Merge branch 'dev' into pr/6261

.goreleaser.yml

@@ -38,9 +38,9 @@ builds:
 #  goarch: [amd64]
 
 archives:
-  - format: zip
+  - formats: [zip]
     id: nuclei
-    builds: [nuclei-cli]
+    ids: [nuclei-cli]
     name_template: '{{ .ProjectName }}_{{ .Version }}_{{ if eq .Os "darwin" }}macOS{{ else }}{{ .Os }}{{ end }}_{{ .Arch }}'
 
 checksum:

README_KR.md

@@ -341,7 +341,7 @@ Nuclei를 사용하면 자체 검사 모음으로 테스트 접근 방식을 사
 - 몇 분 안에 수천 개의 호스트를 처리할 수 있음.
 - 간단한 YAML DSL로 사용자 지정 테스트 접근 방식을 쉽게 자동화할 수 있음.
 
-버그 바운티 워크플로에 맞는 다른 오픈 소스 프로젝트를 확인할 수 있습니다.: [github.com/projectdiscovery](http://github.com/projectdiscovery), 또한, 우리는 매일 [Chaos에서 DNS 데이터를 갱신해 호스팅합니다.](http://chaos.projectdiscovery.io).
+버그 바운티 워크플로에 맞는 다른 오픈 소스 프로젝트를 확인할 수 있습니다.: [github.com/projectdiscovery](http://github.com/projectdiscovery), 또한, 우리는 매일 [Chaos에서 DNS 데이터를 갱신해 호스팅합니다](http://chaos.projectdiscovery.io).
 
 </td>
 </tr>

cmd/docgen/docgen.go

@@ -19,7 +19,9 @@ func writeToFile(filename string, data []byte) {
 	if err != nil {
 		log.Fatalf("Could not create file %s: %s\n", filename, err)
 	}
-	defer file.Close()
+	defer func() {
+		_ = file.Close()
+	}()
 
 	_, err = file.Write(data)
 	if err != nil {

cmd/functional-test/main.go

@@ -41,7 +41,9 @@ func runFunctionalTests(debug bool) (error, bool) {
 	if err != nil {
 		return errors.Wrap(err, "could not open test cases"), true
 	}
-	defer file.Close()
+	defer func() {
+         _ = file.Close()
+       }()
 
 	errored, failedTestCases := runTestCases(file, debug)
 

cmd/generate-checksum/main.go

@@ -23,7 +23,9 @@ func main() {
 	if err != nil {
 		log.Fatalf("Could not create file: %s\n", err)
 	}
-	defer file.Close()
+	defer func() {
+		_ = file.Close()
+	}()
 
 	err = filepath.WalkDir(templatesDirectory, func(path string, d fs.DirEntry, err error) error {
 		if err != nil || d.IsDir() {

cmd/integration-test/custom-dir.go

@@ -18,7 +18,9 @@ func (h *customConfigDirTest) Execute(filePath string) error {
 	if err != nil {
 		return err
 	}
-	defer os.RemoveAll(customTempDirectory)
+	defer func() {
+		_ = os.RemoveAll(customTempDirectory)
+	}()
 	results, err := testutils.RunNucleiBareArgsAndGetResults(debug, []string{"NUCLEI_CONFIG_DIR=" + customTempDirectory}, "-t", filePath, "-u", "8x8exch02.8x8.com")
 	if err != nil {
 		return err

cmd/integration-test/dsl.go

@@ -21,7 +21,7 @@ type dslVersionWarning struct{}
 func (d *dslVersionWarning) Execute(templatePath string) error {
 	router := httprouter.New()
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprintf(w, "DSL version parsing warning test")
+		_, _ = fmt.Fprintf(w, "DSL version parsing warning test")
 	})
 	ts := httptest.NewServer(router)
 	defer ts.Close()
@@ -37,7 +37,7 @@ type dslShowVersionWarning struct{}
 func (d *dslShowVersionWarning) Execute(templatePath string) error {
 	router := httprouter.New()
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprintf(w, "DSL version parsing warning test")
+		_, _ = fmt.Fprintf(w, "DSL version parsing warning test")
 	})
 	ts := httptest.NewServer(router)
 	defer ts.Close()

cmd/integration-test/flow.go

@@ -49,7 +49,7 @@ func (t *iterateValuesFlow) Execute(filePath string) error {
 	}
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
 		w.WriteHeader(http.StatusOK)
-		_, _ = w.Write([]byte(fmt.Sprint(testemails)))
+		_, _ = fmt.Fprint(w, testemails)
 	})
 	router.GET("/user/"+getBase64(testemails[0]), func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
 		w.WriteHeader(http.StatusOK)

cmd/integration-test/fuzz.go

@@ -55,7 +55,7 @@ func (h *httpFuzzQuery) Execute(filePath string) error {
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
 		w.Header().Set("Content-Type", "text/html")
 		value := r.URL.Query().Get("id")
-		fmt.Fprintf(w, "This is test matcher text: %v", value)
+		_, _ = fmt.Fprintf(w, "This is test matcher text: %v", value)
 	})
 	ts := httptest.NewTLSServer(router)
 	defer ts.Close()
@@ -75,7 +75,7 @@ func (h *fuzzModeOverride) Execute(filePath string) error {
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
 		w.Header().Set("Content-Type", "text/html")
 		value := r.URL.Query().Get("id")
-		fmt.Fprintf(w, "This is test matcher text: %v", value)
+		_, _ = fmt.Fprintf(w, "This is test matcher text: %v", value)
 	})
 	ts := httptest.NewTLSServer(router)
 	defer ts.Close()
@@ -120,7 +120,7 @@ func (h *fuzzTypeOverride) Execute(filePath string) error {
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
 		w.Header().Set("Content-Type", "text/html")
 		value := r.URL.Query().Get("id")
-		fmt.Fprintf(w, "This is test matcher text: %v", value)
+		_, _ = fmt.Fprintf(w, "This is test matcher text: %v", value)
 	})
 	ts := httptest.NewTLSServer(router)
 	defer ts.Close()
@@ -164,7 +164,7 @@ func (h *HeadlessFuzzingQuery) Execute(filePath string) error {
 	router := httprouter.New()
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
 		resp := fmt.Sprintf("<html><body>%s</body></html>", r.URL.Query().Get("url"))
-		fmt.Fprint(w, resp)
+		_, _ = fmt.Fprint(w, resp)
 	})
 	ts := httptest.NewTLSServer(router)
 	defer ts.Close()
@@ -190,7 +190,7 @@ func (h *fuzzMultipleMode) Execute(filePath string) error {
 		}
 		w.Header().Set("Content-Type", "text/html")
 		resp := fmt.Sprintf("<html><body><h1>This is multi-mode fuzzing test: %v <h1></body></html>", xClientId)
-		fmt.Fprint(w, resp)
+		_, _ = fmt.Fprint(w, resp)
 	})
 	ts := httptest.NewTLSServer(router)
 	defer ts.Close()

cmd/integration-test/generic.go

@@ -82,14 +82,15 @@ func (h *clientCertificate) Execute(filePath string) error {
 			return
 		}
 
-		fmt.Fprintf(w, "Hello, %s!\n", r.TLS.PeerCertificates[0].Subject)
+		_, _ = fmt.Fprintf(w, "Hello, %s!\n", r.TLS.PeerCertificates[0].Subject)
 	})
 
 	_ = os.WriteFile("server.crt", []byte(serverCRT), permissionutil.ConfigFilePermission)
 	_ = os.WriteFile("server.key", []byte(serverKey), permissionutil.ConfigFilePermission)
-	defer os.Remove("server.crt")
-	defer os.Remove("server.key")
-
+	defer func() {
+		_ = os.Remove("server.crt")
+		_ = os.Remove("server.key")
+	}()
 	serverCert, _ := tls.LoadX509KeyPair("server.crt", "server.key")
 
 	certPool := x509.NewCertPool()

cmd/integration-test/headless.go

@@ -178,7 +178,9 @@ func (h *headlessFileUpload) Execute(filePath string) error {
 			return
 		}
 
-		defer file.Close()
+		defer func() {
+          _ = file.Close()
+        }()
 
 		content, err := io.ReadAll(file)
 		if err != nil {
@@ -235,7 +237,9 @@ func (h *headlessFileUploadNegative) Execute(filePath string) error {
 			return
 		}
 
-		defer file.Close()
+		defer func() {
+          _ = file.Close()
+        }()
 
 		content, err := io.ReadAll(file)
 		if err != nil {

cmd/integration-test/http.go

@@ -108,7 +108,7 @@ func (h *httpMatcherExtractorDynamicExtractor) Execute(filePath string) error {
     <a href="/domains">Domains</a>
 </body>
 </html>`
-		fmt.Fprint(w, html)
+		_, _ = fmt.Fprint(w, html)
 	})
 	router.GET("/domains", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
 		html := `<!DOCTYPE html>
@@ -121,7 +121,7 @@ func (h *httpMatcherExtractorDynamicExtractor) Execute(filePath string) error {
 		</body>
 		</html>
 		`
-		fmt.Fprint(w, html)
+		_, _ = fmt.Fprint(w, html)
 	})
 	ts := httptest.NewServer(router)
 	defer ts.Close()
@@ -143,7 +143,7 @@ func (h *httpInteractshRequest) Execute(filePath string) error {
 		value := r.Header.Get("url")
 		if value != "" {
 			if resp, _ := retryablehttp.DefaultClient().Get(value); resp != nil {
-				resp.Body.Close()
+				_ = resp.Body.Close()
 			}
 		}
 	})
@@ -213,7 +213,7 @@ func (h *httpInteractshStopAtFirstMatchRequest) Execute(filePath string) error {
 		value := r.Header.Get("url")
 		if value != "" {
 			if resp, _ := retryablehttp.DefaultClient().Get(value); resp != nil {
-				resp.Body.Close()
+				_ = resp.Body.Close()
 			}
 		}
 	})
@@ -235,7 +235,7 @@ func (h *httpGetHeaders) Execute(filePath string) error {
 	router := httprouter.New()
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
 		if strings.EqualFold(r.Header.Get("test"), "nuclei") {
-			fmt.Fprintf(w, "This is test headers matcher text")
+			_, _ = fmt.Fprintf(w, "This is test headers matcher text")
 		}
 	})
 	ts := httptest.NewServer(router)
@@ -256,7 +256,7 @@ func (h *httpGetQueryString) Execute(filePath string) error {
 	router := httprouter.New()
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
 		if strings.EqualFold(r.URL.Query().Get("test"), "nuclei") {
-			fmt.Fprintf(w, "This is test querystring matcher text")
+			_, _ = fmt.Fprintf(w, "This is test querystring matcher text")
 		}
 	})
 	ts := httptest.NewServer(router)
@@ -279,7 +279,7 @@ func (h *httpGetRedirects) Execute(filePath string) error {
 		http.Redirect(w, r, "/redirected", http.StatusFound)
 	})
 	router.GET("/redirected", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprintf(w, "This is test redirects matcher text")
+		_, _ = fmt.Fprintf(w, "This is test redirects matcher text")
 	})
 	ts := httptest.NewServer(router)
 	defer ts.Close()
@@ -329,7 +329,7 @@ func (h *httpDisableRedirects) Execute(filePath string) error {
 		http.Redirect(w, r, "/redirected", http.StatusMovedPermanently)
 	})
 	router.GET("/redirected", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprintf(w, "This is test redirects matcher text")
+		_, _ = fmt.Fprintf(w, "This is test redirects matcher text")
 	})
 	ts := httptest.NewServer(router)
 	defer ts.Close()
@@ -348,7 +348,7 @@ type httpGet struct{}
 func (h *httpGet) Execute(filePath string) error {
 	router := httprouter.New()
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprintf(w, "This is test matcher text")
+		_, _ = fmt.Fprintf(w, "This is test matcher text")
 	})
 	ts := httptest.NewServer(router)
 	defer ts.Close()
@@ -367,7 +367,7 @@ type httpDSLVariable struct{}
 func (h *httpDSLVariable) Execute(filePath string) error {
 	router := httprouter.New()
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprintf(w, "This is test matcher text")
+		_, _ = fmt.Fprintf(w, "This is test matcher text")
 	})
 	ts := httptest.NewServer(router)
 	defer ts.Close()
@@ -450,7 +450,7 @@ func (h *httpPostBody) Execute(filePath string) error {
 			return
 		}
 		if strings.EqualFold(r.Form.Get("username"), "test") && strings.EqualFold(r.Form.Get("password"), "nuclei") {
-			fmt.Fprintf(w, "This is test post-body matcher text")
+			_, _ = fmt.Fprintf(w, "This is test post-body matcher text")
 		}
 	})
 	ts := httptest.NewServer(router)
@@ -485,7 +485,7 @@ func (h *httpPostJSONBody) Execute(filePath string) error {
 			return
 		}
 		if strings.EqualFold(obj.Username, "test") && strings.EqualFold(obj.Password, "nuclei") {
-			fmt.Fprintf(w, "This is test post-json-body matcher text")
+			_, _ = fmt.Fprintf(w, "This is test post-json-body matcher text")
 		}
 	})
 	ts := httptest.NewServer(router)
@@ -525,7 +525,7 @@ func (h *httpPostMultipartBody) Execute(filePath string) error {
 			return
 		}
 		if strings.EqualFold(password[0], "nuclei") && strings.EqualFold(file[0].Filename, "username") {
-			fmt.Fprintf(w, "This is test post-multipart matcher text")
+			_, _ = fmt.Fprintf(w, "This is test post-multipart matcher text")
 		}
 	})
 	ts := httptest.NewServer(router)
@@ -555,12 +555,12 @@ func (h *httpRawDynamicExtractor) Execute(filePath string) error {
 			return
 		}
 		if strings.EqualFold(r.Form.Get("testing"), "parameter") {
-			fmt.Fprintf(w, "Token: 'nuclei'")
+			_, _ = fmt.Fprintf(w, "Token: 'nuclei'")
 		}
 	})
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
 		if strings.EqualFold(r.URL.Query().Get("username"), "nuclei") {
-			fmt.Fprintf(w, "Test is test-dynamic-extractor-raw matcher text")
+			_, _ = fmt.Fprintf(w, "Test is test-dynamic-extractor-raw matcher text")
 		}
 	})
 	ts := httptest.NewServer(router)
@@ -584,7 +584,7 @@ func (h *httpRawGetQuery) Execute(filePath string) error {
 	router := httprouter.New()
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
 		if strings.EqualFold(r.URL.Query().Get("test"), "nuclei") {
-			fmt.Fprintf(w, "Test is test raw-get-query-matcher text")
+			_, _ = fmt.Fprintf(w, "Test is test raw-get-query-matcher text")
 		}
 	})
 	ts := httptest.NewServer(router)
@@ -604,7 +604,7 @@ type httpRawGet struct{}
 func (h *httpRawGet) Execute(filePath string) error {
 	router := httprouter.New()
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprintf(w, "Test is test raw-get-matcher text")
+		_, _ = fmt.Fprintf(w, "Test is test raw-get-matcher text")
 	})
 	ts := httptest.NewServer(router)
 	defer ts.Close()
@@ -633,7 +633,7 @@ func (h *httpRawWithParams) Execute(filePath string) error {
 		if !reflect.DeepEqual(params["key2"], []string{"value2"}) {
 			errx = errorutil.WrapfWithNil(errx, "expected %v, got %v", []string{"value2"}, params["key2"])
 		}
-		fmt.Fprintf(w, "Test is test raw-params-matcher text")
+		_, _ = fmt.Fprintf(w, "Test is test raw-params-matcher text")
 	})
 	ts := httptest.NewServer(router)
 	defer ts.Close()
@@ -685,11 +685,11 @@ func (h *httpRawPayload) Execute(filePath string) error {
 			routerErr = err
 			return
 		}
-		if !(strings.EqualFold(r.Header.Get("another_header"), "bnVjbGVp") || strings.EqualFold(r.Header.Get("another_header"), "Z3Vlc3Q=")) {
+		if !strings.EqualFold(r.Header.Get("another_header"), "bnVjbGVp") && !strings.EqualFold(r.Header.Get("another_header"), "Z3Vlc3Q=") {
 			return
 		}
 		if strings.EqualFold(r.Form.Get("username"), "test") && (strings.EqualFold(r.Form.Get("password"), "nuclei") || strings.EqualFold(r.Form.Get("password"), "guest")) {
-			fmt.Fprintf(w, "Test is raw-payload matcher text")
+			_, _ = fmt.Fprintf(w, "Test is raw-payload matcher text")
 		}
 	})
 	ts := httptest.NewServer(router)
@@ -719,7 +719,7 @@ func (h *httpRawPostBody) Execute(filePath string) error {
 			return
 		}
 		if strings.EqualFold(r.Form.Get("username"), "test") && strings.EqualFold(r.Form.Get("password"), "nuclei") {
-			fmt.Fprintf(w, "Test is test raw-post-body-matcher text")
+			_, _ = fmt.Fprintf(w, "Test is test raw-post-body-matcher text")
 		}
 	})
 	ts := httptest.NewServer(router)
@@ -829,10 +829,7 @@ func (h *httpPaths) Execute(filepath string) error {
 	}
 
 	if len(expected) > len(actual) {
-		actualValuesIndex := len(actual) - 1
-		if actualValuesIndex < 0 {
-			actualValuesIndex = 0
-		}
+		actualValuesIndex := max(len(actual)-1, 0)
 		return fmt.Errorf("missing values : %v", expected[actualValuesIndex:])
 	} else if len(expected) < len(actual) {
 		return fmt.Errorf("unexpected values : %v", actual[len(expected)-1:])
@@ -872,7 +869,7 @@ func (h *httpRawCookieReuse) Execute(filePath string) error {
 		}
 
 		if strings.EqualFold(cookie.Value, "test") {
-			fmt.Fprintf(w, "Test is test-cookie-reuse matcher text")
+			_, _ = fmt.Fprintf(w, "Test is test-cookie-reuse matcher text")
 		}
 	})
 	ts := httptest.NewServer(router)
@@ -950,7 +947,9 @@ func (h *httpRequestSelfContained) Execute(filePath string) error {
 	go func() {
 		_ = server.ListenAndServe()
 	}()
-	defer server.Close()
+	defer func() {
+         _ = server.Close()
+       }()
 
 	results, err := testutils.RunNucleiTemplateAndGetResults(filePath, "", debug, "-esc")
 	if err != nil {
@@ -986,7 +985,9 @@ func (h *httpRequestSelfContainedWithParams) Execute(filePath string) error {
 	go func() {
 		_ = server.ListenAndServe()
 	}()
-	defer server.Close()
+	defer func() {
+         _ = server.Close()
+       }()
 
 	results, err := testutils.RunNucleiTemplateAndGetResults(filePath, "", debug, "-esc")
 	if err != nil {
@@ -1019,7 +1020,9 @@ func (h *httpRequestSelfContainedFileInput) Execute(filePath string) error {
 	go func() {
 		_ = server.ListenAndServe()
 	}()
-	defer server.Close()
+	defer func() {
+         _ = server.Close()
+       }()
 
