secator 0.22.0__py3-none-any.whl

secator/tasks/urlfinder.py

@@ -0,0 +1,100 @@
+import validators
+from collections import defaultdict
+from urllib.parse import urlparse, urlunparse, parse_qs
+
+from secator.definitions import HOST, URL, DELAY, DEPTH, FILTER_CODES, FILTER_REGEX, FILTER_SIZE, FILTER_WORDS, MATCH_CODES, MATCH_REGEX, MATCH_SIZE, MATCH_WORDS, FOLLOW_REDIRECT, METHOD, PROXY, RATE_LIMIT, RETRIES, THREADS, TIMEOUT, USER_AGENT, HEADER, OPT_NOT_SUPPORTED  # noqa: E501
+from secator.output_types import Url
+from secator.decorators import task
+from secator.serializers import JSONSerializer
+from secator.tasks._categories import HttpCrawler
+
+
+URLFINDER_SOURCES = [
+	'alienvault',
+	'commoncrawl',
+	'urlscan',
+	'waybackarchive',
+	'virustotal'
+]
+
+
+@task()
+class urlfinder(HttpCrawler):
+	"""Find URLs in text."""
+	cmd = 'urlfinder'
+	input_types = [HOST, URL]
+	output_types = [Url]
+	item_loaders = [JSONSerializer()]
+	json_flag = '-j'
+	tags = ['pattern', 'scan']
+	file_flag = '-list'
+	input_flag = '-d'
+	version_flag = '-version'
+	opts = {
+		'sources': {'type': str, 'help': f'Sources to use (comma-delimited) ({", ".join(URLFINDER_SOURCES)})', 'required': False},  # noqa: E501
+		'exclude_sources': {'type': str, 'help': 'Sources to exclude (comma-delimited)', 'required': False},
+		'version': {'type': bool, 'help': 'Version', 'required': False},
+		'stats': {'type': bool, 'help': 'Display source statistics', 'required': False},
+		'max_param_occurrences': {'type': int, 'help': 'Max occurrences for the same parameter in the same URL before discarding next results', 'required': False, 'default': 10, 'internal': True},  # noqa: E501
+	}
+	opt_key_map = {
+		'sources': 's',
+		'exclude_sources': 'es',
+		'url_scope': 'us',
+		'url_out_scope': 'uos',
+		'field_scope': 'fs',
+		'no_scope': 'ns',
+		'display_out_scope': 'do',
+		'match': 'm',
+		'filter': 'f',
+		HEADER: OPT_NOT_SUPPORTED,
+		DELAY: OPT_NOT_SUPPORTED,
+		DEPTH: OPT_NOT_SUPPORTED,
+		FILTER_CODES: OPT_NOT_SUPPORTED,
+		FILTER_REGEX: OPT_NOT_SUPPORTED,
+		FILTER_SIZE: OPT_NOT_SUPPORTED,
+		FILTER_WORDS: OPT_NOT_SUPPORTED,
+		MATCH_CODES: OPT_NOT_SUPPORTED,
+		MATCH_REGEX: OPT_NOT_SUPPORTED,
+		MATCH_SIZE: OPT_NOT_SUPPORTED,
+		MATCH_WORDS: OPT_NOT_SUPPORTED,
+		FOLLOW_REDIRECT: OPT_NOT_SUPPORTED,
+		METHOD: OPT_NOT_SUPPORTED,
+		PROXY: 'proxy',
+		RATE_LIMIT: 'rl',
+		RETRIES: OPT_NOT_SUPPORTED,
+		THREADS: OPT_NOT_SUPPORTED,
+		TIMEOUT: 'timeout',
+		USER_AGENT: OPT_NOT_SUPPORTED,
+	}
+	encoding = 'ansi'
+	install_version = 'v0.0.3'
+	install_cmd = 'go install -v github.com/projectdiscovery/urlfinder/cmd/urlfinder@[install_version]'
+	github_handle = 'projectdiscovery/urlfinder'
+	proxychains = False
+	proxy_socks5 = True
+	proxy_http = True
+	profile = 'io'
+
+	@staticmethod
+	def before_init(self):
+		for idx, input in enumerate(self.inputs):
