External/nuclei
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei.git synced 2025-12-18 06:05:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
5,709 Commits 49 Branches 135 Tags
Commit Graph

214 Commits

Author SHA1 Message Date
Ice3man
fd024a3e8d
feat: issue tracker URLs in JSON + misc fixes (#4855) 
* feat: issue tracker URLs in JSON + misc fixes

* misc changes

* feat: status update support for issues

* feat: report metadata generation hook support

* feat: added CLI summary of tickets created

* misc changes
 2024-03-10 22:02:42 +05:30
Tarun Koyalwar
b1b4f0fe76
fix nuclei loading ignored templates (#4849) 
* fix tag include logic

* fix unit test

* remove quoting in extractor output

* remove quote in debug code command
 2024-03-09 21:20:54 +05:30
mzack
6f6c1d3679 small change in calculation 2024-03-07 17:28:24 +01:00
mzack
75183c7660 Merge branch 'dev' into maint-memory 2024-03-07 17:10:32 +01:00
mzack
b445f7fc87 making memguardian optional 2024-03-07 16:16:07 +01:00
Dogan Can Bakir
bbac102cf8
remove tmp code files (#4835) 2024-03-07 18:27:38 +05:30
mzack
e98d1d6a97 removing storage 2024-03-06 13:29:41 +01:00
Ramana Reddy
0a8beb26e9
Make self-contained optional in http request (#4838) 2024-03-05 22:40:12 +05:30
mzack
46830d4402 lint 2024-03-05 01:33:11 +01:00
mzack
52beea3bcd Merge branch 'dev' into maint-memory 2024-03-05 01:26:06 +01:00
mzack
ea3ecbf2d2 adding disk storage + memguardian + other memory optimizations 2024-03-05 01:08:01 +01:00
Mzack9999
4c7a0f424e
Transparent Memoization via func Annotation (#4742) 
* initial implementation with manual code generation

* testing generation

* refactor to package methods + auto memoize

* more memos

* fixing signatures

* refactor

* adding gen util

* adding util

* regenerate memoized files

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2024-03-01 18:40:18 +05:30
Tarun Koyalwar
8a2ff17ad8
allow specifying self-contained at http request level (#4812) 
* allow specifying self-contained at requestlevel

* fix IsSMTP js example

* update smtp + fix examples

* update smtp error message

* add code reference in js protocol

* update js docs

* remove debug stmt
 2024-03-01 16:38:56 +05:30
mzack
4d29bff759 using disk storage for large kv 2024-03-01 02:11:18 +01:00
Dogan Can Bakir
6abff96435
use maxsize (#4814) 2024-02-29 03:21:17 +05:30
Tarun Koyalwar
4b55c26fc0
add header nil check (#4766) 2024-02-19 02:09:52 +05:30
Tarun Koyalwar
2cbc21e228
fix stop-at-first-match issue in http protocol (#4752) 
* fix stop-at-first-match issue in http protocol

* spm: synchronize callback exec

* bump nuclei version to v3.2.0-dev

* add spm support for race & pipelined http requests

* support stop-at-first-match in race request

* update spm logic in parallel http & pipeline requests

* fix duplicated event issue

* spm: exit early + threads value override issue
 2024-02-13 01:20:19 +05:30
Mzack9999
7e108cdd82
Merge pull request #4737 from projectdiscovery/bugfix-4518-optional-read 
network layer should not have forceful read
 2024-02-07 22:31:02 +01:00
Ramana Reddy
e2527970cc
Update engine field of code request to accept any engine value (#4731) 2024-02-08 01:05:12 +05:30
mzack
099c2bb679 use system resolver first with system-resolvers 2024-02-06 21:49:05 +01:00
mzack
a0216e4cc9 network layer should not have forceful read 2024-02-06 19:31:23 +01:00
Tarun Koyalwar
3b75db46c7
Merge pull request #4647 from 5amu/remove-kerberos-dependency 
switch dependency for kerberos js module (ropnop/gorkb5 -> jcmturner/gokrb5)
 2024-02-06 02:37:57 +05:30
Tarun Koyalwar
71154918b0 fix network policy error 2024-02-06 02:03:33 +05:30
Tarun Koyalwar
cc732875cd
javascript: pooling and reuse with export functions + misc updates (#4709) 
* js hotfix: wrap javascript source in anon functions

* mysql module improvements

* misc mysql bugs

* js vm pooling: soft deprecation + incentivised pooling

* misc updates

* disable interactsh failed test

* disable interactsh.yaml integration test on win & mac
 2024-02-02 02:22:04 +05:30
Tarun Koyalwar
ead58f4ab9
implicit thread count when not specified in payloads + threads support in dns,network (#4715) 
* default threads + add threads support in dns payloads

* add threads support in network protocol

* add optional callback to override threadSetter

* fix broken fuzz integration tests
 2024-02-02 02:05:30 +05:30
Tarun Koyalwar
e4298a5ae1
fix misc issues with -as (#4714) 2024-02-02 01:48:22 +05:30
xxcdd
8d904709c0
HybridTechDetection with wappalyzer and tech templates. (#4656) 
* HybridTechDetection with wappalyzer and tech templates.

