freelabz · ocervell · Mar 8, 2024 · Mar 8, 2024 · Mar 8, 2024 · Mar 8, 2024
diff --git a/.github/actions/install/action.yml b/.github/actions/install/action.yml
@@ -0,0 +1,17 @@
+name: Install secator
+description: Installs secator
+inputs: 
+  python-version:
+    required: true
+runs:
+  using: "composite"
+  steps:
+
+  - name: Set up Python ${{ inputs.python-version }}
+    uses: actions/setup-python@v3
+    with:
+      python-version: ${{ inputs.python-version }}
+
+  - name: Install secator with pipx
+    shell: bash
+    run: pipx install -e .[dev]
diff --git a/.github/workflows/python-package.yml b/.github/workflows/python-package.yml
@@ -15,22 +15,14 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        python-version: ["3.9", "3.10"]
+        python-version: ["3.9", "3.10", "3.11"]
     steps:
     - uses: actions/checkout@v3
 
-    - name: Set up Python ${{ matrix.python-version }}
-      uses: actions/setup-python@v3
+    - uses: ./.github/actions/install
       with:
         python-version: ${{ matrix.python-version }}
 
-    - name: Install dependencies
-      run: |
-        python -m pip install --upgrade pip
-        python -m pip install -r requirements.txt
-        python -m pip install .
-        python -m pip install .[dev]
-
     - name: Run unit tests
       run: |
         secator test unit
@@ -40,22 +32,14 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        python-version: ["3.9", "3.10"]
+        python-version: ["3.9", "3.10", "3.11"]
     steps:
     - uses: actions/checkout@v3
-
-    - name: Set up Python ${{ matrix.python-version }}
-      uses: actions/setup-python@v3
+
+    - uses: ./.github/actions/install
       with:
         python-version: ${{ matrix.python-version }}
 
-    - name: Install dependencies
-      run: |
-        python -m pip install --upgrade pip
-        python -m pip install -r requirements.txt
-        python -m pip install .
-        python -m pip install .[dev]
-
     - name: Run lint tests
       run: |
         secator test lint
@@ -65,14 +49,13 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        python-version: ["3.10"]
+        python-version: ["3.11"]
         test_type: ['tasks']
         # test_type: ['tasks', 'workflows', 'scans']
     steps:
     - uses: actions/checkout@v3
 
-    - name: Set up Python ${{ matrix.python-version }}
-      uses: actions/setup-python@v3
+    - uses: ./.github/actions/install
       with:
         python-version: ${{ matrix.python-version }}
 
@@ -83,12 +66,9 @@ jobs:
 
     - name: Install dependencies
       run: |
-        python -m pip install --upgrade pip
-        python -m pip install -r requirements.txt
-        python -m pip install .
-        python -m pip install .[dev]
-        ./scripts/install_go.sh
-        ./scripts/install_commands.sh
+        secator install go
+        secator install ruby
+        secator install tools
 
     - name: Add GOBIN to PATH
       run: echo "${HOME}/.local/bin" >> $GITHUB_PATH

diff --git a/Dockerfile b/Dockerfile
@@ -1,44 +1,63 @@
 FROM kalilinux/kali-rolling
 
-ENV PYTHONDONTWRITEBYTECODE 1
-ENV PYTHONUNBUFFERED 1
-ENV GOROOT="/usr/local/go"
-ENV GOPATH=$HOME/go
-ENV PATH="${PATH}:${GOROOT}/bin:${GOPATH}/bin"
+ENV PATH="${PATH}:/root/go/bin:/root/.local/bin"
 
