secator 0.7.0__py3-none-any.whl → 0.8.1__py3-none-any.whl

secator/celery.py

@@ -12,7 +12,7 @@ from rich.logging import RichHandler
 from retry import retry
 
 from secator.config import CONFIG
-from secator.output_types import Info, Warning, Error
+from secator.output_types import Info, Error
 from secator.rich import console
 from secator.runners import Scan, Task, Workflow
 from secator.runners._helpers import run_extractors
@@ -338,7 +338,7 @@ def is_celery_worker_alive():
 	result = app.control.broadcast('ping', reply=True, limit=1, timeout=1)
 	result = bool(result)
 	if result:
-		console.print(Info(message='Celery worker is alive !'))
+		console.print(Info(message='Celery worker is available, running remotely'))
 	else:
-		console.print(Warning(message='No Celery worker alive.'))
+		console.print(Info(message='No Celery worker available, running locally'))
 	return result

secator/cli.py

@@ -19,8 +19,8 @@ from rich.table import Table
 from secator.config import CONFIG, ROOT_FOLDER, Config, default_config, config_path
 from secator.decorators import OrderedGroup, register_runner
 from secator.definitions import ADDONS_ENABLED, ASCII, DEV_PACKAGE, OPT_NOT_SUPPORTED, VERSION, STATE_COLORS
-from secator.installer import ToolInstaller, fmt_health_table_row, get_health_table, get_version_info
-from secator.output_types import FINDING_TYPES
+from secator.installer import ToolInstaller, fmt_health_table_row, get_health_table, get_version_info, get_distro_config
+from secator.output_types import FINDING_TYPES, Info, Error
 from secator.report import Report
 from secator.rich import console
 from secator.runners import Command, Runner
@@ -191,7 +191,7 @@ def util():
 def proxy(timeout, number):
 	"""Get random proxies from FreeProxy."""
 	if CONFIG.offline_mode:
-		console.print('[bold red]Cannot run this command in offline mode.[/]')
+		console.print(Error(message='Cannot run this command in offline mode.'))
 		return
 	proxy = FreeProxy(timeout=timeout, rand=True, anonym=True)
 	for _ in range(number):
@@ -211,18 +211,16 @@ def revshell(name, host, port, interface, listen, force):
 	if host is None:  # detect host automatically
 		host = detect_host(interface)
 		if not host:
-			console.print(
-				f'Interface "{interface}" could not be found. Run "ifconfig" to see the list of available interfaces.',
-				style='bold red')
+			console.print(Error(message=f'Interface "{interface}" could not be found. Run "ifconfig" to see the list of available interfaces'))  # noqa: E501
 			return
 		else:
-			console.print(f'[bold green]Detected host IP: [bold orange1]{host}[/].[/]')
+			console.print(Info(message=f'Detected host IP: [bold orange1]{host}[/]'))
 
 	# Download reverse shells JSON from repo
 	revshells_json = f'{CONFIG.dirs.revshells}/revshells.json'
 	if not os.path.exists(revshells_json) or force:
 		if CONFIG.offline_mode:
-			console.print('[bold red]Cannot run this command in offline mode.[/]')
+			console.print(Error(message='Cannot run this command in offline mode'))
 			return
 		ret = Command.execute(
 			f'wget https://raw.githubusercontent.com/freelabz/secator/main/scripts/revshells.json && mv revshells.json {CONFIG.dirs.revshells}',  # noqa: E501
@@ -261,7 +259,7 @@ def revshell(name, host, port, interface, listen, force):
 		console.print('\n'.join(shells_str))
 	else:
 		shell = shell[0]
-		command = shell['command'].replace('[', '\[')
+		command = shell['command'].replace('[', r'\[')
 		alias = shell['alias']
 		name = shell['name']
 		command_str = Template(command).render(ip=host, port=port, shell='bash')
@@ -277,7 +275,7 @@ def revshell(name, host, port, interface, listen, force):
 		console.print(Rule(style='bold red'))
 
 	if listen:
-		console.print(f'Starting netcat listener on port {port} ...', style='bold gold3')
+		console.print(Info(message=f'Starting netcat listener on port {port} ...'))
 		cmd = f'nc -lvnp {port}'
 		Command.execute(cmd)
 
