220 Commits

Author	SHA1	Message	Date
Tarun Koyalwar	19247ae74b	Path-Based Fuzzing SQL fix (#6400) ... * setup claude * migrate to using errkit * fix unused imports + lint errors * update settings.json * fix url encoding issue * fix lint error * fix the path fuzzing component * fix lint error	2025-08-25 13:36:58 +05:30
Dwi Siswanto	309018fbf4	fix: segfault in template caching logic (#6421) ... * fix: segfault in template caching logic when templates had no executable requests after option updates. the cached templates could end up with 0 requests and no flow execution path, resulting in a nil engine pointer that was later derefer w/o validation. bug seq: caching template (w/ valid requests) -> get cached template -> `*ExecutorOptions.Options` copied and modified (inconsistent) -> requests updated (with new options -- some may be invalid, and without recompile) -> template returned w/o validation -> `compileProtocolRequests` -> `NewTemplateExecuter` receive empty requests + empty flow = nil engine -> `*TemplateExecuter.{Compile,Execute}` invoked on nil engine = panic. RCA: 1. `*ExecutorOptions.ApplyNewEngineOptions` overwriting many fields. 2. copy op pointless; create a copy of options and then immediately replace it with original pointer. 3. missing executable requests validation after cached templates is reconstructed with updated options. Thus, this affected `--automatic-scan` mode where tech detection templates often have conditional requests that may be filtered based on runtime options. Fixes #6417 Signed-off-by: Dwi Siswanto <git@dw1.io> * fix(templates): recompile workflow with `tplCopy.Options` Signed-off-by: Dwi Siswanto <git@dw1.io> * fix(templates): strengthen cache hit guard Signed-off-by: Dwi Siswanto <git@dw1.io> * fix(protocols): skips template-specific fields Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: Dwi Siswanto <git@dw1.io>	2025-08-23 20:01:23 +05:30
Sandeep Singh	b4644af80a	Lint + test fixes after utils dep update (#6393) ... * fix: remove undefined errorutil.ShowStackTrace * feat: add make lint support and integrate with test * refactor: migrate errorutil to errkit across codebase - Replace deprecated errorutil with modern errkit - Convert error declarations from var to func for better compatibility - Fix all SA1019 deprecation warnings - Maintain error chain support and stack traces * fix: improve DNS test reliability using Google DNS - Configure test to use Google DNS (8.8.8.8) for stability - Fix nil pointer issue in DNS client initialization - Keep production defaults unchanged * fixing logic * removing unwanted branches in makefile --------- Co-authored-by: Mzack9999 <mzack9999@protonmail.com>	2025-08-20 05:28:23 +05:30
Dwi Siswanto	6a6fa4d38f	feat(fuzz): eval variables (#6358) ... * feat(fuzz): eval vars for rule keys & values Signed-off-by: Dwi Siswanto <git@dw1.io> * chore: re-fmt fuzzing/dast errors Signed-off-by: Dwi Siswanto <git@dw1.io> * test(fuzz): adds `TestEvaluateVariables` Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: Dwi Siswanto <git@dw1.io>	2025-08-16 14:41:22 +05:30
Dwi Siswanto	9fcacd0f86	ci(tests): migrate to golangci-lint v2 (#6380) ... * chore: satisfy lints Signed-off-by: Dwi Siswanto <git@dw1.io> * ci(tests): migrate to golangci-lint v2 Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: Dwi Siswanto <git@dw1.io>	2025-08-16 13:20:09 +07:00
ysokolovsky	d569cfe864	fix(headless): merge extra headers (#6376) ... * headless: fix extra headers overwrite * headless: set Accept-Language when no custom headers	2025-08-16 04:48:34 +05:30
poning	3ac3146ef9	fix(offlinehttp): Replace "-" in headers with "_" for DSL variables (#6363) ... * Replace "-" in headers with "_" for DSL variables in passive mode * test(offlinehttp): adjust haystack & needle in `TestHTTPOperatorExtract` Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: Dwi Siswanto <git@dw1.io> Co-authored-by: Dwi Siswanto <git@dw1.io>	2025-08-02 05:35:03 +07:00
jishudashen	0337b33490	chore: fix inconsistent function name in comment ... Signed-off-by: jishudashen <jishudashen@foxmail.com>	2025-07-21 14:13:22 +08:00
