secator 0.6.0__py3-none-any.whl → 0.8.0__py3-none-any.whl

secator/tasks/nmap.py

@@ -8,15 +8,14 @@ from secator.config import CONFIG
 from secator.decorators import task
 from secator.definitions import (CONFIDENCE, CVSS_SCORE, DELAY,
 								 DESCRIPTION, EXTRA_DATA, FOLLOW_REDIRECT,
-								 HEADER, HOST, ID, IP, MATCHED_AT, NAME,
+								 HEADER, HOST, ID, IP, PROTOCOL, MATCHED_AT, NAME,
 								 OPT_NOT_SUPPORTED, OUTPUT_PATH, PORT, PORTS, PROVIDER,
 								 PROXY, RATE_LIMIT, REFERENCE, REFERENCES,
 								 RETRIES, SCRIPT, SERVICE_NAME, SEVERITY, STATE, TAGS,
 								 THREADS, TIMEOUT, TOP_PORTS, USER_AGENT)
-from secator.output_types import Exploit, Port, Vulnerability
-from secator.rich import console
+from secator.output_types import Exploit, Port, Vulnerability, Info, Error
 from secator.tasks._categories import VulnMulti
-from secator.utils import debug
+from secator.utils import debug, traceback_as_string
 
 logger = logging.getLogger(__name__)
 
@@ -24,7 +23,7 @@ logger = logging.getLogger(__name__)
 @task()
 class nmap(VulnMulti):
 	"""Network Mapper is a free and open source utility for network discovery and security auditing."""
-	cmd = 'nmap -sT -sV -Pn'
+	cmd = 'nmap'
 	input_flag = None
 	input_chunk_size = 1
 	file_flag = '-iL'
@@ -34,8 +33,11 @@ class nmap(VulnMulti):
 		PORTS: {'type': str, 'short': 'p', 'help': 'Ports to scan'},
 		TOP_PORTS: {'type': int, 'short': 'tp', 'help': 'Top ports to scan [full, 100, 1000]'},
 		SCRIPT: {'type': str, 'default': 'vulners', 'help': 'NSE scripts'},
-		# 'tcp_connect': {'type': bool, 'short': 'sT', 'default': False, 'help': 'TCP Connect scan'},
+		'skip_host_discovery': {'is_flag': True, 'short': 'Pn', 'default': False, 'help': 'Skip host discovery (no ping)'},
+		'version_detection': {'is_flag': True, 'short': 'sV', 'default': False, 'help': 'Version detection'},
 		'tcp_syn_stealth': {'is_flag': True, 'short': 'sS', 'default': False, 'help': 'TCP SYN Stealth'},
+		'tcp_connect': {'is_flag': True, 'short': 'sT', 'default': False, 'help': 'TCP Connect scan'},
+		'udp_scan': {'is_flag': True, 'short': 'sU', 'default': False, 'help': 'UDP scan'},
 		'output_path': {'type': str, 'short': 'oX', 'default': None, 'help': 'Output XML file path'},
 	}
 	opt_key_map = {
@@ -51,14 +53,22 @@ class nmap(VulnMulti):
 
 		# Nmap opts
 		PORTS: '-p',
+		'skip_host_discovery': '-Pn',
+		'version_detection': '-sV',
+		'tcp_connect': '-sT',
+		'tcp_syn_stealth': '-sS',
+		'udp_scan': '-sU',
 		'output_path': '-oX',
-		'tcp_syn_stealth': '-sS'
 	}
 	opt_value_map = {
 		PORTS: lambda x: ','.join([str(p) for p in x]) if isinstance(x, list) else x
 	}
+	install_pre = {
+		'apt|pacman|brew': ['nmap'],
+		'apk': ['nmap', 'nmap-scripts'],
+	}
 	install_cmd = (
-		'sudo apt install -y nmap && sudo git clone https://github.com/scipag/vulscan /opt/scipag_vulscan || true && '
+		'sudo git clone https://github.com/scipag/vulscan /opt/scipag_vulscan || true && '
 		'sudo ln -s /opt/scipag_vulscan /usr/share/nmap/scripts/vulscan || true'
 	)
 	proxychains = True
@@ -75,21 +85,23 @@ class nmap(VulnMulti):
 		self.output_path = output_path
 		self.cmd += f' -oX {self.output_path}'
 		tcp_syn_stealth = self.get_opt_value('tcp_syn_stealth')
-		if tcp_syn_stealth:
+		tcp_connect = self.get_opt_value('tcp_connect')
+		udp_scan = self.get_opt_value('udp_scan')
+		if tcp_syn_stealth or udp_scan:
 			self.cmd = f'sudo {self.cmd}'
-			self.cmd = self.cmd.replace('-sT', '')
+		if tcp_connect and tcp_syn_stealth:
+			self._print(
+				'Options -sT (SYN stealth scan) and -sS (CONNECT scan) are conflicting. Keeping only -sT.',
+				'bold gold3')
+			self.cmd = self.cmd.replace('-sT ', '')
 