 	// create temp file
 	FileLoc, err := os.CreateTemp("", "self-contained-payload-*.txt")
@@ -1029,7 +1032,9 @@ func (h *httpRequestSelfContainedFileInput) Execute(filePath string) error {
 	if _, err := FileLoc.Write([]byte("one\ntwo\n")); err != nil {
 		return errorutil.NewWithErr(err).Msgf("failed to write payload to temp file")
 	}
-	defer FileLoc.Close()
+	defer func() {
+         _ = FileLoc.Close()
+       }()
 
 	results, err := testutils.RunNucleiTemplateAndGetResults(filePath, "", debug, "-V", "test="+FileLoc.Name(), "-esc")
 	if err != nil {
@@ -1052,7 +1057,7 @@ type httpGetCaseInsensitive struct{}
 func (h *httpGetCaseInsensitive) Execute(filePath string) error {
 	router := httprouter.New()
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprintf(w, "THIS IS TEST MATCHER TEXT")
+		_, _ = fmt.Fprintf(w, "THIS IS TEST MATCHER TEXT")
 	})
 	ts := httptest.NewServer(router)
 	defer ts.Close()
@@ -1071,7 +1076,7 @@ type httpGetCaseInsensitiveCluster struct{}
 func (h *httpGetCaseInsensitiveCluster) Execute(filesPath string) error {
 	router := httprouter.New()
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprintf(w, "This is test matcher text")
+		_, _ = fmt.Fprintf(w, "This is test matcher text")
 	})
 	ts := httptest.NewServer(router)
 	defer ts.Close()
@@ -1154,7 +1159,7 @@ type httpStopAtFirstMatch struct{}
 func (h *httpStopAtFirstMatch) Execute(filePath string) error {
 	router := httprouter.New()
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprintf(w, "This is test")
+		_, _ = fmt.Fprintf(w, "This is test")
 	})
 	ts := httptest.NewServer(router)
 	defer ts.Close()
@@ -1173,7 +1178,7 @@ type httpStopAtFirstMatchWithExtractors struct{}
 func (h *httpStopAtFirstMatchWithExtractors) Execute(filePath string) error {
 	router := httprouter.New()
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprintf(w, "This is test")
+		_, _ = fmt.Fprintf(w, "This is test")
 	})
 	ts := httptest.NewServer(router)
 	defer ts.Close()
@@ -1192,7 +1197,7 @@ type httpVariables struct{}
 func (h *httpVariables) Execute(filePath string) error {
 	router := httprouter.New()
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprintf(w, "%s\n%s\n%s", r.Header.Get("Test"), r.Header.Get("Another"), r.Header.Get("Email"))
+		_, _ = fmt.Fprintf(w, "%s\n%s\n%s", r.Header.Get("Test"), r.Header.Get("Another"), r.Header.Get("Email"))
 	})
 	ts := httptest.NewServer(router)
 	defer ts.Close()
@@ -1294,7 +1299,7 @@ func (h *httpRedirectMatchURL) Execute(filePath string) error {
 		_, _ = w.Write([]byte("This is test redirects matcher text"))
 	})
 	router.GET("/redirected", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprintf(w, "This is test redirects matcher text")
+		_, _ = fmt.Fprintf(w, "This is test redirects matcher text")
 	})
 	ts := httptest.NewServer(router)
 	defer ts.Close()
@@ -1342,7 +1347,7 @@ func (h *annotationTimeout) Execute(filePath string) error {
 	router := httprouter.New()
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
 		time.Sleep(4 * time.Second)
-		fmt.Fprintf(w, "This is test matcher text")
+		_, _ = fmt.Fprintf(w, "This is test matcher text")
 	})
 	ts := httptest.NewTLSServer(router)
 	defer ts.Close()
@@ -1362,7 +1367,7 @@ func (h *customAttackType) Execute(filePath string) error {
 	got := []string{}
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
 		got = append(got, r.URL.RawQuery)
-		fmt.Fprintf(w, "This is test custom payload")
+		_, _ = fmt.Fprintf(w, "This is test custom payload")
 	})
 	ts := httptest.NewTLSServer(router)
 	defer ts.Close()
@@ -1410,7 +1415,7 @@ func (h *httpCLBodyWithoutHeader) Execute(filePath string) error {
 	router := httprouter.New()
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
 		w.Header()["Content-Length"] = []string{"-1"}
-		fmt.Fprintf(w, "this is a test")
+		_, _ = fmt.Fprintf(w, "this is a test")
 	})
 	ts := httptest.NewTLSServer(router)
 	defer ts.Close()
@@ -1430,7 +1435,7 @@ func (h *httpCLBodyWithHeader) Execute(filePath string) error {
 	router := httprouter.New()
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
 		w.Header()["Content-Length"] = []string{"50000"}
-		fmt.Fprintf(w, "this is a test")
+		_, _ = fmt.Fprintf(w, "this is a test")
 	})
 	ts := httptest.NewTLSServer(router)
 	defer ts.Close()
@@ -1449,7 +1454,7 @@ type ConstantWithCliVar struct{}
 func (h *ConstantWithCliVar) Execute(filePath string) error {
 	router := httprouter.New()
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprint(w, r.URL.Query().Get("p"))
+		_, _ = fmt.Fprint(w, r.URL.Query().Get("p"))
 	})
 	ts := httptest.NewTLSServer(router)
 	defer ts.Close()
@@ -1486,10 +1491,10 @@ type httpDisablePathAutomerge struct{}
 func (h *httpDisablePathAutomerge) Execute(filePath string) error {
 	router := httprouter.New()
 	router.GET("/api/v1/test", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprint(w, r.URL.Query().Get("id"))
+		_, _ = fmt.Fprint(w, r.URL.Query().Get("id"))
 	})
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprint(w, "empty path in raw request")
+		_, _ = fmt.Fprint(w, "empty path in raw request")
 	})
 
 	ts := httptest.NewServer(router)
@@ -1523,10 +1528,10 @@ func (h *httpPreprocessor) Execute(filePath string) error {
 		value := r.URL.RequestURI()
 		if re.MatchString(value) {
 			w.WriteHeader(http.StatusOK)
-			fmt.Fprint(w, "ok")
+			_, _ = fmt.Fprint(w, "ok")
 		} else {
 			w.WriteHeader(http.StatusBadRequest)
-			fmt.Fprint(w, "not ok")
+			_, _ = fmt.Fprint(w, "not ok")
 		}
 	})
 	ts := httptest.NewServer(router)
@@ -1547,11 +1552,11 @@ func (h *httpMultiRequest) Execute(filePath string) error {
 	router := httprouter.New()
 	router.GET("/ping", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
 		w.WriteHeader(http.StatusOK)
-		fmt.Fprint(w, "ping")
+		_, _ = fmt.Fprint(w, "ping")
 	})
 	router.GET("/pong", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
 		w.WriteHeader(http.StatusOK)
-		fmt.Fprint(w, "pong")
+		_, _ = fmt.Fprint(w, "pong")
 	})
 	ts := httptest.NewServer(router)
 	defer ts.Close()

cmd/integration-test/integration-test.go

@@ -89,7 +89,9 @@ func main() {
 	// start fuzz playground server
 	defer fuzzplayground.Cleanup()
 	server := fuzzplayground.GetPlaygroundServer()
-	defer server.Close()
+	defer func() {
+         _ = server.Close()
+       }()
 	go func() {
 		if err := server.Start("localhost:8082"); err != nil {
 			if !strings.Contains(err.Error(), "Server closed") {

cmd/integration-test/library.go

@@ -48,9 +48,9 @@ func (h *goIntegrationTest) Execute(templatePath string) error {
 	router := httprouter.New()
 
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprintf(w, "This is test matcher text")
+		_, _ = fmt.Fprintf(w, "This is test matcher text")
 		if strings.EqualFold(r.Header.Get("test"), "nuclei") {
-			fmt.Fprintf(w, "This is test headers matcher text")
+			_, _ = fmt.Fprintf(w, "This is test headers matcher text")
 		}
 	})
 	ts := httptest.NewServer(router)

cmd/integration-test/loader.go

@@ -31,9 +31,9 @@ func (h *remoteTemplateList) Execute(templateList string) error {
 	router := httprouter.New()
 
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprintf(w, "This is test matcher text")
+		_, _ = fmt.Fprintf(w, "This is test matcher text")
 		if strings.EqualFold(r.Header.Get("test"), "nuclei") {
-			fmt.Fprintf(w, "This is test headers matcher text")
+			_, _ = fmt.Fprintf(w, "This is test headers matcher text")
 		}
 	})
 
@@ -55,7 +55,9 @@ func (h *remoteTemplateList) Execute(templateList string) error {
 	if err != nil {
 		return err
 	}
-	defer os.Remove("test-config.yaml")
+	defer func() {
+		_ = os.Remove("test-config.yaml")
+	}()
 
 	results, err := testutils.RunNucleiBareArgsAndGetResults(debug, nil, "-target", ts.URL, "-template-url", ts.URL+"/template_list", "-config", "test-config.yaml")
 	if err != nil {
@@ -72,9 +74,9 @@ func (h *excludedTemplate) Execute(templateList string) error {
 	router := httprouter.New()
 
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprintf(w, "This is test matcher text")
+		_, _ = fmt.Fprintf(w, "This is test matcher text")
 		if strings.EqualFold(r.Header.Get("test"), "nuclei") {
-			fmt.Fprintf(w, "This is test headers matcher text")
+			_, _ = fmt.Fprintf(w, "This is test headers matcher text")
 		}
 	})
 	ts := httptest.NewServer(router)
@@ -95,9 +97,9 @@ func (h *remoteTemplateListNotAllowed) Execute(templateList string) error {
 	router := httprouter.New()
 
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprintf(w, "This is test matcher text")
+		_, _ = fmt.Fprintf(w, "This is test matcher text")
 		if strings.EqualFold(r.Header.Get("test"), "nuclei") {
-			fmt.Fprintf(w, "This is test headers matcher text")
+			_, _ = fmt.Fprintf(w, "This is test headers matcher text")
 		}
 	})
 
@@ -130,9 +132,9 @@ func (h *remoteWorkflowList) Execute(workflowList string) error {
 	router := httprouter.New()
 
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprintf(w, "This is test matcher text")
+		_, _ = fmt.Fprintf(w, "This is test matcher text")
 		if strings.EqualFold(r.Header.Get("test"), "nuclei") {
-			fmt.Fprintf(w, "This is test headers matcher text")
+			_, _ = fmt.Fprintf(w, "This is test headers matcher text")
 		}
 	})
 
@@ -154,7 +156,9 @@ func (h *remoteWorkflowList) Execute(workflowList string) error {
 	if err != nil {
 		return err
 	}
-	defer os.Remove("test-config.yaml")
+	defer func() {
+		_ = os.Remove("test-config.yaml")
+	}()
 
 	results, err := testutils.RunNucleiBareArgsAndGetResults(debug, nil, "-target", ts.URL, "-workflow-url", ts.URL+"/workflow_list", "-config", "test-config.yaml")
 	if err != nil {
@@ -177,7 +181,9 @@ func (h *nonExistentTemplateList) Execute(nonExistingTemplateList string) error
 	if err != nil {
 		return err
 	}
-	defer os.Remove("test-config.yaml")
+	defer func() {
+		_ = os.Remove("test-config.yaml")
+	}()
 
 	_, err = testutils.RunNucleiBareArgsAndGetResults(debug, nil, "-target", ts.URL, "-template-url", ts.URL+"/404", "-config", "test-config.yaml")
 	if err == nil {
@@ -200,7 +206,9 @@ func (h *nonExistentWorkflowList) Execute(nonExistingWorkflowList string) error
 	if err != nil {
 		return err
 	}
-	defer os.Remove("test-config.yaml")
+	defer func() {
+		_ = os.Remove("test-config.yaml")
+	}()
 
 	_, err = testutils.RunNucleiBareArgsAndGetResults(debug, nil, "-target", ts.URL, "-workflow-url", ts.URL+"/404", "-config", "test-config.yaml")
 	if err == nil {

cmd/integration-test/network.go

@@ -33,7 +33,9 @@ func (h *networkBasic) Execute(filePath string) error {
 	var routerErr error
 
 	ts := testutils.NewTCPServer(nil, defaultStaticPort, func(conn net.Conn) {
-		defer conn.Close()
+		defer func() {
+          _ = conn.Close()
+        }()
 
 		data, err := reader.ConnReadNWithTimeout(conn, 4, time.Duration(5)*time.Second)
 		if err != nil {
@@ -50,11 +52,11 @@ func (h *networkBasic) Execute(filePath string) error {
 
 	results, err := testutils.RunNucleiTemplateAndGetResults(filePath, ts.URL, debug)
 	if err != nil {
-		fmt.Fprintf(os.Stderr, "Could not run nuclei: %s\n", err)
+		_, _ = fmt.Fprintf(os.Stderr, "Could not run nuclei: %s\n", err)
 		return err
 	}
 	if routerErr != nil {
-		fmt.Fprintf(os.Stderr, "routerErr: %s\n", routerErr)
+		_, _ = fmt.Fprintf(os.Stderr, "routerErr: %s\n", routerErr)
 		return routerErr
 	}
 
@@ -68,7 +70,9 @@ func (h *networkMultiStep) Execute(filePath string) error {
 	var routerErr error
 
 	ts := testutils.NewTCPServer(nil, defaultStaticPort, func(conn net.Conn) {
-		defer conn.Close()
+		defer func() {
+          _ = conn.Close()
+        }()
 
 		data, err := reader.ConnReadNWithTimeout(conn, 5, time.Duration(5)*time.Second)
 		if err != nil {
@@ -114,7 +118,9 @@ type networkRequestSelContained struct{}
 // Execute executes a test case and returns an error if occurred
 func (h *networkRequestSelContained) Execute(filePath string) error {
 	ts := testutils.NewTCPServer(nil, defaultStaticPort, func(conn net.Conn) {
-		defer conn.Close()
+		defer func() {
+          _ = conn.Close()
+        }()
 
 		_, _ = conn.Write([]byte("Authentication successful"))
 	})
@@ -134,7 +140,9 @@ func (h *networkVariables) Execute(filePath string) error {
 	var routerErr error
 
 	ts := testutils.NewTCPServer(nil, defaultStaticPort, func(conn net.Conn) {
-		defer conn.Close()
+		defer func() {
+          _ = conn.Close()
+        }()
 
 		data, err := reader.ConnReadNWithTimeout(conn, 4, time.Duration(5)*time.Second)
 		if err != nil {
@@ -162,7 +170,9 @@ type networkPort struct{}
 
 func (n *networkPort) Execute(filePath string) error {
 	ts := testutils.NewTCPServer(nil, 23846, func(conn net.Conn) {
-		defer conn.Close()
+		defer func() {
+          _ = conn.Close()
+        }()
 
 		data, err := reader.ConnReadNWithTimeout(conn, 4, time.Duration(5)*time.Second)
 		if err != nil {
@@ -195,7 +205,9 @@ func (n *networkPort) Execute(filePath string) error {
 
 	// this is positive test case where we expect port to be overridden and 34567 to be used
 	ts2 := testutils.NewTCPServer(nil, 34567, func(conn net.Conn) {
-		defer conn.Close()
+		defer func() {
+          _ = conn.Close()
+        }()
 
 		data, err := reader.ConnReadNWithTimeout(conn, 4, time.Duration(5)*time.Second)
 		if err != nil {

cmd/integration-test/ssl.go

@@ -21,7 +21,9 @@ type sslBasic struct{}
 // Execute executes a test case and returns an error if occurred
 func (h *sslBasic) Execute(filePath string) error {
 	ts := testutils.NewTCPServer(&tls.Config{}, defaultStaticPort, func(conn net.Conn) {
-		defer conn.Close()
+		defer func() {
+			_ = conn.Close()
+		}()
 		data := make([]byte, 4)
 		if _, err := conn.Read(data); err != nil {
 			return
@@ -42,7 +44,9 @@ type sslBasicZtls struct{}
 // Execute executes a test case and returns an error if occurred
 func (h *sslBasicZtls) Execute(filePath string) error {
 	ts := testutils.NewTCPServer(&tls.Config{}, defaultStaticPort, func(conn net.Conn) {
-		defer conn.Close()
+		defer func() {
+			_ = conn.Close()
+		}()
 		data := make([]byte, 4)
 		if _, err := conn.Read(data); err != nil {
 			return
@@ -63,7 +67,9 @@ type sslCustomCipher struct{}
 // Execute executes a test case and returns an error if occurred
 func (h *sslCustomCipher) Execute(filePath string) error {
 	ts := testutils.NewTCPServer(&tls.Config{CipherSuites: []uint16{tls.TLS_AES_128_GCM_SHA256}}, defaultStaticPort, func(conn net.Conn) {
-		defer conn.Close()
+		defer func() {
+			_ = conn.Close()
+		}()
 		data := make([]byte, 4)
 		if _, err := conn.Read(data); err != nil {
 			return
@@ -84,7 +90,9 @@ type sslCustomVersion struct{}
 // Execute executes a test case and returns an error if occurred
 func (h *sslCustomVersion) Execute(filePath string) error {
 	ts := testutils.NewTCPServer(&tls.Config{MinVersion: tls.VersionTLS12, MaxVersion: tls.VersionTLS12}, defaultStaticPort, func(conn net.Conn) {
-		defer conn.Close()
+		defer func() {
+			_ = conn.Close()
+		}()
 		data := make([]byte, 4)
 		if _, err := conn.Read(data); err != nil {
 			return
@@ -104,7 +112,9 @@ type sslWithVars struct{}
 
 func (h *sslWithVars) Execute(filePath string) error {
 	ts := testutils.NewTCPServer(&tls.Config{}, defaultStaticPort, func(conn net.Conn) {
-		defer conn.Close()
+		defer func() {
+			_ = conn.Close()
+		}()
 		data := make([]byte, 4)
 		if _, err := conn.Read(data); err != nil {
 			return
@@ -128,7 +138,9 @@ func (h *sslMultiReq) Execute(filePath string) error {
 		MinVersion: tls.VersionSSL30,
 		MaxVersion: tls.VersionTLS11,
 	}, defaultStaticPort, func(conn net.Conn) {
-		defer conn.Close()
+		defer func() {
+			_ = conn.Close()
+		}()
 		data := make([]byte, 4)
 		if _, err := conn.Read(data); err != nil {
 			return

cmd/integration-test/template-dir.go

@@ -19,7 +19,9 @@ func (h *templateDirWithTargetTest) Execute(filePath string) error {
 	if err != nil {
 		return errorutil.NewWithErr(err).Msgf("failed to create temp dir")
 	}
-	defer os.RemoveAll(tempdir)
+	defer func() {
+		_ = os.RemoveAll(tempdir)
+	}()
 
 	results, err := testutils.RunNucleiTemplateAndGetResults(filePath, "8x8exch02.8x8.com", debug, "-ud", tempdir)
 	if err != nil {

