External/nuclei
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei.git synced 2025-12-18 20:05:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
5,692 Commits 49 Branches 135 Tags
Commit Graph

34 Commits

Author SHA1 Message Date
Dwi Siswanto
87ed0b2bb9
build: bump all direct modules (#6290) 
* chore: fix non-constant fmt string in call

Signed-off-by: Dwi Siswanto <git@dw1.io>

* build: bump all direct modules

Signed-off-by: Dwi Siswanto <git@dw1.io>

* chore(hosterrorscache): update import path

Signed-off-by: Dwi Siswanto <git@dw1.io>

* fix(charts): break changes

Signed-off-by: Dwi Siswanto <git@dw1.io>

* build: pinned `github.com/zmap/zcrypto` to v0.0.0-20240512203510-0fef58d9a9db

Signed-off-by: Dwi Siswanto <git@dw1.io>

* chore: golangci-lint auto fixes

Signed-off-by: Dwi Siswanto <git@dw1.io>

* chore: satisfy lints

Signed-off-by: Dwi Siswanto <git@dw1.io>

* build: migrate `github.com/xanzy/go-gitlab` => `gitlab.com/gitlab-org/api/client-go`

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat(json): update build constraints

Signed-off-by: Dwi Siswanto <git@dw1.io>

* chore: dont panicking on close err

Signed-off-by: Dwi Siswanto <git@dw1.io>

---------

Signed-off-by: Dwi Siswanto <git@dw1.io>
 2025-07-01 00:40:44 +07:00
Dwi Siswanto
622c5503fa
perf(*): replace encoding/json w/ sonic or go-json (fallback) (#6019) 
* perf(*): replace `encoding/json` w/ sonic

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat(utils): add `json` pkg (sonic wrapper)

Signed-off-by: Dwi Siswanto <git@dw1.io>

* chore(*): use `sonic` wrapper instead

Signed-off-by: Dwi Siswanto <git@dw1.io>

* chore(*): replace `sonic.ConfigStd` -> `json` (wrapper)

Signed-off-by: Dwi Siswanto <git@dw1.io>

* test(model): adjust expected marshal'd JSON

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat(json): dynamic backend; `sonic` -> `go-json` (fallback)

Signed-off-by: Dwi Siswanto <git@dw1.io>

* chore(json): merge config - as its not usable

Signed-off-by: Dwi Siswanto <git@dw1.io>

* chore(json): rm go version constraints

Signed-off-by: Dwi Siswanto <git@dw1.io>

* chore: go mod tidy

Signed-off-by: Dwi Siswanto <git@dw1.io>

---------

Signed-off-by: Dwi Siswanto <git@dw1.io>
 2025-02-11 03:01:37 +05:30
Tarun Koyalwar
16735f5243
fix template signing singnature issue (#5869) 
* fix incorrect .gitignore

* template signer utility tool

* use yaml marhsal & unmarshal for normalization

* normalize before verification
 2024-12-02 14:31:46 +05:30
Dwi Siswanto
3a07fa9c22
feat: add -enable-global-matchers flag (#5857) 
* feat: add `-enable-global-matchers` flag

Signed-off-by: Dwi Siswanto <git@dw1.io>

* refactor(templates): use embedded `types.Options` in `Template`

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat(lib): add `EnableGlobalMatchersTemplates` SDK opt

Signed-off-by: Dwi Siswanto <git@dw1.io>

---------

Signed-off-by: Dwi Siswanto <git@dw1.io>
 2024-11-27 14:37:59 +05:30
Dwi Siswanto
cc5c5509dc
feat: global matchers (#5701) 
* feat: global matchers

Signed-off-by: Dwi Siswanto <git@dw1.io>
Co-authored-by: Ice3man543 <ice3man543@users.noreply.github.com>

* feat(globalmatchers): make `Callback` as type

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat: update `passive` term to `(matchers-)static`

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat(globalmatchers): add `origin-template-*` event

also use `Set` method instead of `maps.Clone`

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat: update `matchers-static` term to `global-matchers`

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat(globalmatchers): clone event before `operator.Execute`

Signed-off-by: Dwi Siswanto <git@dw1.io>

* fix(tmplexec): don't store `matched` on `global-matchers` templ

This will end up generating 2 events from the same
`scan.ScanContext` if one of the templates has
`global-matchers` enabled. This way, non-
`global-matchers` templates can enter the
`writeFailureCallback` func to log failure output.

