search

freelabz / secator

secator - the pentester's swiss knife
https://docs.freelabz.com
Other
771 stars 63 forks source link

feat: `config` - tracker #60

Closed ocervell closed 4 months ago

ocervell commented 1 year ago

Global YAML config for secator defaults options:

Linked pull request: https://github.com/freelabz/secator/pull/313

Linked issues:

Example global config:

dirs:
  bin: ~/.local/bin
  data: ~/.secator
  templates: ~/.secator/templates
  reports: ~/.secator/reports
  wordlists: ~/.secator/wordlists
  cves: ~/.secator/cves
  payloads: ~/.secator/payloads
  revshells: ~/.secator/revshells
  celery: ~/.secator/celery
  celery_data: ~/.secator/celery/data
  celery_results: ~/.secator/celery/results

debug:
  level: 0
  component: ''

celery:
  broker_url: filesystem://
  broker_pool_limit: 10
  broker_connection_timeout: 4.0
  broker_visibility_timeout: 3600
  override_default_logging: true
  result_backend: file://~/.secator/celery/results

cli:
  github_token: ''
  record: false
  stdin_timeout: 1000

runners:
  input_chunk_size: 1000
  progress_update_frequency: 60
  skip_cve_search: false

http:
  socks5_proxy: socks5://127.0.0.1:9050
  http_proxy: https://127.0.0.1:9080
  store_responses: false
  proxychains_command: proxychains
  freeproxy_timeout: 1

tasks:
  exporters:
  - json
  - csv

workflows:
  exporters:
  - json
  - csv

scans:
  exporters:
  - json
  - csv

payloads:
  templates:
    lse: https://github.com/diego-treitos/linux-smart-enumeration/releases/latest/download/lse.sh
    linpeas: https://github.com/carlospolop/PEASS-ng/releases/latest/download/linpeas.sh
    sudo_killer: git+https://github.com/TH3xACE/SUDO_KILLER

wordlists:
  defaults:
    http: bo0m_fuzz
    dns: combined_subdomains
  templates:
    bo0m_fuzz: https://raw.githubusercontent.com/Bo0oM/fuzz.txt/master/fuzz.txt
    combined_subdomains: https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/DNS/combined_subdomains.txt
  lists: {}

addons:
  google:
    enabled: false
    drive_parent_folder_id: ''
    credentials_path: ''
  worker:
    enabled: false
  mongodb:
    enabled: false
    url: mongodb://localhost
    update_frequency: 60

[EDIT] Moved to profiles Maybe add:

  httpx:
    default_options: "-td"
  katana:
    default_options: "-js -js-crawl -known-files all -or -ob"
  dirsearch:
    config: | # inline .yml/ .init / .conf
    config_type: yml
  nuclei:
    default_options: "-stats -sj -si 20 -hm -or"
    config_path: /path/to/nuclei/config.yml
    templates:
    - https://github.com/projectdiscovery/nuclei-templates
    - https://github.com/CharanRayudu/Custom-Nuclei-Templates
  feroxbuster:
    default_options: "--auto-bail --no-state"
ocervell commented 4 months ago

Fixed by https://github.com/freelabz/secator/pull/313