RES-84 # Improve Nuclei CLI interface (WIP)

* moved the Severity "enum" back to Nuclei (1 unit test failing)
2025-12-17 17:35:28 +00:00 · 2021-07-16 17:28:13 +03:00 · 2021-07-16 17:28:13 +03:00 · 2635c65ce2
commit 2635c65ce2
parent 6588e8b7ac
34 changed files with 375 additions and 112 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,7 +1,7 @@
-cmd/nuclei/nuclei*
-v2/cmd/nuclei/nuclei
 .idea
+v2/cmd/nuclei/nuclei
+v2/cmd/nuclei/main
+v2/cmd/integration-test/integration-test
 integration_tests/integration-test
 integration_tests/nuclei
-v2/cmd/integration-test/integration-test
 bin
--- a/v2/cmd/nuclei/main.go
+++ b/v2/cmd/nuclei/main.go
@ -5,6 +5,7 @@ import (
 	"github.com/projectdiscovery/goflags"
 	"github.com/projectdiscovery/gologger"
 	"github.com/projectdiscovery/nuclei/v2/internal/runner"
+	"github.com/projectdiscovery/nuclei/v2/internal/severity"
 	"github.com/projectdiscovery/nuclei/v2/pkg/types"
 	"os"
 	"path"
@ -49,7 +50,7 @@ based on templates offering massive extensibility and ease of use.`)
 	set.StringSliceVarP(&options.Templates, "templates", "t", []string{}, "Templates to run, supports single and multiple templates using directory.")
 	set.StringSliceVarP(&options.Workflows, "workflows", "w", []string{}, "Workflows to run for nuclei")
 	set.StringSliceVarP(&options.ExcludedTemplates, "exclude", "exclude-templates", []string{}, "Templates to exclude, supports single and multiple templates using directory.")
-	set.SeverityVarP(&options.Severity, "severity", "impact", goflags.Severities{}, fmt.Sprintf("Templates to run based on severity. Possible values: %s", goflags.GetSupportedSeverities().String()))
+	set.VarP(&options.Severities, "severity", "impact", fmt.Sprintf("Templates to run based on severity. Possible values: %s", severity.GetSupportedSeverities().String()))
 	set.StringSliceVar(&options.Author, "author", []string{}, "Templates to run based on author")
 	set.StringSliceVar(&options.IncludeTemplates, "include-templates", []string{}, "Templates to force run even if they are in denylist")
 	set.StringSliceVar(&options.IncludeTags, "include-tags", []string{}, "Tags to force run even if they are in denylist")
--- a/v2/internal/colorizer/colorizer.go
+++ b/v2/internal/colorizer/colorizer.go
@ -2,37 +2,37 @@ package colorizer

 import (
 	"github.com/logrusorgru/aurora"
-	"github.com/projectdiscovery/goflags"
 	"github.com/projectdiscovery/gologger"
+	"github.com/projectdiscovery/nuclei/v2/internal/severity"
 )

 const (
 	fgOrange uint8 = 208
 )

-func GetColor(colorizer aurora.Aurora, severity goflags.Severity) string {
+func GetColor(colorizer aurora.Aurora, templateSeverity severity.Severity) string {
 	var method func(arg interface{}) aurora.Value
-	switch severity {
-	case goflags.Info:
+	switch templateSeverity {
+	case severity.Info:
 		method = colorizer.Blue
-	case goflags.Low:
+	case severity.Low:
 		method = colorizer.Green
-	case goflags.Medium:
+	case severity.Medium:
 		method = colorizer.Yellow
-	case goflags.High:
+	case severity.High:
 		method = func(stringValue interface{}) aurora.Value { return colorizer.Index(fgOrange, stringValue) }
-	case goflags.Critical:
+	case severity.Critical:
 		method = colorizer.Red
 	default:
-		gologger.Warning().Msgf("The '%s' severity does not have an color associated!", severity)
+		gologger.Warning().Msgf("The '%s' severity does not have an color associated!", templateSeverity)
 		method = colorizer.White
 	}

-	return method(severity.String()).String()
+	return method(templateSeverity.String()).String()
 }

-func New(aurora aurora.Aurora) func(goflags.Severity) string {
-	return func(severity goflags.Severity) string {
+func New(aurora aurora.Aurora) func(severity.Severity) string {
+	return func(severity severity.Severity) string {
 		return GetColor(aurora, severity)
 	}
 }
--- a/v2/internal/runner/runner.go
+++ b/v2/internal/runner/runner.go
@ -3,7 +3,7 @@ package runner
 import (
 	"bufio"
 	"fmt"
-	"github.com/projectdiscovery/goflags"
+	"github.com/projectdiscovery/nuclei/v2/internal/severity"
 	"github.com/projectdiscovery/nuclei/v2/pkg/parsers"
 	"github.com/projectdiscovery/nuclei/v2/pkg/utils"
 	"os"
@ -52,7 +52,7 @@ type Runner struct {
 	progress        progress.Progress
 	colorizer       aurora.Aurora
 	issuesClient    *reporting.Client
-	addColor        func(goflags.Severity) string
+	addColor        func(severity.Severity) string
 	browser         *engine.Browser
 	ratelimiter     ratelimit.Limiter
 }
@ -298,7 +298,7 @@ func (r *Runner) RunEnumeration() error {
 		ExcludeTags:        r.options.ExcludeTags,
 		IncludeTemplates:   r.options.IncludeTemplates,
 		Authors:            r.options.Author,
-		Severities:         r.options.Severity,
+		Severities:         r.options.Severities,
 		IncludeTags:        r.options.IncludeTags,
 		TemplatesDirectory: r.options.TemplatesDirectory,
 		Catalog:            r.catalog,
--- a/v2/internal/runner/templates.go
+++ b/v2/internal/runner/templates.go
@ -3,7 +3,7 @@ package runner
 import (
 	"bytes"
 	"fmt"
-	"github.com/projectdiscovery/goflags"
+	"github.com/projectdiscovery/nuclei/v2/internal/severity"
 	"io/ioutil"
 	"os"
 	"strings"
@ -36,7 +36,7 @@ func (r *Runner) parseTemplateFile(file string) (*templates.Template, error) {
 	return template, nil
 }