@@ -295,9 +293,7 @@ def serve(directory, host, port, interface):
 		if not host:
 			host = detect_host(interface)
 			if not host:
-				console.print(
-					f'Interface "{interface}" could not be found. Run "ifconfig" to see the list of interfaces.',
-					style='bold red')
+				console.print(Error(message=f'Interface "{interface}" could not be found. Run "ifconfig" to see the list of interfaces.'))  # noqa: E501
 				return
 		console.print(f'{fname} [dim][/]', style='bold magenta')
 		console.print(f'wget http://{host}:{port}/{fname}', style='dim italic')
@@ -337,9 +333,9 @@ def record(record_name, script, interactive, width, height, output_dir):
 		# If existing cast file, remove it
 		if os.path.exists(output_cast_path):
 			os.unlink(output_cast_path)
-			console.print(f'Removed existing {output_cast_path}', style='bold green')
+			console.print(Info(message=f'Removed existing {output_cast_path}'))
 
-		with console.status('[bold gold3]Recording with asciinema ...[/]'):
+		with console.status(Info(message='Recording with asciinema ...')):
 			Command.execute(
 				f'asciinema-automation -aa "-c /bin/sh" {script} {output_cast_path} --timeout 200',
 				cls_attributes=attrs,
@@ -390,14 +386,14 @@ def record(record_name, script, interactive, width, height, output_dir):
 			f'agg {output_cast_path} {output_gif_path}',
 			cls_attributes=attrs,
 		)
-		console.print(f'Generated {output_gif_path}', style='bold green')
+		console.print(Info(message=f'Generated {output_gif_path}'))
 
 
 @util.group('build')
 def build():
 	"""Build secator."""
 	if not DEV_PACKAGE:
-		console.print('[bold red]You MUST use a development version of secator to make builds.[/]')
+		console.print(Error(message='You MUST use a development version of secator to make builds'))
 		sys.exit(1)
 	pass
 
@@ -406,7 +402,7 @@ def build():
 def build_pypi():
 	"""Build secator PyPI package."""
 	if not ADDONS_ENABLED['build']:
-		console.print('[bold red]Missing build addon: please run [bold green4]secator install addons build[/][/]')
+		console.print(Error(message='Missing build addon: please run [bold green4]secator install addons build[/]'))
 		sys.exit(1)
 	with console.status('[bold gold3]Building PyPI package...[/]'):
 		ret = Command.execute(f'{sys.executable} -m hatch build', name='hatch build', cwd=ROOT_FOLDER)
@@ -658,7 +654,7 @@ def report_show(report_query, output, runner_type, time_delta, type, query, work
 	# Load all report paths
 	load_all_reports = any([not Path(p).exists() for p in report_query])
 	all_reports = []
-	if load_all_reports:
+	if load_all_reports or workspace:
 		all_reports = list_reports(workspace=workspace, type=runner_type, timedelta=human_to_timedelta(time_delta))
 	if not report_query:
 		report_query = all_reports
@@ -685,7 +681,7 @@ def report_show(report_query, output, runner_type, time_delta, type, query, work
 	all_results = []
 	for ix, path in enumerate(paths):
 		if unified:
-			console.print(f'Loading {path} \[[bold yellow4]{ix + 1}[/]/[bold yellow4]{len(paths)}[/]] \[results={len(all_results)}]...')  # noqa: E501
+			console.print(rf'Loading {path} \[[bold yellow4]{ix + 1}[/]/[bold yellow4]{len(paths)}[/]] \[results={len(all_results)}]...')  # noqa: E501
 		with open(path, 'r') as f:
 			data = loads_dataclass(f.read())
 			try:
@@ -823,7 +819,8 @@ def report_export(json_path, output_folder, output):
 @cli.command(name='health')
 @click.option('--json', '-json', is_flag=True, default=False, help='JSON lines output')
 @click.option('--debug', '-debug', is_flag=True, default=False, help='Debug health output')
-def health(json, debug):
+@click.option('--strict', '-strict', is_flag=True, default=False, help='Fail if missing tools')
+def health(json, debug, strict):
 	"""[dim]Get health status.[/]"""
 	tools = ALL_TASKS
 	status = {'secator': {}, 'languages': {}, 'tools': {}, 'addons': {}}
@@ -870,39 +867,58 @@ def health(json, debug):
 	table = get_health_table()
 	with Live(table, console=console):
 		for tool in tools:
-			cmd = tool.cmd.split(' ')[0]
-			version_flag = tool.version_flag or f'{tool.opt_prefix}version'
-			version_flag = None if tool.version_flag == OPT_NOT_SUPPORTED else version_flag
-			info = get_version_info(cmd, version_flag, tool.install_github_handle)
+			info = get_version_info(
+				tool.cmd.split(' ')[0],
+				tool.version_flag or f'{tool.opt_prefix}version',
+				tool.install_github_handle,
+				tool.install_cmd
+			)
 			row = fmt_health_table_row(info, 'tools')
 			table.add_row(*row)
 			status['tools'][tool.__name__] = info
+	console.print('')
 
