secator 0.22.0__py3-none-any.whl

secator/tasks/cariddi.py

@@ -0,0 +1,193 @@
+import re
+
+from urllib.parse import urlparse, urlunparse
+
+from secator.decorators import task
+from secator.definitions import (DELAY, DEPTH, FILTER_CODES, FILTER_REGEX,
+							   FILTER_SIZE, FILTER_WORDS, FOLLOW_REDIRECT,
+							   HEADER, MATCH_CODES, MATCH_REGEX, MATCH_SIZE,
+							   MATCH_WORDS, METHOD, OPT_NOT_SUPPORTED,
+							   OPT_PIPE_INPUT, PROXY, RATE_LIMIT, RETRIES,
+							   THREADS, TIMEOUT, URL, USER_AGENT)
+from secator.output_types import Tag, Url
+from secator.serializers import JSONSerializer
+from secator.tasks._categories import HttpCrawler
+
+CARIDDI_IGNORE_PATTERNS = re.compile(r"|".join([
+	r"<!--\s*Instance.*\s*-->",
+	r"<!--\s*(Styles|Scripts|Fonts|Images|Links|Forms|Inputs|Buttons|List|Next|Prev|Navigation dots)\s*-->",
+	r"<!--\s*end.*-->",
+	r"<!--\s*start.*-->",
+	r"<!--\s*begin.*-->",
+	r"<!--\s*here goes.*-->",
+	r"<!--\s*.*Yoast SEO.*\s*-->",
+	r"<!--\s*.*Google Analytics.*\s*-->",
+]), re.IGNORECASE)
+
+CARIDDI_IGNORE_LIST = ['BTC address']
+CARIDDI_RENAME_LIST = {
+	'IPv4 address': 'IpV4 address',
+	'MySQL error': 'Mysql error',
+	'MariaDB error': 'Mariadb error',
+	'PostgreSQL error': 'Postgresql error',
+	'SQLite error': 'Sqlite error',
+}
+
+
+@task()
+class cariddi(HttpCrawler):
+	"""Crawl endpoints, secrets, api keys, extensions, tokens..."""
+	cmd = 'cariddi'
+	input_types = [URL]
+	output_types = [Url, Tag]
+	tags = ['url', 'crawl']
+	input_flag = OPT_PIPE_INPUT
+	file_flag = OPT_PIPE_INPUT
+	json_flag = '-json'
+	opts = {
+		'info': {'is_flag': True, 'short': 'info', 'help': 'Hunt for useful informations in websites.'},
+		'secrets': {'is_flag': True, 'short': 'secrets', 'help': 'Hunt for secrets.'},
+		'errors': {'is_flag': True, 'short': 'err', 'help': 'Hunt for errors in websites.'},
+		'juicy_extensions': {'type': int, 'short': 'jext', 'help': 'Hunt for juicy file extensions. Integer from 1(juicy) to 7(not juicy)'},  # noqa: E501
+		'juicy_endpoints': {'is_flag': True, 'short': 'jep', 'help': 'Hunt for juicy endpoints.'}
+	}
+	opt_value_map = {
+		HEADER: lambda headers: headers
+	}
+	opt_key_map = {
+		HEADER: 'headers',
+		DELAY: 'd',
+		DEPTH: OPT_NOT_SUPPORTED,
+		FILTER_CODES: OPT_NOT_SUPPORTED,
+		FILTER_REGEX: OPT_NOT_SUPPORTED,
+		FILTER_SIZE: OPT_NOT_SUPPORTED,
+		FILTER_WORDS: OPT_NOT_SUPPORTED,
+		FOLLOW_REDIRECT: OPT_NOT_SUPPORTED,
+		MATCH_CODES: OPT_NOT_SUPPORTED,
+		MATCH_REGEX: OPT_NOT_SUPPORTED,
+		MATCH_SIZE: OPT_NOT_SUPPORTED,
+		MATCH_WORDS: OPT_NOT_SUPPORTED,
+		METHOD: OPT_NOT_SUPPORTED,
+		PROXY: 'proxy',
+		RATE_LIMIT: OPT_NOT_SUPPORTED,
+		RETRIES: OPT_NOT_SUPPORTED,
+		THREADS: 'c',
+		TIMEOUT: 't',
+		USER_AGENT: 'ua',
+		'secrets': 's',
+		'errors': 'err',
+		'juicy_endpoints': 'e',
+		'juicy_extensions': 'ext'
+	}
+	item_loaders = [JSONSerializer()]
+	install_version = 'v1.3.6'
+	install_cmd = 'go install -v github.com/edoardottt/cariddi/cmd/cariddi@[install_version]'
+	github_handle = 'edoardottt/cariddi'
+	encoding = 'ansi'
+	proxychains = False
+	proxy_socks5 = True  # with leaks... https://github.com/edoardottt/cariddi/issues/122
