External/nuclei
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei.git synced 2025-12-17 17:56:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #6115 from projectdiscovery/dev

Browse Source 
v3.4.0
This commit is contained in:
Sandeep Singh 2025-03-27 01:19:37 +05:30 committed by GitHub
commit bdccbf68eb
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
19 changed files with 163 additions and 139 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
.github/workflows/dockerhub-push.yml vendored
View File

@ -1,47 +0,0 @@
name: 🐳 Docker Push
on:
workflow_run:
workflows: ["🎉 Release Binary"]
types:
- completed
workflow_dispatch:
jobs:
docker:
runs-on: ubuntu-latest-16-cores
steps:
- name: Git Checkout
uses: actions/checkout@v4
- name: Get GitHub tag
id: meta
run: |
curl --silent "https://api.github.com/repos/projectdiscovery/nuclei/releases/latest" | jq -r .tag_name | xargs -I {} echo TAG={} >> $GITHUB_OUTPUT
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v6
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
tags: projectdiscovery/nuclei:latest,projectdiscovery/nuclei:${{ steps.meta.outputs.TAG }}
- name: Update DockerHub Description
uses: peter-evans/dockerhub-description@v4
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_TOKEN }}
repository: projectdiscovery/nuclei

2
.github/workflows/generate-pgo.yaml vendored
View File

@ -19,7 +19,7 @@ jobs:
strategy:
matrix:
targets: [150]
runs-on: ubuntu-latest-16-cores
runs-on: ubuntu-latest
if: github.repository == 'projectdiscovery/nuclei'
permissions:
contents: write

2
.github/workflows/perf-regression.yaml vendored
View File

@ -6,7 +6,7 @@ on:
jobs:
perf-regression:
runs-on: ubuntu-latest-16-cores
runs-on: ubuntu-latest
if: github.repository == 'projectdiscovery/nuclei'
env:
BENCH_OUT: "/tmp/bench.out"

2
.github/workflows/perf-test.yaml vendored
View File

@ -10,7 +10,7 @@ jobs:
strategy:
matrix:
count: [50, 100, 150]
runs-on: ubuntu-latest-16-cores
runs-on: ubuntu-latest
if: github.repository == 'projectdiscovery/nuclei'
env:
LIST_FILE: "/tmp/targets-${{ matrix.count }}.txt"

6
.github/workflows/release.yaml vendored
View File

@ -14,6 +14,12 @@ jobs:
with:
fetch-depth: 0
- uses: projectdiscovery/actions/setup/go@v1
- uses: docker/setup-qemu-action@v3
- uses: docker/setup-buildx-action@v3
- uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_TOKEN }}
- uses: projectdiscovery/actions/goreleaser@v1
with:
release: true

22
.goreleaser.yml
View File

@ -1,3 +1,5 @@
version: 2
before:
hooks:
- go mod download
@ -44,6 +46,26 @@ archives:
checksum:
algorithm: sha256
dockers:
- image_templates:
- "{{ .ProjectName }}:{{ .Tag }}"
- "{{ .ProjectName }}:v{{ .Major }}.{{ .Minor }}"
- "{{ .ProjectName }}:v{{ .Major }}"
- "{{ .ProjectName }}:latest"
dockerfile: Dockerfile.goreleaser
use: buildx
build_flag_templates:
- "--pull"
- "--label=org.opencontainers.image.authors=ProjectDiscovery"
- "--label=org.opencontainers.image.created={{ .Date }}"
- "--label=org.opencontainers.image.description=\"Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.\""
- "--label=org.opencontainers.image.licenses=MIT"
- "--label=org.opencontainers.image.ref.name={{ .Tag }}"
- "--label=org.opencontainers.image.revision={{ .FullCommit }}"
- "--label=org.opencontainers.image.title={{ .ProjectName }}"
- "--label=org.opencontainers.image.url=https://github.com/projectdiscovery/{{ .ProjectName }}"
- "--label=org.opencontainers.image.version={{ .Version }}"
announce:
slack:
enabled: true

