secator 0.2.0__py2.py3-none-any.whl → 0.3.1__py2.py3-none-any.whl

secator/decorators.py

@@ -5,8 +5,7 @@ import rich_click as click
 from rich_click.rich_click import _get_rich_console
 from rich_click.rich_group import RichGroup
 
-from secator.definitions import (MONGODB_ADDON_ENABLED, OPT_NOT_SUPPORTED,
-								 WORKER_ADDON_ENABLED)
+from secator.definitions import ADDONS_ENABLED, OPT_NOT_SUPPORTED
 from secator.runners import Scan, Task, Workflow
 from secator.utils import (deduplicate, expand_input, get_command_category,
 						   get_command_cls)
@@ -53,7 +52,7 @@ class OrderedGroup(RichGroup):
 				if not name:
 					raise click.UsageError("`name` command argument is required when using aliases.")
 
-				f.__doc__ = f.__doc__ or 'N/A'
+				f.__doc__ = f.__doc__ or '\0'.ljust(padding+1)
 				f.__doc__ = f'{f.__doc__:<{padding}}[dim](aliases)[/] {aliases_str}'
 				base_command = super(OrderedGroup, self).command(
 					name, *args, **kwargs
@@ -79,7 +78,7 @@ class OrderedGroup(RichGroup):
 				max_width = _get_rich_console().width
 				aliases_str = ', '.join(f'[bold cyan]{alias}[/]' for alias in aliases)
 				padding = max_width // 4
-				f.__doc__ = f.__doc__ or 'N/A'
+				f.__doc__ = f.__doc__ or '\0'.ljust(padding+1)
 				f.__doc__ = f'{f.__doc__:<{padding}}[dim](aliases)[/] {aliases_str}'
 				for alias in aliases:
 					grp = super(OrderedGroup, self).group(
@@ -276,7 +275,7 @@ def register_runner(cli_endpoint, config):
 		# opts.update(unknown_opts)
 		targets = opts.pop(input_type)
 		targets = expand_input(targets)
-		if sync or show or not WORKER_ADDON_ENABLED:
+		if sync or show or not ADDONS_ENABLED['worker']:
 			sync = True
 		elif worker:
 			sync = False
@@ -294,7 +293,7 @@ def register_runner(cli_endpoint, config):
 		# Build hooks from driver name
 		hooks = {}
 		if driver == 'mongodb':
-			if not MONGODB_ADDON_ENABLED:
+			if not ADDONS_ENABLED['mongo']:
 				_get_rich_console().print('[bold red]Missing MongoDB dependencies: please run `secator install addons mongodb`[/].')
 				sys.exit(1)
 			from secator.hooks.mongodb import MONGODB_HOOKS

secator/definitions.py

@@ -1,10 +1,13 @@
 #!/usr/bin/python
 
 import os
+import requests
 
 from dotenv import find_dotenv, load_dotenv
 from pkg_resources import get_distribution
 
+from secator.rich import console
+
 load_dotenv(find_dotenv(usecwd=True), override=False)
 
 # Globals
@@ -24,6 +27,7 @@ ROOT_FOLDER = os.path.dirname(os.path.dirname(os.path.realpath(__file__)))
 LIB_FOLDER = ROOT_FOLDER + '/secator'
 CONFIGS_FOLDER = LIB_FOLDER + '/configs'
 EXTRA_CONFIGS_FOLDER = os.environ.get('SECATOR_EXTRA_CONFIGS_FOLDER')
+BIN_FOLDER = os.environ.get('SECATOR_BIN_FOLDER', f'{os.path.expanduser("~")}/.local/bin')
 DATA_FOLDER = os.environ.get('SECATOR_DATA_FOLDER', f'{os.path.expanduser("~")}/.secator')
 REPORTS_FOLDER = os.environ.get('SECATOR_REPORTS_FOLDER', f'{DATA_FOLDER}/reports')
 WORDLISTS_FOLDER = os.environ.get('SECATOR_WORDLISTS_FOLDER', f'{DATA_FOLDER}/wordlists')
@@ -32,19 +36,10 @@ CVES_FOLDER = f'{DATA_FOLDER}/cves'
 PAYLOADS_FOLDER = f'{DATA_FOLDER}/payloads'
 REVSHELLS_FOLDER = f'{DATA_FOLDER}/revshells'
 TESTS_FOLDER = f'{ROOT_FOLDER}/tests'
-os.makedirs(DATA_FOLDER, exist_ok=True)
-os.makedirs(REPORTS_FOLDER, exist_ok=True)
-os.makedirs(WORDLISTS_FOLDER, exist_ok=True)
-os.makedirs(SCRIPTS_FOLDER, exist_ok=True)
-os.makedirs(CVES_FOLDER, exist_ok=True)
-os.makedirs(PAYLOADS_FOLDER, exist_ok=True)
-os.makedirs(REVSHELLS_FOLDER, exist_ok=True)
 
