Profiles

... or how to manage different runner option sets effectively.

secator profiles are a way to mutualize sets of options to be quickly re-used in tasks, workflows, and scans.

We have identified that for different security assessment we need vastly different option set.

For instance, we could imagine scan profiles focused on scan speed / aggressivity playing on the rate_limit and delay options:

type: profile
name: jaguar
opts:
    rate_limit: 100000
    delay: 0

type: profile
name: rabbit
opts:
    rate_limit: 1000
    delay: 1

type: profile
name: turtle
opts:
    rate_limit: 10
    delay: 2

type: profile
name: snail
opts:
    rate_limit: 1
    delay: 5

... or scan profiles focused on furtivity / stealth:

type: profile
name: ninja
opts:
    proxy: auto
    tor: true
    vpn: true

type: profile
name: chameleon
opts:
    proxy: auto
    tor: true
    vpn: false

type: profile
name: mouse
opts:
    proxy: auto
    tor: false
    vpn: false

type: profile
name: elephant
opts:
    proxy: false
    tor: false
    vpn: false

Running a task / workflow / scan with profiles be like:

secator x httpx -pf ninja,jaguar

secator w host_recon -pf ninja,jaguar

secator s host_recon -pf ninja,jaguar

Last updated 2 months ago

Was this helpful?