15
Dockerfile
View File

@ -1,15 +1,16 @@
# Build
FROM golang:1.22-alpine AS build-env
FROM golang:1.22-alpine AS builder
RUN apk add build-base
WORKDIR /app
COPY . /app
RUN go mod download
RUN go build ./cmd/nuclei
RUN make verify
RUN make build
# Release
FROM alpine:3.18.6
RUN apk upgrade --no-cache \
&& apk add --no-cache bind-tools chromium ca-certificates
COPY --from=build-env /app/nuclei /usr/local/bin/
FROM alpine:latest
RUN apk add --no-cache bind-tools chromium ca-certificates
COPY --from=builder /app/bin/nuclei /usr/local/bin/
ENTRYPOINT ["nuclei"]

6
Dockerfile.goreleaser Normal file
View File

@ -0,0 +1,6 @@
FROM alpine:latest
RUN apk add --no-cache bind-tools chromium ca-certificates
COPY nuclei /usr/local/bin/
ENTRYPOINT ["nuclei"]

2
README.md
View File

@ -395,7 +395,7 @@ nuclei -target https://example.com
Nuclei can handle bulk scanning by providing a list of targets. You can use a file containing multiple URLs.
```sh
nuclei -targets urls.txt
nuclei -list urls.txt
```
### Network scan

55
cmd/docgen/docgen.go
View File

@ -6,53 +6,58 @@ import (
"os"
"reflect"
"regexp"
"strings"
"github.com/invopop/jsonschema"
"github.com/projectdiscovery/nuclei/v3/pkg/templates"
"github.com/projectdiscovery/nuclei/v3/pkg/utils/json"
)
var pathRegex = regexp.MustCompile(`github\.com/projectdiscovery/nuclei/v3/(?:internal|pkg)/(?:.*/)?([A-Za-z.]+)`)
func main() {
// Generate yaml syntax documentation
data, err := templates.GetTemplateDoc().Encode()
func writeToFile(filename string, data []byte) {
file, err := os.Create(filename)
if err != nil {
log.Fatalf("Could not encode docs: %s\n", err)
log.Fatalf("Could not create file %s: %s\n", filename, err)
}
defer file.Close()
_, err = file.Write(data)
if err != nil {
log.Fatalf("Could not write to file %s: %s\n", filename, err)
}
}
func main() {
if len(os.Args) < 3 {
log.Fatalf("syntax: %s md-docs-file jsonschema-file\n", os.Args[0])
}
err = os.WriteFile(os.Args[1], data, 0644)
// Generate YAML documentation
data, err := templates.GetTemplateDoc().Encode()
if err != nil {
log.Fatalf("Could not write docs: %s\n", err)
log.Fatalf("Could not encode docs: %s\n", err)
}
writeToFile(os.Args[1], data)
// Generate JSON Schema
r := &jsonschema.Reflector{
Namer: func(t reflect.Type) string {
if t.Kind() == reflect.Slice {
return ""
}
return t.String()
},
}
// Generate jsonschema
r := &jsonschema.Reflector{}
r.Namer = func(r reflect.Type) string {
if r.Kind() == reflect.Slice {
return ""
}
return r.String()
}
jsonschemaData := r.Reflect(&templates.Template{})
var buf bytes.Buffer
encoder := json.NewEncoder(&buf)
encoder.SetIndent("", " ")
_ = encoder.Encode(jsonschemaData)
if err := encoder.Encode(jsonschemaData); err != nil {
log.Fatalf("Could not encode JSON schema: %s\n", err)
}
schema := buf.String()
for _, match := range pathRegex.FindAllStringSubmatch(schema, -1) {
schema = strings.ReplaceAll(schema, match[0], match[1])
}
err = os.WriteFile(os.Args[2], []byte(schema), 0644)
if err != nil {
log.Fatalf("Could not write jsonschema: %s\n", err)
}
schema := pathRegex.ReplaceAllString(buf.String(), "$1")
writeToFile(os.Args[2], []byte(schema))
}