 	# Print JSON health
 	if json:
 		import json as _json
 		print(_json.dumps(status))
 
+	# Strict mode
+	if strict:
+		error = False
+		for tool, info in status['tools'].items():
+			if not info['installed']:
+				console.print(Error(message=f'{tool} not installed and strict mode is enabled.[/]'))
+				error = True
+		if error:
+			sys.exit(1)
+		console.print(Info(message='Strict healthcheck passed !'))
+
+
 #---------#
 # INSTALL #
 #---------#
 
 
-def run_install(cmd, title, next_steps=None):
+def run_install(title=None, cmd=None, packages=None, next_steps=None):
 	if CONFIG.offline_mode:
 		console.print('[bold red]Cannot run this command in offline mode.[/]')
 		return
 	with console.status(f'[bold yellow] Installing {title}...'):
-		ret = Command.execute(cmd, cls_attributes={'shell': True}, print_line=True)
-		if ret.return_code != 0:
-			console.print(f':exclamation_mark: Failed to install {title}.', style='bold red')
-		else:
-			console.print(f':tada: {title} installed successfully !', style='bold green')
+		if cmd:
+			from secator.installer import SourceInstaller
+			status = SourceInstaller.install(cmd)
+		elif packages:
+			from secator.installer import PackageInstaller
+			status = PackageInstaller.install(packages)
+		return_code = 1
+		if status.is_ok():
+			return_code = 0
 			if next_steps:
 				console.print('[bold gold3]:wrench: Next steps:[/]')
 				for ix, step in enumerate(next_steps):
 					console.print(f'   :keycap_{ix}: {step}')
-		sys.exit(ret.return_code)
+		sys.exit(return_code)
 
 
 @cli.group()
@@ -926,7 +942,7 @@ def install_worker():
 		next_steps=[
 			'Run [bold green4]secator worker[/] to run a Celery worker using the file system as a backend and broker.',
 			'Run [bold green4]secator x httpx testphp.vulnweb.com[/] to admire your task running in a worker.',
-			'[dim]\[optional][/dim] Run [bold green4]secator install addons redis[/] to setup Redis backend / broker.'
+			r'[dim]\[optional][/dim] Run [bold green4]secator install addons redis[/] to setup Redis backend / broker.'
 		]
 	)
 
@@ -964,7 +980,7 @@ def install_mongodb():
 		cmd=f'{sys.executable} -m pip install secator[mongodb]',
 		title='MongoDB addon',
 		next_steps=[
-			'[dim]\[optional][/] Run [bold green4]docker run --name mongo -p 27017:27017 -d mongo:latest[/] to run a local MongoDB instance.',  # noqa: E501
+			r'[dim]\[optional][/] Run [bold green4]docker run --name mongo -p 27017:27017 -d mongo:latest[/] to run a local MongoDB instance.',  # noqa: E501
 			'Run [bold green4]secator config set addons.mongodb.url mongodb://<URL>[/].',
 			'Run [bold green4]secator x httpx testphp.vulnweb.com -driver mongodb[/] to save results to MongoDB.'
 		]
@@ -978,7 +994,7 @@ def install_redis():
 		cmd=f'{sys.executable} -m pip install secator[redis]',
 		title='Redis addon',
 		next_steps=[
-			'[dim]\[optional][/] Run [bold green4]docker run --name redis -p 6379:6379 -d redis[/] to run a local Redis instance.',  # noqa: E501
+			r'[dim]\[optional][/] Run [bold green4]docker run --name redis -p 6379:6379 -d redis[/] to run a local Redis instance.',  # noqa: E501
 			'Run [bold green4]secator config set celery.broker_url redis://<URL>[/]',
 			'Run [bold green4]secator config set celery.result_backend redis://<URL>[/]',
 			'Run [bold green4]secator worker[/] to run a worker.',
@@ -1049,7 +1065,12 @@ def install_go():
 def install_ruby():
 	"""Install Ruby."""
 	run_install(
-		cmd='wget -O - https://raw.githubusercontent.com/freelabz/secator/main/scripts/install_ruby.sh | sudo sh',
+		packages={
+			'apt': ['ruby-full', 'rubygems'],
+			'apk': ['ruby', 'ruby-dev'],
+			'pacman': ['ruby', 'ruby-dev'],
+			'brew': ['ruby']
+		},
 		title='Ruby'
 	)
 
