secator 0.3.6__tar.gz → 0.4.0__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of secator might be problematic. Click here for more details.
- {secator-0.3.6 → secator-0.4.0}/CHANGELOG.md +35 -0
- {secator-0.3.6 → secator-0.4.0}/PKG-INFO +12 -6
- {secator-0.3.6 → secator-0.4.0}/README.md +9 -5
- secator-0.4.0/images/demo.gif +0 -0
- secator-0.4.0/images/demo.tap +47 -0
- secator-0.4.0/images/help.png +0 -0
- {secator-0.3.6 → secator-0.4.0}/pyproject.toml +3 -1
- {secator-0.3.6 → secator-0.4.0}/scripts/stories/STORY.md +2 -2
- {secator-0.3.6 → secator-0.4.0}/secator/celery.py +14 -19
- {secator-0.3.6 → secator-0.4.0}/secator/cli.py +163 -81
- secator-0.4.0/secator/config.py +570 -0
- {secator-0.3.6 → secator-0.4.0}/secator/decorators.py +5 -5
- secator-0.4.0/secator/definitions.py +163 -0
- {secator-0.3.6 → secator-0.4.0}/secator/exporters/gdrive.py +10 -10
- {secator-0.3.6 → secator-0.4.0}/secator/hooks/mongodb.py +3 -4
- {secator-0.3.6 → secator-0.4.0}/secator/installer.py +10 -6
- {secator-0.3.6 → secator-0.4.0}/secator/output_types/vulnerability.py +3 -1
- {secator-0.3.6 → secator-0.4.0}/secator/runners/_base.py +11 -9
- {secator-0.3.6 → secator-0.4.0}/secator/runners/_helpers.py +52 -34
- {secator-0.3.6 → secator-0.4.0}/secator/runners/command.py +26 -30
- {secator-0.3.6 → secator-0.4.0}/secator/runners/scan.py +4 -7
- {secator-0.3.6 → secator-0.4.0}/secator/runners/task.py +2 -1
- {secator-0.3.6 → secator-0.4.0}/secator/runners/workflow.py +3 -6
- {secator-0.3.6 → secator-0.4.0}/secator/tasks/_categories.py +95 -44
- {secator-0.3.6 → secator-0.4.0}/secator/tasks/dnsxbrute.py +3 -2
- {secator-0.3.6 → secator-0.4.0}/secator/tasks/ffuf.py +2 -2
- {secator-0.3.6 → secator-0.4.0}/secator/tasks/httpx.py +4 -4
- {secator-0.3.6 → secator-0.4.0}/secator/tasks/katana.py +5 -4
- {secator-0.3.6 → secator-0.4.0}/secator/tasks/msfconsole.py +3 -4
- {secator-0.3.6 → secator-0.4.0}/secator/tasks/nmap.py +95 -48
- {secator-0.3.6 → secator-0.4.0}/secator/tasks/nuclei.py +4 -0
- secator-0.3.6/secator/config.py → secator-0.4.0/secator/template.py +24 -24
- {secator-0.3.6 → secator-0.4.0}/secator/utils.py +3 -7
- {secator-0.3.6 → secator-0.4.0}/tests/integration/inputs.py +2 -2
- {secator-0.3.6 → secator-0.4.0}/tests/integration/outputs.py +7 -7
- secator-0.4.0/tests/integration/test_worker.py +82 -0
- {secator-0.3.6 → secator-0.4.0}/tests/integration/test_workflows.py +2 -2
- {secator-0.3.6 → secator-0.4.0}/tests/performance/loadtester.py +2 -2
- secator-0.4.0/tests/unit/test_config.py +71 -0
- secator-0.4.0/tests/unit/test_offline.py +43 -0
- secator-0.3.6/images/demo.cast +0 -959
- secator-0.3.6/images/demo.gif +0 -0
- secator-0.3.6/images/help.png +0 -0
- secator-0.3.6/secator/definitions.py +0 -236
- {secator-0.3.6 → secator-0.4.0}/.flake8 +0 -0
- {secator-0.3.6 → secator-0.4.0}/.gitignore +0 -0
- {secator-0.3.6 → secator-0.4.0}/CONTRIBUTING.md +0 -0
- {secator-0.3.6 → secator-0.4.0}/Dockerfile +0 -0
- {secator-0.3.6 → secator-0.4.0}/LICENSE +0 -0
- {secator-0.3.6 → secator-0.4.0}/SECURITY.md +0 -0
- {secator-0.3.6 → secator-0.4.0}/cloudbuild.yaml +0 -0
- {secator-0.3.6 → secator-0.4.0}/images/aliases.cast +0 -0
- {secator-0.3.6 → secator-0.4.0}/images/aliases.gif +0 -0
- {secator-0.3.6 → secator-0.4.0}/images/fmt.cast +0 -0
- {secator-0.3.6 → secator-0.4.0}/images/fmt.gif +0 -0
- {secator-0.3.6 → secator-0.4.0}/images/input.cast +0 -0
- {secator-0.3.6 → secator-0.4.0}/images/input.gif +0 -0
- {secator-0.3.6 → secator-0.4.0}/images/pipe.cast +0 -0
- {secator-0.3.6 → secator-0.4.0}/images/pipe.gif +0 -0
- {secator-0.3.6 → secator-0.4.0}/images/short_demo.cast +0 -0
- {secator-0.3.6 → secator-0.4.0}/images/short_demo.gif +0 -0
- {secator-0.3.6 → secator-0.4.0}/scripts/download_cves.sh +0 -0
- {secator-0.3.6 → secator-0.4.0}/scripts/install.sh +0 -0
- {secator-0.3.6 → secator-0.4.0}/scripts/install_asciinema.sh +0 -0
- {secator-0.3.6 → secator-0.4.0}/scripts/install_go.sh +0 -0
- {secator-0.3.6 → secator-0.4.0}/scripts/install_ruby.sh +0 -0
- {secator-0.3.6 → secator-0.4.0}/scripts/msf/exploit_cve.rc +0 -0