Dwi Siswanto	9133e0d2d0	feat(code): log unavail engines as an err while validating (#6326) ... * feat(code): log unavail engines as an err while validating Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(chore): i meant highest level Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: Dwi Siswanto <git@dw1.io>	2025-07-19 00:12:50 +05:30
HD Moore	5b89811b90	Support concurrent Nuclei engines in the same process (#6322) ... * support for concurrent nuclei engines * clarify LfaAllowed race * remove unused mutex * update LfaAllowed logic to prevent races until it can be reworked for per-execution ID * Update pkg/templates/parser.go Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * debug tests * debug gh action * fixig gh template test * using atomic * using synclockmap * restore tests concurrency * lint * wiring executionId in js fs --------- Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> Co-authored-by: Mzack9999 <mzack9999@protonmail.com>	2025-07-19 00:10:58 +05:30
HD Moore	875941ce8d	avoid data races using mutex for memguardian	2025-07-15 02:34:47 -05:00
HD Moore	6bf3f14798	avoid data races by using request clones	2025-07-15 02:34:29 -05:00
gopherorg	1079498182	refactor: use maps.Copy for cleaner map handling (#6283) ... Signed-off-by: gopherorg <gopherworld@icloud.com>	2025-07-12 02:50:47 +05:30
HD Moore	f26996cb89	Remove singletons from Nuclei engine (continuation of #6210) (#6296) ... * introducing execution id * wip * . * adding separate execution context id * lint * vet * fixing pg dialers * test ignore * fixing loader FD limit * test * fd fix * wip: remove CloseProcesses() from dev merge * wip: fix merge issue * protocolstate: stop memguarding on last dialer delete * avoid data race in dialers.RawHTTPClient * use shared logger and avoid race conditions * use shared logger and avoid race conditions * go mod * patch executionId into compiled template cache * clean up comment in Parse * go mod update * bump echarts * address merge issues * fix use of gologger * switch cmd/nuclei to options.Logger * address merge issues with go.mod * go vet: address copy of lock with new Copy function * fixing tests * disable speed control * fix nil ExecuterOptions * removing deprecated code * fixing result print * default logger * cli default logger * filter warning from results * fix performance test * hardcoding path * disable upload * refactor(runner): uses `Warning` instead of `Print` for `pdcpUploadErrMsg` Signed-off-by: Dwi Siswanto <git@dw1.io> * Revert "disable upload" This reverts commit 114fbe6663361bf41cf8b2645fd2d57083d53682. * Revert "hardcoding path" This reverts commit cf12ca800e0a0e974bd9fd4826a24e51547f7c00. --------- Signed-off-by: Dwi Siswanto <git@dw1.io> Co-authored-by: Mzack9999 <mzack9999@protonmail.com> Co-authored-by: Dwi Siswanto <git@dw1.io> Co-authored-by: Dwi Siswanto <25837540+dwisiswant0@users.noreply.github.com>	2025-07-10 01:17:26 +05:30
alban-stourbe-wmx	eccd90d53c	fix(headless): Variables are now available into headless template (#6301) ... * fix(headless): variables now available into simple headless template * chore: erase debug logs	2025-07-04 21:51:09 +07:00
Dwi Siswanto	87ed0b2bb9	build: bump all direct modules (#6290) ... * chore: fix non-constant fmt string in call Signed-off-by: Dwi Siswanto <git@dw1.io> * build: bump all direct modules Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(hosterrorscache): update import path Signed-off-by: Dwi Siswanto <git@dw1.io> * fix(charts): break changes Signed-off-by: Dwi Siswanto <git@dw1.io> * build: pinned `github.com/zmap/zcrypto` to v0.0.0-20240512203510-0fef58d9a9db Signed-off-by: Dwi Siswanto <git@dw1.io> * chore: golangci-lint auto fixes Signed-off-by: Dwi Siswanto <git@dw1.io> * chore: satisfy lints Signed-off-by: Dwi Siswanto <git@dw1.io> * build: migrate `github.com/xanzy/go-gitlab` => `gitlab.com/gitlab-org/api/client-go` Signed-off-by: Dwi Siswanto <git@dw1.io> * feat(json): update build constraints Signed-off-by: Dwi Siswanto <git@dw1.io> * chore: dont panicking on close err Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: Dwi Siswanto <git@dw1.io>	2025-07-01 00:40:44 +07:00