* automatic scan: refactor + misc updates

* fix progress multi init panic

* fix no result found statement

* fix target in print statement

* include detect,favicon tags as part of detection

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2024-02-01 12:49:20 +05:30
Dogan Can Bakir
5f4dcfb6be
use projectdiscovery/useragent (#4708) 
* use projectdiscovery/useragent

* minor
 2024-02-01 03:12:38 +05:30
Tarun Koyalwar
93b66af9fb
mysql: ignore warning log + misc updates (#4702) 2024-01-31 02:32:23 +05:30
Tarun Koyalwar
5bd9d9ee68
memory leak fixes and optimizations (#4680) 
* feat http response memory optimization + reuse buffers

* update nuclei version

* feat: reuse js vm's and compile to programs

* fix failing http integration test

* remove dead code + add -jsc

* feat reuse js vms in pool with concurrency

* update comments as per review

* bug fix+ update interactsh test to look for dns interaction

* try enabling all interactsh integration tests

---------

Co-authored-by: mzack <marco.rivoli.nvh@gmail.com>
 2024-01-31 01:59:49 +05:30
monitor
c32acd0921
Fix: sometimes dnslog request record is uppercase caused by nuclei templates uneffective (#4697) 
* Fix: sometimes dnslog request record is upper caused by cannot validate vuln

* convert request to lower for dns only

---------

Co-authored-by: daiwei11 <daiwei11@baidu.com>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
Co-authored-by: Tarun Koyalwar <45962551+tarunKoyalwar@users.noreply.github.com>
 2024-01-31 01:30:03 +05:30
Tarun Koyalwar
c7c35ffb94
fix multiple mem leaks + optimizations (#4630) 
* fix mem leak

* bump version tag

* http: add  global resp body read limit of 4MB

* skip creating templateCtx in normal templates

* fix mem leak via retryablehttp , fastdialer

* go mod tidy

* remove unused var

* dep update

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2024-01-18 05:53:42 +05:30
Tarun Koyalwar
a677fca192
misc improvements in js protocol execution (#4643) 
* js protocol  timeout using -timeout flag

* fix zgrab smb hang

* fix lint error

* custom timeout field in js protocol

* minor update: bound checking

* add 6 * -timeout in code protocol by default
 2024-01-18 04:39:15 +05:30
Dogan Can Bakir
76f7c0c903
fix panic in interactsh process interaction ( nil check on compiled operators) (#4511) 
* nil check

* misc updates

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2024-01-13 03:24:52 +05:30
Tarun Koyalwar
a8cdd21120
code: fix variables merge order (#4623) 
* fix variables merge order

* format screen: quote and trim extracted result

* code: interpret env vars in debug mode

* update integration test
 2024-01-12 23:10:00 +05:30
Tarun Koyalwar
1d246329ea
add logical check before creating result: #4603 (#4608) 2024-01-10 16:34:40 +05:30
Tarun Koyalwar
02a9b86dd7
fix missing results in flow template + feature: internal matchers using internal: true (#4582) 
* log warnings + use scanContext in flow

* refactor flow to use scanContext + log all events

* feat: internal matcher

* fix integration test

* bug fix extractor: merge dynamic values, fix missing extractors in file

* flow: fix 'No Results Found' if last statement output is false

* fix unit test
 2024-01-08 05:12:11 +05:30
Mzack9999
5e48aed29b
Using network policy everywhere (#4578) 
* Using network policy everywhere

* fixing bool param

* fixing websocket parsing issue

* fixing other schemes

* go mod tidy

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2024-01-08 05:09:11 +05:30
Tarun Koyalwar
056073da25
code protocol: donot exit on non zero status code (#4585) 2024-01-08 03:27:08 +05:30
Mzack9999
342cc56a28
Merge pull request #4575 from projectdiscovery/feat-fastdialer-exclude 
pass exclude list to layer 4 fast dialer
 2024-01-05 12:46:07 +01:00
Tarun Koyalwar
d064801270
fallthrough extracted values in order (#4574) 
* fallthrough extracted values in order

* fix unit test & update .gitignore

* remove temp file

---------

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
 2024-01-05 05:25:31 +05:30
Tarun Koyalwar
f663d1c9cf
deprecate(remove): file write in extractor using to (#4565) 
* fix race-condition & oow in extracted file output

* add mutex for file.Write + set finalizer for os.File

* fix integration test

* disable extractor save to file in lib mode(configurable)

* use sync.Once for init

* disable out of bound image write in headless

* misc updates

* fix headless screenshot test

* fix extractor save to file integration test

* remove 'to' feature in extractors
 2024-01-05 03:23:08 +05:30
mzack
80d347d3f1 pass exclude list to layer 4 fast dialer 2024-01-04 21:18:20 +01:00
Dogan Can Bakir
2d3906cafc
add tags as addition to -as (#4543) 2023-12-29 03:35:56 +05:30
Dogan Can Bakir
f6ebe7f5f1
fix fuzzing self-contained input requirement (#4531) 2023-12-24 14:16:09 +05:30
Dogan Can Bakir
e6133ef6bc
fix missing eq sign (#4513) 2023-12-20 17:00:34 +05:30
Tarun Koyalwar
e912c7c58d
network proto: revert full buffer size read (#4497) 
* network proto: revert full buffer size read

* fix read-all in network protocol
 2023-12-17 18:02:19 +05:30
Tarun Koyalwar
47e75038f0
headless: fix panic + refactor waitevent action (#4465) 
* fix waitEvent action

* avoid future panics

* integration test + bug fix

* headless: add max-duration support in waitevent

* fix comment + max-duration input
 2023-12-06 19:08:26 +05:30
M. Ángel Jimeno
7da3921c12
http: support arbitrary strings on TLS SNI annotation (#4462) 2023-12-06 14:15:30 +05:30
Jean Rougé
b420672b38
Allow to set dialers' timeout and keep-alive duration (#4441) 
* Allow to set dialers' timeout and keep-alive duration

* docs

---------

Co-authored-by: mzack <marco.rivoli.nvh@gmail.com>
 2023-11-30 01:47:10 +05:30