- {secator-0.3.6 → secator-0.4.0}/scripts/msf/ftp_anonymous.rc +0 -0
- {secator-0.3.6 → secator-0.4.0}/scripts/msf/ftp_version.rc +0 -0
- {secator-0.3.6 → secator-0.4.0}/scripts/msf/ftp_vsftpd_234_backdoor.rc +0 -0
- {secator-0.3.6 → secator-0.4.0}/scripts/msf/redis.rc +0 -0
- {secator-0.3.6 → secator-0.4.0}/scripts/msfinstall.sh +0 -0
- {secator-0.3.6 → secator-0.4.0}/scripts/stories/aliases.sh +0 -0
- {secator-0.3.6 → secator-0.4.0}/scripts/stories/demo.sh +0 -0
- {secator-0.3.6 → secator-0.4.0}/scripts/stories/fmt.sh +0 -0
- {secator-0.3.6 → secator-0.4.0}/scripts/stories/input.sh +0 -0
- {secator-0.3.6 → secator-0.4.0}/scripts/stories/pipe.sh +0 -0
- {secator-0.3.6 → secator-0.4.0}/scripts/stories/short_demo.sh +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/.gitignore +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/__init__.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/configs/__init__.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/configs/profiles/__init__.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/configs/profiles/aggressive.yaml +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/configs/profiles/default.yaml +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/configs/profiles/stealth.yaml +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/configs/scans/__init__.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/configs/scans/domain.yaml +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/configs/scans/host.yaml +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/configs/scans/network.yaml +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/configs/scans/subdomain.yaml +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/configs/scans/url.yaml +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/configs/workflows/__init__.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/configs/workflows/cidr_recon.yaml +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/configs/workflows/code_scan.yaml +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/configs/workflows/host_recon.yaml +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/configs/workflows/port_scan.yaml +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/configs/workflows/subdomain_recon.yaml +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/configs/workflows/url_crawl.yaml +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/configs/workflows/url_dirsearch.yaml +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/configs/workflows/url_fuzz.yaml +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/configs/workflows/url_nuclei.yaml +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/configs/workflows/url_vuln.yaml +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/configs/workflows/user_hunt.yaml +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/configs/workflows/wordpress.yaml +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/exporters/__init__.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/exporters/_base.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/exporters/csv.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/exporters/json.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/exporters/table.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/exporters/txt.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/hooks/__init__.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/output_types/__init__.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/output_types/_base.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/output_types/exploit.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/output_types/ip.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/output_types/port.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/output_types/progress.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/output_types/record.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/output_types/subdomain.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/output_types/tag.