secator 0.16.4__py3-none-any.whl → 0.16.5__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of secator might be problematic. Click here for more details.

Files changed (9) hide show
  1. secator/celery.py +8 -3
  2. secator/hooks/gcs.py +4 -2
  3. secator/hooks/mongodb.py +8 -3
  4. secator/tasks/_categories.py +14 -0
  5. {secator-0.16.4.dist-info → secator-0.16.5.dist-info}/METADATA +1 -1
  6. {secator-0.16.4.dist-info → secator-0.16.5.dist-info}/RECORD +9 -9
  7. {secator-0.16.4.dist-info → secator-0.16.5.dist-info}/WHEEL +0 -0
  8. {secator-0.16.4.dist-info → secator-0.16.5.dist-info}/entry_points.txt +0 -0
  9. {secator-0.16.4.dist-info → secator-0.16.5.dist-info}/licenses/LICENSE +0 -0
secator/celery.py CHANGED
@@ -240,7 +240,8 @@ def forward_results(results):
240
240
  console.print(Info(message=f'Deduplicating {len(results)} results'))
241
241
 
242
242
  results = flatten(results)
243
- if CONFIG.addons.mongodb.enabled:
243
+ if IN_CELERY_WORKER_PROCESS and CONFIG.addons.mongodb.enabled:
244
+ console.print(Info(message=f'Extracting uuids from {len(results)} results'))
244
245
  uuids = [r._uuid for r in results if hasattr(r, '_uuid')]
245
246
  uuids.extend([r for r in results if isinstance(r, str)])
246
247
  results = list(set(uuids))
@@ -271,12 +272,14 @@ def mark_runner_started(results, runner, enable_hooks=True):
271
272
  if results:
272
273
  results = forward_results(results)
273
274
  runner.enable_hooks = enable_hooks
274
- if CONFIG.addons.mongodb.enabled:
275
+ if IN_CELERY_WORKER_PROCESS and CONFIG.addons.mongodb.enabled:
275
276
  from secator.hooks.mongodb import get_results
276
277
  results = get_results(results)
277
278
  for item in results:
278
279
  runner.add_result(item, print=False)
279
280
  runner.mark_started()
281
+ if IN_CELERY_WORKER_PROCESS and CONFIG.addons.mongodb.enabled:
282
+ return [r._uuid for r in runner.results]
280
283
  return runner.results
281
284
 
282
285
 
@@ -297,12 +300,14 @@ def mark_runner_completed(results, runner, enable_hooks=True):
297
300
  debug(f'Runner {runner.unique_name} has finished, running mark_completed', sub='celery')
298
301
  results = forward_results(results)
299
302
  runner.enable_hooks = enable_hooks
300
- if CONFIG.addons.mongodb.enabled:
303
+ if IN_CELERY_WORKER_PROCESS and CONFIG.addons.mongodb.enabled:
301
304
  from secator.hooks.mongodb import get_results
302
305
  results = get_results(results)
303
306
  for item in results:
304
307
  runner.add_result(item, print=False)
305
308
  runner.mark_completed()
309
+ if IN_CELERY_WORKER_PROCESS and CONFIG.addons.mongodb.enabled:
310
+ return [r._uuid for r in runner.results]
306
311
  return runner.results
307
312
 
308
313
 
secator/hooks/gcs.py CHANGED
@@ -42,10 +42,12 @@ def upload_blob(bucket_name, source_file_name, destination_blob_name):
42
42
  storage_client = storage.Client()
43
43
  bucket = storage_client.bucket(bucket_name)
44
44
  blob = bucket.blob(destination_blob_name)
45
- blob.upload_from_filename(source_file_name)
45
+ with open(source_file_name, 'rb') as f:
46
+ f.seek(0)
47
+ blob.upload_from_file(f)
46
48
  end_time = time()
47
49
  elapsed = end_time - start_time
48
- debug(f'in {elapsed:.4f}s', obj={'blob': 'CREATED', 'blob_name': destination_blob_name, 'bucket': bucket_name}, obj_after=False, sub='hooks.gcs', verbose=True) # noqa: E501
50
+ debug(f'in {elapsed:.4f}s', obj={'blob': 'UPLOADED', 'blob_name': destination_blob_name, 'bucket': bucket_name}, obj_after=False, sub='hooks.gcs', verbose=True) # noqa: E501
49
51
 
50
52
 
51
53
  HOOKS = {
secator/hooks/mongodb.py CHANGED
@@ -30,7 +30,8 @@ def get_mongodb_client():
30
30
  _mongodb_client = pymongo.MongoClient(
31
31
  escape_mongodb_url(MONGODB_URL),
32
32
  maxPoolSize=MONGODB_MAX_POOL_SIZE,
33
- serverSelectionTimeoutMS=MONGODB_CONNECT_TIMEOUT
33
+ serverSelectionTimeoutMS=MONGODB_CONNECT_TIMEOUT,
34
+ connect=False
34
35
  )
35
36
  return _mongodb_client
36
37
 
