External/nuclei
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei.git synced 2025-12-18 04:25:31 +00:00
Code Issues Packages Projects Releases Wiki Activity
5,357 Commits 49 Branches 135 Tags
Commit Graph

5357 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dwi Siswanto
2c832f5590
refactor(vardump): use godump lib (#5676) 
* refactor(vardump): use `godump` lib

also increate limit char to `255`.

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat(vardump): add global var `Limit`

Signed-off-by: Dwi Siswanto <git@dw1.io>

* chore(protocols): rm newline

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat(types): add `VarDumpLimit` option

Signed-off-by: Dwi Siswanto <git@dw1.io>

* test(vardump): add test cases

Signed-off-by: Dwi Siswanto <git@dw1.io>

* chore: tidy up mod

Signed-off-by: Dwi Siswanto <git@dw1.io>

---------

Signed-off-by: Dwi Siswanto <git@dw1.io>
 2024-10-14 19:31:36 +05:30
ghost
53f56e179d Auto Generate Syntax Docs + JSONSchema [Mon Oct 14 13:56:50 UTC 2024] 🤖 2024-10-14 13:56:50 +00:00
Dwi Siswanto
cc5c5509dc
feat: global matchers (#5701) 
* feat: global matchers

Signed-off-by: Dwi Siswanto <git@dw1.io>
Co-authored-by: Ice3man543 <ice3man543@users.noreply.github.com>

* feat(globalmatchers): make `Callback` as type

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat: update `passive` term to `(matchers-)static`

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat(globalmatchers): add `origin-template-*` event

also use `Set` method instead of `maps.Clone`

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat: update `matchers-static` term to `global-matchers`

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat(globalmatchers): clone event before `operator.Execute`

Signed-off-by: Dwi Siswanto <git@dw1.io>

* fix(tmplexec): don't store `matched` on `global-matchers` templ

This will end up generating 2 events from the same
`scan.ScanContext` if one of the templates has
`global-matchers` enabled. This way, non-
`global-matchers` templates can enter the
`writeFailureCallback` func to log failure output.

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat(globalmatchers): initializes `requests` on `New`

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat(globalmatchers): add `hasStorage` method

Signed-off-by: Dwi Siswanto <git@dw1.io>

* refactor(templates): rename global matchers checks method

Signed-off-by: Dwi Siswanto <git@dw1.io>

* fix(loader): handle nil `templates.Template` pointer

Signed-off-by: Dwi Siswanto <git@dw1.io>

---------

Signed-off-by: Dwi Siswanto <git@dw1.io>
Co-authored-by: Ice3man543 <ice3man543@users.noreply.github.com>
 2024-10-14 19:25:46 +05:30
chuu
aab2cadb64
fix: input helper in executor options (#5712) 2024-10-14 19:22:52 +05:30
Dwi Siswanto
d68af67e6e
feat(nuclei): generate trace file when using profile-mem (#5690) 
* feat(nuclei): generate trace file when using `profile-mem`

Signed-off-by: Dwi Siswanto <git@dw1.io>

* docs(DESIGN): dynamically grep mod path

Signed-off-by: Dwi Siswanto <git@dw1.io>

---------

Signed-off-by: Dwi Siswanto <git@dw1.io>
 2024-10-14 14:53:36 +05:30
Danny Shemesh
888a732fbc
Unlock memguard global change mutex only when locked (#5714) 2024-10-14 14:18:59 +05:30
Keith Chason
3f0de96726
MongoDB Reporting (#5688) 
* Initial setup of Mongo reporting

* Fix slice pop logic

* Switch to config-file logic

* Parse database name from connection string

* Switch to url.Parse for connection string parsing

* Address return/logging feedback
 2024-10-13 21:44:33 +05:30
Dwi Siswanto
1cd42c46c7
chore: update auto_assign (#5720) 
add me to `addReviewers` list

Signed-off-by: Dwi Siswanto <git@dw1.io>
 2024-10-11 19:13:02 +05:30
Ice3man
82680980a5
bugfix: fix multipart panic + support for filename + content-type (#5702) 
* bugfix: fix multipart files panic + support for filename + content-type propagation

