Examples

... or concrete use cases for secator.

Find subdomains using `subfinder` and run HTTP probes using `httpx`

secator x subfinder -raw alibaba.com | secator x httpx -threads 30 -rl 10

from secator.tasks.recon import subfinder
from secator.tasks.http import httpx

target = 'alibaba.com'
results = subfinder(target).run()
hosts = [_.host for _ in results if _._type == 'subdomain']
for probe in httpx(hosts, threads=30, rate_limit=10):
    print('Found alive subdomain URL {url}[{status_code}]'.format(**probe))

Find open ports and run `nmap`'s `vulscan` NSE script on results

secator w port_scan cnn.com

from secator.workflows import host_recon

target = 'cnn.com'
for result in host_recon(target):  # consume results live
    print(result)

Fuzz URLs with multiple fuzzers and a custom wordlist

secator w url_fuzz example.com -mc 200,302 -rl 1 -w dicc.txt -o table -quiet

from secator.workflows import url_fuzz

target = 'example.com'
opts = {
    'match_codes': '200, 302',
    'rate_limit': 1 # req/s
    'quiet': True,
    'ffuf.wordlist': 'dicc.txt' # ffuf wordlist
}

# Print results live and a summary table at the end of the run
for result in url_fuzz(target, exporters=['table']):
    print(result)

PreviousConfiguration Next5 minutes secator session

Last updated 2 days ago

Was this helpful?