# Meta options **Meta options** apply to **tasks**, **workflows**, or **scans**. When passed to **workflows** or **scans**, they will be passed to each task contained in the runner. {% hint style="warning" %} Some tasks, workflows, or scans do not support some of the options mentioned below. Run**`secator x/w/s --help`** to get the complete list of supported options. {% endhint %} *** ## Execution Options ### Threads (`-threads`) Number of threads to use. Applies to all tasks supporting threads (or concurrency).
Example: set 50 threads ```bash secator w host_recon mydomain.com -threads 50 ```
*** ## Requests Options The following options will apply to tasks making network requests (if they implement it), no matter the protocol used (HTTP, TCP, UDP, DNS, FTP, ...). ### Proxy (`-proxy`) Proxy (HTTP, Socks5, ...) to use when communicating with the targets.
Example: set proxies in config and -proxy to auto ```bash secator config set http.http_proxy http://localhost:8080 secator config set http.socks5_proxy socks5://localhost:9050 secator w host_recon mydomain.com -proxy auto # auto choose the right proxy ```
{% hint style="info" %} Learn more about [Proxies](/in-depth/concepts/proxies.md). {% endhint %} *** ### Rate limit (`-rl`) Rate limit is an upper limit on the number of requests per second.
Example: set a rate limit of 50 requests/second ```bash secator w host_recon mydomain.com -rl 50 ```
*** ### Timeout (`-timeout`) Timeout is the time to wait (in seconds) before giving up on the request.
Example: set a request timeout of 10 seconds ```bash secator w host_recon mydomain.com -timeout 10 ```
*** ### Retries (`-retries`) Number of retries for failed requests.
Example: set 5 retries for all requests ```bash secator w host_recon mydomain.com -retries 5 ```
*** ### Delay (`-d`) Delay to add between each request (in seconds).
Example: add a 0.5 second delay between requests ```bash secator w host_recon mydomain.com -d 0.5 ```
*** ## HTTP Options The following options will apply to tasks making HTTP requests (if they implement it). ### Header (`-H`) Custom header to add to each request in the form "KEY1:VALUE1;; KEY2:VALUE2".
Example: set an Authorization and an Accept header ```bash secator x cariddi mydomain.com -H "Authorization: Basic ;; Accept: application/json" ```
*** ### Method (`-X`) HTTP method to use for request GET, POST, PUT, DELETE, etc...
Example: use POST method for fuzzing ```bash secator x ffuf mydomain.com -X POST ```
*** ### Data (`-data`) Data to send in the request body.
Example: send JSON data in POST request ```bash secator x ffuf mydomain.com/api -X POST -data '{"key":"value"}' ```
*** ### User-agent (`-ua`) Custom user-agent to use for request.
Example: use secator as a user agent value ```bash secator x dalfox mydomain.com -ua secator ```
*** ### **Match regex (`-mr)`** Keep responses which body content match the input.
Example: keep responses which match the regexMySQLError.* ```bash secator x ffuf mydomain.com -mr MySQLError.* ```
*** ### Match size (`-ms`) Keep responses which body size (in bytes) match the input.
Example: keep responses with 1025 bytes ```bash secator x katana mydomain.com -ms 1026 # bytes ```
*** ### Match-words (`-mw)` Keep responses which body word count match the input.
Example: keep responses with 10 words ```bash secator x katana mydomain.com -mw 10 ```
*** ### Match code (`-mc`) Keep responses which HTTP status codes match the input.
Example: keep responses matching HTTP statuses 200,400,501 ```bash secator x katana mydomain.com -mc 200,400,501 ```
*** ### Filter regex (`-fr`) Filter out responses which body content match the input.
Example: filter out responses containing the string LoginPage ```bash secator x ffuf mydomain.com -fr LoginPage.* ```
*** ### Filter codes (`-fc`) Filter out responses which HTTP status codes match the input.
Example: filter out responses matching HTTP status 500 ```bash secator x ffuf mydomain.com -fc 500 ```
*** ### Filter size (`-fs)` Filter out responses which body size (in bytes) match the input.
Example: filter out responses with 1025 bytes ```bash secator x ffuf mydomain.com -fs 1025 ```
*** ### Filter words (`-fw`) Filter out responses which body word count match the input.
Example: filter out responses with 10 words ```bash secator x ffuf mydomain.com -fw 10 ```
*** ### Follow redirect (`-frd`) Follow all http redirects.
Example: follow HTTP redirects ```bash secator x katana mydomain.com -frd ```
*** ### Depth (`-depth`) Scan depth for crawling tasks.
Example: set crawl depth to 3 ```bash secator x gospider mydomain.com -depth 3 ```
*** ### Replay proxy (`-P`) Proxy to use for replay requests (useful for fuzzing tasks).
Example: use a proxy for replay requests ```bash secator x ffuf mydomain.com/FUZZ -P http://localhost:8080 ```
*** ### Wordlist (`-w`) Custom wordlist to use.
Example: use fuzz-Bo0oM wordlist ```bash secator x ffuf mydomain.com/FFUF/ -w /usr/share/seclists/Fuzzing/fuzz-Bo0oM.txt ```
*** ## Port Scanning Options The following options apply to port scanning tasks (e.g., `naabu`, `nmap`). ### Ports (`-p`) Only scan specific ports. Accepts a comma-separated list of ports, or `-` for all ports.
Example: scan ports 80, 443, and 8080 ```bash secator x naabu mydomain.com -p 80,443,8080 ```
*** ### Top ports (`-tp`) Scan the N most common ports.
```bash secator x naabu mydomain.com -tp 100 ```
*** --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.freelabz.com/runner-options/meta-options.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.