+	proxy_http = True  # with leaks... https://github.com/edoardottt/cariddi/issues/122
+	profile = lambda opts: cariddi.dynamic_profile(opts)  # noqa: E731
+
+	@staticmethod
+	def dynamic_profile(opts):
+		juicy_endpoints = cariddi._get_opt_value(
+			opts,
+			'juicy_endpoints',
+			opts_conf=dict(cariddi.opts, **cariddi.meta_opts),
+			opt_aliases=opts.get('aliases', [])
+		)
+		juicy_extensions = cariddi._get_opt_value(
+			opts,
+			'juicy_extensions',
+			opts_conf=dict(cariddi.opts, **cariddi.meta_opts),
+			opt_aliases=opts.get('aliases', [])
+		)
+		info = cariddi._get_opt_value(
+			opts,
+			'info',
+			opts_conf=dict(cariddi.opts, **cariddi.meta_opts),
+			opt_aliases=opts.get('aliases', [])
+		)
+		secrets = cariddi._get_opt_value(
+			opts,
+			'secrets',
+			opts_conf=dict(cariddi.opts, **cariddi.meta_opts),
+			opt_aliases=opts.get('aliases', [])
+		)
+		errors = cariddi._get_opt_value(
+			opts,
+			'errors',
+			opts_conf=dict(cariddi.opts, **cariddi.meta_opts),
+			opt_aliases=opts.get('aliases', [])
+		)
+		hunt = juicy_endpoints or (juicy_extensions is not None) or info or secrets or errors
+		return 'cpu' if hunt is True else 'io'
+
+	@staticmethod
+	def on_json_loaded(self, item):
+		url_item = {k: v for k, v in item.items() if k != 'matches'}
+		url_item['request_headers'] = self.get_opt_value(HEADER, preprocess=True)
+		yield Url(**url_item)
+
+		# Get matches, params, errors, secrets, infos
+		url = url_item[URL]
+		matches = item.get('matches', {})
+		params = matches.get('parameters', [])
+		errors = matches.get('errors', [])
+		secrets = matches.get('secrets', [])
+		infos = matches.get('infos', [])
+
+		for param in params:
+			param_name = param['name']
+			for attack in param['attacks']:
+				extra_data = {k: v for k, v in param.items() if k not in ['name', 'attacks']}
+				extra_data['content'] = attack
+				parsed_url = urlparse(url)
+				params = parsed_url.query.split('&')
+				url_without_param = urlunparse(parsed_url._replace(query=''))
+				for p in params:
+					p_name, p_value = p.split('=')
+					if p_name == param_name:
+						p_value = p_value
+						break
+					yield Tag(
+						category='info',
+						name='url_param',
+						value=p_name,
+						match=url_without_param,
+						extra_data={'value': p_value, 'url': url}
+					)
+
+		for error in errors:
+			error['category'] = 'error'
+			error['name'] = '_'.join(f'{error["name"]}'.lower().split())
+			error['value'] = error['match']
+			error['extra_data'] = {'url': url}
+			error['match'] = url_without_param
+			yield Tag(**error)
+
+		for secret in secrets:
+			secret['category'] = 'secret'
+			secret['name'] = '_'.join(f'{secret["name"]}'.lower().split())
+			secret['value'] = secret['match']
+			secret['extra_data'] = {'url': url}
+			secret['match'] = url_without_param
+			yield Tag(**secret)
+
+		for info in infos:
+			if info['name'] in CARIDDI_IGNORE_LIST:
+				continue
+			if info['name'] in CARIDDI_RENAME_LIST:
+				info['name'] = CARIDDI_RENAME_LIST[info['name']]
+			content = info['match']
+			parsed_url = urlparse(url)
