resolve merge conflicts with dev

.github/dependabot.yml

@@ -6,18 +6,6 @@
 version: 2
 updates:
 
-  # Maintain dependencies for GitHub Actions
-  - package-ecosystem: "github-actions"
-    directory: "/"
-    schedule:
-      interval: "weekly"
-    target-branch: "dev"
-    commit-message:
-      prefix: "chore"
-      include: "scope"
-    labels:
-      - "Type: Maintenance"
-
   # Maintain dependencies for go modules
   - package-ecosystem: "gomod"
     directory: "v2/"
@@ -29,15 +17,29 @@ updates:
       include: "scope"
     labels:
       - "Type: Maintenance"
+    allow:
+      - dependency-name: "github.com/projectdiscovery/*"
 
-  # Maintain dependencies for docker
+#  # Maintain dependencies for GitHub Actions
-  - package-ecosystem: "docker"
+#  - package-ecosystem: "github-actions"
-    directory: "/"
+#    directory: "/"
-    schedule:
+#    schedule:
-      interval: "weekly"
+#      interval: "weekly"
-    target-branch: "dev"
+#    target-branch: "dev"
-    commit-message:
+#    commit-message:
-      prefix: "chore"
+#      prefix: "chore"
-      include: "scope"
+#      include: "scope"
-    labels:
+#    labels:
-      - "Type: Maintenance"
+#      - "Type: Maintenance"
+#
+#  # Maintain dependencies for docker
+#  - package-ecosystem: "docker"
+#    directory: "/"
+#    schedule:
+#      interval: "weekly"
+#    target-branch: "dev"
+#    commit-message:
+#      prefix: "chore"
+#      include: "scope"
+#    labels:
+#      - "Type: Maintenance"

.github/release.yml

@@ -0,0 +1,17 @@
+changelog:
+  exclude:
+    authors:
+      - dependabot
+  categories:
+    - title: 🎉 Features
+      labels:
+        - "Type: Enhancement"
+    - title: 🐞 Bugs
+      labels:
+        - "Type: Bug" 
+    - title: 🔨 Maintenance
+      labels:
+        - "Type: Maintenance" 
+    - title: Other Changes
+      labels:
+        - "*"

.github/workflows/build-test.yml

@@ -25,7 +25,7 @@ jobs:
       - name: Check out code
         uses: actions/checkout@v3
 
-      - name: Go Mod hygine
+      - name: Go Mod hygiene
         run: |
           go clean -modcache
           go mod tidy

.github/workflows/dep-auto-merge.yml

@@ -0,0 +1,26 @@
+name: 🤖 dep auto merge
+
+on:
+  pull_request:
+    branches:
+      - dev
+  workflow_dispatch:
+
+permissions:
+  pull-requests: write
+  issues: write
+  repository-projects: write
+
+jobs:
+  automerge:
+    runs-on: ubuntu-latest
+    if: github.actor == 'dependabot[bot]'
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          token: ${{ secrets.DEPENDABOT_PAT }}
+
+      - uses: ahmadnassri/action-dependabot-auto-merge@v2
+        with:
+          github-token: ${{ secrets.DEPENDABOT_PAT }}
+          target: all

.github/workflows/dockerhub-push.yml

@@ -14,7 +14,7 @@ jobs:
       - name: Git Checkout
         uses: actions/checkout@v3
 
-      - name: Get Github tag
+      - name: Get GitHub tag
         id: meta
         run: |
           curl --silent "https://api.github.com/repos/projectdiscovery/nuclei/releases/latest" | jq -r .tag_name | xargs -I {} echo TAG={} >> $GITHUB_OUTPUT

CONTRIBUTING.md

@@ -0,0 +1,30 @@
+# Contributing to ProjectDiscovery/Nuclei
+
+We appreciate your interest in contributing to the projectdiscovery/nuclei! This document provides some basic guidelines for contributors.
+
+## Getting Started
+
+- Always base your work from the `dev` branch, which is the development branch with the latest code.
+- Before creating a Pull Request (PR), make sure there is a corresponding issue for your contribution. If there isn't one already, please create one.
+- Include the problem description in the issue.
+
+## Pull Requests
+
+When creating a PR, please follow these guidelines:
+
+- Link your PR to the corresponding issue.
+- Provide context in the PR description to help reviewers understand the changes. The more information you provide, the faster the review process will be.
+- Include an example of running the tool with the changed code, if applicable. Provide 'before' and 'after' examples if possible.
+- Include steps for functional testing or replication.
+- If you're adding a new feature, make sure to include unit tests.
+
+## Code Style
+
+Please adhere to the existing coding style for consistency. 
+
+## Questions
+
+If you have any questions or need further guidance, please feel free to ask in the issue or PR, or [reach out to the maintainers](https://discord.gg/projectdiscovery).
+
+Thank you for your contribution!
+

DEBUG.md

@@ -0,0 +1,44 @@
+## Debugging Nuclei
+
+While Adding new features or fixing bugs or writing new templates to properly understand the behavior of that component, it is essential to understand what debugging options are available in nuclei. This guide lists all the debugging options available in nuclei.
+
+### Template related debugging
+
+- `-debug` flag
+
+When this flag is provided, nuclei will print all requests that are being sent by nuclei to the target as well as the response received from the target.
+
+- `-debug-req` flag
+
+When this flag is provided, nuclei will print all requests that are being sent by nuclei to the target.
+
+- `-debug-resp` flag
+
+When this flag is provided, nuclei will  print all responses that are being received by nuclei from the target.
+
+- `-ldf` flag
+
+When this flag is provided, nuclei will print the list of all helper functions available in this release of nuclei and exit.
+
+- `-svd` flag
+
+When this flag is provided, nuclei will print all `variables` pre and post execution of a request for a template. This is useful to understand what variables are available for a template and what values they have.
+
+- `-elog = errors.txt` flag
+
+When this flag is provided, nuclei will log all errors to the file specified. This is helpful when running large scans.
+
+
+
+### Environment Variable Switches
+
+Nuclei was built with some environment variables in mind to help with debugging. These environment variables can be set to enable debugging of a particular component/functionality for nuclei.
+
+| Environment Variable             | Description                                              |
+| -------------------------------- | -------------------------------------------------------- |
+| `DEBUG=true`                     | Enables Printing Stack Traces for all errors             |
+| `SHOW_DSL_ERRORS=true`           | Enables Printing DSL Errors (that are hidden by default) |
+| `HIDE_TEMPLATE_SIG_WARNING=true` | Hides Template Signature Verification Warnings           |
+
+
+

DESIGN.md

@@ -145,7 +145,7 @@ type Exporter interface {
 }
 ```
 
-Exporters include `Elasticsearch`, `markdown`, `sarif` . Trackers include `GitHub` , `Gitlab` and `Jira`.
+Exporters include `Elasticsearch`, `markdown`, `sarif` . Trackers include `GitHub` , `GitLab` and `Jira`.
 
 Each exporter and trackers implement their own configuration in YAML format and are very modular in nature, so adding new ones is easy.
 
@@ -484,7 +484,7 @@ $ go tool pprof -http=:8081 mem.pprof
 - [v2/pkg/reporting/exporters/markdown](./v2/pkg/reporting/exporters/markdown) - Markdown Result Exporter
 - [v2/pkg/reporting/exporters/es](./v2/pkg/reporting/exporters/es) - Elasticsearch Result Exporter
 - [v2/pkg/reporting/dedupe](./v2/pkg/reporting/dedupe) - Dedupe module for Results
-- [v2/pkg/reporting/trackers/gitlab](./v2/pkg/reporting/trackers/gitlab) - Gitlab Issue Tracker Exporter
+- [v2/pkg/reporting/trackers/gitlab](./v2/pkg/reporting/trackers/gitlab) - GitLab Issue Tracker Exporter
 - [v2/pkg/reporting/trackers/jira](./v2/pkg/reporting/trackers/jira) - Jira Issue Tracker Exporter
 - [v2/pkg/reporting/trackers/github](./v2/pkg/reporting/trackers/github) - GitHub Issue Tracker Exporter
 - [v2/pkg/reporting/format](./v2/pkg/reporting/format) - Result Formatting Functions

Dockerfile

@@ -1,5 +1,5 @@
 # Build
-FROM golang:1.20.5-alpine AS build-env
+FROM golang:1.20.6-alpine AS build-env
 RUN apk add build-base
 WORKDIR /app
 COPY . /app

README.md

@@ -41,8 +41,6 @@ Nuclei is used to send requests across targets based on a template, leading to z
 
 We have a [dedicated repository](https://github.com/projectdiscovery/nuclei-templates) that houses various type of vulnerability templates contributed by **more than 300** security researchers and engineers.
 
-
-
 ## How it works
 
 
@@ -51,6 +49,11 @@ We have a [dedicated repository](https://github.com/projectdiscovery/nuclei-temp
 </h3>
 
 
+| :exclamation:  **Disclaimer**  |
+|---------------------------------|
+| **This project is in active development**. Expect breaking changes with releases. Review the release changelog before updating. |
+| This project was primarily built to be used as a standalone CLI tool. **Running nuclei as a service may pose security risks.** It's recommended to use with caution and additional security measures. |
+
 # Install Nuclei
 
 Nuclei requires **go1.20** to install successfully. Run the following command to install the latest version -
@@ -136,7 +139,7 @@ FILTERING:
    -tags string[]                     templates to run based on tags (comma-separated, file)
    -etags, -exclude-tags string[]     templates to exclude based on tags (comma-separated, file)
    -itags, -include-tags string[]     tags to be executed even if they are excluded either by default or configuration
-   -id, -template-id string[]         templates to run based on template ids (comma-separated, file)
+   -id, -template-id string[]         templates to run based on template ids (comma-separated, file, allow-wildcard)
    -eid, -exclude-id string[]         templates to exclude based on template ids (comma-separated, file)
    -it, -include-templates string[]   templates to be executed even if they are excluded either by default or configuration
    -et, -exclude-templates string[]   template or template directory to exclude (comma-separated, file)
@@ -154,7 +157,8 @@ OUTPUT:
    -silent                       display findings only
    -nc, -no-color                disable output content coloring (ANSI escape codes)
    -j, -jsonl                    write output in JSONL(ines) format
-   -irr, -include-rr             include request/response pairs in the JSONL output (for findings only)
+   -irr, -include-rr             include request/response pairs in the JSON, JSONL, and Markdown outputs (for findings only) [DEPRECATED use -omit-raw] (default true)
+   -or, -omit-raw                omit request/response pairs in the JSON, JSONL, and Markdown outputs (for findings only)
    -nm, -no-meta                 disable printing result metadata in cli output
    -ts, -timestamp               enables printing timestamp in cli output
    -rdb, -report-db string       nuclei reporting database (always use this to persist report data)
@@ -183,9 +187,10 @@ CONFIGURATIONS:
    -ck, -client-key string               client key file (PEM-encoded) used for authenticating against scanned hosts
    -ca, -client-ca string                client certificate authority file (PEM-encoded) used for authenticating against scanned hosts
    -sml, -show-match-line                show match lines for file templates, works with extractors only
-   -ztls                          use ztls library with autofallback to standard one for tls13
+   -ztls                                 use ztls library with autofallback to standard one for tls13 [Deprecated] autofallback to ztls is enabled by default
    -sni string                           tls sni hostname to use (default: input domain name)
-   -sandbox                       sandbox nuclei for safe templates execution
+   -lfa, -allow-local-file-access        allows file (payload) access anywhere on the system
+   -lna, -restrict-local-network-access  blocks connections to the local / private network
    -i, -interface string                 network interface to use for network scan
    -at, -attack-type string              type of payload combinations to perform (batteringram,pitchfork,clusterbomb)
    -sip, -source-ip string               source ip address to use for network scan
@@ -211,10 +216,10 @@ FUZZING:
 UNCOVER:
    -uc, -uncover                  enable uncover engine
    -uq, -uncover-query string[]   uncover search query
-   -ue, -uncover-engine string[]  uncover search engine (shodan,shodan-idb,fofa,censys,quake,hunter,zoomeye,netlas,criminalip) (default shodan)
+   -ue, -uncover-engine string[]  uncover search engine (shodan,censys,fofa,shodan-idb,quake,hunter,zoomeye,netlas,criminalip,publicwww,hunterhow) (default shodan)
    -uf, -uncover-field string     uncover fields to return (ip,port,host) (default "ip:port")
    -ul, -uncover-limit int        uncover results to return (default 100)
-   -ucd, -uncover-delay int       delay between uncover query requests in seconds (0 to disable) (default 1)
+   -ur, -uncover-ratelimit int    override ratelimit of engines with unknown ratelimit (default 60 req/min) (default 60)
 
 RATE-LIMIT:
    -rl, -rate-limit int               maximum number of requests to send per second (default 150)
@@ -244,6 +249,7 @@ HEADLESS:
    -headless                        enable templates that require headless browser support (root user on Linux will disable sandbox)
    -page-timeout int                seconds to wait for each page in headless mode (default 20)
    -sb, -show-browser               show the browser on the screen when running templates with headless mode
+   -ho, -headless-options string[]  start headless chrome with additional options
    -sc, -system-chrome              use local installed Chrome browser instead of nuclei installed
    -lha, -list-headless-action      list available headless actions
 
@@ -278,29 +284,6 @@ STATISTICS:
    -si, -stats-interval int  number of seconds to wait between showing a statistics update (default 5)
    -m, -metrics              expose nuclei metrics on a port
    -mp, -metrics-port int    port to expose nuclei metrics on (default 9092)
-
-CLOUD:
-   -cloud                              run scan on nuclei cloud
-   -ads, -add-datasource string        add specified data source (s3,github)
-   -atr, -add-target string            add target(s) to cloud
-   -atm, -add-template string          add template(s) to cloud
-   -lsn, -list-scan                    list previous cloud scans
-   -lso, -list-output string           list scan output by scan id
-   -ltr, -list-target                  list cloud target by id
-   -ltm, -list-template                list cloud template by id
-   -lds, -list-datasource              list cloud datasource by id
-   -lrs, -list-reportsource            list reporting sources
-   -dsn, -delete-scan string           delete cloud scan by id
-   -dtr, -delete-target string         delete target(s) from cloud
-   -dtm, -delete-template string       delete template(s) from cloud
-   -dds, -delete-datasource string     delete specified data source
-   -drs, -disable-reportsource string  disable specified reporting source
-   -ers, -enable-reportsource string   enable specified reporting source
-   -gtr, -get-target string            get target content by id
-   -gtm, -get-template string          get template content by id
-   -nos, -no-store                     disable scan/output storage on cloud
-   -no-tables                          do not display pretty-printed tables
-   -limit int                          limit the number of output to display (default 100)
 ```
 
 ### Running Nuclei

README_CN.md

@@ -134,6 +134,7 @@ Nuclei是一款注重于可配置性、可扩展性和易用性的基于模板
    -nc, -no-color                        禁用输出内容着色（ANSI转义码）
    -j, -jsonl                            输出为jsonL（ines）
    -irr, -include-rr                     在JSONL中输出对应的请求和相应（仅结果）
+   -or, -omit-raw                     
    -nm, -no-meta                         不显示匹配的元数据
    -nts, -no-timestamp                   不在输出中显示时间戳
    -rdb, -report-db string               本地的Nuclei结果数据库（始终使用该数据库保存结果）

README_ID.md

@@ -90,13 +90,15 @@ Nuclei is a fast, template based vulnerability scanner focusing
 on extensive configurability, massive extensibility and ease of use.
 
 Usage:
-  nuclei [flags]
+  ./nuclei [flags]
 
 Flags:
 TARGET:
    -u, -target string[]       target URLs/hosts to scan
    -l, -list string           path to file containing a list of target URLs/hosts to scan (one per line)
-   -resume string        Resume scan using resume.cfg (clustering will be disabled)
+   -resume string             resume scan using resume.cfg (clustering will be disabled)
+   -sa, -scan-all-ips         scan all the IP's associated with dns record
+   -iv, -ip-version string[]  IP version to scan of hostname (4,6) - (default 4)
 
 TEMPLATES:
    -nt, -new-templates                    run only new templates added in latest nuclei-templates release
@@ -107,7 +109,8 @@ TEMPLATES:
    -w, -workflows string[]                list of workflow or workflow directory to run (comma-separated, file)
    -wu, -workflow-url string[]            list of workflow urls to run (comma-separated, file)
    -validate                              validate the passed templates to nuclei
-   -nss, -no-strict-syntax                Disable strict syntax check on templates
+   -nss, -no-strict-syntax                disable strict syntax check on templates
+   -td, -template-display                 displays the templates content
    -tl                                    list all available templates
 
 FILTERING:
@@ -122,8 +125,8 @@ FILTERING:
    -em, -exclude-matchers string[]    template matchers to exclude in result
    -s, -severity value[]              templates to run based on severity. Possible values: info, low, medium, high, critical, unknown
    -es, -exclude-severity value[]     templates to exclude based on severity. Possible values: info, low, medium, high, critical, unknown
-   -pt, -type value[]                 templates to run based on protocol type. Possible values: dns, file, http, headless, network, workflow, ssl, websocket, whois
+   -pt, -type value[]                 templates to run based on protocol type. Possible values: dns, file, http, headless, tcp, workflow, ssl, websocket, whois
-   -ept, -exclude-type value[]        templates to exclude based on protocol type. Possible values: dns, file, http, headless, network, workflow, ssl, websocket, whois
+   -ept, -exclude-type value[]        templates to exclude based on protocol type. Possible values: dns, file, http, headless, tcp, workflow, ssl, websocket, whois
    -tc, -template-condition string[]  templates to run based on expression condition
 
 OUTPUT:
@@ -133,15 +136,16 @@ OUTPUT:
    -silent                       display findings only
    -nc, -no-color                disable output content coloring (ANSI escape codes)
    -j, -jsonl                    write output in JSONL(ines) format
-   -irr, -include-rr             include request/response pairs in the JSONL output (for findings only)
+   -irr, -include-rr             include request/response pairs in the JSON, JSONL, and Markdown outputs (for findings only) [DEPRECATED use -omit-raw] (default true)
+   -or, -omit-raw                omit request/response pairs in the JSON, JSONL, and Markdown outputs (for findings only)
    -nm, -no-meta                 disable printing result metadata in cli output
-   -nts, -no-timestamp           disable printing timestamp in cli output
+   -ts, -timestamp               enables printing timestamp in cli output
    -rdb, -report-db string       nuclei reporting database (always use this to persist report data)
    -ms, -matcher-status          display match failure status
    -me, -markdown-export string  directory to export results in markdown format
    -se, -sarif-export string     file to export results in SARIF format
-   -je, -json-export string      file to export results in JSON format as a JSON array. This can be memory intensive in larger scans
+   -je, -json-export string      file to export results in JSON format
-   -jle, -jsonl-export string    file to export results in JSONL(ine) format as a list of line-delimited JSON objects
+   -jle, -jsonl-export string    file to export results in JSONL(ine) format
 
 CONFIGURATIONS:
    -config string                        path to the nuclei configuration file
@@ -154,19 +158,26 @@ CONFIGURATIONS:
    -V, -var value                        custom vars in key=value format
    -r, -resolvers string                 file containing resolver list for nuclei
    -sr, -system-resolvers                use system DNS resolving as error fallback
+   -dc, -disable-clustering              disable clustering of requests
    -passive                              enable passive HTTP response processing mode
+   -fh2, -force-http2                    force http2 connection on requests
    -ev, -env-vars                        enable environment variables to be used in template
    -cc, -client-cert string              client certificate file (PEM-encoded) used for authenticating against scanned hosts
    -ck, -client-key string               client key file (PEM-encoded) used for authenticating against scanned hosts
    -ca, -client-ca string                client certificate authority file (PEM-encoded) used for authenticating against scanned hosts
    -sml, -show-match-line                show match lines for file templates, works with extractors only
-   -ztls                          use ztls library with autofallback to standard one for tls13
+   -ztls                                 use ztls library with autofallback to standard one for tls13 [Deprecated] autofallback to ztls is enabled by default
    -sni string                           tls sni hostname to use (default: input domain name)
+   -lfa, -allow-local-file-access        allows file (payload) access anywhere on the system
+   -lna, -restrict-local-network-access  blocks connections to the local / private network
    -i, -interface string                 network interface to use for network scan
+   -at, -attack-type string              type of payload combinations to perform (batteringram,pitchfork,clusterbomb)
    -sip, -source-ip string               source ip address to use for network scan
-   -config-directory string       Override the default config path ($home/.config)
+   -config-directory string              override the default config path ($home/.config)
    -rsr, -response-size-read int         max response size to read in bytes (default 10485760)
-   -rss, -response-size-save int  max response size to save in bytes (default 10485760)
+   -rss, -response-size-save int         max response size to read in bytes (default 1048576)
+   -reset                                reset removes all nuclei configuration and data files (including nuclei-templates)
+   -tlsi, -tls-impersonate               enable experimental client hello (ja3) tls randomization
 
 INTERACTSH:
    -iserver, -interactsh-server string  interactsh server url for self-hosted instance (default: oast.pro,oast.live,oast.site,oast.online,oast.fun,oast.me)
@@ -177,6 +188,18 @@ INTERACTSH:
    -interactions-cooldown-period int    extra time for interaction polling before exiting (default 5)
    -ni, -no-interactsh                  disable interactsh server for OAST testing, exclude OAST based templates
 
+FUZZING:
+   -ft, -fuzzing-type string  overrides fuzzing type set in template (replace, prefix, postfix, infix)
+   -fm, -fuzzing-mode string  overrides fuzzing mode set in template (multiple, single)
+
+UNCOVER:
+   -uc, -uncover                  enable uncover engine
+   -uq, -uncover-query string[]   uncover search query
+   -ue, -uncover-engine string[]  uncover search engine (shodan,censys,fofa,shodan-idb,quake,hunter,zoomeye,netlas,criminalip,publicwww,hunterhow) (default shodan)
+   -uf, -uncover-field string     uncover fields to return (ip,port,host) (default "ip:port")
+   -ul, -uncover-limit int        uncover results to return (default 100)
+   -ur, -uncover-ratelimit int    override ratelimit of engines with unknown ratelimit (default 60 req/min) (default 60)
+
 RATE-LIMIT:
    -rl, -rate-limit int               maximum number of requests to send per second (default 150)
    -rlm, -rate-limit-minute int       maximum number of requests to send per minute
@@ -188,22 +211,24 @@ RATE-LIMIT:
 OPTIMIZATIONS:
    -timeout int                        time to wait in seconds before timeout (default 10)
    -retries int                        number of times to retry a failed request (default 1)
-   -ldp, -leave-default-ports          leave default HTTP/HTTPS ports (eg. host:80,host:443
+   -ldp, -leave-default-ports          leave default HTTP/HTTPS ports (eg. host:80,host:443)
    -mhe, -max-host-error int           max errors for a host before skipping from scan (default 30)
    -te, -track-error string[]          adds given error to max-host-error watchlist (standard, file)
    -nmhe, -no-mhe                      disable skipping host from scan based on errors
    -project                            use a project folder to avoid sending same request multiple times
-   -project-path string                set a specific project path
+   -project-path string                set a specific project path (default "/tmp")
-   -spm, -stop-at-first-path           stop processing HTTP requests after the first match (may break template/workflow logic)
+   -spm, -stop-at-first-match          stop processing HTTP requests after the first match (may break template/workflow logic)
    -stream                             stream mode - start elaborating without sorting the input
+   -ss, -scan-strategy value           strategy to use while scanning(auto/host-spray/template-spray) (default auto)
    -irt, -input-read-timeout duration  timeout on input read (default 3m0s)
-   -no-stdin                           Disable Stdin processing
+   -nh, -no-httpx                      disable httpx probing for non-url input
+   -no-stdin                           disable stdin processing
 
 HEADLESS:
-   -headless                    enable templates that require headless browser support (root user on linux will disable sandbox)
+   -headless                    enable templates that require headless browser support (root user on Linux will disable sandbox)
    -page-timeout int            seconds to wait for each page in headless mode (default 20)
    -sb, -show-browser           show the browser on the screen when running templates with headless mode
-   -sc, -system-chrome          Use local installed chrome browser instead of nuclei installed
+   -sc, -system-chrome          use local installed Chrome browser instead of nuclei installed
    -lha, -list-headless-action  list available headless actions
 
 DEBUG:
@@ -220,22 +245,46 @@ DEBUG:
    -v, -verbose              show verbose output
    -profile-mem string       optional nuclei memory profile dump file
    -vv                       display templates loaded for scan
+   -svd, -show-var-dump      show variables dump for debugging
    -ep, -enable-pprof        enable pprof debugging server
    -tv, -templates-version   shows the version of the installed nuclei-templates
    -hc, -health-check        run diagnostic check up
 
 UPDATE:
-   -update                        update nuclei engine to the latest released version
+   -up, -update                      update nuclei engine to the latest released version
    -ut, -update-templates            update nuclei-templates to latest released version
-   -ud, -update-directory string  overwrite the default directory to install nuclei-templates
+   -ud, -update-template-dir string  custom directory to install / update nuclei-templates
    -duc, -disable-update-check       disable automatic nuclei/templates update check
 
 STATISTICS:
    -stats                    display statistics about the running scan
-   -sj, -stats-json          dispaly statistics in JSONL(ines) format
+   -sj, -stats-json          display statistics in JSONL(ines) format
    -si, -stats-interval int  number of seconds to wait between showing a statistics update (default 5)
    -m, -metrics              expose nuclei metrics on a port
    -mp, -metrics-port int    port to expose nuclei metrics on (default 9092)
+
+CLOUD:
+   -cloud                              run scan on nuclei cloud
+   -ads, -add-datasource string        add specified data source (s3,github)
+   -atr, -add-target string            add target(s) to cloud
+   -atm, -add-template string          add template(s) to cloud
+   -lsn, -list-scan                    list previous cloud scans
+   -lso, -list-output string           list scan output by scan id
+   -ltr, -list-target                  list cloud target by id
+   -ltm, -list-template                list cloud template by id
+   -lds, -list-datasource              list cloud datasource by id
+   -lrs, -list-reportsource            list reporting sources
+   -dsn, -delete-scan string           delete cloud scan by id
+   -dtr, -delete-target string         delete target(s) from cloud
+   -dtm, -delete-template string       delete template(s) from cloud
+   -dds, -delete-datasource string     delete specified data source
+   -drs, -disable-reportsource string  disable specified reporting source
+   -ers, -enable-reportsource string   enable specified reporting source
+   -gtr, -get-target string            get target content by id
+   -gtm, -get-template string          get template content by id
+   -nos, -no-store                     disable scan/output storage on cloud
+   -no-tables                          do not display pretty-printed tables
+   -limit int                          limit the number of output to display (default 100)
 ```
 
 ### Menjalankan Nuclei

README_KR.md

@@ -130,6 +130,7 @@ OUTPUT:
    -nc, -no-color                출력 내용 색상 비활성화 (ANSI escape codes)
    -j, -jsonl                    JSONL(ines) 형식으로 출력
    -irr, -include-rr             JSONL 출력에 요청/응답 쌍 포함(결과만)
+   -or, -omit-raw                
    -nm, -no-meta                 cli 출력에서 결과 메타데이터 출력 비활성화
    -nts, -no-timestamp           cli 출력에서 결과 타임스탬프 출력 비활성화
    -rdb, -report-db string       nuclei 보고 데이터베이스(보고서 데이터를 유지하려면 항상 이것을 사용)

SYNTAX-REFERENCE.md

@@ -358,7 +358,7 @@ Variables contains any variables for the current request.
 </div>
 <div class="dt">
 
-Constants contains any scalar costant for the current template
+Constants contains any scalar constant for the current template
 
 </div>
 
@@ -825,6 +825,29 @@ epss-score: "0.42509"
 ```
 
 
+</div>
+
+<hr />
+
+<div class="dd">
+
+<code>epss-percentile</code>  <i>float64</i>
+
+</div>
+<div class="dt">
+
+EPSS Percentile for the template.
+
+
+
+Examples:
+
+
+```yaml
+epss-percentile: "0.42509"
+```
+
+
 </div>
 
