secator 0.7.0__py3-none-any.whl → 0.8.0__py3-none-any.whl

secator/output_types/url.py

@@ -4,7 +4,7 @@ from dataclasses import dataclass, field
 from secator.definitions import (CONTENT_LENGTH, CONTENT_TYPE, STATUS_CODE,
 								 TECH, TIME, TITLE, URL, WEBSERVER)
 from secator.output_types import OutputType
-from secator.utils import rich_to_ansi, trim_string
+from secator.utils import rich_to_ansi, trim_string, rich_escape as _s
 from secator.config import CONFIG
 
 
@@ -56,27 +56,27 @@ class Url(OutputType):
 		return self.url
 
 	def __repr__(self):
-		s = f'🔗 [white]{self.url}'
+		s = f'🔗 [white]{_s(self.url)}'
 		if self.method and self.method != 'GET':
-			s += f' \[[turquoise4]{self.method}[/]]'
+			s += rf' \[[turquoise4]{self.method}[/]]'
 		if self.status_code and self.status_code != 0:
 			if self.status_code < 400:
-				s += f' \[[green]{self.status_code}[/]]'
+				s += rf' \[[green]{self.status_code}[/]]'
 			else:
-				s += f' \[[red]{self.status_code}[/]]'
+				s += rf' \[[red]{self.status_code}[/]]'
 		if self.title:
-			s += f' \[[green]{trim_string(self.title)}[/]]'
+			s += rf' \[[green]{trim_string(self.title)}[/]]'
 		if self.webserver:
-			s += f' \[[magenta]{self.webserver}[/]]'
+			s += rf' \[[magenta]{_s(self.webserver)}[/]]'
 		if self.tech:
-			techs_str = ', '.join([f'[magenta]{tech}[/]' for tech in self.tech])
+			techs_str = ', '.join([f'[magenta]{_s(tech)}[/]' for tech in self.tech])
 			s += f' [{techs_str}]'
 		if self.content_type:
-			s += f' \[[magenta]{self.content_type}[/]]'
+			s += rf' \[[magenta]{_s(self.content_type)}[/]]'
 		if self.content_length:
 			cl = str(self.content_length)
 			cl += '[bold red]+[/]' if self.content_length == CONFIG.http.response_max_size_bytes else ''
-			s += f' \[[magenta]{cl}[/]]'
+			s += rf' \[[magenta]{cl}[/]]'
 		if self.screenshot_path:
-			s += f' \[[magenta]{self.screenshot_path}[/]]'
+			s += rf' \[[magenta]{_s(self.screenshot_path)}[/]]'
 		return rich_to_ansi(s)

secator/output_types/user_account.py

@@ -3,7 +3,7 @@ from dataclasses import dataclass, field
 
 from secator.definitions import SITE_NAME, URL, USERNAME
 from secator.output_types import OutputType
-from secator.utils import rich_to_ansi
+from secator.utils import rich_to_ansi, rich_escape as _s
 
 
 @dataclass
@@ -29,13 +29,13 @@ class UserAccount(OutputType):
 		return self.url
 
 	def __repr__(self) -> str:
-		s = f'👤 [green]{self.username}[/]'
+		s = f'👤 [green]{_s(self.username)}[/]'
 		if self.email:
-			s += f' \[[bold yellow]{self.email}[/]]'
+			s += rf' \[[bold yellow]{_s(self.email)}[/]]'
 		if self.site_name:
-			s += f' \[[bold blue]{self.site_name}[/]]'
+			s += rf' \[[bold blue]{self.site_name}[/]]'
 		if self.url:
-			s += f' \[[white]{self.url}[/]]'
+			s += rf' \[[white]{_s(self.url)}[/]]'
 		if self.extra_data:
-			s += ' \[[bold yellow]' + ', '.join(f'{k}:{v}' for k, v in self.extra_data.items()) + '[/]]'
+			s += r' \[[bold yellow]' + _s(', '.join(f'{k}:{v}' for k, v in self.extra_data.items()) + '[/]]')
 		return rich_to_ansi(s)

secator/output_types/vulnerability.py

@@ -5,7 +5,7 @@ from typing import List
 from secator.definitions import (CONFIDENCE, CVSS_SCORE, EXTRA_DATA, ID,
 								 MATCHED_AT, NAME, REFERENCE, SEVERITY, TAGS)
 from secator.output_types import OutputType
-from secator.utils import rich_to_ansi
+from secator.utils import rich_to_ansi, rich_escape as _s
 