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat(globalmatchers): initializes `requests` on `New`

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat(globalmatchers): add `hasStorage` method

Signed-off-by: Dwi Siswanto <git@dw1.io>

* refactor(templates): rename global matchers checks method

Signed-off-by: Dwi Siswanto <git@dw1.io>

* fix(loader): handle nil `templates.Template` pointer

Signed-off-by: Dwi Siswanto <git@dw1.io>

---------

Signed-off-by: Dwi Siswanto <git@dw1.io>
Co-authored-by: Ice3man543 <ice3man543@users.noreply.github.com>
 2024-10-14 19:25:46 +05:30
Ramana Reddy
3d2f31a56f
fix missing template_url for pd signed templates when executed from custom path (#5644) 2024-09-19 18:58:20 +05:30
Mzack9999
1c51a6bef6
improving workflows (#5318) 
* improving workflows

* fixing count
 2024-06-22 22:42:00 +05:30
Tarun Koyalwar
d6424ea5d0
pdcp result upload: bug fix + (optional) scan name support using -sname flag (#5155) 
* add default template severity and error when validating

* ignore workflows when validating severity

* add scan name support in pdcp result upload

* scan upload: fix missing name query param

* make profile-loader integration tests generic

* add scan-id validation

* ignore invalid scan id's
 2024-05-11 00:44:14 +05:30
Tarun Koyalwar
255032f4f2
pre-condition in code , fuzz and other misc updates (#4966) 
* fuzz: rename 'filters' -> 'pre-condition'

* code proto: pre-condition + integration test

* feat: dsl document generator

* update dsl page header

* fix lint error

* add js defined helper funcs in docs

* remove panic recovery unless its for third party(go-rod,goja)

* handle dynamic values flattening edgecase in flow+multiprotocol

* fix order of kv in form-data (failing test)

* fix template loading counters

* Revert "handle dynamic values flattening edgecase in flow+multiprotocol"

This reverts commit 58fdd4faf7df5d654b46a9585011f614d5c98aa4.

* fix flow iteration using 'iterate'
 2024-04-01 19:18:21 +05:30
Tarun Koyalwar
25e7799c09
req_url_pattern for vuln_hash calculation + unit test (#4964) 2024-03-30 23:50:31 +05:30
mzack
e9f6febe01 caching content + merging caches 2024-03-13 21:02:36 +01:00
mzack
cd289a81c9 tmp init 2024-03-13 02:59:34 +01:00
mzack
4aff6d7189 merging caches + removing import cycle via type any 2024-03-13 02:27:15 +01:00
Mzack9999
ec4fb408c9
Purge cache on global callback set (#4840) 
* purge cache on global callback set

* lint

* purging cache

* purge cache in runner after loading templates

* include internal cache from parsers + add global cache register/purge via config

* remove disable cache purge option

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2024-03-11 02:59:55 +05:30
Tarun Koyalwar
68b9dd52ad
error handling + support offlinehttp in flow templates (#4653) 2024-01-17 23:16:57 +05:30
Tarun Koyalwar
775c7f762b
add -code flag to run code proto templates (#4376) 2023-11-16 17:56:07 +05:30
Dogan Can Bakir
7c2db9c394
introduce template-encoded field (#4315) 
* introduce `template-encoded` field

* remove IsCustomTemplate func

* refactor and move encoding to `MakeResultEventItem` func

* encode template in case of no results were found

* commit to last commit

* don't encode templates when`-ms` is used
 2023-11-11 04:42:27 +05:30
Dogan Can Bakir
83abe0969e
introduce self-contained to headless (#4322) 
* introduce `self-contained` to headless

* fix matched url print
 2023-11-02 19:08:20 +05:30
Tarun Koyalwar
e9ab5f498a
template preprocessor + multi request variables indexing bug fix (#4262) 
* add randstr preprocessor to defaults

* fix indexing in http + preprocessor integration test

* add multi-request integration test

* skip test if asnmap is down
 2023-10-20 17:54:10 +05:30
Tarun Koyalwar
dc44105baf
nuclei v3 : misc updates (#4247) 
* use parsed options while signing

* update project layout to v3

* fix .gitignore

* remove example template

* misc updates

* bump tlsx version

* hide template sig warning with env

* js: retain value while using log

* fix nil pointer derefernce

* misc doc update

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2023-10-17 17:44:13 +05:30
Mzack9999
12c9ca7b12 fixing go mod 2020-09-23 22:38:59 +02:00
Víctor Zamanillo
113ccb1e0e Preload workflow templates once 
Fixes memory leak reported on #242
 2020-08-26 20:05:31 +02:00
Víctor Zamanillo
60005290b1 Initial adoption of golangci-lint for CI 2020-08-25 23:33:20 +02:00
Ice3man543
458dbc1b38 v2 update 2020-07-01 16:17:24 +05:30
Ice3man543
b3c52d941f Added directory support 2020-06-29 17:43:08 +05:30
Mzack9999
d3ceb76585 uniformed template loading 2020-06-26 14:37:55 +02:00
Mzack9999
6cce1ea1bf solved many issues - yet to improve the output verbosity 2020-05-05 21:42:28 +02:00
Mzack9999
44821e6b77 begin of work on fuzzing - only working for raw requests with payload (TODO code cleanup) 2020-05-04 23:26:22 +02:00
Ice3man543
5af4c9b2cf Finished executer for per-request execution 2020-04-26 06:33:59 +05:30
Mzack9999
a6b2a44080 rebase 2020-04-23 18:44:34 +02:00
Mzack9999
cb938b379c poc implementation of dns templating 2020-04-23 18:41:27 +02:00
Mzack9999
603456ddbb poc implementation of dns templating 2020-04-22 22:45:02 +02:00
Ice3man543
12f986ff7b Added extractors to the workflow + misc 2020-04-06 00:44:45 +05:30
Ice3man543
b78907ad46 Added requests + compile 2020-04-04 02:50:32 +05:30