26
go.mod
View File

@ -20,12 +20,12 @@ require (
github.com/olekukonko/tablewriter v0.0.5
github.com/pkg/errors v0.9.1
github.com/projectdiscovery/clistats v0.1.1
github.com/projectdiscovery/fastdialer v0.3.0
github.com/projectdiscovery/hmap v0.0.82
github.com/projectdiscovery/fastdialer v0.4.0
github.com/projectdiscovery/hmap v0.0.85
github.com/projectdiscovery/interactsh v1.2.4
github.com/projectdiscovery/rawhttp v0.1.89
github.com/projectdiscovery/retryabledns v1.0.94
github.com/projectdiscovery/retryablehttp-go v1.0.101
github.com/projectdiscovery/rawhttp v0.1.90
github.com/projectdiscovery/retryabledns v1.0.96
github.com/projectdiscovery/retryablehttp-go v1.0.102
github.com/projectdiscovery/yamldoc-go v1.0.6
github.com/remeh/sizedwaitgroup v1.0.0
github.com/rs/xid v1.5.0
@ -84,24 +84,24 @@ require (
github.com/microsoft/go-mssqldb v1.6.0
github.com/ory/dockertest/v3 v3.10.0
github.com/praetorian-inc/fingerprintx v1.1.9
github.com/projectdiscovery/dsl v0.3.18
github.com/projectdiscovery/dsl v0.3.21
github.com/projectdiscovery/fasttemplate v0.0.2
github.com/projectdiscovery/go-smb2 v0.0.0-20240129202741-052cc450c6cb
github.com/projectdiscovery/goflags v0.1.74
github.com/projectdiscovery/gologger v1.1.46
github.com/projectdiscovery/gologger v1.1.49
github.com/projectdiscovery/gostruct v0.0.2
github.com/projectdiscovery/gozero v0.0.3
github.com/projectdiscovery/httpx v1.6.10
github.com/projectdiscovery/mapcidr v1.1.34
github.com/projectdiscovery/n3iwf v0.0.0-20230523120440-b8cd232ff1f5
github.com/projectdiscovery/ratelimit v0.0.75
github.com/projectdiscovery/ratelimit v0.0.77
github.com/projectdiscovery/rdap v0.9.1-0.20221108103045-9865884d1917
github.com/projectdiscovery/sarif v0.0.1
github.com/projectdiscovery/tlsx v1.1.9
github.com/projectdiscovery/uncover v1.0.10
github.com/projectdiscovery/useragent v0.0.94
github.com/projectdiscovery/utils v0.4.12
github.com/projectdiscovery/wappalyzergo v0.2.18
github.com/projectdiscovery/useragent v0.0.97
github.com/projectdiscovery/utils v0.4.15
github.com/projectdiscovery/wappalyzergo v0.2.21
github.com/redis/go-redis/v9 v9.1.0
github.com/seh-msft/burpxml v1.0.1
github.com/shurcooL/graphql v0.0.0-20230722043721-ed46e5a46466
@ -219,7 +219,7 @@ require (
github.com/pjbgf/sha1cd v0.3.0 // indirect
github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
github.com/projectdiscovery/asnmap v1.1.1 // indirect
github.com/projectdiscovery/cdncheck v1.1.8 // indirect
github.com/projectdiscovery/cdncheck v1.1.11 // indirect
github.com/projectdiscovery/freeport v0.0.7 // indirect
github.com/projectdiscovery/ldapserver v1.0.2-0.20240219154113-dcc758ebc0cb // indirect
github.com/projectdiscovery/machineid v0.0.0-20240226150047-2e2c51e35983 // indirect
@ -309,7 +309,7 @@ require (
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/power-devops/perfstat v0.0.0-20210106213030-5aafc221ea8c // indirect
github.com/projectdiscovery/blackrock v0.0.1 // indirect
github.com/projectdiscovery/networkpolicy v0.1.7
github.com/projectdiscovery/networkpolicy v0.1.9
github.com/rivo/uniseg v0.4.7 // indirect
github.com/saintfish/chardet v0.0.0-20230101081208-5e3ef4b5456d // indirect
github.com/tklauser/go-sysconf v0.3.12 // indirect