 
 @dataclass
@@ -70,6 +70,7 @@ class Vulnerability(OutputType):
 			data = ','.join(data['data'])
 		elif isinstance(data, dict):
 			data = ', '.join([f'{k}:{v}' for k, v in data.items()])
+		data = _s(data)
 		tags = self.tags
 		colors = {
 			'critical': 'bold red',
@@ -80,12 +81,12 @@ class Vulnerability(OutputType):
 			'unknown': 'dim magenta'
 		}
 		c = colors.get(self.severity, 'dim magenta')
-		s = f'🚨 \[[green]{self.name} [link={self.reference}]🡕[/link][/]] \[[{c}]{self.severity}[/]] {self.matched_at}'
+		s = rf'🚨 \[[green]{_s(self.name)} [link={_s(self.reference)}]🡕[/link][/]] \[[{c}]{self.severity}[/]] {_s(self.matched_at)}'  # noqa: E501
 		if tags:
 			tags_str = ','.join(tags)
-			s += f' \[[cyan]{tags_str}[/]]'
+			s += rf' \[[cyan]{_s(tags_str)}[/]]'
 		if data:
-			s += f' \[[yellow]{str(data)}[/]]'
+			s += rf' \[[yellow]{str(data)}[/]]'
 		if self.confidence == 'low':
 			s = f'[dim]{s}[/]'
 		return rich_to_ansi(s)

secator/output_types/warning.py

@@ -1,7 +1,7 @@
 from dataclasses import dataclass, field
 import time
 from secator.output_types import OutputType
-from secator.utils import rich_to_ansi
+from secator.utils import rich_to_ansi, rich_escape as _s
 
 
 @dataclass
@@ -20,5 +20,5 @@ class Warning(OutputType):
 	_sort_by = ('_timestamp',)
 
 	def __repr__(self):
-		s = f"[orange4]⚠ {self.message}[/]"
+		s = rf"\[[yellow]WRN[/]] {_s(self.message)}"
 		return rich_to_ansi(s)

secator/report.py

@@ -84,6 +84,7 @@ class Report:
 		if 'results' in data['info']:
 			del data['info']['results']
 		data['info']['title'] = self.title
+		data['info']['errors'] = self.runner.errors
 
 		# Fill report
 		for output_type in FINDING_TYPES:

secator/runners/_base.py

@@ -75,7 +75,9 @@ class Runner:
 		if not isinstance(inputs, list):
 			inputs = [inputs]
 		self.inputs = inputs
-		self.results = results
+		self.uuids = []
+		self.output = ''
+		self.results = []
 		self.workspace_name = context.get('workspace_name', 'default')
 		self.run_opts = run_opts.copy()
 		self.sync = run_opts.get('sync', True)
@@ -86,14 +88,12 @@ class Runner:
 		self.last_updated_progress = None
 		self.end_time = None
 		self._hooks = hooks
-		self.output = ''
 		self.progress = 0
 		self.context = context
 		self.delay = run_opts.get('delay', False)
 		self.celery_result = None
 		self.celery_ids = []
 		self.celery_ids_map = {}
-		self.uuids = []
 		self.caller = self.run_opts.get('caller', None)
 		self.threads = []
 
@@ -163,6 +163,10 @@ class Runner:
 		self.unique_name = self.name.replace('/', '_')
 		self.unique_name = f'{self.unique_name}_{self.chunk}' if self.chunk else self.unique_name
 
+		# Process prior results
+		for result in results:
+			list(self._process_item(result, print=False))
+
 		# Input post-process
 		self.run_hooks('before_init')
 
@@ -387,14 +391,14 @@ class Runner:
 				if item_out:
 					item_repr = repr(item)
 					if isinstance(item, OutputType) and self.print_remote_info:
-						item_repr += rich_to_ansi(f' \[[dim]{item._source}[/]]')
+						item_repr += rich_to_ansi(rf' \[[dim]{item._source}[/]]')
 					self._print(item_repr, out=item_out)
 
