Meta options

... or options that are mutualized among task categories for efficiency, speed, and user-friendliness.

Meta options apply to tasks, workflows, or scans. When passed to workflows or scans, they will be passed to each task contained in the runner.

Some tasks, workflows, or scans do not support some of the options mentioned below. Runsecator x/w/s <name> --help to get the complete list of supported options.

Execution Options

Threads (-threads)

Number of threads to use. Applies to all tasks supporting threads (or concurrency).

Example: set 50 threads
secator w host_recon mydomain.com -threads 50

Requests Options

The following options will apply to tasks making network requests (if they implement it), no matter the protocol used (HTTP, TCP, UDP, DNS, FTP, ...).

Proxy (-proxy)

Proxy (HTTP, Socks5, ...) to use when communicating with the targets.

Example: set proxies in config and -proxy to auto

Learn more about Proxies.

Rate limit (-rl)

Rate limit is an upper limit on the number of requests per second.

Example: set a rate limit of 50 requests/second

Timeout (-timeout)

Timeout is the time to wait (in seconds) before giving up on the request.

Example: set a request timeout of 10 seconds

Retries (-retries)

Retries is the number of retries for the port scan.

Example: set 5 retries for all requests

HTTP Options

The following options will apply to tasks making HTTP requests (if they implement it).

Header (-header)

Custom header to add to each request in the form "KEY1:VALUE1; KEY2:VALUE2".

Example: set an Authorization and an Accept header

Method (-method)

HTTP method to use for request GET, POST, PUT, DELETE, etc...

Example: use POST method for fuzzing

User-agent (-ua)

Custom user-agent to use for request.

Example: use secator as a user agent value

Match regex (-mr)

Keep responses which body content match the input.

Example: keep responses which match the regexMySQLError.*

Match size (-ms)

Keep responses which body size (in bytes) match the input.

Example: keep responses with 1025 bytes

Match-words (-mw)

Keep responses which body word count match the input.

Example: keep responses with 10 words

Match code (-mc)

Keep responses which HTTP status codes match the input.

Example: keep responses matching HTTP statuses 200,400,501

Filter regex (-fr)

Filter out responses which body content match the input.

Example: filter out responses containing the string LoginPage

Filter codes (-fc)

Filter out responses which HTTP status codes match the input.

Example: filter out responses matching HTTP status 500

Filter size (-fs)

Filter out responses which body size (in bytes) match the input.

Example: filter out responses with 1025 bytes

Filter words (-fw)

Filter out responses which body word count match the input.

Example: filter out responses with 10 words

Follow redirect (-frd)

Follow all http redirects.

Example: follow HTTP redirects

Wordlist (-w)

Custom wordlist to use.

Example: use fuzz-Bo0oM wordlist
PreviousGlobal optionsNextInput formats

Last updated

Was this helpful?