52
go.sum
View File

@ -868,14 +868,14 @@ github.com/projectdiscovery/asnmap v1.1.1 h1:ImJiKIaACOT7HPx4Pabb5dksolzaFYsD1kI
github.com/projectdiscovery/asnmap v1.1.1/go.mod h1:QT7jt9nQanj+Ucjr9BqGr1Q2veCCKSAVyUzLXfEcQ60=
github.com/projectdiscovery/blackrock v0.0.1 h1:lHQqhaaEFjgf5WkuItbpeCZv2DUIE45k0VbGJyft6LQ=
github.com/projectdiscovery/blackrock v0.0.1/go.mod h1:ANUtjDfaVrqB453bzToU+YB4cUbvBRpLvEwoWIwlTss=
github.com/projectdiscovery/cdncheck v1.1.8 h1:kOdgKm2QTm0s76jSEHEAQISc5Gb20goJbVLpHqqza+8=
github.com/projectdiscovery/cdncheck v1.1.8/go.mod h1:dFEGsG0qAJY0AaRr2N1BY0OtZiTxS4kYeT5+OkF8t1U=
github.com/projectdiscovery/cdncheck v1.1.11 h1:r7hkw0BAfD/YsnKq1fVgZJDfMHhqVmDQroerjlST6oQ=
github.com/projectdiscovery/cdncheck v1.1.11/go.mod h1:dFEGsG0qAJY0AaRr2N1BY0OtZiTxS4kYeT5+OkF8t1U=
github.com/projectdiscovery/clistats v0.1.1 h1:8mwbdbwTU4aT88TJvwIzTpiNeow3XnAB72JIg66c8wE=
github.com/projectdiscovery/clistats v0.1.1/go.mod h1:4LtTC9Oy//RiuT1+76MfTg8Hqs7FQp1JIGBM3nHK6a0=
github.com/projectdiscovery/dsl v0.3.18 h1:UsFiVdqjIm3S1KNQhGUWwgQgCp5N9O39kZmjfazXVQY=
github.com/projectdiscovery/dsl v0.3.18/go.mod h1:RYA1/QE/L+hFO3haGFc9RU2DQtLoJDszBXYWbD/8T9U=
github.com/projectdiscovery/fastdialer v0.3.0 h1:/wMptjdsrAU/wiaA/U3lSgYGaYCGJH6xm0mLei6oMxk=
github.com/projectdiscovery/fastdialer v0.3.0/go.mod h1:Q0YLArvpx9GAfY/NcTPMCA9qZuVOGnuVoNYWzKBwxdQ=
github.com/projectdiscovery/dsl v0.3.21 h1:z7sI4GSI3kz8CPXeRrnydqZmpR9oKvp6ejEyUk6r7D4=
github.com/projectdiscovery/dsl v0.3.21/go.mod h1:6+X/o2r3P9x3AK8Ki5cRiOjoPDBXawXwg/QcI9E1i8w=
github.com/projectdiscovery/fastdialer v0.4.0 h1:licZKyq+Shd5lLDb8uPd60Jp43K4NFE8cr67XD2eg7w=
github.com/projectdiscovery/fastdialer v0.4.0/go.mod h1:Q0YLArvpx9GAfY/NcTPMCA9qZuVOGnuVoNYWzKBwxdQ=
github.com/projectdiscovery/fasttemplate v0.0.2 h1:h2cISk5xDhlJEinlBQS6RRx0vOlOirB2y3Yu4PJzpiA=
github.com/projectdiscovery/fasttemplate v0.0.2/go.mod h1:XYWWVMxnItd+r0GbjA1GCsUopMw1/XusuQxdyAIHMCw=
github.com/projectdiscovery/freeport v0.0.7 h1:Q6uXo/j8SaV/GlAHkEYQi8WQoPXyJWxyspx+aFmz9Qk=
@ -884,14 +884,14 @@ github.com/projectdiscovery/go-smb2 v0.0.0-20240129202741-052cc450c6cb h1:rutG90
github.com/projectdiscovery/go-smb2 v0.0.0-20240129202741-052cc450c6cb/go.mod h1:FLjF1DmZ+POoGEiIQdWuYVwS++C/GwpX8YaCsTSm1RY=
github.com/projectdiscovery/goflags v0.1.74 h1:n85uTRj5qMosm0PFBfsvOL24I7TdWRcWq/1GynhXS7c=
github.com/projectdiscovery/goflags v0.1.74/go.mod h1:UMc9/7dFz2oln+10tv6cy+7WZKTHf9UGhaNkF95emh4=
github.com/projectdiscovery/gologger v1.1.46 h1:dBbtVJM3Y0rBBukvk2vLmConuMEI3KDj8k9DhECj/bU=
github.com/projectdiscovery/gologger v1.1.46/go.mod h1:9ZPkQd79jpuy3M4ZENmXx78hobqvumkIgZ03tn4hD/M=
github.com/projectdiscovery/gologger v1.1.49 h1:1IHvVhRN6evQpxp35e55Vmcq/QjocN3bYEyxY5n5OQA=
github.com/projectdiscovery/gologger v1.1.49/go.mod h1:askNkcvSKXaRibPvIPuFDJl8qa3yK/EtBgFnCt3Dni0=