@@ -1059,43 +1080,34 @@ def install_ruby():
 def install_tools(cmds):
 	"""Install supported tools."""
 	if CONFIG.offline_mode:
-		console.print('[bold red]Cannot run this command in offline mode.[/]')
+		console.print(Error(message='Cannot run this command in offline mode.'))
 		return
 	if cmds is not None:
 		cmds = cmds.split(',')
 		tools = [cls for cls in ALL_TASKS if cls.__name__ in cmds]
 	else:
 		tools = ALL_TASKS
-
+	tools.sort(key=lambda x: x.__name__)
+	return_code = 0
 	for ix, cls in enumerate(tools):
-		with console.status(f'[bold yellow][{ix}/{len(tools)}] Installing {cls.__name__} ...'):
-			ToolInstaller.install(cls)
+		with console.status(f'[bold yellow][{ix + 1}/{len(tools)}] Installing {cls.__name__} ...'):
+			status = ToolInstaller.install(cls)
+			if not status.is_ok():
+				return_code = 1
 		console.print()
-
-
-@install.command('cves')
-@click.option('--force', is_flag=True)
-def install_cves(force):
-	"""Install CVEs (enables passive vulnerability search)."""
-	if CONFIG.offline_mode:
-		console.print('[bold red]Cannot run this command in offline mode.[/]')
-		return
-	cve_json_path = f'{CONFIG.dirs.cves}/circl-cve-search-expanded.json'
-	if not os.path.exists(cve_json_path) or force:
-		with console.status('[bold yellow]Downloading zipped CVEs from cve.circl.lu ...[/]'):
-			Command.execute('wget https://cve.circl.lu/static/circl-cve-search-expanded.json.gz', cwd=CONFIG.dirs.cves)
-		with console.status('[bold yellow]Unzipping CVEs ...[/]'):
-			Command.execute(f'gunzip {CONFIG.dirs.cves}/circl-cve-search-expanded.json.gz', cwd=CONFIG.dirs.cves)
-	with console.status(f'[bold yellow]Installing CVEs to {CONFIG.dirs.cves} ...[/]'):
-		with open(cve_json_path, 'r') as f:
-			for line in f:
-				data = json.loads(line)
-				cve_id = data['id']
-				cve_path = f'{CONFIG.dirs.cves}/{cve_id}.json'
-				with open(cve_path, 'w') as f:
-					f.write(line)
-				console.print(f'CVE saved to {cve_path}')
-	console.print(':tada: CVEs installed successfully !', style='bold green')
+	distro = get_distro_config()
+	cleanup_cmds = [
+		'go clean -cache',
+		'go clean -modcache',
+		'pip cache purge',
+		'gem cleanup --user-install',
+		'gem clean --user-install',
+	]
+	if distro.pm_finalizer:
+		cleanup_cmds.append(f'sudo {distro.pm_finalizer}')
+	cmd = ' && '.join(cleanup_cmds)
+	Command.execute(cmd, cls_attributes={'shell': True}, quiet=False)
+	sys.exit(return_code)
 
