External/nuclei
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei.git synced 2025-12-18 03:55:23 +00:00
Code Issues Packages Projects Releases Wiki Activity
5,202 Commits 49 Branches 135 Tags
Commit Graph

60 Commits

Author SHA1 Message Date
Tarun Koyalwar
2418319df4
js: generate matcher-status event (#5450) 
* js: generate matcher-status event

* isPortOpen: use fastdialer instance

* update sdk unit test

* add docs :)
 2024-07-27 02:46:34 +05:30
jarnpher_rice
f930e9a58f
chore(deps): change github.com/denisenkom/go-mssqldb to github.com/microsoft/go-mssqldb (#5419) 2024-07-25 02:59:35 +05:30
Tarun Koyalwar
6cbd73f780
feat: improve ldap output with custom type: (#5387) 
* feat: improve ldap output with custom type:

* js bindings update

* lint fix
 2024-07-15 18:42:22 +05:30
Dogan Can Bakir
f080d614c3
introduce timeouts config in types.Options (#5228) 
* introduce timeout variants

* update instances and add codeexectimeout

* fix test

* default to 10s

* minor

* make timeouts pluggable and rename

* remove residual code

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2024-07-15 15:57:15 +05:30
Ramana Reddy
d4e81fd9e6
register goja func to check udp port (#5397) 
* register goja func to check port with network param

* register goja func to check udp port
 2024-07-15 12:58:30 +05:30
Mzack9999
1c24ceda45
adding automatic service check on query (#5291) 
* adding automatic service check on query

* automatic service check
 2024-07-08 17:08:29 +05:30
Tarun Koyalwar
1e3cfd75ea fix issue with ldap search func 2024-07-03 18:26:59 +05:30
Tarun Koyalwar
23bd0336fb
multiple bug fixes + performance improvements (#5148) 
* prototype errkit

* complete errkit implementation

* add cause to all timeouts

* fix request timeout annotation @timeout

* increase responseHeaderTimeout to 8 for stability

* rawhttp error related improvements

* feat: add port status caching

* add port status caching to http

* migrate to new utils/errkit

* remote dialinterface + error cause

* debug dir support using .gitignore debug-*

* make nuclei easy to debug

* debug dir update .gitignore

* temp change (to revert)

* Revert "temp change (to revert)"

This reverts commit d3131f777713b9f80e2275142e80f36340a76d36.

* use available context instead of new one

* bump fastdialer

* fix hosterrorscache + misc improvements

* add 'address' field in error log

* fix js vague errors + pgwrap driver

* fix max host error + misc updates

* update tests as per changes

* fix request annotation context

* remove closed dialer reference

* fix sdk panic issue

* bump retryablehttp-go,utils,fastdialer

---------

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
 2024-05-25 00:29:04 +05:30
Ice3man
4170e1cbb8
more goroutine leak fixes to nuclei (#5188) 
* more goroutine leak fixes to nuclei

* run only dns templates for test

* updated httpx to dev

* dep update

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2024-05-20 00:48:40 +05:30
Tarun Koyalwar
3e54ca54b0
feat: fix utils and add goroutine leak unit tests (#5112) 
* feat: fixed leak

* add go leak unit test in sdk

* added goleak unit tests

* bugfix: add random user agents to fuzzing requests

* misc

* misc

* fix lint + use utils pr + misc

* fix ratelimit memleak in sdk

* close protocolstate shared resources in nuclei sdk/lib

* add missing close references

* ignore read/write loop of intransit connections

* close unnecessary idle conns

* add ignore method

* using fixed utils

* dep update

---------

Co-authored-by: Ice3man <nizamulrana@gmail.com>
Co-authored-by: mzack <marco.rivoli.nvh@gmail.com>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2024-05-01 00:28:11 +05:30
Ice3man
0b82e8b7aa
feat: added support for context cancellation to engine (#5096) 
* feat: added support for context cancellation to engine

