External/nuclei
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei.git synced 2025-12-17 20:35:26 +00:00
Code Issues Packages Projects Releases Wiki Activity
5,731 Commits 49 Branches 135 Tags
Commit Graph

76 Commits

Author SHA1 Message Date
Sandeep Singh
b4644af80a
Lint + test fixes after utils dep update (#6393) 
* fix: remove undefined errorutil.ShowStackTrace

* feat: add make lint support and integrate with test

* refactor: migrate errorutil to errkit across codebase

- Replace deprecated errorutil with modern errkit
- Convert error declarations from var to func for better compatibility
- Fix all SA1019 deprecation warnings
- Maintain error chain support and stack traces

* fix: improve DNS test reliability using Google DNS

- Configure test to use Google DNS (8.8.8.8) for stability
- Fix nil pointer issue in DNS client initialization
- Keep production defaults unchanged

* fixing logic

* removing unwanted branches in makefile

---------

Co-authored-by: Mzack9999 <mzack9999@protonmail.com>
 2025-08-20 05:28:23 +05:30
HD Moore
5b89811b90
Support concurrent Nuclei engines in the same process (#6322) 
* support for concurrent nuclei engines

* clarify LfaAllowed race

* remove unused mutex

* update LfaAllowed logic to prevent races until it can be reworked for per-execution ID

* Update pkg/templates/parser.go

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>

* debug tests

* debug gh action

* fixig gh template test

* using atomic

* using synclockmap

* restore tests concurrency

* lint

* wiring executionId in js fs

---------

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
Co-authored-by: Mzack9999 <mzack9999@protonmail.com>
 2025-07-19 00:10:58 +05:30
HD Moore
f26996cb89
Remove singletons from Nuclei engine (continuation of #6210) (#6296) 
* introducing execution id

* wip

* .

* adding separate execution context id

* lint

* vet

* fixing pg dialers

* test ignore

* fixing loader FD limit

* test

* fd fix

* wip: remove CloseProcesses() from dev merge

* wip: fix merge issue

* protocolstate: stop memguarding on last dialer delete

* avoid data race in dialers.RawHTTPClient

* use shared logger and avoid race conditions

* use shared logger and avoid race conditions

* go mod

* patch executionId into compiled template cache

* clean up comment in Parse

* go mod update

* bump echarts

* address merge issues

* fix use of gologger

* switch cmd/nuclei to options.Logger

* address merge issues with go.mod

* go vet: address copy of lock with new Copy function

* fixing tests

* disable speed control

* fix nil ExecuterOptions

* removing deprecated code

* fixing result print

* default logger

* cli default logger

* filter warning from results

* fix performance test

* hardcoding path

* disable upload

* refactor(runner): uses `Warning` instead of `Print` for `pdcpUploadErrMsg`

Signed-off-by: Dwi Siswanto <git@dw1.io>

* Revert "disable upload"

This reverts commit 114fbe6663361bf41cf8b2645fd2d57083d53682.

* Revert "hardcoding path"

This reverts commit cf12ca800e0a0e974bd9fd4826a24e51547f7c00.

---------

Signed-off-by: Dwi Siswanto <git@dw1.io>
Co-authored-by: Mzack9999 <mzack9999@protonmail.com>
Co-authored-by: Dwi Siswanto <git@dw1.io>
Co-authored-by: Dwi Siswanto <25837540+dwisiswant0@users.noreply.github.com>
 2025-07-10 01:17:26 +05:30
Jose De La O Hernandez
285c5e1442
fixing panic caused by uninitialized colorizer (#6315) 2025-07-09 04:34:05 +05:30
Dwi Siswanto
7e2ec686ae
fix(lib): scans didn't stop on ctx cancellation (#6310) 
* fix(lib): scans didn't stop on ctx cancellation

Signed-off-by: Dwi Siswanto <git@dw1.io>

* Update lib/sdk_test.go

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>

* fix(lib): wait resources to be released b4 return

Signed-off-by: Dwi Siswanto <git@dw1.io>

---------

Signed-off-by: Dwi Siswanto <git@dw1.io>
Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
 2025-07-09 01:04:16 +07:00
Eric Gruber
b95b04fc4d
feat: add EnableMatcherStatus function to configure matcher status in NucleiEngine (#6191) 2025-06-17 05:08:01 +05:30
Dogan Can Bakir
357fe9efa7
add resume option to sdk (#6083) 2025-03-07 16:53:55 +05:30
meme-lord
08c46ffaeb
Added WithResponseReadSize function to allow SDK users to modify max response read opt (#5961) 
* added WithResponseReadSize function to allow SDK users to modify max response read opt

* Update lib/config.go

improved comment, changed casing of param name, added negative input check

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>

* fixing rabbitai commit >:(

---------

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
 2025-01-14 15:35:12 +05:30
chuu
258f38f72d
fix(sdk): NoHostErrors not set (#5783) 2025-01-02 17:48:36 +05:30
Mzack9999
1e87ca82c8
fix missing browser init (#5896) 
* fix missing browser init

* .