-	def yielder(self):
-		yield from super().yielder()
-		if self.return_code != 0:
+	@staticmethod
+	def on_cmd_done(self):
+		if not os.path.exists(self.output_path):
+			yield Error(message=f'Could not find XML results in {self.output_path}')
 			return
-		self.results = []
-		note = f'nmap XML results saved to {self.output_path}'
-		if self.print_line:
-			self._print(note)
-		if os.path.exists(self.output_path):
-			nmap_data = self.xml_to_json()
-			yield from nmap_data
+		yield Info(message=f'XML results saved to {self.output_path}')
+		yield from self.xml_to_json()
 
 	def xml_to_json(self):
 		results = []
@@ -97,17 +109,18 @@ class nmap(VulnMulti):
 			content = f.read()
 			try:
 				results = xmltodict.parse(content)  # parse XML to dict
-			except Exception as e:
-				logger.exception(e)
-				logger.error(
-					f'Cannot parse nmap XML output {self.output_path} to valid JSON.')
-		results['_host'] = self.input
-		return nmapData(results)
+			except Exception as exc:
+				yield Error(
+					message=f'Cannot parse XML output {self.output_path} to valid JSON.',
+					traceback=traceback_as_string(exc)
+				)
+		yield from nmapData(results)
 
 
 class nmapData(dict):
 
 	def __iter__(self):
+		datas = []
 		for host in self._get_hosts():
 			hostname = self._get_hostname(host)
 			ip = self._get_ip(host)
@@ -123,14 +136,9 @@ class nmapData(dict):
 
 				# Get extra data
 				extra_data = self._get_extra_data(port)
-				service_name = extra_data['service_name']
+				service_name = extra_data.get('service_name', '')
 				version_exact = extra_data.get('version_exact', False)
 				conf = extra_data.get('confidence')
-				if not version_exact:
-					console.print(
-						f'[bold orange1]nmap could not identify an exact version for {service_name} '
-						f'(detection confidence is {conf}): do not blindy trust the results ![/]'
-					)
 
 				# Grab CPEs
 				cpes = extra_data.get('cpe', [])
@@ -138,6 +146,9 @@ class nmapData(dict):
 				# Get script output
 				scripts = self._get_scripts(port)
 
+				# Get port protocol
+				protocol = port['@protocol'].lower()
+
 				# Yield port data
 				port = {
 					PORT: port_number,
@@ -145,7 +156,9 @@ class nmapData(dict):
 					STATE: state,
 					SERVICE_NAME: service_name,
 					IP: ip,
-					EXTRA_DATA: extra_data
+					PROTOCOL: protocol,
+					EXTRA_DATA: extra_data,
+					CONFIDENCE: conf
 				}
 				yield port
 