@@ -157,19 +158,23 @@ def load_findings(objs):
157
158
 
158
159
 
159
160
  @shared_task
160
- def tag_duplicates(ws_id: str = None):
161
+ def tag_duplicates(ws_id: str = None, full_scan: bool = False):
161
162
  """Tag duplicates in workspace.
162
163
 
163
164
  Args:
164
165
  ws_id (str): Workspace id.
166
+ full_scan (bool): If True, scan all findings, otherwise only untagged findings.
165
167
  """
166
168
  debug(f'running duplicate check on workspace {ws_id}', sub='hooks.mongodb')
167
169
  client = get_mongodb_client()
168
170
  db = client.main
169
171
  workspace_query = list(
170
172
  db.findings.find({'_context.workspace_id': str(ws_id), '_tagged': True}).sort('_timestamp', -1))
173
+ untagged_query = {'_context.workspace_id': str(ws_id)}
174
+ if not full_scan:
175
+ untagged_query['_tagged'] = {'$ne': True}
171
176
  untagged_query = list(
172
- db.findings.find({'_context.workspace_id': str(ws_id), '_tagged': {'$ne': True}}).sort('_timestamp', -1))
177
+ db.findings.find(untagged_query).sort('_timestamp', -1))
173
178
  if not untagged_query:
174
179
  debug('no untagged findings. Skipping.', id=ws_id, sub='hooks.mongodb')
175
180
  return
secator/tasks/_categories.py CHANGED
@@ -96,6 +96,20 @@ class HttpFuzzer(Command):
96
96
  meta_opts = {k: OPTS[k] for k in OPTS_HTTP_FUZZERS}
97
97
  input_types = [URL]
98
98
  output_types = [Url]
99
+ profile = lambda opts: HttpFuzzer.dynamic_profile(opts) # noqa: E731
100
+
101
+ @staticmethod
102
+ def dynamic_profile(opts):
103
+ wordlist = HttpFuzzer._get_opt_value(
104
+ opts,
105
+ 'wordlist',
106
+ opts_conf=dict(HttpFuzzer.opts, **HttpFuzzer.meta_opts),
107
+ opt_aliases=opts.get('aliases', []),
108
+ preprocess=True,
109
+ process=True,
110
+ )
111
+ wordlist_size_mb = os.path.getsize(wordlist) / (1024 * 1024)
112
+ return 'cpu' if wordlist_size_mb > 5 else 'io'
99
113
 