 <hr />

integration_tests/debug.sh

@@ -8,7 +8,7 @@ if [ $1 = "-h" ]; then
  printf " \$ ./debug.sh http self\n\n"
  printf "3. To run all integration tests of 'x' protocol that contains 'y' in template name and pass extra args to nuclei:\n"
  printf " \$ ./debug.sh http self -svd -debug-req\n\n"
- printf "nuclei binary is created everytime script is run but integration-test binary is not"
+ printf "nuclei binary is created every time script is run but integration-test binary is not"
  exit 0
 fi
 

integration_tests/dsl/hide-version-warning.yaml

@@ -0,0 +1,18 @@
+id: basic-example
+
+info:
+  name: Test HTTP Template
+  author: pdteam
+  severity: info
+  reference: |
+    test case for default behaviour of version warning (dsl parsing error)
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers:
+      - type: dsl
+        dsl:
+          - compare_versions("GG", '< 4.8.5')

integration_tests/dsl/show-version-warning.yaml

@@ -0,0 +1,18 @@
+id: basic-example
+
+info:
+  name: Test HTTP Template
+  author: pdteam
+  severity: info
+  reference: |
+    test case where version warning is shown when env `SHOW_DSL_ERRORS=true` is set
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers:
+      - type: dsl
+        dsl:
+          - compare_versions("GG", '< 4.8.5')

integration_tests/generic/auth/certificate/assets/client.crt

@@ -1,19 +1,19 @@
 -----BEGIN CERTIFICATE-----
-MIIDETCCAfkCFFSLOinkkPWOfwuzMHF0B9EZIIghMA0GCSqGSIb3DQEBCwUAMEUx
+MIIDEzCCAfsCFBDZsFEIb3QwKLzXLoqR/oaDwakYMA0GCSqGSIb3DQEBCwUAMEUx
 CzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRl
-cm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMjMwNjIxMDA0MzA2WhcNMjMwNzIxMDA0
+cm5ldCBXaWRnaXRzIFB0eSBMdGQwIBcNMjMwNzI4MTAwODIyWhgPMzAwMzA5Mjkx
-MzA2WjBFMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UE
+MDA4MjJaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD
-CgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOC
+VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEBAQUA
-AQ8AMIIBCgKCAQEAp187MX/sPGlTl8WklyTSh8+kYURy2zWmp2FglMvo058NanCD
+A4IBDwAwggEKAoIBAQCp8/P9JAyE90ZrE1LZcJ/B24f79aazY8S/eeRRZsTvUP73
-rjYJvS2FNM2ZwRZH52qBr6rpqIsa8QDFjnlFJK5y4FNr104ZjDr1YXDfX5ftQeeX
+NrOznv1zhvJ9TKHUNcOouZ/NPQanNOiqkoigQwP7L2FA2bPOPAPIWBPWGdjSkeyZ
-wCavFRDdH/s43kGyNjNeSH78EhqmC3z7LxCJT5k8rXRAyC02uBRqQTrRHfNuVvGI
+8MYbA7Or+16k2ZYvKsCarG/PgGeL0UFLe6INvZRMnk1s+iF0upcHv5BhjIfBwzh4
-JZ59jxESzRJt89kWuYymkAj16LHffMvcq6HLwr/KG8IyrJJRj5KcDzYorFonTPe9
+o2pLY1d9bbnEsuSNagOzIkQS3mI22d1YbJKxXP0m+tBk1gTqhUhwEAXNaIBCRscs
-rwBlAbU3LpQ4ZlEP1mQA2PdCg3t85pz3n+57Iw839bWrwbjfijXHY3yjbqfEAaqa
+xyv9pW7ZSjPabf/L0Md2yMcVs0+oK6rkQbAWrTTjN1lJ603BHh+keIDMwQnbMB0U
-md08nByTg8TZlt9UzjWgj0K1DXDMDDkJKqi39QIDAQABMA0GCSqGSIb3DQEBCwUA
+AStJdyQpwa7hZ+5767+GxR7n85Twe1rSexmTl9/fAgMBAAEwDQYJKoZIhvcNAQEL
-A4IBAQAH0MhznadrMFuY2ZYA69FbsvOygMctv8qZW1HrHS0X13IXeW+8uxfb5+gk
+BQADggEBAIOQE2DWqwse0srtG+7IS0EO3iP27lRKxd387wY1xq00o3depKReVpYm
-yKFgXNMFueyd5PoN9vyC1t9AOBPnI56gaYm/MbDtwEqGo8C+9fjJasY23J90p54t
+R8sZM1meumniH1QKoVFJpBHYoPzQMi8vMmI9AV3KWNFcCyf+jwc69Qab2erDNVsw
-G6vxcXwo33HVpWBeRBkVF/SePeCn+MKk0jd/JgJS0T0s1Ih6wkn84/83hDk4M2M2
+5mCCGXkrzLbCzmbPFZoyvMmBlsQSmOjwyGGIeXwfqKv/TPwOzKfSM/KkQmgRyUro
-/yhc3wuNYdf/WB8QAfJAc2YpIfkMOoxGPTsxvREiZrPUyGiWa507hrHcQU0GV8qC
+GDT+TI5VhgvQyNLmkWNRhnI30DnlsQ1Bc0MEQ1hismOYxD4mCqufCOS3BmakDRNK
-KcnS7UUCT9TtJvQIKHwW68XjBudWpaILBj1TS8hOGseOJydJqbk8wyMTE6fgc1Ss
+QBz0xl0i5Dbf+e4o3rEaCGW/rzKkL1mm1TXqpDEy3UAwj+jIOZu5yByw5djfgSIX
-KfTrfa0HOHIkAU/TfE22Zqfw4z70
+OEVuqklUASYAPeVdSyf/VAflLV9nGKI=
 -----END CERTIFICATE-----

integration_tests/generic/auth/certificate/assets/client.key

@@ -1,28 +1,28 @@
 -----BEGIN PRIVATE KEY-----
-MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCnXzsxf+w8aVOX
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCp8/P9JAyE90Zr
-xaSXJNKHz6RhRHLbNaanYWCUy+jTnw1qcIOuNgm9LYU0zZnBFkfnaoGvqumoixrx
+E1LZcJ/B24f79aazY8S/eeRRZsTvUP73NrOznv1zhvJ9TKHUNcOouZ/NPQanNOiq
-AMWOeUUkrnLgU2vXThmMOvVhcN9fl+1B55fAJq8VEN0f+zjeQbI2M15IfvwSGqYL
+koigQwP7L2FA2bPOPAPIWBPWGdjSkeyZ8MYbA7Or+16k2ZYvKsCarG/PgGeL0UFL
-fPsvEIlPmTytdEDILTa4FGpBOtEd825W8Yglnn2PERLNEm3z2Ra5jKaQCPXosd98
+e6INvZRMnk1s+iF0upcHv5BhjIfBwzh4o2pLY1d9bbnEsuSNagOzIkQS3mI22d1Y
-y9yrocvCv8obwjKsklGPkpwPNiisWidM972vAGUBtTculDhmUQ/WZADY90KDe3zm
+bJKxXP0m+tBk1gTqhUhwEAXNaIBCRscsxyv9pW7ZSjPabf/L0Md2yMcVs0+oK6rk
-nPef7nsjDzf1tavBuN+KNcdjfKNup8QBqpqZ3TycHJODxNmW31TONaCPQrUNcMwM
+QbAWrTTjN1lJ603BHh+keIDMwQnbMB0UAStJdyQpwa7hZ+5767+GxR7n85Twe1rS
-OQkqqLf1AgMBAAECggEAEZiXdorGYUuJeElVFnbOk2ynEXrKwHURgkNgjgQqBCWS
+exmTl9/fAgMBAAECggEAPZzaVGhQPZgjqEfeHkQtNqtuthJNd/Vwa3Y2JqiaNqRn
-mYAet/ACchsZCAYdhgk7of62h6tmSUvmlzPHkUT6mfKlLSRYEBir4uxH4+ij8z7b
+epoTNcgq3EoM+Q3iETvYjf+VhmNcWRveSZBMBcWl2NdJa6hA/kBVorkDn/fI2jXa
-uLQKZi8q9QIC3VviDKvHep9H6ENBaP3YOxj2p2oLpYysrmesb98hA5VR3m26knVb
+z8gxGbQS3AOKQTs8ribSooBnHJPRdifLgyD0FAUpkUlGin53yIionj99iU/YG48g
-sfYwLdsrqQ5Tiuzm1Mdaca2HEYq0iXoZqjQHi31h33rw4HFBKcGX6w6PJOon+i2m
+4dwkBIFHRcxertQyhu3YQ+XleJ35n7mNFwGzC7curRBPUHMImPASzVYQhVdN8OBt
-eSSaCAJMYFkoS6NafJYwQDuwIwp+IyrYdI/vaAR6s2ufJ4doIjJC7YuPO5jpLpJc
+TZEoJw+2lmH4fIJYult27hcl2/pLs1FPvQFSLTIoqzaEzRhKdANkclmnhJjCBXzB
-IBBl5e7pu4/rlwJCDARfBWuXFbjtoMAvmM1MojdNOQKBgQDYCIl97ef19LmeYfwk
+7RLUpKOv1Q28u+P5KH1nFBV/UuuxXrjFt4jhRdji2QKBgQDvv+W0GJWX5POfyRHT
-RW2xhQTVCWwwBBhSl06iB9SeFkzCCRb+AFjhVhcwe4xIWh9GXWZawZC2XSaoTXte
+pAROclgVPEgS5vXQIelMdR76a72L/4Vm2/xeolWW1h5qmJF479V/+P+ppxb1IrUy
-hxcZRFbnpjcpZ6sYKiP4fB/GXGqYDUWovxu8gmXKrXtfwqJMXklfFE7WblGgK5gG
+6+yGtkMiQE4CizhFGWivfXUTPZbdeeSpHMUl9tRZdBZWi3aXzJ/8DfCzD+ZVS4Vx
-l7OfbuczaRaIQHoIQYzfmeCwmwKBgQDGVhCSNFGiRaDG7k2VfXElaIyL7m7FlsXf
++y62V4ymQyAqBWv2ast/ElEbowKBgQC1ePQgR+MNfz7/BaatCcLPwFG/kkqPVuzH
-EptolOeoGv5GvVr3CB5TvUqXN3haLZvUbBKRpWrDbP1n1i+77VICOLtq1qf6SEog
+//6HB+gAYTyuZsbLrYhCQsbsTjvQz0ExmTnNSeCjHTntQ+pZ8Tnuet9bHxKTRbvG
-1p2PAccGhXXvrL7LJLUr9Hk831D4fSX9TqVzdxwfMdGFepYoS4vm8fkGVCuaytDa
+9Ol/J402EnY2tO/b8jKXHNNyLNImvWpJ4PpaLRKQVxLPei+JcEHyz4MVMrhIjX1b
-fniJl8TarwKBgQCpTreCrAsY5bz7dcuIGamIcLmCxKm3T95IDDEiJ4ToiI2LnFga
+EhhDCZ6ulQKBgEUy+jX1MphY+QiRnJedq7CIyGu4roTmLOUaJKBw3bQiDN+vrO13
-pOcDYtc1tf4RTiAoo1ZuVjk10vdS+7ZuNO1Tbg216rxchNTAUXZzbcPxT8hydiRb
+aWxXJqUWwEi8KKDjeJgrYn+xPqsajXpZJjfru4zTSrDpRiCLqO+eIoCfMkBSwnEd
-xbrVGFTybNe+CunrdBGIpH/M6hSqtL+mmwm5L8+eqQNxsSZyhf0D2LMRdQKBgD8J
+YLoIeFopa5knP9+orDSwQV0tpanQ1n+DpIP02R/UGCCI2BST1pCi1M5JAoGAC/+E
-CXk+MZfOY1v2Tygs1zIZeVnb7M7VrYvJYSUq9jliYuBevDN5HBJnPfazhYe7qSQp
+PIIkO+c21gucmoIztCKmBQF6FoILw6lkPa9DIotLRMicyiieAquBlWwSvlqFl+7m
-OPmbRkRYNm2zEDa9JWxZVY+OK5MLOKwZKbhSy0uSTTpgf78WqpIOwB2NqDFhrRpF
+iHEi/gXXp50+6FVvnBnZnJ+wTbZllODqczK9Pl74G+PYm/UmbSFFxZ27Az6wwVOz
-zaXV/FUZw0qV/HVQFWXQD+JoC/fFb/2RZoPsfX83AoGBAM4VPDUa1I16MuuW+FNZ
+mbSzLoHjR35vmCmo4pHfu84PqxRXvmay3fPL3wUCgYEA0yZcvQqiTs+f4S/mZbhp
-cVENZK/qsXFMvm3xutezvMSgmCxVSnXy9GP8QbqkfMrDJd3v/HnwrC4ORTlU7rim
+fyPgurmowXUNgdijyeFoH+DMkwdWUJeBrinelQaXADUSXkKiA8gaoNGOIkDIBcve
-AWSvC6CYO1c2RantleA46T90uWW8kP24TK1yWOrRGKuaQYvfokiiLVExq1nA1iSR
+gdUhrY204MeoTYxnIb1dw6/KReya4YdRSMlYiX2hYEURIxdaJV5HcwW5ySMOzP87
-/QPLg6vEoPMOLhB7BQBpsFkq
+t2+YVr4faAv4AS8k21pBGrc=
 -----END PRIVATE KEY-----

integration_tests/generic/auth/certificate/assets/server.crt

@@ -1,19 +1,19 @@
 -----BEGIN CERTIFICATE-----
-MIIDETCCAfkCFHA1RpGfOY5p/vQmeMQ1oRFqH+CGMA0GCSqGSIb3DQEBCwUAMEUx
+MIIDEzCCAfsCFC21Zw7U0tGDyLyMalwfo9cWbL6dMA0GCSqGSIb3DQEBCwUAMEUx
 CzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRl
-cm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMjMwNjIxMDA0MjQ2WhcNMjMwNzIxMDA0
+cm5ldCBXaWRnaXRzIFB0eSBMdGQwIBcNMjMwNzI4MTAwNzI3WhgPMzAwMzA5Mjkx
-MjQ2WjBFMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UE
+MDA3MjdaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD
-CgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOC
+VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEBAQUA
-AQ8AMIIBCgKCAQEA3VdrKR5hmZ+vyvg6NB2dOL5vEIQ/9DevivnKWqX5mserYLMj
+A4IBDwAwggEKAoIBAQCjMlvOKQX9yn9SOYPJ8p+jeDUU/JWPwT4LRfqaxvvKSnS7
-Wq0knVfogewZnrDe+zVC3kOogBQvYk8Z53kTY9qpJT85dMCuW4xDx0JU+cWHul9a
+NZzd7lS4AR0YTjyjiRj3+t0QnEDHVKBD8cMh9kMXkQ2S0r7psCURLvvZOYt4v6KM
-pzF+bvws4paCWIcsGONyocPAx5g07LbPU9civC80QkQqELo1zYiRU1bX8vRJJqbN
+CyZpBbp8b/pG3aJQHDZjRDOApQrXhx62XJDIs64YKA8NybYOLqNisrWGrfqF4uEz
-TW2mzl9MN3AnCAYTwq8WhVG/1QR3LPQhPR68/1LWrFefQaEWaXT2s+Xv7K7NDXro
+RMgVGlthuQcXo3n2HzobuYN7RsHBzCWGLn9fRMDC2j3IAnQLf4YOznOJ57CjMd2W
-WSba4SgKdFd6fyUVMVr/ioT1KT45TP5jbRrW5JJUTdpkiXaIucrZg39f6F5gTZGA
+mn/yhHK8h9s4iU5zw3+PK+X/IM4GeAfeJMx8c5uq2A8A24uzMidyhxJCK7VUprjK
-U7bNROUMkqrJJngN9+Hp+YH1GpkKgu9EKA30EQIDAQABMA0GCSqGSIb3DQEBCwUA
+/ckdNYya6dkG2De+LR7W82ygfWbFDOnZKM26cPG/AgMBAAEwDQYJKoZIhvcNAQEL
-A4IBAQAw91bxiAi7DIVsKL3k4B0I+50ZKq9VMVNE3YCTPygpfuRiGQvlITZ5I8I5
+BQADggEBAH5+Wdb/1jgBhihN6Pb6SWJmDvwkOEP3t00E3fBao4TDqdDOhPsLYrAm
-3Ok2wWltgKx6EnicHIlLg42yRj7j3mdgOLMFMrUCfJmdogwnS+k6veG3G1RHUs9r
+8gt16OcGrrXDQA3bi79mAVqAqCvaf4hk0vSI0L4rNcCSP4D3fUBjRO3fY3fM4Qw8
-ATfX49u/hEX2pe7Rvx2VYVIugwrQESgQ21iaf6uUMsrq6W8eYZ31as1nJKpqIGbu
+xg9AusF5hRrvzFbEak7lPJ01kLOJEgBA1l457HrLnXcpDTml8Y46WqdWa6yVM33l
-W1fZMSi0RIUJP+mpVBE82IW+gJRi3uKU4HKPqyrU3dviBFdBxb3lNbh34/vdNkIw
+7tNaXWrPwYZYMTcRumIytsYtIJXp/sMLBIT0AO/QR4yarvVOeMSJ1va459PjKLBG
-4H2CfBxEvdwLYAhWDerlm4wWCmjkMiHfBHPBhhOICTkR25a7NFy27h/UDHjVC/6m
+JGGmf2rigaT050e71QOrGyMXgT6xsNjJgzeVhUgPO422mPT692kDi2oB5DA0Fau0
-fGshVSBtxVPJP7kcvZ1scIctvFZZ
+4qm5CMFgmYcC3zQoN53aDs1mHyWeroc=
 -----END CERTIFICATE-----

integration_tests/headless/headless-header-status-test.yaml

@@ -1,24 +0,0 @@
-id: headless-header-status-test
-
-info:
-  name: headless header + status test
-  author: pdteam
-  severity: info
-
-headless:
-  - steps:
-      - args:
-          url: "{{BaseURL}}"
-        action: navigate
-      - action: waitload
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        part: header
-        words:
-          - text/plain
-
-      - type: status
-        status:
-          - 200

integration_tests/protocols/code/py-env-var.yaml

@@ -20,4 +20,4 @@ code:
       - type: word
         words:
           - "hello from input baz"
-# digest: 4a0a004730450220782aba8c09f28370a95ad26563a89b6a0602de41d60577e07f16b356ed383f32022100c4aaeaaded87e5a66b29df00196382f7405edaa84e7ace9fe229b17faa1f9f49
+# digest: 4b0a00483046022100cd2b9d34169cdb716caee25976fed763880435f2f1e2979c9d7c9d2bd7b8e409022100dd0ba8bd3fa6a6be5f964ca3b0ce8bdbb20d865553133cf494ef64fbeebff345

integration_tests/protocols/code/py-file.yaml

@@ -18,4 +18,4 @@ code:
       - type: word
         words:
           - "hello from input"
-# digest: 4a0a004730450220669770a131431f19616155e6f984627773d33798780cf5ce9f40bdbb0947c718022100e87c841ac3e9082d261b420681d4b4bd5443a23dff7080cd95d4282c27d43ec8
+# digest: 4b0a00483046022100f663e5afaf5c118b21b9c5918cba12d7cc83edc2a3ee0f338c07e3cd1fe40e20022100b46193e3275c490a4ad3897c6e2ca51ce09f408538b17d041e0063d40f4df833

integration_tests/protocols/code/py-interactsh.yaml

@@ -26,4 +26,4 @@ code:
         part: interactsh_protocol
         words:
           - "http"
-# digest: 490a004630440220528b4720e39820f5ce36b77c75c04a26ba672c8f67ceb43214541e1d4cafabfd0220456698a9ba7d52f3a6833774fa1c2ed0a2e1dbcf116611c255db8d3061e16560
+# digest: 4b0a00483046022100c45cd27b9d49879663e1ea3c877dc362d06b8a0aea64b1ab06be3af5aa9a32ee0221008f5ee347245a2c1e04c46528e4c70a5a851f95c6ba49d2834ef7c3784bca47a9

integration_tests/protocols/code/py-snippet.yaml

@@ -20,4 +20,4 @@ code:
       - type: word
         words:
           - "hello from input"
-# digest: 4a0a00473045022100a38f338f224d5c4953bb4624352ad6ea0f0bb9000f00edcb40907b2c9806250002201cdc272cd895e85ff07a437997a844180ddc8baf4b9fc7d258fe90bd0ab2b8a8
+# digest: 4a0a00473045022100df57bf446d6d8e73ff9424b1055faebcea9038e5d5934834ed8e619b77bdfd5e02201754c1cebe9f65883315b3830755a0689999f33db7102cd8d5469e4c01cc6a66

integration_tests/protocols/http/dsl-functions.yaml

@@ -98,6 +98,7 @@ requests:
         85: {{split("ab,cd,efg", ",", 2)}}
         86: {{ip_format('127.0.0.1', 3)}}
         87: {{ip_format('127.0.1.0', 11)}}
+        88: {{jarm('scanme.sh:443')}}
     extractors:
       - type: regex
         name: results

integration_tests/protocols/http/http-paths.yaml

@@ -16,6 +16,7 @@ info:
     - "/text4shell/attack?search=$%7bscript:javascript:java.lang.Runtime.getRuntime().exec('nslookup%20{}.getparam')%7d"
     - "/test/..;/..;/"
     - "/xyz/%25u2s/%25invalid"
+    - "//CFIDE/wizards/common/utils.cfc"
     # duplicating here because same results are expected even if http request is written in different format
     - "/1337?with=param"
     - "/some%0A/%0D"
@@ -24,6 +25,7 @@ info:
     - "/text4shell/attack?search=$%7bscript:javascript:java.lang.Runtime.getRuntime().exec('nslookup%20{}.getparam')%7d"
     - "/test/..;/..;/"
     - "/xyz/%25u2s/%25invalid"
+    - "//CFIDE/wizards/common/utils.cfc"
 
 # Test all templates with FullURLs
 requests:
@@ -62,6 +64,10 @@ requests:
       - |+
         GET /xyz/%u2s/%invalid HTTP/1.1
         Host: scanme.sh
+    # test relative path start with //
+      - |+
+        GET //CFIDE/wizards/common/utils.cfc HTTP/1.1
+        Host: scanme.sh
 
     matchers:
       - type: status
@@ -77,6 +83,7 @@ requests:
      - "{{BaseURL}}/text4shell/attack?search=$%7bscript:javascript:java.lang.Runtime.getRuntime().exec('nslookup%20{}.getparam')%7d"
      - "{{BaseURL}}/test/..;/..;/"
      - "{{BaseURL}}/xyz/%u2s/%invalid"
+     - "{{BaseURL}}//CFIDE/wizards/common/utils.cfc"
 
     matchers:
     - type: status

integration_tests/protocols/http/matcher-status.yaml

@@ -0,0 +1,40 @@
+id: matchet-status
+
+info:
+  name: Test Matcher Status
+  author: pdteam
+  severity: critical
+
+variables:
+  username: test
+  password: admin
+  date: 2023-05-31
+
+http:
+  - method: GET
+    path:
+      - "{{RootURL}}/login?username={{username}}&password={{password}}"
+      - "{{BaseURL}}/admin-pannel"
+
+  - method: GET
+    path:
+      - "{{BaseURL}}/dashboard?date={{date}}"
+      - "{{BaseURL}}/signup"
+  
+  - method: POST
+    path:
+      - "{{BaseURL}}/filemanager/upload.php"
+    body: "fldr=&url=file:///etc/passwd"
+
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "matcher status"
+
+      - type: status
+        status:
+          - 200

integration_tests/protocols/http/raw-unsafe-path.yaml

@@ -16,6 +16,7 @@ info:
     - "/text4shell/attack?search=$%7bscript:javascript:java.lang.Runtime.getRuntime().exec('nslookup%20{}.getparam')%7d"
     - "/test/..;/..;/"
     - "/xyz/%u2s/%invalid"
+    - "//CFIDE/wizards/common/utils.cfc"
 
 
 # Test all unsafe URL Handling Edgecases
@@ -50,6 +51,10 @@ requests:
       - |+
         GET /xyz/%u2s/%invalid HTTP/1.1
         Host: scanme.sh
+    # test relative path start with // (should not be removed)
+      - |+
+        GET //CFIDE/wizards/common/utils.cfc HTTP/1.1
+        Host: scanme.sh
 
     unsafe: true
     matchers:

integration_tests/protocols/network/same-address.yaml

@@ -0,0 +1,29 @@
+id: same-target
+
+info:
+  name: same-target
+  author: pdteam
+  severity: info
+  description: Riak is a distributed NoSQL key-value data store that offers high availability, fault tolerance, operational simplicity, and scalability.
+
+network:
+  - host: 
+      - "{{Hostname}}"
+      - "{{Hostname}}"
+      - "{{Hostname}}"
+      - "{{Hostname}}"
+      - "{{Hostname}}"
+      - "{{Hostname}}"
+      - "{{Hostname}}"
+      - "{{Hostname}}"
+      - "{{Hostname}}"
+      - "{{Hostname}}"
+      - "{{Hostname}}"
+    inputs:
+      - data: "PING\r\n"
+    read-size: 4
+    matchers:
+      - type: word
+        part: data
+        words:
+          - "PONG"

integration_tests/workflow/shared-cookie.yaml

@@ -11,5 +11,5 @@ workflows:
   - template: workflow/http-2.yaml
   # store cookie in native browser context
   - template: workflow/headless-1.yaml
-  # retrive 2 standard library cookies + headless cookie
+  # retrieve 2 standard library cookies + headless cookie
   - template: workflow/http-3.yaml

nuclei-jsonschema.json

@@ -32,6 +32,11 @@
           "title": "epss score for the template",
           "description": "EPSS Score for the template"
         },
+        "epss-percentile": {
+          "type": "number",
+          "title": "epss percentile for the template",
+          "description": "EPSS Percentile for the template"
+        },
         "cpe": {
           "type": "string",
           "title": "cpe for the template",
@@ -1293,7 +1298,7 @@
             }
           },
           "type": "object",
-          "title": "payloads for the webosocket request",
+          "title": "payloads for the websocket request",
           "description": "Payloads contains any payloads for the current request"
         }
       },

v2/.goreleaser.yml

@@ -37,13 +37,7 @@ archives:
 - format: zip
   id: nuclei
   builds: [nuclei-cli]
-  replacements:
+  name_template: '{{ .ProjectName }}_{{ .Version }}_{{ if eq .Os "darwin" }}macOS{{ else }}{{ .Os }}{{ end }}_{{ .Arch }}'
-      darwin: macOS
-
-- format: zip
-  id: annotate
-  builds: [annotate]
-  name_template: "{{ .Binary }}"
 
 checksum:
   algorithm: sha256

v2/cmd/integration-test/code.go

@@ -13,13 +13,14 @@ import (
 	"github.com/projectdiscovery/nuclei/v2/pkg/utils"
 )
 
-var codeTestCases = map[string]testutils.TestCase{
+var codeTestCases = []TestCaseInfo{
-	"protocols/code/py-snippet.yaml":    &codeSnippet{},
+	{Path: "protocols/code/py-snippet.yaml", TestCase: &codeSnippet{}},
-	"protocols/code/py-file.yaml":       &codeFile{},
+	{Path: "protocols/code/py-file.yaml", TestCase: &codeFile{}},
-	"protocols/code/py-env-var.yaml":    &codeEnvVar{},
+	{Path: "protocols/code/py-env-var.yaml", TestCase: &codeEnvVar{}},
-	"protocols/code/unsigned.yaml":      &unsignedCode{},
+	{Path: "protocols/code/unsigned.yaml", TestCase: &unsignedCode{}},
-	"protocols/code/rsa-signed.yaml":    &rsaSignedCode{},
+	{Path: "protocols/code/rsa-signed.yaml", TestCase: &rsaSignedCode{}},
-	"protocols/code/py-interactsh.yaml": &codeSnippet{},
+	{Path: "protocols/code/py-interactsh.yaml", TestCase: &codeSnippet{}},
+	{Path: "protocols/code/ps1-snippet.yaml", TestCase: &codeSnippet{}, DisableOn: func() bool { return !osutils.IsWindows() }},
 }
 
 var (
@@ -50,10 +51,6 @@ func init() {
 		panic(err)
 	}
 
-	if osutils.IsWindows() {
-		codeTestCases["protocols/code/ps1-snippet.yaml"] = &codeSnippet{}
-	}
-
 	signTemplates()
 }
 
@@ -69,7 +66,15 @@ func signTemplates() {
 		log.Fatalf("couldn't create crypto engine: %s\n", err)
 	}
 
-	for templatePath, testCase := range codeTestCases {
+	for _, v := range codeTestCases {
+		templatePath := v.Path
+		testCase := v.TestCase
+
+		if v.DisableOn != nil && v.DisableOn() {
+			// skip ps1 test case on non-windows platforms
+			continue
+		}
+
 		templatePath, err := filepath.Abs(templatePath)
 		if err != nil {
 			panic(err)

v2/cmd/integration-test/custom-dir.go

@@ -8,8 +8,8 @@ import (
 
 type customConfigDirTest struct{}
 
-var customConfigDirTestCases = map[string]testutils.TestCase{
+var customConfigDirTestCases = []TestCaseInfo{
-	"protocols/dns/cname-fingerprint.yaml": &customConfigDirTest{},
+	{Path: "protocols/dns/cname-fingerprint.yaml", TestCase: &customConfigDirTest{}},
 }
 
 // Execute executes a test case and returns an error if occurred

v2/cmd/integration-test/dns.go

@@ -4,14 +4,14 @@ import (
 	"github.com/projectdiscovery/nuclei/v2/pkg/testutils"
 )
 
-var dnsTestCases = map[string]testutils.TestCase{
+var dnsTestCases = []TestCaseInfo{
-	"protocols/dns/basic.yaml":                &dnsBasic{},
+	{Path: "protocols/dns/basic.yaml", TestCase: &dnsBasic{}},
-	"protocols/dns/ptr.yaml":                  &dnsPtr{},
+	{Path: "protocols/dns/ptr.yaml", TestCase: &dnsPtr{}},
-	"protocols/dns/caa.yaml":                  &dnsCAA{},
+	{Path: "protocols/dns/caa.yaml", TestCase: &dnsCAA{}},
-	"protocols/dns/tlsa.yaml":                 &dnsTLSA{},
+	{Path: "protocols/dns/tlsa.yaml", TestCase: &dnsTLSA{}},
-	"protocols/dns/variables.yaml":            &dnsVariables{},
+	{Path: "protocols/dns/variables.yaml", TestCase: &dnsVariables{}},
-	"protocols/dns/payload.yaml":              &dnsPayload{},
+	{Path: "protocols/dns/payload.yaml", TestCase: &dnsPayload{}},
-	"protocols/dns/dsl-matcher-variable.yaml": &dnsDSLMatcherVariable{},
+	{Path: "protocols/dns/dsl-matcher-variable.yaml", TestCase: &dnsDSLMatcherVariable{}},
 }
 
 type dnsBasic struct{}

v2/cmd/integration-test/dsl.go

@@ -0,0 +1,49 @@
+package main
+
+import (
+	"fmt"
+	"net/http"
+	"net/http/httptest"
+
+	"github.com/julienschmidt/httprouter"
+	"github.com/projectdiscovery/nuclei/v2/pkg/testutils"
+)
+
+var dslTestcases = []TestCaseInfo{
+	{Path: "dsl/hide-version-warning.yaml", TestCase: &dslVersionWarning{}},
+	{Path: "dsl/show-version-warning.yaml", TestCase: &dslShowVersionWarning{}},
+}
+
+var defaultDSLEnvs = []string{"HIDE_TEMPLATE_SIG_WARNING=true"}
+
+type dslVersionWarning struct{}
+
+func (d *dslVersionWarning) Execute(templatePath string) error {
+	router := httprouter.New()
+	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
+		fmt.Fprintf(w, "DSL version parsing warning test")
+	})
+	ts := httptest.NewServer(router)
+	defer ts.Close()
+	results, err := testutils.RunNucleiArgsAndGetErrors(debug, defaultDSLEnvs, "-t", templatePath, "-target", ts.URL, "-v")
+	if err != nil {
+		return err
+	}
+	return expectResultsCount(results, 0)
+}
+
+type dslShowVersionWarning struct{}
+
+func (d *dslShowVersionWarning) Execute(templatePath string) error {
+	router := httprouter.New()
+	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
+		fmt.Fprintf(w, "DSL version parsing warning test")
+	})
+	ts := httptest.NewServer(router)
+	defer ts.Close()
+	results, err := testutils.RunNucleiArgsAndGetErrors(debug, append(defaultDSLEnvs, "SHOW_DSL_ERRORS=true"), "-t", templatePath, "-target", ts.URL, "-v")
+	if err != nil {
+		return err
+	}
+	return expectResultsCount(results, 1)
+}

v2/cmd/integration-test/file.go

@@ -4,10 +4,11 @@ import (
 	"github.com/projectdiscovery/nuclei/v2/pkg/testutils"
 )
 
