Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Task Manager

The task manager is a core component of the MRPF system, responsible for orchestrating and managing the execution of various tasks. It provides a flexible and extensible framework for defining, scheduling, and executing tasks, as well as handling task dependencies and data management.

It takes inspiration from Nuclei's templating system, but is fully integrated with the rest of the MRPF system. This means we're able to run any scan type we've implemented, pull data like wordlists, target scope regexes, apex zones, and use that data in our tasks. It also allows for the fan-out/fan-in pattern, to distribute tasks across multiple workers, and aggregate results from multiple tasks. We support complex execution workflows like parallel execution, conditons() and loops()

It follows the core principles of the MRPF system.

For instance, the HTTP1/x module doesn't hide the differences of IP addresses, host names and TLS SNI behind a single "host" abstraction. Here's an example of what this looks like in a task template:

- kind: http1
  ip: $[ipv4_address_ranges]
  port: 443
  tls: true
  sni: localhost
  body: |
    GET / HTTP/1.1
    Host: localhost

The observant reader will see that even here we're taking some liberties.

For instance, the body is treated as UTF-8 in this example. We will offer various other ways to define the request body in the future, such as hex encoded binary data to allow complex attacks on encodings or specific byte sequences.

(*) Actually not yet implemented :)