+			url_without_param = urlunparse(parsed_url._replace(query=''))
+			info['category'] = 'info'
+			info['name'] = '_'.join(f'{info["name"]}'.lower().split())
+			info['match'] = url_without_param
+			if CARIDDI_IGNORE_PATTERNS.match(content):
+				continue
+			info['value'] = content
+			info['extra_data'] = {'url': url}
+			yield Tag(**info)

secator/tasks/dalfox.py

@@ -0,0 +1,87 @@
+from urllib.parse import urlparse
+
+from secator.decorators import task
+from secator.definitions import (CONFIDENCE, DELAY, EXTRA_DATA, FOLLOW_REDIRECT,
+							   HEADER, ID, MATCHED_AT, METHOD, NAME,
+							   OPT_NOT_SUPPORTED, PROVIDER, PROXY, RATE_LIMIT,
+							   RETRIES, SEVERITY, TAGS, THREADS, TIMEOUT, URL,
+							   USER_AGENT)
+from secator.output_types import Vulnerability, Url
+from secator.serializers import JSONSerializer
+from secator.tasks._categories import VulnHttp
+
+DALFOX_TYPE_MAP = {
+	'G': 'Grep XSS',
+	'R': 'Reflected XSS',
+	'V': 'Verified XSS'
+}
+
+
+@task()
+class dalfox(VulnHttp):
+	"""Powerful open source XSS scanning tool."""
+	cmd = 'dalfox'
+	input_types = [URL]
+	output_types = [Vulnerability, Url]
+	tags = ['url', 'fuzz']
+	input_flag = 'url'
+	input_chunk_size = 20
+	ignore_return_code = True
+	file_flag = 'file'
+	json_flag = '--format jsonl'
+	version_flag = 'version'
+	opt_prefix = '--'
+	opt_key_map = {
+		HEADER: 'header',
+		DELAY: 'delay',
+		FOLLOW_REDIRECT: 'follow-redirects',
+		METHOD: 'method',
+		PROXY: 'proxy',
+		RATE_LIMIT: OPT_NOT_SUPPORTED,
+		RETRIES: OPT_NOT_SUPPORTED,
+		THREADS: 'worker',
+		TIMEOUT: 'timeout',
+		USER_AGENT: 'user-agent'
+	}
+	item_loaders = [JSONSerializer()]
+	output_map = {
+		Vulnerability: {
+			ID: lambda x: None,
+			NAME: lambda x: DALFOX_TYPE_MAP[x['type']],
+			PROVIDER: 'dalfox',
+			TAGS: lambda x: [x['cwe']] if x['cwe'] else [],
+			CONFIDENCE: lambda x: 'high',
+			MATCHED_AT: lambda x: urlparse(x['data'])._replace(query='').geturl(),
+			EXTRA_DATA: lambda x: dalfox.extra_data_extractor(x),
+			SEVERITY: lambda x: x['severity'].lower()
+		}
+	}
+	install_version = 'v2.11.0'
+	install_cmd = 'go install -v github.com/hahwul/dalfox/v2@[install_version]'
+	github_handle = 'hahwul/dalfox'
+	encoding = 'ansi'
+	proxychains = False
+	proxychains_flavor = 'proxychains4'
+	proxy_socks5 = True
+	proxy_http = True
+	profile = 'cpu'
+
+	@staticmethod
+	def on_json_loaded(self, item):
+		if item.get('type', '') == 'V':
+			item['request_headers'] = self.get_opt_value(HEADER, preprocess=True)
+			yield Url(
+				url=item['data'],
+				method=item['method'],
+				request_headers=item['request_headers'],
+				extra_data={k: v for k, v in item.items() if k not in ['type', 'severity', 'cwe', 'request_headers', 'method', 'data']}  # noqa: E501
+			)
+		yield item
+
+	@staticmethod
+	def extra_data_extractor(item):
+		extra_data = {}
+		for key, value in item.items():
+			if key not in ['type', 'severity', 'cwe']:
+				extra_data[key] = value
+		return extra_data

secator/tasks/dirsearch.py

@@ -0,0 +1,84 @@
+import os
+import shlex
+import yaml
+
+from secator.decorators import task
+from secator.definitions import (CONTENT_LENGTH, CONTENT_TYPE, DATA, DELAY, DEPTH,