-var fileTestcases = map[string]testutils.TestCase{
+var fileTestcases = []TestCaseInfo{
-	"protocols/file/matcher-with-or.yaml":  &fileWithOrMatcher{},
+	{Path: "protocols/file/matcher-with-or.yaml", TestCase: &fileWithOrMatcher{}},
-	"protocols/file/matcher-with-and.yaml": &fileWithAndMatcher{},
+	{Path: "protocols/file/matcher-with-and.yaml", TestCase: &fileWithAndMatcher{}},
-	"protocols/file/extract.yaml":          &fileWithExtractor{},
+	{Path: "protocols/file/matcher-with-nested-and.yaml", TestCase: &fileWithAndMatcher{}},
+	{Path: "protocols/file/extract.yaml", TestCase: &fileWithExtractor{}},
 }
 
 type fileWithOrMatcher struct{}

v2/cmd/integration-test/fuzz.go

@@ -12,11 +12,11 @@ import (
 	"github.com/projectdiscovery/nuclei/v2/pkg/testutils"
 )
 
-var fuzzingTestCases = map[string]testutils.TestCase{
+var fuzzingTestCases = []TestCaseInfo{
-	"fuzz/fuzz-mode.yaml":     &fuzzModeOverride{},
+	{Path: "fuzz/fuzz-mode.yaml", TestCase: &fuzzModeOverride{}},
-	"fuzz/fuzz-type.yaml":     &fuzzTypeOverride{},
+	{Path: "fuzz/fuzz-type.yaml", TestCase: &fuzzTypeOverride{}},
-	"fuzz/fuzz-query.yaml":    &httpFuzzQuery{},
+	{Path: "fuzz/fuzz-query.yaml", TestCase: &httpFuzzQuery{}},
-	"fuzz/fuzz-headless.yaml": &HeadlessFuzzingQuery{},
+	{Path: "fuzz/fuzz-headless.yaml", TestCase: &HeadlessFuzzingQuery{}},
 }
 
 type httpFuzzQuery struct{}

v2/cmd/integration-test/generic.go

@@ -13,58 +13,58 @@ import (
 	"github.com/projectdiscovery/nuclei/v2/pkg/testutils"
 )
 
-var genericTestcases = map[string]testutils.TestCase{
+var genericTestcases = []TestCaseInfo{
-	"generic/auth/certificate/http-get.yaml": &clientCertificate{},
+	{Path: "generic/auth/certificate/http-get.yaml", TestCase: &clientCertificate{}},
 }
 
 var (
 	serverCRT = `-----BEGIN CERTIFICATE-----
-MIIDETCCAfkCFHA1RpGfOY5p/vQmeMQ1oRFqH+CGMA0GCSqGSIb3DQEBCwUAMEUx
+MIIDEzCCAfsCFC21Zw7U0tGDyLyMalwfo9cWbL6dMA0GCSqGSIb3DQEBCwUAMEUx
 CzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRl
-cm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMjMwNjIxMDA0MjQ2WhcNMjMwNzIxMDA0
+cm5ldCBXaWRnaXRzIFB0eSBMdGQwIBcNMjMwNzI4MTAwNzI3WhgPMzAwMzA5Mjkx
-MjQ2WjBFMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UE
+MDA3MjdaMEUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYD
-CgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOC
+VQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggEiMA0GCSqGSIb3DQEBAQUA
-AQ8AMIIBCgKCAQEA3VdrKR5hmZ+vyvg6NB2dOL5vEIQ/9DevivnKWqX5mserYLMj
+A4IBDwAwggEKAoIBAQCjMlvOKQX9yn9SOYPJ8p+jeDUU/JWPwT4LRfqaxvvKSnS7
-Wq0knVfogewZnrDe+zVC3kOogBQvYk8Z53kTY9qpJT85dMCuW4xDx0JU+cWHul9a
+NZzd7lS4AR0YTjyjiRj3+t0QnEDHVKBD8cMh9kMXkQ2S0r7psCURLvvZOYt4v6KM
-pzF+bvws4paCWIcsGONyocPAx5g07LbPU9civC80QkQqELo1zYiRU1bX8vRJJqbN
+CyZpBbp8b/pG3aJQHDZjRDOApQrXhx62XJDIs64YKA8NybYOLqNisrWGrfqF4uEz
-TW2mzl9MN3AnCAYTwq8WhVG/1QR3LPQhPR68/1LWrFefQaEWaXT2s+Xv7K7NDXro
+RMgVGlthuQcXo3n2HzobuYN7RsHBzCWGLn9fRMDC2j3IAnQLf4YOznOJ57CjMd2W
-WSba4SgKdFd6fyUVMVr/ioT1KT45TP5jbRrW5JJUTdpkiXaIucrZg39f6F5gTZGA
+mn/yhHK8h9s4iU5zw3+PK+X/IM4GeAfeJMx8c5uq2A8A24uzMidyhxJCK7VUprjK
-U7bNROUMkqrJJngN9+Hp+YH1GpkKgu9EKA30EQIDAQABMA0GCSqGSIb3DQEBCwUA
+/ckdNYya6dkG2De+LR7W82ygfWbFDOnZKM26cPG/AgMBAAEwDQYJKoZIhvcNAQEL
-A4IBAQAw91bxiAi7DIVsKL3k4B0I+50ZKq9VMVNE3YCTPygpfuRiGQvlITZ5I8I5
+BQADggEBAH5+Wdb/1jgBhihN6Pb6SWJmDvwkOEP3t00E3fBao4TDqdDOhPsLYrAm
-3Ok2wWltgKx6EnicHIlLg42yRj7j3mdgOLMFMrUCfJmdogwnS+k6veG3G1RHUs9r
+8gt16OcGrrXDQA3bi79mAVqAqCvaf4hk0vSI0L4rNcCSP4D3fUBjRO3fY3fM4Qw8
-ATfX49u/hEX2pe7Rvx2VYVIugwrQESgQ21iaf6uUMsrq6W8eYZ31as1nJKpqIGbu
+xg9AusF5hRrvzFbEak7lPJ01kLOJEgBA1l457HrLnXcpDTml8Y46WqdWa6yVM33l
-W1fZMSi0RIUJP+mpVBE82IW+gJRi3uKU4HKPqyrU3dviBFdBxb3lNbh34/vdNkIw
+7tNaXWrPwYZYMTcRumIytsYtIJXp/sMLBIT0AO/QR4yarvVOeMSJ1va459PjKLBG
-4H2CfBxEvdwLYAhWDerlm4wWCmjkMiHfBHPBhhOICTkR25a7NFy27h/UDHjVC/6m
+JGGmf2rigaT050e71QOrGyMXgT6xsNjJgzeVhUgPO422mPT692kDi2oB5DA0Fau0
-fGshVSBtxVPJP7kcvZ1scIctvFZZ
+4qm5CMFgmYcC3zQoN53aDs1mHyWeroc=
 -----END CERTIFICATE-----	
 `
 	serverKey = `-----BEGIN PRIVATE KEY-----
-MIIEwAIBADANBgkqhkiG9w0BAQEFAASCBKowggSmAgEAAoIBAQDdV2spHmGZn6/K
+MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQCjMlvOKQX9yn9S
-+Do0HZ04vm8QhD/0N6+K+cpapfmax6tgsyNarSSdV+iB7BmesN77NULeQ6iAFC9i
+OYPJ8p+jeDUU/JWPwT4LRfqaxvvKSnS7NZzd7lS4AR0YTjyjiRj3+t0QnEDHVKBD
-TxnneRNj2qklPzl0wK5bjEPHQlT5xYe6X1qnMX5u/CziloJYhywY43Khw8DHmDTs
+8cMh9kMXkQ2S0r7psCURLvvZOYt4v6KMCyZpBbp8b/pG3aJQHDZjRDOApQrXhx62
-ts9T1yK8LzRCRCoQujXNiJFTVtfy9Ekmps1NbabOX0w3cCcIBhPCrxaFUb/VBHcs
+XJDIs64YKA8NybYOLqNisrWGrfqF4uEzRMgVGlthuQcXo3n2HzobuYN7RsHBzCWG
-9CE9Hrz/UtasV59BoRZpdPaz5e/srs0NeuhZJtrhKAp0V3p/JRUxWv+KhPUpPjlM
+Ln9fRMDC2j3IAnQLf4YOznOJ57CjMd2Wmn/yhHK8h9s4iU5zw3+PK+X/IM4GeAfe
-/mNtGtbkklRN2mSJdoi5ytmDf1/oXmBNkYBTts1E5QySqskmeA334en5gfUamQqC
+JMx8c5uq2A8A24uzMidyhxJCK7VUprjK/ckdNYya6dkG2De+LR7W82ygfWbFDOnZ
-70QoDfQRAgMBAAECggEBALtPsHMSr9vW5Giq2m6iJRwRJGJg2NJukZLVwuYlkW7n
+KM26cPG/AgMBAAECggEAFtRko2J5xBcf2JDTLt0SF/wo8Nak1Ydi9pDDjgNoFdR0
-zGNAFgo1fkfdTfks+Z1u5rTGJPl9XkpNSrAyaqSVtNALCptnvtLMAIGe2Pj2bH0X
+n/vQBfvhPhxpxYysTvRO2eHuKvSw2zGredXIRmf82r8f9vokWuyZQt4fvTOfnzSv
-Kb6R1WCqJOn9ZGq4nkQW2D2Ttb2psCn458jvB9NWu6FvfRUbJFIVk1SFXx6c3pFN
+uIeWx/pVLDM9/8vhePN5aEmSKtzrt1rfoQMx/eGk6RwxfuxI25MKqDP30O9lrHTn
-kPCUudAiscaldUDCiz4FccKGXdRjq6HIeeWqvdErteb6JPTs9QXCHfBql9Esl4rK
+Y0lW7dthgdDMlQnSpOqUm2ldDsykYCBFteh4i5RDzAhiGx1ryaz3FMg+/y0VTTk0
-SHt9RmAFNY+CLExHiFPBR15hHZRtiVkAVrgnPg1CPGAyVG0hGXj7YMMWpAyfFWpn
+BM43qW6H9PD8P4iOau3DGIPNqtIlFSnWoYaM6Ta2osfzzdsnFbe5F7JbdMrf5MBc
-8gWVt7XJ4UX2knUwfU8p8dWe6qwf+AMrhravYJyccoUCgYEA8Ts0kHFnLga8Ewao
+Jq3VMUqffRmHubz7di03qRsRqGYQn2cJeiuVC+y6gQKBgQDYpq3MfMjwzPeoB1Ay
-nyDQs5uYGG0PWkbXqnFVYnMeSbXzyC4ouInIk/eOQABCxdjy3NF9QuYvVLpfLJ+9
+ZQdzx+T290XRxFZwkiv3uugsYMlFGEabdAMFx5oIIOdjWSBLI92RvXbg7qMd/xMC
-a97q1Vyg6lZ4PPuK8ZcPrHFSNNaj4eWNTOMo/Qdzz4bfflTsv8vjeeMxsqb6woXV
+ya/GzbKQd+5GbRLW+TZ0odGkMFkTo+DEkt07yEM8mrPJ6XePUndHbiNFSdpVKx4g
-+E23UKCPlQPf86jugZVdaMtvZKsCgYEA6uR7glji70pVoG/f3soX1vllmVTtiLnh
+KdmiRHinm3R8Lr5/puvISrOdcwKBgQDA1kln9aD1mvIdObI6MubPitb+NuNcpVDo
-zYMmwPyTRDvoGgg/nGK+GCq//Xyn8D900hbX8KKqGX7ca5FGk5pOpW/QE9uLcuWK
+myc1UrEJbcn8nBbLb+0Q+7gckjau2C8GN7Olnd8RCYLc7kU1On2pY+f19Ru/PdZX
-xcy8KAc05k1u4VaS5loWKnPGWreIpj3RbCfbPs5X/jBC+fPIA4Q8Qor5ZGdqVBvW
+cjCCTcxqCJvWkNWOzw14ag6UrDTF5nxtoVl/eXbHxWqFjdt0a211sa1mp3Gn3ZNq
-IKejnNqasjMCgYEAqltPUbpkTWLAKweGyWnZOR3mmUlbkDt7Toje7bmyaAew82t1
+m/teImYHhQKBgQCzWUA1MPPzi+pU2kEEhugla8xauha9cUiRhiAJw1uiKTlVDqSc
-omzbU3N958DHZwVA7aSbu0TnpARB9jeRA77XRHo3wYXzP828X8R4cyVMEriJ35vG
+2ewKo9MaeYqzjruSGI26sVqxGDxGf7tQKoBuFiiFOhMxj+fxuHrhEHiI8FE9VgOj
-38eESLyckrAC4SqETyZjrM4/aJT3fawaYVIw5SWegHPOEjr4xFaBMuKH9iUCgYEA
+F2U3sTAgAn1lX/VO21jM9BsUp++rY7dbrulwUDiFn8ZNazDeYeN8eoK4iwKBgQCb
-wFpC2kc374UMAcobpjIQu7aYAKyPqDuwMb+I6NjtMB9uvoKqtMIXsWqwtkBytkcA
+cqJN+YW9NyCBSqdPnwTMvSE+YES7xFAKkjfzFiu8bBJtXe5KJHm4PRJXhc4q9/5A
-v1p9k01hxmcg0eWxygW/CbM6zkgnNfvLXJeALbdZFo+qkVV4DrMPG8ybToalnJ1a
+Rtq8YR0WgNJLApArrnDqAa1Vajbp3RFSAKz1/X0Q5MurFanxqxsyvFvwoTkRZxFa
-9hrda91GKZ4T+uQrktWjE0sDV7loVWBGRY+CaFyL+gkCgYEA3Z0j8VOLJnAKdCDp
+1rxstB96Prv12TrVCFx+ibI8lDJcnZNeV0s0wQn6eQKBgQDXkfPuX5TFBpNe1bWI
-3N74460pykwJ2suEYSJG6glXfU3fZ5VwAYjimxgD0S2VU4qK8PYBfa/oFH2vRX5p
+KUFmw9R1ynmUlIOaU3ITLv9C+w8zaJSpxFDZgJdv3uT8PfnXrsHm+lWjaOunvjri
-11dWQWbfBdREO70UmJD4Pr6g3q9AF6DXLXb7dVm4y+hX065Xshk8oIuITVyO/XVK
+quZSc06mLlEbggYoIFQNPeNPRyN0+GLvefMS3mCotzanZTmD5GrH9XG451tVPiH9
-wWqBD5GScI+Q7PLMes7aqtsDDJI=
+G/lpNA1ccRCCsLslcG/aaa5PQw==
 -----END PRIVATE KEY-----	
 `
 )

v2/cmd/integration-test/headless.go

@@ -10,14 +10,14 @@ import (
 	"github.com/projectdiscovery/nuclei/v2/pkg/testutils"
 )
 
-var headlessTestcases = map[string]testutils.TestCase{
+var headlessTestcases = []TestCaseInfo{
-	"protocols/headless/headless-basic.yaml":              &headlessBasic{},
+	{Path: "protocols/headless/headless-basic.yaml", TestCase: &headlessBasic{}},
-	"protocols/headless/headless-header-action.yaml":      &headlessHeaderActions{},
+	{Path: "protocols/headless/headless-header-action.yaml", TestCase: &headlessHeaderActions{}},
-	"protocols/headless/headless-extract-values.yaml":     &headlessExtractValues{},
+	{Path: "protocols/headless/headless-extract-values.yaml", TestCase: &headlessExtractValues{}},
-	"protocols/headless/headless-payloads.yaml":           &headlessPayloads{},
+	{Path: "protocols/headless/headless-payloads.yaml", TestCase: &headlessPayloads{}},
-	"protocols/headless/variables.yaml":                   &headlessVariables{},
+	{Path: "protocols/headless/variables.yaml", TestCase: &headlessVariables{}},
-	"protocols/headless/file-upload.yaml":                 &headlessFileUpload{},
+	{Path: "protocols/headless/file-upload.yaml", TestCase: &headlessFileUpload{}},
-	"protocols/headless/headless-header-status-test.yaml": &headlessHeaderStatus{},
+	{Path: "protocols/headless/headless-header-status-test.yaml", TestCase: &headlessHeaderStatus{}},
 }
 
 type headlessBasic struct{}

v2/cmd/integration-test/http.go

@@ -26,57 +26,60 @@ import (
 	stringsutil "github.com/projectdiscovery/utils/strings"
 )
 
-var httpTestcases = map[string]testutils.TestCase{
+var httpTestcases = []TestCaseInfo{
-	"protocols/http/get-headers.yaml":                                  &httpGetHeaders{},
+	// TODO: excluded due to parsing errors with console
-	"protocols/http/get-query-string.yaml":                             &httpGetQueryString{},
+	// "http/raw-unsafe-request.yaml":                  &httpRawUnsafeRequest{},
-	"protocols/http/get-redirects.yaml":                                &httpGetRedirects{},
+	{Path: "protocols/http/get-headers.yaml", TestCase: &httpGetHeaders{}},
-	"protocols/http/get-host-redirects.yaml":                           &httpGetHostRedirects{},
+	{Path: "protocols/http/get-query-string.yaml", TestCase: &httpGetQueryString{}},
-	"protocols/http/disable-redirects.yaml":                            &httpDisableRedirects{},
+	{Path: "protocols/http/get-redirects.yaml", TestCase: &httpGetRedirects{}},
-	"protocols/http/get.yaml":                                          &httpGet{},
+	{Path: "protocols/http/get-host-redirects.yaml", TestCase: &httpGetHostRedirects{}},
-	"protocols/http/post-body.yaml":                                    &httpPostBody{},
+	{Path: "protocols/http/disable-redirects.yaml", TestCase: &httpDisableRedirects{}},
-	"protocols/http/post-json-body.yaml":                               &httpPostJSONBody{},
+	{Path: "protocols/http/get.yaml", TestCase: &httpGet{}},
-	"protocols/http/post-multipart-body.yaml":                          &httpPostMultipartBody{},
+	{Path: "protocols/http/post-body.yaml", TestCase: &httpPostBody{}},
-	"protocols/http/raw-cookie-reuse.yaml":                             &httpRawCookieReuse{},
+	{Path: "protocols/http/post-json-body.yaml", TestCase: &httpPostJSONBody{}},
-	"protocols/http/raw-dynamic-extractor.yaml":                        &httpRawDynamicExtractor{},
+	{Path: "protocols/http/post-multipart-body.yaml", TestCase: &httpPostMultipartBody{}},
-	"protocols/http/raw-get-query.yaml":                                &httpRawGetQuery{},
+	{Path: "protocols/http/raw-cookie-reuse.yaml", TestCase: &httpRawCookieReuse{}},
-	"protocols/http/raw-get.yaml":                                      &httpRawGet{},
+	{Path: "protocols/http/raw-dynamic-extractor.yaml", TestCase: &httpRawDynamicExtractor{}},
-	"protocols/http/raw-with-params.yaml":                              &httpRawWithParams{},
+	{Path: "protocols/http/raw-get-query.yaml", TestCase: &httpRawGetQuery{}},
-	"protocols/http/raw-unsafe-with-params.yaml":                       &httpRawWithParams{}, // Not a typo, functionality is same as above
+	{Path: "protocols/http/raw-get.yaml", TestCase: &httpRawGet{}},
-	"protocols/http/raw-path-trailing-slash.yaml":                      &httpRawPathTrailingSlash{},
+	{Path: "protocols/http/raw-with-params.yaml", TestCase: &httpRawWithParams{}},
-	"protocols/http/raw-payload.yaml":                                  &httpRawPayload{},
+	{Path: "protocols/http/raw-unsafe-with-params.yaml", TestCase: &httpRawWithParams{}}, // Not a typo, functionality is same as above
-	"protocols/http/raw-post-body.yaml":                                &httpRawPostBody{},
+	{Path: "protocols/http/raw-path-trailing-slash.yaml", TestCase: &httpRawPathTrailingSlash{}},
-	"protocols/http/raw-unsafe-path.yaml":                              &httpRawUnsafePath{},
+	{Path: "protocols/http/raw-payload.yaml", TestCase: &httpRawPayload{}},
-	"protocols/http/http-paths.yaml":                                   &httpPaths{},
+	{Path: "protocols/http/raw-post-body.yaml", TestCase: &httpRawPostBody{}},
-	"protocols/http/request-condition.yaml":                            &httpRequestCondition{},
+	{Path: "protocols/http/raw-unsafe-path.yaml", TestCase: &httpRawUnsafePath{}},
-	"protocols/http/request-condition-new.yaml":                        &httpRequestCondition{},
+	{Path: "protocols/http/http-paths.yaml", TestCase: &httpPaths{}},
-	"protocols/http/self-contained.yaml":                               &httpRequestSelfContained{},
+	{Path: "protocols/http/request-condition.yaml", TestCase: &httpRequestCondition{}},
-	"protocols/http/self-contained-with-path.yaml":                     &httpRequestSelfContained{}, // Not a typo, functionality is same as above
+	{Path: "protocols/http/request-condition-new.yaml", TestCase: &httpRequestCondition{}},
-	"protocols/http/self-contained-with-params.yaml":                   &httpRequestSelfContainedWithParams{},
+	{Path: "protocols/http/self-contained.yaml", TestCase: &httpRequestSelfContained{}},
-	"protocols/http/self-contained-file-input.yaml":                    &httpRequestSelfContainedFileInput{},
+	{Path: "protocols/http/self-contained-with-path.yaml", TestCase: &httpRequestSelfContained{}}, // Not a typo, functionality is same as above
-	"protocols/http/get-case-insensitive.yaml":                         &httpGetCaseInsensitive{},
+	{Path: "protocols/http/self-contained-with-params.yaml", TestCase: &httpRequestSelfContainedWithParams{}},
-	"protocols/http/get.yaml,protocols/http/get-case-insensitive.yaml": &httpGetCaseInsensitiveCluster{},
+	{Path: "protocols/http/self-contained-file-input.yaml", TestCase: &httpRequestSelfContainedFileInput{}},
-	"protocols/http/get-redirects-chain-headers.yaml":                  &httpGetRedirectsChainHeaders{},
+	{Path: "protocols/http/get-case-insensitive.yaml", TestCase: &httpGetCaseInsensitive{}},
-	"protocols/http/dsl-matcher-variable.yaml":                         &httpDSLVariable{},
+	{Path: "protocols/http/get.yaml,protocols/http/get-case-insensitive.yaml", TestCase: &httpGetCaseInsensitiveCluster{}},
-	"protocols/http/dsl-functions.yaml":                                &httpDSLFunctions{},
+	{Path: "protocols/http/get-redirects-chain-headers.yaml", TestCase: &httpGetRedirectsChainHeaders{}},
-	"protocols/http/race-simple.yaml":                                  &httpRaceSimple{},
+	{Path: "protocols/http/dsl-matcher-variable.yaml", TestCase: &httpDSLVariable{}},
-	"protocols/http/race-multiple.yaml":                                &httpRaceMultiple{},
+	{Path: "protocols/http/dsl-functions.yaml", TestCase: &httpDSLFunctions{}},
-	"protocols/http/stop-at-first-match.yaml":                          &httpStopAtFirstMatch{},
+	{Path: "protocols/http/race-simple.yaml", TestCase: &httpRaceSimple{}},
-	"protocols/http/stop-at-first-match-with-extractors.yaml":          &httpStopAtFirstMatchWithExtractors{},
+	{Path: "protocols/http/race-multiple.yaml", TestCase: &httpRaceMultiple{}},
-	"protocols/http/variables.yaml":                                    &httpVariables{},
+	{Path: "protocols/http/stop-at-first-match.yaml", TestCase: &httpStopAtFirstMatch{}},
-	"protocols/http/variable-dsl-function.yaml":                        &httpVariableDSLFunction{},
+	{Path: "protocols/http/stop-at-first-match-with-extractors.yaml", TestCase: &httpStopAtFirstMatchWithExtractors{}},
-	"protocols/http/get-override-sni.yaml":                             &httpSniAnnotation{},
+	{Path: "protocols/http/variables.yaml", TestCase: &httpVariables{}},
-	"protocols/http/get-sni.yaml":                                      &customCLISNI{},
+	{Path: "protocols/http/variable-dsl-function.yaml", TestCase: &httpVariableDSLFunction{}},
-	"protocols/http/redirect-match-url.yaml":                           &httpRedirectMatchURL{},
+	{Path: "protocols/http/get-override-sni.yaml", TestCase: &httpSniAnnotation{}},
-	"protocols/http/get-sni-unsafe.yaml":                               &customCLISNIUnsafe{},
+	{Path: "protocols/http/get-sni.yaml", TestCase: &customCLISNI{}},
-	"protocols/http/annotation-timeout.yaml":                           &annotationTimeout{},
+	{Path: "protocols/http/redirect-match-url.yaml", TestCase: &httpRedirectMatchURL{}},
-	"protocols/http/custom-attack-type.yaml":                           &customAttackType{},
+	{Path: "protocols/http/get-sni-unsafe.yaml", TestCase: &customCLISNIUnsafe{}},
-	"protocols/http/get-all-ips.yaml":                                  &scanAllIPS{},
+	{Path: "protocols/http/annotation-timeout.yaml", TestCase: &annotationTimeout{}},
-	"protocols/http/get-without-scheme.yaml":                           &httpGetWithoutScheme{},
+	{Path: "protocols/http/custom-attack-type.yaml", TestCase: &customAttackType{}},
-	"protocols/http/cl-body-without-header.yaml":                       &httpCLBodyWithoutHeader{},
+	{Path: "protocols/http/get-all-ips.yaml", TestCase: &scanAllIPS{}},
-	"protocols/http/cl-body-with-header.yaml":                          &httpCLBodyWithHeader{},
+	{Path: "protocols/http/get-without-scheme.yaml", TestCase: &httpGetWithoutScheme{}},
-	"protocols/http/save-extractor-values-to-file.yaml":                &httpSaveExtractorValuesToFile{},
+	{Path: "protocols/http/cl-body-without-header.yaml", TestCase: &httpCLBodyWithoutHeader{}},
-	"protocols/http/cli-with-constants.yaml":                           &ConstantWithCliVar{},
+	{Path: "protocols/http/cl-body-with-header.yaml", TestCase: &httpCLBodyWithHeader{}},
-	"protocols/http/disable-path-automerge.yaml":              &httpDisablePathAutomerge{},
+	{Path: "protocols/http/save-extractor-values-to-file.yaml", TestCase: &httpSaveExtractorValuesToFile{}},
+	{Path: "protocols/http/cli-with-constants.yaml", TestCase: &ConstantWithCliVar{}},
+	{Path: "protocols/http/matcher-status.yaml", TestCase: &matcherStatusTest{}},
+	{Path: "protocols/http/disable-path-automerge.yaml", TestCase: &httpDisablePathAutomerge{}},
 }
 
 type httpInteractshRequest struct{}
@@ -169,7 +172,7 @@ func (h *httpInteractshStopAtFirstMatchRequest) Execute(filePath string) error {
 	if err != nil {
 		return err
 	}
-	// polling is asyncronous, so the interactions may be retrieved after the first request
+	// polling is asynchronous, so the interactions may be retrieved after the first request
 	return expectResultsCount(results, 1)
 }
 
@@ -359,7 +362,7 @@ func (h *httpDSLFunctions) Execute(filePath string) error {
 	resultPart = stringsutil.TrimPrefixAny(resultPart, "/", " ", "[")
 
 	extracted := strings.Split(resultPart, ",")
-	numberOfDslFunctions := 87
+	numberOfDslFunctions := 88
 	if len(extracted) != numberOfDslFunctions {
 		return errors.New("incorrect number of results")
 	}
@@ -1423,6 +1426,24 @@ func (h *ConstantWithCliVar) Execute(filePath string) error {
 	return expectResultsCount(got, 1)
 }
 
+type matcherStatusTest struct{}
+
+// Execute executes a test case and returns an error if occurred
+func (h *matcherStatusTest) Execute(filePath string) error {
+	router := httprouter.New()
+	router.GET("/200", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
+		w.WriteHeader(http.StatusOK)
+	})
+	ts := httptest.NewServer(router)
+	defer ts.Close()
+
+	results, err := testutils.RunNucleiTemplateAndGetResults(filePath, ts.URL, debug, "-ms")
+	if err != nil {
+		return err
+	}
+	return expectResultsCount(results, 1)
+}
+
 // disable path automerge in raw request
 type httpDisablePathAutomerge struct{}
 

v2/cmd/integration-test/integration-test.go

@@ -4,7 +4,7 @@ import (
 	"flag"
 	"fmt"
 	"os"
-	"sort"
+	"runtime"
 	"strings"
 
 	"github.com/logrusorgru/aurora"
@@ -13,6 +13,12 @@ import (
 	sliceutil "github.com/projectdiscovery/utils/slice"
 )
 
+type TestCaseInfo struct {
+	Path      string
+	TestCase  testutils.TestCase
+	DisableOn func() bool
+}
+
 var (
 	debug        = os.Getenv("DEBUG") == "true"
 	githubAction = os.Getenv("GH_ACTION") == "true"
@@ -21,7 +27,7 @@ var (
 	success = aurora.Green("[✓]").String()
 	failed  = aurora.Red("[✘]").String()
 
-	protocolTests = map[string]map[string]testutils.TestCase{
+	protocolTests = map[string][]TestCaseInfo{
 		"http":            httpTestcases,
 		"interactsh":      interactshTestCases,
 		"network":         networkTestcases,
@@ -42,6 +48,7 @@ var (
 		"code":            codeTestCases,
 		"multi":           multiProtoTestcases,
 		"generic":         genericTestcases,
+		"dsl":             dslTestcases,
 	}
 
 	// For debug purposes
@@ -100,18 +107,18 @@ func executeWithRetry(testCase testutils.TestCase, templatePath string, retryCou
 }
 
 func debugTests() {
-	keys := getMapKeys(protocolTests[runProtocol])
+	testCaseInfos := protocolTests[runProtocol]
-	for _, tpath := range keys {
+	for _, testCaseInfo := range testCaseInfos {
-		testcase := protocolTests[runProtocol][tpath]
+		if (runTemplate != "" && !strings.Contains(testCaseInfo.Path, runTemplate)) ||
-		if runTemplate != "" && !strings.Contains(tpath, runTemplate) {
+			(testCaseInfo.DisableOn != nil && testCaseInfo.DisableOn()) {
 			continue
 		}
 		if runProtocol == "interactsh" {
-			if _, err := executeWithRetry(testcase, tpath, interactshRetryCount); err != nil {
+			if _, err := executeWithRetry(testCaseInfo.TestCase, testCaseInfo.Path, interactshRetryCount); err != nil {
 				fmt.Printf("\n%v", err.Error())
 			}
 		} else {
-			if _, err := execute(testcase, tpath); err != nil {
+			if _, err := execute(testCaseInfo.TestCase, testCaseInfo.Path); err != nil {
 				fmt.Printf("\n%v", err.Error())
 			}
 		}
@@ -121,21 +128,22 @@ func debugTests() {
 func runTests(customTemplatePaths []string) []string {
 	var failedTestTemplatePaths []string
 