cmd/integration-test/workflow.go

@@ -62,7 +62,7 @@ type workflowBasic struct{}
 func (h *workflowBasic) Execute(filePath string) error {
 	router := httprouter.New()
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprintf(w, "This is test matcher text")
+		_, _ = fmt.Fprintf(w, "This is test matcher text")
 	})
 	ts := httptest.NewServer(router)
 	defer ts.Close()
@@ -81,7 +81,7 @@ type workflowConditionMatched struct{}
 func (h *workflowConditionMatched) Execute(filePath string) error {
 	router := httprouter.New()
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprintf(w, "This is test matcher text")
+		_, _ = fmt.Fprintf(w, "This is test matcher text")
 	})
 	ts := httptest.NewServer(router)
 	defer ts.Close()
@@ -100,7 +100,7 @@ type workflowConditionUnmatch struct{}
 func (h *workflowConditionUnmatch) Execute(filePath string) error {
 	router := httprouter.New()
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprintf(w, "This is test matcher text")
+		_, _ = fmt.Fprintf(w, "This is test matcher text")
 	})
 	ts := httptest.NewServer(router)
 	defer ts.Close()
@@ -119,7 +119,7 @@ type workflowMatcherName struct{}
 func (h *workflowMatcherName) Execute(filePath string) error {
 	router := httprouter.New()
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprintf(w, "This is test matcher text")
+		_, _ = fmt.Fprintf(w, "This is test matcher text")
 	})
 	ts := httptest.NewServer(router)
 	defer ts.Close()
@@ -138,7 +138,7 @@ type workflowComplexConditions struct{}
 func (h *workflowComplexConditions) Execute(filePath string) error {
 	router := httprouter.New()
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprintf(w, "This is test matcher text")
+		_, _ = fmt.Fprintf(w, "This is test matcher text")
 	})
 	ts := httptest.NewServer(router)
 	defer ts.Close()
@@ -162,11 +162,11 @@ type workflowHttpKeyValueShare struct{}
 func (h *workflowHttpKeyValueShare) Execute(filePath string) error {
 	router := httprouter.New()
 	router.GET("/path1", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprintf(w, "href=\"test-value\"")
+		_, _ = fmt.Fprintf(w, "href=\"test-value\"")
 	})
 	router.GET("/path2", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
 		body, _ := io.ReadAll(r.Body)
-		fmt.Fprintf(w, "%s", body)
+		_, _ = fmt.Fprintf(w, "%s", body)
 	})
 	ts := httptest.NewServer(router)
 	defer ts.Close()
@@ -214,11 +214,11 @@ func (h *workflowMultiProtocolKeyValueShare) Execute(filePath string) error {
 	router := httprouter.New()
 	// the response of path1 contains a domain that will be extracted and shared with the second template
 	router.GET("/path1", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprintf(w, "href=\"blog.projectdiscovery.io\"")
+		_, _ = fmt.Fprintf(w, "href=\"blog.projectdiscovery.io\"")
 	})
 	// path2 responds with the value of the "extracted" query parameter, e.g.: /path2?extracted=blog.projectdiscovery.io => blog.projectdiscovery.io
 	router.GET("/path2", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprintf(w, "%s", r.URL.Query().Get("extracted"))
+		_, _ = fmt.Fprintf(w, "%s", r.URL.Query().Get("extracted"))
 	})
 	ts := httptest.NewServer(router)
 	defer ts.Close()
@@ -238,15 +238,15 @@ func (h *workflowMultiMatchKeyValueShare) Execute(filePath string) error {
 	var receivedData []string
 	router := httprouter.New()
 	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprintf(w, "This is test matcher text")
+		_, _ = fmt.Fprintf(w, "This is test matcher text")
 	})
 	router.GET("/path1", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
-		fmt.Fprintf(w, "href=\"test-value-%s\"", r.URL.Query().Get("v"))
+		_, _ = fmt.Fprintf(w, "href=\"test-value-%s\"", r.URL.Query().Get("v"))
 	})
 	router.GET("/path2", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
 		body, _ := io.ReadAll(r.Body)
 		receivedData = append(receivedData, string(body))
-		fmt.Fprintf(w, "test-value")
+		_, _ = fmt.Fprintf(w, "test-value")
 	})
 	ts := httptest.NewServer(router)
 	defer ts.Close()

cmd/nuclei/main.go

@@ -141,8 +141,8 @@ func main() {
 			}
 
 			pprof.StopCPUProfile()
-			memProfileFile.Close()
-			traceFile.Close()
+			_ = memProfileFile.Close()
+			_ = traceFile.Close()
 			trace.Stop()
 
 			runtime.MemProfileRate = oldMemProfileRate
@@ -228,7 +228,7 @@ func main() {
 	nucleiRunner.Close()
 	// on successful execution remove the resume file in case it exists
 	if fileutil.FileExists(resumeFileName) {
-		os.Remove(resumeFileName)
+		_ = os.Remove(resumeFileName)
 	}
 }
 

cmd/nuclei/main_benchmark_test.go

@@ -3,28 +3,56 @@ package main_test
 import (
 	"net/http"
 	"net/http/httptest"
+	"os"
 	"testing"
 	"time"
 
-	"github.com/projectdiscovery/goflags"
 	"github.com/projectdiscovery/gologger"
 	"github.com/projectdiscovery/gologger/levels"
 	"github.com/projectdiscovery/nuclei/v3/internal/runner"
 	"github.com/projectdiscovery/nuclei/v3/pkg/types"
 )
 
-func BenchmarkRunEnumeration(b *testing.B) {
+var (
+	projectPath string
+	targetURL   string
+)
+
+func TestMain(m *testing.M) {
+	// Set up
+
+	gologger.DefaultLogger.SetMaxLevel(levels.LevelSilent)
+	_ = os.Setenv("DISABLE_STDOUT", "true")
+
+	var err error
+
+	projectPath, err = os.MkdirTemp("", "nuclei-benchmark-")
+	if err != nil {
+		panic(err)
+	}
+
 	dummyServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		w.WriteHeader(http.StatusNoContent)
 	}))
-	defer dummyServer.Close()
+	targetURL = dummyServer.URL
 
-	options := &types.Options{
-		RemoteTemplateDomainList: goflags.StringSlice{
-			"cloud.projectdiscovery.io",
-		},
-		ProjectPath:                "/tmp",
-		Targets:                    goflags.StringSlice{dummyServer.URL},
+	// Execute tests
+
+	exitCode := m.Run()
+
+	// Tear down
+
+	dummyServer.Close()
+	_ = os.RemoveAll(projectPath)
+	_ = os.Unsetenv("DISABLE_STDOUT")
+
+	os.Exit(exitCode)
+}
+
+func getDefaultOptions() *types.Options {
+	return &types.Options{
+		RemoteTemplateDomainList:   []string{"cloud.projectdiscovery.io"},
+		ProjectPath:                projectPath,
 		StatsInterval:              5,
 		MetricsPort:                9092,
 		MaxHostError:               30,
@@ -66,22 +94,42 @@ func BenchmarkRunEnumeration(b *testing.B) {
 		// DialerKeepAlive:            time.Duration(0),
 		// DASTServerAddress:          "localhost:9055",
 	}
+}
 
+func runEnumBenchmark(b *testing.B, options *types.Options) {
 	runner.ParseOptions(options)
 
-	// Disable logging to reduce benchmark noise.
-	gologger.DefaultLogger.SetMaxLevel(levels.LevelSilent)
-
 	nucleiRunner, err := runner.New(options)
 	if err != nil {
 		b.Fatalf("failed to create runner: %s", err)
 	}
+	defer nucleiRunner.Close()
 
 	b.ResetTimer()
+	b.ReportAllocs()
 
 	for i := 0; i < b.N; i++ {
 		if err := nucleiRunner.RunEnumeration(); err != nil {
-			b.Fatalf("RunEnumeration failed: %s", err)
+			b.Fatalf("%s failed: %s", b.Name(), err)
 		}
 	}
 }
+
+func BenchmarkRunEnumeration(b *testing.B) {
+	// Default case: run enumeration with default options == all nuclei-templates
+	// b.Run("Default", func(b *testing.B) {
+	// 	options := getDefaultOptions()
+	// 	options.Targets = []string{targetURL}
+
+	// 	runEnumBenchmark(b, options)
+	// })
+
+	// Case: https://github.com/projectdiscovery/nuclei/pull/6258
+	b.Run("Multiproto", func(b *testing.B) {
+		options := getDefaultOptions()
+		options.Targets = []string{targetURL}
+		options.Templates = []string{"./cmd/nuclei/testdata/benchmark/multiproto/"}
+
+		runEnumBenchmark(b, options)
+	})
+}

cmd/nuclei/testdata/benchmark/multiproto/basic-template-multiproto-mixed.yaml

@@ -0,0 +1,239 @@
+id: basic-template-multiproto-mixed
+
+info:
+  name: Test Template Multiple Protocols (Mixed)
+  author: pdteam
+  severity: info
+
+http:
+  - method: GET
+    id: first_iter_http
+    path:
+      - '{{BaseURL}}/1'
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - method: GET
+    path:
+      - '{{BaseURL}}/2'
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - method: GET
+    path:
+      - '{{BaseURL}}/3'
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - method: GET
+    path:
+      - '{{BaseURL}}/4'
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - method: GET
+    path:
+      - '{{BaseURL}}/5'
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - method: GET
+    path:
+      - '{{BaseURL}}/6'
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - method: GET
+    path:
+      - '{{BaseURL}}/7'
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - method: GET
+    path:
+      - '{{BaseURL}}/8'
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - method: GET
+    path:
+      - '{{BaseURL}}/9'
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - raw:
+      - |
+        GET /10 HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - raw:
+      - |
+        GET /11 HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - raw:
+      - |
+        GET /12 HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - raw:
+      - |
+        GET /13 HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - raw:
+      - |
+        GET /14 HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - raw:
+      - |
+        GET / HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - raw:
+      - |
+        GET /15 HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - raw:
+      - |
+        GET /16 HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - raw:
+      - |
+        GET /17 HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - raw:
+      - |
+        GET /18 HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"

cmd/nuclei/testdata/benchmark/multiproto/basic-template-multiproto-raw.yaml

@@ -0,0 +1,292 @@
+id: basic-template-multiproto-raw
+
+info:
+  name: Test Template Multiple Protocols RAW
+  author: pdteam
+  severity: info
+
+http:
+  - raw:
+      - |
+        GET /1 HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - raw:
+      - |
+        GET /2 HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - raw:
+      - |
+        GET /3 HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - raw:
+      - |
+        GET /4 HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - raw:
+      - |
+        GET /5 HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - raw:
+      - |
+        GET /6 HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - raw:
+      - |
+        GET /7 HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - raw:
+      - |
+        GET /8 HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - raw:
+      - |
+        GET /9 HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - raw:
+      - |
+        GET /10 HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - raw:
+      - |
+        GET /11 HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - raw:
+      - |
+        GET /12 HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - raw:
+      - |
+        GET /13 HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - raw:
+      - |
+        GET /14 HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - raw:
+      - |
+        GET / HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - raw:
+      - |
+        GET /15 HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - raw:
+      - |
+        GET /16 HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - raw:
+      - |
+        GET /17 HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - raw:
+      - |
+        GET /18 HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{BaseURL}}
+        Connection: close
+        User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko)
+        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
+        Accept-Language: en-US,en;q=0.9
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"

cmd/nuclei/testdata/benchmark/multiproto/basic-template-multiproto.yaml

@@ -0,0 +1,170 @@
+id: basic-template-multiproto
+
+info:
+  name: Test Template Multiple Protocols
+  author: pdteam
+  severity: info
+
+http:
+  - method: GET
+    id: first_iter_http
+    path:
+      - '{{BaseURL}}/1'
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - method: GET
+    path:
+      - '{{BaseURL}}/2'
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - method: GET
+    path:
+      - '{{BaseURL}}/3'
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - method: GET
+    path:
+      - '{{BaseURL}}/4'
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - method: GET
+    path:
+      - '{{BaseURL}}/5'
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - method: GET
+    path:
+      - '{{BaseURL}}/6'
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - method: GET
+    path:
+      - '{{BaseURL}}/7'
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - method: GET
+    path:
+      - '{{BaseURL}}/8'
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - method: GET
+    path:
+      - '{{BaseURL}}/9'
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - method: GET
+    path:
+      - '{{BaseURL}}/10'
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - method: GET
+    path:
+      - '{{BaseURL}}/11'
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - method: GET
+    path:
+      - '{{BaseURL}}/12'
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - method: GET
+    path:
+      - '{{BaseURL}}/13'
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - method: GET
+    path:
+      - '{{BaseURL}}/14'
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - method: GET
+    path:
+      - '{{BaseURL}}/15'
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - method: GET
+    path:
+      - '{{BaseURL}}/16'
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - method: GET
+    path:
+      - '{{BaseURL}}/17'
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"
+
+  - method: GET
+    path:
+      - '{{BaseURL}}/18'
+
+    matchers:
+      - type: word
+        words:
+          - "Test is test matcher text"

cmd/tmc/main.go

@@ -135,7 +135,9 @@ func process(opts options) error {
 	if err != nil {
 		return err
 	}
-	defer os.RemoveAll(tempDir)
+	defer func() {
+		_ = os.RemoveAll(tempDir)
+	}()
 
 	var errFile *os.File
 	if opts.errorLogFile != "" {
@@ -143,7 +145,9 @@ func process(opts options) error {
 		if err != nil {
 			gologger.Fatal().Msgf("could not open error log file: %s\n", err)
 		}
-		defer errFile.Close()
+		defer func() {
+          _ = errFile.Close()
+        }()
 	}
 
 	templateCatalog := disk.NewCatalog(filepath.Dir(opts.input))
@@ -226,7 +230,7 @@ func logErrMsg(path string, err error, debug bool, errFile *os.File) string {
 		msg = fmt.Sprintf("❌ template: %s err: %s\n", path, err)
 	}
 	if errFile != nil {
-		_, _ = errFile.WriteString(fmt.Sprintf("❌ template: %s err: %s\n", path, err))
+		_, _ = fmt.Fprintf(errFile, "❌ template: %s err: %s\n", path, err)
 	}
 	return msg
 }

cmd/tools/fuzzplayground/main.go

@@ -18,7 +18,9 @@ func main() {
 
 	defer fuzzplayground.Cleanup()
 	server := fuzzplayground.GetPlaygroundServer()
-	defer server.Close()
+	defer func() {
+		_ = server.Close()
+	}()
 
 	// Start the server
 	if err := server.Start(addr); err != nil {

examples/with_speed_control/main.go

@@ -1,6 +1,7 @@
 package main
 
 import (
+	"context"
 	"log"
 	"sync"
 	"time"
@@ -34,7 +35,7 @@ func main() {
 }
 
 func initializeNucleiEngine() (*nuclei.NucleiEngine, error) {
-	return nuclei.NewNucleiEngine(
+	return nuclei.NewNucleiEngineCtx(context.TODO(),
 		nuclei.WithTemplateFilters(nuclei.TemplateFilters{Tags: []string{"oast"}}),
 		nuclei.EnableStatsWithOpts(nuclei.StatsOptions{MetricServerPort: 6064}),
 		nuclei.WithGlobalRateLimit(1, time.Second),

go.mod

@@ -2,93 +2,99 @@ module github.com/projectdiscovery/nuclei/v3
 
 go 1.24.2
 
-toolchain go1.24.3
+toolchain go1.24.4
 
 require (
 	github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible
 	github.com/andygrunwald/go-jira v1.16.0
-	github.com/antchfx/htmlquery v1.3.0
+	github.com/antchfx/htmlquery v1.3.4
 	github.com/bluele/gcache v0.0.2
-	github.com/go-playground/validator/v10 v10.14.1
+	github.com/go-playground/validator/v10 v10.26.0
 	github.com/go-rod/rod v0.116.2
-	github.com/gobwas/ws v1.2.1
+	github.com/gobwas/ws v1.4.0
 	github.com/google/go-github v17.0.0+incompatible
-	github.com/invopop/jsonschema v0.12.0
-	github.com/itchyny/gojq v0.12.13
+	github.com/invopop/jsonschema v0.13.0
+	github.com/itchyny/gojq v0.12.17
 	github.com/json-iterator/go v1.1.12
 	github.com/julienschmidt/httprouter v1.3.0
 	github.com/logrusorgru/aurora v2.0.3+incompatible
-	github.com/miekg/dns v1.1.62
+	github.com/miekg/dns v1.1.66
 	github.com/olekukonko/tablewriter v0.0.5
 	github.com/pkg/errors v0.9.1
 	github.com/projectdiscovery/clistats v0.1.1
-	github.com/projectdiscovery/fastdialer v0.4.0
-	github.com/projectdiscovery/hmap v0.0.88
+	github.com/projectdiscovery/fastdialer v0.4.1
+	github.com/projectdiscovery/hmap v0.0.91
 	github.com/projectdiscovery/interactsh v1.2.4
 	github.com/projectdiscovery/rawhttp v0.1.90
-	github.com/projectdiscovery/retryabledns v1.0.99
-	github.com/projectdiscovery/retryablehttp-go v1.0.111
+	github.com/projectdiscovery/retryabledns v1.0.103
+	github.com/projectdiscovery/retryablehttp-go v1.0.116
 	github.com/projectdiscovery/yamldoc-go v1.0.6
 	github.com/remeh/sizedwaitgroup v1.0.0
 	github.com/rs/xid v1.6.0
 	github.com/segmentio/ksuid v1.0.4
-	github.com/shirou/gopsutil/v3 v3.24.2 // indirect
+	github.com/shirou/gopsutil/v3 v3.24.5 // indirect
 	github.com/spaolacci/murmur3 v1.1.0 // indirect
-	github.com/spf13/cast v1.5.1
+	github.com/spf13/cast v1.9.2
 	github.com/syndtr/goleveldb v1.0.0
 	github.com/valyala/fasttemplate v1.2.2
-	github.com/weppos/publicsuffix-go v0.40.2
-	github.com/xanzy/go-gitlab v0.107.0
+	github.com/weppos/publicsuffix-go v0.40.3-0.20250311103038-7794c8c0723b
 	go.uber.org/multierr v1.11.0
-	golang.org/x/net v0.39.0
-	golang.org/x/oauth2 v0.22.0
-	golang.org/x/text v0.24.0
+	golang.org/x/net v0.41.0
+	golang.org/x/oauth2 v0.30.0
+	golang.org/x/text v0.26.0
 	gopkg.in/yaml.v2 v2.4.0
 )
 