@@ -169,16 +182,19 @@ class nmapData(dict):
 					if not func:
 						debug(f'Script output parser for "{script_id}" is not supported YET.', sub='cve')
 						continue
-					for vuln in func(output, cpes=cpes):
-						vuln.update(metadata)
+					for data in func(output, cpes=cpes):
+						data.update(metadata)
 						confidence = 'low'
-						if 'cpe-match' in vuln[TAGS]:
+						if 'cpe-match' in data[TAGS]:
 							confidence = 'high' if version_exact else 'medium'
-						vuln[CONFIDENCE] = confidence
-						if (CONFIG.runners.skip_cve_low_confidence and vuln[CONFIDENCE] == 'low'):
-							debug(f'{vuln[ID]}: ignored (low confidence).', sub='cve')
+						data[CONFIDENCE] = confidence
+						if (CONFIG.runners.skip_cve_low_confidence and data[CONFIDENCE] == 'low'):
+							debug(f'{data[ID]}: ignored (low confidence).', sub='cve')
+							continue
+						if data in datas:
 							continue
-						yield vuln
+						yield data
+						datas.append(data)
 
 	#---------------------#
 	# XML FILE EXTRACTORS #
@@ -197,7 +213,6 @@ class nmapData(dict):
 
 	def _get_hostname(self, host_cfg):
 		hostnames = host_cfg.get('hostnames', {})
-		hostname = self['_host']
 		if hostnames:
 			hostnames = hostnames.get('hostname', [])
 			if isinstance(hostnames, dict):
@@ -205,11 +220,19 @@ class nmapData(dict):
 			if hostnames:
 				hostname = hostnames[0]['@name']
 		else:
-			hostname = host_cfg.get('address', {}).get('@addr', None)
+			hostname = self._get_address(host_cfg).get('@addr', None)
 		return hostname
 
+	def _get_address(self, host_cfg):
+		if isinstance(host_cfg.get('address', {}), list):
+			addresses = host_cfg.get('address', {})
+			for address in addresses:
+				if address.get('@addrtype') == "ipv4":
+					return address
+		return host_cfg.get('address', {})
+
 	def _get_ip(self, host_cfg):
-		return host_cfg.get('address', {}).get('@addr', None)
+		return self._get_address(host_cfg).get('@addr', None)
 
 	def _get_extra_data(self, port_cfg):
 		extra_data = {
@@ -246,7 +269,7 @@ class nmapData(dict):
 			extra_data['version_exact'] = version_exact
 
 		# Grap service name
-		product = extra_data.get('name', None) or extra_data.get('product', None)
+		product = extra_data.get('product', None) or extra_data.get('name', None)
 		if product:
 			service_name = product
 			if version:
@@ -324,12 +347,12 @@ class nmapData(dict):
 				TAGS: [vuln_id, provider_name]
 			}
 			if provider_name == 'MITRE CVE':
-				data = VulnMulti.lookup_cve(vuln['id'], cpes=cpes)
+				data = VulnMulti.lookup_cve(vuln['id'], *cpes)
 				if data:
 					vuln.update(data)
 				yield vuln
 			else:
-				debug(f'Vulscan provider {provider_name} is not supported YET.', sub='cve')
+				debug(f'Vulscan provider {provider_name} is not supported YET.', sub='cve.provider', verbose=True)
 				continue
 
 	def _parse_vulners_output(self, out, **kwargs):
@@ -343,30 +366,35 @@ class nmapData(dict):
 				cpes.append(line.rstrip(':'))
 				continue
 			elems = tuple(line.split('\t'))
-			vuln = {}
 
 			if len(elems) == 4:  # exploit
 				# TODO: Implement exploit processing
 				exploit_id, cvss_score, reference_url, _ = elems
 				name = exploit_id
 				# edb_id = name.split(':')[-1] if 'EDB-ID' in name else None
-				vuln = {
+				exploit = {
 					ID: exploit_id,
 					NAME: name,
 					PROVIDER: provider_name,
 					REFERENCE: reference_url,
+					TAGS: [exploit_id, provider_name],
+					CVSS_SCORE: cvss_score,
+					CONFIDENCE: 'low',
 					'_type': 'exploit',
-					TAGS: [exploit_id, provider_name]
-					# CVSS_SCORE: cvss_score,
-					# CONFIDENCE: 'low'
 				}
 				# TODO: lookup exploit in ExploitDB to find related CVEs
 				# if edb_id:
 				# 	print(edb_id)
-				# 	vuln_data = VulnMulti.lookup_exploitdb(edb_id)
-				yield vuln
+				# 	exploit_data = VulnMulti.lookup_exploitdb(edb_id)
+				vuln = VulnMulti.lookup_cve_from_vulners_exploit(exploit_id, *cpes)
+				if vuln:
+					yield vuln
+					exploit[TAGS].extend(vuln[TAGS])
+					exploit[CONFIDENCE] = vuln[CONFIDENCE]
+				yield exploit
 