github.com/projectdiscovery/gostruct v0.0.2 h1:s8gP8ApugGM4go1pA+sVlPDXaWqNP5BBDDSv7VEdG1M=
github.com/projectdiscovery/gostruct v0.0.2/go.mod h1:H86peL4HKwMXcQQtEa6lmC8FuD9XFt6gkNR0B/Mu5PE=
github.com/projectdiscovery/gozero v0.0.3 h1:tsYkrSvWw4WdIUJyisd4MB1vRiw1X57TuVVk3p8Z3G8=
github.com/projectdiscovery/gozero v0.0.3/go.mod h1:MpJ37Dsh94gy2EKqaemdeh+CzduGVB2SDfhr6Upsjew=
github.com/projectdiscovery/hmap v0.0.82 h1:gPFkeD5sbY3uVIxgtgDkzHmXCo/H7cbhRhdLX//+G1A=
github.com/projectdiscovery/hmap v0.0.82/go.mod h1:8vSfVgZwCRbHitnZPgpsOw8115/mJX/b4B8QKR88Iak=
github.com/projectdiscovery/hmap v0.0.85 h1:WXP/gOSzFm8mfMAJpRN1oQ3lYbBHVGvak+nSY5IgRh4=
github.com/projectdiscovery/hmap v0.0.85/go.mod h1:TdBM3U8x25uBBnsD9OJtAKKoRVPJXubU9L9/1HdTg/c=
github.com/projectdiscovery/httpx v1.6.10 h1:R08LiWDQKJNmVHcR5TdIGQil1O3ShiFonK6Wf+gzg0k=
github.com/projectdiscovery/httpx v1.6.10/go.mod h1:drsRPt18IQB/Gfj4D0D9woS3hkY+m6k4HgL09JXX4vg=
github.com/projectdiscovery/interactsh v1.2.4 h1:WUSj+fxbcV53J64oIAhbYzCKD1w/IyenyRBhkI5jiqI=
@ -904,18 +904,18 @@ github.com/projectdiscovery/mapcidr v1.1.34 h1:udr83vQ7oz3kEOwlsU6NC6o08leJzSDQt
github.com/projectdiscovery/mapcidr v1.1.34/go.mod h1:1+1R6OkKSAKtWDXE9RvxXtXPoajXTYX0eiEdkqlhQqQ=
github.com/projectdiscovery/n3iwf v0.0.0-20230523120440-b8cd232ff1f5 h1:L/e8z8yw1pfT6bg35NiN7yd1XKtJap5Nk6lMwQ0RNi8=
github.com/projectdiscovery/n3iwf v0.0.0-20230523120440-b8cd232ff1f5/go.mod h1:pGW2ncnTxTxHtP9wzcIJAB+3/NMp6IiuQWd2NK7K+oc=
github.com/projectdiscovery/networkpolicy v0.1.7 h1:SIFsv5f8JYDwCUH/AUTeB3dpXthx0AUz2rej64rNWwY=
github.com/projectdiscovery/networkpolicy v0.1.7/go.mod h1:grubaCHOEgT6a2r/p8DlfOwovEL4N8Fd3yye7/ACwug=
github.com/projectdiscovery/ratelimit v0.0.75 h1:CcfER34mqU5NjAMI5JN+Sl7slN++m3SKeb6+Ed0KI/c=
github.com/projectdiscovery/ratelimit v0.0.75/go.mod h1:Gm/NA+pYJMTPMLSurQX95mXb+RDBfLAEONVqzcCW1GU=
github.com/projectdiscovery/rawhttp v0.1.89 h1:aIkCd0BYlQ11UoPaMP6U5Ujvycch21CD58U1AGxxz6E=
github.com/projectdiscovery/rawhttp v0.1.89/go.mod h1:q90gCzooR1Xtv8671ipav3tjmXrJx/0aG3HtLNCP6xI=
github.com/projectdiscovery/networkpolicy v0.1.9 h1:MMFN3zAutxcFmmxuXUcVl1BZJOacUas8NMigdq6Da7U=
github.com/projectdiscovery/networkpolicy v0.1.9/go.mod h1:tWz6ZlkwpdJ5MML/yE/WE4Q+43nAsPEf9/ffCuWtZo4=
github.com/projectdiscovery/ratelimit v0.0.77 h1:hdZuXQRENzN7gsZgHPZdMOSpMXMzH7WYDLgvW/S5Nbk=
github.com/projectdiscovery/ratelimit v0.0.77/go.mod h1:0JGCJGpwtmrroTurx/4XIpBFKdeIObWc7ZRVwpYeQcI=
github.com/projectdiscovery/rawhttp v0.1.90 h1:LOSZ6PUH08tnKmWsIwvwv1Z/4zkiYKYOSZ6n+8RFKtw=
github.com/projectdiscovery/rawhttp v0.1.90/go.mod h1:VZYAM25UI/wVB3URZ95ZaftgOnsbphxyAw/XnQRRz4Y=
github.com/projectdiscovery/rdap v0.9.1-0.20221108103045-9865884d1917 h1:m03X4gBVSorSzvmm0bFa7gDV4QNSOWPL/fgZ4kTXBxk=
github.com/projectdiscovery/rdap v0.9.1-0.20221108103045-9865884d1917/go.mod h1:JxXtZC9e195awe7EynrcnBJmFoad/BNDzW9mzFkK8Sg=