 require (
 	carvel.dev/ytt v0.52.0
 	code.gitea.io/sdk/gitea v0.17.0
-	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.6.0
+	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.1
 	github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.1.0
-	github.com/DataDog/gostackparse v0.6.0
+	github.com/DataDog/gostackparse v0.7.0
 	github.com/Masterminds/semver/v3 v3.2.1
 	github.com/Mzack9999/gcache v0.0.0-20230410081825-519e28eab057
+	github.com/alecthomas/chroma v0.10.0
 	github.com/alitto/pond v1.9.2
-	github.com/antchfx/xmlquery v1.3.17
+	github.com/antchfx/xmlquery v1.4.4
+	github.com/antchfx/xpath v1.3.3
 	github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2
-	github.com/aws/aws-sdk-go-v2 v1.19.0
-	github.com/aws/aws-sdk-go-v2/config v1.18.28
-	github.com/aws/aws-sdk-go-v2/credentials v1.13.27
-	github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.72
-	github.com/aws/aws-sdk-go-v2/service/s3 v1.37.0
-	github.com/bytedance/sonic v1.12.8
+	github.com/aws/aws-sdk-go-v2 v1.36.5
+	github.com/aws/aws-sdk-go-v2/config v1.29.17
+	github.com/aws/aws-sdk-go-v2/credentials v1.17.70
+	github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.17.82
+	github.com/aws/aws-sdk-go-v2/service/s3 v1.82.0
+	github.com/bytedance/sonic v1.13.3
 	github.com/cespare/xxhash v1.1.0
-	github.com/charmbracelet/glamour v0.8.0
+	github.com/charmbracelet/glamour v0.10.0
 	github.com/clbanning/mxj/v2 v2.7.0
 	github.com/ditashi/jsbeautifier-go v0.0.0-20141206144643-2520a8026a9c
 	github.com/docker/go-units v0.5.0
-	github.com/dop251/goja v0.0.0-20240220182346-e401ed450204
+	github.com/dop251/goja v0.0.0-20250624190929-4d26883d182a
+	github.com/dop251/goja_nodejs v0.0.0-20250409162600-f7acab6894b0
 	github.com/fatih/structs v1.1.0
-	github.com/getkin/kin-openapi v0.126.0
-	github.com/go-git/go-git/v5 v5.13.0
-	github.com/go-ldap/ldap/v3 v3.4.5
+	github.com/getkin/kin-openapi v0.132.0
+	github.com/go-echarts/go-echarts/v2 v2.6.0
+	github.com/go-git/go-git/v5 v5.16.2
+	github.com/go-ldap/ldap/v3 v3.4.11
 	github.com/go-pg/pg v8.0.7+incompatible
-	github.com/go-sql-driver/mysql v1.7.1
+	github.com/go-sql-driver/mysql v1.9.3
 	github.com/goccy/go-json v0.10.5
+	github.com/google/uuid v1.6.0
 	github.com/h2non/filetype v1.1.3
 	github.com/invopop/yaml v0.3.1
+	github.com/jcmturner/gokrb5/v8 v8.4.4
 	github.com/kitabisa/go-ci v1.0.3
-	github.com/labstack/echo/v4 v4.13.3
+	github.com/labstack/echo/v4 v4.13.4
 	github.com/leslie-qiwa/flat v0.0.0-20230424180412-f9d1cf014baa
 	github.com/lib/pq v1.10.9
-	github.com/mattn/go-sqlite3 v1.14.22
-	github.com/mholt/archives v0.1.0
-	github.com/microsoft/go-mssqldb v1.6.0
-	github.com/ory/dockertest/v3 v3.10.0
-	github.com/praetorian-inc/fingerprintx v1.1.9
-	github.com/projectdiscovery/dsl v0.4.3
+	github.com/mattn/go-sqlite3 v1.14.28
+	github.com/mholt/archives v0.1.3
+	github.com/microsoft/go-mssqldb v1.9.2
+	github.com/ory/dockertest/v3 v3.12.0
+	github.com/praetorian-inc/fingerprintx v1.1.15
+	github.com/projectdiscovery/dsl v0.5.0
 	github.com/projectdiscovery/fasttemplate v0.0.2
+	github.com/projectdiscovery/gcache v0.0.0-20241015120333-12546c6e3f4c
 	github.com/projectdiscovery/go-smb2 v0.0.0-20240129202741-052cc450c6cb
 	github.com/projectdiscovery/goflags v0.1.74
 	github.com/projectdiscovery/gologger v1.1.54
@@ -97,23 +103,28 @@ require (
 	github.com/projectdiscovery/httpx v1.7.0
 	github.com/projectdiscovery/mapcidr v1.1.34
 	github.com/projectdiscovery/n3iwf v0.0.0-20230523120440-b8cd232ff1f5
-	github.com/projectdiscovery/ratelimit v0.0.80
-	github.com/projectdiscovery/rdap v0.9.1-0.20221108103045-9865884d1917
+	github.com/projectdiscovery/networkpolicy v0.1.17
+	github.com/projectdiscovery/ratelimit v0.0.81
+	github.com/projectdiscovery/rdap v0.9.0
 	github.com/projectdiscovery/sarif v0.0.1
 	github.com/projectdiscovery/tlsx v1.1.9
-	github.com/projectdiscovery/uncover v1.0.10
-	github.com/projectdiscovery/useragent v0.0.100
-	github.com/projectdiscovery/utils v0.4.19
-	github.com/projectdiscovery/wappalyzergo v0.2.28
-	github.com/redis/go-redis/v9 v9.1.0
+	github.com/projectdiscovery/uncover v1.1.0
+	github.com/projectdiscovery/useragent v0.0.101
+	github.com/projectdiscovery/utils v0.4.21
+	github.com/projectdiscovery/wappalyzergo v0.2.35
+	github.com/redis/go-redis/v9 v9.11.0
 	github.com/seh-msft/burpxml v1.0.1
 	github.com/shurcooL/graphql v0.0.0-20230722043721-ed46e5a46466
 	github.com/stretchr/testify v1.10.0
 	github.com/tarunKoyalwar/goleak v0.0.0-20240429141123-0efa90dbdcf9
-	github.com/yassinebenaid/godump v0.10.0
-	github.com/zmap/zgrab2 v0.1.8-0.20230806160807-97ba87c0e706
-	go.mongodb.org/mongo-driver v1.17.0
-	golang.org/x/term v0.31.0
+	github.com/trivago/tgo v1.0.7
+	github.com/yassinebenaid/godump v0.11.1
+	github.com/zmap/zgrab2 v0.1.8
+	gitlab.com/gitlab-org/api/client-go v0.130.1
+	go.mongodb.org/mongo-driver v1.17.4
+	golang.org/x/exp v0.0.0-20250620022241-b7579e27df2b
+	golang.org/x/term v0.32.0
+	golang.org/x/tools v0.34.0
 	gopkg.in/yaml.v3 v3.0.1
 	moul.io/http2curl v1.0.0
 )
@@ -121,22 +132,43 @@ require (
 require (
 	aead.dev/minisign v0.2.0 // indirect
 	dario.cat/mergo v1.0.0 // indirect
-	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.11.1 // indirect
-	github.com/Azure/azure-sdk-for-go/sdk/internal v1.8.0 // indirect
+	filippo.io/edwards25519 v1.1.0 // indirect
+	git.mills.io/prologic/smtpd v0.0.0-20210710122116-a525b76c287a // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1 // indirect
 	github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect
 	github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 // indirect
-	github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 // indirect
+	github.com/AzureAD/microsoft-authentication-library-for-go v1.4.2 // indirect
+	github.com/Microsoft/go-winio v0.6.2 // indirect
+	github.com/Mzack9999/go-http-digest-auth-client v0.6.1-0.20220414142836-eb8883508809 // indirect
 	github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 // indirect
+	github.com/ProtonMail/go-crypto v1.1.6 // indirect
+	github.com/PuerkitoBio/goquery v1.10.3 // indirect
 	github.com/STARRY-S/zip v0.2.1 // indirect
 	github.com/VividCortex/ewma v1.2.0 // indirect
+	github.com/akrylysov/pogreb v0.10.2 // indirect
 	github.com/alecthomas/chroma/v2 v2.14.0 // indirect
-	github.com/andybalholm/brotli v1.1.1 // indirect
-	github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.10 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.27 // indirect
-	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.11 // indirect
-	github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.30 // indirect
-	github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.14.4 // indirect
+	github.com/alecthomas/kingpin/v2 v2.4.0 // indirect
+	github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751 // indirect
+	github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137 // indirect
+	github.com/andybalholm/brotli v1.1.2-0.20250424173009-453214e765f3 // indirect
+	github.com/andybalholm/cascadia v1.3.3 // indirect
+	github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.11 // indirect
+	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.32 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.36 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.36 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/ini v1.8.3 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.36 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.4 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.7.4 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.17 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.18.17 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sso v1.25.5 // indirect
+	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.30.3 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sts v1.34.0 // indirect
+	github.com/aws/smithy-go v1.22.4 // indirect
 	github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect
+	github.com/aymerick/douceur v0.2.0 // indirect
 	github.com/bahlo/generic-list-go v0.2.0 // indirect
 	github.com/bits-and-blooms/bitset v1.13.0 // indirect
 	github.com/bits-and-blooms/bloom/v3 v3.5.0 // indirect
@@ -144,96 +176,150 @@ require (
 	github.com/bodgit/sevenzip v1.6.0 // indirect
 	github.com/bodgit/windows v1.0.1 // indirect
 	github.com/buger/jsonparser v1.1.1 // indirect
-	github.com/bytedance/sonic/loader v0.2.2 // indirect
-	github.com/cenkalti/backoff/v4 v4.2.1 // indirect
-	github.com/cespare/xxhash/v2 v2.2.0 // indirect
-	github.com/charmbracelet/lipgloss v0.13.0 // indirect
-	github.com/charmbracelet/x/ansi v0.3.2 // indirect
+	github.com/bytedance/sonic/loader v0.2.4 // indirect
+	github.com/caddyserver/certmagic v0.19.2 // indirect
+	github.com/cenkalti/backoff/v4 v4.3.0 // indirect
+	github.com/cespare/xxhash/v2 v2.3.0 // indirect
+	github.com/charmbracelet/colorprofile v0.2.3-0.20250311203215-f60798e515dc // indirect
+	github.com/charmbracelet/lipgloss v1.1.1-0.20250404203927-76690c660834 // indirect
+	github.com/charmbracelet/x/ansi v0.8.0 // indirect
+	github.com/charmbracelet/x/cellbuf v0.0.13 // indirect
+	github.com/charmbracelet/x/exp/slice v0.0.0-20250327172914-2fdc97757edf // indirect
+	github.com/charmbracelet/x/term v0.2.1 // indirect
 	github.com/cheggaaa/pb/v3 v3.1.4 // indirect
 	github.com/cloudflare/cfssl v1.6.4 // indirect
-	github.com/cloudflare/circl v1.3.8 // indirect
+	github.com/cloudflare/circl v1.6.1 // indirect
 	github.com/cloudwego/base64x v0.1.5 // indirect
-	github.com/containerd/continuity v0.4.2 // indirect
-	github.com/cyphar/filepath-securejoin v0.2.5 // indirect
+	github.com/cnf/structhash v0.0.0-20201127153200-e1b16c1ebc08 // indirect
+	github.com/containerd/continuity v0.4.5 // indirect
+	github.com/cyphar/filepath-securejoin v0.4.1 // indirect
+	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/davidmz/go-pageant v1.0.2 // indirect
 	github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
-	github.com/dlclark/regexp2 v1.11.4 // indirect
-	github.com/docker/cli v24.0.5+incompatible // indirect
-	github.com/docker/docker v24.0.9+incompatible // indirect
-	github.com/docker/go-connections v0.4.0 // indirect
+	github.com/dimchansky/utfbom v1.1.1 // indirect
+	github.com/dlclark/regexp2 v1.11.5 // indirect
+	github.com/docker/cli v27.4.1+incompatible // indirect
+	github.com/docker/docker v27.1.1+incompatible // indirect
+	github.com/docker/go-connections v0.5.0 // indirect
+	github.com/dsnet/compress v0.0.2-0.20230904184137-39efe44ab707 // indirect
+	github.com/emirpasic/gods v1.18.1 // indirect
 	github.com/fatih/color v1.16.0 // indirect
 	github.com/felixge/fgprof v0.9.5 // indirect
 	github.com/free5gc/util v1.0.5-0.20230511064842-2e120956883b // indirect
-	github.com/gabriel-vasile/mimetype v1.4.2 // indirect
-	github.com/gaissmai/bart v0.17.10 // indirect
+	github.com/gabriel-vasile/mimetype v1.4.8 // indirect
+	github.com/gaissmai/bart v0.20.4 // indirect
 	github.com/geoffgarside/ber v1.1.0 // indirect
 	github.com/gin-contrib/sse v0.1.0 // indirect
 	github.com/gin-gonic/gin v1.9.1 // indirect
-	github.com/go-asn1-ber/asn1-ber v1.5.4 // indirect
+	github.com/go-asn1-ber/asn1-ber v1.5.8-0.20250403174932-29230038a667 // indirect
 	github.com/go-fed/httpsig v1.1.0 // indirect
+	github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
+	github.com/go-git/go-billy/v5 v5.6.2 // indirect
+	github.com/go-ole/go-ole v1.2.6 // indirect
 	github.com/go-openapi/jsonpointer v0.21.0 // indirect
 	github.com/go-openapi/swag v0.23.0 // indirect
+	github.com/go-playground/locales v0.14.1 // indirect
+	github.com/go-playground/universal-translator v0.18.1 // indirect
 	github.com/go-sourcemap/sourcemap v2.1.4+incompatible // indirect
+	github.com/go-viper/mapstructure/v2 v2.3.0 // indirect
+	github.com/goburrow/cache v0.1.4 // indirect
+	github.com/gobwas/httphead v0.1.0 // indirect
+	github.com/gobwas/pool v0.2.1 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
-	github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
+	github.com/golang-jwt/jwt/v4 v4.5.2 // indirect
+	github.com/golang-jwt/jwt/v5 v5.2.2 // indirect
 	github.com/golang-sql/civil v0.0.0-20220223132316-b832511892a9 // indirect
 	github.com/golang-sql/sqlexp v0.1.0 // indirect
+	github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect
+	github.com/golang/snappy v0.0.4 // indirect
 	github.com/google/certificate-transparency-go v1.1.4 // indirect
 	github.com/google/go-github/v30 v30.1.0 // indirect
-	github.com/google/pprof v0.0.0-20240227163752-401108e1b7e7 // indirect
+	github.com/google/go-querystring v1.1.0 // indirect
+	github.com/google/pprof v0.0.0-20240727154555-813a5fbdbec8 // indirect
 	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
+	github.com/gorilla/css v1.0.1 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
+	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
+	github.com/hashicorp/go-retryablehttp v0.7.7 // indirect
 	github.com/hashicorp/go-uuid v1.0.3 // indirect
 	github.com/hashicorp/go-version v1.7.0 // indirect
 	github.com/hashicorp/golang-lru/v2 v2.0.7 // indirect
 	github.com/hbakhtiyor/strsim v0.0.0-20190107154042-4d2bbb273edf // indirect
+	github.com/hdm/jarm-go v0.0.7 // indirect
+	github.com/imdario/mergo v0.3.13 // indirect
+	github.com/itchyny/timefmt-go v0.1.6 // indirect
+	github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
 	github.com/jcmturner/aescts/v2 v2.0.0 // indirect
 	github.com/jcmturner/dnsutils/v2 v2.0.0 // indirect
 	github.com/jcmturner/gofork v1.7.6 // indirect
 	github.com/jcmturner/rpc/v2 v2.0.3 // indirect
 	github.com/jinzhu/inflection v1.0.0 // indirect
-	github.com/jmespath/go-jmespath v0.4.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/k14s/starlark-go v0.0.0-20200720175618-3a5c849cc368 // indirect
 	github.com/kataras/jwt v0.1.10 // indirect
-	github.com/klauspost/compress v1.17.11 // indirect
+	github.com/kevinburke/ssh_config v1.2.0 // indirect
+	github.com/klauspost/compress v1.18.0 // indirect
+	github.com/klauspost/cpuid/v2 v2.2.5 // indirect
 	github.com/klauspost/pgzip v1.2.6 // indirect
 	github.com/kylelemons/godebug v1.1.0 // indirect
+	github.com/labstack/gommon v0.4.2 // indirect
+	github.com/leodido/go-urn v1.4.0 // indirect
+	github.com/libdns/libdns v0.2.1 // indirect
 	github.com/logrusorgru/aurora/v4 v4.0.0 // indirect
+	github.com/lor00x/goldap v0.0.0-20180618054307-a546dffdd1a3 // indirect
 	github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
+	github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
 	github.com/mackerelio/go-osstat v0.2.4 // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
+	github.com/mattn/go-colorable v0.1.14 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
+	github.com/mattn/go-runewidth v0.0.16 // indirect
+	github.com/mholt/acmez v1.2.0 // indirect
+	github.com/microcosm-cc/bluemonday v1.0.27 // indirect
+	github.com/mikelolasagasti/xz v1.0.1 // indirect
+	github.com/minio/minlz v1.0.0 // indirect
 	github.com/minio/selfupdate v0.6.1-0.20230907112617-f11e74f84ca7 // indirect
 	github.com/mitchellh/go-homedir v1.1.0 // indirect
-	github.com/mitchellh/mapstructure v1.5.0 // indirect
+	github.com/moby/docker-image-spec v1.3.1 // indirect
+	github.com/moby/sys/user v0.3.0 // indirect
 	github.com/moby/term v0.5.0 // indirect
+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
+	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/mohae/deepcopy v0.0.0-20170929034955-c48cc78d4826 // indirect
 	github.com/montanaflynn/stats v0.7.1 // indirect
 	github.com/muesli/reflow v0.3.0 // indirect
-	github.com/muesli/termenv v0.15.3-0.20240618155329-98d742f6907a // indirect
-	github.com/nwaples/rardecode/v2 v2.0.1 // indirect
+	github.com/muesli/termenv v0.16.0 // indirect
+	github.com/nwaples/rardecode/v2 v2.1.0 // indirect
+	github.com/oasdiff/yaml v0.0.0-20250309154309-f31be36b4037 // indirect
+	github.com/oasdiff/yaml3 v0.0.0-20250309153720-d2182401db90 // indirect
 	github.com/opencontainers/go-digest v1.0.0 // indirect
-	github.com/opencontainers/image-spec v1.0.2 // indirect
-	github.com/opencontainers/runc v1.1.14 // indirect
+	github.com/opencontainers/image-spec v1.1.0 // indirect
+	github.com/opencontainers/runc v1.2.3 // indirect
+	github.com/openrdap/rdap v0.9.1 // indirect
 	github.com/pelletier/go-toml/v2 v2.0.8 // indirect
 	github.com/perimeterx/marshmallow v1.1.5 // indirect
-	github.com/pierrec/lz4/v4 v4.1.22 // indirect
-	github.com/pjbgf/sha1cd v0.3.0 // indirect
+	github.com/pierrec/lz4/v4 v4.1.21 // indirect
+	github.com/pjbgf/sha1cd v0.3.2 // indirect
 	github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
+	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
+	github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect
 	github.com/projectdiscovery/asnmap v1.1.1 // indirect
-	github.com/projectdiscovery/cdncheck v1.1.17 // indirect
+	github.com/projectdiscovery/blackrock v0.0.1 // indirect
+	github.com/projectdiscovery/cdncheck v1.1.15 // indirect
 	github.com/projectdiscovery/freeport v0.0.7 // indirect
 	github.com/projectdiscovery/ldapserver v1.0.2-0.20240219154113-dcc758ebc0cb // indirect
 	github.com/projectdiscovery/machineid v0.0.0-20240226150047-2e2c51e35983 // indirect
-	github.com/refraction-networking/utls v1.6.7 // indirect
+	github.com/refraction-networking/utls v1.7.0 // indirect
+	github.com/rivo/uniseg v0.4.7 // indirect
+	github.com/saintfish/chardet v0.0.0-20230101081208-5e3ef4b5456d // indirect
 	github.com/sashabaranov/go-openai v1.37.0 // indirect
+	github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect
 	github.com/shirou/gopsutil v3.21.11+incompatible // indirect
 	github.com/shoenig/go-m1cpu v0.1.6 // indirect
 	github.com/sirupsen/logrus v1.9.3 // indirect
-	github.com/skeema/knownhosts v1.3.0 // indirect
+	github.com/skeema/knownhosts v1.3.1 // indirect
 	github.com/sorairolake/lzip-go v0.3.5 // indirect
-	github.com/therootcompany/xz v1.0.1 // indirect
 	github.com/tidwall/btree v1.7.0 // indirect
 	github.com/tidwall/buntdb v1.3.1 // indirect
 	github.com/tidwall/gjson v1.18.0 // indirect
@@ -243,130 +329,50 @@ require (
 	github.com/tidwall/rtred v0.1.2 // indirect
 	github.com/tidwall/tinyqueue v0.1.1 // indirect
 	github.com/tim-ywliu/nested-logrus-formatter v1.3.2 // indirect
+	github.com/tklauser/go-sysconf v0.3.12 // indirect
+	github.com/tklauser/numcpus v0.6.1 // indirect
 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
 	github.com/ugorji/go/codec v1.2.11 // indirect
+	github.com/ulikunitz/xz v0.5.12 // indirect
+	github.com/valyala/bytebufferpool v1.0.0 // indirect
 	github.com/wk8/go-ordered-map/v2 v2.1.8 // indirect
+	github.com/xanzy/ssh-agent v0.3.3 // indirect
 	github.com/xdg-go/pbkdf2 v1.0.0 // indirect
 	github.com/xdg-go/scram v1.1.2 // indirect
 	github.com/xdg-go/stringprep v1.0.4 // indirect
 	github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect
 	github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
 	github.com/xeipuuv/gojsonschema v1.2.0 // indirect
+	github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
 	github.com/youmark/pkcs8 v0.0.0-20240726163527-a2c0da244d78 // indirect
 	github.com/ysmood/fetchup v0.2.3 // indirect
-	github.com/ysmood/got v0.40.0 // indirect
-	github.com/yuin/goldmark v1.7.4 // indirect
-	github.com/yuin/goldmark-emoji v1.0.3 // indirect
-	github.com/zcalusic/sysinfo v1.0.2 // indirect
-	github.com/zeebo/blake3 v0.2.3 // indirect
-	go.uber.org/goleak v1.3.0 // indirect
-	go4.org v0.0.0-20230225012048-214862532bf5 // indirect
-	golang.org/x/arch v0.3.0 // indirect
-	golang.org/x/sync v0.13.0 // indirect
-	gopkg.in/djherbis/times.v1 v1.3.0 // indirect
-	mellium.im/sasl v0.3.1 // indirect
-)
-
-require (
-	git.mills.io/prologic/smtpd v0.0.0-20210710122116-a525b76c287a // indirect
-	github.com/Mzack9999/go-http-digest-auth-client v0.6.1-0.20220414142836-eb8883508809 // indirect
-	github.com/PuerkitoBio/goquery v1.10.3 // indirect
-	github.com/akrylysov/pogreb v0.10.2 // indirect
-	github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751 // indirect
-	github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137 // indirect
-	github.com/andybalholm/cascadia v1.3.3 // indirect
-	github.com/antchfx/xpath v1.2.4
-	github.com/aymerick/douceur v0.2.0 // indirect
-	github.com/caddyserver/certmagic v0.19.2 // indirect
-	github.com/cnf/structhash v0.0.0-20201127153200-e1b16c1ebc08 // indirect
-	github.com/davecgh/go-spew v1.1.1 // indirect
-	github.com/dimchansky/utfbom v1.1.1 // indirect
-	github.com/dsnet/compress v0.0.2-0.20230904184137-39efe44ab707 // indirect
-	github.com/go-ole/go-ole v1.2.6 // indirect
-	github.com/go-playground/locales v0.14.1 // indirect
-	github.com/go-playground/universal-translator v0.18.1 // indirect
-	github.com/goburrow/cache v0.1.4 // indirect
-	github.com/gobwas/httphead v0.1.0 // indirect
-	github.com/gobwas/pool v0.2.1 // indirect
-	github.com/golang-jwt/jwt/v4 v4.5.1 // indirect
-	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
-	github.com/golang/snappy v0.0.4 // indirect
-	github.com/google/go-querystring v1.1.0 // indirect
-	github.com/google/uuid v1.6.0
-	github.com/gorilla/css v1.0.1 // indirect
-	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
-	github.com/hashicorp/go-retryablehttp v0.7.7 // indirect
-	github.com/hdm/jarm-go v0.0.7 // indirect
-	github.com/itchyny/timefmt-go v0.1.5 // indirect
-	github.com/klauspost/cpuid/v2 v2.2.5 // indirect
-	github.com/leodido/go-urn v1.2.4 // indirect
-	github.com/libdns/libdns v0.2.1 // indirect
-	github.com/lor00x/goldap v0.0.0-20180618054307-a546dffdd1a3 // indirect
-	github.com/lufia/plan9stats v0.0.0-20211012122336-39d0f177ccd0 // indirect
-	github.com/mattn/go-isatty v0.0.20 // indirect
-	github.com/mattn/go-runewidth v0.0.16 // indirect
-	github.com/mholt/acmez v1.2.0 // indirect
-	github.com/microcosm-cc/bluemonday v1.0.27 // indirect
-	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
-	github.com/modern-go/reflect2 v1.0.2 // indirect
-	github.com/pmezard/go-difflib v1.0.0 // indirect
-	github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect
-	github.com/projectdiscovery/blackrock v0.0.1 // indirect
-	github.com/projectdiscovery/networkpolicy v0.1.14
-	github.com/rivo/uniseg v0.4.7 // indirect
-	github.com/saintfish/chardet v0.0.0-20230101081208-5e3ef4b5456d // indirect
-	github.com/tklauser/go-sysconf v0.3.12 // indirect
-	github.com/tklauser/numcpus v0.6.1 // indirect
-	github.com/trivago/tgo v1.0.7
-	github.com/ulikunitz/xz v0.5.12 // indirect
-	github.com/valyala/bytebufferpool v1.0.0 // indirect
 	github.com/ysmood/goob v0.4.0 // indirect
+	github.com/ysmood/got v0.40.0 // indirect
 	github.com/ysmood/gson v0.7.3 // indirect
 	github.com/ysmood/leakless v0.9.0 // indirect
+	github.com/yuin/goldmark v1.7.8 // indirect
+	github.com/yuin/goldmark-emoji v1.0.5 // indirect
 	github.com/yusufpapurcu/wmi v1.2.4 // indirect
+	github.com/zcalusic/sysinfo v1.0.2 // indirect
+	github.com/zeebo/blake3 v0.2.3 // indirect
 	github.com/zmap/rc2 v0.0.0-20190804163417-abaa70531248 // indirect
 	github.com/zmap/zcrypto v0.0.0-20240512203510-0fef58d9a9db // indirect
 	go.etcd.io/bbolt v1.3.10 // indirect
 	go.uber.org/zap v1.25.0 // indirect
+	go4.org v0.0.0-20230225012048-214862532bf5 // indirect
 	goftp.io/server/v2 v2.0.1 // indirect
-	golang.org/x/crypto v0.37.0 // indirect
-	golang.org/x/exp v0.0.0-20250106191152-7588d65b2ba8
-	golang.org/x/mod v0.22.0 // indirect
-	golang.org/x/sys v0.32.0 // indirect
-	golang.org/x/time v0.8.0 // indirect
-	golang.org/x/tools v0.29.0
-	google.golang.org/protobuf v1.34.2 // indirect
+	golang.org/x/arch v0.3.0 // indirect
+	golang.org/x/crypto v0.39.0 // indirect
+	golang.org/x/mod v0.25.0 // indirect
+	golang.org/x/sync v0.15.0 // indirect
+	golang.org/x/sys v0.33.0 // indirect
+	golang.org/x/time v0.11.0 // indirect
+	google.golang.org/protobuf v1.36.6 // indirect
 	gopkg.in/alecthomas/kingpin.v2 v2.2.6 // indirect
 	gopkg.in/corvus-ch/zbase32.v1 v1.0.0 // indirect
-)
-
-require (
-	github.com/Microsoft/go-winio v0.6.1 // indirect
-	github.com/ProtonMail/go-crypto v1.1.3 // indirect
-	github.com/alecthomas/chroma v0.10.0
-	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.5 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.35 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.29 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/ini v1.3.36 // indirect
-	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.29 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sso v1.12.13 // indirect
-	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.13 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sts v1.19.3 // indirect
-	github.com/aws/smithy-go v1.13.5 // indirect
-	github.com/dop251/goja_nodejs v0.0.0-20230821135201-94e508132562
-	github.com/emirpasic/gods v1.18.1 // indirect
-	github.com/go-echarts/go-echarts/v2 v2.3.3
-	github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
-	github.com/go-git/go-billy/v5 v5.6.0 // indirect
-	github.com/imdario/mergo v0.3.16 // indirect
-	github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
-	github.com/jcmturner/gokrb5/v8 v8.4.4
-	github.com/kevinburke/ssh_config v1.2.0 // indirect
-	github.com/labstack/gommon v0.4.2 // indirect
-	github.com/mattn/go-colorable v0.1.13 // indirect
-	github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect
-	github.com/xanzy/ssh-agent v0.3.3 // indirect
+	gopkg.in/djherbis/times.v1 v1.3.0 // indirect
 	gopkg.in/warnings.v0 v0.1.2 // indirect
+	mellium.im/sasl v0.3.2 // indirect
 )
 