-func (r *Runner) templateLogMsg(id string, name string, author string, severity goflags.Severity) string {
+func (r *Runner) templateLogMsg(id string, name string, author string, severity severity.Severity) string {
 	// Display the message for the template
 	return fmt.Sprintf("[%s] %s (%s) [%s]",
 		r.colorizer.BrightBlue(id).String(),
--- a/v2/internal/severity/misc.go
+++ b/v2/internal/severity/misc.go
@ -0,0 +1,46 @@
+package severity
+
+import (
+	"errors"
+	"fmt"
+	"strings"
+
+	"github.com/projectdiscovery/goflags"
+)
+
+type Severities []Severity
+
+func (severities Severities) String() string {
+	return strings.Join(severities.ToStringArray(), ", ")
+}
+
+func (severities *Severities) Set(value string) error {
+	if inputSeverities, err := goflags.ToStringSlice(value); err != nil {
+		return err
+	} else {
+		for _, inputSeverity := range inputSeverities {
+			if err := setSeverity(severities, inputSeverity); err != nil {
+				return err
+			}
+		}
+		return nil
+	}
+}
+
+func setSeverity(severities *Severities, value string) error {
+	computedSeverity, err := toSeverity(value)
+	if err != nil {
+		return errors.New(fmt.Sprintf("'%s' is not a valid severity!", value))
+	}
+	// TODO change the Severities type to map[Severity]interface{}, where the values are struct{}{}, to "simulates" a "set" data structure
+	*severities = append(*severities, computedSeverity)
+	return nil
+}
+
+func (severities *Severities) ToStringArray() []string {
+	var result []string
+	for _, severity := range *severities {
+		result = append(result, severity.String())
+	}
+	return result
+}
--- a/v2/internal/severity/severity.go
+++ b/v2/internal/severity/severity.go
@ -0,0 +1,122 @@
+package severity
+
+import (
+	"encoding/json"
+	"github.com/pkg/errors"
+	"strings"
+)
+
+type Severity int
+
+const (
+	Info Severity = iota
+	Low
+	Medium
+	High
+	Critical
+	limit
+)
+
+var severityMappings = map[Severity]string{
+	Info:     "info",
+	Low:      "low",
+	Medium:   "medium",
+	High:     "high",
+	Critical: "critical",
+}
+
+func toSeverity(valueToMap string) (Severity, error) {
+	normalizedValue := normalizeValue(valueToMap)
+	for key, currentValue := range severityMappings {
+		if normalizedValue == currentValue {
+			return key, nil
+		}
+	}
+	return -1, errors.New("Invalid severity: " + valueToMap)
+}
+
+func GetSupportedSeverities() Severities {
+	var result []Severity
+	for index := Severity(0); index < limit; index++ {
+		result = append(result, index)
+	}
+	return result
+}
+
+func normalizeValue(value string) string {
+	return strings.TrimSpace(strings.ToLower(value))
+}
+
+func (severity Severity) normalize() string {
+	return normalizeValue(severity.String())
+}
+
+func (severity Severity) String() string {
+	return severityMappings[severity]
+}
+
+type SeverityHolder struct {
+	Severity Severity
+}
+
+func (severityHolder SeverityHolder) MarshalYAML() (interface{}, error) {
+	if value, found := severityMappings[severityHolder.Severity]; found {
+		return &struct{ Severity string }{value}, nil // TODO see if the new struct can be dynamically created using reflection to make it refactor safe
+	} else {
+		panic("Invalid field to marshall")
+	}
+}
+
+func (severityHolder SeverityHolder) MarshalJSON() ([]byte, error) {
+	if value, found := severityMappings[severityHolder.Severity]; found {
+		return json.Marshal(&struct{ Severity string }{value}) // TODO see if the new struct can be dynamically created using reflection to make it refactor safe
+	} else {
+		panic("Invalid field to marshall")
+	}
+}
+
+func (severityHolder *SeverityHolder) UnmarshalYAML(unmarshal func(interface{}) error) error {
+	var marshalledSeverity string
+	if err := unmarshal(&marshalledSeverity); err != nil {
+		return err