100
114
 
101
115
  #----------------#
{secator-0.16.4.dist-info → secator-0.16.5.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: secator
3
- Version: 0.16.4
3
+ Version: 0.16.5
4
4
  Summary: The pentester's swiss knife.
5
5
  Project-URL: Homepage, https://github.com/freelabz/secator
6
6
  Project-URL: Issues, https://github.com/freelabz/secator/issues
{secator-0.16.4.dist-info → secator-0.16.5.dist-info}/RECORD RENAMED
@@ -1,6 +1,6 @@
1
1
  secator/.gitignore,sha256=da8MUc3hdb6Mo0WjZu2upn5uZMbXcBGvhdhTQ1L89HI,3093
2
2
  secator/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
3
- secator/celery.py,sha256=st9wpAwilYk5BCO18wscGt0vqQdCIP4Pynw_9RcvWec,11246
3
+ secator/celery.py,sha256=FAahY_kfjxc3tD2R42kNre_eb-QeSvArKyGpthXeWDg,11626
4
4
  secator/celery_signals.py,sha256=R4ZNBPKSxUvesGCvZ7MXoRkWNOTMS5hraZzjLh5sQ0o,4191
5
5
  secator/celery_utils.py,sha256=vhL5ZxXDn3ODvyVxMijKyUTJ1dOisMDjF_PhFUyOVSA,9451
6
6
  secator/cli.py,sha256=lzgttr8-Hib1X6bGi8PCOfX90incum7ZFR5x46cDZ34,60887
@@ -57,8 +57,8 @@ secator/exporters/json.py,sha256=1ZtDf8RksPO_V0zIvnwDUxMUb630DCElAMM8_RQvyAo,474
57
57
  secator/exporters/table.py,sha256=zYNmwNGEyB6dTJ1ATVkrv-AOuPjrW6tvk1_4naLQo8Q,1114
58
58
  secator/exporters/txt.py,sha256=t_FykaJOxs4UUlqiH4k6HCccEqYqc8e3iNZndL_CKPg,739
59
59
  secator/hooks/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
60
- secator/hooks/gcs.py,sha256=CNQmDWbwnIA1mDhzwO75P8907lAFd5-vA2sJVMbhAiY,1514
61
- secator/hooks/mongodb.py,sha256=fCm_E1hxgSl9C6l4eGW8J-Jjstvbfy9daITWYcmNTe8,8198
60
+ secator/hooks/gcs.py,sha256=v8Q1-ky9e4xaLgyTJaeWWpiVhu0SzWbXLIEHYV9f5h8,1550
61
+ secator/hooks/mongodb.py,sha256=x6gLPdvMOBz0ViWbfaM9Xkv1plLYvXjKWpd83b0VUFU,8393
62
62
  secator/output_types/__init__.py,sha256=CJcYy2_Ek-opKiBz4wFlDHQBTm3t0JVwZ4w_2Jxoeuw,1291
63
63
  secator/output_types/_base.py,sha256=9iBqPdtlfJBldBiuC729KamHHGbKhwo69P-2UNwz-3Q,2874
64
64
  secator/output_types/certificate.py,sha256=IXW3GN0JRmuDgoedr8NV8ccuRQOuoInNZWnAKL8zeqY,3040
@@ -92,7 +92,7 @@ secator/serializers/dataclass.py,sha256=Fo2ZVsVjSF0KMq81JT8mGZxsKsxyueShlDsh9Pgw
92
92
  secator/serializers/json.py,sha256=UJwAymRzjF-yBKOgz1MTOyBhQcdQg7fOKRXgmHIu8fo,411
93
93
  secator/serializers/regex.py,sha256=fh-fE0RGvKSGKByFtwmKsWriRpZR9PXZQsY9JybHBWI,489
94
94
  secator/tasks/__init__.py,sha256=Op0O0Aa8c124AfDG-cEB9VLRsXZ1wXTpVrT3g-wxMNg,184
95
- secator/tasks/_categories.py,sha256=yns_5PBKStp6TJEeaYB6yFUjkFMmLh7LEuxcNcADNro,14962
95
+ secator/tasks/_categories.py,sha256=ZmUNzeFIZ9-_er9sLJw66PTYIL5nO799JQU3EoW-6nE,15394
96
96
  secator/tasks/arjun.py,sha256=WdRZtTCd2Ejbv5HlLS_FoWVKgGpMsR6RCDekV2kR788,3061
97
97
  secator/tasks/bbot.py,sha256=moIkwd52jCKaeg1v6Nv4Gfmd4GPObo9c9nwOzQvf-2M,9236
98
98
  secator/tasks/bup.py,sha256=9IXsCqMdhOeZcCsQB2L4IJ3Kzm2oQKDE7mflGljm0lM,3867
@@ -125,8 +125,8 @@ secator/tasks/wafw00f.py,sha256=9CnV9F7ZrykO27F3PAb5HtwULDMYEKGSTbz-jh0kc2g,3189
125
125
  secator/tasks/wpprobe.py,sha256=1QPJ-7JvhL7LFvjUTAmqpH2Krp-Qmi079lonso16YPQ,3229
126
126
  secator/tasks/wpscan.py,sha256=dBkbG9EODHDUBAA8uNVULX4SdVgTCAi_F1T1oCfRbsI,5852
127
127
  secator/workflows/__init__.py,sha256=XOviyjSylZ4cuVmmQ76yuqZRdmvOEghqAnuw_4cLmfk,702
128
- secator-0.16.4.dist-info/METADATA,sha256=E_R6VdalGxZysqe043SuT0M_897S8cT5kXhmwOSWLpY,17253
129
- secator-0.16.4.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
130
- secator-0.16.4.dist-info/entry_points.txt,sha256=lPgsqqUXWgiuGSfKy-se5gHdQlAXIwS_A46NYq7Acic,44
131
- secator-0.16.4.dist-info/licenses/LICENSE,sha256=19W5Jsy4WTctNkqmZIqLRV1gTDOp01S3LDj9iSgWaJ0,2867
132
- secator-0.16.4.dist-info/RECORD,,
128
+ secator-0.16.5.dist-info/METADATA,sha256=Bob8xdFbxnKib4O7WIiG9VAtq9efZ9JLzwpPQIcXhAw,17253
129
+ secator-0.16.5.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
130
+ secator-0.16.5.dist-info/entry_points.txt,sha256=lPgsqqUXWgiuGSfKy-se5gHdQlAXIwS_A46NYq7Acic,44
131
+ secator-0.16.5.dist-info/licenses/LICENSE,sha256=19W5Jsy4WTctNkqmZIqLRV1gTDOp01S3LDj9iSgWaJ0,2867
132
+ secator-0.16.5.dist-info/RECORD,,