-	for proto, testCases := range protocolTests {
+	for proto, testCaseInfos := range protocolTests {
 		if len(customTemplatePaths) == 0 {
 			fmt.Printf("Running test cases for %q protocol\n", aurora.Blue(proto))
 		}
-		keys := getMapKeys(testCases)
+		for _, testCaseInfo := range testCaseInfos {
-
+			if testCaseInfo.DisableOn != nil && testCaseInfo.DisableOn() {
-		for _, templatePath := range keys {
+				fmt.Printf("skipping test case %v. disabled on %v.\n", aurora.Blue(testCaseInfo.Path), runtime.GOOS)
-			testCase := testCases[templatePath]
+				continue
-			if len(customTemplatePaths) == 0 || sliceutil.Contains(customTemplatePaths, templatePath) {
+			}
+			if len(customTemplatePaths) == 0 || sliceutil.Contains(customTemplatePaths, testCaseInfo.Path) {
 				var failedTemplatePath string
 				var err error
-				if proto == "interactsh" || strings.Contains(templatePath, "interactsh") {
+				if proto == "interactsh" || strings.Contains(testCaseInfo.Path, "interactsh") {
-					failedTemplatePath, err = executeWithRetry(testCase, templatePath, interactshRetryCount)
+					failedTemplatePath, err = executeWithRetry(testCaseInfo.TestCase, testCaseInfo.Path, interactshRetryCount)
 				} else {
-					failedTemplatePath, err = execute(testCase, templatePath)
+					failedTemplatePath, err = execute(testCaseInfo.TestCase, testCaseInfo.Path)
 				}
 				if err != nil {
 					failedTestTemplatePaths = append(failedTestTemplatePaths, failedTemplatePath)
@@ -170,12 +178,3 @@ func normalizeSplit(str string) []string {
 		return r == ','
 	})
 }
-
-func getMapKeys[T any](testcases map[string]T) []string {
-	keys := make([]string, 0, len(testcases))
-	for k := range testcases {
-		keys = append(keys, k)
-	}
-	sort.Strings(keys)
-	return keys
-}

v2/cmd/integration-test/interactsh.go

@@ -1,10 +1,10 @@
 package main
 
-import "github.com/projectdiscovery/nuclei/v2/pkg/testutils"
+import osutils "github.com/projectdiscovery/utils/os"
 
 // All Interactsh related testcases
-var interactshTestCases = map[string]testutils.TestCase{
+var interactshTestCases = []TestCaseInfo{
-	"protocols/http/interactsh.yaml":                     &httpInteractshRequest{},
+	{Path: "protocols/http/interactsh.yaml", TestCase: &httpInteractshRequest{}, DisableOn: func() bool { return osutils.IsWindows() || osutils.IsOSX() }},
-	"protocols/http/interactsh-stop-at-first-match.yaml": &httpInteractshStopAtFirstMatchRequest{},
+	{Path: "protocols/http/interactsh-stop-at-first-match.yaml", TestCase: &httpInteractshStopAtFirstMatchRequest{}, DisableOn: func() bool { return osutils.IsWindows() || osutils.IsOSX() }},
-	"protocols/http/default-matcher-condition.yaml":      &httpDefaultMatcherCondition{},
+	{Path: "protocols/http/default-matcher-condition.yaml", TestCase: &httpDefaultMatcherCondition{}, DisableOn: func() bool { return osutils.IsWindows() || osutils.IsOSX() }},
 }

v2/cmd/integration-test/library.go

@@ -34,9 +34,9 @@ import (
 	"github.com/projectdiscovery/ratelimit"
 )
 
-var libraryTestcases = map[string]testutils.TestCase{
+var libraryTestcases = []TestCaseInfo{
-	"library/test.yaml": &goIntegrationTest{},
+	{Path: "library/test.yaml", TestCase: &goIntegrationTest{}},
-	"library/test.json": &goIntegrationTest{},
+	{Path: "library/test.json", TestCase: &goIntegrationTest{}},
 }
 
 type goIntegrationTest struct{}

v2/cmd/integration-test/loader.go

@@ -12,13 +12,13 @@ import (
 	"github.com/projectdiscovery/nuclei/v2/pkg/testutils"
 )
 
-var loaderTestcases = map[string]testutils.TestCase{
+var loaderTestcases = []TestCaseInfo{
-	"loader/template-list.yaml":             &remoteTemplateList{},
+	{Path: "loader/template-list.yaml", TestCase: &remoteTemplateList{}},
-	"loader/workflow-list.yaml":             &remoteWorkflowList{},
+	{Path: "loader/workflow-list.yaml", TestCase: &remoteWorkflowList{}},
-	"loader/excluded-template.yaml":         &excludedTemplate{},
+	{Path: "loader/excluded-template.yaml", TestCase: &excludedTemplate{}},
-	"loader/nonexistent-template-list.yaml": &nonExistentTemplateList{},
+	{Path: "loader/nonexistent-template-list.yaml", TestCase: &nonExistentTemplateList{}},
-	"loader/nonexistent-workflow-list.yaml": &nonExistentWorkflowList{},
+	{Path: "loader/nonexistent-workflow-list.yaml", TestCase: &nonExistentWorkflowList{}},
-	"loader/template-list-not-allowed.yaml": &remoteTemplateListNotAllowed{},
+	{Path: "loader/template-list-not-allowed.yaml", TestCase: &remoteTemplateListNotAllowed{}},
 }
 
 type remoteTemplateList struct{}

v2/cmd/integration-test/multi.go

@@ -2,10 +2,10 @@ package main
 
 import "github.com/projectdiscovery/nuclei/v2/pkg/testutils"
 
-var multiProtoTestcases = map[string]testutils.TestCase{
+var multiProtoTestcases = []TestCaseInfo{
-	"multi/dynamic-values.yaml":         &multiProtoDynamicExtractor{},
+	{Path: "protocols/multi/dynamic-values.yaml", TestCase: &multiProtoDynamicExtractor{}},
-	"multi/evaluate-variables.yaml":     &multiProtoDynamicExtractor{}, // Not a typo execution is same as above testcase
+	{Path: "protocols/multi/evaluate-variables.yaml", TestCase: &multiProtoDynamicExtractor{}},
-	"multi/exported-response-vars.yaml": &multiProtoDynamicExtractor{}, // Not a typo execution is same as above testcase
+	{Path: "protocols/multi/exported-response-vars.yaml", TestCase: &multiProtoDynamicExtractor{}},
 }
 
 type multiProtoDynamicExtractor struct{}

v2/cmd/integration-test/network.go

@@ -4,14 +4,16 @@ import (
 	"net"
 
 	"github.com/projectdiscovery/nuclei/v2/pkg/testutils"
+	osutils "github.com/projectdiscovery/utils/os"
 )
 
-var networkTestcases = map[string]testutils.TestCase{
+var networkTestcases = []TestCaseInfo{
-	"protocols/network/basic.yaml":          &networkBasic{},
+	{Path: "protocols/network/basic.yaml", TestCase: &networkBasic{}, DisableOn: func() bool { return osutils.IsWindows() }},
-	"protocols/network/hex.yaml":            &networkBasic{},
+	{Path: "protocols/network/hex.yaml", TestCase: &networkBasic{}, DisableOn: func() bool { return osutils.IsWindows() }},
-	"protocols/network/multi-step.yaml":     &networkMultiStep{},
+	{Path: "protocols/network/multi-step.yaml", TestCase: &networkMultiStep{}},
-	"protocols/network/self-contained.yaml": &networkRequestSelContained{},
+	{Path: "protocols/network/self-contained.yaml", TestCase: &networkRequestSelContained{}},
-	"protocols/network/variables.yaml":      &networkVariables{},
+	{Path: "protocols/network/variables.yaml", TestCase: &networkVariables{}},
+	{Path: "protocols/network/same-address.yaml", TestCase: &networkBasic{}},
 }
 
 const defaultStaticPort = 5431

v2/cmd/integration-test/offline-http.go

@@ -6,10 +6,10 @@ import (
 	"github.com/projectdiscovery/nuclei/v2/pkg/testutils"
 )
 
-var offlineHttpTestcases = map[string]testutils.TestCase{
+var offlineHttpTestcases = []TestCaseInfo{
-	"protocols/offlinehttp/rfc-req-resp.yaml":          &RfcRequestResponse{},
+	{Path: "protocols/offlinehttp/rfc-req-resp.yaml", TestCase: &RfcRequestResponse{}},
-	"protocols/offlinehttp/offline-allowed-paths.yaml": &RequestResponseWithAllowedPaths{},
+	{Path: "protocols/offlinehttp/offline-allowed-paths.yaml", TestCase: &RequestResponseWithAllowedPaths{}},
-	"protocols/offlinehttp/offline-raw.yaml":           &RawRequestResponse{},
+	{Path: "protocols/offlinehttp/offline-raw.yaml", TestCase: &RawRequestResponse{}},
 }
 
 type RfcRequestResponse struct{}

v2/cmd/integration-test/ssl.go

@@ -7,12 +7,12 @@ import (
 	"github.com/projectdiscovery/nuclei/v2/pkg/testutils"
 )
 
-var sslTestcases = map[string]testutils.TestCase{
+var sslTestcases = []TestCaseInfo{
-	"protocols/ssl/basic.yaml":          &sslBasic{},
+	{Path: "protocols/ssl/basic.yaml", TestCase: &sslBasic{}},
-	"protocols/ssl/basic-ztls.yaml":     &sslBasicZtls{},
+	{Path: "protocols/ssl/basic-ztls.yaml", TestCase: &sslBasicZtls{}},
-	"protocols/ssl/custom-cipher.yaml":  &sslCustomCipher{},
+	{Path: "protocols/ssl/custom-cipher.yaml", TestCase: &sslCustomCipher{}},
-	"protocols/ssl/custom-version.yaml": &sslCustomVersion{},
+	{Path: "protocols/ssl/custom-version.yaml", TestCase: &sslCustomVersion{}},
-	"protocols/ssl/ssl-with-vars.yaml":  &sslWithVars{},
+	{Path: "protocols/ssl/ssl-with-vars.yaml", TestCase: &sslWithVars{}},
 }
 
 type sslBasic struct{}

v2/cmd/integration-test/template-dir.go

@@ -7,8 +7,8 @@ import (
 	errorutil "github.com/projectdiscovery/utils/errors"
 )
 
-var templatesDirTestCases = map[string]testutils.TestCase{
+var templatesDirTestCases = []TestCaseInfo{
-	"protocols/dns/cname-fingerprint.yaml": &templateDirWithTargetTest{},
+	{Path: "protocols/dns/cname-fingerprint.yaml", TestCase: &templateDirWithTargetTest{}},
 }
 
 type templateDirWithTargetTest struct{}

v2/cmd/integration-test/template-path.go

@@ -12,15 +12,15 @@ func getTemplatePath() string {
 	return config.DefaultConfig.TemplatesDirectory
 }
 
-var templatesPathTestCases = map[string]testutils.TestCase{
+var templatesPathTestCases = []TestCaseInfo{
 	//template folder path issue
-	"protocols/http/get.yaml": &folderPathTemplateTest{},
+	{Path: "protocols/http/get.yaml", TestCase: &folderPathTemplateTest{}},
 	//cwd
-	"./protocols/dns/cname-fingerprint.yaml": &cwdTemplateTest{},
+	{Path: "./dns/cname-fingerprint.yaml", TestCase: &cwdTemplateTest{}},
 	//relative path
-	"protocols/dns/cname-fingerprint.yaml": &relativePathTemplateTest{},
+	{Path: "dns/dns-saas-service-detection.yaml", TestCase: &relativePathTemplateTest{}},
 	//absolute path
-	fmt.Sprintf("%v/dns/cname-fingerprint.yaml", getTemplatePath()): &absolutePathTemplateTest{},
+	{Path: fmt.Sprintf("%v/dns/dns-saas-service-detection.yaml", getTemplatePath()), TestCase: &absolutePathTemplateTest{}},
 }
 
 type cwdTemplateTest struct{}

v2/cmd/integration-test/websocket.go

@@ -9,11 +9,11 @@ import (
 	"github.com/projectdiscovery/nuclei/v2/pkg/testutils"
 )
 
-var websocketTestCases = map[string]testutils.TestCase{
+var websocketTestCases = []TestCaseInfo{
-	"protocols/websocket/basic.yaml":    &websocketBasic{},
+	{Path: "protocols/websocket/basic.yaml", TestCase: &websocketBasic{}},
-	"protocols/websocket/cswsh.yaml":    &websocketCswsh{},
+	{Path: "protocols/websocket/cswsh.yaml", TestCase: &websocketCswsh{}},
-	"protocols/websocket/no-cswsh.yaml": &websocketNoCswsh{},
+	{Path: "protocols/websocket/no-cswsh.yaml", TestCase: &websocketNoCswsh{}},
-	"protocols/websocket/path.yaml":     &websocketWithPath{},
+	{Path: "protocols/websocket/path.yaml", TestCase: &websocketWithPath{}},
 }
 
 type websocketBasic struct{}

v2/cmd/integration-test/whois.go

@@ -4,8 +4,8 @@ import (
 	"github.com/projectdiscovery/nuclei/v2/pkg/testutils"
 )
 
-var whoisTestCases = map[string]testutils.TestCase{
+var whoisTestCases = []TestCaseInfo{
-	"protocols/whois/basic.yaml": &whoisBasic{},
+	{Path: "protocols/whois/basic.yaml", TestCase: &whoisBasic{}},
 }
 
 type whoisBasic struct{}

v2/cmd/integration-test/workflow.go

@@ -11,14 +11,14 @@ import (
 	"github.com/projectdiscovery/nuclei/v2/pkg/testutils"
 )
 
-var workflowTestcases = map[string]testutils.TestCase{
+var workflowTestcases = []TestCaseInfo{
-	"workflow/basic.yaml":                     &workflowBasic{},
+	{Path: "workflow/basic.yaml", TestCase: &workflowBasic{}},
-	"workflow/condition-matched.yaml":         &workflowConditionMatched{},
+	{Path: "workflow/condition-matched.yaml", TestCase: &workflowConditionMatched{}},
-	"workflow/condition-unmatched.yaml":       &workflowConditionUnmatch{},
+	{Path: "workflow/condition-unmatched.yaml", TestCase: &workflowConditionUnmatch{}},
-	"workflow/matcher-name.yaml":              &workflowMatcherName{},
+	{Path: "workflow/matcher-name.yaml", TestCase: &workflowMatcherName{}},
-	"workflow/http-value-share-workflow.yaml": &workflowHttpKeyValueShare{},
+	{Path: "workflow/http-value-share-workflow.yaml", TestCase: &workflowHttpKeyValueShare{}},
-	"workflow/dns-value-share-workflow.yaml":  &workflowDnsKeyValueShare{},
+	{Path: "workflow/dns-value-share-workflow.yaml", TestCase: &workflowDnsKeyValueShare{}},
-	"workflow/shared-cookie.yaml":             &workflowSharedCookies{},
+	{Path: "workflow/shared-cookie.yaml", TestCase: &workflowSharedCookies{}},
 }
 
 type workflowBasic struct{}

v2/cmd/nuclei/main.go

@@ -204,7 +204,7 @@ on extensive configurability, massive extensibility and ease of use.`)
 		flagSet.StringSliceVar(&options.Tags, "tags", nil, "templates to run based on tags (comma-separated, file)", goflags.FileNormalizedStringSliceOptions),
 		flagSet.StringSliceVarP(&options.ExcludeTags, "exclude-tags", "etags", nil, "templates to exclude based on tags (comma-separated, file)", goflags.FileNormalizedStringSliceOptions),
 		flagSet.StringSliceVarP(&options.IncludeTags, "include-tags", "itags", nil, "tags to be executed even if they are excluded either by default or configuration", goflags.FileNormalizedStringSliceOptions), // TODO show default deny list
-		flagSet.StringSliceVarP(&options.IncludeIds, "template-id", "id", nil, "templates to run based on template ids (comma-separated, file)", goflags.FileNormalizedStringSliceOptions),
+		flagSet.StringSliceVarP(&options.IncludeIds, "template-id", "id", nil, "templates to run based on template ids (comma-separated, file, allow-wildcard)", goflags.FileNormalizedStringSliceOptions),
 		flagSet.StringSliceVarP(&options.ExcludeIds, "exclude-id", "eid", nil, "templates to exclude based on template ids (comma-separated, file)", goflags.FileNormalizedStringSliceOptions),
 		flagSet.StringSliceVarP(&options.IncludeTemplates, "include-templates", "it", nil, "templates to be executed even if they are excluded either by default or configuration", goflags.FileCommaSeparatedStringSliceOptions),
 		flagSet.StringSliceVarP(&options.ExcludedTemplates, "exclude-templates", "et", nil, "template or template directory to exclude (comma-separated, file)", goflags.FileCommaSeparatedStringSliceOptions),
@@ -223,7 +223,8 @@ on extensive configurability, massive extensibility and ease of use.`)
 		flagSet.BoolVar(&options.Silent, "silent", false, "display findings only"),
 		flagSet.BoolVarP(&options.NoColor, "no-color", "nc", false, "disable output content coloring (ANSI escape codes)"),
 		flagSet.BoolVarP(&options.JSONL, "jsonl", "j", false, "write output in JSONL(ines) format"),
-		flagSet.BoolVarP(&options.JSONRequests, "include-rr", "irr", false, "include request/response pairs in the JSONL output (for findings only)"),
+		flagSet.BoolVarP(&options.JSONRequests, "include-rr", "irr", true, "include request/response pairs in the JSON, JSONL, and Markdown outputs (for findings only) [DEPRECATED use `-omit-raw`]"),
+		flagSet.BoolVarP(&options.OmitRawRequests, "omit-raw", "or", false, "omit request/response pairs in the JSON, JSONL, and Markdown outputs (for findings only)"),
 		flagSet.BoolVarP(&options.NoMeta, "no-meta", "nm", false, "disable printing result metadata in cli output"),
 		flagSet.BoolVarP(&options.Timestamp, "timestamp", "ts", false, "enables printing timestamp in cli output"),
 		flagSet.StringVarP(&options.ReportingDB, "report-db", "rdb", "", "nuclei reporting database (always use this to persist report data)"),
@@ -253,9 +254,10 @@ on extensive configurability, massive extensibility and ease of use.`)
 		flagSet.StringVarP(&options.ClientKeyFile, "client-key", "ck", "", "client key file (PEM-encoded) used for authenticating against scanned hosts"),
 		flagSet.StringVarP(&options.ClientCAFile, "client-ca", "ca", "", "client certificate authority file (PEM-encoded) used for authenticating against scanned hosts"),
 		flagSet.BoolVarP(&options.ShowMatchLine, "show-match-line", "sml", false, "show match lines for file templates, works with extractors only"),
-		flagSet.BoolVar(&options.ZTLS, "ztls", false, "use ztls library with autofallback to standard one for tls13"),
+		flagSet.BoolVar(&options.ZTLS, "ztls", false, "use ztls library with autofallback to standard one for tls13 [Deprecated] autofallback to ztls is enabled by default"), //nolint:all
 		flagSet.StringVar(&options.SNI, "sni", "", "tls sni hostname to use (default: input domain name)"),
-		flagSet.BoolVar(&options.Sandbox, "sandbox", false, "sandbox nuclei for safe templates execution"),
+		flagSet.BoolVarP(&options.AllowLocalFileAccess, "allow-local-file-access", "lfa", false, "allows file (payload) access anywhere on the system"),
+		flagSet.BoolVarP(&options.RestrictLocalNetworkAccess, "restrict-local-network-access", "lna", false, "blocks connections to the local / private network"),
 		flagSet.StringVarP(&options.Interface, "interface", "i", "", "network interface to use for network scan"),
 		flagSet.StringVarP(&options.AttackType, "attack-type", "at", "", "type of payload combinations to perform (batteringram,pitchfork,clusterbomb)"),
 		flagSet.StringVarP(&options.SourceIP, "source-ip", "sip", "", "source ip address to use for network scan"),
@@ -323,6 +325,7 @@ on extensive configurability, massive extensibility and ease of use.`)
 		flagSet.BoolVar(&options.Headless, "headless", false, "enable templates that require headless browser support (root user on Linux will disable sandbox)"),
 		flagSet.IntVar(&options.PageTimeout, "page-timeout", 20, "seconds to wait for each page in headless mode"),
 		flagSet.BoolVarP(&options.ShowBrowser, "show-browser", "sb", false, "show the browser on the screen when running templates with headless mode"),
+		flagSet.StringSliceVarP(&options.HeadlessOptionalArguments, "headless-options", "ho", nil, "start headless chrome with additional options", goflags.FileCommaSeparatedStringSliceOptions),
 		flagSet.BoolVarP(&options.UseInstalledChrome, "system-chrome", "sc", false, "use local installed Chrome browser instead of nuclei installed"),
 		flagSet.BoolVarP(&options.ShowActions, "list-headless-action", "lha", false, "list available headless actions"),
 	)
@@ -472,11 +475,11 @@ func printTemplateVersion() {
 	if fileutil.FolderExists(cfg.CustomS3TemplatesDirectory) {
 		gologger.Info().Msgf("Custom S3 templates location: %s\n", cfg.CustomS3TemplatesDirectory)
 	}
-	if fileutil.FolderExists(cfg.CustomGithubTemplatesDirectory) {
+	if fileutil.FolderExists(cfg.CustomGitHubTemplatesDirectory) {
-		gologger.Info().Msgf("Custom Github templates location: %s ", cfg.CustomGithubTemplatesDirectory)
+		gologger.Info().Msgf("Custom GitHub templates location: %s ", cfg.CustomGitHubTemplatesDirectory)
 	}
 	if fileutil.FolderExists(cfg.CustomGitLabTemplatesDirectory) {
-		gologger.Info().Msgf("Custom Gitlab templates location: %s ", cfg.CustomGitLabTemplatesDirectory)
+		gologger.Info().Msgf("Custom GitLab templates location: %s ", cfg.CustomGitLabTemplatesDirectory)
 	}
 	if fileutil.FolderExists(cfg.CustomAzureTemplatesDirectory) {
 		gologger.Info().Msgf("Custom Azure templates location: %s ", cfg.CustomAzureTemplatesDirectory)

v2/cmd/nuclei/test.yaml

@@ -1,18 +0,0 @@
-id: basic-example
-
-info:
-  name: Test HTTP Template
-  author: pdteam
-  severity: info
-
-http:
-  - raw:
-      - |+
-        GET / HTTP/1.1
-        Host: {{Hostname}}
-
-    unsafe: true
-    matchers:
-      - type: dsl
-        dsl:
-          - true

v2/cmd/tmc/main.go

@@ -76,8 +76,6 @@ func init() {
 	}
 }
 
-var idRegex = regexp.MustCompile("id: ([C|c][V|v][E|e]-[0-9]+-[0-9]+)")
-
 type options struct {
 	input        string
 	errorLogFile string
@@ -92,7 +90,7 @@ type options struct {
 func main() {
 	opts := options{}
 	flagSet := goflags.NewFlagSet()
-	flagSet.SetDescription(`TemplateMan CLI is baisc utility built on the TemplateMan API to standardize nuclei templates.`)
+	flagSet.SetDescription(`TemplateMan CLI is basic utility built on the TemplateMan API to standardize nuclei templates.`)
 
 	flagSet.CreateGroup("Input", "input",
 		flagSet.StringVarP(&opts.input, "input", "i", "", "Templates to annotate"),
@@ -206,11 +204,6 @@ func process(opts options) error {
 		}
 
 		if opts.enhance {
-			// currently enhance api only supports cve-id's
-			matches := idRegex.FindAllStringSubmatch(dataString, 1)
-			if len(matches) == 0 {
-				continue
-			}
 			enhancedTemplateData, isEnhanced, err := enhanceTemplate(dataString)
 			if err != nil {
 				gologger.Info().Label("enhance").Msg(logErrMsg(path, err, opts.debug, errFile))

v2/examples/simple.go

@@ -5,12 +5,13 @@ import (
 	"fmt"
 	"log"
 	"os"
-	"path"
+	"path/filepath"
 	"time"
 
 	"github.com/logrusorgru/aurora"
 
 	"github.com/projectdiscovery/goflags"
+	"github.com/projectdiscovery/httpx/common/httpx"
 	"github.com/projectdiscovery/nuclei/v2/pkg/catalog/config"
 	"github.com/projectdiscovery/nuclei/v2/pkg/catalog/disk"
 	"github.com/projectdiscovery/nuclei/v2/pkg/catalog/loader"
@@ -47,7 +48,7 @@ func main() {
 	protocolstate.Init(defaultOpts)
 	protocolinit.Init(defaultOpts)
 
-	defaultOpts.IncludeIds = goflags.StringSlice{"cname-service"}
+	defaultOpts.IncludeIds = goflags.StringSlice{"cname-service", "tech-detect"}
 	defaultOpts.ExcludeTags = config.ReadIgnoreFile().Tags
 
 	interactOpts := interactsh.DefaultOptions(outputWriter, reportingClient, mockProgress)
@@ -58,7 +59,7 @@ func main() {
 	defer interactClient.Close()
 
 	home, _ := os.UserHomeDir()
-	catalog := disk.NewCatalog(path.Join(home, "nuclei-templates"))
+	catalog := disk.NewCatalog(filepath.Join(home, "nuclei-templates"))
 	executerOpts := protocols.ExecutorOptions{
 		Output:          outputWriter,
 		Options:         defaultOpts,
@@ -86,9 +87,20 @@ func main() {
 	}
 	store.Load()
 
+	// flat input without probe
 	inputArgs := []*contextargs.MetaInput{{Input: "docs.hackerone.com"}}
-
 	input := &inputs.SimpleInputProvider{Inputs: inputArgs}
+
+	httpxOptions := httpx.DefaultOptions
+	httpxOptions.Timeout = 5 * time.Second
+	httpxClient, err := httpx.New(&httpxOptions)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	// use httpx to probe the URL => https://scanme.sh
+	input.SetWithProbe("scanme.sh", httpxClient)
+
 	_ = engine.Execute(store.Templates(), input)
 	engine.WorkPool().Wait() // Wait for the scan to finish
 }

v2/gh_retry.sh

@@ -17,7 +17,7 @@ LIMIT=30
 BEFORE="30 mins ago"
 WORKFLOW="Build Test"
 
-# You can add multiple patterns seperated by |
+# You can add multiple patterns separated by |
 GREP_ERROR_PATTERN='Test "http/interactsh.yaml" failed'
 
 #Set fonts for Help.
@@ -81,7 +81,7 @@ function retry_failed_jobs() {
     select ( .conclusion=="failure" ) |
     select ( .updatedAt > $date) ' --arg date "$date" --arg branch "$BRANCH" --arg workflow "$WORKFLOW" | jq .databaseId)
 