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/output_types/target.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/output_types/url.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/output_types/user_account.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/report.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/rich.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/runners/__init__.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/serializers/__init__.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/serializers/dataclass.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/serializers/json.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/serializers/regex.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/tasks/__init__.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/tasks/cariddi.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/tasks/dalfox.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/tasks/dirsearch.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/tasks/dnsx.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/tasks/feroxbuster.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/tasks/fping.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/tasks/gau.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/tasks/gf.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/tasks/gospider.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/tasks/grype.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/tasks/h8mail.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/tasks/maigret.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/tasks/mapcidr.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/tasks/naabu.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/tasks/searchsploit.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/tasks/subfinder.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/tasks/wpscan.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/secator/utils_test.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/tests/__init__.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/tests/fixtures/h8mail_breach.txt +0 -0
- {secator-0.3.6 → secator-0.4.0}/tests/fixtures/msfconsole_input.rc +0 -0
- {secator-0.3.6 → secator-0.4.0}/tests/fixtures/nmap_output.xml +0 -0
- {secator-0.3.6 → secator-0.4.0}/tests/integration/__init__.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/tests/integration/setup.sh +0 -0
- {secator-0.3.6 → secator-0.4.0}/tests/integration/teardown.sh +0 -0
- {secator-0.3.6 → secator-0.4.0}/tests/integration/test_scans.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/tests/integration/test_tasks.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/tests/integration/wordlist.txt +0 -0
- {secator-0.3.6 → secator-0.4.0}/tests/integration/wordlist_dns.txt +0 -0
- {secator-0.3.6 → secator-0.4.0}/tests/integration/wordpress_toolbox/Dockerfile +0 -0
- {secator-0.3.6 → secator-0.4.0}/tests/integration/wordpress_toolbox/Makefile +0 -0
- {secator-0.3.6 → secator-0.4.0}/tests/performance/__init__.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/tests/unit/__init__.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/tests/unit/test_celery.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/tests/unit/test_scans.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/tests/unit/test_serializers.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/tests/unit/test_tasks.py +0 -0
- {secator-0.3.6 → secator-0.4.0}/tests/unit/test_workflows.py +0 -0
|
@@ -1,5 +1,40 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## [0.4.0](https://github.com/freelabz/secator/compare/v0.3.6...v0.4.0) (2024-04-27)
|
|
4
|
+
|
|
5
|
+
|
|
6
|
+
### Features
|
|
7
|
+
|
|
8
|
+
* `nuclei` - add "meta" items to extra_data ([#329](https://github.com/freelabz/secator/issues/329)) ([d986e01](https://github.com/freelabz/secator/commit/d986e01ed10bfd58c57565e24f053cf4ffb165b5))
|
|
9
|
+
* add offline mode ([#314](https://github.com/freelabz/secator/issues/314)) ([6b55e99](https://github.com/freelabz/secator/commit/6b55e99a9e60a102afaf71a49148a8aec1b2e3dc))
