External/nuclei
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei.git synced 2025-12-18 14:45:27 +00:00
Code Issues Packages Projects Releases Wiki Activity
5,376 Commits 49 Branches 135 Tags
Commit Graph

5376 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Doğan Can Bakır
3be6ccf28a add test for go engine 2024-10-23 13:03:12 +03:00
Doğan Can Bakır
55a4be4b6d fix go code engine 2024-10-23 13:00:10 +03:00
dependabot[bot]
49811d24a1
Merge pull request #5756 from projectdiscovery/dependabot/go_modules/dev/github.com/projectdiscovery/dsl-0.3.0 2024-10-21 13:02:47 +00:00
dependabot[bot]
cb1bbff0f0
chore(deps): bump github.com/projectdiscovery/dsl from 0.2.5 to 0.3.0 
Bumps [github.com/projectdiscovery/dsl](https://github.com/projectdiscovery/dsl) from 0.2.5 to 0.3.0.
- [Release notes](https://github.com/projectdiscovery/dsl/releases)
- [Commits](https://github.com/projectdiscovery/dsl/compare/v0.2.5...v0.3.0)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/dsl
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-21 12:35:40 +00:00
dependabot[bot]
ebdabef420
Merge pull request #5751 from projectdiscovery/dependabot/go_modules/dev/github.com/projectdiscovery/rawhttp-0.1.70 2024-10-21 07:50:22 +00:00
dependabot[bot]
0442aa79da
chore(deps): bump github.com/projectdiscovery/rawhttp 
Bumps [github.com/projectdiscovery/rawhttp](https://github.com/projectdiscovery/rawhttp) from 0.1.67 to 0.1.70.
- [Release notes](https://github.com/projectdiscovery/rawhttp/releases)
- [Commits](https://github.com/projectdiscovery/rawhttp/compare/v0.1.67...v0.1.70)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/rawhttp
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-21 07:24:55 +00:00
dependabot[bot]
7a9facfc26
Merge pull request #5752 from projectdiscovery/dependabot/go_modules/dev/github.com/projectdiscovery/httpx-1.6.9 2024-10-21 07:23:12 +00:00
dependabot[bot]
abc63f1f8d
chore(deps): bump github.com/projectdiscovery/httpx from 1.6.8 to 1.6.9 
Bumps [github.com/projectdiscovery/httpx](https://github.com/projectdiscovery/httpx) from 1.6.8 to 1.6.9.
- [Release notes](https://github.com/projectdiscovery/httpx/releases)
- [Changelog](https://github.com/projectdiscovery/httpx/blob/main/.goreleaser.yml)
- [Commits](https://github.com/projectdiscovery/httpx/compare/v1.6.8...v1.6.9)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/httpx
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-21 06:53:32 +00:00
dependabot[bot]
f5f5f5fc21
Merge pull request #5753 from projectdiscovery/dependabot/go_modules/dev/github.com/projectdiscovery/ratelimit-0.0.60 2024-10-21 06:52:24 +00:00
dependabot[bot]
efb27cfd49
chore(deps): bump github.com/projectdiscovery/ratelimit 
Bumps [github.com/projectdiscovery/ratelimit](https://github.com/projectdiscovery/ratelimit) from 0.0.56 to 0.0.60.
- [Release notes](https://github.com/projectdiscovery/ratelimit/releases)
- [Commits](https://github.com/projectdiscovery/ratelimit/compare/v0.0.56...v0.0.60)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/ratelimit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-21 06:26:35 +00:00
dependabot[bot]
5f952fc87a
Merge pull request #5750 from projectdiscovery/dependabot/go_modules/dev/github.com/projectdiscovery/gologger-1.1.28 2024-10-21 06:25:23 +00:00
dependabot[bot]
505ebc752f
chore(deps): bump github.com/projectdiscovery/gologger 
Bumps [github.com/projectdiscovery/gologger](https://github.com/projectdiscovery/gologger) from 1.1.24 to 1.1.28.
- [Release notes](https://github.com/projectdiscovery/gologger/releases)
- [Commits](https://github.com/projectdiscovery/gologger/compare/v1.1.24...v1.1.28)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/gologger
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-21 05:57:35 +00:00
sandeep
44f398c08d readme updates 2024-10-19 17:21:13 +05:30
sandeep
d7c8c8af80 version update 2024-10-18 22:28:02 +05:30
Ramana Reddy
7e4b4a8c55
fix: interactsh-url placeholder replacement in variables for network template (#5677) 2024-10-18 20:44:40 +05:30
Dogan Can Bakir
92213e1335
Merge pull request #5733 from projectdiscovery/fix_template_loading_logic 
fix template loading logic
 2024-10-15 13:52:47 +03:00
ghost
159a8a53cf Auto Generate Syntax Docs + JSONSchema [Mon Oct 14 15:26:08 UTC 2024] 🤖 2024-10-14 15:26:08 +00:00
Ramana Reddy
98948d0266
support stop-at-first-match for network templates (#5554) 2024-10-14 20:54:58 +05:30
Dwi Siswanto
2c832f5590
refactor(vardump): use godump lib (#5676) 
* refactor(vardump): use `godump` lib