+							   FILTER_CODES, FILTER_REGEX, FILTER_SIZE,
+							   FILTER_WORDS, FOLLOW_REDIRECT, HEADER,
+							   MATCH_CODES, MATCH_REGEX, MATCH_SIZE,
+							   MATCH_WORDS, METHOD, OPT_NOT_SUPPORTED, OUTPUT_PATH, PROXY,
+							   RATE_LIMIT, RETRIES, STATUS_CODE,
+							   THREADS, TIMEOUT, USER_AGENT, WORDLIST, URL)
+from secator.output_types import Url, Info, Error
+from secator.tasks._categories import HttpFuzzer
+
+
+@task()
+class dirsearch(HttpFuzzer):
+	"""Advanced web path brute-forcer."""
+	cmd = 'dirsearch'
+	input_types = [URL]
+	output_types = [Url]
+	tags = ['url', 'fuzz']
+	input_flag = '-u'
+	file_flag = '-l'
+	json_flag = '-O json'
+	opt_prefix = '--'
+	encoding = 'ansi'
+	opt_key_map = {
+		HEADER: 'header',
+		DATA: 'data',
+		DELAY: 'delay',
+		DEPTH: 'max-recursion-depth',
+		FILTER_CODES: 'exclude-status',
+		FILTER_REGEX: 'exclude-regex',
+		FILTER_SIZE: 'exclude-sizes',
+		FILTER_WORDS: OPT_NOT_SUPPORTED,
+		FOLLOW_REDIRECT: 'follow-redirects',
+		MATCH_CODES: 'include-status',
+		MATCH_REGEX: OPT_NOT_SUPPORTED,
+		MATCH_SIZE: OPT_NOT_SUPPORTED,
+		MATCH_WORDS: OPT_NOT_SUPPORTED,
+		METHOD: 'http-method',
+		PROXY: 'proxy',
+		RATE_LIMIT: 'max-rate',
+		RETRIES: 'retries',
+		THREADS: 'threads',
+		TIMEOUT: 'timeout',
+		USER_AGENT: 'user-agent',
+		WORDLIST: 'wordlists',
+	}
+	output_map = {
+		Url: {
+			CONTENT_LENGTH: 'content-length',
+			CONTENT_TYPE: 'content-type',
+			STATUS_CODE: 'status',
+			'request_headers': 'request_headers'
+		}
+	}
+	install_cmd = 'pipx install git+https://github.com/maurosoria/dirsearch.git --force'
+	install_version = '0.4.3'
+	proxychains = True
+	proxy_socks5 = True
+	proxy_http = True
+
+	@staticmethod
+	def on_init(self):
+		self.output_path = self.get_opt_value(OUTPUT_PATH)
+		if not self.output_path:
+			self.output_path = f'{self.reports_folder}/.outputs/{self.unique_name}.json'
+		self.cmd += f' -o {shlex.quote(self.output_path)}'
+
+	@staticmethod
+	def on_cmd_done(self):
+		if not os.path.exists(self.output_path):
+			yield Error(message=f'Could not find JSON results in {self.output_path}')
+			return
+
+		yield Info(message=f'JSON results saved to {self.output_path}')
+		with open(self.output_path, 'r') as f:
+			results = yaml.safe_load(f.read()).get('results', [])
+			for result in results:
+				result['request_headers'] = self.get_opt_value(HEADER, preprocess=True)
+				yield result

secator/tasks/dnsx.py

@@ -0,0 +1,186 @@
+import validators
+import dns.resolver
+
+from secator.decorators import task
+from secator.definitions import (HOST, CIDR_RANGE, DELAY, IP, OPT_PIPE_INPUT, PROXY,
+								 RATE_LIMIT, RETRIES, THREADS, TIMEOUT, WORDLIST, OPT_NOT_SUPPORTED)
+from secator.output_types import Record, Ip, Subdomain, Error, Warning
+from secator.output_types.ip import IpProtocol
+from secator.tasks._categories import ReconDns
+from secator.serializers import JSONSerializer
+from secator.utils import extract_domain_info, process_wordlist
+
+
+@task()
+class dnsx(ReconDns):
+	"""dnsx is a fast and multi-purpose DNS toolkit designed for running various retryabledns library."""
