Exciting news from Ghost Labs! Reaper v0.0.2 was just released and includes two new capabilities that, although extremely simple to use, greatly streamline the research process.
These capabilities are what we call “nodes”. You can think of them as commands that direct the automated workflow on exactly what to do. These nodes are called Extractor and If.
The first new node is the Extractor. It’s a standalone node that can be placed anywhere downstream from a Sender node, such as after a check for a certain status code. It can be used to extract part of an HTTP response into a variable. You can extract any part of the response body, an individual header, or a status code. The default is to extract the entire body into a variable which can then be used anywhere further downstream in the workflow for requests, output, or elsewhere.
Image 1: Use Extractor to extract various parts of an HTTP response into a variable.
Image 2: Use variables identified by Extractor in downstream workflow actions.
Extractor also supports extracting data from HTML, XML, or JSON and using XPath. For example, you can grab the page title using //head/title, or the URL of the first link on the page with //a/@href.
The second new addition is the If node, which you can likely guess the utility of. With this new node, compare any variable using common numeric and string comparisons, including against static values or the values of other variables. For example, use it to verify that an IP address matches the expected format.
Image 3: The If node compares any variable using common numeric and string comparisons.
With these updates, Reaper becomes an even more powerful reconnaissance and attack proxy workflow automation tool. To learn more about Reaper, check out the initial release announcement.
Ready to explore Reaper? Get it now on GitHub: https://github.com/ghostsecurity/reaper
Sign up to stay up to date on future Reaper releases and news.
