The Problem We All Face
Let's be honest: when you're in the middle of a penetration test or red team engagement, the last thing you want to do is wrestle with boilerplate code. You need to scan, exploit, and report — fast.
Python is great, but:
You need to install dependencies
Virtual environments everywhere
"It works on my machine" syndrome
GUI tools? That means Electron (hello, 200MB hello world)
Bash is powerful but... let's not talk about parsing JSON.
Enter Spectator — a new programming language built from the ground up for cybersecurity work.
What Is Spectator?
Spectator is an interpreted scripting language (written in Go) that puts security operations front and center.
Example
# This is all it takes to recon a target
target = "scanme.nmap.org"
ips = resolve(target)
Trace("IPs: " --> join(ips, ", "))
do --> PortScan(target, 1, 1024)
do --> SSLInfo(target)
Your First Spectator Tool: A Smart Port Scanner
Step 1: Installation
Download the binary from releases:
Linux/macOS
chmod +x spectator
./spectator version
Windows
Spectator.exe version
Step 2: Create Your First Script
Save this as smart_scan.str
target = Capture("Target IP or domain: ")
Trace("\n[+] Scanning: " --> target)
## Define common ports and their services
ports = [21, 22, 23, 25, 80, 443, 445, 3306, 3389, 5432, 8080, 8443, 27017]
svcs = {
"21": "FTP", "22": "SSH", "23": "Telnet", "25": "SMTP",
"80": "HTTP", "443": "HTTPS", "445": "SMB", "3306": "MySQL",
"3389": "RDP", "5432": "PostgreSQL", "8080": "HTTP-Alt", "8443": "HTTPS-Alt",
"27017": "MongoDB"
}
open_ports = []
results = {}
Trace("\n[+] Scanning ports...\n")
each port : ports {
if hasPort(target, port) {
service = svcs[str(port)]
Trace(" OPEN " --> str(port) --> " (" --> service --> ")")
## Store results
open_ports = append(open_ports, port)
results[str(port)] = service
## Grab banner if it's HTTP/HTTPS
if port == 80 or port == 443 or port == 8080 or port == 8443 {
proto = "https"
if port == 80 or port == 8080 { proto = "http" }
url = proto --> "://" --> target --> ":" --> str(port)
Trace(" → Grabbing banner from " --> url)
resp = http("GET", url, {"timeout": 3000, "follow": false})
server = httpHeader(resp, "server")
if server != "" {
Trace(" → Server: " --> server)
results[str(port) --> "_banner"] = server
}
}
}
}
## Generate report
Trace("\n[+] Summary:")
Trace(" Open ports found: " --> str(len(open_ports)))
Trace(" Results saved to scan_results.json and scan_report.html")
## Save JSON output
json_data = jsonStr(results)
writeFile("scan_results.json", json_data)
## Create HTML report
html = "<html><head><title>Scan Report - " --> target --> "</title>"
html = html --> "<style>body{font-family:monospace;background:#0a0f1a;color:#e2e8f0;padding:20px}"
html = html --> "h1{color:#00d4aa} table{border-collapse:collapse;width:100%}"
html = html --> "th,td{border:1px solid #334155;padding:8px;text-align:left}"
html = html --> "th{background:#1e293b}</style></head><body>"
html = html --> "<h1> Spectator Scan Report</h1>"
html = html --> "<p><strong>Target:</strong> " --> target --> "</p>"
html = html --> "<p><strong>Timestamp:</strong> " --> now() --> "</p>"
html = html --> "<h2> Open Ports</h2><table><tr><th>Port</th><th>Service</th><th>Banner</th></tr>"
each port : open_ports {
port_str = str(port)
service = results[port_str]
banner = ""
if hasKey(results, port_str --> "_banner") {
banner = results[port_str --> "_banner"]
} else {
banner = "-"
}
html = html --> "<tr><td>" --> port_str --> "</td><td>" --> service --> "</td><td>" --> banner --> "</td></tr>"
}
html = html --> "</table><hr><p><i>Generated by Spectator - See Everything. Miss Nothing.</i></p></body></html>"
writeFile("scan_report.html", html)
Trace("\n[+] Done! Open scan_report.html in your browser.")