 
 #--------#
@@ -1103,22 +1115,52 @@ def install_cves(force):
 #--------#
 
 @cli.command('update')
-def update():
+@click.option('--all', '-a', is_flag=True, help='Update all secator dependencies (addons, tools, ...)')
+def update(all):
 	"""[dim]Update to latest version.[/]"""
 	if CONFIG.offline_mode:
-		console.print('[bold red]Cannot run this command in offline mode.[/]')
-		return
+		console.print(Error(message='Cannot run this command in offline mode.'))
+		sys.exit(1)
+
+	# Check current and latest version
 	info = get_version_info('secator', github_handle='freelabz/secator', version=VERSION)
 	latest_version = info['latest_version']
+	do_update = True
+
+	# Skip update if latest
 	if info['status'] == 'latest':
-		console.print(f'[bold green]secator is already at the newest version {latest_version}[/] !')
-		sys.exit(0)
-	console.print(f'[bold gold3]:wrench: Updating secator from {VERSION} to {latest_version} ...[/]')
-	if 'pipx' in sys.executable:
-		Command.execute(f'pipx install secator=={latest_version} --force')
-	else:
-		Command.execute(f'pip install secator=={latest_version}')
+		console.print(Info(message=f'secator is already at the newest version {latest_version} !'))
+		do_update = False
+
+	# Fail if unknown latest
+	if not latest_version:
+		console.print(Error(message='Could not fetch latest secator version.'))
+		sys.exit(1)
+
+	# Update secator
+	if do_update:
+		console.print(f'[bold gold3]:wrench: Updating secator from {VERSION} to {latest_version} ...[/]')
+		if 'pipx' in sys.executable:
+			ret = Command.execute(f'pipx install secator=={latest_version} --force')
+		else:
+			ret = Command.execute(f'pip install secator=={latest_version}')
+		if not ret.return_code == 0:
+			sys.exit(1)
 
+	# Update tools
+	if all:
+		return_code = 0
+		for cls in ALL_TASKS:
+			cmd = cls.cmd.split(' ')[0]
+			version_flag = cls.version_flag or f'{cls.opt_prefix}version'
+			version_flag = None if cls.version_flag == OPT_NOT_SUPPORTED else version_flag
+			info = get_version_info(cmd, version_flag, cls.install_github_handle)
+			if not info['installed'] or info['status'] == 'outdated' or not info['latest_version']:
+				with console.status(f'[bold yellow]Installing {cls.__name__} ...'):
+					status = ToolInstaller.install(cls)
+					if not status.is_ok():
+						return_code = 1
+		sys.exit(return_code)
 
 #-------#
 # ALIAS #
@@ -1220,10 +1262,10 @@ def list_aliases(silent):
 def test():
 	"""[dim]Run tests."""
 	if not DEV_PACKAGE:
-		console.print('[bold red]You MUST use a development version of secator to run tests.[/]')
+		console.print(Error(message='You MUST use a development version of secator to run tests.'))
 		sys.exit(1)
 	if not ADDONS_ENABLED['dev']:
-		console.print('[bold red]Missing dev addon: please run [bold green4]secator install addons dev[/][/]')
+		console.print(Error(message='Missing dev addon: please run [bold green4]secator install addons dev[/]'))
 		sys.exit(1)
 	pass
 

secator/config.py

@@ -29,6 +29,7 @@ class StrictModel(BaseModel, extra='forbid'):
 
 class Directories(StrictModel):
 	bin: Directory = Path.home() / '.local' / 'bin'
+	share: Directory = Path.home() / '.local' / 'share'
 	data: Directory = Path(DATA_FOLDER)
 	templates: Directory = ''
 	reports: Directory = ''
@@ -67,7 +68,7 @@ class Celery(StrictModel):
 
 
 class Cli(StrictModel):
-	github_token: str = ''
+	github_token: str = os.environ.get('GITHUB_TOKEN', '')
 	record: bool = False
 	stdin_timeout: int = 1000
 
@@ -79,10 +80,17 @@ class Runners(StrictModel):
 	backend_update_frequency: int = 5
 	poll_frequency: int = 5
 	skip_cve_search: bool = False
-	skip_cve_low_confidence: bool = True
+	skip_exploit_search: bool = False
+	skip_cve_low_confidence: bool = False
 	remove_duplicates: bool = False
 
 
+class Security(StrictModel):
+	allow_local_file_access: bool = True
+	auto_install_commands: bool = True
+	force_source_install: bool = False
+
+
 class HTTP(StrictModel):
 	socks5_proxy: str = 'socks5://127.0.0.1:9050'
 	http_proxy: str = 'https://127.0.0.1:9080'
@@ -116,7 +124,8 @@ class Wordlists(StrictModel):
 	defaults: Dict[str, str] = {'http': 'bo0m_fuzz', 'dns': 'combined_subdomains'}
 	templates: Dict[str, str] = {
 		'bo0m_fuzz': 'https://raw.githubusercontent.com/Bo0oM/fuzz.txt/master/fuzz.txt',
-		'combined_subdomains': 'https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/DNS/combined_subdomains.txt'  # noqa: E501
+		'combined_subdomains': 'https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/DNS/combined_subdomains.txt',  # noqa: E501
+		'directory_list_small': 'https://raw.githubusercontent.com/danielmiessler/SecLists/refs/heads/master/Discovery/Web-Content/directory-list-2.3-small.txt',  # noqa: E501
 	}
 	lists: Dict[str, List[str]] = {}
 