 # Celery local fs folders
 CELERY_DATA_FOLDER = f'{DATA_FOLDER}/celery/data'
 CELERY_RESULTS_FOLDER = f'{DATA_FOLDER}/celery/results'
-os.makedirs(CELERY_DATA_FOLDER, exist_ok=True)
-os.makedirs(CELERY_RESULTS_FOLDER, exist_ok=True)
 
 # Environment variables
 DEBUG = int(os.environ.get('DEBUG', '0'))
@@ -58,6 +53,7 @@ CELERY_BROKER_VISIBILITY_TIMEOUT = int(os.environ.get('CELERY_BROKER_VISIBILITY_
 CELERY_OVERRIDE_DEFAULT_LOGGING = bool(int(os.environ.get('CELERY_OVERRIDE_DEFAULT_LOGGING', 1)))
 GOOGLE_DRIVE_PARENT_FOLDER_ID = os.environ.get('GOOGLE_DRIVE_PARENT_FOLDER_ID')
 GOOGLE_CREDENTIALS_PATH = os.environ.get('GOOGLE_CREDENTIALS_PATH')
+GITHUB_TOKEN = os.environ.get('GITHUB_TOKEN')
 
 # Defaults HTTP and Proxy settings
 DEFAULT_SOCKS5_PROXY = os.environ.get('SOCKS5_PROXY', "socks5://127.0.0.1:9050")
@@ -79,8 +75,10 @@ DEFAULT_PROGRESS_UPDATE_FREQUENCY = int(os.environ.get('DEFAULT_PROGRESS_UPDATE_
 DEFAULT_SKIP_CVE_SEARCH = bool(int(os.environ.get('DEFAULT_SKIP_CVE_SEARCH', 0)))
 
 # Default wordlists
-DEFAULT_HTTP_WORDLIST = os.environ.get('DEFAULT_HTTP_WORDLIST', f'{WORDLISTS_FOLDER}/Fuzzing/fuzz-Bo0oM.txt')
-DEFAULT_DNS_WORDLIST = os.environ.get('DEFAULT_DNS_WORDLIST', f'{WORDLISTS_FOLDER}/Discovery/DNS/combined_subdomains.txt')  # noqa:E501
+DEFAULT_HTTP_WORDLIST = os.environ.get('DEFAULT_HTTP_WORDLIST', f'{WORDLISTS_FOLDER}/fuzz-Bo0oM.txt')
+DEFAULT_HTTP_WORDLIST_URL = 'https://raw.githubusercontent.com/Bo0oM/fuzz.txt/master/fuzz.txt'
+DEFAULT_DNS_WORDLIST = os.environ.get('DEFAULT_DNS_WORDLIST', f'{WORDLISTS_FOLDER}/combined_subdomains.txt')
+DEFAULT_DNS_WORDLIST_URL = 'https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/DNS/combined_subdomains.txt'  # noqa: E501
 
 # Constants
 OPT_NOT_SUPPORTED = -1
@@ -155,57 +153,84 @@ WEBSERVER = 'webserver'
 WORDLIST = 'wordlist'
 WORDS = 'words'
 
