Introduction

... or what secator is all about.

secator is a task and workflow runner used for security assessments. It supports dozens of well-known security tools and is designed to improve productivity for pentesters and security researchers.

Quick demo

Features

Supported tools

secator integrates the following tools:

Name Description Category

Name	Description	Category
httpx	Fast HTTP prober.	`http`
cariddi	Fast crawler and endpoint secrets / api keys / tokens matcher.	`http/crawler`
gau	Offline URL crawler (Alien Vault, The Wayback Machine, Common Crawl, URLScan).	`http/crawler`
gospider	Fast web spider written in Go.	`http/crawler`
katana	Next-generation crawling and spidering framework.	`http/crawler`
dirsearch	Web path discovery.	`http/fuzzer`
feroxbuster	Simple, fast, recursive content discovery tool written in Rust.	`http/fuzzer`
ffuf	Fast web fuzzer written in Go.	`http/fuzzer`
h8mail	Email OSINT and breach hunting tool.	`osint`
dnsx	Fast and multi-purpose DNS toolkit designed for running DNS queries.	`recon/dns`
dnsxbrute	Fast and multi-purpose DNS toolkit designed for running DNS queries (bruteforce mode).	`recon/dns`
subfinder	Fast subdomain finder.	`recon/dns`
fping	Find alive hosts on local networks.	`recon/ip`
mapcidr	Expand CIDR ranges into IPs.	`recon/ip`
naabu	Fast port discovery tool.	`recon/port`
maigret	Hunt for user accounts across many websites.	`recon/user`
gf	A wrapper around grep to avoid typing common patterns.	`tagger`
grype	A vulnerability scanner for container images and filesystems.	`vuln/code`
dalfox	Powerful XSS scanning tool and parameter analyzer.	`vuln/http`
msfconsole	CLI to access and work with the Metasploit Framework.	`vuln/http`
wpscan	WordPress Security Scanner	`vuln/multi`
nmap	Vulnerability scanner using NSE scripts.	`vuln/multi`
nuclei	Fast and customisable vulnerability scanner based on simple YAML based DSL.	`vuln/multi`

httpx

Fast HTTP prober.

http

cariddi

Fast crawler and endpoint secrets / api keys / tokens matcher.

http/crawler

gau

Offline URL crawler (Alien Vault, The Wayback Machine, Common Crawl, URLScan).

http/crawler

gospider

Fast web spider written in Go.

http/crawler

katana

Next-generation crawling and spidering framework.

http/crawler

dirsearch

Web path discovery.

http/fuzzer

feroxbuster

Simple, fast, recursive content discovery tool written in Rust.

http/fuzzer

ffuf

Fast web fuzzer written in Go.

http/fuzzer

h8mail

Email OSINT and breach hunting tool.

osint

dnsx

Fast and multi-purpose DNS toolkit designed for running DNS queries.

recon/dns

dnsxbrute

Fast and multi-purpose DNS toolkit designed for running DNS queries (bruteforce mode).

recon/dns

subfinder

Fast subdomain finder.

recon/dns

fping

Find alive hosts on local networks.

recon/ip

mapcidr

Expand CIDR ranges into IPs.

recon/ip

naabu

Fast port discovery tool.

recon/port

maigret

Hunt for user accounts across many websites.

recon/user

A wrapper around grep to avoid typing common patterns.

tagger

grype

A vulnerability scanner for container images and filesystems.

vuln/code

dalfox

Powerful XSS scanning tool and parameter analyzer.

vuln/http

msfconsole

CLI to access and work with the Metasploit Framework.

vuln/http

wpscan

WordPress Security Scanner

vuln/multi

nmap

Vulnerability scanner using NSE scripts.

vuln/multi

nuclei

Fast and customisable vulnerability scanner based on simple YAML based DSL.

vuln/multi

Feel free to request new tools integrations by opening an issue on the repo, but please check that the tool complies with our selection criterias before doing so (read ). If it doesn't but you still want to integrate it into secator, you can plug it in (read Writing tasks).

NextInstallation

Last updated 28 days ago