* using lazy init

* updating test with new web ui

* go mod

* sandbox test

* non fatal error
 2024-12-17 15:38:42 +05:30
Shubham Rasal
be1f634eae
Add Alive Proxy into Options (#5903) 
* Move proxy variable from global to options

- Provides ability to pass diff proxy in single nuclei instance using sdk

* add type check (resolve comments)
 2024-12-13 04:23:27 +05:30
Dwi Siswanto
3a07fa9c22
feat: add -enable-global-matchers flag (#5857) 
* feat: add `-enable-global-matchers` flag

Signed-off-by: Dwi Siswanto <git@dw1.io>

* refactor(templates): use embedded `types.Options` in `Template`

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat(lib): add `EnableGlobalMatchersTemplates` SDK opt

Signed-off-by: Dwi Siswanto <git@dw1.io>

---------

Signed-off-by: Dwi Siswanto <git@dw1.io>
 2024-11-27 14:37:59 +05:30
Dogan Can Bakir
63687c2ce0
disable self-contained and file protocol templates as default (#5825) 
* disable self-contained and file protocol templates as default

* make excluding default

* add config funcs

* fix wrn display

* fix integration tests

* enable self-contained templates when code templates are enabled

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2024-11-19 22:00:28 +05:30
Dwi Siswanto
3e4ec90cea
ci: refactor workflows (#5818) 
* ci: refactor workflows

Signed-off-by: Dwi Siswanto <git@dw1.io>

* chore: structured build outputs

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat: use `go-ci`

Signed-off-by: Dwi Siswanto <git@dw1.io>

* chore(make): misused var for `vet` cmd

Signed-off-by: Dwi Siswanto <git@dw1.io>

---------

Signed-off-by: Dwi Siswanto <git@dw1.io>
 2024-11-14 19:19:49 +07:00
Dogan Can Bakir
7547f1a5c3
Merge pull request #5678 from alban-stourbe-wmx/feature/sdk-add-vars 
Add vars with SDK
 2024-11-08 15:11:58 +03:00
chuu
8a4be44631 perf(sdk): sdk functions to access workflow store 2024-10-24 14:34:50 +08:00
Dogan Can Bakir
92213e1335
Merge pull request #5733 from projectdiscovery/fix_template_loading_logic 
fix template loading logic
 2024-10-15 13:52:47 +03:00
chuu
aab2cadb64
fix: input helper in executor options (#5712) 2024-10-14 19:22:52 +05:30
Doğan Can Bakır
4ef058758c fix template loading logic 2024-10-14 15:53:53 +03:00
alban.stourbe stourbe
ed3e06a701 Add checkerr on runtimeVars & Add a new TestSDK 2024-10-01 09:29:43 +02:00
alban.stourbe stourbe
d0463e8ca3 Add vars with SDK 2024-09-30 16:52:54 +02:00
Dogan Can Bakir
a45e4bbd19
move code around (#5626) 2024-09-12 17:05:32 +05:30
Doğan Can Bakır
50023428d0 fix lint 2024-08-19 23:09:07 +03:00
Tarun Koyalwar
1c76398aea
lint error fixes (#5531) 
* lint error fixes

* chore: satisfy non-constant format str in call lint (govet)

Signed-off-by: Dwi Siswanto <git@dw1.io>

---------

Signed-off-by: Dwi Siswanto <git@dw1.io>
Co-authored-by: Dwi Siswanto <git@dw1.io>
 2024-08-16 20:31:23 +05:30
alban-stourbe-wmx
0787ff29e0
Add Workflows SDK scan (#5409) 
* Add Workflows SDK scan

* minor

---------

Co-authored-by: Mzack9999 <mzack9999@protonmail.com>
 2024-08-03 23:13:31 +05:30
Dogan Can Bakir
1fa0e2b473
disable http probe when passive mode is enabled (#5418) 2024-07-22 18:25:02 +05:30
Dogan Can Bakir
6c32eb7d1e
add sdk option to disable update check (#5346) 2024-07-15 18:51:16 +05:30
Douglas Danger Manley
e61ca0c42d
Use fs.FS when explicitly given (#5312) 
* Use the `templateFS` if it's there when calling `OpenFile`

* Add a new constructor

* More refactoring

* Both of my use cases are working

* Fix for legacy assumptions

* minor update: remove gologger debug stmts

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2024-06-23 01:12:01 +05:30
Mzack9999
1e85e70d99 removed as recommended 2024-06-13 17:24:07 +02:00
Mzack9999
52975373ff Merge branch 'dev' into feat-4808-planner 2024-06-13 17:19:43 +02:00
Douglas Danger Manley
8011012c42
Fix ExecuteCallbackWithCtx to use the context that was provided (#5236) 
* Fix `ExecuteCallbackWithCtx` to use the context that was provided

This updates `ExecuteCallbackWithCtx` to use the context that was
provided.