|
|
10
|
+
* add secator configuration loader ([#313](https://github.com/freelabz/secator/issues/313)) ([9b9ab7b](https://github.com/freelabz/secator/commit/9b9ab7b1c394bd77c986fcb755d19d1b887228cf))
|
|
11
|
+
|
|
12
|
+
|
|
13
|
+
### Bug Fixes
|
|
14
|
+
|
|
15
|
+
* add alias for config command and reload help screenshot ([#324](https://github.com/freelabz/secator/issues/324)) ([3dbc9ad](https://github.com/freelabz/secator/commit/3dbc9adf7a3b12dbf5bdcaa2224297d58b1e2fd8))
|
|
16
|
+
* add nmap --top-ports option ([#339](https://github.com/freelabz/secator/issues/339)) ([6352be7](https://github.com/freelabz/secator/commit/6352be7350890c38e521d98b89e7e634ed8c8684))
|
|
17
|
+
* add redis addon missing warning on celery worker ([#310](https://github.com/freelabz/secator/issues/310)) ([c0afc3a](https://github.com/freelabz/secator/commit/c0afc3a068140f9811845c05c8d3763d932407de))
|
|
18
|
+
* better vuln detection ([#349](https://github.com/freelabz/secator/issues/349)) ([150b603](https://github.com/freelabz/secator/commit/150b6030e6702f599b8a67ba53bef4c2e675e90a))
|
|
19
|
+
* **config:** broken list values with 0 or 1 element ([#364](https://github.com/freelabz/secator/issues/364)) ([7ef7a5e](https://github.com/freelabz/secator/commit/7ef7a5e27604df53868d2b670439a0a7150e8af1))
|
|
20
|
+
* **docker:** pull remote DockerHub images in Compose ([#363](https://github.com/freelabz/secator/issues/363)) ([dce6d8a](https://github.com/freelabz/secator/commit/dce6d8a5d722aa85c1fc2592f44738b6bfe79b04))
|
|
21
|
+
* grype integration test ([#327](https://github.com/freelabz/secator/issues/327)) ([33ddb84](https://github.com/freelabz/secator/commit/33ddb84836965c4bff6fd442c317de240e54ec3f))
|
|
22
|
+
* minor config tweaks ([#360](https://github.com/freelabz/secator/issues/360)) ([4631024](https://github.com/freelabz/secator/commit/46310245afe0b0d04a6b333175f28ffeab1659bb))
|
|
23
|
+
* next steps highlight ([#326](https://github.com/freelabz/secator/issues/326)) ([528c715](https://github.com/freelabz/secator/commit/528c715e4f20bceb9dbae85e99b707243d556aea))
|
|
24
|
+
* proper local file naming for sudo_killer.zip ([#330](https://github.com/freelabz/secator/issues/330)) ([f7e563f](https://github.com/freelabz/secator/commit/f7e563f3a4a20fd38f7167e2bd682ddb3eea6224))
|
|
25
|
+
* query CVEs without CPE match ([#321](https://github.com/freelabz/secator/issues/321)) ([d02e09c](https://github.com/freelabz/secator/commit/d02e09cc379afa85df25227f6c0bab4496031d78))
|
|
26
|
+
* switch payload sudo_killer to zip ([#318](https://github.com/freelabz/secator/issues/318)) ([2a92dc8](https://github.com/freelabz/secator/commit/2a92dc8d4a71cce71a85bb77747b8af2d5aed6c4))
|
|
27
|
+
* task description in remote mode ([#344](https://github.com/freelabz/secator/issues/344)) ([1140611](https://github.com/freelabz/secator/commit/1140611a1129c19bd306db33396ea3fa1bc88f25))
|
|
28
|
+
* truncated pickle error ([#334](https://github.com/freelabz/secator/issues/334)) ([663af17](https://github.com/freelabz/secator/commit/663af1777d07c7628a220ee627aece9fc83e6095))
|
|
29
|
+
|
|
30
|
+
|
|
31
|
+
### Documentation
|
|
32
|
+
|
|
33
|
+
* add VHS demo ([#293](https://github.com/freelabz/secator/issues/293)) ([70454a6](https://github.com/freelabz/secator/commit/70454a60053ef6ce3002565c07ede7b00b14e335))
|
|
34
|
+
* update README.md ([a0a19fb](https://github.com/freelabz/secator/commit/a0a19fb24cd297e98cb8716e691ed6fcf11475c6))
|
|
35
|
+
* update README.md ([341f5b8](https://github.com/freelabz/secator/commit/341f5b8cd049fd8e33ebfb525de0377d0a659df2))
|
|
36
|
+
* Update README.md ([98c986c](https://github.com/freelabz/secator/commit/98c986c644bbe62434c0a2fe72fe9eea606c2e8d))
|
|
37
|
+
|
|
3
38
|
## [0.3.6](https://github.com/freelabz/secator/compare/v0.3.5...v0.3.6) (2024-04-17)
|
|
4
39
|
|
|
5
40
|
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.3
|
|
2
2
|
Name: secator
|
|
3
|
-
Version: 0.
|
|
3
|
+
Version: 0.4.0
|
|
4
4
|
Summary: The pentester's swiss knife.