+			if validators.url(input):
+				self.inputs[idx] = urlparse(input).netloc
+
+	@staticmethod
+	def on_init(self):
+		self.max_param_occurrences = self.get_opt_value('max_param_occurrences')
+		self.seen_params = defaultdict(lambda: defaultdict(int))
+
+	@staticmethod
+	def on_json_loaded(self, item):
+		parsed_url = urlparse(item['url'])
+		base_url = urlunparse(parsed_url._replace(query="", fragment=""))  # Remove query & fragment
+		query_params = parse_qs(parsed_url.query)
+		current_params = set(query_params.keys())
+		for param in current_params:
+			self.seen_params[base_url][param] += 1
+			if self.seen_params[base_url][param] > int(self.max_param_occurrences):
+				return
+		yield Url(url=item['url'], host=parsed_url.hostname, extra_data={'source': item['source']})

secator/tasks/wafw00f.py

@@ -0,0 +1,106 @@
+import os
+import tempfile
+import shlex
+import yaml
+
+from secator.decorators import task
+from secator.runners import Command
+from secator.definitions import (OUTPUT_PATH, HEADER, PROXY, URL, TIMEOUT)
+from secator.output_types import Tag, Info, Error
+from secator.tasks._categories import OPTS
+
+
+@task()
+class wafw00f(Command):
+	"""Web Application Firewall Fingerprinting tool."""
+	cmd = 'wafw00f'
+	input_types = [URL]
+	output_types = [Tag]
+	tags = ['waf', 'scan']
+	input_flag = None
+	file_flag = '-i'
+	json_flag = '-f json'
+	encoding = 'ansi'
+	opt_prefix = '--'
+	meta_opts = {
+		PROXY: OPTS[PROXY],
+		HEADER: OPTS[HEADER],
+		TIMEOUT: OPTS[TIMEOUT]
+	}
+	opts = {
+		'list': {'is_flag': True, 'default': False, 'help': 'List all WAFs that WAFW00F is able to detect'},
+		'waf_type': {'type': str, 'short': 'wt', 'help': 'Test for one specific WAF'},
+		'find_all': {'is_flag': True, 'short': 'ta', 'default': False, 'help': 'Find all WAFs which match the signatures, do not stop testing on the first one'},  # noqa: E501
+		'no_follow_redirects': {'is_flag': True, 'short': 'nfr', 'default': False, 'help': 'Do not follow redirections given by 3xx responses'},  # noqa: E501
+	}
+	opt_value_map = {
+		HEADER: lambda x: wafw00f.headers_to_file(x)
+	}
+	opt_key_map = {
+		HEADER: 'headers',
+		PROXY: 'proxy',
+		'waf_type': 'test',
+		'find_all': 'findall',
+		'no_follow_redirects': 'noredirect',
+	}
+	install_version = 'v2.3.1'
+	install_cmd = 'pipx install git+https://github.com/EnableSecurity/wafw00f.git@[install_version] --force'
+	install_github_bin = False
+	github_handle = 'EnableSecurity/wafw00f'
+	proxy_http = True
+
+	@staticmethod
+	def on_cmd(self):
+		self.output_path = self.get_opt_value(OUTPUT_PATH)
+		if not self.output_path:
+			self.output_path = f'{self.reports_folder}/.outputs/{self.unique_name}.json'
+		self.cmd += f' -o {shlex.quote(self.output_path)}'
+
+		self.headers = self.get_opt_value(HEADER)
+		if self.headers:
+			header_file = f'{self.reports_folder}/.inputs/headers.txt'