Tarun Koyalwar	2b729e4037	fix context leak in flow (#6282) ... * fix context leak in flow * handle sizedwaitpool when not reused	2025-06-30 16:43:00 +07:00
曹家巧	4ff80784ae	refactor: use the built-in max/min to simplify the code (#6272) ... Signed-off-by: xiaoxiangirl <caojiaqiao@outlook.com>	2025-06-24 05:49:06 +05:30
Dwi Siswanto	695a7520b9	fix(headless): incorrect last navigated URL (#6278) ... * chore(headless): uses `maps.Copy` Signed-off-by: Dwi Siswanto <git@dw1.io> * feat(headless): implements update last navigated URL for `ActionNavigate`, `WaitPageLifecycleEvent`, and `WaitStable` based on latest navigation URL. Signed-off-by: Dwi Siswanto <git@dw1.io> * Update pkg/protocols/headless/engine/page.go --------- Signed-off-by: Dwi Siswanto <git@dw1.io>	2025-06-24 05:32:18 +05:30
Nakul Bharti	c242b112cc	fixed hex dump issue (#6273)	2025-06-19 20:07:59 +05:30
Dwi Siswanto	61bcf0f10e	feat(headless): store responses (#6247) ... Signed-off-by: Dwi Siswanto <git@dw1.io>	2025-06-17 05:00:31 +05:30
Shubham Rasal	f89a6d33e9	Use proxy for dns and ssl templates (#6255) ... * Use proxy for dns and ssl templates - while using template execute level function we need to override custom dialer * rename overridedialer to customdialer * Add proxy into hash - proxy client is shared between non proxy requests * add dialer into request object - use request.dialer instead of global variable * resolve comments * rename dialer	2025-06-16 22:24:52 +05:30
tongjicoder	3be29abfc9	refactor: use slices.Contains to simplify code ... Signed-off-by: tongjicoder <tongjicoder@icloud.com>	2025-05-27 17:16:26 +08:00
Dogan Can Bakir	160eab998c	Merge pull request #6222 from fourcube/fix/slow-headless-start-and-shutdown ... fix: improve headless engine startup and shutdown	2025-05-19 16:42:38 +03:00
circleous	b03c30418b	fix: fallback set SNI to host if not specified when using socks proxy (#6218)	2025-05-15 16:46:49 +05:30
Chris Grieger	bc551fc3f1	fix: improve headless engine startup and shutdown ... Fixes #6221 Instead of enumerating all chrome processes to determine which ones need to be killed on shutdown, use the launcher.Kill() method to terminate the process that was launched for this browser instance.	2025-05-14 16:14:21 +02:00
Sandeep Singh	4801cc65ef	feat: fixed max-host-error blocking + progress mismatch + misc (#6193) ... * feat: fixed max-host-error blocking wrong port for template with error * feat: log total results with time taken at end of execution * bugfix: skip non-executed requests with progress in flow protocol * feat: fixed request calculation in http protocol for progress * misc adjustments --------- Co-authored-by: Ice3man <nizamulrana@gmail.com>	2025-05-07 17:22:15 +05:30
Dogan Can Bakir	ffb0a92216	Merge pull request #6088 from projectdiscovery/fix_interactsh_for_js ... fix unresolved `interactsh-url` for js templates	2025-04-17 11:03:32 +03:00
Florian Pfitzer	c0b5c29d3b	fix: default offlinehttp extractor without part to body like requests	2025-04-14 09:13:11 +02:00
threehonor	d1b1c23e4e	chore: fix some function names in comment ... Signed-off-by: threehonor <pengqi@email.cn>	2025-03-26 11:03:43 +08:00
Shubham Rasal	04a6c82730	add setDialer function to TCP protocol (#6101) ... - add ability to override setDialer function for tcp - socks proxy is not used incase of tcp protocol - TCP uses global tcp dialer shared, we need template request level ability to set dialer	2025-03-17 16:44:33 +05:30
Dogan Can Bakir	a9718d3664	set headers for fuzzing request (#5988) ... Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>	2025-03-07 20:54:35 +05:30
Doğan Can Bakır	1e08d29e50	fix unresolved interactsh-url for js templates	2025-03-06 15:52:12 +03:00
