External/nuclei
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei.git synced 2025-12-27 08:05:29 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,138 Commits 49 Branches 135 Tags
Commit Graph

341 Commits

Author SHA1 Message Date
Shubham Rasal
a34b94e62f
Issue 3339 headless fuzz (#3790) 
* Basic headless fuzzing

* Remove debug statements

* Add integration tests

* Update template

* Fix recognize payload value in matcher

* Update tempalte

* use req.SetURL()

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-06-09 05:50:44 +05:30
Mzack9999
168d9e2c21
Extending multistep support (#3546) 
* Extending multistep support

* duping buffer

* adding python pack/unpack

* fixing deps

* bump dsl version

* fixing go sum

* adding inline matchers/extractors

* pointing to latest dsl

* fixing looping

* refining inline matchers/extractors

* bumping dsl

* bump dsl

* show conn read errors

* removing redundant logic

superseded by js layer

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
 2023-06-01 06:19:19 +05:30
Keith Chason
4d6080f3bc
"Executer" to "Executor" (#3760) 
* Fix spelling of "executer" to "executor"

* minor change: use defer file.Close()

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-06-01 02:28:10 +05:30
Mzack9999
0d2d510689
Adding support for constants (#3692) 
* adding support for constants

* fixing typo

* adding integration test

* fixing lint issues

* fixing template syntax
 2023-05-25 22:02:35 +05:30
Mzack9999
dfd4d5b855
Adding interact keepalive to reduce server-side id pruning (#3680) 
* adding interact keepalive + improving init logic

* dep update

* go version update

* readme update

* version bump

* fixing invalid format

---------

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2023-05-21 01:56:13 +05:30
Shubham Rasal
2dd13b9afb
Allow additional properties for variables inside jsonschema (#3669) 
* Allow additional properties in variables inside jsonschema

* Update variables jsonschema function

* Add tags for archive and mime-type
 2023-05-15 19:15:11 +05:30
Tarun Koyalwar
c62dc01f9f
uncover logic refactor to v0.0.4 (#3663) 
* uncover logic refactor to v0.0.4

* remove deprecated import: stringsutil
 2023-05-09 03:57:56 +05:30
Shubham Rasal
449afc0c5c
Issue 3564 var override (#3599) 
* Check if the variables are override by other means

- you can override the template variable value using command line flags

* Update lazy eval logic

- previously, we were checking any function/expression in variable
- now, update the logic, lazy eval only if variable contains any
  protocol variable(global)

* add integration tests

* Add test to check the dsl function working in variable

* gather all generate variables logic in utils

* go mod update

* Refactor the generate variables function

* go mod update+ fix typo

---------

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-05-02 23:49:56 +05:30
Tarun Koyalwar
7f5e4e2336
aws signer: fix missing x-content-sha256 header (#3601) 
* fix missing x-content-sha256 header

* fix variable priority in self-contained templates

* remove debug statement

* adds generic raw request parser for self-contained req

* more integration tests

* bug fix: 10x faster race requests

* fix failing integration test
 2023-05-01 12:15:35 +05:30
Mzack9999
ea5f8a0638
Additional nil check on interactsh client (#3590) 2023-04-25 23:49:23 +05:30
Mzack9999
978d0bcc23
Replacing goos with osutils (#3571) 
* Replacing goos with osutils

* pleasing his majesty the linter
 2023-04-19 23:00:15 +05:30
Tarun Koyalwar
bf08913cd0
update logic + config management refactor (#3567) 
* adds template manager

* refactor: checkpoint

* centrailized config & template download logic

* refactor removed unused code

* use global template directory

* update related bug fixes

* bug fix create cfg dir if missing

* fix lint error

* bug fix skip writing template dir in callback

* misc update

* remove unused code

* use strings.equalfold for comparison

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2023-04-19 21:58:48 +05:30
Mzack9999
6f4b1ae48a
Replacing ccache with generic gcache (#3523) 
* Replacing ccache with generic gcache