|
|
5
5
|
Project-URL: Homepage, https://github.com/freelabz/secator
|
|
6
6
|
Project-URL: Issues, https://github.com/freelabz/secator/issues
|
|
@@ -29,11 +29,13 @@ Requires-Dist: humanize<5
|
|
|
29
29
|
Requires-Dist: ifaddr<1
|
|
30
30
|
Requires-Dist: jinja2<4
|
|
31
31
|
Requires-Dist: packaging<25
|
|
32
|
+
Requires-Dist: pydantic<3
|
|
32
33
|
Requires-Dist: python-dotenv<2
|
|
33
34
|
Requires-Dist: pyyaml<7
|
|
34
35
|
Requires-Dist: requests<3
|
|
35
36
|
Requires-Dist: rich-click<1.7
|
|
36
37
|
Requires-Dist: rich<14
|
|
38
|
+
Requires-Dist: typing-extensions<5
|
|
37
39
|
Requires-Dist: validators<1
|
|
38
40
|
Requires-Dist: xmltodict<1
|
|
39
41
|
Provides-Extra: build
|
|
@@ -90,7 +92,7 @@ and it is designed to improve productivity for pentesters and security researche
|
|
|
90
92
|
|
|
91
93
|
# Features
|
|
92
94
|
|
|
93
|
-
|
|
94
96
|
|
|
95
97
|
* **Curated list of commands**
|
|
96
98
|
|
|
@@ -177,14 +179,18 @@ wget -O - https://raw.githubusercontent.com/freelabz/secator/main/scripts/instal
|
|
|
177
179
|
<summary>Docker</summary>
|
|
178
180
|
|
|
179
181
|
```sh
|
|
180
|
-
docker run -it --rm --net=host -v
|
|
182
|
+
docker run -it --rm --net=host -v ~/.secator:/root/.secator freelabz/secator --help
|
|
181
183
|
```
|
|
182
184
|
|
|
183
|
-
The volume mount
|
|
185
|
+
The volume mount -v is necessary to save all secator reports to your host machine, and--net=host is recommended to grant full access to the host network.
|
|
184
186
|
|
|
185
|
-
You can
|
|
187
|
+
You can alias this command to run it easier:
|
|
186
188
|
```sh
|
|
187
|
-
alias secator="docker run -it --rm --net=host -v
|
|
189
|
+
alias secator="docker run -it --rm --net=host -v ~/.secator:/root/.secator freelabz/secator"
|
|
190
|
+
```
|
|
191
|
+
|
|
192
|
+
Now you can run secator like if it was installed on baremetal:
|
|
193
|
+
```
|
|
188
194
|
secator --help
|
|
189
195
|
```
|
|
190
196
|
|
|
@@ -29,7 +29,7 @@ and it is designed to improve productivity for pentesters and security researche
|
|
|
29
29
|
|
|
30
30
|
# Features
|
|
31
31
|
|
|
32
|
-
|
|
33
33
|
|
|
34
34
|
* **Curated list of commands**
|
|
35
35
|
|
|
@@ -116,14 +116,18 @@ wget -O - https://raw.githubusercontent.com/freelabz/secator/main/scripts/instal
|
|
|
116
116
|
<summary>Docker</summary>
|
|
117
117
|
|
|
118
118
|
```sh
|
|
119
|
-
docker run -it --rm --net=host -v
|
|
119
|
+
docker run -it --rm --net=host -v ~/.secator:/root/.secator freelabz/secator --help
|
|
120
120
|
```
|
|
121
121
|
|
|
122
|
-
The volume mount
|
|
122
|
+
The volume mount -v is necessary to save all secator reports to your host machine, and--net=host is recommended to grant full access to the host network.
|
|
123
123
|
|
|
124
|
-
You can
|
|
124
|
+
You can alias this command to run it easier:
|
|
125
125
|
```sh
|
|
126
|
-
alias secator="docker run -it --rm --net=host -v
|
|
126
|
+
alias secator="docker run -it --rm --net=host -v ~/.secator:/root/.secator freelabz/secator"
|
|
127
|
+
```
|
|
128
|
+
|
|
129
|
+
Now you can run secator like if it was installed on baremetal:
|
|
130
|
+
```
|
|
127
131
|
secator --help
|
|
128
132
|
```
|
|
129
133
|
|
|
Binary file
|
|
@@ -0,0 +1,47 @@
|
|
|
1
|
+
secator --help
|
|
2
|
+
clear
|
|
3
|
+
|
|
4
|
+
# Run tasks ...
|
|
5
|
+
secator x katana http://testphp.vulnweb.com -rl 100 -timeout 10 -header Accept:text/html