also increate limit char to `255`.

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat(vardump): add global var `Limit`

Signed-off-by: Dwi Siswanto <git@dw1.io>

* chore(protocols): rm newline

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat(types): add `VarDumpLimit` option

Signed-off-by: Dwi Siswanto <git@dw1.io>

* test(vardump): add test cases

Signed-off-by: Dwi Siswanto <git@dw1.io>

* chore: tidy up mod

Signed-off-by: Dwi Siswanto <git@dw1.io>

---------

Signed-off-by: Dwi Siswanto <git@dw1.io>
 2024-10-14 19:31:36 +05:30
ghost
53f56e179d Auto Generate Syntax Docs + JSONSchema [Mon Oct 14 13:56:50 UTC 2024] 🤖 2024-10-14 13:56:50 +00:00
Dwi Siswanto
cc5c5509dc
feat: global matchers (#5701) 
* feat: global matchers

Signed-off-by: Dwi Siswanto <git@dw1.io>
Co-authored-by: Ice3man543 <ice3man543@users.noreply.github.com>

* feat(globalmatchers): make `Callback` as type

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat: update `passive` term to `(matchers-)static`

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat(globalmatchers): add `origin-template-*` event

also use `Set` method instead of `maps.Clone`

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat: update `matchers-static` term to `global-matchers`

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat(globalmatchers): clone event before `operator.Execute`

Signed-off-by: Dwi Siswanto <git@dw1.io>

* fix(tmplexec): don't store `matched` on `global-matchers` templ

This will end up generating 2 events from the same
`scan.ScanContext` if one of the templates has
`global-matchers` enabled. This way, non-
`global-matchers` templates can enter the
`writeFailureCallback` func to log failure output.

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat(globalmatchers): initializes `requests` on `New`

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat(globalmatchers): add `hasStorage` method

Signed-off-by: Dwi Siswanto <git@dw1.io>

* refactor(templates): rename global matchers checks method

Signed-off-by: Dwi Siswanto <git@dw1.io>

* fix(loader): handle nil `templates.Template` pointer

Signed-off-by: Dwi Siswanto <git@dw1.io>

---------

Signed-off-by: Dwi Siswanto <git@dw1.io>
Co-authored-by: Ice3man543 <ice3man543@users.noreply.github.com>
 2024-10-14 19:25:46 +05:30
chuu
aab2cadb64
fix: input helper in executor options (#5712) 2024-10-14 19:22:52 +05:30
Doğan Can Bakır
4ef058758c fix template loading logic 2024-10-14 15:53:53 +03:00
Dwi Siswanto
d68af67e6e
feat(nuclei): generate trace file when using profile-mem (#5690) 
* feat(nuclei): generate trace file when using `profile-mem`

Signed-off-by: Dwi Siswanto <git@dw1.io>

* docs(DESIGN): dynamically grep mod path

Signed-off-by: Dwi Siswanto <git@dw1.io>

---------

Signed-off-by: Dwi Siswanto <git@dw1.io>
 2024-10-14 14:53:36 +05:30
Danny Shemesh
888a732fbc
Unlock memguard global change mutex only when locked (#5714) 2024-10-14 14:18:59 +05:30
Keith Chason
3f0de96726
MongoDB Reporting (#5688) 
* Initial setup of Mongo reporting