+
+# Create all folders
+for folder in [BIN_FOLDER, DATA_FOLDER, REPORTS_FOLDER, WORDLISTS_FOLDER, SCRIPTS_FOLDER, CVES_FOLDER, PAYLOADS_FOLDER,
+			   REVSHELLS_FOLDER, CELERY_DATA_FOLDER, CELERY_RESULTS_FOLDER]:
+	if not os.path.exists(folder):
+		console.print(f'[bold turquoise4]Creating folder {folder} ...[/] ', end='')
+		os.makedirs(folder)
+		console.print('[bold green]ok.[/]')
+
+
+# Download default wordlists
+for wordlist in ['HTTP', 'DNS']:
+	wordlist_path = globals()[f'DEFAULT_{wordlist}_WORDLIST']
+	wordlist_url = globals()[f'DEFAULT_{wordlist}_WORDLIST_URL']
+	if not os.path.exists(wordlist_path):
+		try:
+			console.print(f'[bold turquoise4]Downloading default {wordlist} wordlist {wordlist_path} ...[/] ', end='')
+			resp = requests.get(wordlist_url)
+			with open(wordlist_path, 'w') as f:
+				f.write(resp.text)
+			console.print('[bold green]ok.[/]')
+		except requests.exceptions.RequestException as e:
+			console.print(f'[bold green]failed ({type(e).__name__}).[/]')
+			pass
+
+ADDONS_ENABLED = {}
+
 # Check worker addon
 try:
 	import eventlet  # noqa: F401
-	WORKER_ADDON_ENABLED = 1
+	ADDONS_ENABLED['worker'] = True
 except ModuleNotFoundError:
-	WORKER_ADDON_ENABLED = 0
+	ADDONS_ENABLED['worker'] = False
 
 # Check google addon
 try:
 	import gspread  # noqa: F401
-	GOOGLE_ADDON_ENABLED = 1
+	ADDONS_ENABLED['google'] = True
 except ModuleNotFoundError:
-	GOOGLE_ADDON_ENABLED = 0
+	ADDONS_ENABLED['google'] = False
 
 # Check mongodb addon
 try:
 	import pymongo  # noqa: F401
-	MONGODB_ADDON_ENABLED = 1
+	ADDONS_ENABLED['mongodb'] = True
 except ModuleNotFoundError:
-	MONGODB_ADDON_ENABLED = 0
+	ADDONS_ENABLED['mongodb'] = False
 
 # Check redis addon
 try:
 	import redis  # noqa: F401
-	REDIS_ADDON_ENABLED = 1
+	ADDONS_ENABLED['redis'] = True
 except ModuleNotFoundError:
-	REDIS_ADDON_ENABLED = 0
+	ADDONS_ENABLED['redis'] = False
 
 # Check dev addon
 try:
 	import flake8  # noqa: F401
-	DEV_ADDON_ENABLED = 1
+	ADDONS_ENABLED['dev'] = True
 except ModuleNotFoundError:
-	DEV_ADDON_ENABLED = 0
+	ADDONS_ENABLED['dev'] = False
 
 # Check build addon
 try:
 	import hatch  # noqa: F401
-	BUILD_ADDON_ENABLED = 1
+	ADDONS_ENABLED['build'] = True
 except ModuleNotFoundError:
-	BUILD_ADDON_ENABLED = 0
+	ADDONS_ENABLED['build'] = False
 
 # Check trace addon
 try:
 	import memray  # noqa: F401
-	TRACE_ADDON_ENABLED = 1
+	ADDONS_ENABLED['trace'] = True
 except ModuleNotFoundError:
-	TRACE_ADDON_ENABLED = 0
+	ADDONS_ENABLED['trace'] = False
 