Ice3man	5f0b7eb19b	feat: added initial live DAST server implementation (#5772) ... * feat: added initial live DAST server implementation * feat: more logging + misc additions * feat: auth file support enhancements for more complex scenarios + misc * feat: added io.Reader support to input providers for http * feat: added stats db to fuzzing + use sdk for dast server + misc * feat: more additions and enhancements * misc changes to live server * misc * use utils pprof server * feat: added simpler stats tracking system * feat: fixed analyzer timeout issue + missing case fix * misc changes fix * feat: changed the logics a bit + misc changes and additions * feat: re-added slope checks + misc * feat: added baseline measurements for time based checks * chore(server): fix typos Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * fix(templates): potential DOM XSS Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * fix(authx): potential NIL deref Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * feat: misc review changes * removed debug logging * feat: remove existing cookies only * feat: lint fixes * misc * misc text update * request endpoint update * feat: added tracking for status code, waf-detection & grouped errors (#6028) * feat: added tracking for status code, waf-detection & grouped errors * lint error fixes * feat: review changes + moving to package + misc --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> * fix var dump (#5921) * fix var dump * fix dump test * Added filename length restriction for debug mode (-srd flag) (#5931) Co-authored-by: Andrey Matveenko <an.matveenko@vkteam.ru> * more updates * Update pkg/output/stats/waf/waf.go Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> Co-authored-by: Dwi Siswanto <25837540+dwisiswant0@users.noreply.github.com> Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> Co-authored-by: Dogan Can Bakir <65292895+dogancanbakir@users.noreply.github.com> Co-authored-by: 9flowers <51699499+Lercas@users.noreply.github.com> Co-authored-by: Andrey Matveenko <an.matveenko@vkteam.ru> Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>	2025-02-13 18:46:28 +05:30
Dogan Can Bakir	3c825e8045	fix var dump (#5921) ... * fix var dump * fix dump test	2025-02-13 17:20:14 +05:30
Ice3man	a2c8f1e4cd	feat: added tracking for status code, waf-detection & grouped errors (#6028) ... * feat: added tracking for status code, waf-detection & grouped errors * lint error fixes * feat: review changes + moving to package + misc --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>	2025-02-13 17:13:39 +05:30
Dwi Siswanto	622c5503fa	perf(*): replace encoding/json w/ sonic or go-json (fallback) (#6019) ... * perf(*): replace `encoding/json` w/ sonic Signed-off-by: Dwi Siswanto <git@dw1.io> * feat(utils): add `json` pkg (sonic wrapper) Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(*): use `sonic` wrapper instead Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(*): replace `sonic.ConfigStd` -> `json` (wrapper) Signed-off-by: Dwi Siswanto <git@dw1.io> * test(model): adjust expected marshal'd JSON Signed-off-by: Dwi Siswanto <git@dw1.io> * feat(json): dynamic backend; `sonic` -> `go-json` (fallback) Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(json): merge config - as its not usable Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(json): rm go version constraints Signed-off-by: Dwi Siswanto <git@dw1.io> * chore: go mod tidy Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: Dwi Siswanto <git@dw1.io>	2025-02-11 03:01:37 +05:30
Dwi Siswanto	d2636b9ca2	feat(headless): eval DSL exprs in args (#6017) ... * refactor(headless): mv `input` -> `ctx` field name Signed-off-by: Dwi Siswanto <git@dw1.io> * feat(headless): eval DSL exprs in args Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(headless): rm duplicate imports Signed-off-by: Dwi Siswanto <git@dw1.io> * feat(headless): rm duplicate dumped req vars * refactor(headless): unify `getTimeParameter` retrieval Now, `getTimeParameter` tries to get the parameter as an integer, then as a `time.Duration`, and finally falls back to the default value (multiplied by the unit). Signed-off-by: Dwi Siswanto <git@dw1.io> * feat(headless): adjust default timeout value to 5s Signed-off-by: Dwi Siswanto <git@dw1.io> * refactor(headless): use `getTimeParameter` Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(headless): add nolint directive - `replaceWithValues` Signed-off-by: Dwi Siswanto <git@dw1.io> * feat(headless): revert parameter automerge & adds `inputURL` field Signed-off-by: Dwi Siswanto <git@dw1.io> * test(headless): add headless-dsl integration test Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: Dwi Siswanto <git@dw1.io>	2025-02-10 20:16:35 +05:30