+	cmd = 'dnsx -resp -recon'
+	tags = ['dns', 'fuzz']
+	input_types = [HOST, CIDR_RANGE, IP]
+	output_types = [Record, Ip, Subdomain]
+	json_flag = '-json'
+	input_flag = OPT_PIPE_INPUT
+	file_flag = OPT_PIPE_INPUT
+	opt_key_map = {
+		RATE_LIMIT: 'rate-limit',
+		RETRIES: 'retry',
+		THREADS: 'threads',
+		PROXY: 'proxy',
+		DELAY: OPT_NOT_SUPPORTED,
+		TIMEOUT: OPT_NOT_SUPPORTED,
+	}
+	opts = {
+		'trace': {'is_flag': True, 'default': False, 'help': 'Perform dns tracing'},
+		'resolver': {'type': str, 'short': 'r', 'help': 'List of resolvers to use (file or comma separated)'},
+		'wildcard_domain': {'type': str, 'short': 'wd', 'help': 'Domain name for wildcard filtering'},
+		'rc': {'type': str, 'short': 'rc', 'help': 'DNS return code to filter (noerror, formerr, servfail, nxdomain, notimp, refused, yxdomain, xrrset, notauth, notzone)'},  # noqa: E501
+		'subdomains_only': {'is_flag': True, 'short': 'so', 'default': False, 'internal': True, 'help': 'Only return subdomains'},  # noqa: E501
+		WORDLIST: {'type': str, 'short': 'w', 'default': None, 'process': process_wordlist, 'help': 'Wordlist to use'},  # noqa: E501
+	}
+	item_loaders = [JSONSerializer()]
+	install_version = 'v1.2.2'
+	install_cmd = 'go install -v github.com/projectdiscovery/dnsx/cmd/dnsx@[install_version]'
+	github_handle = 'projectdiscovery/dnsx'
+	profile = 'io'
+
+	@staticmethod
+	def validate_input(self, inputs):
+		"""All targets will return positive DNS queries. Aborting bruteforcing."""
+		if not self.get_opt_value('wordlist'):
+			return True
+		if self.get_opt_value('wildcard_domain'):
+			return True
+		for target in self.inputs:
+			subdomain = f'xxxxxx.{target}'
+			if check_dns_response(subdomain):
+				self.add_result(Warning(message=f'Domain {target} returns false positive DNS results for A queries. Removing target.'), print=False)  # noqa: E501
+				self.inputs = [t for t in self.inputs if t != target]
+				if len(self.inputs) == 0 and not self.has_parent:
+					self.add_result(Warning(message='Please specify the wildcard_domain option to get accurate results.'), print=False)  # noqa: E501
+					return False
+		return True
+
+	@staticmethod
+	def before_init(self):
+		self.wordlist = self.get_opt_value('wordlist')
+		self.subdomains = []
+		if self.wordlist:
+			self.file_flag = '-d'
+			self.input_flag = '-d'
+			rc = self.get_opt_value('rc')
+			if not rc:
+				self.cmd += ' -rc noerror'
+			if len(self.inputs) > 1 and self.get_opt_value('wildcard_domain'):
+				fqdn = extract_domain_info(self.inputs[0], domain_only=True)
+				for input in self.inputs[1:]:
+					fqdn_item = extract_domain_info(input, domain_only=True)
+					if fqdn_item != fqdn:
+						return Error('Wildcard domain is not supported when using multiple hosts with different FQDNs !')