-    # convert line seperated by space to array
+    # convert line separated by space to array
     eval "arr=($workflowIds)"
 
     if [[ -z $arr ]]

v2/go.mod

@@ -10,7 +10,7 @@ require (
 	github.com/bluele/gcache v0.0.2
 	github.com/corpix/uarand v0.2.0
 	github.com/go-playground/validator/v10 v10.14.1
-	github.com/go-rod/rod v0.113.0
+	github.com/go-rod/rod v0.114.0
 	github.com/gobwas/ws v1.2.1
 	github.com/google/go-github v17.0.0+incompatible
 	github.com/itchyny/gojq v0.12.13
@@ -20,18 +20,18 @@ require (
 	github.com/miekg/dns v1.1.55
 	github.com/olekukonko/tablewriter v0.0.5
 	github.com/pkg/errors v0.9.1
-	github.com/projectdiscovery/clistats v0.0.18
+	github.com/projectdiscovery/clistats v0.0.19
-	github.com/projectdiscovery/fastdialer v0.0.31
+	github.com/projectdiscovery/fastdialer v0.0.35
 	github.com/projectdiscovery/hmap v0.0.13
 	github.com/projectdiscovery/interactsh v1.1.4
-	github.com/projectdiscovery/rawhttp v0.1.13
+	github.com/projectdiscovery/rawhttp v0.1.18
-	github.com/projectdiscovery/retryabledns v1.0.30
+	github.com/projectdiscovery/retryabledns v1.0.32
-	github.com/projectdiscovery/retryablehttp-go v1.0.18
+	github.com/projectdiscovery/retryablehttp-go v1.0.20
 	github.com/projectdiscovery/yamldoc-go v1.0.4
 	github.com/remeh/sizedwaitgroup v1.0.0
 	github.com/rs/xid v1.5.0
 	github.com/segmentio/ksuid v1.0.4
-	github.com/shirou/gopsutil/v3 v3.23.5 // indirect
+	github.com/shirou/gopsutil/v3 v3.23.6 // indirect
 	github.com/spaolacci/murmur3 v1.1.0 // indirect
 	github.com/spf13/cast v1.5.1
 	github.com/syndtr/goleveldb v1.0.0
@@ -39,26 +39,26 @@ require (
 	github.com/weppos/publicsuffix-go v0.30.1-0.20230422193905-8fecedd899db
 	github.com/xanzy/go-gitlab v0.84.0
 	go.uber.org/multierr v1.11.0
-	golang.org/x/net v0.11.0
+	golang.org/x/net v0.12.0
-	golang.org/x/oauth2 v0.9.0
+	golang.org/x/oauth2 v0.10.0
-	golang.org/x/text v0.10.0
+	golang.org/x/text v0.11.0
 	gopkg.in/yaml.v2 v2.4.0
 	moul.io/http2curl v1.0.0
 )
 
 require (
 	github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.0
-	github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.0.0
+	github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.1.0
 	github.com/DataDog/gostackparse v0.6.0
 	github.com/Masterminds/semver/v3 v3.2.1
 	github.com/Mzack9999/gcache v0.0.0-20230410081825-519e28eab057
 	github.com/antchfx/xmlquery v1.3.15
 	github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2
-	github.com/aws/aws-sdk-go-v2 v1.18.1
+	github.com/aws/aws-sdk-go-v2 v1.19.0
-	github.com/aws/aws-sdk-go-v2/config v1.18.27
+	github.com/aws/aws-sdk-go-v2/config v1.18.28
-	github.com/aws/aws-sdk-go-v2/credentials v1.13.26
+	github.com/aws/aws-sdk-go-v2/credentials v1.13.27
-	github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.67
+	github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.72
-	github.com/aws/aws-sdk-go-v2/service/s3 v1.35.0
+	github.com/aws/aws-sdk-go-v2/service/s3 v1.37.0
 	github.com/docker/go-units v0.5.0
 	github.com/fatih/structs v1.1.0
 	github.com/go-git/go-git/v5 v5.7.0
@@ -66,20 +66,20 @@ require (
 	github.com/klauspost/compress v1.16.6
 	github.com/labstack/echo/v4 v4.10.2
 	github.com/mholt/archiver v3.1.1+incompatible
-	github.com/projectdiscovery/dsl v0.0.11-0.20230621170216-97e70ffb7efd
+	github.com/projectdiscovery/dsl v0.0.16
 	github.com/projectdiscovery/fasttemplate v0.0.2
-	github.com/projectdiscovery/goflags v0.1.10
+	github.com/projectdiscovery/goflags v0.1.12
-	github.com/projectdiscovery/gologger v1.1.10
+	github.com/projectdiscovery/gologger v1.1.11
 	github.com/projectdiscovery/gozero v0.0.0-20230510004414-f1d11fdaf5c6
-	github.com/projectdiscovery/httpx v1.3.0
+	github.com/projectdiscovery/httpx v1.3.4
 	github.com/projectdiscovery/mapcidr v1.1.2
-	github.com/projectdiscovery/ratelimit v0.0.8
+	github.com/projectdiscovery/ratelimit v0.0.9
 	github.com/projectdiscovery/rdap v0.9.1-0.20221108103045-9865884d1917
 	github.com/projectdiscovery/sarif v0.0.1
-	github.com/projectdiscovery/tlsx v1.1.0
+	github.com/projectdiscovery/tlsx v1.1.1
 	github.com/projectdiscovery/uncover v1.0.6-0.20230601103158-bfd7e02a5bb1
-	github.com/projectdiscovery/utils v0.0.39
+	github.com/projectdiscovery/utils v0.0.45-0.20230725161322-28ec1ee0ba40
-	github.com/projectdiscovery/wappalyzergo v0.0.102
+	github.com/projectdiscovery/wappalyzergo v0.0.107
 	github.com/stretchr/testify v1.8.4
 	gopkg.in/src-d/go-git.v4 v4.13.1
 	gopkg.in/yaml.v3 v3.0.1
@@ -92,21 +92,21 @@ require (
 	github.com/AzureAD/microsoft-authentication-library-for-go v1.0.0 // indirect
 	github.com/Mzack9999/gostruct v0.0.0-20230415193108-30b70932da81 // indirect
 	github.com/VividCortex/ewma v1.2.0 // indirect
-	github.com/andybalholm/brotli v1.0.4 // indirect
+	github.com/andybalholm/brotli v1.0.5 // indirect
 	github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.10 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.26 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.27 // indirect
 	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.11 // indirect
-	github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.29 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.30 // indirect
-	github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.14.3 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.14.4 // indirect
 	github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect
 	github.com/bits-and-blooms/bitset v1.3.1 // indirect
 	github.com/bits-and-blooms/bloom/v3 v3.4.0 // indirect
 	github.com/charmbracelet/glamour v0.6.0 // indirect
-	github.com/cheggaaa/pb/v3 v3.1.2 // indirect
+	github.com/cheggaaa/pb/v3 v3.1.4 // indirect
 	github.com/cloudflare/cfssl v1.6.4 // indirect
 	github.com/cloudflare/circl v1.3.3 // indirect
 	github.com/dlclark/regexp2 v1.8.1 // indirect
-	github.com/fatih/color v1.14.1 // indirect
+	github.com/fatih/color v1.15.0 // indirect
 	github.com/gabriel-vasile/mimetype v1.4.2 // indirect
 	github.com/gaukas/godicttls v0.0.3 // indirect
 	github.com/google/certificate-transparency-go v1.1.4 // indirect
@@ -126,10 +126,10 @@ require (
 	github.com/pjbgf/sha1cd v0.3.0 // indirect
 	github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 // indirect
 	github.com/projectdiscovery/asnmap v1.0.4 // indirect
-	github.com/projectdiscovery/cdncheck v1.0.6 // indirect
+	github.com/projectdiscovery/cdncheck v1.0.9 // indirect
 	github.com/projectdiscovery/freeport v0.0.5 // indirect
 	github.com/refraction-networking/utls v1.3.2 // indirect
-	github.com/sashabaranov/go-openai v1.11.2 // indirect
+	github.com/sashabaranov/go-openai v1.14.1 // indirect
 	github.com/shoenig/go-m1cpu v0.1.6 // indirect
 	github.com/skeema/knownhosts v1.1.1 // indirect
 	github.com/smartystreets/assertions v1.0.0 // indirect
@@ -191,7 +191,7 @@ require (
 	github.com/mattn/go-isatty v0.0.19 // indirect
 	github.com/mattn/go-runewidth v0.0.14 // indirect
 	github.com/mholt/acmez v1.0.4 // indirect
-	github.com/microcosm-cc/bluemonday v1.0.24 // indirect
+	github.com/microcosm-cc/bluemonday v1.0.25 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
@@ -212,18 +212,18 @@ require (
 	github.com/ysmood/leakless v0.8.0 // indirect
 	github.com/yusufpapurcu/wmi v1.2.3 // indirect
 	github.com/zmap/rc2 v0.0.0-20190804163417-abaa70531248 // indirect
-	github.com/zmap/zcrypto v0.0.0-20230205235340-d51ce4775101 // indirect
+	github.com/zmap/zcrypto v0.0.0-20230422215203-9a665e1e9968 // indirect
 	go.etcd.io/bbolt v1.3.7 // indirect
 	go.uber.org/zap v1.24.0 // indirect
 	goftp.io/server/v2 v2.0.0 // indirect
-	golang.org/x/crypto v0.10.0
+	golang.org/x/crypto v0.11.0
-	golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1
+	golang.org/x/exp v0.0.0-20230725093048-515e97ebf090
-	golang.org/x/mod v0.11.0 // indirect
+	golang.org/x/mod v0.12.0 // indirect
-	golang.org/x/sys v0.9.0 // indirect
+	golang.org/x/sys v0.10.0 // indirect
 	golang.org/x/time v0.3.0 // indirect
-	golang.org/x/tools v0.9.3 // indirect
+	golang.org/x/tools v0.11.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
-	google.golang.org/protobuf v1.29.1 // indirect
+	google.golang.org/protobuf v1.31.0 // indirect
 	gopkg.in/alecthomas/kingpin.v2 v2.2.6 // indirect
 	gopkg.in/corvus-ch/zbase32.v1 v1.0.0 // indirect
 )
@@ -233,14 +233,14 @@ require (
 	github.com/ProtonMail/go-crypto v0.0.0-20230518184743-7afd39499903 // indirect
 	github.com/acomagu/bufpipe v1.0.4 // indirect
 	github.com/alecthomas/chroma v0.10.0
-	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.4 // indirect
+	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.5 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.34 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.35 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.28 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.29 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/ini v1.3.35 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/ini v1.3.36 // indirect
-	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.28 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.29 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sso v1.12.12 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sso v1.12.13 // indirect
-	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.12 // indirect
+	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.13 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sts v1.19.2 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sts v1.19.3 // indirect
 	github.com/aws/smithy-go v1.13.5 // indirect
 	github.com/emirpasic/gods v1.18.1 // indirect
 	github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect

v2/go.sum

@@ -9,8 +9,9 @@ github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.0 h1:vcYCAze6p19qBW7MhZybI
 github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.0/go.mod h1:OQeznEEkTZ9OrhHJoDD8ZDq51FHgXjqtP9z6bEwBq9U=
 github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0 h1:sXr+ck84g/ZlZUOZiNELInmMgOsuGwdjjVkEIde0OtY=
 github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0/go.mod h1:okt5dMMTOFjX/aovMlrjvvXoPMBVSPzk9185BT0+eZM=
-github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.0.0 h1:u/LLAOFgsMv7HmNL4Qufg58y+qElGOt5qv0z1mURkRY=
+github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage v1.2.0 h1:Ma67P/GGprNwsslzEH6+Kb8nybI8jpDTm4Wmzu2ReK8=
-github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.0.0/go.mod h1:2e8rMJtl2+2j+HXbTBwnyGpm5Nou7KhvSfxOq8JpTag=
+github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.1.0 h1:nVocQV40OQne5613EeLayJiRAJuKlBGy+m22qWG+WRg=
+github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.1.0/go.mod h1:7QJP7dr2wznCMeqIrhMgWGf7XpAQnVrJqDm9nvV3Cu4=
 github.com/AzureAD/microsoft-authentication-library-for-go v1.0.0 h1:OBhqkivkhkMqLPymWEppkm7vgPQY2XsHoEkaMQ0AdZY=
 github.com/AzureAD/microsoft-authentication-library-for-go v1.0.0/go.mod h1:kgDmCTgBzIEPFElEF+FK0SdjAor06dRq2Go927dnQ6o=
 github.com/DataDog/gostackparse v0.6.0 h1:egCGQviIabPwsyoWpGvIBGrEnNWez35aEO7OJ1vBI4o=
@@ -51,8 +52,8 @@ github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuy
 github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
 github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137 h1:s6gZFSlWYmbqAuRjVTiNNhvNRfY2Wxp9nhfyel4rklc=
 github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE=
-github.com/andybalholm/brotli v1.0.4 h1:V7DdXeJtZscaqfNuAdSRuRFzuiKlHSC/Zh3zl9qY3JY=
+github.com/andybalholm/brotli v1.0.5 h1:8uQZIdzKmjc/iuPu7O2ioW48L81FgatrcpfFmiq/cCs=
-github.com/andybalholm/brotli v1.0.4/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig=
+github.com/andybalholm/brotli v1.0.5/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig=
 github.com/andybalholm/cascadia v1.3.1 h1:nhxRkql1kdYCc8Snf7D5/D3spOX+dBgjA6u8x004T2c=
 github.com/andybalholm/cascadia v1.3.1/go.mod h1:R4bJ1UQfqADjvDa4P6HZHLh/3OxWWEqc0Sk8XGwHqvA=
 github.com/andygrunwald/go-jira v1.16.0 h1:PU7C7Fkk5L96JvPc6vDVIrd99vdPnYudHu4ju2c2ikQ=
@@ -69,57 +70,42 @@ github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPd
 github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
 github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so=
 github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw=
-github.com/aws/aws-sdk-go-v2 v1.18.0/go.mod h1:uzbQtefpm44goOPmdKyAlXSNcwlRgF3ePWVW6EtJvvw=
+github.com/aws/aws-sdk-go-v2 v1.19.0 h1:klAT+y3pGFBU/qVf1uzwttpBbiuozJYWzNLHioyDJ+k=
-github.com/aws/aws-sdk-go-v2 v1.18.1 h1:+tefE750oAb7ZQGzla6bLkOwfcQCEtC5y2RqoqCeqKo=
+github.com/aws/aws-sdk-go-v2 v1.19.0/go.mod h1:uzbQtefpm44goOPmdKyAlXSNcwlRgF3ePWVW6EtJvvw=
-github.com/aws/aws-sdk-go-v2 v1.18.1/go.mod h1:uzbQtefpm44goOPmdKyAlXSNcwlRgF3ePWVW6EtJvvw=
 github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.10 h1:dK82zF6kkPeCo8J1e+tGx4JdvDIQzj7ygIoLg8WMuGs=
 github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.4.10/go.mod h1:VeTZetY5KRJLuD/7fkQXMU6Mw7H5m/KP2J5Iy9osMno=
-github.com/aws/aws-sdk-go-v2/config v1.18.25/go.mod h1:dZnYpD5wTW/dQF0rRNLVypB396zWCcPiBIvdvSWHEg4=
+github.com/aws/aws-sdk-go-v2/config v1.18.28 h1:TINEaKyh1Td64tqFvn09iYpKiWjmHYrG1fa91q2gnqw=
-github.com/aws/aws-sdk-go-v2/config v1.18.27 h1:Az9uLwmssTE6OGTpsFqOnaGpLnKDqNYOJzWuC6UAYzA=
+github.com/aws/aws-sdk-go-v2/config v1.18.28/go.mod h1:nIL+4/8JdAuNHEjn/gPEXqtnS02Q3NXB/9Z7o5xE4+A=
-github.com/aws/aws-sdk-go-v2/config v1.18.27/go.mod h1:0My+YgmkGxeqjXZb5BYme5pc4drjTnM+x1GJ3zv42Nw=
+github.com/aws/aws-sdk-go-v2/credentials v1.13.27 h1:dz0yr/yR1jweAnsCx+BmjerUILVPQ6FS5AwF/OyG1kA=
-github.com/aws/aws-sdk-go-v2/credentials v1.13.24/go.mod h1:jYPYi99wUOPIFi0rhiOvXeSEReVOzBqFNOX5bXYoG2o=
+github.com/aws/aws-sdk-go-v2/credentials v1.13.27/go.mod h1:syOqAek45ZXZp29HlnRS/BNgMIW6uiRmeuQsz4Qh2UE=
-github.com/aws/aws-sdk-go-v2/credentials v1.13.26 h1:qmU+yhKmOCyujmuPY7tf5MxR/RKyZrOPO3V4DobiTUk=
+github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.5 h1:kP3Me6Fy3vdi+9uHd7YLr6ewPxRL+PU6y15urfTaamU=
-github.com/aws/aws-sdk-go-v2/credentials v1.13.26/go.mod h1:GoXt2YC8jHUBbA4jr+W3JiemnIbkXOfxSXcisUsZ3os=
+github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.5/go.mod h1:Gj7tm95r+QsDoN2Fhuz/3npQvcZbkEf5mL70n3Xfluc=
-github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.3/go.mod h1:4Q0UFP0YJf0NrsEuEYHpM9fTSEVnD16Z3uyEF7J9JGM=
+github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.72 h1:m0MmP89v1B0t3b8W8rtATU76KNsodak69QtiokHyEvo=
-github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.4 h1:LxK/bitrAr4lnh9LnIS6i7zWbCOdMsfzKFBI6LUCS0I=
+github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.72/go.mod h1:ylOTxIuoTL+XjH46Omv2iPjHdeGUk3SQ4hxYho4EHMA=
-github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.4/go.mod h1:E1hLXN/BL2e6YizK1zFlYd8vsfi2GTjbjBazinMmeaM=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.35 h1:hMUCiE3Zi5AHrRNGf5j985u0WyqI6r2NULhUfo0N/No=
-github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.67 h1:fI9/5BDEaAv/pv1VO1X1n3jfP9it+IGqWsCuuBQI8wM=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.35/go.mod h1:ipR5PvpSPqIqL5Mi82BxLnfMkHVbmco8kUwO2xrCi0M=
-github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.67/go.mod h1:zQClPRIwQZfJlZq6WZve+s4Tb4JW+3V6eS+4+KrYeP8=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.29 h1:yOpYx+FTBdpk/g+sBU6Cb1H0U/TLEcYYp66mYqsPpcc=
-github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.33/go.mod h1:7i0PF1ME/2eUPFcjkVIwq+DOygHEoK92t5cDqNgYbIw=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.29/go.mod h1:M/eUABlDbw2uVrdAn+UsI6M727qp2fxkp8K0ejcBDUY=
-github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.34 h1:A5UqQEmPaCFpedKouS4v+dHCTUo2sKqhoKO9U5kxyWo=
+github.com/aws/aws-sdk-go-v2/internal/ini v1.3.36 h1:8r5m1BoAWkn0TDC34lUculryf7nUF25EgIMdjvGCkgo=
-github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.34/go.mod h1:wZpTEecJe0Btj3IYnDx/VlUzor9wm3fJHyvLpQF0VwY=
+github.com/aws/aws-sdk-go-v2/internal/ini v1.3.36/go.mod h1:Rmw2M1hMVTwiUhjwMoIBFWFJMhvJbct06sSidxInkhY=
-github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.27/go.mod h1:UrHnn3QV/d0pBZ6QBAEQcqFLf8FAzLmoUfPVIueOvoM=
+github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.27 h1:cZG7psLfqpkB6H+fIrgUDWmlzM474St1LP0jcz272yI=
-github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.28 h1:srIVS45eQuewqz6fKKu6ZGXaq6FuFg5NzgQBAM6g8Y4=
+github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.27/go.mod h1:ZdjYvJpDlefgh8/hWelJhqgqJeodxu4SmbVsSdBlL7E=
-github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.28/go.mod h1:7VRpKQQedkfIEXb4k52I7swUnZP0wohVajJMRn3vsUw=
-github.com/aws/aws-sdk-go-v2/internal/ini v1.3.34/go.mod h1:Etz2dj6UHYuw+Xw830KfzCfWGMzqvUTCjUj5b76GVDc=
-github.com/aws/aws-sdk-go-v2/internal/ini v1.3.35 h1:LWA+3kDM8ly001vJ1X1waCuLJdtTl48gwkPKWy9sosI=
-github.com/aws/aws-sdk-go-v2/internal/ini v1.3.35/go.mod h1:0Eg1YjxE0Bhn56lx+SHJwCzhW+2JGtizsrx+lCqrfm0=
-github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.25/go.mod h1:SUbB4wcbSEyCvqBxv/O/IBf93RbEze7U7OnoTlpPB+g=
-github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.26 h1:wscW+pnn3J1OYnanMnza5ZVYXLX4cKk5rAvUAl4Qu+c=
-github.com/aws/aws-sdk-go-v2/internal/v4a v1.0.26/go.mod h1:MtYiox5gvyB+OyP0Mr0Sm/yzbEAIPL9eijj/ouHAPw0=
 github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.11 h1:y2+VQzC6Zh2ojtV2LoC0MNwHWc6qXv/j2vrQtlftkdA=
 github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.9.11/go.mod h1:iV4q2hsqtNECrfmlXyord9u4zyuFEJX9eLgLpSPzWA8=
-github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.28/go.mod h1:spfrICMD6wCAhjhzHuy6DOZZ+LAIY10UxhUmLzpJTTs=
+github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.30 h1:Bje8Xkh2OWpjBdNfXLrnn8eZg569dUQmhgtydxAYyP0=
-github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.29 h1:zZSLP3v3riMOP14H7b4XP0uyfREDQOYv2cqIrvTXDNQ=
+github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.30/go.mod h1:qQtIBl5OVMfmeQkz8HaVyh5DzFmmFXyvK27UgIgOr4c=
-github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.1.29/go.mod h1:z7EjRjVwZ6pWcWdI2H64dKttvzaP99jRIj5hphW0M5U=
+github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.29 h1:IiDolu/eLmuB18DRZibj77n1hHQT7z12jnGO7Ze3pLc=
-github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.27/go.mod h1:EOwBD4J4S5qYszS5/3DpkejfuK+Z5/1uzICfPaZLtqw=
+github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.29/go.mod h1:fDbkK4o7fpPXWn8YAPmTieAMuB9mk/VgvW64uaUqxd4=
-github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.28 h1:bkRyG4a929RCnpVSTvLM2j/T4ls015ZhhYApbmYs15s=
+github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.14.4 h1:hx4WksB0NRQ9utR+2c3gEGzl6uKj3eM6PMQ6tN3lgXs=
-github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.28/go.mod h1:jj7znCIg05jXlaGBlFMGP8+7UN3VtCkRBG2spnmRQkU=
+github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.14.4/go.mod h1:JniVpqvw90sVjNqanGLufrVapWySL28fhBlYgl96Q/w=
-github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.14.2/go.mod h1:4tfW5l4IAB32VWCDEBxCRtR9T4BWy4I4kr1spr8NgZM=
+github.com/aws/aws-sdk-go-v2/service/s3 v1.37.0 h1:PalLOEGZ/4XfQxpGZFTLaoJSmPoybnqJYotaIZEf/Rg=
-github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.14.3 h1:dBL3StFxHtpBzJJ/mNEsjXVgfO+7jR0dAIEwLqMapEA=
+github.com/aws/aws-sdk-go-v2/service/s3 v1.37.0/go.mod h1:PwyKKVL0cNkC37QwLcrhyeCrAk+5bY8O2ou7USyAS2A=
-github.com/aws/aws-sdk-go-v2/service/internal/s3shared v1.14.3/go.mod h1:f1QyiAsvIv4B49DmCqrhlXqyaR+0IxMmyX+1P+AnzOM=
+github.com/aws/aws-sdk-go-v2/service/sso v1.12.13 h1:sWDv7cMITPcZ21QdreULwxOOAmE05JjEsT6fCDtDA9k=
-github.com/aws/aws-sdk-go-v2/service/s3 v1.33.1/go.mod h1:J9kLNzEiHSeGMyN7238EjJmBpCniVzFda75Gxl/NqB8=
+github.com/aws/aws-sdk-go-v2/service/sso v1.12.13/go.mod h1:DfX0sWuT46KpcqbMhJ9QWtxAIP1VozkDWf8VAkByjYY=
-github.com/aws/aws-sdk-go-v2/service/s3 v1.35.0 h1:ya7fmrN2fE7s1P2gaPbNg5MTkERVWfsH8ToP1YC4Z9o=
+github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.13 h1:BFubHS/xN5bjl818QaroN6mQdjneYQ+AOx44KNXlyH4=
-github.com/aws/aws-sdk-go-v2/service/s3 v1.35.0/go.mod h1:aVbf0sko/TsLWHx30c/uVu7c62+0EAJ3vbxaJga0xCw=
+github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.13/go.mod h1:BzqsVVFduubEmzrVtUFQQIQdFqvUItF8XUq2EnS8Wog=
-github.com/aws/aws-sdk-go-v2/service/sso v1.12.10/go.mod h1:ouy2P4z6sJN70fR3ka3wD3Ro3KezSxU6eKGQI2+2fjI=
+github.com/aws/aws-sdk-go-v2/service/sts v1.19.3 h1:e5mnydVdCVWxP+5rPAGi2PYxC7u2OZgH1ypC114H04U=
-github.com/aws/aws-sdk-go-v2/service/sso v1.12.12 h1:nneMBM2p79PGWBQovYO/6Xnc2ryRMw3InnDJq1FHkSY=
+github.com/aws/aws-sdk-go-v2/service/sts v1.19.3/go.mod h1:yVGZA1CPkmUhBdA039jXNJJG7/6t+G+EBWmFq23xqnY=
-github.com/aws/aws-sdk-go-v2/service/sso v1.12.12/go.mod h1:HuCOxYsF21eKrerARYO6HapNeh9GBNq7fius2AcwodY=
-github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.10/go.mod h1:AFvkxc8xfBe8XA+5St5XIHHrQQtkxqrRincx4hmMHOk=
-github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.12 h1:2qTR7IFk7/0IN/adSFhYu9Xthr0zVFTgBrmPldILn80=
-github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.12/go.mod h1:E4VrHCPzmVB/KFXtqBGKb3c8zpbNBgKe3fisDNLAW5w=
-github.com/aws/aws-sdk-go-v2/service/sts v1.19.0/go.mod h1:BgQOMsg8av8jset59jelyPW7NoZcZXLVpDsXunGDrk8=
-github.com/aws/aws-sdk-go-v2/service/sts v1.19.2 h1:XFJ2Z6sNUUcAz9poj+245DMkrHE4h2j5I9/xD50RHfE=
-github.com/aws/aws-sdk-go-v2/service/sts v1.19.2/go.mod h1:dp0yLPsLBOi++WTxzCjA/oZqi6NPIhoR+uF7GeMU9eg=
 github.com/aws/smithy-go v1.13.5 h1:hgz0X/DX0dGqTYpGALqXJoRKRj5oQ7150i5FdTePzO8=
 github.com/aws/smithy-go v1.13.5/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA=
 github.com/aymanbagabas/go-osc52 v1.0.3/go.mod h1:zT8H+Rk4VSabYN90pWyugflM3ZhpTZNC7cASDfUCdT4=
@@ -140,8 +126,8 @@ github.com/caddyserver/certmagic v0.17.2 h1:o30seC1T/dBqBCNNGNHWwj2i5/I/FMjBbTAh
 github.com/caddyserver/certmagic v0.17.2/go.mod h1:ouWUuC490GOLJzkyN35eXfV8bSbwMwSf4bdhkIxtdQE=
 github.com/charmbracelet/glamour v0.6.0 h1:wi8fse3Y7nfcabbbDuwolqTqMQPMnVPeZhDM273bISc=
 github.com/charmbracelet/glamour v0.6.0/go.mod h1:taqWV4swIMMbWALc0m7AfE9JkPSU8om2538k9ITBxOc=
-github.com/cheggaaa/pb/v3 v3.1.2 h1:FIxT3ZjOj9XJl0U4o2XbEhjFfZl7jCVCDOGq1ZAB7wQ=
+github.com/cheggaaa/pb/v3 v3.1.4 h1:DN8j4TVVdKu3WxVwcRKu0sG00IIU6FewoABZzXbRQeo=
-github.com/cheggaaa/pb/v3 v3.1.2/go.mod h1:SNjnd0yKcW+kw0brSusraeDd5Bf1zBfxAzTL2ss3yQ4=
+github.com/cheggaaa/pb/v3 v3.1.4/go.mod h1:6wVjILNBaXMs8c21qRiaUM8BR82erfgau1DQ4iUXmSA=
 github.com/cloudflare/cfssl v1.6.4 h1:NMOvfrEjFfC63K3SGXgAnFdsgkmiq4kATme5BfcqrO8=
 github.com/cloudflare/cfssl v1.6.4/go.mod h1:8b3CQMxfWPAeom3zBnGJ6sd+G1NkL5TXqmDXacb+1J0=
 github.com/cloudflare/circl v1.1.0/go.mod h1:prBCrKB9DV4poKZY1l9zBXg2QJY7mvgRvtMxxK7fi4I=
@@ -172,8 +158,8 @@ github.com/elazarl/goproxy v0.0.0-20221015165544-a0805db90819 h1:RIB4cRk+lBqKK3O
 github.com/emirpasic/gods v1.12.0/go.mod h1:YfzfFFoVP/catgzJb4IKIqXjX78Ha8FMSDh3ymbK86o=
 github.com/emirpasic/gods v1.18.1 h1:FXtiHYKDGKCW2KzwZKx0iC0PQmdlorYgdFG9jPXJ1Bc=
 github.com/emirpasic/gods v1.18.1/go.mod h1:8tpGGwCnJ5H4r6BWwaV6OrWmMoPhUl5jm/FMNAnJvWQ=
-github.com/fatih/color v1.14.1 h1:qfhVLaG5s+nCROl1zJsZRxFeYrHLqWroPOQ8BWiNb4w=
+github.com/fatih/color v1.15.0 h1:kOqh6YHBtK8aywxGerMG2Eq3H6Qgoqeo13Bk2Mv/nBs=
-github.com/fatih/color v1.14.1/go.mod h1:2oHN61fhTpgcxD3TSWCgKDiH1+x4OiDVVGH8WlgGZGg=
+github.com/fatih/color v1.15.0/go.mod h1:0h5ZqXfHYED7Bhv2ZJamyIOUej9KtShiJESRwBDUSsw=
 github.com/fatih/structs v1.1.0 h1:Q7juDM0QtcnhCpeyLGQKyg4TOIghuNXrkL32pHAUMxo=
 github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M=
 github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc=
@@ -202,8 +188,8 @@ github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJn
 github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY=
 github.com/go-playground/validator/v10 v10.14.1 h1:9c50NUPC30zyuKprjL3vNZ0m5oG+jU0zvx4AqHGnv4k=
 github.com/go-playground/validator/v10 v10.14.1/go.mod h1:9iXMNT7sEkjXb0I+enO7QXmzG6QCsPWY4zveKFVRSyU=
-github.com/go-rod/rod v0.113.0 h1:E7+GLjYVZnScewIB2u8+66joQLaDGbOLzSOT4orNHms=
+github.com/go-rod/rod v0.114.0 h1:P+zLOqsj+vKf4C86SfjP6ymyPl9VXoYKm+ceCeQms6Y=
-github.com/go-rod/rod v0.113.0/go.mod h1:aiedSEFg5DwG/fnNbUOTPMTTWX3MRj6vIs/a684Mthw=
+github.com/go-rod/rod v0.114.0/go.mod h1:aiedSEFg5DwG/fnNbUOTPMTTWX3MRj6vIs/a684Mthw=
 github.com/goburrow/cache v0.1.4 h1:As4KzO3hgmzPlnaMniZU9+VmoNYseUhuELbxy9mRBfw=
 github.com/goburrow/cache v0.1.4/go.mod h1:cDFesZDnIlrHoNlMYqqMpCRawuXulgx+y7mXU8HZ+/c=
 github.com/gobwas/httphead v0.1.0 h1:exrUm0f4YX0L7EBwZHuCF4GDp8aJfVeBrlLQrs6NqWU=
@@ -353,8 +339,8 @@ github.com/mholt/acmez v1.0.4/go.mod h1:qFGLZ4u+ehWINeJZjzPlsnjJBCPAADWTcIqE/7DA
 github.com/mholt/archiver v3.1.1+incompatible h1:1dCVxuqs0dJseYEhi5pl7MYPH9zDa1wBi7mF09cbNkU=
 github.com/mholt/archiver v3.1.1+incompatible/go.mod h1:Dh2dOXnSdiLxRiPoVfIr/fI1TwETms9B8CTWfeh7ROU=
 github.com/microcosm-cc/bluemonday v1.0.21/go.mod h1:ytNkv4RrDrLJ2pqlsSI46O6IVXmZOBBD4SaJyDwwTkM=
-github.com/microcosm-cc/bluemonday v1.0.24 h1:NGQoPtwGVcbGkKfvyYk1yRqknzBuoMiUrO6R7uFTPlw=
+github.com/microcosm-cc/bluemonday v1.0.25 h1:4NEwSfiJ+Wva0VxN5B8OwMicaJvD8r9tlJWm9rtloEg=
-github.com/microcosm-cc/bluemonday v1.0.24/go.mod h1:ArQySAMps0790cHSkdPEJ7bGkF2VePWH773hsJNSHf8=
+github.com/microcosm-cc/bluemonday v1.0.25/go.mod h1:ZIOjCQp1OrzBBPIJmfX4qDYFuhU02nx4bn030ixfHLE=
 github.com/miekg/dns v1.1.35/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM=
 github.com/miekg/dns v1.1.55 h1:GoQ4hpsj0nFLYe+bWiCToyrBEJXkQfOOIvFGFy0lEgo=
 github.com/miekg/dns v1.1.55/go.mod h1:uInx36IzPl7FYnDcMeVWxj9byh7DutNykX4G9Sj60FY=
@@ -370,6 +356,7 @@ github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJ
 github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
 github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
 github.com/mreiferson/go-httpclient v0.0.0-20160630210159-31f0106b4474/go.mod h1:OQA4XLvDbMgS8P0CevmM4m9Q3Jq4phKUzcocxuGJ5m8=
+github.com/mreiferson/go-httpclient v0.0.0-20201222173833-5e475fde3a4d/go.mod h1:OQA4XLvDbMgS8P0CevmM4m9Q3Jq4phKUzcocxuGJ5m8=
 github.com/muesli/reflow v0.3.0 h1:IFsN6K9NfGtjeggFP+68I4chLZV2yIKsXJFNZ+eWh6s=
 github.com/muesli/reflow v0.3.0/go.mod h1:pbwTDkVPibjO2kyvBQRBxTWEEGDGq0FlB1BIKtnHY/8=
 github.com/muesli/termenv v0.13.0/go.mod h1:sP1+uffeLaEYpyOTb8pLCUctGcGLnoFjSn4YJK5e2bc=
@@ -405,55 +392,55 @@ github.com/projectdiscovery/asnmap v1.0.4 h1:dmXrls7Y0Sdeb6cLlKGwdYX8h1K9q2iYOGX
 github.com/projectdiscovery/asnmap v1.0.4/go.mod h1:iTLDyYsblEwYHcLiKZCRx8Et+xV7NlvgGLusANpgegc=
 github.com/projectdiscovery/blackrock v0.0.1 h1:lHQqhaaEFjgf5WkuItbpeCZv2DUIE45k0VbGJyft6LQ=
 github.com/projectdiscovery/blackrock v0.0.1/go.mod h1:ANUtjDfaVrqB453bzToU+YB4cUbvBRpLvEwoWIwlTss=
-github.com/projectdiscovery/cdncheck v1.0.6 h1:bjo4oxCD1Y5972ow0LWCjUpO8KOO12j6uGfPofVpC4c=
+github.com/projectdiscovery/cdncheck v1.0.9 h1:BS15gzj9gb5AVSKqTDzPamfSgStu7nJQOocUvrssFlg=
-github.com/projectdiscovery/cdncheck v1.0.6/go.mod h1:NN0QRfxBzUVZJoS0lN37spElCOXHzFuvq1yg5RhTxCE=
+github.com/projectdiscovery/cdncheck v1.0.9/go.mod h1:18SSl1w7rMj53CGeRIZTbDoa286a6xZIxGbaiEo4Fxs=
-github.com/projectdiscovery/clistats v0.0.18 h1:WLQNqLXsKvjoieDwXJO/1jlnxR0x9vdFaRUAR3gXfKQ=
+github.com/projectdiscovery/clistats v0.0.19 h1:SA/qRHbmS9VEbVEPzX/ka01hZDYATL9ZjAnDatybhLw=
-github.com/projectdiscovery/clistats v0.0.18/go.mod h1:YUnUrMHFw+FHwUTIKr1KDUwz81x+SFjPU3xfLqXfzf0=
+github.com/projectdiscovery/clistats v0.0.19/go.mod h1:NQDAW/O7cK9xBIgk46kJjwGRkjSg5JkB8E4DvuxXr+c=
-github.com/projectdiscovery/dsl v0.0.11-0.20230621170216-97e70ffb7efd h1:16DMjd4HeACrC9CkWJkkLeSh+LYPDorwNx11BlTbonU=
+github.com/projectdiscovery/dsl v0.0.16 h1:ECymBWfB6L6M/y0X6fa+mwg2l0nCSUkfoJkesjGCYJ4=
-github.com/projectdiscovery/dsl v0.0.11-0.20230621170216-97e70ffb7efd/go.mod h1:S72Cq/lfxzkldf64Sul1G2KFbGKNgpRFFCF/FazpznM=
+github.com/projectdiscovery/dsl v0.0.16/go.mod h1:OiVbde6xGMM4NXnf3DUJIEqdwWppPADBSPMrxDHwRCU=
-github.com/projectdiscovery/fastdialer v0.0.31 h1:eu0wTBCWjT8dXChmBtnQaAxoFpkLdvq0VroRxZoe/M8=
+github.com/projectdiscovery/fastdialer v0.0.35 h1:dCjYaZ2dOtKmIbQ7OUuf/pZiMQRHfUjjLoHrEF8CJ8g=
-github.com/projectdiscovery/fastdialer v0.0.31/go.mod h1:ttLvt0xnpNQAStYYQ6ElIBHfSXHuPEiXBkLH/OLbYlc=
+github.com/projectdiscovery/fastdialer v0.0.35/go.mod h1:dTx0C7JRWKKO5ZxGqM0NUDzB4svmyYqGM6zcHIk2ueo=
 github.com/projectdiscovery/fasttemplate v0.0.2 h1:h2cISk5xDhlJEinlBQS6RRx0vOlOirB2y3Yu4PJzpiA=
 github.com/projectdiscovery/fasttemplate v0.0.2/go.mod h1:XYWWVMxnItd+r0GbjA1GCsUopMw1/XusuQxdyAIHMCw=
 github.com/projectdiscovery/freeport v0.0.5 h1:jnd3Oqsl4S8n0KuFkE5Hm8WGDP24ITBvmyw5pFTHS8Q=
 github.com/projectdiscovery/freeport v0.0.5/go.mod h1:PY0bxSJ34HVy67LHIeF3uIutiCSDwOqKD8ruBkdiCwE=
-github.com/projectdiscovery/goflags v0.1.10 h1:Gompf8JDy8y+5c4eWlc70KKtPuDH/hqFB3tMeHcMiKk=
+github.com/projectdiscovery/goflags v0.1.12 h1:NucjSqw7reczmon2vQq9KyOrvOmlnznECeifHI2gOW0=
-github.com/projectdiscovery/goflags v0.1.10/go.mod h1:MHEkqm3XgxBf5fK4gr3IXsj6VeLTq4qJYGC/4JRYQ74=
+github.com/projectdiscovery/goflags v0.1.12/go.mod h1:wC5uJonjddDcCqDNfPq+03nRessSB/LLaaIea4w47ws=
-github.com/projectdiscovery/gologger v1.1.10 h1:XNRdtzLTdxiFGuK9gutoL752mykzXDoii4P2yDovqck=
+github.com/projectdiscovery/gologger v1.1.11 h1:8vsz9oJlDT9euw6xlj7F7dZ6RWItVIqVwn4Mr6uzky8=
-github.com/projectdiscovery/gologger v1.1.10/go.mod h1:VqANHK7qcEq3i6/vV5HNWwdyv2aFPSrlaVDU4Ogrc6U=
+github.com/projectdiscovery/gologger v1.1.11/go.mod h1:UR2bgXl7zraOxYGnUwuO917hifWrwMJ0feKnVqMQkzY=
 github.com/projectdiscovery/gozero v0.0.0-20230510004414-f1d11fdaf5c6 h1:M74WAoZ99q/LJPHC8aIWIt8+FLh699KqLm2CUSHoytA=
 github.com/projectdiscovery/gozero v0.0.0-20230510004414-f1d11fdaf5c6/go.mod h1:jCpXNvLUCPMzm5AhJv8wtnUt/7rz0TY2SsqvKQ8tn2E=
 github.com/projectdiscovery/hmap v0.0.13 h1:8v5j99Pz0S7V1YrTeWp7xtr1yNOffKQ/KusHZfB+mrI=
 github.com/projectdiscovery/hmap v0.0.13/go.mod h1:Ymc9xjbfhswpmI/gOx5hyR4+OvqguSq1SDJTH197gWg=
-github.com/projectdiscovery/httpx v1.3.0 h1:x7XbAUd1i3SL/SqVBZFM5EXv7YRXL58jdwonwxR4bvE=
+github.com/projectdiscovery/httpx v1.3.4 h1:1tCP7YRngCDi2a8PvvcYqmpR1H9X7Qgn89uazKL65eg=
-github.com/projectdiscovery/httpx v1.3.0/go.mod h1:tglYwSUBz1zl2cC3NtjgURrI3cZsGepH1DLyQZZY2/M=
+github.com/projectdiscovery/httpx v1.3.4/go.mod h1:5JlNJcEHPF9ByFFNEcaXEAs8yZYsUC6E9Q3VGfDpPeY=
 github.com/projectdiscovery/interactsh v1.1.4 h1:1qVxJ14aG/X7TLJoK5AHnaX6I7hnbPp5R2ql1bSYzqI=
 github.com/projectdiscovery/interactsh v1.1.4/go.mod h1:rM8IEm6AAm68fWWExzBHjhBWfRhFYzR9gY5emOFiZCY=
 github.com/projectdiscovery/mapcidr v1.1.2 h1:Mmq/nPqvVc7fjvH/kJVK0IBOny/LrJIxZ4tQsLPCrsA=
 github.com/projectdiscovery/mapcidr v1.1.2/go.mod h1:Aoq0x/wJl6KDbtQ8OcPkjIDCqx2iEyx5ty1nzso8wXM=
 github.com/projectdiscovery/networkpolicy v0.0.6 h1:yDvm0XCrS9HeemRrBS+J+22surzVczM94W5nHiOy/1o=
 github.com/projectdiscovery/networkpolicy v0.0.6/go.mod h1:8HJQ/33Pi7v3a3MRWIQGXzpj+zHw2d60TysEL4qdoQk=
-github.com/projectdiscovery/ratelimit v0.0.8 h1:K6S/DCr48xNxTXHRmU82wl1mj7j0VrXnAKr8sKTacHI=
+github.com/projectdiscovery/ratelimit v0.0.9 h1:28t2xDHUnyss1irzqPG3Oxz5hkRjl+3Q2I/aes7nau8=
-github.com/projectdiscovery/ratelimit v0.0.8/go.mod h1:JJAtj8Rd5DNqN5FgwyMHWIi4BHivOw1+8gDrpsBf8Ic=
+github.com/projectdiscovery/ratelimit v0.0.9/go.mod h1:f98UxLsHt0dWrHTbRDxos4+RvOLE0UFpyECfrfKBz1I=
-github.com/projectdiscovery/rawhttp v0.1.13 h1:Xn3NY3SYIk0151K5Qfuvx3tayl2UOoxMuVyYvGT95BA=
+github.com/projectdiscovery/rawhttp v0.1.18 h1:wTs6CePrjcIz5/SrxkluOrCGOk3F9Ddt31kQO6P+41s=
-github.com/projectdiscovery/rawhttp v0.1.13/go.mod h1:AjZUYdPCx4xqeWYPqFPLGCxQsVFeUrobxidnU6Nta8M=
+github.com/projectdiscovery/rawhttp v0.1.18/go.mod h1:nwTySMnfI7qFMQEC9PHdklXGWED8FDcEOnA8DGZqu/A=
 github.com/projectdiscovery/rdap v0.9.1-0.20221108103045-9865884d1917 h1:m03X4gBVSorSzvmm0bFa7gDV4QNSOWPL/fgZ4kTXBxk=
 github.com/projectdiscovery/rdap v0.9.1-0.20221108103045-9865884d1917/go.mod h1:JxXtZC9e195awe7EynrcnBJmFoad/BNDzW9mzFkK8Sg=
-github.com/projectdiscovery/retryabledns v1.0.30 h1:7bc8Lq3r/qzw4LdXXAxKtQa52iGiEx1WasZLVCO6Oj0=
+github.com/projectdiscovery/retryabledns v1.0.32 h1:Ekr+1j1jwQ2qINW7T02uMcXFc3QeduN3vOligpfQgeo=
-github.com/projectdiscovery/retryabledns v1.0.30/go.mod h1:+Aqc0TjKGcTtP0HtXE8o1GzrjAHhSno6hSF+L63TBtI=
+github.com/projectdiscovery/retryabledns v1.0.32/go.mod h1:t8aKbGPnmN/IUFY7vk+M16LBmzBhMsfN/6YGKs6oL8c=
-github.com/projectdiscovery/retryablehttp-go v1.0.18 h1:3IUxyIOOUVSGEBm4pV0cQSk1i/DausZdHePdGDip0Lg=
+github.com/projectdiscovery/retryablehttp-go v1.0.20 h1:Ns3m7EPMEFKTSSNPtD1WGkCHvuYyQ6x98HYdKdALqwE=
-github.com/projectdiscovery/retryablehttp-go v1.0.18/go.mod h1:oE3dmYWMadFWzaIfG1IqINsYAzUWYUtdI4PJ2xo7cXg=
+github.com/projectdiscovery/retryablehttp-go v1.0.20/go.mod h1:3YrxgFe21HUL+25IU9VfFlTZ23yMEA2Zek6p8F55cuI=
 github.com/projectdiscovery/sarif v0.0.1 h1:C2Tyj0SGOKbCLgHrx83vaE6YkzXEVrMXYRGLkKCr/us=
 github.com/projectdiscovery/sarif v0.0.1/go.mod h1:cEYlDu8amcPf6b9dSakcz2nNnJsoz4aR6peERwV+wuQ=
 github.com/projectdiscovery/stringsutil v0.0.2 h1:uzmw3IVLJSMW1kEg8eCStG/cGbYYZAja8BH3LqqJXMA=
-github.com/projectdiscovery/tlsx v1.1.0 h1:6L5VKpHaoqvIHN6lH9zi7jIvph1JwYMYZOIpWBJBG6I=
+github.com/projectdiscovery/tlsx v1.1.1 h1:4q14vu2A+TnQjhYI68I3yCUss3UM0fmrkmnJKqoYRQ8=
-github.com/projectdiscovery/tlsx v1.1.0/go.mod h1:C9xTbU2t54Anmvuq+4jxevR5rzqpp6XUUtV7G9J5CTE=
+github.com/projectdiscovery/tlsx v1.1.1/go.mod h1:x2S3KajTVxH5Tm4lbBoX4EumY/gh+cGzfBUhlCuNtdY=
 github.com/projectdiscovery/uncover v1.0.6-0.20230601103158-bfd7e02a5bb1 h1:Pu6LvDqn+iSlhCDKKWm1ItPc++kqqlU8OntZeB/Prak=
 github.com/projectdiscovery/uncover v1.0.6-0.20230601103158-bfd7e02a5bb1/go.mod h1:Drl/CWD392mKtdXJhCBPlMkM0I6671pqedFphcnK5f8=
-github.com/projectdiscovery/utils v0.0.39 h1:iyi5qPilENRmFyt16qtd58pb65fUu0wAU2C0Lq5t6zo=
+github.com/projectdiscovery/utils v0.0.45-0.20230725161322-28ec1ee0ba40 h1:bgTXdrA/yFhFGfjhMIsczVNhnsMEHFidgS/FD2Tq5Js=
-github.com/projectdiscovery/utils v0.0.39/go.mod h1:rrd8dTBuKEScNMLgs1Xiu8rPCVeR0QTzmRcQ5iM3ymo=
+github.com/projectdiscovery/utils v0.0.45-0.20230725161322-28ec1ee0ba40/go.mod h1:HtUI1pyNCgQUuwZuxDILQ4NSUaFcfBh0TuCK/ZQTS6Q=
-github.com/projectdiscovery/wappalyzergo v0.0.102 h1:ABjZghof2U2yzGNL+q5ouWHEardLd2o53Ukgrf8CZzE=
+github.com/projectdiscovery/wappalyzergo v0.0.107 h1:B8gzJpAh08f1o+OiDunHAfKtqXiDnFCc7Rj1qKp+DB8=
-github.com/projectdiscovery/wappalyzergo v0.0.102/go.mod h1:4Z3DKhi75zIPMuA+qSDDWxZvnhL4qTLmDx4dxNMu7MA=
+github.com/projectdiscovery/wappalyzergo v0.0.107/go.mod h1:4Z3DKhi75zIPMuA+qSDDWxZvnhL4qTLmDx4dxNMu7MA=
 github.com/projectdiscovery/yamldoc-go v1.0.4 h1:eZoESapnMw6WAHiVgRwNqvbJEfNHEH148uthhFbG5jE=
 github.com/projectdiscovery/yamldoc-go v1.0.4/go.mod h1:8PIPRcUD55UbtQdcfFR1hpIGRWG0P7alClXNGt1TBik=
 github.com/refraction-networking/utls v1.3.2 h1:o+AkWB57mkcoW36ET7uJ002CpBWHu0KPxi6vzxvPnv8=
@@ -469,15 +456,15 @@ github.com/rs/xid v1.5.0 h1:mKX4bl4iPYJtEIxp6CYiUuLQ/8DYMoz0PUdtGgMFRVc=
 github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg=
 github.com/saintfish/chardet v0.0.0-20230101081208-5e3ef4b5456d h1:hrujxIzL1woJ7AwssoOcM/tq5JjjG2yYOc8odClEiXA=
 github.com/saintfish/chardet v0.0.0-20230101081208-5e3ef4b5456d/go.mod h1:uugorj2VCxiV1x+LzaIdVa9b4S4qGAcH6cbhh4qVxOU=
-github.com/sashabaranov/go-openai v1.11.2 h1:HuMf+18eldSKbqVblyeCQbtcqSpGVfqTshvi8Bn6zes=
+github.com/sashabaranov/go-openai v1.14.1 h1:jqfkdj8XHnBF84oi2aNtT8Ktp3EJ0MfuVjvcMkfI0LA=
-github.com/sashabaranov/go-openai v1.11.2/go.mod h1:lj5b/K+zjTSFxVLijLSTDZuP7adOgerWeFyZLUhAKRg=
+github.com/sashabaranov/go-openai v1.14.1/go.mod h1:lj5b/K+zjTSFxVLijLSTDZuP7adOgerWeFyZLUhAKRg=
 github.com/segmentio/ksuid v1.0.4 h1:sBo2BdShXjmcugAMwjugoGUdUV0pcxY5mW4xKRn3v4c=
 github.com/segmentio/ksuid v1.0.4/go.mod h1:/XUiZBD3kVx5SmUOl55voK5yeAbBNNIed+2O73XgrPE=
 github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo=
 github.com/sergi/go-diff v1.2.0 h1:XU+rvMAioB0UC3q1MFrIQy4Vo5/4VsRDQQXHsEya6xQ=
 github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM=
-github.com/shirou/gopsutil/v3 v3.23.5 h1:5SgDCeQ0KW0S4N0znjeM/eFHXXOKyv2dVNgRq/c9P6Y=
+github.com/shirou/gopsutil/v3 v3.23.6 h1:5y46WPI9QBKBbK7EEccUPNXpJpNrvPuTD0O2zHEHT08=
-github.com/shirou/gopsutil/v3 v3.23.5/go.mod h1:Ng3Maa27Q2KARVJ0SPZF5NdrQSC3XHKP8IIWrHgMeLY=
+github.com/shirou/gopsutil/v3 v3.23.6/go.mod h1:j7QX50DrXYggrpN30W0Mo+I4/8U2UUIQrnrhqUeWrAU=
 github.com/shoenig/go-m1cpu v0.1.6 h1:nxdKQNcEB6vzgA2E2bvzKIYRuNj7XNJ4S/aRSwKzFtM=
 github.com/shoenig/go-m1cpu v0.1.6/go.mod h1:1JJMcUBvfNwpq05QDQVAnx3gUHr9IYF7GNg9SUEw2VQ=
 github.com/shoenig/test v0.6.4 h1:kVTaSd7WLz5WZ2IaoM0RSzRsUD+m8wRR+5qvntpn4LU=
@@ -485,6 +472,7 @@ github.com/shoenig/test v0.6.4/go.mod h1:byHiCGXqrVaflBLAMq/srcZIHynQPQgeyvkvXnj
 github.com/sirupsen/logrus v1.3.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
 github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
 github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
+github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
 github.com/skeema/knownhosts v1.1.1 h1:MTk78x9FPgDFVFkDLTrsnnfCJl7g1C/nnKvePgrIngE=
 github.com/skeema/knownhosts v1.1.1/go.mod h1:g4fPeYpque7P0xefxtGzV81ihjC8sX2IqpAoNkjxbMo=
 github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc=
@@ -511,7 +499,6 @@ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
 github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
 github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
 github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
 github.com/syndtr/goleveldb v1.0.0 h1:fBdIW9lB4Iz0n9khmH8w27SJ3QEJ7+IgjPEwGSZiFdE=
@@ -554,11 +541,9 @@ github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyC
 github.com/valyala/fasttemplate v1.2.1/go.mod h1:KHLXt3tVN2HBp8eijSv/kGJopbvo7S+qRAEEKiv+SiQ=
 github.com/valyala/fasttemplate v1.2.2 h1:lxLXG0uE3Qnshl9QyaK6XJxMXlQZELvChBOCmQD0Loo=
 github.com/valyala/fasttemplate v1.2.2/go.mod h1:KHLXt3tVN2HBp8eijSv/kGJopbvo7S+qRAEEKiv+SiQ=
-github.com/weppos/publicsuffix-go v0.12.0/go.mod h1:z3LCPQ38eedDQSwmsSRW4Y7t2L8Ln16JPQ02lHAdn5k=
+github.com/weppos/publicsuffix-go v0.13.0/go.mod h1:z3LCPQ38eedDQSwmsSRW4Y7t2L8Ln16JPQ02lHAdn5k=
-github.com/weppos/publicsuffix-go v0.15.1-0.20220724114530-e087fba66a37/go.mod h1:5ZC/Uv3fIEUE0eP6o9+Yg4+5+W8V0/BieMi05feGXVA=
 github.com/weppos/publicsuffix-go v0.30.1-0.20230422193905-8fecedd899db h1:/WcxBne+5CbtbgWd/sV2wbravmr4sT7y52ifQaCgoLs=
 github.com/weppos/publicsuffix-go v0.30.1-0.20230422193905-8fecedd899db/go.mod h1:aiQaH1XpzIfgrJq3S1iw7w+3EDbRP7mF5fmwUhWyRUs=
-github.com/weppos/publicsuffix-go/publicsuffix/generator v0.0.0-20220704091424-e0182326a282/go.mod h1:GHfoeIdZLdZmLjMlzBftbTDntahTttUMWjxZwQJhULE=
 github.com/xanzy/go-gitlab v0.84.0 h1:PdpCaskQSgcVDsx21c6ikf8Rfyo7SNtFAJwP9PrbCFE=
 github.com/xanzy/go-gitlab v0.84.0/go.mod h1:5ryv+MnpZStBH8I/77HuQBsMbBGANtVpLWC15qOjWAw=
 github.com/xanzy/ssh-agent v0.2.1/go.mod h1:mLlQY/MoOhWBj+gOGMQkOeiEvkx+8pJSI+0Bx9h2kr4=
@@ -596,8 +581,12 @@ github.com/zmap/rc2 v0.0.0-20131011165748-24b9757f5521/go.mod h1:3YZ9o3WnatTIZhu
 github.com/zmap/rc2 v0.0.0-20190804163417-abaa70531248 h1:Nzukz5fNOBIHOsnP+6I79kPx3QhLv8nBy2mfFhBRq30=
 github.com/zmap/rc2 v0.0.0-20190804163417-abaa70531248/go.mod h1:3YZ9o3WnatTIZhuOtot4IcUfzoKVjUHqu6WALIyI0nE=
 github.com/zmap/zcertificate v0.0.0-20180516150559-0e3d58b1bac4/go.mod h1:5iU54tB79AMBcySS0R2XIyZBAVmeHranShAFELYx7is=
-github.com/zmap/zcrypto v0.0.0-20230205235340-d51ce4775101 h1:QuLjRpIBjqene8VvB+VhQ4eTcQGCQ7JDuk0/Fp4sLLw=
+github.com/zmap/zcertificate v0.0.1/go.mod h1:q0dlN54Jm4NVSSuzisusQY0hqDWvu92C+TWveAxiVWk=
-github.com/zmap/zcrypto v0.0.0-20230205235340-d51ce4775101/go.mod h1:bRZdjnJaHWVXKEwrfAZMd0gfRjZGNhTbZwzp07s0Abw=
+github.com/zmap/zcrypto v0.0.0-20201128221613-3719af1573cf/go.mod h1:aPM7r+JOkfL+9qSB4KbYjtoEzJqUK50EXkkJabeNJDQ=
+github.com/zmap/zcrypto v0.0.0-20201211161100-e54a5822fb7e/go.mod h1:aPM7r+JOkfL+9qSB4KbYjtoEzJqUK50EXkkJabeNJDQ=
+github.com/zmap/zcrypto v0.0.0-20230422215203-9a665e1e9968 h1:YOQ1vXEwE4Rnj+uQ/3oCuJk5wgVsvUyW+glsndwYuyA=
+github.com/zmap/zcrypto v0.0.0-20230422215203-9a665e1e9968/go.mod h1:xIuOvYCZX21S5Z9bK1BMrertTGX/F8hgAPw7ERJRNS0=
+github.com/zmap/zlint/v3 v3.0.0/go.mod h1:paGwFySdHIBEMJ61YjoqT4h7Ge+fdYG4sUQhnTb1lJ8=
 go.etcd.io/bbolt v1.3.7 h1:j+zJOnnEjF/kyHlDDgGnVL/AIqIJPq8UoB2GSNfkUfQ=
 go.etcd.io/bbolt v1.3.7/go.mod h1:N9Mkw9X8x5fupy0IKsmuqVtoGDyxsaDlbk4Rd05IAQw=
 go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
@@ -622,6 +611,7 @@ golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8U
 golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20201124201722-c8d3bf9c5392/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
+golang.org/x/crypto v0.0.0-20201208171446-5f87f3452ae9/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
 golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
 golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
@@ -629,17 +619,17 @@ golang.org/x/crypto v0.0.0-20211209193657-4570a0811e8b/go.mod h1:IxCIyHEi3zRg3s0
 golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
 golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58=
 golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
-golang.org/x/crypto v0.10.0 h1:LKqV2xt9+kDzSTfOhx4FrkEBcMrAgHSYgzywV9zcGmM=
+golang.org/x/crypto v0.11.0 h1:6Ewdq3tDic1mg5xRO4milcWCfMVQhI4NkqWWvqejpuA=
-golang.org/x/crypto v0.10.0/go.mod h1:o4eNf7Ede1fv+hwOwZsTHl9EsPFO6q6ZvYR8vYfY45I=
+golang.org/x/crypto v0.11.0/go.mod h1:xgJhtzW8F9jGdVFWZESrid1U1bjeNy4zgy5cRr/CIio=
-golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1 h1:k/i9J1pBpvlfR+9QsetwPyERsqu1GIbi967PQMq3Ivc=
+golang.org/x/exp v0.0.0-20230725093048-515e97ebf090 h1:Di6/M8l0O2lCLc6VVRWhgCiApHV8MnQurBnFSHsQtNY=
-golang.org/x/exp v0.0.0-20230522175609-2e198f4a06a1/go.mod h1:V1LtkGg67GoY2N1AnLN78QLrzxkLyJw7RJb1gzOOz9w=
+golang.org/x/exp v0.0.0-20230725093048-515e97ebf090/go.mod h1:FXUEEKJgO7OQYeo8N01OfiKP8RXMtf6e8aTskBGqWdc=
 golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
 golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
 golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
 golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
-golang.org/x/mod v0.11.0 h1:bUO06HqtnRcc/7l71XBe4WcqTZ+3AH1J59zWDDwLKgU=
+golang.org/x/mod v0.12.0 h1:rmsUpXtvNzj340zd98LZ4KntptpfRHwpFOHG188oHXc=
-golang.org/x/mod v0.11.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
+golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
@@ -648,9 +638,9 @@ golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200528225125-3c3fba18258b/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
 golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
+golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
 golang.org/x/net v0.0.0-20210916014120-12bc252f5db8/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
@@ -663,19 +653,19 @@ golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
 golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
 golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
-golang.org/x/net v0.11.0 h1:Gi2tvZIJyBtO9SDr1q9h5hEQCp/4L2RQ+ar0qjx2oNU=
+golang.org/x/net v0.12.0 h1:cfawfvKITfUsFCeJIHJrbSxpeu/E81khclypR0GVT50=
-golang.org/x/net v0.11.0/go.mod h1:2L/ixqYpgIVXmeoSA/4Lu7BzTG4KIyPIryS4IsOd1oQ=
+golang.org/x/net v0.12.0/go.mod h1:zEVYFnQC7m/vmpQFELhcD1EWkZlX69l4oqgmer6hfKA=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.5.0/go.mod h1:9/XBHVqLaWO3/BRHs5jbpYCnOZVjj5V0ndyaAM7KB4I=
-golang.org/x/oauth2 v0.9.0 h1:BPpt2kU7oMRq3kCHAA1tbSEshXRw1LpG2ztgDwrzuAs=
+golang.org/x/oauth2 v0.10.0 h1:zHCpF2Khkwy4mMB4bv0U37YtJdTGW8jI0glAApi0Kh8=
-golang.org/x/oauth2 v0.9.0/go.mod h1:qYgFZaFiu6Wg24azG8bdV52QJXJGbZzIIsRCdVKzbLw=
+golang.org/x/oauth2 v0.10.0/go.mod h1:kTpgurOux7LqtuxjuyZa4Gj2gdezIt/jQtGnNFfypQI=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.2.0 h1:PUR+T4wwASmuSTYdKjYHI5TD22Wy5ogLU5qZCOLxBrI=
+golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E=
 golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -690,6 +680,7 @@ golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20200523222454-059865788121/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20201126233918-771906719818/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201204225414-ed752295db88/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210228012217-479acdf4ea46/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -715,8 +706,9 @@ golang.org/x/sys v0.4.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.9.0 h1:KS/R3tvhPqvJvwcKfnBHJwwthS11LRhmM5D59eEXa0s=
 golang.org/x/sys v0.9.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.10.0 h1:SqMFp9UcQJZa+pmYuAKjd9xq1f0j5rLcDIk0mj4qAsA=
+golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
@@ -725,18 +717,19 @@ golang.org/x/term v0.4.0/go.mod h1:9P2UbLfCdcvo3p/nzKvsmas4TnlujnuoV9hGgYzW1lQ=
 golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
 golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
 golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
-golang.org/x/term v0.9.0 h1:GRRCnKYhdQrD8kfRAdQ6Zcw1P0OcELxGLKJvtjVMZ28=
+golang.org/x/term v0.10.0 h1:3R7pNqamzBraeqj/Tj8qt1aQ2HpmlC+Cx/qL/7hn4/c=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/text v0.6.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
 golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
-golang.org/x/text v0.10.0 h1:UpjohKhiEgNc0CSauXmwYftY1+LlaC75SJwh0SgCX58=
+golang.org/x/text v0.11.0 h1:LAntKIrcmeSKERyiOh0XMV39LXS8IE9UL2yP7+f5ij4=
-golang.org/x/text v0.10.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
+golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
 golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4=
 golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
@@ -748,8 +741,8 @@ golang.org/x/tools v0.0.0-20191216052735-49a3e744a425/go.mod h1:TB2adYChydJhpapK
 golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
 golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
 golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
-golang.org/x/tools v0.9.3 h1:Gn1I8+64MsuTb/HpH+LmQtNas23LhUVr3rYZ0eKuaMM=
+golang.org/x/tools v0.11.0 h1:EMCa6U9S2LtZXLAMoWiR/R8dAQFRqbAitmbJ2UKhoi8=
-golang.org/x/tools v0.9.3/go.mod h1:owI94Op576fPu3cIGQeHs3joujW/2Oc6MtlxbF5dfNc=
+golang.org/x/tools v0.11.0/go.mod h1:anzJrxPjNtfgiYQYirP2CPGzGLxrH2u2QBhn6Bf3qY8=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -761,8 +754,8 @@ google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp0
 google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
 google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
 google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
-google.golang.org/protobuf v1.29.1 h1:7QBf+IK2gx70Ap/hDsOmam3GE0v9HicjfEdAxE62UoM=
+google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8=
-google.golang.org/protobuf v1.29.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
+google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
 gopkg.in/alecthomas/kingpin.v2 v2.2.6 h1:jMFz6MfLP0/4fUyZle81rXUoxOBFi19VUFKVDOQfozc=
 gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
@@ -790,7 +783,6 @@ gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
 gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

v2/internal/installer/template.go

@@ -58,6 +58,8 @@ func (t *templateUpdateResults) String() string {
 // It downloads / updates / installs templates.
 type TemplateManager struct {
 	CustomTemplates        *customtemplates.CustomTemplatesManager // optional if given tries to download custom templates
+	DisablePublicTemplates bool                                    // if true,
+	// public templates are not downloaded from the GitHub nuclei-templates repository
 }
 