* fixing lint issues

* removing unecessary hashing + using errorutils

* making test more tolerant

* removing dead code + refactor

* removing redundant code

* removing race

* maint

* moving code

* adding more iterations

* note + typo

* temporary fixing stop-at-first-match with interact

* wrapping internal map with mux

* sort before running integration test

* fix deadlock in requestShouldStopAtFirstMatch

* add timeout to integration_test workflow

* attempting to remove outer lock

* adds interactsh protocol tests in integration_test

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-04-16 23:19:35 +05:30
Shubham Rasal
45cc676f96
Evaluate payload variables (#3503) 
* Evaluate payload variables

* Add variables evaluation

* Extend variables test

- to check evaluation of global variables in variables
- to check evaluation of golbal variables in payload

* Add default and cli variables to websocket, whois and dns proto

- use url.Parse with urlutil.Parse
 2023-04-12 01:50:58 +05:30
Tarun Koyalwar
f8c5a45966
add mkdir support in headless screenshot (#3457) 
* add mkdir support in headless screenshot

* use filepath to join paths

* print info when screenshot is saved

* change version to v2.9.1-dev

* minor fixings on windows path

---------

Co-authored-by: Mzack9999 <mzack9999@protonmail.com>
 2023-03-24 00:44:32 +05:30
Mzack9999
4c0d988a67 reworking interact mutex mechanism 2023-03-17 14:41:16 +01:00
Tarun Koyalwar
c3771e874d
fix data race in internal resultevent (#3432) 2023-03-16 23:20:38 +05:30
Ramana Reddy
c9634fae72
Issue 3350 matcher condition or not work (#3397) 
* fix or condition match even interactsh includes as matcher-part (#3350)

* add integration test

* add new template to integration test

* matcher-condtion: test case for both conditions

* fix lint errors

* upgrade dependencies

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-03-15 20:45:44 +05:30
Austin Traver
0d90a555f6
adds -track-error option to add custom errors to max-host-error watchlist (#3399) 
* Allow user to specify for "context deadline exceeded" errors to count toward the max host error count

* Convert flag to a string slice `--track-error`

* Minimize diff

* Add documentation for `-track-error`

* adds unit test & minor improvements

* update flag description

---------

Co-authored-by: Austin Traver <austin_traver@intuit.com>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-03-14 13:59:42 +05:30
xm1k3
32b79fdd36 used retryablehttp.DefaultClient().Do(req) 2023-03-02 09:35:53 +01:00
xm1k3
25098c8ea6 fix on ignore call 2023-03-02 09:01:24 +01:00
xm1k3
5959daa58f removed nucleiVersion var as unused 2023-03-01 18:05:56 +01:00
xm1k3
ee6b1bef61 used retryablehttp for api requests 2023-03-01 16:50:21 +01:00
Mzack9999
d80cbef51d
Merge pull request #3333 from CodFrm/main 
fix some json deserialization issues
 2023-02-28 09:02:04 +01:00
王一之
27fefe59d3 fix json deserialization issues 2023-02-27 14:29:49 +08:00
Mzack9999
84abef3f70 Merge branch 'dev' into issue-2188-reporting-client 2023-02-24 15:58:43 +01:00
王一之
994988357a adds missing json tags 2023-02-22 11:15:55 +08:00
Alexandre ZANNI
e3e60d0ba8
uncover: add criminalip support (#3162) 
* update uncover engine options

* add criminalip support

* update criminalIP variable

---------

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: shubhamrasal <shubhamdharmarasal@gmail.com>
 2023-02-21 00:23:11 +05:30
Sandeep Singh
ba7fcd08ff
Merge branch 'dev' into issue-2188-reporting-client 2023-02-20 15:26:16 +05:30
王一之
85090b7531 fix some json deserialization issues 2023-02-17 14:21:25 +08:00
Mzack9999
d608ffaeb2
clear after stop (#3312) 
* clear after stop

* fixing data races

* adding atomic cache

* fixing lint errors

* fixing imports
 2023-02-13 16:46:41 +05:30
Ice3man
7e7bb1ed0a
AES CBC PKCS5Padding helper function update (#3287) 
* Added DSL helper functions for CVE + misc

* Added aes_cbc with pkcspadding

* Misc

* Misc

* Misc

* Removed debug statement

* Misc

* Misc

* Fixed tests
 2023-02-09 20:22:42 +05:30
Mzack9999
d57aec5ec7 converting reporting client to interface 2023-02-07 09:45:49 +01:00
Mzack9999
7556416e5b
adding interactsh support to sni (#3276) 2023-02-07 14:02:10 +05:30
Tarun Koyalwar
d18fa6f6b2 fix data race in race requests 2023-02-06 16:18:30 +05:30
Mzack9999
6c56a20544
Adding support for nmhe (#3219) 
* adding support for nmhe