 			elif len(elems) == 3:  # vuln
+				vuln = {}
 				vuln_id, vuln_cvss, reference_url = tuple(line.split('\t'))
 				vuln_cvss = float(vuln_cvss)
 				vuln_id = vuln_id.split(':')[-1]
@@ -382,8 +410,7 @@ class nmapData(dict):
 					CONFIDENCE: 'low'
 				}
 				if vuln_type == 'CVE' or vuln_type == 'PRION:CVE':
-					vuln[TAGS].append('cve')
-					data = VulnMulti.lookup_cve(vuln_id, cpes=cpes)
+					data = VulnMulti.lookup_cve(vuln_id, *cpes)
 					if data:
 						vuln.update(data)
 					yield vuln

secator/tasks/nuclei.py

@@ -4,15 +4,16 @@ from secator.definitions import (CONFIDENCE, CVSS_SCORE, DELAY, DESCRIPTION,
 								 MATCHED_AT, NAME, OPT_NOT_SUPPORTED, PERCENT,
 								 PROVIDER, PROXY, RATE_LIMIT, REFERENCES,
 								 RETRIES, SEVERITY, TAGS, THREADS, TIMEOUT,
-								 USER_AGENT, DEFAULT_NUCLEI_FLAGS)
+								 USER_AGENT)
 from secator.output_types import Progress, Vulnerability
+from secator.serializers import JSONSerializer
 from secator.tasks._categories import VulnMulti
 
 
 @task()
 class nuclei(VulnMulti):
 	"""Fast and customisable vulnerability scanner based on simple YAML based DSL."""
-	cmd = f'nuclei {DEFAULT_NUCLEI_FLAGS}'
+	cmd = 'nuclei'
 	file_flag = '-l'
 	input_flag = '-u'
 	json_flag = '-jsonl'
@@ -23,6 +24,11 @@ class nuclei(VulnMulti):
 		'exclude_severity': {'type': str, 'short': 'es', 'help': 'Exclude severity'},
 		'template_id': {'type': str, 'short': 'tid', 'help': 'Template id'},
 		'debug': {'type': str, 'help': 'Debug mode'},
+		'stats': {'is_flag': True, 'short': 'stats', 'default': True, 'help': 'Display statistics about the running scan'},
+		'stats_json': {'is_flag': True, 'short': 'sj', 'default': True, 'help': 'Display statistics in JSONL(ines) format'},
+		'stats_interval': {'type': str, 'short': 'si', 'default': 20, 'help': 'Number of seconds to wait between showing a statistics update'},  # noqa: E501
+		'hang_monitor': {'is_flag': True, 'short': 'hm', 'default': True, 'help': 'Enable nuclei hang monitoring'},
+		'omit_raw': {'is_flag': True, 'short': 'or', 'default': True, 'help': 'Omit requests/response pairs in the JSON, JSONL, and Markdown outputs (for findings only)'}  # noqa: E501
 	}
 	opt_key_map = {
 		HEADER: 'header',
@@ -45,6 +51,7 @@ class nuclei(VulnMulti):
 		'templates': lambda x: ','.join(x) if isinstance(x, list) else x,
 		'exclude_tags': lambda x: ','.join(x) if isinstance(x, list) else x,
 	}
+	item_loaders = [JSONSerializer()]
 	output_types = [Vulnerability, Progress]
 	output_map = {
 		Vulnerability: {
@@ -67,8 +74,11 @@ class nuclei(VulnMulti):
 		}
 	}
 	ignore_return_code = True
-	install_cmd = 'go install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest && nuclei update-templates'
+	install_cmd = 'go install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest'
 	install_github_handle = 'projectdiscovery/nuclei'
+	install_post = {
+		'*': 'nuclei -ut'
+	}
 	proxychains = False
 	proxy_socks5 = True  # kind of, leaks data when running network / dns templates
 	proxy_http = True  # same

secator/tasks/searchsploit.py

@@ -1,10 +1,12 @@
 import re
 
+from secator.config import CONFIG
 from secator.decorators import task
 from secator.definitions import (CVES, EXTRA_DATA, ID, MATCHED_AT, NAME,
 								 PROVIDER, REFERENCE, TAGS, OPT_NOT_SUPPORTED)
 from secator.output_types import Exploit
 from secator.runners import Command
+from secator.serializers import JSONSerializer
 