+	}
+
+	computedSeverity, err := toSeverity(marshalledSeverity)
+	if err != nil {
+		return err
+	}
+
+	severityHolder.Severity = computedSeverity
+	return nil
+}
+
+func (severityHolder *SeverityHolder) UnmarshalJSON(data []byte) error {
+	var objMap map[string]string
+	if err := json.Unmarshal(data, &objMap); err != nil {
+		return err
+	}
+
+	return mapToSeverity(objMap, severityHolder)
+}
+
+func mapToSeverity(objMap map[string]string, severity *SeverityHolder) error {
+	if len(objMap) != 1 {
+		return errors.New("There can only be one severity defined")
+	}
+	stringSeverity := getFirstValue(objMap)
+	if readableSeverity, err := toSeverity(stringSeverity); err == nil {
+		severity = &SeverityHolder{readableSeverity}
+		return nil
+	} else {
+		return err
+	}
+}
+
+func getFirstValue(stringMap map[string]string) string {
+	var result string
+	for _, value := range stringMap {
+		result = value
+		break
+	}
+	return result
+}
--- a/v2/internal/severity/severity_test.go
+++ b/v2/internal/severity/severity_test.go
@ -0,0 +1,91 @@
+package severity
+
+import (
+	"encoding/json"
+	"fmt"
+	"github.com/stretchr/testify/assert"
+	"gopkg.in/yaml.v2"
+	"testing"
+)
+
+func TestJsonUnmarshal(t *testing.T) {
+	testUnmarshal(t, json.Unmarshal, createJson)
+}
+
+func TestYamlUnmarshal(t *testing.T) {
+	testUnmarshal(t, yaml.Unmarshal, createYaml)
+}
+
+func TestJsonUnmarshalFail(t *testing.T) {
+	testUnmarshalFail(t, json.Unmarshal, createJson)
+}
+
+func TestYamlUnmarshalFail(t *testing.T) {
+	testUnmarshalFail(t, yaml.Unmarshal, createYaml)
+}
+
+func TestJsonMarshalFails(t *testing.T) {
+	testMarshallerFails(t, json.Marshal)
+}
+
+func TestYamlMarshalFails(t *testing.T) {
+	testMarshallerFails(t, yaml.Marshal)
+}
+
+func TestJsonMarshalSucceed(t *testing.T) {
+	testMarshal(t, json.Marshal, createJson)
+}
+
+func TestYamlMarshal(t *testing.T) {
+	testMarshal(t, yaml.Marshal, createYaml)
+}
+
+func testUnmarshal(t *testing.T, unmarshaller func(data []byte, v interface{}) error, payloadCreator func(value string) string) {
+	payloads := [...]string{
+		payloadCreator("Info"),
+		payloadCreator("info"),
+		payloadCreator("inFo "),
+		payloadCreator("infO "),
+		payloadCreator(" INFO "),
+	}
+
+	for _, payload := range payloads {
+		t.Run(payload, func(t *testing.T) {
+			result := unmarshal(payload, unmarshaller)
+			assert.Equal(t, result.Severity, Info)
+			assert.Equal(t, result.Severity.String(), "info")
+		})
+	}
+}
+
+func testMarshal(t *testing.T, marshaller func(v interface{}) ([]byte, error), payloadCreator func(value string) string) {
+	for _, severity := range GetSupportedSeverities() {
+		result, _ := marshaller(&SeverityHolder{Severity: severity})
+		assert.Equal(t, string(result), payloadCreator(severity.String()))
+	}
+}
+
+func testUnmarshalFail(t *testing.T, unmarshaller func(data []byte, v interface{}) error, payloadCreator func(value string) string) bool {
+	return assert.Panics(t, func() { unmarshal(payloadCreator("invalid"), unmarshaller) })
+}
+
+func testMarshallerFails(t *testing.T, marshaller func(v interface{}) ([]byte, error)) {
+	assert.Panics(t, func() { marshaller(&SeverityHolder{Severity: 13}) })
+}
+
+func unmarshal(value string, unmarshaller func(data []byte, v interface{}) error) SeverityHolder {
+	severityStruct := SeverityHolder{}
+	var err = unmarshaller([]byte(value), &severityStruct)
+	if err != nil {
+		panic(err)
+	}
+	return severityStruct
+}
+
+func createJson(severityString string) string {
+	return fmt.Sprintf(`{"Severity":"%s"}`, severityString)
+}
+
+func createYaml(value string) string {
+	return "severity: " + value + "\n"
+}
--- a/v2/internal/testutils/testutils.go
+++ b/v2/internal/testutils/testutils.go
@ -2,8 +2,8 @@ package testutils