+			with open(header_file, 'w') as f:
+				for header in self.headers.split(';;'):
+					f.write(f'{header}\n')
+			self.cmd = self.cmd.replace(self.headers, header_file)
+
+	@staticmethod
+	def on_cmd_done(self):
+		# Skip parsing if list mode
+		list_mode = self.get_opt_value('list')
+		if list_mode:
+			return
+
+		if not os.path.exists(self.output_path):
+			yield Error(message=f'Could not find JSON results in {self.output_path}')
+			return
+
+		yield Info(message=f'JSON results saved to {self.output_path}')
+		with open(self.output_path, 'r') as f:
+			results = yaml.safe_load(f.read())
+
+		if len(results) > 0 and results[0]['detected']:
+			waf_name = results[0]['firewall']
+			url = results[0]['url']
+			match = results[0]['trigger_url']
+			manufacter = results[0]['manufacturer']
+			yield Tag(
+				category='info',
+				name='waf',
+				match=url,
+				value=waf_name,
+				extra_data={
+					'manufacter': manufacter,
+					'trigger_url': match,
+					'headers': self.get_opt_value('header', preprocess=True)
+				}
+			)
+
+	@staticmethod
+	def headers_to_file(headers):
+		temp_dir = tempfile.gettempdir()
+		header_file = f'{temp_dir}/headers.txt'
+		with open(header_file, 'w') as f:
+			for header in headers.split(';;'):
+				f.write(f'{header}\n')
+		return header_file

secator/tasks/whois.py

@@ -0,0 +1,34 @@
+from secator.decorators import task
+from secator.definitions import HOST
+from secator.output_types import Domain
+from secator.runners import Command
+from secator.serializers import JSONSerializer
+
+
+@task()
+class whois(Command):
+	"""The whois tool retrieves registration information about domain names and IP addresses."""
+	cmd = 'whoisdomain'
+	input_flag = '-d'
+	json_flag = '--json'
+	input_chunk_size = 1
+	input_types = [HOST]
+	output_types = [Domain]
+	item_loaders = [JSONSerializer()]
+	version_flag = '-V'
+	install_version = '1.20230906.1'
+	install_cmd_pre = {'*': ['whois']}
+	install_cmd = 'pipx install whoisdomain==[install_version] --force'
+	install_github_bin = False
+	github_handle = 'mboot-github/WhoisDomain'
+
+	@staticmethod
+	def on_json_loaded(self, item):
+		yield Domain(
+			domain=item['name'],
+			registrar=item['registrar'],
+			creation_date=item['creation_date'],
+			expiration_date=item['expiration_date'],
+			registrant=item['registrant'],
+			extra_data={'emails': item['emails']}
+		)

secator/tasks/wpprobe.py

@@ -0,0 +1,116 @@
+import os
+import re
+import click
+import yaml
+import shlex
+
+from secator.decorators import task
+from secator.runners import Command
+from secator.definitions import OUTPUT_PATH, THREADS, URL
+from secator.output_types import Vulnerability, Tag, Info, Warning, Error
+from secator.tasks._categories import OPTS
+
+
+@task()
+class wpprobe(Command):
+	"""Fast wordpress plugin enumeration tool."""
