* Add utility to write max-requests to templates
* fix lint error
* fix max-request update edge case
* fix convert max-request: 1 => max-request: 1
* WIP, most of the code is commented
* Refactor the find and replace logic
* Skip if template has the max-requests, do not overwrite
- return errors
- add warnings
* Fix the wrong index calculation
- Refactor the getInfoBlock function to not compile regex everytime
* Update -tc flag to filter fields within the classification section (#3606)
* Add fields from Classification section in a template to the -tc flag expression evaluation
Signed-off-by: iamargus95 <kamathsuraj95@gmail.com>
* Add tests for filtering Classification section using -tc flag
Signed-off-by: iamargus95 <kamathsuraj95@gmail.com>
* Fix hyphenated Metadata keys beings added to parameters
Signed-off-by: iamargus95 <kamathsuraj95@gmail.com>
* Add tests to the fix for hyphenated fields encountered in Metadata section
Signed-off-by: iamargus95 <kamathsuraj95@gmail.com>
---------
Signed-off-by: iamargus95 <kamathsuraj95@gmail.com>
* Check severity att while validating (#3540)
* Make severity attribute required
* Update test err msg
* minor
* Do not strict check serverity
* Fix failing test
* Don't print warning in workflow loader
- workflow loader that contains tags load all the template and parse it
- i.e it iw printing warning recursively, ignore as the templates
already getting valiated
* Fix error typo
* Resolve comments
- split the function into two diff
---------
Co-authored-by: Mzack9999 <mzack9999@protonmail.com>
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: shubhamrasal <shubhamdharmarasal@gmail.com>
* tlsx dep update (#3620)
* updated interactsh version (#3621)
* updated interactsh version
* workflow update
* aws signer: fix missing x-content-sha256 header (#3601)
* fix missing x-content-sha256 header
* fix variable priority in self-contained templates
* remove debug statement
* adds generic raw request parser for self-contained req
* more integration tests
* bug fix: 10x faster race requests
* fix failing integration test
* chore(deps): bump github.com/xanzy/go-gitlab in /v2 (#3624)
Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab) from 0.82.0 to 0.83.0.
- [Release notes](https://github.com/xanzy/go-gitlab/releases)
- [Changelog](https://github.com/xanzy/go-gitlab/blob/master/releases_test.go)
- [Commits](https://github.com/xanzy/go-gitlab/compare/v0.82.0...v0.83.0)
---
updated-dependencies:
- dependency-name: github.com/xanzy/go-gitlab
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump github.com/miekg/dns from 1.1.53 to 1.1.54 in /v2 (#3625)
Bumps [github.com/miekg/dns](https://github.com/miekg/dns) from 1.1.53 to 1.1.54.
- [Release notes](https://github.com/miekg/dns/releases)
- [Changelog](https://github.com/miekg/dns/blob/master/Makefile.release)
- [Commits](https://github.com/miekg/dns/compare/v1.1.53...v1.1.54)
---
updated-dependencies:
- dependency-name: github.com/miekg/dns
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump github.com/aws/aws-sdk-go-v2/feature/s3/manager in /v2 (#3626)
Bumps [github.com/aws/aws-sdk-go-v2/feature/s3/manager](https://github.com/aws/aws-sdk-go-v2) from 1.11.61 to 1.11.64.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Changelog](https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/feature/s3/manager/v1.11.61...feature/s3/manager/v1.11.64)
---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/feature/s3/manager
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Fix check for OS made in MustDisableSandbox() (#3631)
Signed-off-by: iamargus95 <kamathsuraj95@gmail.com>
* Fix wrong template loading in dev branch (#3629)
* Templates wrong loading
* Add tests to cover following scenarios
- check optional fields only if template loaded
- it should return warning only if template is loaded
* enable color in windows (#3634)
* enable color in windows
* fixed win workflow
* typo update
* tlsx dep update (#3633)
* tlsx dep update
* upgrde httpx => 1.3.0
* Fix check for OS made in MustDisableSandbox() (#3631)
Signed-off-by: iamargus95 <kamathsuraj95@gmail.com>
* Fix wrong template loading in dev branch (#3629)
* Templates wrong loading
* Add tests to cover following scenarios
- check optional fields only if template loaded
- it should return warning only if template is loaded
* enable color in windows (#3634)
* enable color in windows
* fixed win workflow
* typo update
---------
Signed-off-by: iamargus95 <kamathsuraj95@gmail.com>
Co-authored-by: Ramana Reddy <ramanaredy.manda@gmail.com>
Co-authored-by: Suraj Kamath <kamathsuraj95@gmail.com>
Co-authored-by: Shubham Rasal <shubham@projectdiscovery.io>
* Expose DNS fields for matchers and extractors (#3613)
* Extend dns extractor to dns answer records
* add test template
* Ignore error for dns variables are not found
* Add all the records of answer section
* Fixed the wrong typecasting
* Issue 3564 var override (#3599)
* Check if the variables are override by other means
- you can override the template variable value using command line flags
* Update lazy eval logic
- previously, we were checking any function/expression in variable
- now, update the logic, lazy eval only if variable contains any
protocol variable(global)
* add integration tests
* Add test to check the dsl function working in variable
* gather all generate variables logic in utils
* go mod update
* Refactor the generate variables function
* go mod update+ fix typo
---------
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
* update rod to v0.112.9 #3552 (#3637)
* update rod to v0.112.9
* removed unused reflection
---------
Co-authored-by: Mzack9999 <mzack9999@protonmail.com>
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
* change max-requests label to max-request
---------
Signed-off-by: iamargus95 <kamathsuraj95@gmail.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: shubhamrasal <shubhamdharmarasal@gmail.com>
Co-authored-by: Suraj Kamath <kamathsuraj95@gmail.com>
Co-authored-by: Dogan Can Bakir <65292895+dogancanbakir@users.noreply.github.com>
Co-authored-by: Mzack9999 <mzack9999@protonmail.com>
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: Tarun Koyalwar <45962551+tarunKoyalwar@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Shubham Rasal <shubham@projectdiscovery.io>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
Co-authored-by: lu4nx <lx@shellcodes.org>
* Added reference based tag addition to templates
* reference mapping list update
* Misc changes as per review
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
* Add new sites to ban list
* ntelbras.com/
* andmp.com/
* blacklanternsecurity.com/
* pwnwiki.org/
* 0dayhack.net/
* correkt.horse/
* poc.wgpsec.org
* ctf\-writeup.revers3c.com/
* Update cve-annotate to use a contains instead of regex, as it's slightly faster
* Tighten up matchers a little
* small refactor
* Remove lead / from skip domains
Remove stray debug printf
Co-authored-by: mzack <marco.rivoli.nvh@gmail.com>
* Typo
* * Add list of dead reference sites
* Skip dead sites when annotating references
* Tighten up site regexes
* Lint cleanup
* One last url regex cleanup
* small code optimization
* using raw strings for regexes
Co-authored-by: mzack <marco.rivoli.nvh@gmail.com>
* x = x + "" => x += ""
* pre-allocating slice with known size
* added t.Helper() methods in test helpers
* complex if-else conditions replaced by switches
* errors should be checked using error.Is() instead of ==
* function parameter should start with lower case letter
* removed unnecessary type definition
* variable/label naming convention: camelCase instead of snake_case
Directories: 0755 (5 - group and other can read cd into the directory and read it's content)
Files: 0644 (4 - group and other can only read the created files)
Tests files: 0777