Sandeep Singh	04db1bb21d	feat: added rebuildGenerators for misc rebuilding (#6037) ... Co-authored-by: Ice3man <nizamulrana@gmail.com>	2025-02-08 21:05:23 +05:30
Sandeep Singh	53748c47d8	Misc sdk changes (#6018) ... * feat: misc sdk changes to parser * misc * feat: fixed failing tests * fix lint error + update yamldoc-go * return 0 exit code if integration test re-run passes * exclude tech / wordpress template from test --------- Co-authored-by: Ice3man <nizamulrana@gmail.com>	2025-01-31 18:53:55 +05:30
Dwi Siswanto	052fd8b79a	feat(hosterrorscache): add Remove and MarkFailedOrRemove methods (#5984) ... * feat(hosterrorscache): add `Remove` and `MarkFailedOrRemove` methods and also deprecating `MarkFailed` Signed-off-by: Dwi Siswanto <git@dw1.io> * refactor(*): unwraps `hosterrorscache\.MarkFailed` invocation Signed-off-by: Dwi Siswanto <git@dw1.io> * feat(hosterrorscache): add sync in `Check` and `MarkFailedOrRemove` methods * test(hosterrorscache): add concurrent test for `Check` method * refactor(hosterrorscache): do NOT change `MarkFailed` behavior Signed-off-by: Dwi Siswanto <git@dw1.io> * feat(*): use `MarkFailedOrRemove` explicitly Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: Dwi Siswanto <git@dw1.io>	2025-01-31 15:46:57 +05:30
Dogan Can Bakir	d77eab6e87	Ensure Headless protocol accesses flow protocol variables (#6003)	2025-01-31 13:29:11 +05:30
Roy Reznik	dac38732dc	stop using deprecated mholt/archiver (#5951) ... * stop using deprecated mholt/archiver * Fix CR * chore: go mod tidy Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: Dwi Siswanto <git@dw1.io> Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io> Co-authored-by: Dwi Siswanto <git@dw1.io>	2025-01-31 13:27:16 +05:30
Dwi Siswanto	58ae87cb05	test(dns): update input, requires, and enable recursion (#6014) ... * test(dns): update input, requires, and enable recursion Signed-off-by: Dwi Siswanto <git@dw1.io> * Update go.mod --------- Signed-off-by: Dwi Siswanto <git@dw1.io> Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>	2025-01-30 14:44:29 +05:30
Douglas Danger Manley	e4a0b8ec60	Do not clobber the "tcp" dialer for MySQL (#5681) ... This introduces a "nucleitcp" protocol that Nuclei will use when making MySQL connections as part of its templates. Previously, this would register (and de-register!) a custom "tcp" dialer, and that applied globally, so any piece of software that used a MySQL database and included nuclei in SDK mode would have its database connections ripped out from under it due to the dialer hijacking. By using "nucleitcp" as the protocol, we are free to do whatever we want with the dialer and not impact any other packages. Within our `BuildDSN` function, we quietly replace the protocol to "nucleitcp" if it was "tcp", so nuclei developers don't have to do anything special to use this functionality; it will always do it.	2025-01-15 00:29:30 +05:30
Ice3man	2ac02f43b0	feat: added improvements to sdk for offlinehttp (#5982)	2025-01-14 01:21:27 +05:30
Dogan Can Bakir	525d2caf66	fix unresolved interactsh-url for raw http templates (#5938)	2024-12-24 20:27:13 +05:30
Dwi Siswanto	f21a82aac3	fix(httpclientpool): rebuild malformed Location URL (#5902) ... Signed-off-by: Dwi Siswanto <git@dw1.io> Co-authored-by: Doğan Can Bakır <dogancanbakir@protonmail.com>	2024-12-19 20:31:41 +05:30
Mzack9999	1e87ca82c8	fix missing browser init (#5896) ... * fix missing browser init * . * using lazy init * updating test with new web ui * go mod * sandbox test * non fatal error	2024-12-17 15:38:42 +05:30
Shubham Rasal	be1f634eae	Add Alive Proxy into Options (#5903) ... * Move proxy variable from global to options - Provides ability to pass diff proxy in single nuclei instance using sdk * add type check (resolve comments)	2024-12-13 04:23:27 +05:30