+
+	@staticmethod
+	def on_json_loaded(self, item):
+		record_types = ['a', 'aaaa', 'cname', 'mx', 'ns', 'txt', 'srv', 'ptr', 'soa', 'axfr', 'caa']
+		host = item['host']
+		status_code = item.get('status_code')
+		# if host.startswith('*'):
+		# 	yield Warning(f'Wildcard domain detected: {host}. Ignore previous results.')
+		# 	self.stop_process(exit_ok=True)
+		# 	return
+		is_ip = validators.ipv4(host) or validators.ipv6(host)
+		if status_code and status_code == 'NOERROR' and not is_ip:
+			subdomain = Subdomain(
+				host=host,
+				domain=extract_domain_info(host, domain_only=True),
+				verified=True,
+				sources=['dns'],
+			)
+			self.subdomains.append(subdomain)
+			yield subdomain
+		if self.get_opt_value('subdomains_only'):
+			return
+		for _type in record_types:
+			values = item.get(_type, [])
+			if isinstance(values, dict):
+				values = [values]
+			for value in values:
+				name = value
+				extra_data = {}
+				if isinstance(value, dict):
+					name = value.get('name', host)
+					extra_data = {k: v for k, v in value.items() if k != 'name' and k != 'host'}
+				if _type == 'a':
+					ip = Ip(
+						host=host,
+						ip=name,
+						protocol=IpProtocol.IPv4,
+						alive=False
+					)
+					if ip not in self.results:
+						yield ip
+				elif _type == 'aaaa':
+					ip = Ip(
+						host=host,
+						ip=name,
+						protocol=IpProtocol.IPv6,
+						alive=False
+					)
+					if ip not in self.results:
+						yield ip
+				elif _type == 'ptr':
+					ip = Ip(
+						host=host,
+						ip=name,
+						protocol=IpProtocol.IPv4,
+						alive=False
+					)
+					if ip not in self.results:
+						yield ip
+				record = Record(
+					host=host,
+					name=name,
+					type=_type.upper(),
+					extra_data=extra_data,
+					_source=self.unique_name
+				)
+
+				if record not in self.results:
+					yield record
+
+
+def stream_file_up_to_line(file_path, max_lines=50):
+	"""
+	Streams a file line by line up to line 50.
+
+	Args:
+		file_path (str): Path to the file to be streamed.
+
+	Yields:
+		str: Each line from the file up to line 50.
+	"""
+	with open(file_path, 'r') as file:
+		for line_number, line in enumerate(file, start=1):
+			if line_number > max_lines:
+				break
+			yield line
+
+
+def check_dns_response(domain, record_type="A"):
+	try:
+		# Query DNS for the specified record type (A, MX, NS, etc.)