 		# Item is a line
 		elif isinstance(item, str):
 			self.debug(item, sub='line', allow_no_process=False, verbose=True)
 			if self.print_line or force:
-				self._print(item, out=sys.stderr, end='\n')
+				self._print(item, out=sys.stderr, end='\n', rich=False)
 
 	def debug(self, *args, **kwargs):
 		"""Print debug with runner class name, only if self.no_process is True.
@@ -557,7 +561,7 @@ class Runner:
 			name = f'{self.__class__.__name__}.{validator_type}'
 			fun = self.get_func_path(validator)
 			if not validator(self, *args):
-				self.debug('', obj={name + ' [dim yellow]->[/] ' + fun: 'failed'}, id=_id, sub='validators')
+				self.debug('', obj={name + ' [dim yellow]->[/] ' + fun: '[dim red]failed[/]'}, id=_id, verbose=True, sub='validators')  # noqa: E501
 				doc = validator.__doc__
 				if error:
 					message = 'Validator failed'
@@ -570,7 +574,7 @@ class Runner:
 					)
 					self.add_result(error, print=True)
 				return False
-			self.debug('', obj={name + ' [dim yellow]->[/] ' + fun: 'success'}, id=_id, sub='validators')
+			self.debug('', obj={name + ' [dim yellow]->[/] ' + fun: '[dim green]success[/]'}, id=_id, verbose=True, sub='validators')  # noqa: E501
 		return True
 
 	def register_hooks(self, hooks):
@@ -776,20 +780,20 @@ class Runner:
 				count_map[name] = count
 		return count_map
 
-	def _process_item(self, item):
+	def _process_item(self, item, print=True):
 		"""Process an item yielded by the derived runner.
 
 		Args:
 			item (dict | str): Input item.
+			print (bool): Print item in console.
 
 		Yields:
 			OutputType: Output type.
 		"""
-
 		# Item is a string, just print it
 		if isinstance(item, str):
 			self.output += item + '\n'
-			self._print_item(item) if item else ''
+			self._print_item(item) if item and print else ''
 			return
 
 		# Abort further processing if no_process is set
@@ -836,14 +840,14 @@ class Runner:
 		elif isinstance(item, Info) and item.task_id and item.task_id not in self.celery_ids:
 			self.celery_ids.append(item.task_id)
 
-		# Run on_item hooks
-		if isinstance(item, tuple(FINDING_TYPES)):
+		# If finding, run on_item hooks
+		elif isinstance(item, tuple(FINDING_TYPES)):
 			item = self.run_hooks('on_item', item)
 			if not item:
 				return
 
 		# Add item to results
-		self.add_result(item, print=True)
+		self.add_result(item, print=print)
 
 		# Yield item
 		yield item

secator/runners/command.py

@@ -19,7 +19,7 @@ from secator.config import CONFIG
 from secator.output_types import Info, Error, Target, Stat
 from secator.runners import Runner
 from secator.template import TemplateLoader
-from secator.utils import debug
+from secator.utils import debug, rich_escape as _s
 
 
 logger = logging.getLogger(__name__)
@@ -79,6 +79,8 @@ class Command(Runner):
 	version_flag = None
 
 	# Install
+	install_pre = None
+	install_post = None
 	install_cmd = None
 	install_github_handle = None
 
@@ -359,6 +361,24 @@ class Command(Runner):
 			# Prepare cmds
 			command = self.cmd if self.shell else shlex.split(self.cmd)
 
+			# Check command is installed and auto-install
+			if not self.no_process and not self.is_installed():
+				if CONFIG.security.auto_install_commands:
+					from secator.installer import ToolInstaller
+					yield Info(
+						message=f'Command {self.name} is missing but auto-installing since security.autoinstall_commands is set',  # noqa: E501
+						_source=self.unique_name,
+						_uuid=str(uuid.uuid4())
+					)
+					status = ToolInstaller.install(self.__class__)
+					if not status.is_ok():
+						yield Error(
+							message=f'Failed installing {self.name}',
+							_source=self.unique_name,
+							_uuid=str(uuid.uuid4())
+						)
+						return
+
 			# Output and results
 			self.return_code = 0
 			self.killed = False
@@ -404,6 +424,19 @@ class Command(Runner):
 		finally:
 			yield from self._wait_for_end()
 