* misc changes
 2024-10-10 20:22:22 +05:30
ghost
690089e1ce Auto Generate Syntax Docs + JSONSchema [Wed Oct 9 21:36:38 UTC 2024] 🤖 2024-10-09 21:36:38 +00:00
Dogan Can Bakir
f0624820d3
update ssl part definitions (#5710) 2024-10-10 03:04:23 +05:30
Ramana Reddy
7ba5d51b00
fix: ldap metadata collection err (#5683) 2024-10-07 18:12:07 +05:30
Ramana Reddy
8b9acb2927
return bool resp on successful ldap authentication (#5682) 2024-10-07 18:11:03 +05:30
Piotr Idzik
23825c77b2
style: do not use backticks (#5687) 2024-10-05 04:07:07 +07:00
sandeep
d1614857bd version update 2024-09-28 19:06:40 +04:00
Tarun Koyalwar
1f945d6d50
consider protocolType in max host error (#5668) 
* consider protocolType in max host error

* add mutex when updating internal-event
 2024-09-28 18:50:35 +05:30
sandeep
e4dae52d5a version update 2024-09-26 12:09:13 +04:00
Dwi Siswanto
c9f67897c4
fix(http): prevent addCNameIfAvailable from using closed Dialer (#5665) 
added a check in `addCNameIfAvailable` to ensure
the `Dialer` isnot NIL before attempting to fetch
DNS data.

this prevents potential panics (ex. SIGSEGV) when
the `Dialer` is closed due to an interruption.

Signed-off-by: Dwi Siswanto <git@dw1.io>
 2024-09-25 22:00:39 +05:30
dependabot[bot]
c93a2b1ba4
chore(deps): bump github.com/projectdiscovery/utils from 0.2.8 to 0.2.11 (#5660) 
Bumps [github.com/projectdiscovery/utils](https://github.com/projectdiscovery/utils) from 0.2.8 to 0.2.11.
- [Release notes](https://github.com/projectdiscovery/utils/releases)
- [Changelog](https://github.com/projectdiscovery/utils/blob/main/CHANGELOG.md)
- [Commits](https://github.com/projectdiscovery/utils/compare/v0.2.8...v0.2.11)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/utils
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-09-24 18:44:01 +05:30
Ice3man
6a561c6470
feat: clone event in clustering to generate correct failure events (#5653) 2024-09-24 18:43:35 +05:30
dependabot[bot]
828dac9002
chore(deps): bump github.com/projectdiscovery/retryabledns (#5657) 
Bumps [github.com/projectdiscovery/retryabledns](https://github.com/projectdiscovery/retryabledns) from 1.0.74 to 1.0.77.
- [Release notes](https://github.com/projectdiscovery/retryabledns/releases)
- [Commits](https://github.com/projectdiscovery/retryabledns/compare/v1.0.74...v1.0.77)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/retryabledns
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-09-23 17:49:04 +05:30
Dwi Siswanto
9983d7415c
refactor(runner): adjust max-host-error if gt concurrency (#5633) 
* refactor(common): use `ParseRequestURI` instead when `NormalizeCacheValue`