 # Check dev package
-if not os.path.exists(TESTS_FOLDER):
-	DEV_PACKAGE = 0
+if os.path.exists(f'{ROOT_FOLDER}/pyproject.toml'):
+	DEV_PACKAGE = True
 else:
-	DEV_PACKAGE = 1
+	DEV_PACKAGE = False

secator/exporters/txt.py

@@ -11,7 +11,7 @@ class TxtExporter(Exporter):
             items = [str(i) for i in items]
             if not items:
                 continue
-            txt_path = f'{self.report.output_folder}/report.txt'
+            txt_path = f'{self.report.output_folder}/report_{output_type}.txt'
             with open(txt_path, 'w') as f:
                 f.write('\n'.join(items))
             txt_paths.append(txt_path)

secator/installer.py

@@ -0,0 +1,335 @@
+
+import requests
+import os
+import platform
+import shutil
+import tarfile
+import zipfile
+import io
+
+from rich.table import Table
+
+from secator.rich import console
+from secator.runners import Command
+from secator.definitions import BIN_FOLDER, GITHUB_TOKEN
+
+
+class ToolInstaller:
+
+	@classmethod
+	def install(cls, tool_cls):
+		"""Install a tool.
+
+		Args:
+			cls: ToolInstaller class.
+			tool_cls: Tool class (derived from secator.runners.Command).
+
+		Returns:
+			bool: True if install is successful, False otherwise.
+		"""
+		console.print(f'[bold gold3]:wrench: Installing {tool_cls.__name__}')
+		success = False
+
+		if not tool_cls.install_github_handle and not tool_cls.install_cmd:
+			console.print(
+				f'[bold red]{tool_cls.__name__} install is not supported yet. Please install it manually.[/]')
+			return False
+
+		if tool_cls.install_github_handle:
+			success = GithubInstaller.install(tool_cls.install_github_handle)
+
+		if tool_cls.install_cmd and not success:
+			success = SourceInstaller.install(tool_cls.install_cmd)
+
+		if success:
+			console.print(
+				f'[bold green]:tada: {tool_cls.__name__} installed successfully[/] !')
+		else:
+			console.print(
+				f'[bold red]:exclamation_mark: Failed to install {tool_cls.__name__}.[/]')
+		return success
+
+
+class SourceInstaller:
+	"""Install a tool from source."""
+
+	@classmethod
+	def install(cls, install_cmd):
+		"""Install from source.
+
+		Args:
+			cls: ToolInstaller class.
+			install_cmd (str): Install command.
+
+		Returns:
+			bool: True if install is successful, False otherwise.
+		"""
+		ret = Command.execute(install_cmd, cls_attributes={'shell': True})
+		return ret.return_code == 0
+
+
+class GithubInstaller:
+	"""Install a tool from GitHub releases."""
+
+	@classmethod
+	def install(cls, github_handle):
+		"""Find and install a release from a GitHub handle {user}/{repo}.
+
+		Args:
+			github_handle (str): A GitHub handle {user}/{repo}
+
+		Returns:
+			bool: True if install is successful, False otherwise.
+		"""
+		_, repo = tuple(github_handle.split('/'))
+		latest_release = cls.get_latest_release(github_handle)
+		if not latest_release:
+			return False
+
+		# Find the right asset to download
+		os_identifiers, arch_identifiers = cls._get_platform_identifier()
+		download_url = cls._find_matching_asset(latest_release['assets'], os_identifiers, arch_identifiers)
+		if not download_url:
+			console.print('[dim red]Could not find a GitHub release matching distribution.[/]')
+			return False
+
+		# Download and unpack asset
+		console.print(f'Found release URL: {download_url}')
+		cls._download_and_unpack(download_url, BIN_FOLDER, repo)
+		return True
+
+	@classmethod
+	def get_latest_release(cls, github_handle):
+		"""Get latest release from GitHub.
+
+		Args:
+			github_handle (str): A GitHub handle {user}/{repo}.
+
+		Returns:
+			dict: Latest release JSON from GitHub releases.
+		"""
+		if not github_handle:
+			return False
+		owner, repo = tuple(github_handle.split('/'))
+		url = f"https://api.github.com/repos/{owner}/{repo}/releases/latest"