* Fix slice pop logic

* Switch to config-file logic

* Parse database name from connection string

* Switch to url.Parse for connection string parsing

* Address return/logging feedback
 2024-10-13 21:44:33 +05:30
Dwi Siswanto
1cd42c46c7
chore: update auto_assign (#5720) 
add me to `addReviewers` list

Signed-off-by: Dwi Siswanto <git@dw1.io>
 2024-10-11 19:13:02 +05:30
Ice3man
82680980a5
bugfix: fix multipart panic + support for filename + content-type (#5702) 
* bugfix: fix multipart files panic + support for filename + content-type propagation

* misc changes
 2024-10-10 20:22:22 +05:30
ghost
690089e1ce Auto Generate Syntax Docs + JSONSchema [Wed Oct 9 21:36:38 UTC 2024] 🤖 2024-10-09 21:36:38 +00:00
Dogan Can Bakir
f0624820d3
update ssl part definitions (#5710) 2024-10-10 03:04:23 +05:30
Ramana Reddy
7ba5d51b00
fix: ldap metadata collection err (#5683) 2024-10-07 18:12:07 +05:30
Ramana Reddy
8b9acb2927
return bool resp on successful ldap authentication (#5682) 2024-10-07 18:11:03 +05:30
Piotr Idzik
23825c77b2
style: do not use backticks (#5687) 2024-10-05 04:07:07 +07:00
sandeep
d1614857bd version update 2024-09-28 19:06:40 +04:00
Tarun Koyalwar
1f945d6d50
consider protocolType in max host error (#5668) 
* consider protocolType in max host error

* add mutex when updating internal-event
 2024-09-28 18:50:35 +05:30
sandeep
e4dae52d5a version update 2024-09-26 12:09:13 +04:00
Dwi Siswanto
c9f67897c4
fix(http): prevent addCNameIfAvailable from using closed Dialer (#5665) 
added a check in `addCNameIfAvailable` to ensure
the `Dialer` isnot NIL before attempting to fetch
DNS data.

this prevents potential panics (ex. SIGSEGV) when
the `Dialer` is closed due to an interruption.

Signed-off-by: Dwi Siswanto <git@dw1.io>
 2024-09-25 22:00:39 +05:30
dependabot[bot]
c93a2b1ba4
chore(deps): bump github.com/projectdiscovery/utils from 0.2.8 to 0.2.11 (#5660) 
Bumps [github.com/projectdiscovery/utils](https://github.com/projectdiscovery/utils) from 0.2.8 to 0.2.11.
- [Release notes](https://github.com/projectdiscovery/utils/releases)
- [Changelog](https://github.com/projectdiscovery/utils/blob/main/CHANGELOG.md)
- [Commits](https://github.com/projectdiscovery/utils/compare/v0.2.8...v0.2.11)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/utils
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-09-24 18:44:01 +05:30
Ice3man
6a561c6470
feat: clone event in clustering to generate correct failure events (#5653) 2024-09-24 18:43:35 +05:30
dependabot[bot]
828dac9002
chore(deps): bump github.com/projectdiscovery/retryabledns (#5657) 
Bumps [github.com/projectdiscovery/retryabledns](https://github.com/projectdiscovery/retryabledns) from 1.0.74 to 1.0.77.
- [Release notes](https://github.com/projectdiscovery/retryabledns/releases)
- [Commits](https://github.com/projectdiscovery/retryabledns/compare/v1.0.74...v1.0.77)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/retryabledns
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-09-23 17:49:04 +05:30
Dwi Siswanto
9983d7415c
refactor(runner): adjust max-host-error if gt concurrency (#5633) 
* refactor(common): use `ParseRequestURI` instead when `NormalizeCacheValue`

