Workflow Overview

Workflows are YAML files that define automated scanning pipelines.

Basic Structure

Module

kind: module                    # Type: module or flow
name: my-workflow               # Unique workflow name
description: What it does       # Human-readable description
tags:                           # Optional categorization
  - reconnaissance
  - subdomain

params:                         # Input parameters
  - name: target
    required: true

runner: host                    # Execution environment
runner_config: {}               # Runner options

trigger:                        # Scheduling options
  - name: daily
    on: cron
    schedule: "0 2 * * *"

steps:                          # Execution steps
  - name: step-one
    type: bash
    command: echo "Hello"

Flow

kind: flow
name: my-pipeline
description: Multi-module pipeline

params:
  - name: target
    required: true

modules:                        # Module references
  - name: recon
    path: modules/recon.yaml
  - name: scan
    path: modules/scan.yaml
    depends_on: [recon]

Field Reference

Top-Level Fields

Field	Required	Description
`kind`	Yes	`module` or `flow`
`name`	Yes	Unique workflow identifier
`description`	No	Human-readable description
`tags`	No	Array of category tags
`params`	No	Input parameter definitions
`runner`	No	Default runner type (`host`, `docker`, `ssh`)
`runner_config`	No	Runner configuration object
`trigger`	No	Scheduling trigger definitions
`steps`	Module	List of execution steps
`modules`	Flow	List of module references

Parameters

params:
  - name: target              # Parameter name (required)
    required: true            # Must be provided (default: false)
    default: ""               # Default value
    description: Target domain

Use in templates as {{target}}.

Workflow Kinds

Module Workflows

For single, focused tasks:

kind: module
name: subdomain-enum

params:
  - name: target
    required: true

steps:
  - name: subfinder
    type: bash
    command: subfinder -d {{target}} -o {{Output}}/subs.txt

  - name: amass
    type: bash
    command: amass enum -passive -d {{target}} >> {{Output}}/subs.txt

  - name: dedupe
    type: bash
    command: sort -u {{Output}}/subs.txt -o {{Output}}/subdomains.txt

Flow Workflows

For multi-stage pipelines:

kind: flow
name: full-recon

params:
  - name: target
    required: true

modules:
  - name: subdomain-enum
    path: modules/subdomain-enum.yaml

  - name: http-probe
    path: modules/http-probe.yaml
    depends_on: [subdomain-enum]

  - name: screenshot
    path: modules/screenshot.yaml
    depends_on: [http-probe]
    condition: 'fileLength("{{Output}}/live.txt") > 0'

Module References (Flows)

modules:
  - name: module-name          # Reference name
    path: modules/file.yaml    # Path to module YAML
    depends_on: [dep1, dep2]   # Wait for these modules
    condition: 'expression'    # Skip if false
    params:                    # Override parameters
      key: value

Workflow Location

Store workflows in the workflow folder (default: ~/osmedeus-base/workflows/):

workflows/
├── modules/
│   ├── subdomain-enum.yaml
│   ├── http-probe.yaml
│   └── nuclei-scan.yaml
└── flows/
    ├── basic-recon.yaml
    └── full-assessment.yaml

Running Workflows

# Run a module
osmedeus run -m subdomain-enum -t example.com

# Run a flow
osmedeus run -f full-recon -t example.com

# List available workflows
osmedeus workflow list

# Show workflow details
osmedeus workflow show subdomain-enum

# Validate workflow
osmedeus workflow validate subdomain-enum

Validation Rules

The parser validates:

Required fields: kind, name, steps (module) or modules (flow)
Valid kind: Must be module or flow
Step names: Each step must have a unique name
Step types: Must be valid (bash, function, foreach, etc.)
Module paths: Referenced modules must exist (flows)
Circular dependencies: No cycles in dependency graph (flows)

Best Practices

One task per module - Keep modules focused
Use flows for pipelines - Orchestrate with dependencies
Descriptive names - subdomain-enum not step1
Document parameters - Add descriptions
Use tags - Enable filtering

Next Steps

Step Types - All step types
Flows - Module orchestration
Variables - Parameters and exports
Control Flow - Conditions and routing

Getting Started

Advanced Configuration

Concepts

Workflows

CLI Usage

Functions

Extending

Advanced

Reference

API Server

Endpoint examples

Basic Structure

Module

Flow

Field Reference

Top-Level Fields

Parameters

Tags

Workflow Kinds

Module Workflows

Flow Workflows

Module References (Flows)

Workflow Location

Running Workflows

Validation Rules

Best Practices

Next Steps

Getting Started

Advanced Configuration

Concepts

Workflows

CLI Usage

Functions

Extending

Advanced

Reference

API Server

Endpoint examples

​Basic Structure

​Module

​Flow

​Field Reference

​Top-Level Fields

​Parameters

​Tags

​Workflow Kinds

​Module Workflows

​Flow Workflows

​Module References (Flows)

​Workflow Location

​Running Workflows

​Validation Rules

​Best Practices

​Next Steps

Basic Structure

Module

Flow

Field Reference

Top-Level Fields

Parameters

Tags

Workflow Kinds

Module Workflows

Flow Workflows

Module References (Flows)

Workflow Location

Running Workflows

Validation Rules

Best Practices

Next Steps