 import (
 	"github.com/logrusorgru/aurora"
-	"github.com/projectdiscovery/goflags"
 	"github.com/projectdiscovery/gologger/levels"
+	"github.com/projectdiscovery/nuclei/v2/internal/severity"
 	"github.com/projectdiscovery/nuclei/v2/pkg/catalog"
 	"github.com/projectdiscovery/nuclei/v2/pkg/model"
 	"github.com/projectdiscovery/nuclei/v2/pkg/output"
@ -46,7 +46,7 @@ var DefaultOptions = &types.Options{
 	Retries:            1,
 	RateLimit:          150,
 	ProjectPath:        "",
-	Severity:           goflags.Severities{},
+	Severities:         severity.Severities{},
 	Target:             "",
 	Targets:            "",
 	Output:             "",
--- a/v2/pkg/catalog/loader/filter/tag_filter.go
+++ b/v2/pkg/catalog/loader/filter/tag_filter.go
@ -2,7 +2,7 @@ package filter

 import (
 	"errors"
-	"github.com/projectdiscovery/goflags"
+	"github.com/projectdiscovery/nuclei/v2/internal/severity"
 	"github.com/projectdiscovery/nuclei/v2/pkg/utils"
 	"strings"
 )
@ -10,7 +10,7 @@ import (
 // TagFilter is used to filter nuclei templates for tag based execution
 type TagFilter struct {
 	allowedTags map[string]struct{}
-	severities  map[goflags.Severity]struct{}
+	severities  map[severity.Severity]struct{}
 	authors     map[string]struct{}
 	block       map[string]struct{}
 	matchAllows map[string]struct{}
@ -27,7 +27,7 @@ var ErrExcluded = errors.New("the template was excluded")
 // matchAllows section.
 //
 // It returns true if the tag is specified, or false.
-func (tagFilter *TagFilter) Match(templateTags, templateAuthors []string, severity goflags.Severity) (bool, error) {
+func (tagFilter *TagFilter) Match(templateTags, templateAuthors []string, severity severity.Severity) (bool, error) {
 	for _, templateTag := range templateTags {
 		_, blocked := tagFilter.block[templateTag]
 		_, allowed := tagFilter.matchAllows[templateTag]
@ -82,7 +82,7 @@ func isTagMatch(templateTags []string, tagFilter *TagFilter) bool {

 // MatchWithWorkflowTags takes an addition list of allowed tags
 // and returns true if the match was successful.
-func (tagFilter *TagFilter) MatchWithWorkflowTags(templateTags, templateAuthors []string, templateSeverity goflags.Severity, workflowTags []string) (bool, error) {
+func (tagFilter *TagFilter) MatchWithWorkflowTags(templateTags, templateAuthors []string, templateSeverity severity.Severity, workflowTags []string) (bool, error) {

 	workflowAllowedTagMap := make(map[string]struct{})
 	for _, workflowTag := range workflowTags {
@ -129,7 +129,7 @@ type Config struct {
 	Tags        []string
 	ExcludeTags []string
 	Authors     []string
-	Severities  goflags.Severities
+	Severities  severity.Severities
 	IncludeTags []string
 }

@ -140,7 +140,7 @@ func New(config *Config) *TagFilter {
 	filter := &TagFilter{
 		allowedTags: make(map[string]struct{}),
 		authors:     make(map[string]struct{}),
-		severities:  make(map[goflags.Severity]struct{}),
+		severities:  make(map[severity.Severity]struct{}),
 		block:       make(map[string]struct{}),
 		matchAllows: make(map[string]struct{}),
 	}
--- a/v2/pkg/catalog/loader/filter/tag_filter_test.go
+++ b/v2/pkg/catalog/loader/filter/tag_filter_test.go
@ -1,7 +1,7 @@
 package filter

 import (
-	"github.com/projectdiscovery/goflags"
+	"github.com/projectdiscovery/nuclei/v2/internal/severity"
 	"testing"

 	"github.com/stretchr/testify/require"
@ -14,11 +14,11 @@ func TestTagBasedFilter(t *testing.T) {
 	filter := New(config)

 	t.Run("true", func(t *testing.T) {
-		matched, _ := filter.Match([]string{"jira"}, []string{"pdteam"}, goflags.Low)
+		matched, _ := filter.Match([]string{"jira"}, []string{"pdteam"}, severity.Low)
 		require.True(t, matched, "could not get correct match")
 	})
 	t.Run("false", func(t *testing.T) {
-		matched, _ := filter.Match([]string{"consul"}, []string{"pdteam"}, goflags.Low)
+		matched, _ := filter.Match([]string{"consul"}, []string{"pdteam"}, severity.Low)
 		require.False(t, matched, "could not get correct match")
 	})
 	t.Run("not-match-excludes", func(t *testing.T) {
@ -26,7 +26,7 @@ func TestTagBasedFilter(t *testing.T) {
 			ExcludeTags: []string{"dos"},
 		}
 		filter := New(config)
-		matched, err := filter.Match([]string{"dos"}, []string{"pdteam"}, goflags.Low)
+		matched, err := filter.Match([]string{"dos"}, []string{"pdteam"}, severity.Low)
 		require.False(t, matched, "could not get correct match")
 		require.Equal(t, ErrExcluded, err, "could not get correct error")
 	})
@ -37,7 +37,7 @@ func TestTagBasedFilter(t *testing.T) {
 			IncludeTags: []string{"fuzz"},
 		}
 		filter := New(config)
-		matched, err := filter.Match([]string{"fuzz"}, []string{"pdteam"}, goflags.Low)
+		matched, err := filter.Match([]string{"fuzz"}, []string{"pdteam"}, severity.Low)
 		require.Nil(t, err, "could not get match")
 		require.True(t, matched, "could not get correct match")
 	})
@ -47,7 +47,7 @@ func TestTagBasedFilter(t *testing.T) {
 			ExcludeTags: []string{"fuzz"},
 		}
 		filter := New(config)
-		matched, err := filter.Match([]string{"fuzz"}, []string{"pdteam"}, goflags.Low)
+		matched, err := filter.Match([]string{"fuzz"}, []string{"pdteam"}, severity.Low)
 		require.Nil(t, err, "could not get match")
 		require.True(t, matched, "could not get correct match")
 	})
@ -56,31 +56,31 @@ func TestTagBasedFilter(t *testing.T) {
 			Authors: []string{"pdteam"},
 		}
 		filter := New(config)
-		matched, _ := filter.Match([]string{"fuzz"}, []string{"pdteam"}, goflags.Low)
+		matched, _ := filter.Match([]string{"fuzz"}, []string{"pdteam"}, severity.Low)
 		require.True(t, matched, "could not get correct match")
 	})
 	t.Run("match-severity", func(t *testing.T) {
 		config := &Config{
-			Severities: goflags.Severities{goflags.High},
+			Severities: severity.Severities{severity.High},
 		}
 		filter := New(config)
-		matched, _ := filter.Match([]string{"fuzz"}, []string{"pdteam"}, goflags.High)
+		matched, _ := filter.Match([]string{"fuzz"}, []string{"pdteam"}, severity.High)
 		require.True(t, matched, "could not get correct match")
 	})
 	t.Run("match-conditions", func(t *testing.T) {
 		config := &Config{
 			Authors:    []string{"pdteam"},
 			Tags:       []string{"jira"},
-			Severities: goflags.Severities{goflags.High},
+			Severities: severity.Severities{severity.High},
 		}
 		filter := New(config)
-		matched, _ := filter.Match([]string{"jira"}, []string{"pdteam"}, goflags.High)
+		matched, _ := filter.Match([]string{"jira"}, []string{"pdteam"}, severity.High)
 		require.True(t, matched, "could not get correct match")
-		matched, _ = filter.Match([]string{"jira"}, []string{"pdteam"}, goflags.Low)
+		matched, _ = filter.Match([]string{"jira"}, []string{"pdteam"}, severity.Low)
 		require.False(t, matched, "could not get correct match")
-		matched, _ = filter.Match([]string{"jira"}, []string{"random"}, goflags.Low)
+		matched, _ = filter.Match([]string{"jira"}, []string{"random"}, severity.Low)
 		require.False(t, matched, "could not get correct match")
-		matched, _ = filter.Match([]string{"consul"}, []string{"random"}, goflags.Low)
+		matched, _ = filter.Match([]string{"consul"}, []string{"random"}, severity.Low)
 		require.False(t, matched, "could not get correct match")
 	})
 }
--- a/v2/pkg/catalog/loader/loader.go
+++ b/v2/pkg/catalog/loader/loader.go
@ -1,10 +1,10 @@
 package loader