 // https://go.dev/ref/mod#go-mod-file-retract

internal/pdcp/writer.go

@@ -127,7 +127,9 @@ func (u *UploadWriter) autoCommit(ctx context.Context, r *io.PipeReader) {
 
 	// continuously read from the reader and send to channel
 	go func() {
-		defer r.Close()
+		defer func() {
+          _ = r.Close()
+        }()
 		defer close(ch)
 		for {
 			data, err := reader.ReadString('\n')
@@ -213,7 +215,9 @@ func (u *UploadWriter) upload(data []byte) error {
 	if err != nil {
 		return errorutil.NewWithErr(err).Msgf("could not upload results")
 	}
-	defer resp.Body.Close()
+	defer func() {
+         _ = resp.Body.Close()
+       }()
 	bin, err := io.ReadAll(resp.Body)
 	if err != nil {
 		return errorutil.NewWithErr(err).Msgf("could not get id from response")
@@ -251,10 +255,10 @@ func (u *UploadWriter) getRequest(bin []byte) (*retryablehttp.Request, error) {
 		return nil, errorutil.NewWithErr(err).Msgf("could not create cloud upload request")
 	}
 	// add pdtm meta params
-	req.URL.Params.Merge(updateutils.GetpdtmParams(config.Version))
+	req.Params.Merge(updateutils.GetpdtmParams(config.Version))
 	// if it is upload endpoint also include name if it exists
-	if u.scanName != "" && req.URL.Path == uploadEndpoint {
-		req.URL.Params.Add("name", u.scanName)
+	if u.scanName != "" && req.Path == uploadEndpoint {
+		req.Params.Add("name", u.scanName)
 	}
 	req.URL.Update()
 

internal/runner/healthcheck.go

@@ -47,7 +47,7 @@ func DoHealthCheck(options *types.Options) string {
 	}
 	c4, err := net.Dial("tcp4", "scanme.sh:80")
 	if err == nil && c4 != nil {
-		c4.Close()
+		_ = c4.Close()
 	}
 	testResult = "Ok"
 	if err != nil {
@@ -56,7 +56,7 @@ func DoHealthCheck(options *types.Options) string {
 	test.WriteString(fmt.Sprintf("IPv4 connectivity to scanme.sh:80 => %s\n", testResult))
 	c6, err := net.Dial("tcp6", "scanme.sh:80")
 	if err == nil && c6 != nil {
-		c6.Close()
+		_ = c6.Close()
 	}
 	testResult = "Ok"
 	if err != nil {
@@ -65,7 +65,7 @@ func DoHealthCheck(options *types.Options) string {
 	test.WriteString(fmt.Sprintf("IPv6 connectivity to scanme.sh:80 => %s\n", testResult))
 	u4, err := net.Dial("udp4", "scanme.sh:53")
 	if err == nil && u4 != nil {
-		u4.Close()
+		_ = u4.Close()
 	}
 	testResult = "Ok"
 	if err != nil {

internal/runner/options.go

@@ -122,7 +122,7 @@ func ParseOptions(options *types.Options) {
 
 	// Set GitHub token in env variable. runner.getGHClientWithToken() reads token from env
 	if options.GitHubToken != "" && os.Getenv("GITHUB_TOKEN") != options.GitHubToken {
-		os.Setenv("GITHUB_TOKEN", options.GitHubToken)
+		_ = os.Setenv("GITHUB_TOKEN", options.GitHubToken)
 	}
 
 	if options.UncoverQuery != nil {
@@ -304,7 +304,9 @@ func createReportingOptions(options *types.Options) (*reporting.Options, error)
 		if err != nil {
 			return nil, errors.Wrap(err, "could not open reporting config file")
 		}
-		defer file.Close()
+		defer func() {
+          _ = file.Close()
+        }()
 
 		if err := yaml.DecodeAndValidate(file, reportingOptions); err != nil {
 			return nil, errors.Wrap(err, "could not parse reporting config file")
@@ -380,7 +382,9 @@ func loadResolvers(options *types.Options) {
 	if err != nil {
 		gologger.Fatal().Msgf("Could not open resolvers file: %s\n", err)
 	}
-	defer file.Close()
+	defer func() {
+         _ = file.Close()
+       }()
 
 	scanner := bufio.NewScanner(file)
 	for scanner.Scan() {

internal/runner/proxy.go

@@ -30,7 +30,9 @@ func loadProxyServers(options *types.Options) error {
 			if err != nil {
 				return fmt.Errorf("could not open proxy file: %w", err)
 			}
-			defer file.Close()
+			defer func() {
+           _ = file.Close()
+         }()
 			scanner := bufio.NewScanner(file)
 			for scanner.Scan() {
 				proxy := scanner.Text()
@@ -52,12 +54,13 @@ func loadProxyServers(options *types.Options) error {
 		return errorutil.WrapfWithNil(err, "failed to parse proxy got %v", err)
 	}
 	if options.ProxyInternal {
-		os.Setenv(HTTP_PROXY_ENV, proxyURL.String())
+		_ = os.Setenv(HTTP_PROXY_ENV, proxyURL.String())
 	}
-	if proxyURL.Scheme == proxyutils.HTTP || proxyURL.Scheme == proxyutils.HTTPS {
+	switch proxyURL.Scheme {
+	case proxyutils.HTTP, proxyutils.HTTPS:
 		gologger.Verbose().Msgf("Using %s as proxy server", proxyURL.String())
 		options.AliveHttpProxy = proxyURL.String()
-	} else if proxyURL.Scheme == proxyutils.SOCKS5 {
+	case proxyutils.SOCKS5:
 		options.AliveSocksProxy = proxyURL.String()
 		gologger.Verbose().Msgf("Using %s as socket proxy server", proxyURL.String())
 	}

internal/runner/runner.go

@@ -439,7 +439,7 @@ func (r *Runner) setupPDCPUpload(writer output.Writer) output.Writer {
 	if r.options.ScanID != "" {
 		r.options.EnableCloudUpload = true
 	}
-	if !(r.options.EnableCloudUpload || EnableCloudUpload) {
+	if !r.options.EnableCloudUpload && !EnableCloudUpload {
 		r.pdcpUploadErrMsg = fmt.Sprintf("[%v] Scan results upload to cloud is disabled.", r.colorizer.BrightYellow("WRN"))
 		return writer
 	}
@@ -940,7 +940,9 @@ func UploadResultsToCloud(options *types.Options) error {
 	if err != nil {
 		return errors.Wrap(err, "could not open scan upload file")
 	}
-	defer file.Close()
+	defer func() {
+         _ = file.Close()
+       }()
 
 	gologger.Info().Msgf("Uploading scan results to cloud dashboard from %s", options.ScanUploadFile)
 	dec := json.NewDecoder(file)

internal/runner/runner_test.go

@@ -64,8 +64,8 @@ func TestWalkReflectStructAssignsEnvVars(t *testing.T) {
 			B: "$VAR_TWO",
 		},
 	}
-	os.Setenv("VAR_EXAMPLE", "value")
-	os.Setenv("VAR_TWO", "value2")
+	_ = os.Setenv("VAR_EXAMPLE", "value")
+	_ = os.Setenv("VAR_TWO", "value2")
 
 	Walk(testStruct, expandEndVars)
 
@@ -79,9 +79,9 @@ func TestWalkReflectStructHandlesDifferentTypes(t *testing.T) {
 		B: "$VAR_TWO",
 		C: "$VAR_THREE",
 	}
-	os.Setenv("VAR_EXAMPLE", "value")
-	os.Setenv("VAR_TWO", "2")
-	os.Setenv("VAR_THREE", "true")
+	_ = os.Setenv("VAR_EXAMPLE", "value")
+	_ = os.Setenv("VAR_TWO", "2")
+	_ = os.Setenv("VAR_THREE", "true")
 
 	Walk(testStruct, expandEndVars)
 
@@ -96,9 +96,9 @@ func TestWalkReflectStructEmpty(t *testing.T) {
 		B: "",
 		C: "$VAR_THREE",
 	}
-	os.Setenv("VAR_EXAMPLE", "value")
-	os.Setenv("VAR_TWO", "2")
-	os.Setenv("VAR_THREE", "true")
+	_ = os.Setenv("VAR_EXAMPLE", "value")
+	_ = os.Setenv("VAR_TWO", "2")
+	_ = os.Setenv("VAR_THREE", "true")
 
 	Walk(testStruct, expandEndVars)
 
@@ -116,7 +116,7 @@ func TestWalkReflectStructWithNoYamlTag(t *testing.T) {
 		C: "$GITHUB_USER",
 	}
 
-	os.Setenv("GITHUB_USER", "testuser")
+	_ = os.Setenv("GITHUB_USER", "testuser")
 