|
|
6
|
+
clear
|
|
7
|
+
|
|
8
|
+
# ... with mutualized input options and output types !
|
|
9
|
+
Up 3
|
|
10
|
+
Left 72
|
|
11
|
+
Backspace 6
|
|
12
|
+
dirsearch # noenter
|
|
13
|
+
|
|
14
|
+
Up 1
|
|
15
|
+
Backspace 9
|
|
16
|
+
cariddi # noenter
|
|
17
|
+
|
|
18
|
+
Up 1
|
|
19
|
+
Backspace 7
|
|
20
|
+
feroxbuster # nowait
|
|
21
|
+
Sleep 5s
|
|
22
|
+
Ctrl+C
|
|
23
|
+
Sleep 3s
|
|
24
|
+
|
|
25
|
+
Up 1
|
|
26
|
+
Left 72
|
|
27
|
+
Backspace 11
|
|
28
|
+
nmap # noenter
|
|
29
|
+
Right 8
|
|
30
|
+
Backspace 7
|
|
31
|
+
Right 19
|
|
32
|
+
Space 1
|
|
33
|
+
-p 80,443 # noenter
|
|
34
|
+
Right 45
|
|
35
|
+
Backspace 25
|
|
36
|
+
Sleep 2s
|
|
37
|
+
Enter
|
|
38
|
+
Wait
|
|
39
|
+
Sleep 3s
|
|
40
|
+
clear
|
|
41
|
+
|
|
42
|
+
# Run workflows ...
|
|
43
|
+
secator w host_recon --help
|
|
44
|
+
|
|
45
|
+
Up 1
|
|
46
|
+
Backspace 6
|
|
47
|
+
localhost -rl 1000 -ss -p 6379,8080 -tid redis-info,exposed-redis,CVE-2021-44228
|
|
Binary file
|
|
@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
|
|
|
4
4
|
|
|
5
5
|
[project]
|
|
6
6
|
name = "secator"
|
|
7
|
-
version = "0.
|
|
7
|
+
version = "0.4.0"
|
|
8
8
|
authors = [{ name = "FreeLabz", email = "sales@freelabz.com" }]
|
|
9
9
|
readme = "README.md"
|
|
10
10
|
description = "The pentester's swiss knife."
|
|
@@ -42,9 +42,11 @@ dependencies = [
|
|
|
42
42
|
"packaging < 25",
|
|
43
43
|
"python-dotenv < 2",
|
|
44
44
|
"pyyaml < 7",
|
|
45
|
+
"pydantic < 3",
|
|
45
46
|
"requests < 3",
|
|
46
47
|
"rich < 14",
|
|
47
48
|
"rich-click < 1.7",
|
|
49
|
+
"typing_extensions < 5",
|
|
48
50
|
"validators < 1",
|
|
49
51
|
"xmltodict < 1"
|
|
50
52
|
]
|
|
@@ -60,9 +60,9 @@ secator z default mydomain.com --worker
|
|
|
60
60
|
**Callbacks (library mode):**
|
|
61
61
|
```py
|
|
62
62
|
from secator.runners import Workflow
|
|
63
|
-
from secator.
|
|
63
|
+
from secator.template import TemplateLoader
|
|
64
64
|
|
|
65
|
-
config =
|
|
65
|
+
config = TemplateLoader(name='workflows/host_recon')
|
|
66
66
|
hooks = {
|
|
67
67
|
Task: {
|
|
68
68
|
'on_item': {
|
|
@@ -9,12 +9,7 @@ from celery.result import AsyncResult, allow_join_result
|
|
|
9
9
|
# from pyinstrument import Profiler # TODO: make pyinstrument optional
|
|
10
10
|
from rich.logging import RichHandler
|
|
11
11
|
|
|
12
|
-
from secator.
