Introduction

... or what secator is all about.

secator is a task and workflow runner used for security assessments. It supports dozens of well-known security tools and is designed to improve productivity for pentesters and security researchers.


Quick demo


Features


Supported tools

secator integrates the following tools:

NameDescriptionCategory

Fast HTTP prober.

http

Fast crawler and endpoint secrets / api keys / tokens matcher.

http/crawler

Offline URL crawler (Alien Vault, The Wayback Machine, Common Crawl, URLScan).

http/crawler

Fast web spider written in Go.

http/crawler

Next-generation crawling and spidering framework.

http/crawler

Web path discovery.

http/fuzzer

Simple, fast, recursive content discovery tool written in Rust.

http/fuzzer

Fast web fuzzer written in Go.

http/fuzzer

Email OSINT and breach hunting tool.

osint

Fast and multi-purpose DNS toolkit designed for running DNS queries.

recon/dns

Fast and multi-purpose DNS toolkit designed for running DNS queries (bruteforce mode).

recon/dns

Fast subdomain finder.

recon/dns

Find alive hosts on local networks.

recon/ip

Expand CIDR ranges into IPs.

recon/ip

Fast port discovery tool.

recon/port

Hunt for user accounts across many websites.

recon/user

A wrapper around grep to avoid typing common patterns.

tagger

A vulnerability scanner for container images and filesystems.

vuln/code

Powerful XSS scanning tool and parameter analyzer.

vuln/http

CLI to access and work with the Metasploit Framework.

vuln/http

WordPress Security Scanner

vuln/multi

Vulnerability scanner using NSE scripts.

vuln/multi

Fast and customisable vulnerability scanner based on simple YAML based DSL.

vuln/multi

Feel free to request new tools integrations by opening an issue on the repo, but please check that the tool complies with our selection criterias before doing so (read Curated list of tools). If it doesn't but you still want to integrate it into secator, you can plug it in (read Writing tasks).


Last updated