 import (
+	"github.com/projectdiscovery/nuclei/v2/internal/severity"
 	"github.com/projectdiscovery/nuclei/v2/pkg/utils"
 	"strings"

-	"github.com/projectdiscovery/goflags"
 	"github.com/projectdiscovery/gologger"

 	"github.com/projectdiscovery/nuclei/v2/pkg/catalog"
@ -24,7 +24,7 @@ type Config struct {
 	Tags        []string
 	ExcludeTags []string
 	Authors     []string
-	Severities  goflags.Severities
+	Severities  severity.Severities
 	IncludeTags []string

 	Catalog            *catalog.Catalog
--- a/v2/pkg/model/model.go
+++ b/v2/pkg/model/model.go
@ -1,7 +1,7 @@
 package model

 import (
-	"github.com/projectdiscovery/goflags"
+	"github.com/projectdiscovery/nuclei/v2/internal/severity"
 	"github.com/projectdiscovery/nuclei/v2/pkg/utils"
 	"strings"
 )
@ -12,7 +12,7 @@ type Info struct {
 	Tags           StringSlice `yaml:"tags"`
 	Description    string
 	Reference      StringSlice             `yaml:"reference"`
-	SeverityHolder goflags.SeverityHolder `yaml:"severity"`
+	SeverityHolder severity.SeverityHolder `yaml:"severity"`
 }

 type StringSlice struct {
--- a/v2/pkg/output/output.go
+++ b/v2/pkg/output/output.go
@ -1,7 +1,7 @@
 package output

 import (
-	"github.com/projectdiscovery/goflags"
+	"github.com/projectdiscovery/nuclei/v2/internal/severity"
 	"github.com/projectdiscovery/nuclei/v2/pkg/model"
 	"os"
 	"regexp"
@ -37,7 +37,7 @@ type StandardWriter struct {
 	outputMutex    *sync.Mutex
 	traceFile      *fileWriter
 	traceMutex     *sync.Mutex
-	severityColors func(goflags.Severity) string
+	severityColors func(severity.Severity) string
 }

 var decolorizerRegex = regexp.MustCompile(`\x1B\[[0-9;]*[a-zA-Z]`)
--- a/v2/pkg/parsers/workflow_loader.go
+++ b/v2/pkg/parsers/workflow_loader.go
@ -19,7 +19,7 @@ func NewLoader(options *protocols.ExecuterOptions) (model.WorkflowLoader, error)
 		Tags:        options.Options.Tags,
 		ExcludeTags: options.Options.ExcludeTags,
 		Authors:     options.Options.Author,
-		Severities:  options.Options.Severity,
+		Severities:  options.Options.Severities,
 		IncludeTags: options.Options.IncludeTags,
 	})
 	pathFilter := filter.NewPathFilter(&filter.PathFilterConfig{
--- a/v2/pkg/protocols/dns/dns_test.go
+++ b/v2/pkg/protocols/dns/dns_test.go
@ -1,7 +1,7 @@
 package dns

 import (
-	"github.com/projectdiscovery/goflags"
+	"github.com/projectdiscovery/nuclei/v2/internal/severity"
 	"github.com/projectdiscovery/nuclei/v2/pkg/model"
 	"testing"