 	Walk(test, expandEndVars)
 	require.Equal(t, "testuser", test.A)
@@ -132,9 +132,9 @@ func TestWalkReflectStructHandlesNestedStructs(t *testing.T) {
 			C: "$VAR_THREE",
 		},
 	}
-	os.Setenv("VAR_EXAMPLE", "value")
-	os.Setenv("VAR_TWO", "2")
-	os.Setenv("VAR_THREE", "true")
+	_ = os.Setenv("VAR_EXAMPLE", "value")
+	_ = os.Setenv("VAR_TWO", "2")
+	_ = os.Setenv("VAR_THREE", "true")
 
 	Walk(testStruct, expandEndVars)
 

internal/server/server.go

@@ -125,7 +125,7 @@ func NewStatsServer(fuzzStatsDB *stats.Tracker) (*DASTServer, error) {
 
 func (s *DASTServer) Close() {
 	s.nucleiExecutor.Close()
-	s.echo.Close()
+	_ = s.echo.Close()
 	s.tasksPool.StopAndWaitFor(1 * time.Minute)
 }
 

lib/config.go

@@ -463,6 +463,14 @@ func EnablePassiveMode() NucleiSDKOptions {
 	}
 }
 
+// EnableMatcherStatus allows enabling matcher status
+func EnableMatcherStatus() NucleiSDKOptions {
+	return func(e *NucleiEngine) error {
+		e.opts.MatcherStatus = true
+		return nil
+	}
+}
+
 // WithAuthProvider allows setting a custom authprovider implementation
 func WithAuthProvider(provider authprovider.AuthProvider) NucleiSDKOptions {
 	return func(e *NucleiEngine) error {

pkg/authprovider/authx/dynamic.go

@@ -43,8 +43,8 @@ func (d *Dynamic) GetDomainAndDomainRegex() ([]string, []string) {
 		domainRegex = append(domainRegex, secret.DomainsRegex...)
 	}
 	if d.Secret != nil {
-		domains = append(domains, d.Secret.Domains...)
-		domainRegex = append(domainRegex, d.Secret.DomainsRegex...)
+		domains = append(domains, d.Domains...)
+		domainRegex = append(domainRegex, d.DomainsRegex...)
 	}
 	uniqueDomains := sliceutil.Dedupe(domains)
 	uniqueDomainRegex := sliceutil.Dedupe(domainRegex)
@@ -52,14 +52,19 @@ func (d *Dynamic) GetDomainAndDomainRegex() ([]string, []string) {
 }
 
 func (d *Dynamic) UnmarshalJSON(data []byte) error {
-	if err := json.Unmarshal(data, &d); err != nil {
+	if d == nil {
+		return errorutil.New("cannot unmarshal into nil Dynamic struct")
+	}
+
+	// Use an alias type (auxiliary) to avoid a recursive call in this method.
+	type Alias Dynamic
+
+	// If d.Secret was nil, json.Unmarshal will allocate a new Secret object
+	// and populate it from the top level JSON fields.
+	if err := json.Unmarshal(data, (*Alias)(d)); err != nil {
 		return err
 	}
-	var s Secret
-	if err := json.Unmarshal(data, &s); err != nil {
-		return err
-	}
-	d.Secret = &s
+
 	return nil
 }
 
@@ -74,7 +79,7 @@ func (d *Dynamic) Validate() error {
 	}
 
 	if d.Secret != nil {
-		d.Secret.skipCookieParse = true // skip cookie parsing in dynamic secrets during validation
+		d.skipCookieParse = true // skip cookie parsing in dynamic secrets during validation
 		if err := d.Secret.Validate(); err != nil {
 			return err
 		}
@@ -187,7 +192,7 @@ func (d *Dynamic) GetStrategies() []AuthStrategy {
 	}
 	var strategies []AuthStrategy
 	if d.Secret != nil {
-		strategies = append(strategies, d.Secret.GetStrategy())
+		strategies = append(strategies, d.GetStrategy())
 	}
 	for _, secret := range d.Secrets {
 		strategies = append(strategies, secret.GetStrategy())

pkg/authprovider/authx/dynamic_test.go

@@ -0,0 +1,125 @@
+package authx
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/require"
+)
+
+func TestDynamicUnmarshalJSON(t *testing.T) {
+	t.Run("basic-unmarshal", func(t *testing.T) {
+		data := []byte(`{
+			"template": "test-template.yaml",
+			"variables": [
+				{
+					"key": "username",
+					"value": "testuser"
+				}
+			],
+			"secrets": [
+				{
+					"type": "BasicAuth",
+					"domains": ["example.com"],
+					"username": "user1",
+					"password": "pass1"
+				}
+			],
+			"type": "BasicAuth",
+			"domains": ["test.com"],
+			"username": "testuser",
+			"password": "testpass"
+		}`)
+
+		var d Dynamic
+		err := d.UnmarshalJSON(data)
+		require.NoError(t, err)
+
+		// Secret
+		require.NotNil(t, d.Secret)
+		require.Equal(t, "BasicAuth", d.Type)
+		require.Equal(t, []string{"test.com"}, d.Domains)
+		require.Equal(t, "testuser", d.Username)
+		require.Equal(t, "testpass", d.Password)
+
+		// Dynamic fields
+		require.Equal(t, "test-template.yaml", d.TemplatePath)
+		require.Len(t, d.Variables, 1)
+		require.Equal(t, "username", d.Variables[0].Key)
+		require.Equal(t, "testuser", d.Variables[0].Value)
+		require.Len(t, d.Secrets, 1)
+		require.Equal(t, "BasicAuth", d.Secrets[0].Type)
+		require.Equal(t, []string{"example.com"}, d.Secrets[0].Domains)
+		require.Equal(t, "user1", d.Secrets[0].Username)
+		require.Equal(t, "pass1", d.Secrets[0].Password)
+	})
+
+	t.Run("complex-unmarshal", func(t *testing.T) {
+		data := []byte(`{
+			"template": "test-template.yaml",
+			"variables": [
+				{
+					"key": "token",
+					"value": "Bearer xyz"
+				}
+			],
+			"secrets": [
+				{
+					"type": "CookiesAuth",
+					"domains": ["example.com"],
+					"cookies": [
+						{
+							"key": "session",
+							"value": "abc123"
+						}
+					]
+				}
+			],
+			"type": "HeadersAuth",
+			"domains": ["api.test.com"],
+			"headers": [
+				{
+					"key": "X-API-Key",
+					"value": "secret-key"
+				}
+			]
+		}`)
+
+		var d Dynamic
+		err := d.UnmarshalJSON(data)
+		require.NoError(t, err)
+
+		// Secret
+		require.NotNil(t, d.Secret)
+		require.Equal(t, "HeadersAuth", d.Type)
+		require.Equal(t, []string{"api.test.com"}, d.Domains)
+		require.Len(t, d.Headers, 1)
+		require.Equal(t, "X-API-Key", d.Secret.Headers[0].Key)
+		require.Equal(t, "secret-key", d.Secret.Headers[0].Value)
+
+		// Dynamic fields
+		require.Equal(t, "test-template.yaml", d.TemplatePath)
+		require.Len(t, d.Variables, 1)
+		require.Equal(t, "token", d.Variables[0].Key)
+		require.Equal(t, "Bearer xyz", d.Variables[0].Value)
+		require.Len(t, d.Secrets, 1)
+		require.Equal(t, "CookiesAuth", d.Secrets[0].Type)
+		require.Equal(t, []string{"example.com"}, d.Secrets[0].Domains)
+		require.Len(t, d.Secrets[0].Cookies, 1)
+		require.Equal(t, "session", d.Secrets[0].Cookies[0].Key)
+		require.Equal(t, "abc123", d.Secrets[0].Cookies[0].Value)
+	})
+
+	t.Run("invalid-json", func(t *testing.T) {
+		data := []byte(`{invalid json}`)
+		var d Dynamic
+		err := d.UnmarshalJSON(data)
+		require.Error(t, err)
+	})
+
+	t.Run("empty-json", func(t *testing.T) {
+		data := []byte(`{}`)
+		var d Dynamic
+		err := d.UnmarshalJSON(data)
+		require.NoError(t, err)
+	})
+}

pkg/catalog/config/constants.go

@@ -31,7 +31,7 @@ const (
 	CLIConfigFileName               = "config.yaml"
 	ReportingConfigFilename         = "reporting-config.yaml"
 	// Version is the current version of nuclei
-	Version = `v3.4.4`
+	Version = `v3.4.7`
 	// Directory Names of custom templates
 	CustomS3TemplatesDirName     = "s3"
 	CustomGitHubTemplatesDirName = "github"

pkg/catalog/config/ignorefile.go

@@ -20,7 +20,9 @@ func ReadIgnoreFile() IgnoreFile {
 		gologger.Error().Msgf("Could not read nuclei-ignore file: %s\n", err)
 		return IgnoreFile{}
 	}
-	defer file.Close()
+	defer func() {
+		_ = file.Close()
+	}()
 
 	ignore := IgnoreFile{}
 	if err := yaml.NewDecoder(file).Decode(&ignore); err != nil {

pkg/catalog/config/template.go

@@ -74,7 +74,9 @@ func getTemplateID(filePath string) (string, error) {
 		return "", err
 	}
 
-	defer file.Close()
+	defer func() {
+		_ = file.Close()
+	}()
 	return GetTemplateIDFromReader(file, filePath)
 }
 

pkg/catalog/loader/ai_loader.go

@@ -117,7 +117,9 @@ func generateAITemplate(prompt string) (string, string, error) {
 	if err != nil {
 		return "", "", errorutil.New("Failed to send HTTP request: %v", err)
 	}
-	defer resp.Body.Close()
+	defer func() {
+		_ = resp.Body.Close()
+	}()
 
 	if resp.StatusCode == http.StatusUnauthorized {
 		return "", "", errorutil.New("Invalid API Key or API Key not configured, Create one for free at https://cloud.projectdiscovery.io/")

pkg/catalog/loader/loader.go

@@ -237,7 +237,9 @@ func (store *Store) ReadTemplateFromURI(uri string, remote bool) ([]byte, error)
 		if err != nil {
 			return nil, err
 		}
-		defer resp.Body.Close()
+		defer func() {
+          _ = resp.Body.Close()
+        }()
 		return io.ReadAll(resp.Body)
 	} else {
 		return os.ReadFile(uri)

pkg/catalog/loader/remote_loader.go

@@ -49,9 +49,10 @@ func getRemoteTemplatesAndWorkflows(templateURLs, workflowURLs, remoteTemplateDo
 				err = remoteContent.Error
 			}
 		} else {
-			if remoteContent.Type == Template {
+			switch remoteContent.Type {
+			case Template:
 				remoteTemplateList = append(remoteTemplateList, remoteContent.Content...)
-			} else if remoteContent.Type == Workflow {
+			case Workflow:
 				remoteWorkFlowList = append(remoteWorkFlowList, remoteContent.Content...)
 			}
 		}
@@ -80,7 +81,9 @@ func getRemoteContent(URL string, remoteTemplateDomainList []string, remoteConte
 		}
 		return
 	}
-	defer response.Body.Close()
+	defer func() {
+         _ = response.Body.Close()
+       }()
 	if response.StatusCode < 200 || response.StatusCode > 299 {
 		remoteContentChannel <- RemoteContent{
 			Error: fmt.Errorf("get \"%s\": unexpect status %d", URL, response.StatusCode),

pkg/core/executors.go

@@ -38,7 +38,7 @@ func (e *Engine) executeAllSelfContained(ctx context.Context, alltemplates []*te
 				match, err = template.Executer.Execute(ctx)
 			}
 			if err != nil {
-				gologger.Warning().Msgf("[%s] Could not execute step: %s\n", e.executerOpts.Colorizer.BrightBlue(template.ID), err)
+				gologger.Warning().Msgf("[%s] Could not execute step (self-contained): %s\n", e.executerOpts.Colorizer.BrightBlue(template.ID), err)
 			}
 			results.CompareAndSwap(false, match)
 		}(v)
@@ -140,7 +140,7 @@ func (e *Engine) executeTemplateWithTargets(ctx context.Context, template *templ
 				}
 			}
 			if err != nil {
-				gologger.Warning().Msgf("[%s] Could not execute step: %s\n", e.executerOpts.Colorizer.BrightBlue(template.ID), err)
+				gologger.Warning().Msgf("[%s] Could not execute step on %s: %s\n", e.executerOpts.Colorizer.BrightBlue(template.ID), value.Input, err)
 			}
 			results.CompareAndSwap(false, match)
 		}(index, skip, scannedValue)
@@ -206,7 +206,7 @@ func (e *Engine) executeTemplatesOnTarget(ctx context.Context, alltemplates []*t
 				}
 			}
 			if err != nil {
-				gologger.Warning().Msgf("[%s] Could not execute step: %s\n", e.executerOpts.Colorizer.BrightBlue(template.ID), err)
+				gologger.Warning().Msgf("[%s] Could not execute step on %s: %s\n", e.executerOpts.Colorizer.BrightBlue(template.ID), value.Input, err)
 			}
 			results.CompareAndSwap(false, match)
 		}(tpl, target, sg)

pkg/external/customtemplates/gitlab.go

@@ -10,7 +10,7 @@ import (
 	"github.com/projectdiscovery/nuclei/v3/pkg/catalog/config"
 	"github.com/projectdiscovery/nuclei/v3/pkg/types"
 	errorutil "github.com/projectdiscovery/utils/errors"
-	"github.com/xanzy/go-gitlab"
+	gitlab "gitlab.com/gitlab-org/api/client-go"
 )
 
 var _ Provider = &customTemplateGitLabRepo{}

pkg/external/customtemplates/s3.go

@@ -96,7 +96,9 @@ func downloadToFile(downloader *manager.Downloader, targetDirectory, bucket, key
 	if err != nil {
 		return err
 	}
-	defer fd.Close()
+	defer func() {
+		_ = fd.Close()
+	}()
 
 	// Download the file using the AWS SDK for Go
 	_, err = downloader.Download(context.TODO(), fd, &s3.GetObjectInput{Bucket: &bucket, Key: &key})

pkg/fuzz/analyzers/time/analyzer.go

@@ -123,7 +123,7 @@ func (a *Analyzer) Analyze(options *analyzers.Options) (bool, string, error) {
 		if err != nil {
 			return 0, errors.Wrap(err, "could not rebuild request")
 		}
-		gologger.Verbose().Msgf("[%s] Sending request with %d delay for: %s", a.Name(), delay, rebuilt.URL.String())
+		gologger.Verbose().Msgf("[%s] Sending request with %d delay for: %s", a.Name(), delay, rebuilt.String())
 
 		timeTaken, err := doHTTPRequestWithTimeTracing(rebuilt, options.HttpClient)
 		if err != nil {

pkg/fuzz/analyzers/time/time_delay.go

@@ -60,10 +60,7 @@ func checkTimingDependency(
 	requestsLeft := requestsLimit
 
 	var requestsSent []requestsSentMetadata
-	for {
-		if requestsLeft <= 0 {
-			break
-		}
+	for requestsLeft > 0 {
 
 		isCorrelationPossible, delayRecieved, err := sendRequestAndTestConfidence(regression, highSleepTimeSeconds, requestSender, baselineDelay)
 		if err != nil {

pkg/fuzz/component/path.go

@@ -36,7 +36,7 @@ func (q *Path) Parse(req *retryablehttp.Request) (bool, error) {
 	q.req = req
 	q.value = NewValue("")
 
-	splitted := strings.Split(req.URL.Path, "/")
+	splitted := strings.Split(req.Path, "/")
 	values := make(map[string]interface{})
 	for i := range splitted {
 		pathTillNow := strings.Join(splitted[:i+1], "/")
@@ -83,7 +83,7 @@ func (q *Path) Delete(key string) error {
 // component rebuilt
 func (q *Path) Rebuild() (*retryablehttp.Request, error) {
 	originalValues := mapsutil.Map[string, any]{}
-	splitted := strings.Split(q.req.URL.Path, "/")
+	splitted := strings.Split(q.req.Path, "/")
 	for i := range splitted {
 		pathTillNow := strings.Join(splitted[:i+1], "/")
 		if pathTillNow == "" {
@@ -92,7 +92,7 @@ func (q *Path) Rebuild() (*retryablehttp.Request, error) {
 		originalValues[strconv.Itoa(i)] = pathTillNow
 	}
 
-	originalPath := q.req.URL.Path
+	originalPath := q.req.Path
 	lengthSplitted := len(q.value.parsed.Map)
 	for i := lengthSplitted; i > 0; i-- {
 		key := strconv.Itoa(i)
@@ -120,7 +120,7 @@ func (q *Path) Rebuild() (*retryablehttp.Request, error) {
 	// Clone the request and update the path
 	cloned := q.req.Clone(context.Background())
 	if err := cloned.UpdateRelPath(rebuiltPath, true); err != nil {
-		cloned.URL.RawPath = rebuiltPath
+		cloned.RawPath = rebuiltPath
 	}
 	return cloned, nil
 }

pkg/fuzz/component/path_test.go

@@ -40,8 +40,8 @@ func TestURLComponent(t *testing.T) {
 	if err != nil {
 		t.Fatal(err)
 	}
-	require.Equal(t, "/newpath", rebuilt.URL.Path, "unexpected URL path")
-	require.Equal(t, "https://example.com/newpath", rebuilt.URL.String(), "unexpected full URL")
+	require.Equal(t, "/newpath", rebuilt.Path, "unexpected URL path")
+	require.Equal(t, "https://example.com/newpath", rebuilt.String(), "unexpected full URL")
 }
 
 func TestURLComponent_NestedPaths(t *testing.T) {
@@ -74,7 +74,7 @@ func TestURLComponent_NestedPaths(t *testing.T) {
 	if err != nil {
 		t.Fatal(err)
 	}
-	if newReq.URL.Path != "/user/753'/profile" {
+	if newReq.Path != "/user/753'/profile" {
 		t.Fatal("expected path to be modified")
 	}
 }

pkg/fuzz/component/query.go

@@ -84,7 +84,7 @@ func (q *Query) Rebuild() (*retryablehttp.Request, error) {
 		return nil, errors.Wrap(err, "could not encode query")
 	}
 	cloned := q.req.Clone(context.Background())
-	cloned.URL.RawQuery = encoded
+	cloned.RawQuery = encoded
 
 	// Clear the query parameters and re-add them
 	cloned.Params = nil

pkg/fuzz/component/query_test.go

@@ -41,6 +41,6 @@ func TestQueryComponent(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	require.Equal(t, "foo=baz", rebuilt.URL.RawQuery, "unexpected query string")
-	require.Equal(t, "https://example.com?foo=baz", rebuilt.URL.String(), "unexpected url")
+	require.Equal(t, "foo=baz", rebuilt.RawQuery, "unexpected query string")
+	require.Equal(t, "https://example.com?foo=baz", rebuilt.String(), "unexpected url")
 }

pkg/fuzz/dataformat/multipart.go

@@ -92,7 +92,7 @@ func (m *MultiPartForm) Encode(data KV) (string, error) {
 		return "", Itererr
 	}
 