* updating docs
 2023-01-22 15:08:50 +05:30
Mzack9999
e4402e7449
lowering hmap storage requirement via omitempty (#3111) 2023-01-12 20:01:45 +05:30
Tarun Koyalwar
e899afafdf
skip scanallip if input is ip (#3186) 
* skip scanallips for ip input

* uncover,url parsing bug fix

* minor changes:best practices
 2023-01-11 22:50:57 +05:30
Sandeep Singh
2d7948af55
Fixing host skipping error (#3143) 
* removed error resulting into excessive error count

* banner update
 2023-01-04 00:43:18 +05:30
Sandeep Singh
e66821b49f
Added more error + display skipped host on default run for more visibility. (#3123) 2023-01-02 19:00:10 +05:30
Sandeep Singh
212d0e5cfc
Adding more error to ignore with hosts (#3121) 2023-01-02 17:09:39 +05:30
xm1k3
34120fbecc
#3046 persistent failed item status and #2065 failed items reporting error once (#3047) 
* added logs for debug

* fixes

* removed logs

* using cache item

* implemented multiple tests

* fixed some unit tests

* implemented test for skipping

* added multiple tests together

* added mark failed

* fix on tests

* better test implementation + concurrent

* fix: fixes on concurrent tests

* removed parallel and 1 unit test

DOCS: by default the command go test runs in parallel tests for different packages, and default is the number of CPUs available (see go help build)

* fixes on go routine

* increasing parallelism of once.Do

* bumping go to 1.19 for atomic types support

* removing redundant check + fixing test concurrency on create

Co-authored-by: Mzack9999 <mzack9999@protonmail.com>
Co-authored-by: mzack <marco.rivoli.nvh@gmail.com>
 2023-01-02 13:52:06 +05:30
Mzack9999
34976029d3
removing most go routine leaks (#3073) 
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2022-12-24 19:22:14 +05:30
Mzack9999
093d691c16
Issue 3033 deny list (#3037) 
* fixing file deny list + refactoring

* err variable renaming

* removing redundant function

* removing unused code

* adding check on empty operator

* updating tests
 2022-12-21 02:29:28 +05:30
Mzack9999
96c1dd3720
Adding custom ip to protocol generated variables (#3011) 
* lint errors

* Extending context args support

* Ip => ip
 2022-12-10 00:17:03 +05:30
Sandeep Singh
6ae9eee8d3
README + misc updates (#2961) 
* readme update

* version + banner update

* misc option update

* go fmt'ed code

* misc update
 2022-12-04 20:51:33 +05:30
Sandeep Singh
515503f5f6
Added connection refused error to skip with MaxHostError option (#2955) 2022-12-03 12:54:03 +05:30
dependabot[bot]
9d6ca66da9
chore(deps): bump github.com/projectdiscovery/uncover from 0.0.9 to 1.0.0 in /v2 (#2926) 
* chore(deps): bump github.com/projectdiscovery/uncover in /v2

Bumps [github.com/projectdiscovery/uncover](https://github.com/projectdiscovery/uncover) from 0.0.9 to 1.0.0.
- [Release notes](https://github.com/projectdiscovery/uncover/releases)
- [Changelog](https://github.com/projectdiscovery/uncover/blob/main/.goreleaser.yml)
- [Commits](https://github.com/projectdiscovery/uncover/compare/v0.0.9...v1.0.0)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/uncover
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Add uncover netlas source

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shubhamrasal <shubhamdharmarasal@gmail.com>
 2022-11-30 20:29:55 +05:30
Shubham Rasal
ebfd2e648a
Remove nuclei-updatecheck-api as dependency (#2923) 
* Remove nuclei-updatecheck-api as dependency

* Run go mod tidy

* go mod tidy

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2022-11-29 23:53:05 +05:30
Mzack9999
b3d4dba047
Reverting retryablehttp-go to fix custom http client (#2900) 
* Reverting retryablehttp-go to fix custom http client

* fixing sandbox test
 2022-11-24 21:16:03 +05:30