|
|
13
|
-
CELERY_BROKER_POOL_LIMIT, CELERY_BROKER_URL,
|
|
14
|
-
CELERY_BROKER_VISIBILITY_TIMEOUT,
|
|
15
|
-
CELERY_DATA_FOLDER,
|
|
16
|
-
CELERY_OVERRIDE_DEFAULT_LOGGING,
|
|
17
|
-
CELERY_RESULT_BACKEND, DEBUG)
|
|
12
|
+
from secator.config import CONFIG
|
|
18
13
|
from secator.rich import console
|
|
19
14
|
from secator.runners import Scan, Task, Workflow
|
|
20
15
|
from secator.runners._helpers import run_extractors
|
|
@@ -33,7 +28,7 @@ logging.basicConfig(
|
|
|
33
28
|
handlers=[rich_handler],
|
|
34
29
|
force=True)
|
|
35
30
|
logging.getLogger('kombu').setLevel(logging.ERROR)
|
|
36
|
-
logging.getLogger('celery').setLevel(logging.INFO if
|
|
31
|
+
logging.getLogger('celery').setLevel(logging.INFO if CONFIG.debug.level > 6 else logging.WARNING)
|
|
37
32
|
|
|
38
33
|
logger = logging.getLogger(__name__)
|
|
39
34
|
|
|
@@ -49,19 +44,19 @@ app.conf.update({
|
|
|
49
44
|
'worker_max_tasks_per_child': 10,
|
|
50
45
|
|
|
51
46
|
# Broker config
|
|
52
|
-
'broker_url':
|
|
47
|
+
'broker_url': CONFIG.celery.broker_url,
|
|
53
48
|
'broker_transport_options': {
|
|
54
|
-
'data_folder_in':
|
|
55
|
-
'data_folder_out':
|
|
56
|
-
'control_folder':
|
|
57
|
-
'visibility_timeout':
|
|
49
|
+
'data_folder_in': CONFIG.dirs.celery_data,
|
|
50
|
+
'data_folder_out': CONFIG.dirs.celery_data,
|
|
51
|
+
'control_folder': CONFIG.dirs.celery_data,
|
|
52
|
+
'visibility_timeout': CONFIG.celery.broker_visibility_timeout,
|
|
58
53
|
},
|
|
59
54
|
'broker_connection_retry_on_startup': True,
|
|
60
|
-
'broker_pool_limit':
|
|
61
|
-
'broker_connection_timeout':
|
|
55
|
+
'broker_pool_limit': CONFIG.celery.broker_pool_limit,
|
|
56
|
+
'broker_connection_timeout': CONFIG.celery.broker_connection_timeout,
|
|
62
57
|
|
|
63
58
|
# Backend config
|
|
64
|
-
'result_backend':
|
|
59
|
+
'result_backend': CONFIG.celery.result_backend,
|
|
65
60
|
'result_extended': True,
|
|
66
61
|
'result_backend_thread_safe': True,
|
|
67
62
|
# 'result_backend_transport_options': {'master_name': 'mymaster'}, # for Redis HA backend
|
|
@@ -90,7 +85,7 @@ app.autodiscover_tasks(['secator.hooks.mongodb'], related_name=None)
|
|
|
90
85
|
|
|
91
86
|
def maybe_override_logging():
|
|
92
87
|
def decorator(func):
|
|
93
|
-
if
|
|
88
|
+
if CONFIG.celery.override_default_logging:
|
|
94
89
|
return signals.setup_logging.connect(func)
|
|
95
90
|
else:
|
|
96
91
|
return func
|
|
@@ -151,7 +146,7 @@ def break_task(task_cls, task_opts, targets, results=[], chunk_size=1):
|
|
|
151
146
|
|
|
152
147
|
@app.task(bind=True)
|
|
153
148
|
def run_task(self, args=[], kwargs={}):
|
|
154
|
-
if
|
|
149
|
+
if CONFIG.debug.level > 1:
|
|
155
150
|
logger.info(f'Received task with args {args} and kwargs {kwargs}')
|
|
156
151
|
if 'context' not in kwargs:
|
|
157
152
|
kwargs['context'] = {}
|
|
@@ -162,7 +157,7 @@ def run_task(self, args=[], kwargs={}):
|
|
|
162
157
|
|
|
163
158
|
@app.task(bind=True)
|
|
164
159
|
def run_workflow(self, args=[], kwargs={}):
|
|
165
|
-
if
|
|
160
|
+
if CONFIG.debug.level > 1:
|
|
166
161
|
logger.info(f'Received workflow with args {args} and kwargs {kwargs}')
|
|
167
162
|
if 'context' not in kwargs:
|
|
168
163
|
kwargs['context'] = {}
|
|
@@ -173,7 +168,7 @@ def run_workflow(self, args=[], kwargs={}):
|
|
|
173
168
|
|
|
174
169
|
@app.task(bind=True)
|
|
175
170
|
def run_scan(self, args=[], kwargs={}):
|
|
176
|
-
if
|
|
171
|
+
if CONFIG.debug.level > 1:
|
|
177
172
|
logger.info(f'Received scan with args {args} and kwargs {kwargs}')
|
|
178
173
|
if 'context' not in kwargs:
|
|
179
174
|
kwargs['context'] = {}
|