+		resolver = dns.resolver.Resolver()
+		resolver.timeout = 60
+		resolver.lifetime = 1
+		dns.resolver.resolve(domain, record_type)
+		return True
+	except dns.resolver.NXDOMAIN:
+		# print(f"❌ Domain '{domain}' does not exist (NXDOMAIN)")
+		return False
+	except dns.resolver.NoAnswer:
+		# print(f"⚠️ Domain '{domain}' exists but has no {record_type} record")
+		return False
+	except dns.resolver.Timeout:
+		# print(f"⏱️ DNS query timed out for '{domain}'")
+		return False
+	except Exception:
+		# print(f"❌ Error checking DNS for '{domain}': {e}")
+		return False

secator/tasks/feroxbuster.py

@@ -0,0 +1,93 @@
+from secator.config import CONFIG
+from secator.decorators import task
+from secator.definitions import (CONTENT_TYPE, DATA, DELAY, DEPTH, FILTER_CODES,
+							   FILTER_REGEX, FILTER_SIZE, FILTER_WORDS,
+							   FOLLOW_REDIRECT, HEADER, LINES, MATCH_CODES,
+							   MATCH_REGEX, MATCH_SIZE, MATCH_WORDS, METHOD,
+							   OPT_NOT_SUPPORTED, OPT_PIPE_INPUT, PROXY,
+							   RATE_LIMIT, RETRIES, STATUS_CODE,
+							   THREADS, TIMEOUT, USER_AGENT, WORDLIST, WORDS, URL)
+from secator.output_types import Url
+from secator.serializers import JSONSerializer
+from secator.tasks._categories import HttpFuzzer
+
+
+@task()
+class feroxbuster(HttpFuzzer):
+	"""Simple, fast, recursive content discovery tool written in Rust"""
+	cmd = 'feroxbuster --auto-bail --no-state'
+	input_types = [URL]
+	output_types = [Url]
+	tags = ['url', 'fuzz']
+	input_flag = '--url'
+	input_chunk_size = 1
+	file_flag = OPT_PIPE_INPUT
+	json_flag = '--silent --json'
+	opt_prefix = '--'
+	opts = {
+		# 'auto_tune': {'is_flag': True, 'default': False, 'help': 'Automatically lower scan rate when too many errors'},
+		'extract_links': {'is_flag': True, 'default': False, 'help': 'Extract links from response body'},
+		'collect_backups': {'is_flag': True, 'default': False, 'help': 'Request likely backup exts for urls'},
+		'collect_extensions': {'is_flag': True, 'default': False, 'help': 'Discover exts and add to --extensions'},
+		'collect_words': {'is_flag': True, 'default': False, 'help': 'Discover important words and add to wordlist'},
+	}
+	opt_key_map = {
+		HEADER: 'headers',
+		DATA: 'data',
+		DELAY: OPT_NOT_SUPPORTED,
+		DEPTH: 'depth',
+		FILTER_CODES: 'filter-status',
+		FILTER_REGEX: 'filter-regex',
+		FILTER_SIZE: 'filter-size',
+		FILTER_WORDS: 'filter-words',
+		FOLLOW_REDIRECT: 'redirects',
+		MATCH_CODES: 'status-codes',
+		MATCH_REGEX: OPT_NOT_SUPPORTED,
+		MATCH_SIZE: OPT_NOT_SUPPORTED,
+		MATCH_WORDS: OPT_NOT_SUPPORTED,
+		METHOD: 'methods',
+		PROXY: 'proxy',
+		RATE_LIMIT: 'rate-limit',
+		RETRIES: OPT_NOT_SUPPORTED,
+		THREADS: 'threads',
+		TIMEOUT: 'timeout',
+		USER_AGENT: 'user-agent',
+		WORDLIST: 'wordlist',
+		'request_headers': 'headers'
+	}
+	item_loaders = [JSONSerializer()]
+	output_map = {
+		Url: {
+			STATUS_CODE: 'status',
+			CONTENT_TYPE: lambda x: x['headers'].get('content-type'),
+			LINES: 'line_count',
+			WORDS: 'word_count'
+		}
+	}
+	install_cmd_pre = {
+		'*': ['curl', 'bash']
+	}
+	install_version = 'v2.11.0'
+	install_cmd = (
+		f'cd /tmp && curl -sL https://raw.githubusercontent.com/epi052/feroxbuster/master/install-nix.sh | bash -s {CONFIG.dirs.bin}'  # noqa: E501
+	)
+	github_handle = 'epi052/feroxbuster'
+	proxychains = False
+	proxy_socks5 = True
+	proxy_http = True
+
+	@staticmethod
+	def on_start(self):
+		if self.inputs_path:
+			self.cmd += ' --stdin'
+
+	@staticmethod
+	def validate_item(self, item):
+		if isinstance(item, dict):
+			return item['type'] == 'response'
+		return True
+
+	@staticmethod
+	def on_item(self, item):
+		item.request_headers = self.get_opt_value('header', preprocess=True)
+		return item