+	def is_installed(self):
+		"""Check if a command is installed by using `which`.
+
+		Args:
+			command (str): The command to check.
+
+		Returns:
+			bool: True if the command is installed, False otherwise.
+		"""
+		result = subprocess.Popen(["which", self.cmd.split(' ')[0]], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+		result.communicate()
+		return result.returncode == 0
+
 	def process_line(self, line):
 		"""Process a single line of output emitted on stdout / stderr and yield results."""
 
@@ -448,13 +481,11 @@ class Command(Runner):
 		if self.sync and not self.has_children:
 			if self.caller and self.description:
 				self._print(f'\n[bold gold3]:wrench: {self.description} [dim cyan]({self.config.name})[/][/] ...', rich=True)
-			elif self.print_cmd:
-				self._print('')
 
 	def print_command(self):
 		"""Print command."""
 		if self.print_cmd:
-			cmd_str = self.cmd.replace('[', '\\[')
+			cmd_str = _s(self.cmd)
 			if self.sync and self.chunk and self.chunk_count:
 				cmd_str += f' [dim gray11]({self.chunk}/{self.chunk_count})[/]'
 			self._print(cmd_str, color='bold cyan', rich=True)
@@ -473,7 +504,7 @@ class Command(Runner):
 		if self.config.name in str(exc):
 			message = 'Executable not found.'
 			if self.install_cmd:
-				message += f' Install it with `secator install tools {self.config.name}`.'
+				message += f' Install it with [bold green4]secator install tools {self.config.name}[/].'
 			error = Error(message=message)
 		else:
 			error = Error.from_exception(exc)
@@ -578,9 +609,10 @@ class Command(Runner):
 			return -1, error
 
 		# If not, prompt the user for a password
-		self._print('[bold red]Please enter sudo password to continue.[/]')
+		self._print('[bold red]Please enter sudo password to continue.[/]', rich=True)
 		for _ in range(3):
-			self._print('\[sudo] password: ')
+			user = getpass.getuser()
+			self._print(rf'\[sudo] password for {user}: ▌', rich=True)
 			sudo_password = getpass.getpass()
 			result = subprocess.run(
 				['sudo', '-S', '-p', '', 'true'],
@@ -665,6 +697,11 @@ class Command(Runner):
 				debug('skipped (falsy)', obj={'name': opt_name, 'value': opt_val}, obj_after=False, sub='command.options', verbose=True)  # noqa: E501
 				continue
 
+			# Apply process function on opt value
+			if 'process' in opt_conf:
+				func = opt_conf['process']
+				opt_val = func(opt_val)
+
 			# Convert opt value to expected command opt value
 			mapped_opt_val = opt_value_map.get(opt_name)
 			if mapped_opt_val:

secator/tasks/_categories.py

@@ -1,5 +1,8 @@
 import json
 import os
+import re
+
+from functools import cache
 
 import requests
 from bs4 import BeautifulSoup
@@ -13,7 +16,7 @@ from secator.definitions import (CIDR_RANGE, CVSS_SCORE, DELAY, DEPTH, DESCRIPTI
 from secator.output_types import Ip, Port, Subdomain, Tag, Url, UserAccount, Vulnerability
 from secator.config import CONFIG
 from secator.runners import Command
-from secator.utils import debug
+from secator.utils import debug, process_wordlist
 
 
 OPTS = {
@@ -36,7 +39,7 @@ OPTS = {
 	THREADS: {'type': int, 'help': 'Number of threads to run', 'default': 50},
 	TIMEOUT: {'type': int, 'help': 'Request timeout'},
 	USER_AGENT: {'type': str, 'short': 'ua', 'help': 'User agent, e.g "Mozilla Firefox 1.0"'},
-	WORDLIST: {'type': str, 'short': 'w', 'default': CONFIG.wordlists.defaults.http, 'help': 'Wordlist to use'}
+	WORDLIST: {'type': str, 'short': 'w', 'default': 'http', 'process': process_wordlist, 'help': 'Wordlist to use'}
 }
 