 // FreshInstallIfNotExists installs templates if they are not already installed
@@ -78,7 +80,7 @@ func (t *TemplateManager) FreshInstallIfNotExists() error {
 
 // UpdateIfOutdated updates templates if they are outdated
 func (t *TemplateManager) UpdateIfOutdated() error {
-	// if folder does not exist, its a fresh install and not update
+	// if the templates folder does not exist, it's a fresh installation and do not update
 	if !fileutil.FolderExists(config.DefaultConfig.TemplatesDirectory) {
 		return t.FreshInstallIfNotExists()
 	}
@@ -95,12 +97,16 @@ func (t *TemplateManager) installTemplatesAt(dir string) error {
 			return errorutil.NewWithErr(err).Msgf("failed to create directory at %s", dir)
 		}
 	}
+	if t.DisablePublicTemplates {
+		gologger.Info().Msgf("Skipping installation of public nuclei-templates")
+		return nil
+	}
 	ghrd, err := updateutils.NewghReleaseDownloader(config.OfficialNucleiTemplatesRepoName)
 	if err != nil {
 		return errorutil.NewWithErr(err).Msgf("failed to install templates at %s", dir)
 	}
 	// write templates to disk
-	if err := t.writeTemplatestoDisk(ghrd, dir); err != nil {
+	if err := t.writeTemplatesToDisk(ghrd, dir); err != nil {
 		return errorutil.NewWithErr(err).Msgf("failed to write templates to disk at %s", dir)
 	}
 	gologger.Info().Msgf("Successfully installed nuclei-templates at %s", dir)
@@ -109,10 +115,14 @@ func (t *TemplateManager) installTemplatesAt(dir string) error {
 
 // updateTemplatesAt updates templates at given directory
 func (t *TemplateManager) updateTemplatesAt(dir string) error {
-	// firstly read checksums from .checksum file these are used to generate stats
+	if t.DisablePublicTemplates {
+		gologger.Info().Msgf("Skipping update of public nuclei-templates")
+		return nil
+	}
+	// firstly, read checksums from .checksum file these are used to generate stats
 	oldchecksums, err := t.getChecksumFromDir(dir)
 	if err != nil {
-		// if something went wrong overwrite all files
+		// if something went wrong, overwrite all files
 		oldchecksums = make(map[string]string)
 	}
 
@@ -124,7 +134,7 @@ func (t *TemplateManager) updateTemplatesAt(dir string) error {
 	gologger.Info().Msgf("Your current nuclei-templates %s are outdated. Latest is %s\n", config.DefaultConfig.TemplateVersion, ghrd.Latest.GetTagName())
 
 	// write templates to disk
-	if err := t.writeTemplatestoDisk(ghrd, dir); err != nil {
+	if err := t.writeTemplatesToDisk(ghrd, dir); err != nil {
 		return err
 	}
 
@@ -173,10 +183,10 @@ func (t *TemplateManager) summarizeChanges(old, new map[string]string) *template
 	return results
 }
 
-// getAbsoluteFilePath returns absolute path where a file should be written based on given uri(i.e files in zip)
+// getAbsoluteFilePath returns an absolute path where a file should be written based on given uri(i.e., files in zip)
-// if returned path is empty, it means that file should not be written and skipped
+// if a returned path is empty, it means that file should not be written and skipped
-func (t *TemplateManager) getAbsoluteFilePath(templatedir, uri string, f fs.FileInfo) string {
+func (t *TemplateManager) getAbsoluteFilePath(templateDir, uri string, f fs.FileInfo) string {
-	// overwrite .nuclei-ignore everytime nuclei-templates are downloaded
+	// overwrite .nuclei-ignore every time nuclei-templates are downloaded
 	if f.Name() == config.NucleiIgnoreFileName {
 		return config.DefaultConfig.GetIgnoreFilePath()
 	}
@@ -194,9 +204,9 @@ func (t *TemplateManager) getAbsoluteFilePath(templatedir, uri string, f fs.File
 	if index == -1 {
 		// zip files does not have directory at all , in this case log error but continue
 		gologger.Warning().Msgf("failed to get directory name from uri: %s", uri)
-		return filepath.Join(templatedir, uri)
+		return filepath.Join(templateDir, uri)
 	}
-	// seperator is also included in rootDir
+	// separator is also included in rootDir
 	rootDirectory := uri[:index+1]
 	relPath := strings.TrimPrefix(uri, rootDirectory)
 
@@ -205,14 +215,14 @@ func (t *TemplateManager) getAbsoluteFilePath(templatedir, uri string, f fs.File
 		return ""
 	}
 
-	newPath := filepath.Clean(filepath.Join(templatedir, relPath))
+	newPath := filepath.Clean(filepath.Join(templateDir, relPath))
 
-	if !strings.HasPrefix(newPath, templatedir) {
+	if !strings.HasPrefix(newPath, templateDir) {
 		// we don't allow LFI
 		return ""
 	}
 
-	if newPath == templatedir || newPath == templatedir+string(os.PathSeparator) {
+	if newPath == templateDir || newPath == templateDir+string(os.PathSeparator) {
 		// skip writing the folder itself since it already exists
 		return ""
 	}
@@ -228,12 +238,12 @@ func (t *TemplateManager) getAbsoluteFilePath(templatedir, uri string, f fs.File
 }
 
 // writeChecksumFileInDir is actual method responsible for writing all templates to directory
-func (t *TemplateManager) writeTemplatestoDisk(ghrd *updateutils.GHReleaseDownloader, dir string) error {
+func (t *TemplateManager) writeTemplatesToDisk(ghrd *updateutils.GHReleaseDownloader, dir string) error {
-	LocaltemplatesIndex, err := config.GetNucleiTemplatesIndex()
+	localTemplatesIndex, err := config.GetNucleiTemplatesIndex()
 	if err != nil {
 		gologger.Warning().Msgf("failed to get local nuclei-templates index: %s", err)
-		if LocaltemplatesIndex == nil {
+		if localTemplatesIndex == nil {
-			LocaltemplatesIndex = map[string]string{} // no-op
+			localTemplatesIndex = map[string]string{} // no-op
 		}
 	}
 
@@ -253,10 +263,10 @@ func (t *TemplateManager) writeTemplatestoDisk(ghrd *updateutils.GHReleaseDownlo
 		// instead of creating it from scratch
 		id, _ := config.GetTemplateIDFromReader(bytes.NewReader(bin), uri)
 		if id != "" {
-			// based on template id, check if we are updating path of official nuclei template
+			// based on template id, check if we are updating a path of official nuclei template
-			if oldPath, ok := LocaltemplatesIndex[id]; ok {
+			if oldPath, ok := localTemplatesIndex[id]; ok {
 				if oldPath != writePath {
-					// write new template at new path and delete old template
+					// write new template at a new path and delete old template
 					if err := os.WriteFile(writePath, bin, f.Mode()); err != nil {
 						return errorutil.NewWithErr(err).Msgf("failed to write file %s", uri)
 					}
@@ -303,12 +313,12 @@ func (t *TemplateManager) writeTemplatestoDisk(ghrd *updateutils.GHReleaseDownlo
 		return errorutil.NewWithErr(err).Msgf("failed to write nuclei templates index")
 	}
 
-	// after installation create and write checksums to .checksum file
+	// after installation, create and write checksums to .checksum file
 	return t.writeChecksumFileInDir(dir)
 }
 
 // getChecksumFromDir returns a map containing checksums (md5 hash) of all yaml files (with .yaml extension)
-// if .checksum file does not exist checksums are calculated and returned
+// if .checksum file does not exist, checksums are calculated and returned
 func (t *TemplateManager) getChecksumFromDir(dir string) (map[string]string, error) {
 	checksumFilePath := config.DefaultConfig.GetChecksumFilePath()
 	if fileutil.FileExists(checksumFilePath) {

v2/internal/installer/template_test.go

@@ -53,7 +53,7 @@ func TestTemplateInstallation(t *testing.T) {
 
 	// we should have at least 1000 templates
 	require.Greater(t, counter, 1000)
-	// everytime we install templates, it should override the ignore file with latest one
+	// every time we install templates, it should override the ignore file with latest one
 	require.FileExists(t, config.DefaultConfig.GetIgnoreFilePath())
 	t.Logf("Installed %d templates", counter)
 }

v2/internal/installer/util.go

@@ -36,7 +36,7 @@ func GetNewTemplatesInVersions(versions ...string) []string {
 			continue
 		}
 
-		arr, err := getNewAdditionsFileFromGithub(v)
+		arr, err := getNewAdditionsFileFromGitHub(v)
 		if err != nil {
 			gologger.Error().Msgf("failed to fetch new additions for %v got: %v", v, err)
 			continue
@@ -46,7 +46,7 @@ func GetNewTemplatesInVersions(versions ...string) []string {
 	return allTemplates
 }
 
-func getNewAdditionsFileFromGithub(version string) ([]string, error) {
+func getNewAdditionsFileFromGitHub(version string) ([]string, error) {
 	resp, err := retryableHttpClient.Get(fmt.Sprintf("https://raw.githubusercontent.com/projectdiscovery/nuclei-templates/%s/.new-additions", version))
 	if err != nil {
 		return nil, err

v2/internal/runner/cloud.go

@@ -375,8 +375,8 @@ func (r *Runner) addCloudDataSource(source string) error {
 			return err
 		}
 	case "github":
-		for _, repo := range r.options.GithubTemplateRepo {
+		for _, repo := range r.options.GitHubTemplateRepo {
-			if _, err := r.processDataSourceItem(repo, r.options.GithubToken, "github"); err != nil {
+			if _, err := r.processDataSourceItem(repo, r.options.GitHubToken, "github"); err != nil {
 				return err
 			}
 		}

v2/internal/runner/inputs.go

@@ -1,18 +1,16 @@
 package runner
 
 import (
-	"fmt"
-	"net/http"
-	"strings"
 	"sync/atomic"
 	"time"
 
-	"github.com/corpix/uarand"
 	"github.com/pkg/errors"
 	"github.com/projectdiscovery/gologger"
 	"github.com/projectdiscovery/hmap/store/hybrid"
 	"github.com/projectdiscovery/httpx/common/httpx"
 	"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/contextargs"
+	"github.com/projectdiscovery/nuclei/v2/pkg/utils"
+	stringsutil "github.com/projectdiscovery/utils/strings"
 	"github.com/remeh/sizedwaitgroup"
 )
 
@@ -25,7 +23,6 @@ func (r *Runner) initializeTemplatesHTTPInput() (*hybrid.HybridMap, error) {
 	if err != nil {
 		return nil, errors.Wrap(err, "could not create temporary input file")
 	}
-
 	gologger.Info().Msgf("Running httpx on input host")
 
 	var bulkSize = probeBulkSize
@@ -45,7 +42,7 @@ func (r *Runner) initializeTemplatesHTTPInput() (*hybrid.HybridMap, error) {
 	swg := sizedwaitgroup.New(bulkSize)
 	count := int32(0)
 	r.hmapInputProvider.Scan(func(value *contextargs.MetaInput) bool {
-		if strings.HasPrefix(value.Input, "http://") || strings.HasPrefix(value.Input, "https://") {
+		if stringsutil.HasPrefixAny(value.Input, "http://", "https://") {
 			return true
 		}
 
@@ -53,7 +50,7 @@ func (r *Runner) initializeTemplatesHTTPInput() (*hybrid.HybridMap, error) {
 		go func(input *contextargs.MetaInput) {
 			defer swg.Done()
 
-			if result := probeURL(input.Input, httpxClient); result != "" {
+			if result := utils.ProbeURL(input.Input, httpxClient); result != "" {
 				atomic.AddInt32(&count, 1)
 				_ = hm.Set(input.Input, []byte(result))
 			}
@@ -65,27 +62,3 @@ func (r *Runner) initializeTemplatesHTTPInput() (*hybrid.HybridMap, error) {
 	gologger.Info().Msgf("Found %d URL from httpx", atomic.LoadInt32(&count))
 	return hm, nil
 }
-
-var (
-	httpSchemes = []string{"https", "http"}
-)
-
-// probeURL probes the scheme for a URL. first HTTPS is tried
-// and if any errors occur http is tried. If none succeeds, probing
-// is abandoned for such URLs.
-func probeURL(input string, httpxclient *httpx.HTTPX) string {
-	for _, scheme := range httpSchemes {
-		formedURL := fmt.Sprintf("%s://%s", scheme, input)
-		req, err := httpxclient.NewRequest(http.MethodHead, formedURL)
-		if err != nil {
-			continue
-		}
-		req.Header.Set("User-Agent", uarand.GetRandom())
-
-		if _, err = httpxclient.Do(req, httpx.UnsafeOptions{}); err != nil {
-			continue
-		}
-		return formedURL
-	}
-	return ""
-}

v2/internal/runner/options.go

@@ -31,7 +31,7 @@ import (
 
 func ConfigureOptions() error {
 	// with FileStringSliceOptions, FileNormalizedStringSliceOptions, FileCommaSeparatedStringSliceOptions
-	// if file has extension `.yaml,.json` we consider those as strings and not files to be read
+	// if file has the extension `.yaml` or `.json` we consider those as strings and not files to be read
 	isFromFileFunc := func(s string) bool {
 		return !config.IsTemplate(s)
 	}
@@ -78,7 +78,7 @@ func ParseOptions(options *types.Options) {
 	// Load the resolvers if user asked for them
 	loadResolvers(options)
 
-	if err := loadTemplateSignaturesKeys(options); err != nil {
+	if err := loadTemplateSignaturesKeys(options); err != nil && !getBoolEnvValue("HIDE_TEMPLATE_SIG_WARNING") {
 		gologger.Warning().Msgf("Could not initialize code template verifier: %s\n", err)
 	}
 
@@ -87,9 +87,9 @@ func ParseOptions(options *types.Options) {
 		gologger.Fatal().Msgf("Could not initialize protocols: %s\n", err)
 	}
 
-	// Set Github token in env variable. runner.getGHClientWithToken() reads token from env
+	// Set GitHub token in env variable. runner.getGHClientWithToken() reads token from env
-	if options.GithubToken != "" && os.Getenv("GITHUB_TOKEN") != options.GithubToken {
+	if options.GitHubToken != "" && os.Getenv("GITHUB_TOKEN") != options.GitHubToken {
-		os.Setenv("GITHUB_TOKEN", options.GithubToken)
+		os.Setenv("GITHUB_TOKEN", options.GitHubToken)
 	}
 
 	if options.UncoverQuery != nil {
@@ -121,6 +121,10 @@ func validateOptions(options *types.Options) error {
 		return errors.New("both verbose and silent mode specified")
 	}
 
+	if (options.HeadlessOptionalArguments != nil || options.ShowBrowser || options.UseInstalledChrome) && !options.Headless {
+		return errors.New("headless mode (-headless) is required if -ho, -sb, -sc or -lha are set")
+	}
+
 	if options.FollowHostRedirects && options.FollowRedirects {
 		return errors.New("both follow host redirects and follow redirects specified")
 	}
@@ -143,7 +147,7 @@ func validateOptions(options *types.Options) error {
 		validateCertificatePaths(options.ClientCertFile, options.ClientKeyFile, options.ClientCAFile)
 	}
 	// Verify AWS secrets are passed if a S3 template bucket is passed
-	if options.AwsBucketName != "" && options.UpdateTemplates {
+	if options.AwsBucketName != "" && options.UpdateTemplates && !options.AwsTemplateDisableDownload {
 		missing := validateMissingS3Options(options)
 		if missing != nil {
 			return fmt.Errorf("aws s3 bucket details are missing. Please provide %s", strings.Join(missing, ","))
@@ -151,7 +155,7 @@ func validateOptions(options *types.Options) error {
 	}
 
 	// Verify Azure connection configuration is passed if the Azure template bucket is passed
-	if options.AzureContainerName != "" && options.UpdateTemplates {
+	if options.AzureContainerName != "" && options.UpdateTemplates && !options.AzureTemplateDisableDownload {
 		missing := validateMissingAzureOptions(options)
 		if missing != nil {
 			return fmt.Errorf("azure connection details are missing. Please provide %s", strings.Join(missing, ","))
@@ -159,7 +163,7 @@ func validateOptions(options *types.Options) error {
 	}
 
 	// Verify that all GitLab options are provided if the GitLab server or token is provided
-	if len(options.GitLabTemplateRepositoryIDs) != 0 && options.UpdateTemplates {
+	if len(options.GitLabTemplateRepositoryIDs) != 0 && options.UpdateTemplates && !options.GitLabTemplateDisableDownload {
 		missing := validateMissingGitLabOptions(options)
 		if missing != nil {
 			return fmt.Errorf("gitlab server details are missing. Please provide %s", strings.Join(missing, ","))
@@ -206,7 +210,7 @@ func validateCloudOptions(options *types.Options) error {
 		case "s3":
 			missing = validateMissingS3Options(options)
 		case "github":
-			missing = validateMissingGithubOptions(options)
+			missing = validateMissingGitHubOptions(options)
 		case "gitlab":
 			missing = validateMissingGitLabOptions(options)
 		case "azure":
@@ -256,12 +260,12 @@ func validateMissingAzureOptions(options *types.Options) []string {
 	return missing
 }
 
-func validateMissingGithubOptions(options *types.Options) []string {
+func validateMissingGitHubOptions(options *types.Options) []string {
 	var missing []string
-	if options.GithubToken == "" {
+	if options.GitHubToken == "" {
 		missing = append(missing, "GITHUB_TOKEN")
 	}
-	if len(options.GithubTemplateRepo) == 0 {
+	if len(options.GitHubTemplateRepo) == 0 {
 		missing = append(missing, "GITHUB_TEMPLATE_REPO")
 	}
 	return missing
@@ -299,7 +303,7 @@ func configureOutput(options *types.Options) {
 	logutil.DisableDefaultLogger()
 }
 
-// loadResolvers loads resolvers from both user provided flag and file
+// loadResolvers loads resolvers from both user-provided flags and file
 func loadResolvers(options *types.Options) {
 	if options.ResolversFile == "" {
 		return
@@ -366,10 +370,10 @@ func readEnvInputVars(options *types.Options) {
 	}
 	options.CloudAPIKey = os.Getenv("NUCLEI_CLOUD_API")
 
-	options.GithubToken = os.Getenv("GITHUB_TOKEN")
+	options.GitHubToken = os.Getenv("GITHUB_TOKEN")
 	repolist := os.Getenv("GITHUB_TEMPLATE_REPO")
 	if repolist != "" {
-		options.GithubTemplateRepo = append(options.GithubTemplateRepo, stringsutil.SplitAny(repolist, ",")...)
+		options.GitHubTemplateRepo = append(options.GitHubTemplateRepo, stringsutil.SplitAny(repolist, ",")...)
 	}
 
 	// GitLab options for downloading templates from a repository
@@ -410,6 +414,24 @@ func readEnvInputVars(options *types.Options) {
 	// Custom public keys for template verification
 	options.CodeTemplateSignaturePublicKey = os.Getenv("NUCLEI_SIGNATURE_PUBLIC_KEY")
 	options.CodeTemplateSignatureAlgorithm = os.Getenv("NUCLEI_SIGNATURE_ALGORITHM")
+
+	// General options to disable the template download locations from being used.
+	// This will override the default behavior of downloading templates from the default locations as well as the
+	// custom locations.
+	// The primary use-case is when the user wants to use custom templates only and does not want to download any
+	// templates from the default locations or is unable to connect to the public internet.
+	options.PublicTemplateDisableDownload = getBoolEnvValue("DISABLE_NUCLEI_TEMPLATES_PUBLIC_DOWNLOAD")
+	options.GitHubTemplateDisableDownload = getBoolEnvValue("DISABLE_NUCLEI_TEMPLATES_GITHUB_DOWNLOAD")
+	options.GitLabTemplateDisableDownload = getBoolEnvValue("DISABLE_NUCLEI_TEMPLATES_GITLAB_DOWNLOAD")
+	options.AwsTemplateDisableDownload = getBoolEnvValue("DISABLE_NUCLEI_TEMPLATES_AWS_DOWNLOAD")
+	options.AzureTemplateDisableDownload = getBoolEnvValue("DISABLE_NUCLEI_TEMPLATES_AZURE_DOWNLOAD")
+
+	// Options to modify the behavior of exporters
+	options.MarkdownExportSortMode = strings.ToLower(os.Getenv("MARKDOWN_EXPORT_SORT_MODE"))
+	// If the user has not specified a valid sort mode, use the default
+	if options.MarkdownExportSortMode != "template" && options.MarkdownExportSortMode != "severity" && options.MarkdownExportSortMode != "host" {
+		options.MarkdownExportSortMode = ""
+	}
 }
 
 func loadTemplateSignaturesKeys(options *types.Options) error {
@@ -440,3 +462,8 @@ func loadTemplateSignaturesKeys(options *types.Options) error {
 
 	return signer.AddToDefault(verifier)
 }
+
+func getBoolEnvValue(key string) bool {
+	value := os.Getenv(key)
+	return strings.EqualFold(value, "true")
+}

v2/internal/runner/options_test.go

@@ -0,0 +1,61 @@
+package runner
+
+import (
+	"strings"
+	"testing"
+
+	"github.com/projectdiscovery/goflags"
+	"github.com/projectdiscovery/nuclei/v2/pkg/types"
+	"github.com/stretchr/testify/require"
+)
+
+func TestParseHeadlessOptionalArguments(t *testing.T) {
+	tests := []struct {
+		name  string
+		input string
+		want  map[string]string
+	}{
+		{
+			name:  "single value",
+			input: "a=b",
+			want:  map[string]string{"a": "b"},
+		},
+		{
+			name:  "empty string",
+			input: "",
+			want:  map[string]string{},
+		},
+		{
+			name:  "empty key",
+			input: "=b",
+			want:  map[string]string{},
+		},
+		{
+			name:  "empty value",
+			input: "a=",
+			want:  map[string]string{},
+		},
+		{
+			name:  "double input",
+			input: "a=b,c=d",
+			want:  map[string]string{"a": "b", "c": "d"},
+		},
+		{
+			name:  "duplicated input",
+			input: "a=b,a=b",
+			want:  map[string]string{"a": "b"},
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			strsl := goflags.StringSlice{}
+			for _, v := range strings.Split(tt.input, ",") {
+				//nolint
+				strsl.Set(v)
+			}
+			opt := types.Options{HeadlessOptionalArguments: strsl}
+			got := opt.ParseHeadlessOptionalArguments()
+			require.Equal(t, tt.want, got)
+		})
+	}
+}

v2/internal/runner/proxy.go

@@ -14,7 +14,7 @@ import (
 	proxyutils "github.com/projectdiscovery/utils/proxy"
 )
 
-// loadProxyServers load list of proxy servers from file or comma seperated
+// loadProxyServers load list of proxy servers from file or comma separated
 func loadProxyServers(options *types.Options) error {
 	if len(options.Proxy) == 0 {
 		return nil

v2/internal/runner/runner.go

@@ -112,7 +112,10 @@ func New(options *types.Options) (*Runner, error) {
 
 		// Check for template updates and update if available.
 		// If the custom templates manager is not nil, we will install custom templates if there is a fresh installation
-		tm := &installer.TemplateManager{CustomTemplates: ctm}
+		tm := &installer.TemplateManager{
+			CustomTemplates:        ctm,
+			DisablePublicTemplates: options.PublicTemplateDisableDownload,
+		}
 		if err := tm.FreshInstallIfNotExists(); err != nil {
 			gologger.Warning().Msgf("failed to install nuclei templates: %s\n", err)
 		}
@@ -340,10 +343,18 @@ func createReportingOptions(options *types.Options) (*reporting.Options, error)
 	}
 	if options.MarkdownExportDirectory != "" {
 		if reportingOptions != nil {
-			reportingOptions.MarkdownExporter = &markdown.Options{Directory: options.MarkdownExportDirectory}
+			reportingOptions.MarkdownExporter = &markdown.Options{
+				Directory:         options.MarkdownExportDirectory,
+				IncludeRawPayload: !options.OmitRawRequests,
+				SortMode:          options.MarkdownExportSortMode,
+			}
 		} else {
 			reportingOptions = &reporting.Options{}
-			reportingOptions.MarkdownExporter = &markdown.Options{Directory: options.MarkdownExportDirectory}
+			reportingOptions.MarkdownExporter = &markdown.Options{
+				Directory:         options.MarkdownExportDirectory,
+				IncludeRawPayload: !options.OmitRawRequests,
+				SortMode:          options.MarkdownExportSortMode,
+			}
 		}
 	}
 	if options.SarifExport != "" {
@@ -356,18 +367,30 @@ func createReportingOptions(options *types.Options) (*reporting.Options, error)
 	}
 	if options.JSONExport != "" {
 		if reportingOptions != nil {
-			reportingOptions.JSONExporter = &jsonexporter.Options{File: options.JSONExport}
+			reportingOptions.JSONExporter = &jsonexporter.Options{
+				File:              options.JSONExport,
+				IncludeRawPayload: !options.OmitRawRequests,
+			}
 		} else {
 			reportingOptions = &reporting.Options{}
-			reportingOptions.JSONExporter = &jsonexporter.Options{File: options.JSONExport}
+			reportingOptions.JSONExporter = &jsonexporter.Options{
+				File:              options.JSONExport,
+				IncludeRawPayload: !options.OmitRawRequests,
+			}
 		}
 	}
 	if options.JSONLExport != "" {
 		if reportingOptions != nil {
-			reportingOptions.JSONLExporter = &jsonl.Options{File: options.JSONLExport}
+			reportingOptions.JSONLExporter = &jsonl.Options{
+				File:              options.JSONLExport,
+				IncludeRawPayload: !options.OmitRawRequests,
+			}
 		} else {
 			reportingOptions = &reporting.Options{}
-			reportingOptions.JSONLExporter = &jsonl.Options{File: options.JSONLExport}
+			reportingOptions.JSONLExporter = &jsonl.Options{
+				File:              options.JSONLExport,
+				IncludeRawPayload: !options.OmitRawRequests,
+			}
 		}
 	}
 

v2/internal/runner/templates.go

@@ -57,7 +57,7 @@ func (r *Runner) listAvailableStoreTemplates(store *loader.Store) {
 					path = aurora.Cyan(tpl.Path).String()
 					tplBody, err = r.highlightTemplate(&tplBody)
 					if err != nil {
-						gologger.Error().Msgf("Could not hihglight the template %s: %s", tpl.Path, err)
+						gologger.Error().Msgf("Could not highlight the template %s: %s", tpl.Path, err)
 						continue
 					}
 
@@ -74,7 +74,7 @@ func (r *Runner) listAvailableStoreTemplates(store *loader.Store) {
 
 func (r *Runner) highlightTemplate(body *[]byte) ([]byte, error) {
 	var buf bytes.Buffer
-	// YAML lexer, true color terminar formatter and monokai style
+	// YAML lexer, true color terminal formatter and monokai style
 	err := quick.Highlight(&buf, string(*body), "yaml", "terminal16m", "monokai")
 	if err != nil {
 		return nil, err

v2/pkg/catalog/aws/catalog.go

@@ -129,7 +129,7 @@ func (c Catalog) ResolvePath(templateName, second string) (string, error) {
 
 	// if c second path is given, it's c folder and we join the two and check against keys
 	if second != "" {
-		// Note: Do not replace `path` with `filepath` since filepath is aware of Os path seperator
+		// Note: Do not replace `path` with `filepath` since filepath is aware of Os path separator
 		// and we only see `/` in s3 paths changing it to filepath cause build fail and other errors
 		target := path.Join(path.Dir(second), templateName)
 		for _, key := range keys {

v2/pkg/catalog/aws/catalog_test.go

@@ -141,7 +141,7 @@ func TestCatalog_OpenFile(t *testing.T) {
 			false,
 		},
 		{
-			"non-existent key",
+			"nonexistent key",
 			"something/that-doesnt-exist.yaml",
 			true,
 		},

v2/pkg/catalog/config/constants.go

@@ -14,22 +14,23 @@ const (
 	NucleiTemplatesIndexFileName    = ".templates-index" // contains index of official nuclei templates
 	NucleiTemplatesCheckSumFileName = ".checksum"
 	NewTemplateAdditionsFileName    = ".new-additions"
-	CLIConifgFileName               = "config.yaml"
+	CLIConfigFileName               = "config.yaml"
 	ReportingConfigFilename         = "reporting-config.yaml"
 	// Version is the current version of nuclei
 	Version = `v3.0.0`
 	// Directory Names of custom templates
 	CustomS3TemplatesDirName     = "s3"
-	CustomGithubTemplatesDirName = "github"
+	CustomGitHubTemplatesDirName = "github"
 	CustomAzureTemplatesDirName  = "azure"
 	CustomGitLabTemplatesDirName = "gitlab"
 )
 