also it exports the method

Signed-off-by: Dwi Siswanto <git@dw1.io>

* refactor(runner): adjust `max-host-error` if gt `concurrency`

Signed-off-by: Dwi Siswanto <git@dw1.io>

* fix lint

* chore(runner): expose adjusted `max-host-error` value

Signed-off-by: Dwi Siswanto <git@dw1.io>

---------

Signed-off-by: Dwi Siswanto <git@dw1.io>
Co-authored-by: Doğan Can Bakır <dogancanbakir@protonmail.com>
 2024-09-23 15:57:30 +05:30
dependabot[bot]
a118daa375
Merge pull request #5659 from projectdiscovery/dependabot/go_modules/dev/github.com/projectdiscovery/ratelimit-0.0.56 2024-09-23 06:12:30 +00:00
dependabot[bot]
b8e818ac29
Merge pull request #5658 from projectdiscovery/dependabot/go_modules/dev/github.com/projectdiscovery/useragent-0.0.71 2024-09-23 06:09:14 +00:00
dependabot[bot]
3e6c62b03b
chore(deps): bump github.com/projectdiscovery/useragent 
Bumps [github.com/projectdiscovery/useragent](https://github.com/projectdiscovery/useragent) from 0.0.65 to 0.0.71.
- [Release notes](https://github.com/projectdiscovery/useragent/releases)
- [Commits](https://github.com/projectdiscovery/useragent/compare/v0.0.65...v0.0.71)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/useragent
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-23 05:43:17 +00:00
dependabot[bot]
182e000f2c
chore(deps): bump github.com/projectdiscovery/ratelimit 
Bumps [github.com/projectdiscovery/ratelimit](https://github.com/projectdiscovery/ratelimit) from 0.0.53 to 0.0.56.
- [Release notes](https://github.com/projectdiscovery/ratelimit/releases)
- [Commits](https://github.com/projectdiscovery/ratelimit/compare/v0.0.53...v0.0.56)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/ratelimit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-23 05:43:13 +00:00
dependabot[bot]
21205253c3
Merge pull request #5661 from projectdiscovery/dependabot/go_modules/dev/github.com/projectdiscovery/rawhttp-0.1.67 2024-09-23 05:42:11 +00:00
dependabot[bot]
b18f99e462
chore(deps): bump github.com/projectdiscovery/rawhttp 
Bumps [github.com/projectdiscovery/rawhttp](https://github.com/projectdiscovery/rawhttp) from 0.1.65 to 0.1.67.
- [Release notes](https://github.com/projectdiscovery/rawhttp/releases)
- [Commits](https://github.com/projectdiscovery/rawhttp/compare/v0.1.65...v0.1.67)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/rawhttp
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-23 05:16:47 +00:00
Douglas Danger Manley
694835c459
Add more support for fs.FS in template parsing (#5421) 
* misc update

* chore(deps): bump github.com/gin-gonic/gin from 1.9.0 to 1.9.1 (#4252)

Bumps [github.com/gin-gonic/gin](https://github.com/gin-gonic/gin) from 1.9.0 to 1.9.1.
- [Release notes](https://github.com/gin-gonic/gin/releases)
- [Changelog](https://github.com/gin-gonic/gin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/gin-gonic/gin/compare/v1.9.0...v1.9.1)

---
updated-dependencies:
- dependency-name: github.com/gin-gonic/gin
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/docker/docker (#4316)

Bumps [github.com/docker/docker](https://github.com/docker/docker) from 24.0.5+incompatible to 24.0.7+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v24.0.5...v24.0.7)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* fix README_CN.md typos (#4369)

* version update

* Add more support for `fs.FS` in the disk catalog

This adds more support for `fs.FS` in the disk catalog.  This
fixes some places where direct `os` file-related calls were being
made to use the catalog interface instead.

Note that the JavaScript compiler *still* does not work in any
context where the `pkg/js/libs/fs` package is used.  In particular,
the `ReadFilesFromDir` function is hard-coded to use the `os`
package and not respect the catalog.

* Remove some testing artifacts

* Wrap up

* Unwind other changes

* Add a LoadHelperFileFunction to Options

* Use a direct func

* Tweak validation

* Use a function type

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Xc1Ym <xuedongyuming2233@gmail.com>
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
 2024-09-21 02:41:22 +05:30
Ramana Reddy
3eee9678d0
fix loading dynamic auth templates on fuzzing (#5646) 2024-09-20 23:04:42 +05:30
Ramana Reddy
b69de15777
fix: Parse OpenApi http security schemes on empty values (#5606) 
* fix: parse openapi http security schemes on empty values

