v1.3.1

• Updated gobuster in default config to run twice, once with append slash and once without
• Now that screenshots are no longer async, the report command will run the screenshots and then create report all in one.

v1.3

• Added auto default workspace creation so you can run the scan command without manually setting up workspace.
• Added ability to read multiple URLs from a file and automatically import and scan them using celerystalk scan -u filename
• Changed screenshot command to run synchronously
• Config bug fixes and updates
• Change install script so that the installation of docker is not default, but is possible with a command line flag.
• Fixed bug where default workspace was missing a slash

v1.2

• Broke out the screenshot functionality to a subcommand (screenshots are no longer taken automatically)
• Switched screenshot engine to Aquatone
• All scan tool output is parsed for URL's, and if the URL is in-scope, it is added to the DB
• Updated to new amass 3.0.3
• Added user configuration options in config file, including:
  • number of concurrent celery tasks
  • max number of screenshots per host
  • Report port number
• Added user defined substitutions in config file
• added some new commands
  • wappalyzer cli
  • wayback machine lookup
  • updated whatweb parsing
• removed sqlmap from the default config.ini

v1.2 beta

• Addition of a screenshot command (screenshots are no longer taken automatically.
• Switched screenshot engine to Aquatone
• Updated to new amass 3.0.3
• Added user configuration options in config file, including # of concurrent celery tasks, max number of screenshots, and report port number
• added some new commands (wappalyzer cli, wayback machine query, updated whatweb parsing)

A few small bug fixes and feature updates

Features

• celerystalk now adds any http service detected with nmap to the the paths table even before running scan tools
• Removed cmsmap from default install

Bugs

• Removed pin for specific Redis version which was needed earlier but started to cause an issue
• Fixed nmap output file path

Fix bug in subdomains command

Bug was introduced when -c flag was added giving users the ability to specify their own config. This release fixes the bug.

Workspaces, VAPT/BB mode, New Report, Backup/Restore, Nmap, & more

Workspaces - Introduce the concept of workspaces. You can import your in scope hosts, out of scope hosts, scan files, etc, and then take a look at your workspace BEFORE you launch any scans

Workspace modes - Vulnerability Assessment and Penetration Testing Mode & Bug Bounty mode.

[Vulnerability Assessment Mode]

• In VAPT mode, IP addresses/ranges/CIDRs define scope.
• Subdomains that match an in-scope IP are also added to scope

[Bug Bounty Mode]

• In BB mode, all subdomains found with celerystalk or manually imported are marked in scope.
• You can exclude hosts from scope

Major report upgrades - Introduced collapsible elements and command filtering. You can now see all instance of the same tool against all hosts very easily.

Backup/Restore - Introduce Backup/Restore function

Nmap - Run nmap against all in scope hosts from within celelerystalk (optional)