Secator docs
  • GETTING STARTED
    • Introduction
    • Installation
    • CLI Usage
    • Library usage
    • Configuration
    • Examples
      • 5 minutes secator session
  • RUNNER OPTIONS
    • Global options
    • Meta options
    • Input formats
    • Output options
  • IN-DEPTH
    • Philosophy & design
    • Distributed runs with Celery
    • Concepts
      • Output types
      • Proxies
      • Exporters
      • Runners
      • Drivers
      • Profiles
    • Deployment
  • For developers
    • Development setup
    • Writing tasks
      • Integrating an external command
        • Parsing JSON lines
        • Parsing raw standard output
        • Parsing output files
        • Example: integrating ls
        • Example: cat hunters
      • Integrate custom Python code [WIP]
      • Advanced options
    • Writing workflows
    • Writing scans [WIP]
Powered by GitBook
On this page
  • Find subdomains using subfinder and run HTTP probes using httpx
  • Find open ports and run nmap's vulscan NSE script on results
  • Fuzz URLs with multiple fuzzers and a custom wordlist

Was this helpful?

  1. GETTING STARTED

Examples

... or concrete use cases for secator.


Find subdomains using subfinder and run HTTP probes using httpx

secator x subfinder -raw alibaba.com | secator x httpx -threads 30 -rl 10 
from secator.tasks.recon import subfinder
from secator.tasks.http import httpx

target = 'alibaba.com'
results = subfinder(target).run()
hosts = [_.host for _ in results if _._type == 'subdomain']
for probe in httpx(hosts, threads=30, rate_limit=10):
    print('Found alive subdomain URL {url}[{status_code}]'.format(**probe))

Find open ports and run nmap's vulscan NSE script on results

secator w port_scan cnn.com
from secator.workflows import host_recon

target = 'cnn.com'
for result in host_recon(target):  # consume results live
    print(result)

Fuzz URLs with multiple fuzzers and a custom wordlist

secator w url_fuzz example.com -mc 200,302 -rl 1 -w dicc.txt -o table -quiet 
from secator.workflows import url_fuzz

target = 'example.com'
opts = {
    'match_codes': '200, 302',
    'rate_limit': 1 # req/s
    'quiet': True,
    'ffuf.wordlist': 'dicc.txt' # ffuf wordlist
}

# Print results live and a summary table at the end of the run
for result in url_fuzz(target, exporters=['table']):
    print(result)

PreviousConfigurationNext5 minutes secator session

Last updated 27 days ago

Was this helpful?