+		headers = {}
+		if GITHUB_TOKEN:
+			headers['Authorization'] = f'Bearer {GITHUB_TOKEN}'
+		try:
+			response = requests.get(url, headers=headers, timeout=5)
+			response.raise_for_status()
+			latest_release = response.json()
+			return latest_release
+		except requests.RequestException as e:
+			console.print(f'Failed to fetch latest release for {github_handle}: {str(e)}')
+			return None
+
+	@classmethod
+	def get_latest_version(cls, github_handle):
+		latest_release = cls.get_latest_release(github_handle)
+		if not latest_release:
+			return None
+		return latest_release['tag_name'].lstrip('v')
+
+	@classmethod
+	def _get_platform_identifier(cls):
+		"""Generate lists of possible identifiers for the current platform."""
+		system = platform.system().lower()
+		arch = platform.machine().lower()
+
+		# Mapping common platform.system() values to those found in release names
+		os_mapping = {
+			'linux': ['linux'],
+			'windows': ['windows', 'win'],
+			'darwin': ['darwin', 'macos', 'osx', 'mac']
+		}
+
+		# Enhanced architecture mapping to avoid conflicts
+		arch_mapping = {
+			'x86_64': ['amd64', 'x86_64'],
+			'amd64': ['amd64', 'x86_64'],
+			'aarch64': ['arm64', 'aarch64'],
+			'armv7l': ['armv7', 'arm'],
+			'386': ['386', 'x86', 'i386'],
+		}
+
+		os_identifiers = os_mapping.get(system, [])
+		arch_identifiers = arch_mapping.get(arch, [])
+		return os_identifiers, arch_identifiers
+
+	@classmethod
+	def _find_matching_asset(cls, assets, os_identifiers, arch_identifiers):
+		"""Find a release asset matching the current platform more precisely."""
+		potential_matches = []
+
+		for asset in assets:
+			asset_name = asset['name'].lower()
+			if any(os_id in asset_name for os_id in os_identifiers) and \
+			   any(arch_id in asset_name for arch_id in arch_identifiers):
+				potential_matches.append(asset['browser_download_url'])
+
+		# Preference ordering for file formats, if needed
+		preferred_formats = ['.tar.gz', '.zip']
+
+		for format in preferred_formats:
+			for match in potential_matches:
+				if match.endswith(format):
+					return match
+
+		if potential_matches:
+			return potential_matches[0]
+
+	@classmethod
+	def _download_and_unpack(cls, url, destination, repo_name):
+		"""Download and unpack a release asset."""
+		console.print(f'Downloading and unpacking to {destination}...')
+		response = requests.get(url, timeout=5)
+		response.raise_for_status()
+
+		# Create a temporary directory to extract the archive
+		temp_dir = os.path.join("/tmp", repo_name)
+		os.makedirs(temp_dir, exist_ok=True)
+
+		if url.endswith('.zip'):
+			with zipfile.ZipFile(io.BytesIO(response.content)) as zip_ref:
+				zip_ref.extractall(temp_dir)
+		elif url.endswith('.tar.gz'):
+			with tarfile.open(fileobj=io.BytesIO(response.content), mode='r:gz') as tar:
+				tar.extractall(path=temp_dir)
+
+		# For archives, find and move the binary that matches the repo name
+		binary_path = cls._find_binary_in_directory(temp_dir, repo_name)
+		if binary_path:
+			os.chmod(binary_path, 0o755)  # Make it executable
+			shutil.move(binary_path, os.path.join(destination, repo_name))  # Move the binary
+		else:
+			console.print('[bold red]Binary matching the repository name was not found in the archive.[/]')
+
+	@classmethod
+	def _find_binary_in_directory(cls, directory, binary_name):
+		"""Search for the binary in the given directory that matches the repository name."""
+		for root, _, files in os.walk(directory):
+			for file in files:
+				# Match the file name exactly with the repository name
+				if file == binary_name:
+					return os.path.join(root, file)
+		return None
+
+
+def which(command):
+	"""Run which on a command.
+
+	Args:
+		command (str): Command to check.
+
+	Returns:
+		secator.Command: Command instance.