 OPTS_HTTP = [
@@ -124,6 +127,7 @@ class Vuln(Command):
 		if os.path.exists(cve_path):
 			with open(cve_path, 'r') as f:
 				return json.load(f)
+		debug(f'CVE {cve_id} not found in cache', sub='cve')
 		return None
 
 	# @staticmethod
@@ -179,12 +183,98 @@ class Vuln(Command):
 		return tup1 == tup2
 
 	@staticmethod
-	def lookup_cve(cve_id, cpes=[]):
-		"""Search for a CVE in local db or using cve.circl.lu and return vulnerability data.
+	def get_cpe_fs(cpe):
+		""""Return formatted string for given CPE.
+
+		Args:
+			cpe (string): Input CPE
+
+		Returns:
+			string: CPE formatted string.
+		"""
+		try:
+			return CPE(cpe).as_fs()
+		except NotImplementedError:
+			return None
+
+	@cache
+	@staticmethod
+	def lookup_cve_from_vulners_exploit(exploit_id, *cpes):
+		"""Search for a CVE corresponding to an exploit by extracting the CVE id from the exploit HTML page.
+
+		Args:
+			exploit_id (str): Exploit ID.
+			cpes (tuple[str], Optional): CPEs to match for.
+
+		Returns:
+			dict: vulnerability data.
+		"""
+		if CONFIG.runners.skip_exploit_search:
+			debug(f'Skip remote query for {exploit_id} since config.runners.skip_exploit_search is set.', sub='cve')
+			return None
+		if CONFIG.offline_mode:
+			debug(f'Skip remote query for {exploit_id} since config.offline_mode is set.', sub='cve')
+			return None
+		try:
+			resp = requests.get(f'https://vulners.com/githubexploit/{exploit_id}', timeout=5)
+			resp.raise_for_status()
+			soup = BeautifulSoup(resp.text, 'lxml')
+			title = soup.title.get_text(strip=True)
+			h1 = [h1.get_text(strip=True) for h1 in soup.find_all('h1')]
+			if '404' in h1:
+				raise requests.RequestException("404 [not found or rate limited]")
+			code = [code.get_text(strip=True) for code in soup.find_all('code')]
+			elems = [title] + h1 + code
+			content = '\n'.join(elems)
+			cve_regex = re.compile(r'(CVE(?:-|_)\d{4}(?:-|_)\d{4,7})', re.IGNORECASE)
+			matches = cve_regex.findall(str(content))
+			if not matches:
+				debug(f'{exploit_id}: No CVE found in https://vulners.com/githubexploit/{exploit_id}.', sub='cve')
+				return None
+			cve_id = matches[0].replace('_', '-').upper()
+			cve_data = Vuln.lookup_cve(cve_id, *cpes)
+			if cve_data:
+				return cve_data
+
+		except requests.RequestException as e:
+			debug(f'Failed remote query for {exploit_id} ({str(e)}).', sub='cve')
+			return None
+
+	@cache
+	@staticmethod
+	def lookup_cve_from_cve_circle(cve_id):
+		"""Get CVE data from vulnerability.circl.lu.
+
+		Args:
+			cve_id (str): CVE id.
+
+		Returns:
+			dict | None: CVE data, None if no response or empty response.
+		"""
+		try:
+			resp = requests.get(f'https://vulnerability.circl.lu/api/cve/{cve_id}', timeout=5)
+			resp.raise_for_status()
+			cve_info = resp.json()
+			if not cve_info:
+				debug(f'Empty response from https://vulnerability.circl.lu/api/cve/{cve_id}', sub='cve')
+				return None
+			cve_path = f'{CONFIG.dirs.data}/cves/{cve_id}.json'
+			with open(cve_path, 'w') as f:
+				f.write(json.dumps(cve_info, indent=2))
+			debug(f'Downloaded {cve_id} to {cve_path}', sub='cve')
+			return cve_info
+		except requests.RequestException as e:
+			debug(f'Failed remote query for {cve_id} ({str(e)}).', sub='cve')
+			return None
+
+	@cache
+	@staticmethod
+	def lookup_cve(cve_id, *cpes):
+		"""Search for a CVE info and return vulnerability data.
 