+	cmd = 'wpprobe'
+	input_types = [URL]
+	output_types = [Vulnerability, Tag]
+	tags = ['vuln', 'scan', 'wordpress']
+	file_flag = '-f'
+	input_flag = '-u'
+	opt_prefix = '-'
+	opts = {
+		'mode': {'type': click.Choice(['scan', 'update', 'update-db']), 'default': 'scan', 'help': 'WPProbe mode', 'required': True, 'internal': True},  # noqa: E501
+		'output_path': {'type': str, 'default': None, 'help': 'Output JSON file path', 'internal': True, 'display': False},  # noqa: E501
+	}
+	meta_opts = {
+		THREADS: OPTS[THREADS]
+	}
+	opt_key_map = {
+		THREADS: 't'
+	}
+	install_version = 'v0.5.6'
+	install_cmd = 'go install github.com/Chocapikk/wpprobe@[install_version]'
+	github_handle = 'Chocapikk/wpprobe'
+	install_post = {
+		'*': 'wpprobe update-db'
+	}
+
+	@staticmethod
+	def on_cmd(self):
+		mode = self.get_opt_value('mode')
+		if mode == 'update' or mode == 'update-db':
+			self.cmd = f'{wpprobe.cmd} {mode}'
+			return
+		self.cmd = re.sub(wpprobe.cmd, f'{wpprobe.cmd} {mode}', self.cmd, 1)
+		output_path = self.get_opt_value(OUTPUT_PATH)
+		if not output_path:
+			output_path = f'{self.reports_folder}/.outputs/{self.unique_name}.json'
+		self.output_path = output_path
+		self.cmd += f' -o {shlex.quote(self.output_path)}'
+
+	@staticmethod
+	def on_cmd_done(self):
+		if not self.get_opt_value('mode') == 'scan':
+			return
+
+		if not os.path.exists(self.output_path):
+			yield Error(message=f'Could not find JSON results in {self.output_path}')
+			return
+
+		yield Info(message=f'JSON results saved to {self.output_path}')
+		with open(self.output_path, 'r') as f:
+			results = yaml.safe_load(f.read())
+			if not results or 'url' not in results:
+				yield Warning(message='No results found !')
+				return
+			url = results['url']
+			for plugin_name, plugin_data in results['plugins'].items():
+				for plugin_data_version in plugin_data:
+					plugin_version = plugin_data_version['version']
+					yield Tag(
+						category='info',
+						name='wordpress_plugin',
+						match=url,
+						value=plugin_name + ':' + plugin_version,
+						extra_data={
+							'name': plugin_name,
+							'version': plugin_version
+						}
+					)
+					severities = plugin_data_version.get('severities', {})
+
+					# Fix for https://github.com/Chocapikk/wpprobe/issues/17
+					if isinstance(severities, list):
+						tmp_severities = {}
+						for severity in severities:
+							for k, v in severity.items():
+								if k != 'n/a':
+									tmp_severities[k] = v
+						severities = tmp_severities
+
+					for severity, severity_data in severities.items():
+						if severity == 'None':
+							severity = 'unknown'
+						for item in severity_data:
+							for vuln in item['vulnerabilities']:
+								auth_type = item.get('auth_type')
+								extra_data = {
+									'plugin_name': plugin_name,
+									'plugin_version': plugin_version,
+								}
+								if auth_type:
+									extra_data['auth_type'] = auth_type
+								yield Vulnerability(
+									name=vuln['title'],
+									id=vuln['cve'],
+									severity=severity,
+									cvss_score=vuln['cvss_score'],
+									tags=['wordpress', 'wordpress_plugin', plugin_name],
+									reference=vuln['cve_link'],
+									extra_data=extra_data,
+									matched_at=url,
+									confidence='high'
+								)

secator/tasks/wpscan.py

@@ -0,0 +1,202 @@
+import json
+import os
+import shlex
+
+from secator.config import CONFIG
+from secator.decorators import task
+from secator.definitions import (CONFIDENCE, CVSS_SCORE, DELAY, DESCRIPTION,
+							   EXTRA_DATA, FOLLOW_REDIRECT, HEADER, ID,
+							   MATCHED_AT, NAME, OPT_NOT_SUPPORTED, OUTPUT_PATH, PROVIDER,
+							   PROXY, RATE_LIMIT, REFERENCES, RETRIES,
+							   SEVERITY, TAGS, THREADS, TIMEOUT,
+							   URL, USER_AGENT)
+from secator.output_types import Tag, Vulnerability, Info, Error
+from secator.tasks._categories import VulnHttp
+from secator.installer import parse_version
+
+
+@task()
+class wpscan(VulnHttp):
+	"""Wordpress security scanner."""