+	"""
+	return Command.execute(f'which {command}', quiet=True, print_errors=False)
+
+
+def get_version(version_cmd):
+	"""Run version command and match first version number found.
+
+	Args:
+		version_cmd (str): Command to get the version.
+
+	Returns:
+		str: Version string.
+	"""
+	from secator.runners import Command
+	import re
+	regex = r'[0-9]+\.[0-9]+\.?[0-9]*\.?[a-zA-Z]*'
+	ret = Command.execute(version_cmd, quiet=True, print_errors=False)
+	match = re.findall(regex, ret.output)
+	if not match:
+		return ''
+	return match[0]
+
+
+def get_version_info(name, version_flag=None, github_handle=None, version=None):
+	"""Get version info for a command.
+
+	Args:
+		name (str): Command name.
+		version_flag (str): Version flag.
+		github_handle (str): Github handle.
+		version (str): Existing version.
+
+	Return:
+		dict: Version info.
+	"""
+	from pkg_resources import parse_version
+	from secator.installer import GithubInstaller
+	info = {
+		'name': name,
+		'installed': False,
+		'version': version,
+		'latest_version': None,
+		'location': None,
+		'status': ''
+	}
+
+	# Get binary path
+	location = which(name).output
+	info['location'] = location
+
+	# Get current version
+	if version_flag:
+		version_cmd = f'{name} {version_flag}'
+		version = get_version(version_cmd)
+		info['version'] = version
+
+	# Get latest version
+	latest_version = GithubInstaller.get_latest_version(github_handle)
+	info['latest_version'] = latest_version
+
+	if location:
+		info['installed'] = True
+		if version and latest_version:
+			if parse_version(version) < parse_version(latest_version):
+				info['status'] = 'outdated'
+			else:
+				info['status'] = 'latest'
+		elif not version:
+			info['status'] = 'current unknown'
+		elif not latest_version:
+			info['status'] = 'latest unknown'
+	else:
+		info['status'] = 'missing'
+
+	return info
+
+
+def fmt_health_table_row(version_info, category=None):
+	name = version_info['name']
+	version = version_info['version']
+	status = version_info['status']
+	installed = version_info['installed']
+	name_str = f'[magenta]{name}[/]'
+
+	# Format version row
+	_version = version or ''
+	_version = f'[bold green]{_version:<10}[/]'
+	if status == 'latest':
+		_version += ' [bold green](latest)[/]'
+	elif status == 'outdated':
+		_version += ' [bold red](outdated)[/]'
+	elif status == 'missing':
+		_version = '[bold red]missing[/]'
+	elif status == 'ok':
+		_version = '[bold green]ok        [/]'
+	elif status:
+		if not version and installed:
+			_version = '[bold green]ok        [/]'
+		_version += f' [dim]({status}[/])'
+
+	row = (name_str, _version)
+	return row
+
+
+def get_health_table():
+	table = Table(box=None, show_header=False)
+	for col in ['name', 'version']:
+		table.add_column(col)
+	return table

secator/rich.py

@@ -1,19 +1,13 @@
 import operator
 
-import click
-import rich_click
 import yaml
 from rich import box
 from rich.console import Console
 from rich.table import Table
-from rich.traceback import install
 
-from secator.definitions import DEBUG, RECORD
-
-console = Console(stderr=True, record=RECORD, color_system='truecolor')
+console = Console(stderr=True, color_system='truecolor')
 console_stdout = Console(record=True)
 # handler = RichHandler(rich_tracebacks=True)  # TODO: add logging handler
-install(show_locals=DEBUG > 2, suppress=[click, rich_click])
 
 
 def criticity_to_color(value):
@@ -73,7 +67,7 @@ def build_table(items, output_fields=[], exclude_fields=[], sort_by=None):
 		items = sorted(items, key=operator.attrgetter(*sort_by))
 
 	# Create rich table
-	box_style = box.DOUBLE if RECORD else box.ROUNDED
+	box_style = box.ROUNDED
 	table = Table(show_lines=True, box=box_style)
 
 	# Get table schema if any, default to first item keys