github.com/projectdiscovery/retryabledns v1.0.94 h1:MvxtRcmvxhxikxT7p/E40hcYRWRiL5fg/JQ8bpBaz+0=
github.com/projectdiscovery/retryabledns v1.0.94/go.mod h1:croGTyMM4yNlrSWA/X7xNe3c0c7mDmCdbm8goLd8Bak=
github.com/projectdiscovery/retryablehttp-go v1.0.101 h1:xmoXGVQ7DD/5YvDvtaOExbbF6aXlr5ARjssXgMdtkmY=
github.com/projectdiscovery/retryablehttp-go v1.0.101/go.mod h1:d+xU7CAHiOL/v+QQIHT4AXbEjTO7o0B5naQQOC0JDhw=
github.com/projectdiscovery/retryabledns v1.0.96 h1:NeXFOIgLZXstl+v3JNEfU0z0WLvQJTvz4YUFupFruDQ=
github.com/projectdiscovery/retryabledns v1.0.96/go.mod h1:UCM+4AWmncf1xO/Ku8oYntWLiuaQTwD7TFCfaDKp4ig=
github.com/projectdiscovery/retryablehttp-go v1.0.102 h1:OgVbzGzFq1a82D/kVoooPSgRHU17RDO/fVWUTfMyDvE=
github.com/projectdiscovery/retryablehttp-go v1.0.102/go.mod h1:hDyw8H3GOeA0XjpdTdS4JF7qflojp6PAZ9t6vCFFbCU=
github.com/projectdiscovery/sarif v0.0.1 h1:C2Tyj0SGOKbCLgHrx83vaE6YkzXEVrMXYRGLkKCr/us=
github.com/projectdiscovery/sarif v0.0.1/go.mod h1:cEYlDu8amcPf6b9dSakcz2nNnJsoz4aR6peERwV+wuQ=
github.com/projectdiscovery/stringsutil v0.0.2 h1:uzmw3IVLJSMW1kEg8eCStG/cGbYYZAja8BH3LqqJXMA=
@ -924,12 +924,12 @@ github.com/projectdiscovery/tlsx v1.1.9 h1:DhErhHCO2+toF5DEX7qe3pkwrIrYlex3F/mzH
github.com/projectdiscovery/tlsx v1.1.9/go.mod h1:Jy+r38WyYjapQWaffiKGdYm4Ksdrt8BWtsqA2rUospU=
github.com/projectdiscovery/uncover v1.0.10 h1:FdnBYgynGUtjIsW5WPIIhadR1Smcghik9cZSMEtILN4=
github.com/projectdiscovery/uncover v1.0.10/go.mod h1:l7QQ+mBc7bLK4tqYqPyo9nrYdz1K8vaGZWKYihkHmAs=
github.com/projectdiscovery/useragent v0.0.94 h1:6/JtkkGZveyJ0+IjvA01Py+X2KZGOemQn6yQY1by3AU=
github.com/projectdiscovery/useragent v0.0.94/go.mod h1:QL4NRHuw0c46XCzstUaHY2pktkcgUsoyMtpyi3a/79A=
github.com/projectdiscovery/utils v0.4.12 h1:3HE+4Go4iTwipeN2B+tC7xl7KS4BgXgp0BZaQXE2bjM=
github.com/projectdiscovery/utils v0.4.12/go.mod h1:EDUNBDGTO+Tfl6YQj3ADg97iYp2h8IbCmpP24LMW3+E=
github.com/projectdiscovery/wappalyzergo v0.2.18 h1:oYI7iOu3m9j58jSbnefop8s1VhkNbH7Z35P3qwQxDtA=
github.com/projectdiscovery/wappalyzergo v0.2.18/go.mod h1:F8X79ljvmvrG+EIxdxWS9VbdkVTsQupHYz+kXlp8O0o=
github.com/projectdiscovery/useragent v0.0.97 h1:FoDmkWkLfPZ6Drg1BQEwj5oWUZHQXUO6IerZNzHGAlM=
github.com/projectdiscovery/useragent v0.0.97/go.mod h1:M7Vc7hbuCuaAS9y0R6XQN+buaA6g2Z9oZMgVSDisn+M=
github.com/projectdiscovery/utils v0.4.15 h1:6Bh+Bvqc7352rUzQtRtQqNGaVIXv6ZJ4yvE++Jrk58E=
github.com/projectdiscovery/utils v0.4.15/go.mod h1:y5gnpQn802iEWqf0djTRNskJlS62P5eqe1VS1+ah0tk=
github.com/projectdiscovery/wappalyzergo v0.2.21 h1:7dcoAM5dM6QSddv5VEnT1ySw3CBlhJpuJVYuwJa0drg=
github.com/projectdiscovery/wappalyzergo v0.2.21/go.mod h1:F8X79ljvmvrG+EIxdxWS9VbdkVTsQupHYz+kXlp8O0o=
github.com/projectdiscovery/yamldoc-go v1.0.6 h1:GCEdIRlQjDux28xTXKszM7n3jlMf152d5nqVpVoetas=
github.com/projectdiscovery/yamldoc-go v1.0.6/go.mod h1:R5lWrNzP+7Oyn77NDVPnBsxx2/FyQZBBkIAaSaCQFxw=
github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=