+	cmd = 'wpscan --force --verbose'
+	input_types = [URL]
+	output_types = [Vulnerability, Tag]
+	tags = ['vuln', 'scan', 'wordpress']
+	input_flag = '--url'
+	input_chunk_size = 1
+	json_flag = '-f json'
+	opt_prefix = '--'
+	opts = {
+		'cookie_string': {'type': str, 'short': 'cookie', 'help': 'Cookie string, format: cookie1=value1;...'},
+		'api_token': {'type': str, 'short': 'token', 'help': 'WPScan API Token to display vulnerability data'},
+		'wp_content_dir': {'type': str, 'short': 'wcd', 'help': 'wp-content directory if custom or not detected'},
+		'wp_plugins_dir': {'type': str, 'short': 'wpd', 'help': 'wp-plugins directory if custom or not detected'},
+		'passwords': {'type': str, 'help': 'List of passwords to use during the password attack.'},
+		'usernames': {'type': str, 'help': 'List of usernames to use during the password attack.'},
+		'login_uri': {'type': str, 'short': 'lu', 'help': 'URI of the login page if different from /wp-login.php'},
+		'detection_mode': {'type': str, 'short': 'dm', 'help': 'Detection mode between mixed, passive, and aggressive'},
+		'random_user_agent': {'is_flag': True, 'short': 'rua', 'help': 'Random user agent'},
+		'disable_tls_checks': {'is_flag': True, 'short': 'dtc', 'help': 'Disable TLS checks'}
+	}
+	opt_key_map = {
+		HEADER: OPT_NOT_SUPPORTED,
+		DELAY: 'throttle',
+		FOLLOW_REDIRECT: OPT_NOT_SUPPORTED,
+		PROXY: 'proxy',
+		RATE_LIMIT: OPT_NOT_SUPPORTED,
+		RETRIES: OPT_NOT_SUPPORTED,
+		TIMEOUT: 'request-timeout',
+		THREADS: 'max-threads',
+		USER_AGENT: 'user-agent',
+	}
+	opt_value_map = {
+		DELAY: lambda x: x * 1000
+	}
+	output_map = {
+		Vulnerability: {
+			ID: lambda x: '',
+			NAME: lambda x: x['to_s'].split(':')[0],
+			DESCRIPTION: lambda x: '',
+			SEVERITY: lambda x: 'info',
+			CONFIDENCE: lambda x: 'high' if x.get('confidence', 0) == 100 else 'low',
+			CVSS_SCORE: lambda x: 0,
+			MATCHED_AT: lambda x: x['url'],
+			TAGS: lambda x: [x['type']],
+			REFERENCES: lambda x: x.get('references', {}).get('url', []),
+			EXTRA_DATA: lambda x: {
+				'data': x.get('interesting_entries', []),
+				'found_by': x.get('found_by', ''),
+				'confirmed_by': x.get('confirmed_by', {}),
+				'metasploit': x.get('references', {}).get('metasploit', [])
+			},
+			PROVIDER: 'wpscan',
+		},
+	}
+	install_version = 'v3.8.28'
+	install_pre_cmd = {
+		'apt': ['make', 'kali:libcurl4t64', 'libffi-dev'],
+		'pacman': ['make', 'ruby-erb'],
+		'*': ['make']
+	}
+	install_cmd = f'gem install wpscan -v [install_version_strip] --user-install -n {CONFIG.dirs.bin}'
+	install_post = {
+		'kali': (
+			f'gem uninstall nokogiri --user-install -n {CONFIG.dirs.bin} --force --executables && '
+			f'gem install nokogiri --user-install -n {CONFIG.dirs.bin} --platform=ruby'
+		)
+	}
+	install_github_bin = False
+	github_handle = 'wpscanteam/wpscan'
+	proxychains = False
+	proxy_http = True
+	proxy_socks5 = False
+	profile = 'io'
+
+	@staticmethod
+	def on_init(self):
+		output_path = self.get_opt_value(OUTPUT_PATH)
+		if not output_path:
+			output_path = f'{self.reports_folder}/.outputs/{self.unique_name}.json'
+		self.output_path = output_path
+		self.cmd += f' -o {shlex.quote(self.output_path)}'
+
+	@staticmethod
+	def on_cmd_done(self):
+		if not os.path.exists(self.output_path):
+			yield Error(message=f'Could not find JSON results in {self.output_path}')
+			return
+
+		yield Info(message=f'JSON results saved to {self.output_path}')
+		with open(self.output_path, 'r') as f:
+			data = json.load(f)
+
+		# Get URL