 
 SEARCHSPLOIT_TITLE_REGEX = re.compile(r'^((?:[a-zA-Z\-_!\.()]+\d?\s?)+)\.?\s*(.*)$')
@@ -12,7 +14,7 @@ SEARCHSPLOIT_TITLE_REGEX = re.compile(r'^((?:[a-zA-Z\-_!\.()]+\d?\s?)+)\.?\s*(.*
 
 @task()
 class searchsploit(Command):
-	"""Exploit-DB command line search tool."""
+	"""Exploit searcher based on ExploitDB."""
 	cmd = 'searchsploit'
 	input_flag = None
 	json_flag = '--json'
@@ -21,6 +23,7 @@ class searchsploit(Command):
 		'strict': {'short': 's', 'is_flag': True, 'default': False, 'help': 'Strict match'}
 	}
 	opt_key_map = {}
+	item_loaders = [JSONSerializer()]
 	output_types = [Exploit]
 	output_map = {
 		Exploit: {
@@ -35,7 +38,13 @@ class searchsploit(Command):
 			}
 		}
 	}
-	install_cmd = 'sudo git clone https://gitlab.com/exploit-database/exploitdb.git /opt/exploitdb || true && sudo ln -sf /opt/exploitdb/searchsploit /usr/local/bin/searchsploit'  # noqa: E501
+	install_pre = {
+		'apk': ['ncurses']
+	}
+	install_cmd = (
+		f'git clone https://gitlab.com/exploit-database/exploitdb.git {CONFIG.dirs.share}/exploitdb || true && '
+		f'ln -sf $HOME/.local/share/exploitdb/searchsploit {CONFIG.dirs.bin}/searchsploit'
+	)
 	proxychains = False
 	proxy_socks5 = False
 	proxy_http = False
@@ -56,14 +65,15 @@ class searchsploit(Command):
 
 	@staticmethod
 	def before_init(self):
-		_in = self.input
+		if len(self.inputs) == 0:
+			return
+		_in = self.inputs[0]
 		self.matched_at = None
 		if '~' in _in:
 			split = _in.split('~')
 			self.matched_at = split[0]
-			self.input = split[1]
-		if isinstance(self.input, str):
-			self.input = self.input.replace('httpd', '').replace('/', ' ')
+			self.inputs[0] = split[1]
+		self.inputs[0] = self.inputs[0].replace('httpd', '').replace('/', ' ')
 
 	@staticmethod
 	def on_item_pre_convert(self, item):
@@ -80,12 +90,17 @@ class searchsploit(Command):
 			group = match.groups()
 			product = '-'.join(group[0].strip().split(' '))
 			if len(group[1]) > 1:
-				versions, title = tuple(group[1].split(' - '))
-				item.name = title
-				product_info = [f'{product.lower()} {v.strip()}' for v in versions.split('/')]
-				item.tags = product_info + item.tags
+				try:
+					versions, title = tuple(group[1].split(' - '))
+					item.name = title
+					product_info = [f'{product.lower()} {v.strip()}' for v in versions.split('/')]
+					item.tags = product_info + item.tags
+				except ValueError:
+					item.name = item.name.split(' - ')[-1]
+					item.tags = [product.lower()]
+					pass
 			# else:
 			# 	self._print(f'[bold red]{item.name} ({item.reference}) did not quite match SEARCHSPLOIT_TITLE_REGEX. Please report this issue.[/]')  # noqa: E501
-		input_tag = '-'.join(self.input.replace('\'', '').split(' '))
+		input_tag = '-'.join(self.inputs[0].replace('\'', '').split(' '))
 		item.tags = [input_tag] + item.tags
 		return item

secator/tasks/subfinder.py

@@ -2,6 +2,7 @@ from secator.decorators import task
 from secator.definitions import (DELAY, DOMAIN, OPT_NOT_SUPPORTED, PROXY,
 							   RATE_LIMIT, RETRIES, THREADS, TIMEOUT)
 from secator.output_types import Subdomain
+from secator.serializers import JSONSerializer
 from secator.tasks._categories import ReconDns
 