Step 3: Run Your Tool
spectator run smart_scan.str
That's it. No dependencies, no virtual environments, no "pip install requests." Just run.
Level Up: Adding a GUI
Here's where Spectator gets really interesting. Let's wrap that scanner in a native GUI:
#Import Spec.GUI
open.window({
"title": "Spectator Port Scanner",
"width": 900,
"height": 700,
"bg": "#0a0f1a",
"accent": "#00d4aa"
})
GUI.header("Spectator Port Scanner")
GUI.input("target", "Enter target (IP or domain)...")
GUI.button("Start Scan", "scan", {"color": "#00d4aa"})
GUI.output("results", {"height": 500})
GUI.on("scan", func() {
target = GUI.get("target")
if target == "" {
GUI.alert("Please enter a target")
return
}
GUI.clear("results")
GUI.print("results", "[+] Scanning: " --> target)
GUI.print("results", "[+] Checking common ports...")
ports = [21, 22, 23, 25, 80, 443, 445, 3306, 3389, 5432, 8080, 8443]
each port : ports {
if hasPort(target, port) {
GUI.print("results", " ✓ Port " --> str(port) --> " is OPEN")
} else {
GUI.print("results", " ✗ Port " --> str(port) --> " is closed")
}
}
GUI.print("results", "\n[+] Scan complete!")
})
end()
Build
# Windows executable
spectator build scanner.str to PortScanner.exe for windows
# Linux binary
spectator build scanner.str to portscanner for linux
# macOS (Intel)
spectator build scanner.str to PortScanner for mac
Your users don't need Spectator installed. The binary is completely self-contained.
*GUI available only for windows.
The Built-in Modules That Shine
After playing with Spectator, here are the modules I found most useful:
Recon
ips = resolve("target.com")
whois = WHOIs("target.com")
geo = GeoIP("8.8.8.8")
subs = SubdomainEnum("target.com", "wordlist.txt")
Web Testing
headers = HeaderAudit("https://target.com")
tech = TechDetect("https://target.com")
sqli_test = SQLiTest("https://target.com/page?id=1")
Mission Reporting
m = missionStart("Web App Pentest", "target.com")
missionStage(m, "Recon")
missionFind(m, "HIGH", "Missing CSP header", "XSS possible")
missionFind(m, "CRITICAL", "SQLi in login form", "Auth bypass")
missionEnd(m)
missionReport(m, "pentest_report.html")
The Package Manager: Space
Installing community libraries is straightforward and secure:
spectator space get ghost
spectator space verify ghost
#Import ghost
ghost_full("target.com") # Full OSINT sweep
Who Is This For?
Penetration testers who want to automate repetitive tasks without fighting tooling.
Red teamers who need quick, reliable scripts that work everywhere (thanks to standalone binaries).
Bug bounty hunters who want to build custom scanners without dependency hell.
Security researchers who need to prototype attack techniques rapidly.
Tool builders who want to distribute GUI security tools without Electron bloat.
Getting Started Today
# 1. Download
wget https://github.com/CzaxStudio/Spectator/releases/latest/download/spectator-linux
chmod +x spectator-linux
# 2. Run REPL
./spectator-linux repl
# 3. Try hello world
Trace("Hello, Spectator!")
# 4. Install a library
./spectator-linux space get coffee
# 5. Build something
./spectator-linux build mytool.str to scanner
Documentation: spectatorlang.pages.dev
GitHub: github.com/CzaxStudio/Spectator
Examples: Check the examples/ directory in the repo
Final Thoughts
Is Spectator going to replace Python for security work? Not tomorrow. But it's solving real problems that Python has ignored for years — dependency management, cross-platform GUI apps, and built-in security primitives.
For pentesters tired of the "pip install → version conflict → break everything" cycle, Spectator is a breath of fresh air. And at 7 stars on GitHub (as of writing), you can get in on the ground floor.
Try it on your next CTF or internal tool. You might be surprised how fast you can go from idea to working executable.
Thanks
What tools would you build with a language like this? Drop a comment below!
Follow for more: I'll be posting Spectator tutorials, security tools, and red team automation scripts in the coming weeks.
Spectator v2.0.0 — "See Everything. Miss Nothing."
This article was originally published by DEV Community and written by Czax225.
Read original article on DEV Community