+		target = data.get('target_url', self.inputs[0])
+
+		# Get errors
+		scan_aborted = data.get('scan_aborted', False)
+		if scan_aborted:
+			yield Error(message=scan_aborted, traceback='\n'.join(data.get('trace', [])))
+			return
+
+		# Wordpress version
+		version = data.get('version', {})
+		if version:
+			wp_version = version['number']
+			wp_version_status = version['status']
+			if wp_version_status == 'outdated':
+				vuln = version
+				vuln.update({
+					'url': target,
+					'to_s': 'Wordpress outdated version',
+					'type': wp_version,
+					'references': {},
+				})
+				yield vuln
+
+		# Main theme
+		main_theme = data.get('main_theme', {})
+		if main_theme:
+			version = main_theme.get('version', {})
+			slug = main_theme['slug']
+			location = main_theme['location']
+			if version:
+				number = version['number']
+				latest_version = main_theme.get('latest_version') or 'unknown'
+				yield Tag(
+					category='info',
+					name='wordpress_theme',
+					match=target,
+					value=slug + ':' + number,
+					extra_data={
+						'url': location,
+						'latest_version': latest_version
+					}
+				)
+				outdated = parse_version(number) < parse_version(latest_version) if latest_version != 'unknown' and number else False  # noqa: E501
+				if outdated:
+					yield Vulnerability(
+						matched_at=target,
+						name=f'Wordpress theme - {slug} {number} outdated',
+						description=f'The wordpress theme {slug} is outdated, consider updating to the latest version {latest_version}',
+						confidence='high',
+						severity='info',
+						tags=['wordpress', 'wordpress_theme']
+					)
+
+		# Interesting findings
+		interesting_findings = data.get('interesting_findings', [])
+		for item in interesting_findings:
+			yield item
+
+		# Plugins
+		plugins = data.get('plugins', {})
+		for _, data in plugins.items():
+			version = data.get('version', {})
+			slug = data['slug']
+			location = data['location']
+			if version:
+				number = version['number']
+				latest_version = data.get('latest_version') or 'unknown'
+				yield Tag(
+					category='info',
+					name='wordpress_plugin',
+					match=target,
+					value=slug + ':' + number,
+					extra_data={
+						'url': location,
+						'name': slug,
+						'version': number,
+						'latest_version': latest_version
+					}
+				)
+				outdated = parse_version(number) < parse_version(latest_version) if latest_version != 'unknown' and number else False  # noqa: E501
+				if outdated:
+					yield Vulnerability(
+						matched_at=target,
+						name=f'Wordpress plugin - {slug} {number} outdated',
+						description=f'The wordpress plugin {slug} is outdated, consider updating to the latest version {latest_version}.',
+						confidence='high',
+						severity='info',
+						tags=['wordpress', 'wordpress_plugin']
+					)

secator/tasks/x8.py

@@ -0,0 +1,94 @@
+from secator.decorators import task
+from secator.definitions import (URL, WORDLIST, RETRIES, OPT_NOT_SUPPORTED, USER_AGENT, THREADS, DELAY, TIMEOUT, RATE_LIMIT, METHOD, HEADER, FOLLOW_REDIRECT, FILTER_CODES, FILTER_REGEX, FILTER_SIZE, FILTER_WORDS, MATCH_CODES, MATCH_REGEX, MATCH_SIZE, MATCH_WORDS, DEPTH)  # noqa: E501
+from secator.output_types import Url, Tag
+from secator.serializers import JSONSerializer
+from secator.tasks._categories import HttpFuzzer
+from secator.utils import process_wordlist
+from urllib.parse import urlparse, urlunparse
+
+
+@task()
+class x8(HttpFuzzer):
+	"""Hidden parameters discovery suite written in Rust."""