@@ -165,6 +174,7 @@ class SecatorConfig(StrictModel):
 	payloads: Payloads = Payloads()
 	wordlists: Wordlists = Wordlists()
 	addons: Addons = Addons()
+	security: Security = Security()
 	offline_mode: bool = False
 
 
@@ -495,56 +505,81 @@ def download_files(data: dict, target_folder: Path, offline_mode: bool, type: st
 		offline_mode (bool): Offline mode.
 	"""
 	for name, url_or_path in data.items():
-		if url_or_path.startswith('git+'):
-			# Clone Git repository
-			git_url = url_or_path[4:]  # remove 'git+' prefix
-			repo_name = git_url.split('/')[-1]
-			if repo_name.endswith('.git'):
-				repo_name = repo_name[:-4]
-			target_path = target_folder / repo_name
-			if not target_path.exists():
-				console.print(f'[bold turquoise4]Cloning git {type} [bold magenta]{repo_name}[/] ...[/] ', end='')
+		target_path = download_file(url_or_path, target_folder, offline_mode, type, name=name)
+		if target_path:
+			data[name] = target_path
+
+
+def download_file(url_or_path, target_folder: Path, offline_mode: bool, type: str, name: str = None):
+	"""Download remote file to target folder, clone git repos, or symlink local files.
+
+	Args:
+		data (dict): Dict of name to url or local path prefixed with 'git+' for Git repos.
+		target_folder (Path): Target folder for storing files or repos.
+		offline_mode (bool): Offline mode.
+		type (str): Type of files to handle.
+		name (str, Optional): Name of object.
+
+	Returns:
+		path (Path): Path to downloaded file / folder.
+	"""
+	if url_or_path.startswith('git+'):
+		# Clone Git repository
+		git_url = url_or_path[4:]  # remove 'git+' prefix
+		repo_name = git_url.split('/')[-1]
+		if repo_name.endswith('.git'):
+			repo_name = repo_name[:-4]
+		target_path = target_folder / repo_name
+		if not target_path.exists():
+			console.print(f'[bold turquoise4]Cloning git {type} [bold magenta]{repo_name}[/] ...[/] ', end='')
+			if offline_mode:
+				console.print('[bold orange1]skipped [dim][offline[/].[/]')
+				return
+			try:
+				call(['git', 'clone', git_url, str(target_path)], stderr=DEVNULL, stdout=DEVNULL)
+				console.print('[bold green]ok.[/]')
+			except Exception as e:
+				console.print(f'[bold red]failed ({str(e)}).[/]')
+		return target_path.resolve()
+	elif Path(url_or_path).exists():
+		# Create a symbolic link for a local file
+		local_path = Path(url_or_path)
+		target_path = target_folder / local_path.name
+		if not name:
+			name = url_or_path.split('/')[-1]
+		if not CONFIG.security.allow_local_file_access:
+			console.print(f'[bold red]Cannot reference local file {url_or_path}(disabled for security reasons)[/]')
+			return
+		if not target_path.exists():
+			console.print(f'[bold turquoise4]Symlinking {type} [bold magenta]{name}[/] ...[/] ', end='')
+			try:
+				target_path.symlink_to(local_path)
+				console.print('[bold green]ok.[/]')
+			except Exception as e:
+				console.print(f'[bold red]failed ({str(e)}).[/]')
+		return target_path.resolve()
+	else:
+		# Download file from URL
+		ext = url_or_path.split('.')[-1]
+		if not name:
+			name = url_or_path.split('/')[-1]
+		filename = f'{name}.{ext}' if not name.endswith(ext) else name
+		target_path = target_folder / filename
+		if not target_path.exists():
+			try:
+				console.print(f'[bold turquoise4]Downloading {type} [bold magenta]{filename}[/] ...[/] ', end='')
 				if offline_mode:
-					console.print('[bold orange1]skipped [dim][offline[/].[/]')
-					continue
-				try:
-					call(['git', 'clone', git_url, str(target_path)], stderr=DEVNULL, stdout=DEVNULL)
-					console.print('[bold green]ok.[/]')
-				except Exception as e:
-					console.print(f'[bold red]failed ({str(e)}).[/]')
-			data[name] = target_path.resolve()
-		elif Path(url_or_path).exists():
-			# Create a symbolic link for a local file
-			local_path = Path(url_or_path)
-			target_path = target_folder / local_path.name
-			if not target_path.exists():
-				console.print(f'[bold turquoise4]Symlinking {type} [bold magenta]{name}[/] ...[/] ', end='')
-				try:
-					target_path.symlink_to(local_path)
-					console.print('[bold green]ok.[/]')
-				except Exception as e:
-					console.print(f'[bold red]failed ({str(e)}).[/]')
-			data[name] = target_path.resolve()
-		else:
-			# Download file from URL
-			ext = url_or_path.split('.')[-1]
-			filename = f'{name}.{ext}' if not name.endswith(ext) else name
-			target_path = target_folder / filename
-			if not target_path.exists():
-				try:
-					console.print(f'[bold turquoise4]Downloading {type} [bold magenta]{filename}[/] ...[/] ', end='')
-					if offline_mode:
-						console.print('[bold orange1]skipped [dim](offline)[/].[/]')
-						continue
-					resp = requests.get(url_or_path, timeout=3)
-					resp.raise_for_status()
-					with open(target_path, 'wb') as f:
-						f.write(resp.content)
-					console.print('[bold green]ok.[/]')
-				except requests.RequestException as e:
-					console.print(f'[bold red]failed ({str(e)}).[/]')
-					continue
-			data[name] = target_path.resolve()
+					console.print('[bold orange1]skipped [dim](offline)[/].[/]')
+					return
+				resp = requests.get(url_or_path, timeout=3)
+				resp.raise_for_status()
+				with open(target_path, 'wb') as f:
+					f.write(resp.content)
+				console.print('[bold green]ok.[/]')
+			except requests.RequestException as e:
+				console.print(f'[bold red]failed ({str(e)}).[/]')
+				return
+		return target_path.resolve()
 