* remove more hardcoded context

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2024-05-30 16:04:15 +05:30
mzack
3307517a6c conflict 2024-05-25 02:52:55 +02:00
mzack
46e2a54bfe Merge branch 'dev' into feat-4808-planner 2024-05-25 02:45:54 +02:00
Tarun Koyalwar
23bd0336fb
multiple bug fixes + performance improvements (#5148) 
* prototype errkit

* complete errkit implementation

* add cause to all timeouts

* fix request timeout annotation @timeout

* increase responseHeaderTimeout to 8 for stability

* rawhttp error related improvements

* feat: add port status caching

* add port status caching to http

* migrate to new utils/errkit

* remote dialinterface + error cause

* debug dir support using .gitignore debug-*

* make nuclei easy to debug

* debug dir update .gitignore

* temp change (to revert)

* Revert "temp change (to revert)"

This reverts commit d3131f777713b9f80e2275142e80f36340a76d36.

* use available context instead of new one

* bump fastdialer

* fix hosterrorscache + misc improvements

* add 'address' field in error log

* fix js vague errors + pgwrap driver

* fix max host error + misc updates

* update tests as per changes

* fix request annotation context

* remove closed dialer reference

* fix sdk panic issue

* bump retryablehttp-go,utils,fastdialer

---------

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
 2024-05-25 00:29:04 +05:30
Mzack9999
4fc16e36e1 Merge branch 'dev' into feat-4808-planner 2024-05-23 09:08:53 +02:00
Ice3man
4170e1cbb8
more goroutine leak fixes to nuclei (#5188) 
* more goroutine leak fixes to nuclei

* run only dns templates for test

* updated httpx to dev

* dep update

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2024-05-20 00:48:40 +05:30
Mzack9999
b820fb9464 fixing shared cleanup 2024-05-15 21:43:43 +02:00
Mzack9999
47ca8fe842 fix non gc-able dialer 
closes #5165
 2024-05-15 21:25:40 +02:00
Tarun Koyalwar
098392b604
add context support in sdk (#5154) 2024-05-07 01:31:33 +05:30
Tarun Koyalwar
3e54ca54b0
feat: fix utils and add goroutine leak unit tests (#5112) 
* feat: fixed leak

* add go leak unit test in sdk

* added goleak unit tests

* bugfix: add random user agents to fuzzing requests

* misc

* misc

* fix lint + use utils pr + misc

* fix ratelimit memleak in sdk

* close protocolstate shared resources in nuclei sdk/lib

* add missing close references

* ignore read/write loop of intransit connections

* close unnecessary idle conns

* add ignore method

* using fixed utils

* dep update

---------

Co-authored-by: Ice3man <nizamulrana@gmail.com>
Co-authored-by: mzack <marco.rivoli.nvh@gmail.com>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2024-05-01 00:28:11 +05:30
Anna Smith
e96fdf2e40
chore: fix function names in comment (#5110) 2024-04-27 18:40:33 +05:30
Ice3man
0b82e8b7aa
feat: added support for context cancellation to engine (#5096) 
* feat: added support for context cancellation to engine

* misc

* feat: added contexts everywhere

* misc

* misc

* use granular http timeouts and increase http timeout to 30s using multiplier

* track response header timeout in mhe

* update responseHeaderTimeout to 5sec

* skip failing windows test

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2024-04-25 15:37:56 +05:30
scottdharvey
4b9c3b8d16
Feat 5059 (#5060) 
* change catalog

* add usesuppliedcatalog option

* add catalog nil check

* Update config.go
 2024-04-23 19:11:12 +05:30
lvyaoting
84582183dc
chore: fix function names in comment (#5008) 
Signed-off-by: lvyaoting <lvyaoting@outlook.com>
 2024-04-16 16:57:51 +05:30
mzack
582a85d9c0 mimic follow behavior 2024-04-09 18:31:22 +02:00
mzack
99a018d12a adding speed change example 2024-04-04 20:19:46 +02:00
Mzack9999
620287f76b deprecating rlm 2024-04-03 19:28:39 +02:00
Tarun Koyalwar
e88889b263
add -dast flag and multiple bug fixes for dast templates (#4941) 
* add default get method

* remove residual payload logic from old implementation

* fuzz: clone current state of component

* fuzz: bug fix stacking of payloads in multiple mode

* improve stdout template loading stats

* stdout: force display warnings if no templates are loaded

* update flags in README.md

* quote non-ascii chars in extractor output

* aws request signature can only be used in signed & verified tmpls

* deprecate request signature

* remove logic related to deprecated fuzzing input

* update test to use ordered params

* fix interactsh-url lazy eval: #4946

* output: skip unnecessary updates when unescaping

* updates as per requested changes
 2024-03-29 13:31:30 +05:30
Mzack9999
7d06c97a0d
Merge pull request #4867 from projectdiscovery/maint-runner-cache 
Internal Templates Loader/Parser caches refactoring
 2024-03-15 14:05:12 +01:00
mzack
2dd8c8c5ae removing err 2024-03-15 13:36:57 +01:00