 # Install Python
+# RUN apt update -y && \
+#     apt install -y \
+# 	software-properties-common \
+#     curl \
+# 	gcc \
+#     git \
+# 	golang-go \
+#     make \
+# 	python3 \
+# 	python3-pip \
+# 	python3-venv \
+# 	ruby \
+# 	sudo \
+# 	vim \
+#     wget \
+#     zlib1g \
+#     zlib1g-dev \
+# 	libc6-dev \
+# 	libgdbm-dev \
+# 	libbz2-dev \
+# 	libffi-dev \
+# 	libreadline-dev \
+# 	libncursesw5-dev \
+# 	libsqlite3-dev \
+# 	libssl-dev \
+# 	tk-dev \
+# 	chromium \
+#     jq \
+#     openssl \
+# 	proxychains \
+# 	proxychains-ng \
+# 	&& rm -rf /var/lib/apt/lists/*
+
 RUN apt update -y && \
     apt install -y \
-	software-properties-common \
-    curl \
+	curl \
 	gcc \
-    git \
+	git \
+	golang-go \
     make \
+	pipx \
+	python3 \
+	python3-pip \
+	python3-venv \
+	ruby-full \
+	rubygems \
 	sudo \
 	vim \
     wget \
-    zlib1g \
-    zlib1g-dev \
-	libc6-dev \
-	libgdbm-dev \
-	libbz2-dev \
-	libffi-dev \
-	libreadline-dev \
-	libncursesw5-dev \
-	libsqlite3-dev \
-	libssl-dev \
-	tk-dev
-RUN wget https://www.python.org/ftp/python/3.10.2/Python-3.10.2.tgz
-RUN tar xvf Python-3.10.2.tgz && cd Python-3.10.2/ && ./configure --enable-optimizations && make && make install
-
-# Install additional tools
-RUN apt update -y && \
-	apt install -y \
 	chromium \
     jq \
     openssl \
 	proxychains \
-	proxychains-ng
+	proxychains-ng \
+	&& rm -rf /var/lib/apt/lists/*
 
 # Install Metasploit framework
 RUN curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall
@@ -47,38 +66,11 @@ RUN ./msfinstall
 
 # Copy code
 WORKDIR /code
-
-# Download CVEs
-# COPY scripts/download_cves.sh .
-# RUN ./download_cves.sh
-
-# Download and install go 1.19
-COPY scripts/install_go.sh .
-RUN ./install_go.sh
-ENV PATH="$PATH:/root/go/bin"
-
-# Download an install Ruby
-COPY scripts/install_ruby.sh .
-RUN ./install_ruby.sh
-
-# Install secator tasks
-COPY scripts/install_commands.sh .
-RUN ./install_commands.sh
-
-# Install nuclei templates
-RUN nuclei update-templates
-
-# Install Python package and CLI
-COPY requirements.txt .
-RUN pip3 install wheel
-RUN pip3 install --no-cache-dir -r requirements.txt
-
-# Copy rest of the code
 COPY . /code/
 
 # Install secator
-RUN pip3 uninstall httpx
-RUN pip3 install --no-deps -e .
+RUN pipx install .[dev,google]
+RUN secator install tools
 
 # Set entrypoint
 ENTRYPOINT ["secator"]
diff --git a/README.md b/README.md
@@ -45,9 +45,10 @@ and it is designed to improve productivity for pentesters and security researche
 
 * **Customizable**
 
-## Supported commands
 
-`secator` integrates the following commands:
+## Supported tools
+
+`secator` integrates the following tools:
 
 | Name                                                          | Description                                                                    | Category       |
 |---------------------------------------------------------------|--------------------------------------------------------------------------------|----------------|
@@ -76,62 +77,63 @@ and it is designed to improve productivity for pentesters and security researche
 | [nuclei](https://github.com/projectdiscovery/nuclei)          | Fast and customisable vulnerability scanner based on simple YAML based DSL.    | `vuln/multi`   |
 | [searchsploit](https://gitlab.com/exploit-database/exploitdb) | Exploit searcher. | `exploit/search`    |
 
-Feel free to request new commands to be added by opening an issue, but please 
-check that the command complies with our selection criterias before doing so. If it doesn't but you still want to integrate it into `secator`, you can plug it in (see the [dev guide](https://docs.freelabz.com/for-developers/writing-custom-tasks)).
+Feel free to request new tools to be added by opening an issue, but please 
+check that the tool complies with our selection criterias before doing so. If it doesn't but you still want to integrate it into `secator`, you can plug it in (see the [dev guide](https://docs.freelabz.com/for-developers/writing-custom-tasks)).
 
 
-## Install Secator
+## Installation
 
-Secator requires **python >= 3.8** to install successfully. Run the following command to install the latest version:
-
-```sh
-pip3 install secator
-```
+`secator` requires **Python >= 3.8** and **`pipx`** (or **`pip`**).
 