 
 # Load default_config
@@ -576,13 +611,8 @@ for name, dir in CONFIG.dirs.items():
 		dir.mkdir(parents=False)
 		console.print('[bold green]ok.[/]')
 
-# Download wordlists and set defaults
+# Download wordlists and payloads
 download_files(CONFIG.wordlists.templates, CONFIG.dirs.wordlists, CONFIG.offline_mode, 'wordlist')
-for category, name in CONFIG.wordlists.defaults.items():
-	if name in CONFIG.wordlists.templates.keys():
-		CONFIG.wordlists.defaults[category] = str(CONFIG.wordlists.templates[name])
-
-# Download payloads
 download_files(CONFIG.payloads.templates, CONFIG.dirs.payloads, CONFIG.offline_mode, 'payload')
 
 # Print config

secator/configs/workflows/subdomain_recon.yaml

@@ -13,12 +13,12 @@ tasks:
   #   input: vhost
   #   domain_:
   #     - target.name
-  #   wordlist: /usr/share/seclists/Discovery/DNS/combined_subdomains.txt
+  #   wordlist: combined_subdomains
   # gobuster:
   #   input: dns
   #   domain_:
   #     - target.name
-  #   wordlist: /usr/share/seclists/Discovery/DNS/combined_subdomains.txt
+  #   wordlist: combined_subdomains
   _group:
     nuclei:
       description: Check for subdomain takeovers

secator/configs/workflows/url_dirsearch.yaml

@@ -8,7 +8,7 @@ input_types:
 tasks:
   ffuf:
     description: Search for HTTP directories
-    wordlist: /usr/share/seclists/Discovery/Web-Content/directory-list-2.3-small.txt
+    wordlist: directory_list_small
     targets_:
       - type: target
         field: '{name}/FUZZ'

secator/decorators.py

@@ -228,6 +228,7 @@ def decorate_command_options(opts):
 			conf.pop('shlex', None)
 			conf.pop('meta', None)
 			conf.pop('supported', None)
+			conf.pop('process', None)
 			reverse = conf.pop('reverse', False)
 			long = f'--{opt_name}'
 			short = f'-{short_opt}' if short_opt else f'-{opt_name}'

secator/definitions.py

@@ -9,7 +9,7 @@ from secator.config import CONFIG, ROOT_FOLDER
 
 # Globals
 VERSION = version('secator')
-ASCII = f"""
+ASCII = rf"""
 			 __            
    ________  _________ _/ /_____  _____
   / ___/ _ \/ ___/ __ `/ __/ __ \/ ___/