@ -24,7 +24,7 @@ func TestDNSCompileMake(t *testing.T) {
 	}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	err := request.Compile(executerOpts)
 	require.Nil(t, err, "could not compile dns request")
--- a/v2/pkg/protocols/dns/operators_test.go
+++ b/v2/pkg/protocols/dns/operators_test.go
@ -1,7 +1,7 @@
 package dns

 import (
-	"github.com/projectdiscovery/goflags"
+	"github.com/projectdiscovery/nuclei/v2/internal/severity"
 	"github.com/projectdiscovery/nuclei/v2/pkg/model"
 	"net"
 	"strconv"
@ -31,7 +31,7 @@ func TestResponseToDSLMap(t *testing.T) {
 	}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	err := request.Compile(executerOpts)
 	require.Nil(t, err, "could not compile dns request")
@ -63,7 +63,7 @@ func TestDNSOperatorMatch(t *testing.T) {
 	}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	err := request.Compile(executerOpts)
 	require.Nil(t, err, "could not compile dns request")
@ -146,7 +146,7 @@ func TestDNSOperatorExtract(t *testing.T) {
 	}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	err := request.Compile(executerOpts)
 	require.Nil(t, err, "could not compile dns request")
@ -216,7 +216,7 @@ func TestDNSMakeResult(t *testing.T) {
 	}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	err := request.Compile(executerOpts)
 	require.Nil(t, err, "could not compile dns request")
--- a/v2/pkg/protocols/dns/request_test.go
+++ b/v2/pkg/protocols/dns/request_test.go
@ -1,7 +1,7 @@
 package dns

 import (
-	"github.com/projectdiscovery/goflags"
+	"github.com/projectdiscovery/nuclei/v2/internal/severity"
 	"github.com/projectdiscovery/nuclei/v2/pkg/model"
 	"testing"

@ -41,7 +41,7 @@ func TestDNSExecuteWithResults(t *testing.T) {
 	}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	err := request.Compile(executerOpts)
 	require.Nil(t, err, "could not compile dns request")
--- a/v2/pkg/protocols/file/file_test.go
+++ b/v2/pkg/protocols/file/file_test.go
@ -1,7 +1,7 @@
 package file

 import (
-	"github.com/projectdiscovery/goflags"
+	"github.com/projectdiscovery/nuclei/v2/internal/severity"
 	"github.com/projectdiscovery/nuclei/v2/pkg/model"
 	"testing"

@ -23,7 +23,7 @@ func TestFileCompile(t *testing.T) {
 	}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	err := request.Compile(executerOpts)
 	require.Nil(t, err, "could not compile file request")
--- a/v2/pkg/protocols/file/find_test.go
+++ b/v2/pkg/protocols/file/find_test.go
@ -1,7 +1,7 @@
 package file

 import (
-	"github.com/projectdiscovery/goflags"
+	"github.com/projectdiscovery/nuclei/v2/internal/severity"
 	"github.com/projectdiscovery/nuclei/v2/pkg/model"
 	"io/ioutil"
 	"os"
@ -26,7 +26,7 @@ func TestFindInputPaths(t *testing.T) {
 	}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	err := request.Compile(executerOpts)
 	require.Nil(t, err, "could not compile file request")
--- a/v2/pkg/protocols/file/operators_test.go
+++ b/v2/pkg/protocols/file/operators_test.go
@ -1,7 +1,7 @@
 package file

 import (
-	"github.com/projectdiscovery/goflags"
+	"github.com/projectdiscovery/nuclei/v2/internal/severity"
 	"github.com/projectdiscovery/nuclei/v2/pkg/model"
 	"testing"

@ -27,7 +27,7 @@ func TestResponseToDSLMap(t *testing.T) {
 	}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	err := request.Compile(executerOpts)
 	require.Nil(t, err, "could not compile file request")
@ -52,7 +52,7 @@ func TestFileOperatorMatch(t *testing.T) {
 	}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	err := request.Compile(executerOpts)
 	require.Nil(t, err, "could not compile file request")
@ -117,7 +117,7 @@ func TestFileOperatorExtract(t *testing.T) {
 	}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	err := request.Compile(executerOpts)
 	require.Nil(t, err, "could not compile file request")
@ -182,7 +182,7 @@ func TestFileMakeResult(t *testing.T) {
 	}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	err := request.Compile(executerOpts)
 	require.Nil(t, err, "could not compile file request")
--- a/v2/pkg/protocols/file/request_test.go
+++ b/v2/pkg/protocols/file/request_test.go
@ -1,7 +1,7 @@
 package file

 import (
-	"github.com/projectdiscovery/goflags"
+	"github.com/projectdiscovery/nuclei/v2/internal/severity"
 	"github.com/projectdiscovery/nuclei/v2/pkg/model"
 	"io/ioutil"
 	"os"
@ -43,7 +43,7 @@ func TestFileExecuteWithResults(t *testing.T) {
 	}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	err := request.Compile(executerOpts)
 	require.Nil(t, err, "could not compile file request")
--- a/v2/pkg/protocols/http/build_request_test.go
+++ b/v2/pkg/protocols/http/build_request_test.go
@ -1,7 +1,7 @@
 package http

