diff --git a/SYNTAX-REFERENCE.md b/SYNTAX-REFERENCE.md
index da73e9a3e..3ef0d5498 100755
--- a/SYNTAX-REFERENCE.md
+++ b/SYNTAX-REFERENCE.md
@@ -1585,6 +1585,8 @@ Appears in:
- http.Request.fuzzing
+- headless.Request.fuzzing
+
@@ -2717,6 +2719,19 @@ StopAtFirstMatch stops the execution of the requests and template as soon as a m
+
+
+
+Fuzzing describes schema to fuzz headless requests
+
+
+
+
+
diff --git a/nuclei-jsonschema.json b/nuclei-jsonschema.json
index cccc49b2f..025c74af4 100644
--- a/nuclei-jsonschema.json
+++ b/nuclei-jsonschema.json
@@ -372,6 +372,72 @@
"title": "type of the matcher",
"description": "Type of the matcher"
},
+ "fuzz.Rule": {
+ "properties": {
+ "type": {
+ "enum": [
+ "replace",
+ "prefix",
+ "postfix",
+ "infix"
+ ],
+ "type": "string",
+ "title": "type of rule",
+ "description": "Type of fuzzing rule to perform"
+ },
+ "part": {
+ "enum": [
+ "query"
+ ],
+ "type": "string",
+ "title": "part of rule",
+ "description": "Part of request rule to fuzz"
+ },
+ "mode": {
+ "enum": [
+ "single",
+ "multiple"
+ ],
+ "type": "string",
+ "title": "mode of rule",
+ "description": "Mode of request rule to fuzz"
+ },
+ "keys": {
+ "items": {
+ "type": "string"
+ },
+ "type": "array",
+ "title": "keys of parameters to fuzz",
+ "description": "Keys of parameters to fuzz"
+ },
+ "keys-regex": {
+ "items": {
+ "type": "string"
+ },
+ "type": "array",
+ "title": "keys regex to fuzz",
+ "description": "Regex of parameter keys to fuzz"
+ },
+ "values": {
+ "items": {
+ "type": "string"
+ },
+ "type": "array",
+ "title": "values regex to fuzz",
+ "description": "Regex of parameter values to fuzz"
+ },
+ "fuzz": {
+ "items": {
+ "type": "string"
+ },
+ "type": "array",
+ "title": "payloads of fuzz rule",
+ "description": "Payloads to perform fuzzing substitutions with"
+ }
+ },
+ "additionalProperties": false,
+ "type": "object"
+ },
"generators.AttackTypeHolder": {
"enum": [
"batteringram",
@@ -653,6 +719,14 @@
"type": "string",
"title": "condition between the matchers",
"description": "Conditions between the matchers"
+ },
+ "fuzzing": {
+ "items": {
+ "$ref": "#/definitions/fuzz.Rule"
+ },
+ "type": "array",
+ "title": "fuzzin rules for http fuzzing",
+ "description": "Fuzzing describes rule schema to fuzz headless requests"
}
},
"additionalProperties": false,
@@ -953,72 +1027,6 @@
"title": "type of the signature",
"description": "Type of the signature"
},
- "fuzz.Rule": {
- "properties": {
- "type": {
- "enum": [
- "replace",
- "prefix",
- "postfix",
- "infix"
- ],
- "type": "string",
- "title": "type of rule",
- "description": "Type of fuzzing rule to perform"
- },
- "part": {
- "enum": [
- "query"
- ],
- "type": "string",
- "title": "part of rule",
- "description": "Part of request rule to fuzz"
- },
- "mode": {
- "enum": [
- "single",
- "multiple"
- ],
- "type": "string",
- "title": "mode of rule",
- "description": "Mode of request rule to fuzz"
- },
- "keys": {
- "items": {
- "type": "string"
- },
- "type": "array",
- "title": "keys of parameters to fuzz",
- "description": "Keys of parameters to fuzz"
- },
- "keys-regex": {
- "items": {
- "type": "string"
- },
- "type": "array",
- "title": "keys regex to fuzz",
- "description": "Regex of parameter keys to fuzz"
- },
- "values": {
- "items": {
- "type": "string"
- },
- "type": "array",
- "title": "values regex to fuzz",
- "description": "Regex of parameter values to fuzz"
- },
- "fuzz": {
- "items": {
- "type": "string"
- },
- "type": "array",
- "title": "payloads of fuzz rule",
- "description": "Payloads to perform fuzzing substitutions with"
- }
- },
- "additionalProperties": false,
- "type": "object"
- },
"network.Input": {
"properties": {
"data": {
diff --git a/v2/pkg/templates/templates_doc.go b/v2/pkg/templates/templates_doc.go
index 69466296e..2901e26df 100644
--- a/v2/pkg/templates/templates_doc.go
+++ b/v2/pkg/templates/templates_doc.go
@@ -677,6 +677,10 @@ func init() {
TypeName: "http.Request",
FieldName: "fuzzing",
},
+ {
+ TypeName: "headless.Request",
+ FieldName: "fuzzing",
+ },
}
FUZZRuleDoc.Fields = make([]encoder.Doc, 7)
FUZZRuleDoc.Fields[0].Name = "type"
@@ -1203,7 +1207,7 @@ func init() {
Value: "Headless response received from client (default)",
},
}
- HEADLESSRequestDoc.Fields = make([]encoder.Doc, 7)
+ HEADLESSRequestDoc.Fields = make([]encoder.Doc, 8)
HEADLESSRequestDoc.Fields[0].Name = "id"
HEADLESSRequestDoc.Fields[0].Type = "string"
HEADLESSRequestDoc.Fields[0].Note = ""
@@ -1239,6 +1243,11 @@ func init() {
HEADLESSRequestDoc.Fields[6].Note = ""
HEADLESSRequestDoc.Fields[6].Description = "StopAtFirstMatch stops the execution of the requests and template as soon as a match is found."
HEADLESSRequestDoc.Fields[6].Comments[encoder.LineComment] = "StopAtFirstMatch stops the execution of the requests and template as soon as a match is found."
+ HEADLESSRequestDoc.Fields[7].Name = "fuzzing"
+ HEADLESSRequestDoc.Fields[7].Type = "[]fuzz.Rule"
+ HEADLESSRequestDoc.Fields[7].Note = ""
+ HEADLESSRequestDoc.Fields[7].Description = "Fuzzing describes schema to fuzz headless requests"
+ HEADLESSRequestDoc.Fields[7].Comments[encoder.LineComment] = " Fuzzing describes schema to fuzz headless requests"
ENGINEActionDoc.Type = "engine.Action"
ENGINEActionDoc.Comments[encoder.LineComment] = " Action is an action taken by the browser to reach a navigation"