also it exports the method

Signed-off-by: Dwi Siswanto <git@dw1.io>

* refactor(runner): adjust `max-host-error` if gt `concurrency`

Signed-off-by: Dwi Siswanto <git@dw1.io>

* fix lint

* chore(runner): expose adjusted `max-host-error` value

Signed-off-by: Dwi Siswanto <git@dw1.io>

---------

Signed-off-by: Dwi Siswanto <git@dw1.io>
Co-authored-by: Doğan Can Bakır <dogancanbakir@protonmail.com>
 2024-09-23 15:57:30 +05:30
dependabot[bot]
a118daa375
Merge pull request #5659 from projectdiscovery/dependabot/go_modules/dev/github.com/projectdiscovery/ratelimit-0.0.56 2024-09-23 06:12:30 +00:00
dependabot[bot]
b8e818ac29
Merge pull request #5658 from projectdiscovery/dependabot/go_modules/dev/github.com/projectdiscovery/useragent-0.0.71 2024-09-23 06:09:14 +00:00
dependabot[bot]
3e6c62b03b
chore(deps): bump github.com/projectdiscovery/useragent 
Bumps [github.com/projectdiscovery/useragent](https://github.com/projectdiscovery/useragent) from 0.0.65 to 0.0.71.
- [Release notes](https://github.com/projectdiscovery/useragent/releases)
- [Commits](https://github.com/projectdiscovery/useragent/compare/v0.0.65...v0.0.71)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/useragent
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-23 05:43:17 +00:00
dependabot[bot]
182e000f2c
chore(deps): bump github.com/projectdiscovery/ratelimit 
Bumps [github.com/projectdiscovery/ratelimit](https://github.com/projectdiscovery/ratelimit) from 0.0.53 to 0.0.56.
- [Release notes](https://github.com/projectdiscovery/ratelimit/releases)
- [Commits](https://github.com/projectdiscovery/ratelimit/compare/v0.0.53...v0.0.56)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/ratelimit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-23 05:43:13 +00:00
dependabot[bot]
21205253c3
Merge pull request #5661 from projectdiscovery/dependabot/go_modules/dev/github.com/projectdiscovery/rawhttp-0.1.67 2024-09-23 05:42:11 +00:00
dependabot[bot]
b18f99e462
chore(deps): bump github.com/projectdiscovery/rawhttp 
Bumps [github.com/projectdiscovery/rawhttp](https://github.com/projectdiscovery/rawhttp) from 0.1.65 to 0.1.67.
- [Release notes](https://github.com/projectdiscovery/rawhttp/releases)
- [Commits](https://github.com/projectdiscovery/rawhttp/compare/v0.1.65...v0.1.67)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/rawhttp
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-23 05:16:47 +00:00
Douglas Danger Manley
694835c459
Add more support for fs.FS in template parsing (#5421) 
* misc update

* chore(deps): bump github.com/gin-gonic/gin from 1.9.0 to 1.9.1 (#4252)

Bumps [github.com/gin-gonic/gin](https://github.com/gin-gonic/gin) from 1.9.0 to 1.9.1.
- [Release notes](https://github.com/gin-gonic/gin/releases)
- [Changelog](https://github.com/gin-gonic/gin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/gin-gonic/gin/compare/v1.9.0...v1.9.1)

---
updated-dependencies:
- dependency-name: github.com/gin-gonic/gin
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/docker/docker (#4316)

Bumps [github.com/docker/docker](https://github.com/docker/docker) from 24.0.5+incompatible to 24.0.7+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v24.0.5...v24.0.7)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix README_CN.md typos (#4369)

* version update

* Add more support for `fs.FS` in the disk catalog

This adds more support for `fs.FS` in the disk catalog.  This
fixes some places where direct `os` file-related calls were being
made to use the catalog interface instead.

Note that the JavaScript compiler *still* does not work in any
context where the `pkg/js/libs/fs` package is used.  In particular,
the `ReadFilesFromDir` function is hard-coded to use the `os`
package and not respect the catalog.

* Remove some testing artifacts

* Wrap up

* Unwind other changes

* Add a LoadHelperFileFunction to Options

* Use a direct func

* Tweak validation

* Use a function type

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Xc1Ym <xuedongyuming2233@gmail.com>
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
 2024-09-21 02:41:22 +05:30
Ramana Reddy
3eee9678d0
fix loading dynamic auth templates on fuzzing (#5646) 2024-09-20 23:04:42 +05:30
Ramana Reddy
b69de15777
fix: Parse OpenApi http security schemes on empty values (#5606) 
* fix: parse openapi http security schemes on empty values

* minor

---------

Co-authored-by: Doğan Can Bakır <dogancanbakir@protonmail.com>
 2024-09-19 19:29:19 +05:30