 		Args:
 			cve_id (str): CVE ID in the form CVE-*
-			cpes (str, Optional): CPEs to match for.
+			cpes (tuple[str], Optional): CPEs to match for.
 
 		Returns:
 			dict: vulnerability data.
@@ -199,76 +289,87 @@ class Vuln(Command):
 			if CONFIG.offline_mode:
 				debug(f'Skip remote query for {cve_id} since config.offline_mode is set.', sub='cve')
 				return None
-			try:
-				resp = requests.get(f'https://cve.circl.lu/api/cve/{cve_id}', timeout=5)
-				resp.raise_for_status()
-				cve_info = resp.json()
-				if not cve_info:
-					debug(f'Empty response from https://cve.circl.lu/api/cve/{cve_id}.', sub='cve')
-					return None
-			except requests.RequestException as e:
-				debug(f'Failed remote query for {cve_id} ({str(e)}).', sub='cve')
+			cve_info = Vuln.lookup_cve_from_cve_circle(cve_id)
+			if not cve_info:
 				return None
 
+		# Convert cve info to easy format
+		cve_id = cve_info['cveMetadata']['cveId']
+		cna = cve_info['containers']['cna']
+		metrics = cna.get('metrics', [])
+		cvss_score = 0
+		for metric in metrics:
+			for name, value in metric.items():
+				if 'cvss' in name:
+					cvss_score = metric[name]['baseScore']
+		description = cna.get('descriptions', [{}])[0].get('value')
+		cwe_id = cna.get('problemTypes', [{}])[0].get('descriptions', [{}])[0].get('cweId')
+		cpes_affected = []
+		for product in cna['affected']:
+			cpes_affected.extend(product.get('cpes', []))
+		references = [u['url'] for u in cna['references']]
+		cve_info = {
+			'id': cve_id,
+			'cwe_id': cwe_id,
+			'cvss_score': cvss_score,
+			'description': description,
+			'cpes': cpes_affected,
+			'references': references
+		}
+
 		# Match the CPE string against the affected products CPE FS strings from the CVE data if a CPE was passed.
 		# This allow to limit the number of False positives (high) that we get from nmap NSE vuln scripts like vulscan
 		# and ensure we keep only right matches.
 		# The check is not executed if no CPE was passed (sometimes nmap cannot properly detect a CPE) or if the CPE
 		# version cannot be determined.
 		cpe_match = False
-		tags = []
+		tags = [cve_id]
 		if cpes:
 			for cpe in cpes:
-				cpe_obj = CPE(cpe)
-				cpe_fs = cpe_obj.as_fs()
+				cpe_fs = Vuln.get_cpe_fs(cpe)
+				if not cpe_fs:
+					debug(f'{cve_id}: Failed to parse CPE {cpe} with CPE parser', sub='cve.match', verbose=True)
+					tags.append('cpe-invalid')
+					continue
 				# cpe_version = cpe_obj.get_version()[0]
-				vulnerable_fs = cve_info['vulnerable_product']
-				for fs in vulnerable_fs:
-					# debug(f'{cve_id}: Testing {cpe_fs} against {fs}', sub='cve')  # for hardcore debugging
-					if Vuln.match_cpes(cpe_fs, fs):
+				for cpe_affected in cpes_affected:
+					cpe_affected_fs = Vuln.get_cpe_fs(cpe_affected)
+					if not cpe_affected_fs:
+						debug(f'{cve_id}: Failed to parse CPE {cpe} (from online data) with CPE parser', sub='cve.match', verbose=True)
+						continue
+					debug(f'{cve_id}: Testing {cpe_fs} against {cpe_affected_fs}', sub='cve.match', verbose=True)
+					cpe_match = Vuln.match_cpes(cpe_fs, cpe_affected_fs)
+					if cpe_match:
 						debug(f'{cve_id}: CPE match found for {cpe}.', sub='cve')
-						cpe_match = True
 						tags.append('cpe-match')
 						break
+
 				if not cpe_match:
 					debug(f'{cve_id}: no CPE match found for {cpe}.', sub='cve')
 