27
internal/runner/options.go
View File

@ -235,15 +235,25 @@ func validateMissingS3Options(options *types.Options) []string {
if options.AwsBucketName == "" {
missing = append(missing, "AWS_TEMPLATE_BUCKET")
}
if options.AwsAccessKey == "" {
missing = append(missing, "AWS_ACCESS_KEY")
}
if options.AwsSecretKey == "" {
missing = append(missing, "AWS_SECRET_KEY")
}
if options.AwsRegion == "" {
missing = append(missing, "AWS_REGION")
if options.AwsProfile == "" {
var missingCreds []string
if options.AwsAccessKey == "" {
missingCreds = append(missingCreds, "AWS_ACCESS_KEY")
}
if options.AwsSecretKey == "" {
missingCreds = append(missingCreds, "AWS_SECRET_KEY")
}
if options.AwsRegion == "" {
missingCreds = append(missingCreds, "AWS_REGION")
}
missing = append(missing, missingCreds...)
if len(missingCreds) > 0 {
missing = append(missing, "AWS_PROFILE")
}
}
return missing
}
@ -449,6 +459,7 @@ func readEnvInputVars(options *types.Options) {
options.AwsSecretKey = os.Getenv("AWS_SECRET_KEY")
options.AwsBucketName = os.Getenv("AWS_TEMPLATE_BUCKET")
options.AwsRegion = os.Getenv("AWS_REGION")
options.AwsProfile = os.Getenv("AWS_PROFILE")
// Azure options for downloading templates from an Azure Blob Storage container
options.AzureContainerName = os.Getenv("AZURE_CONTAINER_NAME")

2
pkg/catalog/config/constants.go
View File

@ -31,7 +31,7 @@ const (
CLIConfigFileName = "config.yaml"
ReportingConfigFilename = "reporting-config.yaml"
// Version is the current version of nuclei
Version = `v3.3.10`
Version = `v3.4.0`
// Directory Names of custom templates
CustomS3TemplatesDirName = "s3"
CustomGitHubTemplatesDirName = "github"