+	cmd = 'x8'
+	input_types = [URL]
+	output_types = [Url, Tag]
+	tags = ['url', 'fuzz', 'params']
+	file_flag = '-u'
+	input_flag = '-u'
+	json_flag = '-O json'
+	opt_prefix = '-'
+	version_flag = '-V'
+	opts = {
+		WORDLIST: {'type': str, 'short': 'w', 'default': None, 'process': process_wordlist, 'help': 'Wordlist to use'},
+	}
+	opt_key_map = {
+		USER_AGENT: OPT_NOT_SUPPORTED,
+		THREADS: 'c',
+		DEPTH: OPT_NOT_SUPPORTED,
+		DELAY: '--delay',
+		TIMEOUT: '--timeout',
+		METHOD: '--method',
+		WORDLIST: 'w',
+		FILTER_CODES: OPT_NOT_SUPPORTED,
+		FILTER_REGEX: OPT_NOT_SUPPORTED,
+		FILTER_SIZE: OPT_NOT_SUPPORTED,
+		FILTER_WORDS: OPT_NOT_SUPPORTED,
+		MATCH_CODES: OPT_NOT_SUPPORTED,
+		MATCH_REGEX: OPT_NOT_SUPPORTED,
+		MATCH_SIZE: OPT_NOT_SUPPORTED,
+		MATCH_WORDS: OPT_NOT_SUPPORTED,
+		HEADER: OPT_NOT_SUPPORTED,
+		RETRIES: OPT_NOT_SUPPORTED,
+		# HEADER: 'H',
+		RATE_LIMIT: OPT_NOT_SUPPORTED,
+		FOLLOW_REDIRECT: '--follow-redirects',
+	}
+	opt_value_map = {
+		HEADER: lambda headers: ';'.join(headers.split(';;'))
+	}
+	item_loaders = [JSONSerializer()]
+	install_pre_cmd = {
+		'apk': ['build-base', 'pkgconf', 'libssl3', 'libcrypto3', 'openssl-dev'],
+		'apt': ['build-essential', 'pkg-config', 'libssl-dev'],
+		'pacman': ['base-devel', 'pkg-config', 'openssl'],
+		'zypper': ['gcc', 'pkg-config', 'libopenssl-devel'],
+		'*': ['gcc', 'pkg-config', 'openssl-devel'],
+	}
+	install_version = '4.3.0'
+	install_cmd = 'cargo install x8@[install_version] --force'
+	install_github_bin = False  # TODO: enable this once https://github.com/Sh1Yo/x8/issues/65 is fixed
+	# install_github_version_prefix = 'v'
+	# install_ignore_bin = ['alpine', 'ubuntu']
+	github_handle = 'Sh1Yo/x8'
+	proxychains = False
+	proxy_socks5 = False
+	proxy_http = False
+	profile = 'io'
+
+	@staticmethod
+	def on_init(self):
+		self.urls = []
+		self.request_headers = {}
+		for k, v in self.get_opt_value(HEADER, preprocess=True).items():
+			self.request_headers[k] = v
+
+	@staticmethod
+	def on_json_loaded(self, item):
+		url = item['url']
+		if url not in self.urls:
+			self.urls.append(url)
+			yield Url(url=url, method=item['method'], status_code=item['status'], content_length=item['size'], request_headers=self.request_headers)  # noqa: E501
+		for param in item.get('found_params', []):
+			parsed_url = urlparse(url)
+			url_without_param = urlunparse(parsed_url._replace(query=''))
+			extra_data = {k: v for k, v in param.items() if k != 'name'}
+			extra_data['value'] = param['value']
+			extra_data['url'] = url
+			yield Tag(
+				category='info',
+				name='url_param',
+				match=url_without_param,
+				value=param['name'],
+				extra_data=extra_data
+			)