-// IsOutdatedVersion compares two versions and returns true if the current version is outdated
+// IsOutdatedVersion compares two versions and returns true
+// if the current version is outdated
 func IsOutdatedVersion(current, latest string) bool {
 	if latest == "" {
-		// if pdtm api call failed it's assumed that current version is outdated
+		// if pdtm api call failed it's assumed that the current version is outdated
-		// and it will be confirmed while updating from github
+		// and it will be confirmed while updating from GitHub
 		// this fixes `version string empty` errors
 		return true
 	}

v2/pkg/catalog/config/nucleiconfig.go

@@ -23,16 +23,16 @@ type Config struct {
 	TemplatesDirectory string `json:"nuclei-templates-directory,omitempty"`
 
 	// customtemplates exists in templates directory with the name of custom-templates provider
-	// below custom paths are absolute paths to respecitive custom-templates directories
+	// below custom paths are absolute paths to respective custom-templates directories
 	CustomS3TemplatesDirectory     string `json:"custom-s3-templates-directory"`
-	CustomGithubTemplatesDirectory string `json:"custom-github-templates-directory"`
+	CustomGitHubTemplatesDirectory string `json:"custom-github-templates-directory"`
 	CustomGitLabTemplatesDirectory string `json:"custom-gitlab-templates-directory"`
 	CustomAzureTemplatesDirectory  string `json:"custom-azure-templates-directory"`
 
 	TemplateVersion  string `json:"nuclei-templates-version,omitempty"`
 	NucleiIgnoreHash string `json:"nuclei-ignore-hash,omitempty"`
 
-	// Latestxxx are not meant to be used directly and is used as
+	// LatestXXX are not meant to be used directly and is used as
 	// local cache of nuclei version check endpoint
 	// these fields are only update during nuclei version check
 	// TODO: move these fields to a separate unexported struct as they are not meant to be used directly
@@ -83,7 +83,7 @@ func (c *Config) NeedsTemplateUpdate() bool {
 	return !c.disableUpdates && (c.TemplateVersion == "" || IsOutdatedVersion(c.TemplateVersion, c.LatestNucleiTemplatesVersion) || !fileutil.FolderExists(c.TemplatesDirectory))
 }
 
-// NeedsIngoreFileUpdate returns true if Ignore file hash is different (aka ignore file is outdated)
+// NeedsIgnoreFileUpdate returns true if Ignore file hash is different (aka ignore file is outdated)
 func (c *Config) NeedsIgnoreFileUpdate() bool {
 	return c.NucleiIgnoreHash == "" || c.NucleiIgnoreHash != c.LatestNucleiIgnoreHash
 }
@@ -111,7 +111,7 @@ func (c *Config) GetConfigDir() string {
 
 // GetAllCustomTemplateDirs returns all custom template directories
 func (c *Config) GetAllCustomTemplateDirs() []string {
-	return []string{c.CustomS3TemplatesDirectory, c.CustomGithubTemplatesDirectory, c.CustomGitLabTemplatesDirectory, c.CustomAzureTemplatesDirectory}
+	return []string{c.CustomS3TemplatesDirectory, c.CustomGitHubTemplatesDirectory, c.CustomGitLabTemplatesDirectory, c.CustomAzureTemplatesDirectory}
 }
 
 // GetReportingConfigFilePath returns the nuclei reporting config file path
@@ -135,7 +135,7 @@ func (c *Config) GetChecksumFilePath() string {
 
 // GetCLIOptsConfigFilePath returns the nuclei cli config file path
 func (c *Config) GetFlagsConfigFilePath() string {
-	return filepath.Join(c.configDir, CLIConifgFileName)
+	return filepath.Join(c.configDir, CLIConfigFileName)
 }
 
 // GetNewAdditions returns new template additions in current template release
@@ -188,7 +188,7 @@ func (c *Config) SetTemplatesDir(dirPath string) {
 	}
 	c.TemplatesDirectory = dirPath
 	// Update the custom templates directory
-	c.CustomGithubTemplatesDirectory = filepath.Join(dirPath, CustomGithubTemplatesDirName)
+	c.CustomGitHubTemplatesDirectory = filepath.Join(dirPath, CustomGitHubTemplatesDirName)
 	c.CustomS3TemplatesDirectory = filepath.Join(dirPath, CustomS3TemplatesDirName)
 	c.CustomGitLabTemplatesDirectory = filepath.Join(dirPath, CustomGitLabTemplatesDirName)
 	c.CustomAzureTemplatesDirectory = filepath.Join(dirPath, CustomAzureTemplatesDirName)

v2/pkg/catalog/disk/find.go

@@ -48,7 +48,7 @@ func (c *DiskCatalog) GetTemplatesPath(definitions []string) ([]string, map[stri
 			}
 		}
 	}
-	// purge all falsepositivies
+	// purge all false positives
 	filteredTemplates := []string{}
 	for _, v := range allTemplates {
 		// TODO: this is a temporary fix to avoid treating these files as templates
@@ -129,7 +129,7 @@ func (c *DiskCatalog) convertPathToAbsolute(t string) (string, error) {
 
 // findGlobPathMatches returns the matched files from a glob path
 func (c *DiskCatalog) findGlobPathMatches(absPath string, processed map[string]struct{}) ([]string, error) {
-	// to support globbing on old paths we use bruteforce to find matches with exit on first match
+	// to support globbing on old paths we use brute force to find matches with exit on first match
 	// trim templateDir if any
 	relPath := strings.TrimPrefix(absPath, c.templatesDirectory)
 	// trim leading slash if any

v2/pkg/catalog/disk/path.go

@@ -89,7 +89,7 @@ func BackwardsCompatiblePaths(templateDir string, oldPath string) string {
 		// trim the template directory from the path
 		return newPathCallback(tmp)
 	case strings.Contains(oldPath, urlutil.SchemeSeparator):
-		// scheme seperator is used to identify the path as url
+		// scheme separator is used to identify the path as url
 		// TBD: add support for url directories ??
 		return oldPath
 	case strings.Contains(oldPath, "*"):

v2/pkg/catalog/loader/filter/tag_filter.go

@@ -6,6 +6,7 @@ import (
 	"io"
 	"net/http"
 	"strings"
+	"path/filepath"
 
 	"github.com/Knetic/govaluate"
 	"github.com/projectdiscovery/gologger"
@@ -170,9 +171,18 @@ func isIdMatch(tagFilter *TagFilter, templateId string) bool {
 	if len(tagFilter.excludeIds) == 0 && len(tagFilter.allowedIds) == 0 {
 		return true
 	}
-	included := true
+
-	if len(tagFilter.allowedIds) > 0 {
+	included := len(tagFilter.allowedIds) == 0
-		_, included = tagFilter.allowedIds[templateId]
+	for id := range tagFilter.allowedIds {
+		match, err := filepath.Match(id, templateId)
+		if err != nil {
+			continue
+		}
+
+		if match {
+			included = true
+			break
+		}
 	}
 
 	excluded := false
@@ -207,6 +217,7 @@ func tryCollectConditionsMatchinfo(template *templates.Template) map[string]inte
 		parameters["cwe_id"] = template.Info.Classification.CWEID.ToSlice()
 		parameters["cpe"] = template.Info.Classification.CPE
 		parameters["epss_score"] = template.Info.Classification.EPSSScore
+		parameters["epss_percentile"] = template.Info.Classification.EPSSPercentile
 	}
 
 	if template.Type() == types.HTTPProtocol {

v2/pkg/catalog/loader/loader.go

@@ -188,7 +188,7 @@ func (store *Store) ValidateTemplates() error {
 	if areTemplatesValid(store, filteredTemplatePaths) && areWorkflowsValid(store, filteredWorkflowPaths) {
 		return nil
 	}
-	return errors.New("errors occured during template validation")
+	return errors.New("errors occurred during template validation")
 }
 
 func areWorkflowsValid(store *Store, filteredWorkflowPaths map[string]struct{}) bool {

v2/pkg/core/execute_options.go

@@ -29,7 +29,7 @@ func (e *Engine) ExecuteWithResults(templatesList []*templates.Template, target
 	return e.ExecuteScanWithOpts(templatesList, target, false)
 }
 
-// ExecuteScanWithOpts executes scan with given scanStatergy
+// ExecuteScanWithOpts executes scan with given scanStrategy
 func (e *Engine) ExecuteScanWithOpts(templatesList []*templates.Template, target InputProvider, noCluster bool) *atomic.Bool {
 	results := &atomic.Bool{}
 	selfcontainedWg := &sync.WaitGroup{}

v2/pkg/core/inputs/hybrid/hmap.go

@@ -277,7 +277,7 @@ func (i *Input) setItem(metaInput *contextargs.MetaInput) {
 	}
 }
 
-// setHostMapStream sets iteam in stream mode
+// setHostMapStream sets item in stream mode
 func (i *Input) setHostMapStream(data string) {
 	if _, err := i.hostMapStream.Merge([][]byte{[]byte(data)}); err != nil {
 		gologger.Warning().Msgf("%s\n", err)

v2/pkg/core/inputs/inputs.go

@@ -1,6 +1,10 @@
 package inputs
 
-import "github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/contextargs"
+import (
+	"github.com/projectdiscovery/httpx/common/httpx"
+	"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/contextargs"
+	"github.com/projectdiscovery/nuclei/v2/pkg/utils"
+)
 
 type SimpleInputProvider struct {
 	Inputs []*contextargs.MetaInput
@@ -24,3 +28,12 @@ func (s *SimpleInputProvider) Scan(callback func(value *contextargs.MetaInput) b
 func (s *SimpleInputProvider) Set(value string) {
 	s.Inputs = append(s.Inputs, &contextargs.MetaInput{Input: value})
 }
+
+// SetWithProbe adds item to input provider with http probing
+func (s *SimpleInputProvider) SetWithProbe(value string, httpxClient *httpx.HTTPX) {
+	valueToAppend := value
+	if result := utils.ProbeURL(value, httpxClient); result != "" {
+		valueToAppend = result
+	}
+	s.Inputs = append(s.Inputs, &contextargs.MetaInput{Input: valueToAppend})
+}

v2/pkg/core/workflow_execute.go

@@ -25,14 +25,23 @@ func (e *Engine) executeWorkflow(input *contextargs.MetaInput, w *workflows.Work
 	ctxArgs.MetaInput = input
 	ctxArgs.CookieJar = workflowCookieJar
 
-	swg := sizedwaitgroup.New(w.Options.Options.TemplateThreads)
+	// we can know the nesting level only at runtime, so the best we can do here is increase template threads by one unit in case it's equal to 1 to allow
+	// at least one subtemplate to go through, which it's idempotent to one in-flight template as the parent one is in an idle state
+	templateThreads := w.Options.Options.TemplateThreads
+	if templateThreads == 1 {
+		templateThreads++
+	}
+	swg := sizedwaitgroup.New(templateThreads)
+
 	for _, template := range w.Workflows {
 		swg.Add()
+
 		func(template *workflows.WorkflowTemplate) {
+			defer swg.Done()
+
 			if err := e.runWorkflowStep(template, ctxArgs, results, &swg, w); err != nil {
 				gologger.Warning().Msgf(workflowStepExecutionError, template.Template, err)
 			}
-			swg.Done()
 		}(template)
 	}
 	swg.Wait()
@@ -126,10 +135,11 @@ func (e *Engine) runWorkflowStep(template *workflows.WorkflowTemplate, input *co
 						swg.Add()
 
 						go func(subtemplate *workflows.WorkflowTemplate) {
+							defer swg.Done()
+
 							if err := e.runWorkflowStep(subtemplate, input, results, swg, w); err != nil {
 								gologger.Warning().Msgf(workflowStepExecutionError, subtemplate.Template, err)
 							}
-							swg.Done()
 						}(subtemplate)
 					}
 				}

v2/pkg/external/customtemplates/azure_blob.go

@@ -25,7 +25,7 @@ type customTemplateAzureBlob struct {
 // NewAzureProviders creates a new Azure Blob Storage provider for downloading custom templates
 func NewAzureProviders(options *types.Options) ([]*customTemplateAzureBlob, error) {
 	providers := []*customTemplateAzureBlob{}
-	if options.AzureContainerName != "" {
+	if options.AzureContainerName != "" && !options.AzureTemplateDisableDownload {
 		// Establish a connection to Azure and build a client object with which to download templates from Azure Blob Storage
 		azClient, err := getAzureBlobClient(options.AzureTenantID, options.AzureClientID, options.AzureClientSecret, options.AzureServiceURL)
 		if err != nil {

v2/pkg/external/customtemplates/github.go

@@ -17,9 +17,9 @@ import (
 	"gopkg.in/src-d/go-git.v4/plumbing/transport/http"
 )
 
-var _ Provider = &customTemplateGithubRepo{}
+var _ Provider = &customTemplateGitHubRepo{}
 
-type customTemplateGithubRepo struct {
+type customTemplateGitHubRepo struct {
 	owner       string
 	reponame    string
 	gitCloneURL string
@@ -27,8 +27,8 @@ type customTemplateGithubRepo struct {
 }
 
 // This function download the custom github template repository
-func (customTemplate *customTemplateGithubRepo) Download(ctx context.Context) {
+func (customTemplate *customTemplateGitHubRepo) Download(ctx context.Context) {
-	clonePath := customTemplate.getLocalRepoClonePath(config.DefaultConfig.CustomGithubTemplatesDirectory)
+	clonePath := customTemplate.getLocalRepoClonePath(config.DefaultConfig.CustomGitHubTemplatesDirectory)
 
 	if !fileutil.FolderExists(clonePath) {
 		err := customTemplate.cloneRepo(clonePath, customTemplate.githubToken)
@@ -41,8 +41,8 @@ func (customTemplate *customTemplateGithubRepo) Download(ctx context.Context) {
 	}
 }
 
-func (customTemplate *customTemplateGithubRepo) Update(ctx context.Context) {
+func (customTemplate *customTemplateGitHubRepo) Update(ctx context.Context) {
-	downloadPath := config.DefaultConfig.CustomGithubTemplatesDirectory
+	downloadPath := config.DefaultConfig.CustomGitHubTemplatesDirectory
 	clonePath := customTemplate.getLocalRepoClonePath(downloadPath)
 
 	// If folder does not exits then clone/download the repo
@@ -58,27 +58,31 @@ func (customTemplate *customTemplateGithubRepo) Update(ctx context.Context) {
 	}
 }
 
-// NewGithubProviders returns new instance of github providers for downloading custom templates
+// NewGitHubProviders returns new instance of GitHub providers for downloading custom templates
-func NewGithubProviders(options *types.Options) ([]*customTemplateGithubRepo, error) {
+func NewGitHubProviders(options *types.Options) ([]*customTemplateGitHubRepo, error) {
-	providers := []*customTemplateGithubRepo{}
+	providers := []*customTemplateGitHubRepo{}
 	gitHubClient := getGHClientIncognito()
 
-	for _, repoName := range options.GithubTemplateRepo {
+	if options.GitHubTemplateDisableDownload {
+		return providers, nil
+	}
+
+	for _, repoName := range options.GitHubTemplateRepo {
 		owner, repo, err := getOwnerAndRepo(repoName)
 		if err != nil {
 			gologger.Error().Msgf("%s", err)
 			continue
 		}
-		githubRepo, err := getGithubRepo(gitHubClient, owner, repo, options.GithubToken)
+		githubRepo, err := getGitHubRepo(gitHubClient, owner, repo, options.GitHubToken)
 		if err != nil {
 			gologger.Error().Msgf("%s", err)
 			continue
 		}
-		customTemplateRepo := &customTemplateGithubRepo{
+		customTemplateRepo := &customTemplateGitHubRepo{
 			owner:       owner,
 			reponame:    repo,
 			gitCloneURL: githubRepo.GetCloneURL(),
-			githubToken: options.GithubToken,
+			githubToken: options.GitHubToken,
 		}
 		providers = append(providers, customTemplateRepo)
 	}
@@ -86,8 +90,8 @@ func NewGithubProviders(options *types.Options) ([]*customTemplateGithubRepo, er
 }
 
 // getOwnerAndRepo returns the owner, repo, err from the given string
-// eg. it takes input projectdiscovery/nuclei-templates and
+// e.g., it takes input projectdiscovery/nuclei-templates and
-// returns owner=> projectdiscovery , repo => nuclei-templates
+// returns owner => projectdiscovery, repo => nuclei-templates
 func getOwnerAndRepo(reponame string) (owner string, repo string, err error) {
 	s := strings.Split(reponame, "/")
 	if len(s) != 2 {
@@ -100,7 +104,7 @@ func getOwnerAndRepo(reponame string) (owner string, repo string, err error) {
 }
 
 // returns *github.Repository if passed github repo name
-func getGithubRepo(gitHubClient *github.Client, repoOwner, repoName, githubToken string) (*github.Repository, error) {
+func getGitHubRepo(gitHubClient *github.Client, repoOwner, repoName, githubToken string) (*github.Repository, error) {
 	var retried bool
 getRepo:
 	repo, _, err := gitHubClient.Repositories.Get(context.Background(), repoOwner, repoName)
@@ -118,8 +122,8 @@ getRepo:
 	return repo, nil
 }
 
-// download the git repo to given path
+// download the git repo to a given path
-func (ctr *customTemplateGithubRepo) cloneRepo(clonePath, githubToken string) error {
+func (ctr *customTemplateGitHubRepo) cloneRepo(clonePath, githubToken string) error {
 	r, err := git.PlainClone(clonePath, false, &git.CloneOptions{
 		URL:  ctr.gitCloneURL,
 		Auth: getAuth(ctr.owner, githubToken),
@@ -127,14 +131,14 @@ func (ctr *customTemplateGithubRepo) cloneRepo(clonePath, githubToken string) er
 	if err != nil {
 		return errors.Errorf("%s/%s: %s", ctr.owner, ctr.reponame, err.Error())
 	}
-	// Add the user as well in the config. By default user is not set
+	// Add the user as well in the config. By default, user is not set
 	config, _ := r.Storer.Config()
 	config.User.Name = ctr.owner
 	return r.SetConfig(config)
 }
 
 // performs the git pull on given repo
-func (ctr *customTemplateGithubRepo) pullChanges(repoPath, githubToken string) error {
+func (ctr *customTemplateGitHubRepo) pullChanges(repoPath, githubToken string) error {
 	r, err := git.PlainOpen(repoPath)
 	if err != nil {
 		return err
@@ -150,21 +154,9 @@ func (ctr *customTemplateGithubRepo) pullChanges(repoPath, githubToken string) e
 	return nil
 }
 
-// getLocalRepoClonePath returns the clone path.
+// All Custom github repos are cloned in the format of 'reponame-owner' for uniqueness
-// if same name repo directory exists from another owner then it appends the owner then and returns the path
+func (ctr *customTemplateGitHubRepo) getLocalRepoClonePath(downloadPath string) string {
-// eg. for nuclei-templates directory exists for projectdiscovery owner, then for ehsandeep/nuclei-templates it will return nuclei-templates-ehsandeep
-func (ctr *customTemplateGithubRepo) getLocalRepoClonePath(downloadPath string) string {
-	if fileutil.FolderExists(filepath.Join(downloadPath, ctr.reponame)) && !ctr.isRepoDirExists(filepath.Join(downloadPath, ctr.reponame)) {
 	return filepath.Join(downloadPath, ctr.reponame+"-"+ctr.owner)
-	}
-	return filepath.Join(downloadPath, ctr.reponame)
-}
-
-// isRepoDirExists take the path and checks if the same repo or not
-func (ctr *customTemplateGithubRepo) isRepoDirExists(repoPath string) bool {
-	r, _ := git.PlainOpen(repoPath)
-	local, _ := r.Config()
-	return local.User.Name == ctr.owner // repo already cloned no need to rename and clone
 }
 
 // returns the auth object with username and github token as password

v2/pkg/external/customtemplates/github_test.go

@@ -22,14 +22,14 @@ func TestDownloadCustomTemplatesFromGitHub(t *testing.T) {
 	config.DefaultConfig.SetTemplatesDir(templatesDirectory)
 
 	options := testutils.DefaultOptions
-	options.GithubTemplateRepo = []string{"projectdiscovery/nuclei-templates", "ehsandeep/nuclei-templates"}
+	options.GitHubTemplateRepo = []string{"projectdiscovery/nuclei-templates", "ehsandeep/nuclei-templates"}
-	options.GithubToken = os.Getenv("GITHUB_TOKEN")
+	options.GitHubToken = os.Getenv("GITHUB_TOKEN")
 
 	ctm, err := NewCustomTemplatesManager(options)
 	require.Nil(t, err, "could not create custom templates manager")
 
 	ctm.Download(context.Background())
 
-	require.DirExists(t, filepath.Join(templatesDirectory, "github", "nuclei-templates"), "cloned directory does not exists")
+	require.DirExists(t, filepath.Join(templatesDirectory, "github", "nuclei-templates-projectdiscovery"), "cloned directory does not exists")
 	require.DirExists(t, filepath.Join(templatesDirectory, "github", "nuclei-templates-ehsandeep"), "cloned directory does not exists")
 }

v2/pkg/external/customtemplates/gitlab.go

@@ -21,10 +21,10 @@ type customTemplateGitLabRepo struct {
 	projectIDs   []int
 }
 
-// NewGitlabProviders returns a new list of GitLab providers for downloading custom templates
+// NewGitLabProviders returns a new list of GitLab providers for downloading custom templates
-func NewGitlabProviders(options *types.Options) ([]*customTemplateGitLabRepo, error) {
+func NewGitLabProviders(options *types.Options) ([]*customTemplateGitLabRepo, error) {
 	providers := []*customTemplateGitLabRepo{}
-	if options.GitLabToken != "" {
+	if options.GitLabToken != "" && !options.GitLabTemplateDisableDownload {
 		// Establish a connection to GitLab and build a client object with which to download templates from GitLab
 		gitLabClient, err := getGitLabClient(options.GitLabServerURL, options.GitLabToken)
 		if err != nil {

v2/pkg/external/customtemplates/s3.go

@@ -61,7 +61,7 @@ func (bk *customTemplateS3Bucket) Update(ctx context.Context) {
 // NewS3Providers returns a new instances of a s3 providers for downloading custom templates
 func NewS3Providers(options *types.Options) ([]*customTemplateS3Bucket, error) {
 	providers := []*customTemplateS3Bucket{}
-	if options.AwsBucketName != "" {
+	if options.AwsBucketName != "" && !options.AwsTemplateDisableDownload {
 		s3c, err := getS3Client(context.TODO(), options.AwsAccessKey, options.AwsSecretKey, options.AwsRegion)
 		if err != nil {
 			return nil, errorutil.NewWithErr(err).Msgf("error downloading s3 bucket %s", options.AwsBucketName)

v2/pkg/external/customtemplates/templates_provider.go

@@ -41,7 +41,7 @@ func NewCustomTemplatesManager(options *types.Options) (*CustomTemplatesManager,
 	}
 
 	// Add GitHub providers
-	githubProviders, err := NewGithubProviders(options)
+	githubProviders, err := NewGitHubProviders(options)
 	if err != nil {
 		return nil, errorutil.NewWithErr(err).Msgf("could not create github providers for custom templates")
 	}
@@ -68,7 +68,7 @@ func NewCustomTemplatesManager(options *types.Options) (*CustomTemplatesManager,
 	}
 
 	// Add GitLab providers
-	gitlabProviders, err := NewGitlabProviders(options)
+	gitlabProviders, err := NewGitLabProviders(options)
 	if err != nil {
 		return nil, errorutil.NewWithErr(err).Msgf("could not create gitlab providers for custom templates")
 	}

v2/pkg/input/input.go

@@ -18,7 +18,7 @@ type Helper struct {
 	InputsHTTP *hybrid.HybridMap
 }
 
-// NewHelper returns a new inpt helper instance
+// NewHelper returns a new input helper instance
 func NewHelper() *Helper {
 	helper := &Helper{}
 	return helper

v2/pkg/model/model.go

@@ -47,7 +47,7 @@ type Info struct {
 	// examples:
 	//   - value: >
 	//       []string{"https://github.com/strapi/strapi", "https://github.com/getgrav/grav"}
-	Reference stringslice.RawStringSlice `json:"reference,omitempty" yaml:"reference,omitempty" jsonschema:"title=references for the template,description=Links relevant to the template"`
+	Reference *stringslice.RawStringSlice `json:"reference,omitempty" yaml:"reference,omitempty" jsonschema:"title=references for the template,description=Links relevant to the template"`
 	// description: |
 	//   Severity of the template.
 	SeverityHolder severity.Holder `json:"severity,omitempty" yaml:"severity,omitempty"`
@@ -101,6 +101,11 @@ type Classification struct {
 	//   - value: "\"0.42509\""
 	EPSSScore float64 `json:"epss-score,omitempty" yaml:"epss-score,omitempty" jsonschema:"title=epss score for the template,description=EPSS Score for the template,example=0.42509"`
 	// description: |
+	//   EPSS Percentile for the template.
+	// examples:
+	//   - value: "\"0.42509\""
+	EPSSPercentile float64 `json:"epss-percentile,omitempty" yaml:"epss-percentile,omitempty" jsonschema:"title=epss percentile for the template,description=EPSS Percentile for the template,example=0.42509"`
+	// description: |
 	//   CPE for the template.
 	// examples:
 	//   - value: "\"cpe:/a:vendor:product:version\""

v2/pkg/model/model_test.go

@@ -18,7 +18,7 @@ func TestInfoJsonMarshal(t *testing.T) {
 		Description:    "Test description",
 		SeverityHolder: severity.Holder{Severity: severity.High},
 		Tags:           stringslice.StringSlice{Value: []string{"cve", "misc"}},
-		Reference:      stringslice.NewRaw("Reference1"),
+		Reference:      stringslice.NewRawStringSlice("Reference1"),
 		Metadata: map[string]interface{}{
 			"string_key": "string_value",
 			"array_key":  []string{"array_value1", "array_value2"},
@@ -42,7 +42,7 @@ func TestInfoYamlMarshal(t *testing.T) {
 		Description:    "Test description",
 		SeverityHolder: severity.Holder{Severity: severity.High},
 		Tags:           stringslice.StringSlice{Value: []string{"cve", "misc"}},
-		Reference:      stringslice.NewRaw("Reference1"),
+		Reference:      stringslice.NewRawStringSlice("Reference1"),
 		Metadata: map[string]interface{}{
 			"string_key": "string_value",
 			"array_key":  []string{"array_value1", "array_value2"},

v2/pkg/model/types/stringslice/stringslice_raw.go

@@ -4,10 +4,10 @@ type RawStringSlice struct {
 	StringSlice
 }
 
-func NewRaw(value interface{}) RawStringSlice {
+func NewRawStringSlice(value interface{}) *RawStringSlice {
-	return RawStringSlice{StringSlice: StringSlice{Value: value}}
+	return &RawStringSlice{StringSlice: StringSlice{Value: value}}
 }
 
-func (rawStringSlice RawStringSlice) Normalize(value string) string {
+func (rawStringSlice *RawStringSlice) Normalize(value string) string {
 	return value
 }

v2/pkg/operators/matchers/match.go

@@ -1,13 +1,21 @@
 package matchers
 
 import (
+	"os"
 	"strings"
 
 	"github.com/Knetic/govaluate"
 
+	dslRepo "github.com/projectdiscovery/dsl"
 	"github.com/projectdiscovery/gologger"
 	"github.com/projectdiscovery/nuclei/v2/pkg/operators/common/dsl"
 	"github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/expressions"
+	stringsutil "github.com/projectdiscovery/utils/strings"
+)
+
+var (
+	// showDSLErr controls whether to show hidden DSL errors or not
+	showDSLErr = strings.EqualFold(os.Getenv("SHOW_DSL_ERRORS"), "true")
 )
 
 // MatchStatusCode matches a status code check against a corpus
@@ -185,10 +193,8 @@ func (matcher *Matcher) MatchDSL(data map[string]interface{}) bool {
 			if matcher.condition == ANDCondition {
 				return false
 			}
-			if strings.Contains(err.Error(), "No parameter") {
+			if !matcher.ignoreErr(err) {
 				gologger.Warning().Msgf("[%s] %s", data["template-id"], err.Error())
-			} else {
-				gologger.Error().Label("WRN").Msgf("[%s] %s", data["template-id"], err.Error())
 			}
 			continue
 		}
@@ -219,3 +225,15 @@ func (matcher *Matcher) MatchDSL(data map[string]interface{}) bool {
 	}
 	return false
 }
+
+// ignoreErr checks if the error is to be ignored or not
+// Reference: https://github.com/projectdiscovery/nuclei/issues/3950
+func (m *Matcher) ignoreErr(err error) bool {
+	if showDSLErr {
+		return false
+	}
+	if stringsutil.ContainsAny(err.Error(), "No parameter", dslRepo.ErrParsingArg.Error()) {
+		return true
+	}
+	return false
+}

v2/pkg/output/output.go

@@ -144,7 +144,7 @@ type ResultEvent struct {
 	// MatcherStatus is the status of the match
 	MatcherStatus bool `json:"matcher-status"`
 	// Lines is the line count for the specified match
-	Lines []int `json:"matched-line"`
+	Lines []int `json:"matched-line,omitempty"`
 
 	FileToIndexPosition map[string]int `json:"-"`
 }
@@ -187,9 +187,10 @@ func NewStandardWriter(options *types.Options) (*StandardWriter, error) {
 			gologger.Fatal().Msgf("Could not create output directory '%s': %s\n", options.StoreResponseDir, err)
 		}
 	}
+
 	writer := &StandardWriter{
 		json:             options.JSONL,
-		jsonReqResp:      options.JSONRequests,
+		jsonReqResp:      !options.OmitRawRequests,
 		noMetadata:       options.NoMeta,
 		matcherStatus:    options.MatcherStatus,
 		timestamp:        options.Timestamp,

v2/pkg/parsers/parser_test.go

@@ -70,7 +70,7 @@ func TestLoadTemplate(t *testing.T) {
 			expectedErr: errors.New("field 'severity' is missing"),
 		},
 		{
-			name: "template-without-serverity-with-correct-filter-id",
+			name: "template-without-severity-with-correct-filter-id",
 			template: &templates.Template{
 				ID: "CVE-2021-27330",
 				Info: model.Info{
@@ -84,7 +84,7 @@ func TestLoadTemplate(t *testing.T) {
 			filter:      filter.Config{IncludeIds: []string{"CVE-2021-27330"}},
 		},
 		{
-			name: "template-without-serverity-with-diff-filter-id",
+			name: "template-without-severity-with-diff-filter-id",
 			template: &templates.Template{
 				ID: "CVE-2021-27330",
 				Info: model.Info{