 <details>
-	<summary>Bash one-liner</summary>
+  <summary>Bash (bundle)</summary>
 
-	git clone https://github.com/freelabz/secator && sh ./secator/scripts/install.sh
+    wget -O - https://raw.githubusercontent.com/freelabz/secator/main/scripts/install.sh | sh
 
+This script is an all-in-one bundle that installs `secator`, the latest Go and Ruby versions, and all the tools supported by `secator`.
 </details>
 
 <details>
-	<summary>Docker</summary>
+	<summary>PyPI (stable)</summary>
 
-	docker pull freelabz/secator
+	pipx install secator
 
-</details>
+  ***Notes:***
+  * Make sure `~/.local/bin/` is added to your `PATH` since this is where `pipx` install binaries.
+  * You can also use `pip install secator` but make sure you are in a virtual environment.
 
-<details>
-	<summary>Development build</summary>
+  To install `secator` tools:
 
-	git clone https://github.com/freelabz/secator
-	cd secator
-	python3 -m virtualenv -p python3 ~/.virtualenvs/secator
-	source ~/.virtualenvs/secator/bin/activate
-	pip3 install -e .
+	secator install go    # latest version of Go
+	secator install ruby  # latest version of Ruby
+	secator install tools # supported tools
+
+  ***Note:*** you can skip these steps if you are managing Go, Ruby, or tools externally, or don't want to install everything.
 
 </details>
 
+<details>
+	<summary>PyPI (development)</summary>
+
+  ```sh
+git clone https://github.com/freelabz/secator
+cd secator
+pipx install -e .[dev]
+  ```
 
-### Install underlying tools
+  ***Notes:***
+  * Make sure `~/.local/bin/` is added to your `PATH` since this is where `pipx` install binaries.
+  * You can also use `pip install secator` but make sure you are in a virtual environment !
 
-`secator` is designed to work with the latest version of all the tools it supports. Please make sure you are using the latest version of the tools you are using with `secator`.
+</details>
 
-A convenience utility is provided to install all tools:
-```sh
-secator u install
-```
+<details>
+	<summary>Docker</summary>
 
-... or to update specific tools:
-```sh
-secator u install <TASK_NAME>
-```
+	docker run -it freelabz/secator --help
 
-Please note that:
-* this install method requires `apt` so it will not work on distributions not supporting it.
-* this is tested merely on Ubuntu and some of these installs might not work on other distributions.
-* ideally you update the tools yourself, and use `secator` as a convenient wrapper on top of them.
+The Docker image is quite big, because it contains all the tools supported by `secator`.
+</details>
 
 ## Usage
 ```sh

diff --git a/images/help.png b/images/help.png
diff --git a/scripts/install.sh b/scripts/install.sh
@@ -1,14 +1,21 @@
 #!/bin/bash
+YELLOW='\033[0;93m'
+GREEN='\033[0;92m'
+NC='\033[0m' # No Color
 
-git clone https://github.com/freelabz/secator
-cd secator
-./scripts/install_go.sh
-./scripts/install_ruby.sh
-./scripts/install_commands.sh
-pip3 install virtualenv
-virtualenv ~/.secator/venv
+echo -e "🗄 ${YELLOW}Installing pipx ...${NC}"
+sudo apt install pipx
+echo -e "🗄 ${GREEN}pipx installed successfully !${NC}\n"
+
+echo -e "🗄 ${YELLOW}Installing secator ...${NC}"
+pipx install secator
+echo -e "🗄 ${GREEN}secator installed successfully !${NC}\n"
+
+secator install go
+secator install ruby
+secator install tools
+
+echo -e "🗄 ${YELLOW}Adding ~/go/bin and ~/.local/bin to .bashrc ...${NC}"
 echo "export PATH=$PATH:~/go/bin:~/.local/bin" >> ~/.bashrc
-echo "source ~/.secator/venv/bin/activate" >> ~/.bashrc
 source ~/.bashrc
-pip3 install -r requirements.txt
-pip3 install -e .
+echo -e "🗄 ${GREEN}PATH modified successfully !${NC}\n"