-	w.Close()
+	_ = w.Close()
 	return b.String(), nil
 }
 
@@ -142,7 +142,9 @@ func (m *MultiPartForm) Decode(data string) (KV, error) {
 			if err != nil {
 				return KV{}, err
 			}
-			defer file.Close()
+			defer func() {
+           _ = file.Close()
+         }()
 
 			buffer := new(bytes.Buffer)
 			if _, err := buffer.ReadFrom(file); err != nil {

pkg/fuzz/execute.go

@@ -98,7 +98,7 @@ func (rule *Rule) Execute(input *ExecuteRuleInput) (err error) {
 	// match rule part with component name
 	displayDebugFuzzPoints := make(map[string]map[string]string)
 	for _, componentName := range component.Components {
-		if !(rule.Part == componentName || sliceutil.Contains(rule.Parts, componentName) || rule.partType == requestPartType) {
+		if rule.Part != componentName && !sliceutil.Contains(rule.Parts, componentName) && rule.partType != requestPartType {
 			continue
 		}
 		component := component.New(componentName)

pkg/fuzz/parts.go

@@ -163,7 +163,7 @@ func (rule *Rule) execWithInput(input *ExecuteRuleInput, httpReq *retryablehttp.
 	if rule.options.FuzzParamsFrequency != nil {
 		if rule.options.FuzzParamsFrequency.IsParameterFrequent(
 			parameter,
-			httpReq.URL.String(),
+			httpReq.String(),
 			rule.options.TemplateID,
 		) {
 			return nil

pkg/fuzz/stats/stats.go

@@ -96,9 +96,10 @@ func getCorrectSiteName(originalURL string) string {
 	// Site is the host:port combo
 	siteName := parsed.Host
 	if parsed.Port() == "" {
-		if parsed.Scheme == "https" {
+		switch parsed.Scheme {
+		case "https":
 			siteName = fmt.Sprintf("%s:443", siteName)
-		} else if parsed.Scheme == "http" {
+		case "http":
 			siteName = fmt.Sprintf("%s:80", siteName)
 		}
 	}

pkg/input/formats/burp/burp_test.go

@@ -17,7 +17,9 @@ func TestBurpParse(t *testing.T) {
 
 	file, err := os.Open(proxifyInputFile)
 	require.Nilf(t, err, "error opening proxify input file: %v", err)
-	defer file.Close()
+	defer func() {
+		_ = file.Close()
+	}()
 
 	err = format.Parse(file, func(request *types.RequestResponse) bool {
 		gotMethodsToURLs = append(gotMethodsToURLs, request.URL.String())

pkg/input/formats/formats.go

@@ -94,7 +94,9 @@ func WriteOpenAPIVarDumpFile(vars *OpenAPIParamsCfgFile) error {
 	if err != nil {
 		return err
 	}
-	defer f.Close()
+	defer func() {
+		_ = f.Close()
+	}()
 	bin, err := yaml.Marshal(vars)
 	if err != nil {
 		return err

pkg/input/formats/json/json_test.go

@@ -44,7 +44,9 @@ func TestJSONFormatterParse(t *testing.T) {
 
 	file, err := os.Open(proxifyInputFile)
 	require.Nilf(t, err, "error opening proxify input file: %v", err)
-	defer file.Close()
+	defer func() {
+		_ = file.Close()
+	}()
 
 	var urls []string
 	err = format.Parse(file, func(request *types.RequestResponse) bool {

pkg/input/formats/openapi/generator.go

@@ -217,7 +217,7 @@ func generateRequestsFromOp(opts *generateReqOptions) error {
 					return nil
 				} else {
 					// if it is in path then remove it from path
-					opts.requestPath = strings.Replace(opts.requestPath, fmt.Sprintf("{%s}", value.Name), "", -1)
+					opts.requestPath = strings.ReplaceAll(opts.requestPath, fmt.Sprintf("{%s}", value.Name), "")
 					if !opts.opts.RequiredOnly {
 						gologger.Verbose().Msgf("openapi: skipping optional param (%s) in (%v) in request [%s] %s due to missing value (%v)\n", value.Name, value.In, opts.method, opts.requestPath, value.Name)
 					}
@@ -233,7 +233,7 @@ func generateRequestsFromOp(opts *generateReqOptions) error {
 					return nil
 				} else {
 					// if it is in path then remove it from path
-					opts.requestPath = strings.Replace(opts.requestPath, fmt.Sprintf("{%s}", value.Name), "", -1)
+					opts.requestPath = strings.ReplaceAll(opts.requestPath, fmt.Sprintf("{%s}", value.Name), "")
 					if !opts.opts.RequiredOnly {
 						gologger.Verbose().Msgf("openapi: skipping optional param (%s) in (%v) in request [%s] %s due to missing value (%v)\n", value.Name, value.In, opts.method, opts.requestPath, value.Name)
 					}
@@ -244,7 +244,7 @@ func generateRequestsFromOp(opts *generateReqOptions) error {
 		}
 		if opts.requiredOnly && !value.Required {
 			// remove them from path if any
-			opts.requestPath = strings.Replace(opts.requestPath, fmt.Sprintf("{%s}", value.Name), "", -1)
+			opts.requestPath = strings.ReplaceAll(opts.requestPath, fmt.Sprintf("{%s}", value.Name), "")
 			continue // Skip this parameter if it is not required and we want only required ones
 		}
 
@@ -327,7 +327,7 @@ func generateRequestsFromOp(opts *generateReqOptions) error {
 							_ = multipartWriter.WriteField(k, types.ToString(v))
 						}
 					}
-					multipartWriter.Close()
+					_ = multipartWriter.Close()
 					// body = buffer.String()
 					cloned.Body = io.NopCloser(buffer)
 					cloned.ContentLength = int64(len(buffer.Bytes()))

pkg/input/formats/openapi/openapi_test.go

@@ -44,7 +44,9 @@ func TestOpenAPIParser(t *testing.T) {
 
 	file, err := os.Open(proxifyInputFile)
 	require.Nilf(t, err, "error opening proxify input file: %v", err)
-	defer file.Close()
+	defer func() {
+		_ = file.Close()
+	}()
 
 	err = format.Parse(file, func(rr *types.RequestResponse) bool {
 		gotMethodsToURLs[rr.Request.Method] = append(gotMethodsToURLs[rr.Request.Method],

pkg/input/formats/swagger/swagger_test.go

@@ -17,7 +17,9 @@ func TestSwaggerAPIParser(t *testing.T) {
 
 	file, err := os.Open(proxifyInputFile)
 	require.Nilf(t, err, "error opening proxify input file: %v", err)
-	defer file.Close()
+	defer func() {
+		_ = file.Close()
+	}()
 
 	err = format.Parse(file, func(request *types.RequestResponse) bool {
 		gotMethodsToURLs = append(gotMethodsToURLs, request.URL.String())

pkg/input/formats/yaml/multidoc_test.go

@@ -22,7 +22,9 @@ func TestYamlFormatterParse(t *testing.T) {
 
 	file, err := os.Open(proxifyInputFile)
 	require.Nilf(t, err, "error opening proxify input file: %v", err)
-	defer file.Close()
+	defer func() {
+		_ = file.Close()
+	}()
 
 	var urls []string
 	err = format.Parse(file, func(request *types.RequestResponse) bool {

pkg/input/provider/http/multiformat.go

@@ -73,7 +73,7 @@ func NewHttpInputProvider(opts *HttpMultiFormatOptions) (*HttpInputProvider, err
 	}
 	defer func() {
 		if inputFile != nil {
-			inputFile.Close()
+			_ = inputFile.Close()
 		}
 	}()
 

pkg/input/provider/list/hmap.go

@@ -258,7 +258,7 @@ func (i *ListInputProvider) InputType() string {
 
 // Close closes the input provider
 func (i *ListInputProvider) Close() {
-	i.hostMap.Close()
+	_ = i.hostMap.Close()
 	if i.hostMapStream != nil {
 		i.hostMapStream.Close()
 	}
@@ -298,7 +298,7 @@ func (i *ListInputProvider) initializeInputSources(opts *Options) error {
 		}
 		if input != nil {
 			i.scanInputFromReader(input)
-			input.Close()
+			_ = input.Close()
 		}
 	}
 	if options.Uncover && options.UncoverQuery != nil {

pkg/input/transform_test.go

@@ -13,7 +13,9 @@ func TestConvertInputToType(t *testing.T) {
 	hm, err := hybrid.New(hybrid.DefaultDiskOptions)
 	require.NoError(t, err, "could not create hybrid map")
 	helper.InputsHTTP = hm
-	defer hm.Close()
+	defer func() {
+		_ = hm.Close()
+	}()
 
 	_ = hm.Set("google.com", []byte("https://google.com"))
 

pkg/installer/template_test.go

@@ -18,10 +18,12 @@ func TestTemplateInstallation(t *testing.T) {
 	tm := &TemplateManager{}
 	dir, err := os.MkdirTemp("", "nuclei-templates-*")
 	require.Nil(t, err)
-	defer os.RemoveAll(dir)
 	cfgdir, err := os.MkdirTemp("", "nuclei-config-*")
 	require.Nil(t, err)
-	defer os.RemoveAll(cfgdir)
+	defer func() {
+		_ = os.RemoveAll(dir)
+		_ = os.RemoveAll(cfgdir)
+	}()
 
 	// set the config directory to a temporary directory
 	config.DefaultConfig.SetConfigDir(cfgdir)

pkg/installer/versioncheck.go

@@ -92,7 +92,9 @@ func doVersionCheck(isSDK bool) error {
 	if err != nil {
 		return err
 	}
-	defer resp.Body.Close()
+	defer func() {
+		_ = resp.Body.Close()
+	}()
 	bin, err := io.ReadAll(resp.Body)
 	if err != nil {
 		return err

pkg/installer/zipslip_unix_test.go

@@ -47,7 +47,9 @@ func TestZipSlip(t *testing.T) {
 	}
 
 	configuredTemplateDirectory := filepath.Join(os.TempDir(), "templates")
-	defer os.RemoveAll(configuredTemplateDirectory)
+	defer func() {
+		_ = os.RemoveAll(configuredTemplateDirectory)
+	}()
 
 	t.Run("negative scenarios", func(t *testing.T) {
 		filePathsFromZip := []string{

pkg/js/compiler/compiler.go

@@ -156,9 +156,27 @@ func (c *Compiler) ExecuteWithOptions(program *goja.Program, args *ExecuteArgs,
 	return res, nil
 }
 
-// Wraps a script in a function and compiles it.
-func WrapScriptNCompile(script string, strict bool) (*goja.Program, error) {
-	if !stringsutil.ContainsAny(script, exportAsToken, exportToken) {
+// if the script uses export/ExportAS tokens then we can run it in IIFE mode
+// but if not we can't run it
+func CanRunAsIIFE(script string) bool {
+	return stringsutil.ContainsAny(script, exportAsToken, exportToken)
+}
+
+// SourceIIFEMode is a mode where the script is wrapped in a function and compiled.
+// This is used when the script is not exported or exported as a function.
+func SourceIIFEMode(script string, strict bool) (*goja.Program, error) {
+	val := fmt.Sprintf(`
+		(function() {
+			%s
+		})()
+	`, script)
+	return goja.Compile("", val, strict)
+}
+
+// SourceAutoMode is a mode where the script is wrapped in a function and compiled.
+// This is used when the script is exported or exported as a function.
+func SourceAutoMode(script string, strict bool) (*goja.Program, error) {
+	if !CanRunAsIIFE(script) {
 		// this will not be run in a pooled runtime
 		return goja.Compile("", script, strict)
 	}

pkg/js/compiler/compiler_test.go

@@ -21,7 +21,7 @@ func TestNewCompilerConsoleDebug(t *testing.T) {
 	})
 
 	compiler := New()
-	p, err := WrapScriptNCompile("console.log('hello world');", false)
+	p, err := SourceAutoMode("console.log('hello world');", false)
 	if err != nil {
 		t.Fatal(err)
 	}

pkg/js/devtools/bindgen/output.go

@@ -36,10 +36,10 @@ func (d *TemplateData) WriteGoTemplate(outputDirectory string, pkgName string) e
 	}
 
 	if err := tmpl.Execute(output, d); err != nil {
-		output.Close()
+		_ = output.Close()
 		return errors.Wrap(err, "could not execute go class template")
 	}
-	output.Close()
+	_ = output.Close()
 
 	cmd := exec.Command("gofmt", "-w", filename)
 	cmd.Stderr = os.Stderr
@@ -68,10 +68,10 @@ func (d *TemplateData) WriteJSTemplate(outputDirectory string, pkgName string) e
 	}
 
 	if err := tmpl.Execute(output, d); err != nil {
-		output.Close()
+		_ = output.Close()
 		return errors.Wrap(err, "could not execute js class template")
 	}
-	output.Close()
+	_ = output.Close()
 
 	cmd := exec.Command("js-beautify", "-r", filename)
 	cmd.Stderr = os.Stderr
@@ -91,18 +91,20 @@ func (d *TemplateData) WriteMarkdownIndexTemplate(outputDirectory string) error
 	if err != nil {
 		return errors.Wrap(err, "could not create markdown index template")
 	}
-	defer output.Close()
+	defer func() {
+         _ = output.Close()
+       }()
 
 	buffer := &bytes.Buffer{}
 	_, _ = buffer.WriteString("# Index\n\n")
 	for _, v := range markdownIndexes {
-		_, _ = buffer.WriteString(fmt.Sprintf("* %s\n", v))
+		_, _ = fmt.Fprintf(buffer, "* %s\n", v)
 	}
 	_, _ = buffer.WriteString("\n\n")
 
 	_, _ = buffer.WriteString("# Scripts\n\n")
 	for _, v := range d.NativeScripts {
-		_, _ = buffer.WriteString(fmt.Sprintf("* `%s`\n", v))
+		_, _ = fmt.Fprintf(buffer, "* `%s`\n", v)
 	}
 	if _, err := output.Write(buffer.Bytes()); err != nil {
 		return errors.Wrap(err, "could not write markdown index template")
@@ -131,10 +133,10 @@ func (d *TemplateData) WriteMarkdownLibraryDocumentation(outputDirectory string,
 
 	markdownIndexes[pkgName] = fmt.Sprintf("[%s](%s.md)", pkgName, pkgName)
 	if err := tmpl.Execute(output, d); err != nil {
-		output.Close()
+		_ = output.Close()
 		return err
 	}
-	output.Close()
+	_ = output.Close()
 
 	return nil
 }

pkg/js/libs/kerberos/sendtokdc.go

@@ -80,7 +80,9 @@ func sendToKDCTcp(kclient *Client, msg string) ([]byte, error) {
 			errs = append(errs, fmt.Sprintf("error establishing connection to %s: %v", kdcs[i], err))
 			continue
 		}
-		defer tcpConn.Close()
+		defer func() {
+          _ = tcpConn.Close()
+        }()
 		_ = tcpConn.SetDeadline(time.Now().Add(time.Duration(kclient.config.timeout) * time.Second)) //read and write deadline
 		rb, err := sendTCP(tcpConn.(*net.TCPConn), []byte(msg))
 		if err != nil {
@@ -113,7 +115,9 @@ func sendToKDCUdp(kclient *Client, msg string) ([]byte, error) {
 			errs = append(errs, fmt.Sprintf("error establishing connection to %s: %v", kdcs[i], err))
 			continue
 		}
-		defer udpConn.Close()
+		defer func() {
+          _ = udpConn.Close()
+        }()
 		_ = udpConn.SetDeadline(time.Now().Add(time.Duration(kclient.config.timeout) * time.Second)) //read and write deadline
 		rb, err := sendUDP(udpConn.(*net.UDPConn), []byte(msg))
 		if err != nil {
@@ -132,7 +136,9 @@ func sendToKDCUdp(kclient *Client, msg string) ([]byte, error) {
 // sendUDP sends bytes to connection over UDP.
 func sendUDP(conn *net.UDPConn, b []byte) ([]byte, error) {
 	var r []byte
-	defer conn.Close()
+	defer func() {
+         _ = conn.Close()
+       }()
 	_, err := conn.Write(b)
 	if err != nil {
 		return r, fmt.Errorf("error sending to (%s): %v", conn.RemoteAddr().String(), err)
@@ -151,7 +157,9 @@ func sendUDP(conn *net.UDPConn, b []byte) ([]byte, error) {
 
 // sendTCP sends bytes to connection over TCP.
 func sendTCP(conn *net.TCPConn, b []byte) ([]byte, error) {
-	defer conn.Close()
+	defer func() {
+         _ = conn.Close()
+       }()
 	var r []byte
 	// RFC 4120 7.2.2 specifies the first 4 bytes indicate the length of the message in big endian order.
 	hb := make([]byte, 4)

pkg/js/libs/ldap/ldap.go

@@ -331,7 +331,7 @@ func (c *Client) CollectMetadata() Metadata {
 // ```
 func (c *Client) GetVersion() []string {
 	c.nj.Require(c.conn != nil, "no existing connection")
-	
+
 	// Query root DSE for supported LDAP versions
 	sr := ldap.NewSearchRequest(
 		"",
@@ -341,18 +341,17 @@ func (c *Client) GetVersion() []string {
 		"(objectClass=*)",
 		[]string{"supportedLDAPVersion"},
 		nil)
-	
+
 	res, err := c.conn.Search(sr)
 	c.nj.HandleError(err, "failed to get LDAP version")
-	
+
 	if len(res.Entries) > 0 {
 		return res.Entries[0].GetAttributeValues("supportedLDAPVersion")
 	}
-	
+
 	return []string{"unknown"}
 }
 
-
 // close the ldap connection
 // @example
 // ```javascript
@@ -361,5 +360,5 @@ func (c *Client) GetVersion() []string {
 // client.Close();
 // ```
 func (c *Client) Close() {
-	c.conn.Close()
+	_ = c.conn.Close()
 }

pkg/js/libs/mssql/mssql.go

@@ -76,7 +76,9 @@ func connect(host string, port int, username string, password string, dbName str
 	if err != nil {
 		return false, err
 	}
-	defer db.Close()
+	defer func() {
+         _ = db.Close()
+       }()
 