 
@@ -23,6 +24,7 @@ class subfinder(ReconDns):
 	opt_value_map = {
 		PROXY: lambda x: x.replace('http://', '').replace('https://', '') if x else None
 	}
+	item_loaders = [JSONSerializer()]
 	output_map = {
 		Subdomain: {
 			DOMAIN: 'input',
@@ -38,4 +40,6 @@ class subfinder(ReconDns):
 
 	@staticmethod
 	def validate_item(self, item):
-		return item['input'] != 'localhost'
+		if isinstance(item, dict):
+			return item['input'] != 'localhost'
+		return True

secator/tasks/wpscan.py

@@ -1,6 +1,7 @@
 import json
 import os
 
+from secator.config import CONFIG
 from secator.decorators import task
 from secator.definitions import (CONFIDENCE, CVSS_SCORE, DELAY, DESCRIPTION,
 							   EXTRA_DATA, FOLLOW_REDIRECT, HEADER, ID,
@@ -8,7 +9,7 @@ from secator.definitions import (CONFIDENCE, CVSS_SCORE, DELAY, DESCRIPTION,
 							   PROXY, RATE_LIMIT, REFERENCES, RETRIES,
 							   SEVERITY, TAGS, THREADS, TIMEOUT,
 							   URL, USER_AGENT)
-from secator.output_types import Tag, Vulnerability
+from secator.output_types import Tag, Vulnerability, Info, Error
 from secator.tasks._categories import VulnHttp
 
 
@@ -66,112 +67,108 @@ class wpscan(VulnHttp):
 		},
 	}
 	output_types = [Vulnerability, Tag]
-	install_cmd = 'sudo apt install -y build-essential ruby-dev rubygems && sudo gem install wpscan'
+	install_pre = {
+		'apt': ['kali:libcurl4t64', 'libffi-dev'],
+		'pacman': ['ruby-erb'],
+	}
+	install_cmd = f'gem install wpscan --user-install -n {CONFIG.dirs.bin}'
+	install_post = {
+		'kali': (
+			f'gem uninstall nokogiri --user-install -n {CONFIG.dirs.bin} --force --executables && '
+			f'gem install nokogiri --user-install -n {CONFIG.dirs.bin} --platform=ruby'
+		)
+	}
 	proxychains = False
 	proxy_http = True
 	proxy_socks5 = False
 	ignore_return_code = True
 	profile = 'io'
 
-	def yielder(self):
-		prev = self.print_item_count
-		self.print_item_count = False
-		yield from super().yielder()
-		if self.return_code != 0:
-			return
-		self.results = []
-		if not self.output_json:
-			return
+	@staticmethod
+	def on_init(self):
+		output_path = self.get_opt_value(OUTPUT_PATH)
+		if not output_path:
+			output_path = f'{self.reports_folder}/.outputs/{self.unique_name}.json'
+		self.output_path = output_path
+		self.cmd += f' -o {self.output_path}'
 
-		note = f'wpscan JSON results saved to {self.output_path}'
-		if self.print_line:
-			self._print(note)
+	@staticmethod
+	def on_cmd_done(self):
+		if not os.path.exists(self.output_path):
+			yield Error(message=f'Could not find JSON results in {self.output_path}')
+			return
 
-		if os.path.exists(self.output_path):
-			with open(self.output_path, 'r') as f:
-				data = json.load(f)
+		yield Info(message=f'JSON results saved to {self.output_path}')
+		with open(self.output_path, 'r') as f:
+			data = json.load(f)
 
-			if self.orig:
-				yield data
-				return
+		# Get URL
+		target = data.get('target_url', self.inputs[0])
 