24
pkg/external/customtemplates/s3.go vendored
View File

@ -62,7 +62,7 @@ func (bk *customTemplateS3Bucket) Update(ctx context.Context) {
func NewS3Providers(options *types.Options) ([]*customTemplateS3Bucket, error) {
providers := []*customTemplateS3Bucket{}
if options.AwsBucketName != "" && !options.AwsTemplateDisableDownload {
s3c, err := getS3Client(context.TODO(), options.AwsAccessKey, options.AwsSecretKey, options.AwsRegion)
s3c, err := getS3Client(context.TODO(), options.AwsAccessKey, options.AwsSecretKey, options.AwsRegion, options.AwsProfile)
if err != nil {
return nil, errorutil.NewWithErr(err).Msgf("error downloading s3 bucket %s", options.AwsBucketName)
}
@ -104,10 +104,24 @@ func downloadToFile(downloader *manager.Downloader, targetDirectory, bucket, key
return err
}
func getS3Client(ctx context.Context, accessKey string, secretKey string, region string) (*s3.Client, error) {
cfg, err := config.LoadDefaultConfig(ctx, config.WithCredentialsProvider(credentials.NewStaticCredentialsProvider(accessKey, secretKey, "")), config.WithRegion(region))
if err != nil {
return nil, err
func getS3Client(ctx context.Context, accessKey string, secretKey string, region string, profile string) (*s3.Client, error) {
var cfg aws.Config
var err error
if profile != "" {
cfg, err = config.LoadDefaultConfig(ctx, config.WithSharedConfigProfile(profile))
if err != nil {
return nil, err
}
} else if accessKey != "" && secretKey != "" {
cfg, err = config.LoadDefaultConfig(ctx, config.WithCredentialsProvider(credentials.NewStaticCredentialsProvider(accessKey, secretKey, "")), config.WithRegion(region))
if err != nil {
return nil, err
}
} else {
cfg, err = config.LoadDefaultConfig(ctx)
if err != nil {
return nil, err
}
}
return s3.NewFromConfig(cfg), nil
}

4
pkg/protocols/network/network.go
View File

@ -259,3 +259,7 @@ func (request *Request) Compile(options *protocols.ExecutorOptions) error {
func (request *Request) Requests() int {
return len(request.Address)
}
func (request *Request) SetDialer(dialer *fastdialer.Dialer) {
request.dialer = dialer
}

2
pkg/protocols/utils/utils.go
View File

@ -48,7 +48,7 @@ func CalculateContentLength(contentLength, bodyLength int64) int64 {
return bodyLength
}
// headersToString converts http headers to string
// HeadersToString converts http headers to string
func HeadersToString(headers http.Header) string {
builder := &strings.Builder{}

4
pkg/templates/templates.go
View File

@ -317,7 +317,7 @@ func (template *Template) MarshalYAML() ([]byte, error) {
return out, multierr.Append(marshalErr, errValidate)
}
// MarshalYAML forces recursive struct validation after unmarshal operation
// UnmarshalYAML forces recursive struct validation after unmarshal operation
func (template *Template) UnmarshalYAML(unmarshal func(interface{}) error) error {
type Alias Template
alias := &Alias{}
@ -475,7 +475,7 @@ func (template *Template) GetFileImports() []string {
return template.ImportedFiles
}
// addProtocolsToQueue adds protocol requests to the queue and preserves order of the protocols and requests
// addRequestsToQueue adds protocol requests to the queue and preserves order of the protocols and requests
func (template *Template) addRequestsToQueue(keys ...string) {
for _, key := range keys {
switch key {

2
pkg/types/types.go
View File

@ -345,6 +345,8 @@ type Options struct {
GitLabTemplateRepositoryIDs []int
// GitLabTemplateDisableDownload disables downloading templates from custom GitLab repositories
GitLabTemplateDisableDownload bool
// AWS access profile from ~/.aws/credentials file for downloading templates from S3 bucket
AwsProfile string
// AWS access key for downloading templates from S3 bucket
AwsAccessKey string
// AWS secret key for downloading templates from S3 bucket