* misc

* feat: added contexts everywhere

* misc

* misc

* use granular http timeouts and increase http timeout to 30s using multiplier

* track response header timeout in mhe

* update responseHeaderTimeout to 5sec

* skip failing windows test

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2024-04-25 15:37:56 +05:30
mzack
7e363984b2 Merge branch 'dev' into feat-3072-init-adaptive-speed 2024-04-09 15:19:51 +02:00
Muhammad Daffa
ffbe5deebb
feat: added asreproastable (#4990) 
* feat: added asreproastable

* ldap: remove FilterAccountEnabled from AsRepRoastable

* run 'make jsupdate'

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2024-04-08 03:31:30 +05:30
Mzack9999
3c62b56fd9 panic at the pool 2024-04-03 19:02:30 +02:00
Mzack9999
774db61655 lightweight adaptivity on workpool 2024-04-03 18:50:46 +02:00
Mzack9999
a8d1393e96 init- using resizable components 2024-04-03 17:50:57 +02:00
Tarun Koyalwar
255032f4f2
pre-condition in code , fuzz and other misc updates (#4966) 
* fuzz: rename 'filters' -> 'pre-condition'

* code proto: pre-condition + integration test

* feat: dsl document generator

* update dsl page header

* fix lint error

* add js defined helper funcs in docs

* remove panic recovery unless its for third party(go-rod,goja)

* handle dynamic values flattening edgecase in flow+multiprotocol

* fix order of kv in form-data (failing test)

* fix template loading counters

* Revert "handle dynamic values flattening edgecase in flow+multiprotocol"

This reverts commit 58fdd4faf7df5d654b46a9585011f614d5c98aa4.

* fix flow iteration using 'iterate'
 2024-04-01 19:18:21 +05:30
Tarun Koyalwar
94817ca300 js protocol: fix breaking json export issue 2024-03-15 18:04:08 +05:30
Mzack9999
4c7a0f424e
Transparent Memoization via func Annotation (#4742) 
* initial implementation with manual code generation

* testing generation

* refactor to package methods + auto memoize

* more memos

* fixing signatures

* refactor

* adding gen util

* adding util

* regenerate memoized files

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2024-03-01 18:40:18 +05:30
Tarun Koyalwar
8a2ff17ad8
allow specifying self-contained at http request level (#4812) 
* allow specifying self-contained at requestlevel

* fix IsSMTP js example

* update smtp + fix examples

* update smtp error message

* add code reference in js protocol

* update js docs

* remove debug stmt
 2024-03-01 16:38:56 +05:30
Tarun Koyalwar
36985345a9
javascript bindings + docs generation enhancements ( generate typescript defination .d.ts files) (#4487) 
* introduce typescript files generation using ast + tmpl

* feat valid ts with scraping

* feat remove old logic + tsdocs for all modules

* fix ikev and related bugs

* typescript docs for js modules

* lint,build + ldap realm fix

* go mod tidy

* fix named imports ast parsing

* fix ast code generation errors

* complete support for ts files generation

* support go global/const in ts docs

* updated template

* feat: typescript using go code generation

* nuke jsdoc generator

* update generated ts dir structure

* fix multifile ts gen issue

* fix panic in ts code gen

* fix test

* update docs of js libs

* feat: add doc+example for every js class,function,method

* fix missing quotes in ikev example

---------

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
 2024-02-07 21:45:40 +05:30
Tarun Koyalwar
66bc616fd2 update js proto bindings 2024-02-06 04:02:53 +05:30
Tarun Koyalwar
fd2ab3ce8a refactor to use nucleijs utils 2024-02-06 03:55:57 +05:30
Tarun Koyalwar
0e11bd7196 Merge remote-tracking branch 'upstream/dev' into ldap-protocol-enhancements 2024-02-06 02:38:38 +05:30
Tarun Koyalwar
3b75db46c7
Merge pull request #4647 from 5amu/remove-kerberos-dependency 
switch dependency for kerberos js module (ropnop/gorkb5 -> jcmturner/gokrb5)
 2024-02-06 02:37:57 +05:30
Tarun Koyalwar
71154918b0 fix network policy error 2024-02-06 02:03:33 +05:30
Tarun Koyalwar
01487ba1b8 network policy check + ASREP method 2024-02-05 23:56:16 +05:30
Tarun Koyalwar
06d9de3a27 refactor kerberos with nucleijs helper 2024-02-05 23:21:04 +05:30
Tarun Koyalwar
cc732875cd
javascript: pooling and reuse with export functions + misc updates (#4709) 
* js hotfix: wrap javascript source in anon functions