-			# Get URL
-			target = data.get('target_url', self.targets)
+		# Wordpress version
+		version = data.get('version', {})
+		if version:
+			wp_version = version['number']
+			wp_version_status = version['status']
+			if wp_version_status == 'outdated':
+				vuln = version
+				vuln.update({
+					'url': target,
+					'to_s': 'Wordpress outdated version',
+					'type': wp_version,
+					'references': {},
+				})
+				yield vuln
 
-			# Wordpress version
-			version = data.get('version', {})
+		# Main theme
+		main_theme = data.get('main_theme', {})
+		if main_theme:
+			version = main_theme.get('version', {})
+			slug = main_theme['slug']
+			location = main_theme['location']
 			if version:
-				wp_version = version['number']
-				wp_version_status = version['status']
-				if wp_version_status == 'outdated':
-					vuln = version
-					vuln.update({
-						'url': target,
-						'to_s': 'Wordpress outdated version',
-						'type': wp_version,
-						'references': {},
-					})
-					yield vuln
-
-			# Main theme
-			main_theme = data.get('main_theme', {})
-			if main_theme:
-				version = main_theme.get('version', {})
-				slug = main_theme['slug']
-				location = main_theme['location']
-				if version:
-					number = version['number']
-					latest_version = main_theme.get('latest_version')
-					yield Tag(
-						name=f'Wordpress theme - {slug} {number}',
-						match=target,
-						extra_data={
-							'url': location,
-							'latest_version': latest_version
-						}
+				number = version['number']
+				latest_version = main_theme.get('latest_version')
+				yield Tag(
+					name=f'Wordpress theme - {slug} {number}',
+					match=target,
+					extra_data={
+						'url': location,
+						'latest_version': latest_version
+					}
+				)
+				if (latest_version and number < latest_version):
+					yield Vulnerability(
+						matched_at=target,
+						name=f'Wordpress theme - {slug} {number} outdated',
+						severity='info'
 					)
-					if (latest_version and number < latest_version):
-						yield Vulnerability(
-							matched_at=target,
-							name=f'Wordpress theme - {slug} {number} outdated',
-							severity='info'
-						)
 
-			# Interesting findings
-			interesting_findings = data.get('interesting_findings', [])
-			for item in interesting_findings:
-				yield item
+		# Interesting findings
+		interesting_findings = data.get('interesting_findings', [])
+		for item in interesting_findings:
+			yield item
 
-			# Plugins
-			plugins = data.get('plugins', {})
-			for _, data in plugins.items():
-				version = data.get('version', {})
-				slug = data['slug']
-				location = data['location']
-				if version:
-					number = version['number']
-					latest_version = data.get('latest_version')
-					yield Tag(
-						name=f'Wordpress plugin - {slug} {number}',
-						match=target,
-						extra_data={
-							'url': location,
-							'latest_version': latest_version
-						}
+		# Plugins
+		plugins = data.get('plugins', {})
+		for _, data in plugins.items():
+			version = data.get('version', {})
+			slug = data['slug']
+			location = data['location']
+			if version:
+				number = version['number']
+				latest_version = data.get('latest_version')
+				yield Tag(
+					name=f'Wordpress plugin - {slug} {number}',
+					match=target,
+					extra_data={
+						'url': location,
+						'latest_version': latest_version
+					}
+				)
+				if (latest_version and number < latest_version):
+					yield Vulnerability(
+						matched_at=target,
+						name=f'Wordpress plugin - {slug} {number} outdated',
+						severity='info'
 					)
-					if (latest_version and number < latest_version):
-						yield Vulnerability(
-							matched_at=target,
-							name=f'Wordpress plugin - {slug} {number} outdated',
-							severity='info'
-						)
-
-		self.print_item_count = prev
-
-	@staticmethod
-	def on_init(self):
-		output_path = self.get_opt_value(OUTPUT_PATH)
-		if not output_path:
-			output_path = f'{self.reports_folder}/.outputs/{self.unique_name}.json'
-		self.output_path = output_path
-		self.cmd += f' -o {self.output_path}'