 import (
-	"github.com/projectdiscovery/goflags"
+	"github.com/projectdiscovery/nuclei/v2/internal/severity"
 	"github.com/projectdiscovery/nuclei/v2/pkg/model"
 	"net/url"
 	"testing"
@ -38,7 +38,7 @@ func TestMakeRequestFromModal(t *testing.T) {
 	}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	err := request.Compile(executerOpts)
 	require.Nil(t, err, "could not compile http request")
@ -65,7 +65,7 @@ func TestMakeRequestFromModalTrimSuffixSlash(t *testing.T) {
 	}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	err := request.Compile(executerOpts)
 	require.Nil(t, err, "could not compile http request")
@ -103,7 +103,7 @@ Accept-Encoding: gzip`},
 	}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	err := request.Compile(executerOpts)
 	require.Nil(t, err, "could not compile http request")
@ -142,7 +142,7 @@ Accept-Encoding: gzip`},
 	}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	err := request.Compile(executerOpts)
 	require.Nil(t, err, "could not compile http request")
--- a/v2/pkg/protocols/http/http_test.go
+++ b/v2/pkg/protocols/http/http_test.go
@ -1,7 +1,7 @@
 package http

 import (
-	"github.com/projectdiscovery/goflags"
+	"github.com/projectdiscovery/nuclei/v2/internal/severity"
 	"github.com/projectdiscovery/nuclei/v2/pkg/model"
 	"testing"

@ -32,7 +32,7 @@ Accept-Encoding: gzip`},
 	}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	err := request.Compile(executerOpts)
 	require.Nil(t, err, "could not compile http request")
--- a/v2/pkg/protocols/http/operators_test.go
+++ b/v2/pkg/protocols/http/operators_test.go
@ -1,7 +1,7 @@
 package http

 import (
-	"github.com/projectdiscovery/goflags"
+	"github.com/projectdiscovery/nuclei/v2/internal/severity"
 	"github.com/projectdiscovery/nuclei/v2/pkg/model"
 	"net/http"
 	"testing"
@ -28,7 +28,7 @@ func TestResponseToDSLMap(t *testing.T) {
 	}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	err := request.Compile(executerOpts)
 	require.Nil(t, err, "could not compile file request")
@ -58,7 +58,7 @@ func TestHTTPOperatorMatch(t *testing.T) {
 	}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	err := request.Compile(executerOpts)
 	require.Nil(t, err, "could not compile file request")
@ -128,7 +128,7 @@ func TestHTTPOperatorExtract(t *testing.T) {
 	}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	err := request.Compile(executerOpts)
 	require.Nil(t, err, "could not compile file request")
@ -198,7 +198,7 @@ func TestHTTPMakeResult(t *testing.T) {
 	}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	err := request.Compile(executerOpts)
 	require.Nil(t, err, "could not compile file request")
--- a/v2/pkg/protocols/network/network_test.go
+++ b/v2/pkg/protocols/network/network_test.go
@ -1,7 +1,7 @@
 package network

 import (
-	"github.com/projectdiscovery/goflags"
+	"github.com/projectdiscovery/nuclei/v2/internal/severity"
 	"github.com/projectdiscovery/nuclei/v2/pkg/model"
 	"testing"

@ -22,7 +22,7 @@ func TestNetworkCompileMake(t *testing.T) {
 	}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	err := request.Compile(executerOpts)
 	require.Nil(t, err, "could not compile network request")
--- a/v2/pkg/protocols/network/operators_test.go
+++ b/v2/pkg/protocols/network/operators_test.go
@ -1,7 +1,7 @@
 package network

 import (
-	"github.com/projectdiscovery/goflags"
+	"github.com/projectdiscovery/nuclei/v2/internal/severity"
 	"github.com/projectdiscovery/nuclei/v2/pkg/model"
 	"testing"

@ -26,7 +26,7 @@ func TestResponseToDSLMap(t *testing.T) {
 	}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	err := request.Compile(executerOpts)
 	require.Nil(t, err, "could not compile network request")
@ -51,7 +51,7 @@ func TestNetworkOperatorMatch(t *testing.T) {
 	}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	err := request.Compile(executerOpts)
 	require.Nil(t, err, "could not compile network request")
@ -114,7 +114,7 @@ func TestNetworkOperatorExtract(t *testing.T) {
 	}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	err := request.Compile(executerOpts)
 	require.Nil(t, err, "could not compile network request")
@ -177,7 +177,7 @@ func TestNetworkMakeResult(t *testing.T) {
 	}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	err := request.Compile(executerOpts)
 	require.Nil(t, err, "could not compile network request")
--- a/v2/pkg/protocols/network/request_test.go
+++ b/v2/pkg/protocols/network/request_test.go
@ -3,7 +3,7 @@ package network
 import (
 	"encoding/hex"
 	"fmt"
-	"github.com/projectdiscovery/goflags"
+	"github.com/projectdiscovery/nuclei/v2/internal/severity"
 	"github.com/projectdiscovery/nuclei/v2/pkg/model"
 	"net/http"
 	"net/http/httptest"
@ -54,7 +54,7 @@ func TestNetworkExecuteWithResults(t *testing.T) {
 	request.Inputs = append(request.Inputs, &Input{Data: fmt.Sprintf("GET / HTTP/1.1\r\nHost: %s\r\n\r\n", parsed.Host)})
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	err = request.Compile(executerOpts)
 	require.Nil(t, err, "could not compile network request")
--- a/v2/pkg/protocols/offlinehttp/find_test.go
+++ b/v2/pkg/protocols/offlinehttp/find_test.go
@ -1,7 +1,7 @@
 package offlinehttp

 import (
-	"github.com/projectdiscovery/goflags"
+	"github.com/projectdiscovery/nuclei/v2/internal/severity"
 	"github.com/projectdiscovery/nuclei/v2/pkg/model"
 	"io/ioutil"
 	"os"
@ -21,7 +21,7 @@ func TestFindResponses(t *testing.T) {
 	request := &Request{}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	executerOpts.Operators = []*operators.Operators{{}}
 	err := request.Compile(executerOpts)
--- a/v2/pkg/protocols/offlinehttp/operators_test.go
+++ b/v2/pkg/protocols/offlinehttp/operators_test.go
@ -1,7 +1,7 @@
 package offlinehttp