* mysql module improvements

* misc mysql bugs

* js vm pooling: soft deprecation + incentivised pooling

* misc updates

* disable interactsh failed test

* disable interactsh.yaml integration test on win & mac
 2024-02-02 02:22:04 +05:30
Tarun Koyalwar
93b66af9fb
mysql: ignore warning log + misc updates (#4702) 2024-01-31 02:32:23 +05:30
Tarun Koyalwar
5bd9d9ee68
memory leak fixes and optimizations (#4680) 
* feat http response memory optimization + reuse buffers

* update nuclei version

* feat: reuse js vm's and compile to programs

* fix failing http integration test

* remove dead code + add -jsc

* feat reuse js vms in pool with concurrency

* update comments as per review

* bug fix+ update interactsh test to look for dns interaction

* try enabling all interactsh integration tests

---------

Co-authored-by: mzack <marco.rivoli.nvh@gmail.com>
 2024-01-31 01:59:49 +05:30
Tarun Koyalwar
2153cc6055
fix panic in smb javascript template + handle panics in js (#4700) 
* switch dependency to projectdiscovery/go-smb2 + handle panics

* bump projectdiscovery/go-smb2

* disable interactsh integration test
 2024-01-30 04:15:59 +05:30
Tarun Koyalwar
2c2cc2774a feat: introduce nucleijs utils 2024-01-23 04:11:04 +05:30
5amu
2f926c4f72 implement method to close the ldap connection 2024-01-21 19:50:33 +01:00
5amu
2019dab187 implement utilities for timestamps 2024-01-21 18:14:20 +01:00
5amu
642c99bcff move DecodeSID to utils.go making it a generic function exposed by the module 2024-01-21 17:57:23 +01:00
5amu
c703fffe80 implement method to grab domain SID 2024-01-21 17:31:08 +01:00
5amu
95d028c5f9 move ad filters to adenum.go 2024-01-21 17:12:09 +01:00
5amu
9d23f5f88f implement enumeration methods + rewrite kerberoastable 2024-01-21 17:11:28 +01:00
5amu
89d30d94d6 implement generic method to find AD objects 2024-01-21 16:55:17 +01:00
5amu
893129eb17 reflect changes for gojs 2024-01-21 12:54:49 +01:00
5amu
6bf8f8769b define frequently used filters and AD UAC filters 2024-01-21 12:53:41 +01:00
5amu
cb0d98e4b2 do not append an empty map when generating output in Search() 2024-01-20 23:59:26 +01:00
5amu
9821700f8e simplify CollectMetadata and remove session creation at runtime 2024-01-20 23:57:57 +01:00
5amu
bd1238d27e implement authentication methods and change underlying connection because of bugs 2024-01-20 21:02:08 +01:00
5amu
fe59057c0d implement a generic search that returns a list of objects given a filter and desired attributes 2024-01-20 12:22:36 +01:00
5amu
73a73eeeac implement method to connect to and verify the ldap server (IsLdap -> Connect) 2024-01-20 01:50:54 +01:00
5amu
a167e6c57b make protocolstate.IsHostAllowed check the domaincontroller, not the domain 2024-01-20 00:39:29 +01:00
Tarun Koyalwar
a677fca192
misc improvements in js protocol execution (#4643) 
* js protocol  timeout using -timeout flag

* fix zgrab smb hang

* fix lint error

* custom timeout field in js protocol

* minor update: bound checking

* add 6 * -timeout in code protocol by default
 2024-01-18 04:39:15 +05:30
5amu
3b5ce39e86 make protocolstate.IsHostAllowed check the domaincontroller, not the domain 2024-01-16 10:24:26 +01:00