunk_size': {'type': int, 'help': 'Control query/chunk size'},
@@ -49,7 +51,9 @@ class arjun(Command):
 		'casing': '--casing',
 		'follow_redirect': '--follow-redirect',
 	}
-	output_types = [Url]
+	opt_value_map = {
+		HEADER: lambda headers: "\\n".join(c.strip() for c in headers.split(";;"))
+	}
 	install_version = '2.2.7'
 	install_cmd = 'pipx install arjun==[install_version] --force'
 	install_github_handle = 's0md3v/Arjun'
@@ -75,7 +79,7 @@ class arjun(Command):
 	@staticmethod
 	def on_cmd_done(self):
 		if not os.path.exists(self.output_path):
-			yield Error(message=f'Could not find JSON results in {self.output_path}')
+			# yield Error(message=f'Could not find JSON results in {self.output_path}')
 			return
 		yield Info(message=f'JSON results saved to {self.output_path}')
 		with open(self.output_path, 'r') as f:
@@ -87,6 +91,6 @@ class arjun(Command):
 			for param in values['params']:
 				yield Url(
 					url=url + '?' + param + '=' + 'FUZZ',
-					headers=values['headers'],
+					request_headers=values['headers'],
 					method=values['method'],
 				)