 import (
-	"github.com/projectdiscovery/goflags"
+	"github.com/projectdiscovery/nuclei/v2/internal/severity"
 	"github.com/projectdiscovery/nuclei/v2/pkg/model"
 	"net/http"
 	"testing"
@ -23,7 +23,7 @@ func TestResponseToDSLMap(t *testing.T) {
 	request := &Request{}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	executerOpts.Operators = []*operators.Operators{{}}
 	err := request.Compile(executerOpts)
@ -49,7 +49,7 @@ func TestHTTPOperatorMatch(t *testing.T) {
 	request := &Request{}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	executerOpts.Operators = []*operators.Operators{{}}
 	err := request.Compile(executerOpts)
@ -115,7 +115,7 @@ func TestHTTPOperatorExtract(t *testing.T) {
 	request := &Request{}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	executerOpts.Operators = []*operators.Operators{{}}
 	err := request.Compile(executerOpts)
@ -168,7 +168,7 @@ func TestHTTPMakeResult(t *testing.T) {
 	request := &Request{}
 	executerOpts := testutils.NewMockExecuterOptions(options, &testutils.TemplateInfo{
 		ID:   templateID,
-		Info: model.Info{SeverityHolder: goflags.SeverityHolder{Severity: goflags.Low}, Name: "test"},
+		Info: model.Info{SeverityHolder: severity.SeverityHolder{Severity: severity.Low}, Name: "test"},
 	})
 	executerOpts.Operators = []*operators.Operators{{
 		Matchers: []*matchers.Matcher{{
--- a/v2/pkg/reporting/exporters/sarif/sarif.go
+++ b/v2/pkg/reporting/exporters/sarif/sarif.go
@ -3,7 +3,7 @@ package sarif
 import (
 	"crypto/sha1"
 	"encoding/hex"
-	"github.com/projectdiscovery/goflags"
+	"github.com/projectdiscovery/nuclei/v2/internal/severity"
 	"github.com/projectdiscovery/nuclei/v2/pkg/utils"
 	"os"
 	"path"
@ -111,11 +111,11 @@ func (i *Exporter) Export(event *output.ResultEvent) error {
 // getSarifSeverity returns the sarif severity
 func getSarifSeverity(event *output.ResultEvent) string {
 	switch event.Info.SeverityHolder.Severity {
-	case goflags.Info:
+	case severity.Info:
 		return "note"
-	case goflags.Low, goflags.Medium:
+	case severity.Low, severity.Medium:
 		return "warning"
-	case goflags.High, goflags.Critical:
+	case severity.High, severity.Critical:
 		return "error"
 	default:
 		return "note"
--- a/v2/pkg/reporting/reporting.go
+++ b/v2/pkg/reporting/reporting.go
@ -1,7 +1,7 @@
 package reporting

 import (
-	"github.com/projectdiscovery/goflags"
+	"github.com/projectdiscovery/nuclei/v2/internal/severity"
 	"github.com/projectdiscovery/nuclei/v2/pkg/model"
 	"github.com/projectdiscovery/nuclei/v2/pkg/utils"
 	"strings"
@ -38,7 +38,7 @@ type Options struct {
 // Filter filters the received event and decides whether to perform
 // reporting for it or not.
 type Filter struct {
-	Severities goflags.Severities `yaml:"severity"`
+	Severities severity.Severities `yaml:"severity"`
 	Tags       model.StringSlice   `yaml:"tags"`
 }

--- a/v2/pkg/types/interfaces.go
+++ b/v2/pkg/types/interfaces.go
@ -4,7 +4,7 @@ package types

 import (
 	"fmt"
-	"github.com/projectdiscovery/goflags"
+	"github.com/projectdiscovery/nuclei/v2/internal/severity"
 	"strconv"
 	"strings"
 )
@ -44,9 +44,9 @@ func ToString(data interface{}) string {
 		return strconv.FormatUint(uint64(s), 10)
 	case []byte:
 		return string(s)
-	case goflags.SeverityHolder:
+	case severity.SeverityHolder:
 		return s.Severity.String()
-	case goflags.Severity:
+	case severity.Severity:
 		return s.String()
 	case fmt.Stringer:
 		return s.String()
--- a/v2/pkg/types/types.go
+++ b/v2/pkg/types/types.go
@ -1,6 +1,9 @@
 package types

-import "github.com/projectdiscovery/goflags"
+import (
+	"github.com/projectdiscovery/goflags"
+	"github.com/projectdiscovery/nuclei/v2/internal/severity"
+)

 // Options contains the configuration options for nuclei scanner.
 type Options struct {
@ -18,8 +21,8 @@ type Options struct {
 	ExcludedTemplates goflags.StringSlice
 	// CustomHeaders is the list of custom global headers to send with each request.
 	CustomHeaders goflags.StringSlice
-	// Severity filters templates based on their severity and only run the matching ones.
-	Severity goflags.Severities
+	// Severities filters templates based on their severity and only run the matching ones.
+	Severities severity.Severities
 	// Author filters templates based on their author and only run the matching ones.
 	Author goflags.StringSlice
 	// IncludeTags includes specified tags to be run even while being in denylist