 		# Parse CVE id and CVSS
 		name = id = cve_info['id']
-		cvss = cve_info.get('cvss') or 0
 		# exploit_ids = cve_info.get('refmap', {}).get('exploit-db', [])
 		# osvdb_ids = cve_info.get('refmap', {}).get('osvdb', [])
 
 		# Get description
-		description = cve_info.get('summary')
+		description = cve_info['description']
 		if description is not None:
 			description = description.replace(id, '').strip()
 
 		# Get references
 		references = cve_info.get(REFERENCES, [])
-		cve_ref_url = f'https://cve.circl.lu/cve/{id}'
+		cve_ref_url = f'https://vulnerability.circl.lu/cve/{id}'
 		references.append(cve_ref_url)
 
 		# Get CWE ID
-		vuln_cwe_id = cve_info.get('cwe')
-		if vuln_cwe_id is None:
-			tags.append(vuln_cwe_id)
-
-		# Parse capecs for a better vuln name / type
-		capecs = cve_info.get('capec', [])
-		if capecs and len(capecs) > 0:
-			name = capecs[0]['name']
-
-		# Parse ovals for a better vuln name / type
-		ovals = cve_info.get('oval', [])
-		if ovals:
-			if description == 'none':
-				description = ovals[0]['title']
-			family = ovals[0]['family']
-			tags.append(family)
+		cwe_id = cve_info['cwe_id']
+		if cwe_id is not None:
+			tags.append(cwe_id)
 
 		# Set vulnerability severity based on CVSS score
 		severity = None
+		cvss = cve_info['cvss_score']
 		if cvss:
 			severity = Vuln.cvss_to_severity(cvss)
 
@@ -276,15 +377,16 @@ class Vuln(Command):
 		vuln = {
 			ID: id,
 			NAME: name,
-			PROVIDER: 'cve.circl.lu',
+			PROVIDER: 'vulnerability.circl.lu',
 			SEVERITY: severity,
 			CVSS_SCORE: cvss,
 			TAGS: tags,
-			REFERENCES: [f'https://cve.circl.lu/cve/{id}'] + references,
+			REFERENCES: [f'https://vulnerability.circl.lu/cve/{id}'] + references,
 			DESCRIPTION: description,
 		}
 		return vuln
 
+	@cache
 	@staticmethod
 	def lookup_ghsa(ghsa_id):
 		"""Search for a GHSA on Github and and return associated CVE vulnerability data.

secator/tasks/bbot.py

@@ -151,10 +151,12 @@ def output_discriminator(self, item):
 
 @task()
 class bbot(Command):
+	"""Multipurpose scanner."""
 	cmd = 'bbot -y --allow-deadly --force'
 	json_flag = '--json'
 	input_flag = '-t'
 	file_flag = None
+	version_flag = '--help'
 	opts = {
 		'modules': {'type': str, 'short': 'm', 'default': '', 'help': ','.join(BBOT_MODULES)},
 		'presets': {'type': str, 'short': 'ps', 'default': 'kitchen-sink', 'help': ','.join(BBOT_PRESETS), 'shlex': False},

secator/tasks/bup.py

@@ -14,6 +14,7 @@ from secator.tasks._categories import Http
 
 @task()
 class bup(Http):
+	"""40X bypasser."""
 	cmd = 'bup'
 	input_flag = '-u'
 	input_type = URL

secator/tasks/dirsearch.py

@@ -20,7 +20,7 @@ class dirsearch(HttpFuzzer):
 	cmd = 'dirsearch'
 	input_flag = '-u'
 	file_flag = '-l'
-	json_flag = '--format json'
+	json_flag = '-O json'
 	opt_prefix = '--'
 	encoding = 'ansi'
 	opt_key_map = {
@@ -52,7 +52,7 @@ class dirsearch(HttpFuzzer):
 			STATUS_CODE: 'status'
 		}
 	}
-	install_cmd = 'pipx install dirsearch'
+	install_cmd = 'pipx install --force git+https://github.com/maurosoria/dirsearch'
 	proxychains = True
 	proxy_socks5 = True
 	proxy_http = True