 	_, err = db.Exec("select 1")
 	if err != nil {
@@ -120,7 +122,9 @@ func isMssql(host string, port int) (bool, error) {
 	if err != nil {
 		return false, err
 	}
-	defer conn.Close()
+	defer func() {
+         _ = conn.Close()
+       }()
 
 	data, check, err := mssql.DetectMSSQL(conn, 5*time.Second)
 	if check && err != nil {
@@ -172,7 +176,9 @@ func (c *MSSQLClient) ExecuteQuery(host string, port int, username, password, db
 	if err != nil {
 		return nil, err
 	}
-	defer db.Close()
+	defer func() {
+         _ = db.Close()
+       }()
 
 	db.SetMaxOpenConns(1)
 	db.SetMaxIdleConns(0)

pkg/js/libs/mysql/mysql.go

@@ -50,7 +50,9 @@ func isMySQL(host string, port int) (bool, error) {
 	if err != nil {
 		return false, err
 	}
-	defer conn.Close()
+	defer func() {
+         _ = conn.Close()
+       }()
 
 	plugin := &mysqlplugin.MYSQLPlugin{}
 	service, err := plugin.Run(conn, 5*time.Second, plugins.Target{Host: host})
@@ -140,7 +142,9 @@ func fingerprintMySQL(host string, port int) (MySQLInfo, error) {
 	if err != nil {
 		return info, err
 	}
-	defer conn.Close()
+	defer func() {
+         _ = conn.Close()
+       }()
 
 	plugin := &mysqlplugin.MYSQLPlugin{}
 	service, err := plugin.Run(conn, 5*time.Second, plugins.Target{Host: host})
@@ -212,7 +216,9 @@ func (c *MySQLClient) ExecuteQueryWithOpts(opts MySQLOptions, query string) (*ut
 	if err != nil {
 		return nil, err
 	}
-	defer db.Close()
+	defer func() {
+         _ = db.Close()
+       }()
 	db.SetMaxOpenConns(1)
 	db.SetMaxIdleConns(0)
 

pkg/js/libs/mysql/mysql_private.go

@@ -77,7 +77,9 @@ func connectWithDSN(dsn string) (bool, error) {
 	if err != nil {
 		return false, err
 	}
-	defer db.Close()
+	defer func() {
+         _ = db.Close()
+       }()
 	db.SetMaxOpenConns(1)
 	db.SetMaxIdleConns(0)
 

pkg/js/libs/oracle/oracle.go

@@ -45,7 +45,9 @@ func isOracle(host string, port int) (IsOracleResponse, error) {
 	if err != nil {
 		return resp, err
 	}
-	defer conn.Close()
+	defer func() {
+		_ = conn.Close()
+	}()
 
 	oracledbPlugin := oracledb.ORACLEPlugin{}
 	service, err := oracledbPlugin.Run(conn, timeout, plugins.Target{Host: host})

pkg/js/libs/pop3/pop3.go

@@ -46,7 +46,9 @@ func isPoP3(host string, port int) (IsPOP3Response, error) {
 	if err != nil {
 		return resp, err
 	}
-	defer conn.Close()
+	defer func() {
+		_ = conn.Close()
+	}()
 
 	pop3Plugin := pop3.POP3Plugin{}
 	service, err := pop3Plugin.Run(conn, timeout, plugins.Target{Host: host})

pkg/js/libs/postgres/postgres.go

@@ -12,8 +12,8 @@ import (
 	"github.com/praetorian-inc/fingerprintx/pkg/plugins"
 	postgres "github.com/praetorian-inc/fingerprintx/pkg/plugins/services/postgresql"
 	utils "github.com/projectdiscovery/nuclei/v3/pkg/js/utils"
-	"github.com/projectdiscovery/nuclei/v3/pkg/js/utils/pgwrap"
-	_ "github.com/projectdiscovery/nuclei/v3/pkg/js/utils/pgwrap"
+	"github.com/projectdiscovery/nuclei/v3/pkg/js/utils/pgwrap"   //nolint:staticcheck // need to call init
+	_ "github.com/projectdiscovery/nuclei/v3/pkg/js/utils/pgwrap" //nolint:staticcheck
 	"github.com/projectdiscovery/nuclei/v3/pkg/protocols/common/protocolstate"
 )
 
@@ -49,7 +49,9 @@ func isPostgres(host string, port int) (bool, error) {
 	if err != nil {
 		return false, err
 	}
-	defer conn.Close()
+	defer func() {
+         _ = conn.Close()
+       }()
 
 	_ = conn.SetDeadline(time.Now().Add(timeout))
 
@@ -121,7 +123,9 @@ func executeQuery(host string, port int, username string, password string, dbNam
 	if err != nil {
 		return nil, err
 	}
-	defer db.Close()
+	defer func() {
+         _ = db.Close()
+       }()
 
 	rows, err := db.Query(query)
 	if err != nil {
@@ -182,7 +186,9 @@ func connect(host string, port int, username string, password string, dbName str
 		},
 		IdleCheckFrequency: -1,
 	}).WithContext(ctx).WithTimeout(10 * time.Second)
-	defer db.Close()
+	defer func() {
+         _ = db.Close()
+       }()
 
 	_, err := db.Exec("select 1")
 	if err != nil {

pkg/js/libs/rdp/rdp.go

@@ -48,7 +48,9 @@ func isRDP(host string, port int) (IsRDPResponse, error) {
 	if err != nil {
 		return resp, err
 	}
-	defer conn.Close()
+	defer func() {
+         _ = conn.Close()
+       }()
 
 	server, isRDP, err := rdp.DetectRDP(conn, timeout)
 	if err != nil {
@@ -99,7 +101,9 @@ func checkRDPAuth(host string, port int) (CheckRDPAuthResponse, error) {
 	if err != nil {
 		return resp, err
 	}
-	defer conn.Close()
+	defer func() {
+         _ = conn.Close()
+       }()
 
 	pluginInfo, auth, err := rdp.DetectRDPAuth(conn, timeout)
 	if err != nil {

pkg/js/libs/redis/redis.go

@@ -34,7 +34,9 @@ func getServerInfo(host string, port int) (string, error) {
 		Password: "", // no password set
 		DB:       0,  // use default DB
 	})
-	defer client.Close()
+	defer func() {
+         _ = client.Close()
+       }()
 
 	// Ping the Redis server
 	_, err := client.Ping(context.TODO()).Result()
@@ -73,7 +75,9 @@ func connect(host string, port int, password string) (bool, error) {
 		Password: password, // no password set
 		DB:       0,        // use default DB
 	})
-	defer client.Close()
+	defer func() {
+         _ = client.Close()
+       }()
 
 	_, err := client.Ping(context.TODO()).Result()
 	if err != nil {
@@ -110,7 +114,9 @@ func getServerInfoAuth(host string, port int, password string) (string, error) {
 		Password: password, // no password set
 		DB:       0,        // use default DB
 	})
-	defer client.Close()
+	defer func() {
+         _ = client.Close()
+       }()
 
 	// Ping the Redis server
 	_, err := client.Ping(context.TODO()).Result()
@@ -145,7 +151,9 @@ func isAuthenticated(host string, port int) (bool, error) {
 	if err != nil {
 		return false, err
 	}
-	defer conn.Close()
+	defer func() {
+         _ = conn.Close()
+       }()
 
 	_, err = plugin.Run(conn, timeout, plugins.Target{Host: host})
 	if err != nil {
@@ -171,7 +179,9 @@ func RunLuaScript(host string, port int, password string, script string) (interf
 		Password: password,
 		DB:       0, // use default DB
 	})
-	defer client.Close()
+	defer func() {
+         _ = client.Close()
+       }()
 
 	// Ping the Redis server
 	_, err := client.Ping(context.TODO()).Result()

pkg/js/libs/rsync/rsync.go

@@ -46,7 +46,9 @@ func isRsync(host string, port int) (IsRsyncResponse, error) {
 	if err != nil {
 		return resp, err
 	}
-	defer conn.Close()
+	defer func() {
+		_ = conn.Close()
+	}()
 
 	rsyncPlugin := rsync.RSYNCPlugin{}
 	service, err := rsyncPlugin.Run(conn, timeout, plugins.Target{Host: host})

pkg/js/libs/smb/smb.go

@@ -60,7 +60,9 @@ func connectSMBInfoMode(host string, port int) (*smb.SMBLog, error) {
 	if err != nil {
 		return nil, err
 	}
-	defer conn.Close()
+	defer func() {
+         _ = conn.Close()
+       }()
 	result, err = getSMBInfo(conn, true, true)
 	if err != nil {
 		return result, nil
@@ -116,7 +118,9 @@ func listShares(host string, port int, user string, password string) ([]string,
 	if err != nil {
 		return nil, err
 	}
-	defer conn.Close()
+	defer func() {
+         _ = conn.Close()
+       }()
 
 	d := &smb2.Dialer{
 		Initiator: &smb2.NTLMInitiator{

pkg/js/libs/smb/smb_private.go

@@ -24,7 +24,9 @@ func collectSMBv2Metadata(host string, port int, timeout time.Duration) (*plugin
 	if err != nil {
 		return nil, err
 	}
-	defer conn.Close()
+	defer func() {
+         _ = conn.Close()
+       }()
 
 	metadata, err := smb.DetectSMBv2(conn, timeout)
 	if err != nil {

pkg/js/libs/smb/smbghost.go

@@ -41,7 +41,9 @@ func detectSMBGhost(host string, port int) (bool, error) {
 		return false, err
 
 	}
-	defer conn.Close()
+	defer func() {
+		_ = conn.Close()
+	}()
 
 	_, err = conn.Write([]byte(pkt))
 	if err != nil {

pkg/js/libs/smtp/smtp.go

@@ -90,7 +90,9 @@ func (c *Client) IsSMTP() (SMTPResponse, error) {
 	if err != nil {
 		return resp, err
 	}
-	defer conn.Close()
+	defer func() {
+         _ = conn.Close()
+       }()
 
 	smtpPlugin := pluginsmtp.SMTPPlugin{}
 	service, err := smtpPlugin.Run(conn, timeout, plugins.Target{Host: c.host})
@@ -126,7 +128,9 @@ func (c *Client) IsOpenRelay(msg *SMTPMessage) (bool, error) {
 	if err != nil {
 		return false, err
 	}
-	defer conn.Close()
+	defer func() {
+         _ = conn.Close()
+       }()
 	client, err := smtp.NewClient(conn, c.host)
 	if err != nil {
 		return false, err

pkg/js/libs/ssh/ssh.go

@@ -128,7 +128,9 @@ func (c *SSHClient) Run(cmd string) (string, error) {
 	if err != nil {
 		return "", err
 	}
-	defer session.Close()
+	defer func() {
+         _ = session.Close()
+       }()
 
 	data, err := session.Output(cmd)
 	if err != nil {
@@ -203,7 +205,9 @@ func connectSSHInfoMode(opts *connectOptions) (*ssh.HandshakeLog, error) {
 	if err != nil {
 		return nil, err
 	}
-	defer client.Close()
+	defer func() {
+         _ = client.Close()
+       }()
 
 	return data, nil
 }

pkg/js/libs/telnet/telnet.go

@@ -46,7 +46,9 @@ func isTelnet(host string, port int) (IsTelnetResponse, error) {
 	if err != nil {
 		return resp, err
 	}
-	defer conn.Close()
+	defer func() {
+		_ = conn.Close()
+	}()
 
 	telnetPlugin := telnet.TELNETPlugin{}
 	service, err := telnetPlugin.Run(conn, timeout, plugins.Target{Host: host})

pkg/js/libs/vnc/vnc.go

@@ -47,7 +47,9 @@ func isVNC(host string, port int) (IsVNCResponse, error) {
 	if err != nil {
 		return resp, err
 	}
-	defer conn.Close()
+	defer func() {
+		_ = conn.Close()
+	}()
 
 	vncPlugin := vnc.VNCPlugin{}
 	service, err := vncPlugin.Run(conn, timeout, plugins.Target{Host: host})

pkg/js/utils/util.go

@@ -21,7 +21,9 @@ type SQLResult struct {
 //
 // The function closes the sql.Rows when finished.
 func UnmarshalSQLRows(rows *sql.Rows) (*SQLResult, error) {
-	defer rows.Close()
+	defer func() {
+		_ = rows.Close()
+	}()
 	columnTypes, err := rows.ColumnTypes()
 	if err != nil {
 		return nil, err

pkg/operators/common/dsl/dsl.go

@@ -114,7 +114,7 @@ func init() {
 	}))
 
 	dsl.PrintDebugCallback = func(args ...interface{}) error {
-		gologger.Info().Msgf("print_debug value: %s", fmt.Sprint(args))
+		gologger.Debug().Msgf("print_debug value: %s", fmt.Sprint(args))
 		return nil
 	}
 

pkg/operators/operators.go

@@ -243,7 +243,7 @@ func (operators *Operators) Execute(data map[string]interface{}, match MatchFunc
 	}
 
 	// state variable to check if all extractors are internal
-	var allInternalExtractors bool = true
+	var allInternalExtractors = true
 
 	// Start with the extractors first and evaluate them.
 	for _, extractor := range operators.Extractors {

pkg/output/output.go

@@ -229,10 +229,8 @@ type IssueTrackerMetadata struct {
 
 // NewStandardWriter creates a new output writer based on user configurations
 func NewStandardWriter(options *types.Options) (*StandardWriter, error) {
-	resumeBool := false
-	if options.Resume != "" {
-		resumeBool = true
-	}
+	resumeBool := options.Resume != ""
+
 	auroraColorizer := aurora.NewAurora(!options.NoColor)
 
 	var outputFile io.WriteCloser
@@ -452,13 +450,13 @@ func (w *StandardWriter) Colorizer() aurora.Aurora {
 // Close closes the output writing interface
 func (w *StandardWriter) Close() {
 	if w.outputFile != nil {
-		w.outputFile.Close()
+		_ = w.outputFile.Close()
 	}
 	if w.traceFile != nil {
-		w.traceFile.Close()
+		_ = w.traceFile.Close()
 	}
 	if w.errorFile != nil {
-		w.errorFile.Close()
+		_ = w.errorFile.Close()
 	}
 }
 
@@ -560,11 +558,11 @@ func (w *StandardWriter) WriteStoreDebugData(host, templateID, eventType string,
 		filename = filepath.Join(subFolder, fmt.Sprintf("%s.txt", filename))
 		f, err := os.OpenFile(filename, os.O_APPEND|os.O_WRONLY|os.O_CREATE, 0644)
 		if err != nil {
-			fmt.Print(err)
+			gologger.Error().Msgf("Could not open debug output file: %s", err)
 			return
 		}
-		_, _ = f.WriteString(fmt.Sprintln(data))
-		f.Close()
+		_, _ = fmt.Fprintln(f, data)
+		_ = f.Close()
 	}
 }
 

pkg/progress/progress.go

@@ -148,7 +148,7 @@ func (p *StatsTicker) makePrintCallback() func(stats clistats.StatisticsClient)
 		if startedAt, ok := stats.GetStatic("startedAt"); ok {
 			if startedAtTime, ok := startedAt.(time.Time); ok {
 				duration = time.Since(startedAtTime)
-				builder.WriteString(fmt.Sprintf("[%s]", fmtDuration(duration)))
+				_, _ = fmt.Fprintf(builder, "[%s]", fmtDuration(duration))
 			}
 		}
 
@@ -203,7 +203,7 @@ func (p *StatsTicker) makePrintCallback() func(stats clistats.StatisticsClient)
 			builder.WriteRune('\n')
 		}
 
-		fmt.Fprintf(os.Stderr, "%s", builder.String())
+		_, _ = fmt.Fprintf(os.Stderr, "%s", builder.String())
 		return builder.String()
 	}
 }
@@ -211,7 +211,7 @@ func (p *StatsTicker) makePrintCallback() func(stats clistats.StatisticsClient)
 func printCallbackJSON(stats clistats.StatisticsClient) interface{} {
 	builder := &strings.Builder{}
 	if err := json.NewEncoder(builder).Encode(metricsMap(stats)); err == nil {
-		fmt.Fprintf(os.Stderr, "%s", builder.String())
+		_, _ = fmt.Fprintf(os.Stderr, "%s", builder.String())
 	}
 	return builder.String()
 }

pkg/projectfile/project.go

@@ -84,5 +84,5 @@ func (pf *ProjectFile) Set(req []byte, resp *http.Response, data []byte) error {
 }
 
 func (pf *ProjectFile) Close() {
-	pf.hm.Close()
+	_ = pf.hm.Close()
 }

pkg/protocols/code/code.go

@@ -130,7 +130,7 @@ func (request *Request) Compile(options *protocols.ExecutorOptions) error {
 
 	// compile pre-condition if any
 	if request.PreCondition != "" {
-		preConditionCompiled, err := compiler.WrapScriptNCompile(request.PreCondition, false)
+		preConditionCompiled, err := compiler.SourceAutoMode(request.PreCondition, false)
 		if err != nil {
 			return errorutil.NewWithTag(request.TemplateID, "could not compile pre-condition: %s", err)
 		}
@@ -248,14 +248,14 @@ func (request *Request) ExecuteWithResults(input *contextargs.Context, dynamicVa
 		gologger.Debug().MsgFunc(func() string {
 			dashes := strings.Repeat("-", 15)
 			sb := &strings.Builder{}
-			sb.WriteString(fmt.Sprintf("[%s] Dumped Executed Source Code for input/stdin: '%v'", request.options.TemplateID, input.MetaInput.Input))
-			sb.WriteString(fmt.Sprintf("\n%v\n%v\n%v\n", dashes, "Source Code:", dashes))
+			fmt.Fprintf(sb, "[%s] Dumped Executed Source Code for input/stdin: '%v'", request.options.TemplateID, input.MetaInput.Input)
+			fmt.Fprintf(sb, "\n%v\n%v\n%v\n", dashes, "Source Code:", dashes)
 			sb.WriteString(interpretEnvVars(request.Source, allvars))
 			sb.WriteString("\n")
-			sb.WriteString(fmt.Sprintf("\n%v\n%v\n%v\n", dashes, "Command Executed:", dashes))
+			fmt.Fprintf(sb, "\n%v\n%v\n%v\n", dashes, "Command Executed:", dashes)
 			sb.WriteString(interpretEnvVars(gOutput.Command, allvars))
 			sb.WriteString("\n")
-			sb.WriteString(fmt.Sprintf("\n%v\n%v\n%v\n", dashes, "Command Output:", dashes))
+			fmt.Fprintf(sb, "\n%v\n%v\n%v\n", dashes, "Command Output:", dashes)
 			sb.WriteString(gOutput.DebugData.String())
 			sb.WriteString("\n")
 			sb.WriteString("[WRN] Command Output here is stdout+sterr, in response variables they are seperate (use -v -svd flags for more details)")

pkg/protocols/common/automaticscan/automaticscan.go

@@ -77,7 +77,7 @@ func New(opts Options) (*Service, error) {
 	mappingFile := filepath.Join(config.DefaultConfig.GetTemplateDir(), mappingFilename)
 	if file, err := os.Open(mappingFile); err == nil {
 		_ = yaml.NewDecoder(file).Decode(&mappingData)
-		file.Close()
+		_ = file.Close()
 	}
 	if opts.ExecuterOpts.Options.Verbose {
 		gologger.Verbose().Msgf("Normalized mapping (%d): %v\n", len(mappingData), mappingData)
@@ -206,7 +206,9 @@ func (s *Service) getTagsUsingWappalyzer(input *contextargs.MetaInput) []string
 	if err != nil {
 		return nil
 	}
-	defer resp.Body.Close()
+	defer func() {
+		_ = resp.Body.Close()
+	}()
 	data, err := io.ReadAll(io.LimitReader(resp.Body, maxDefaultBody))
 	if err != nil {
 		return nil