* minor

---------

Co-authored-by: Doğan Can Bakır <dogancanbakir@protonmail.com>
 2024-09-19 19:29:19 +05:30
ghost
1610d96bc2 Auto Generate Syntax Docs + JSONSchema [Thu Sep 19 13:34:08 UTC 2024] 🤖 2024-09-19 13:34:08 +00:00
Levente Kováts
6347efa590
Clone Input when the workflow execution forks (#5621) 
* clone Input when the workflow forks, add integration test

* fix line endings
 2024-09-19 19:02:03 +05:30
Dwi Siswanto
4cd065df5f
feat(headless): supporting standard lifecycle events (#5632) 
* refactor(headless): use `WaitStable` for `waitload` action

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat(headless): add `getNavigationFunc`

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat(headless): add `WaitDOM` action

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat(headless): add `WaitFMP` action

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat(headless): add `WaitFCP` action

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat(headless): add `WaitIdle` action

Signed-off-by: Dwi Siswanto <git@dw1.io>

* refactor(headless): `ActionWaitLoad` waits for `proto.PageLifecycleEventNameLoad`

also rename `Page.WaitLoad` to `Page.WaitStable` method.

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat(headless): add `WaitStable` action

Signed-off-by: Dwi Siswanto <git@dw1.io>

* refactor(headless): supporting `duration` arg for `WaitStable` action

Signed-off-by: Dwi Siswanto <git@dw1.io>

* chore: ignore `*.png`

Signed-off-by: Dwi Siswanto <git@dw1.io>

* test(headless): update `TestActionScreenshot*`

call `ActionWaitFMP` instead of `WaitLoad` before take screenshot

Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat(headless): chained with `Timeout` when `WaitStable`

Signed-off-by: Dwi Siswanto <git@dw1.io>

---------

Signed-off-by: Dwi Siswanto <git@dw1.io>
 2024-09-19 19:01:12 +05:30
Ramana Reddy
3d2f31a56f
fix missing template_url for pd signed templates when executed from custom path (#5644) 2024-09-19 18:58:20 +05:30
Ramana Reddy
0a536e6ce0
fix matcher-status tests (#5647) 2024-09-19 18:52:49 +05:30
Dogan Can Bakir
c8cc419e81
remove duplicate directive (#5635) 2024-09-15 19:20:59 +05:30
Tarun Koyalwar
87e99be4f6
scan error formatting (#5628) 2024-09-14 00:06:08 +05:30
Ice3man
2ac9aaf871
bugfix: fixed misc issues with linear integration (#5630) 2024-09-13 23:45:27 +05:30
Dogan Can Bakir
a45e4bbd19
move code around (#5626) 2024-09-12 17:05:32 +05:30
dependabot[bot]
72da91a399
chore(deps): bump github.com/projectdiscovery/hmap from 0.0.56 to 0.0.58 (#5619) 
Bumps [github.com/projectdiscovery/hmap](https://github.com/projectdiscovery/hmap) from 0.0.56 to 0.0.58.
- [Release notes](https://github.com/projectdiscovery/hmap/releases)
- [Commits](https://github.com/projectdiscovery/hmap/compare/v0.0.56...v0.0.58)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/hmap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-09-12 16:14:27 +05:30
Ramana Reddy
bd6330f72a
feat: upload existing scan results (#5603) 
* feat: upload existing scan results

* fix lint test

* misc update

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2024-09-12 16:13:49 +05:30
dependabot[bot]
8b1d9aa0d7
Merge pull request #5618 from projectdiscovery/dependabot/go_modules/dev/github.com/projectdiscovery/wappalyzergo-0.1.18 2024-09-12 10:33:15 +00:00
dependabot[bot]
39f8be2125
chore(deps): bump github.com/projectdiscovery/wappalyzergo 
Bumps [github.com/projectdiscovery/wappalyzergo](https://github.com/projectdiscovery/wappalyzergo) from 0.1.14 to 0.1.18.
- [Release notes](https://github.com/projectdiscovery/wappalyzergo/releases)
- [Commits](https://github.com/projectdiscovery/wappalyzergo/compare/v0.1.14...v0.1.18)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/wappalyzergo
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-12 10:05:56 +00:00
Ice3man
59e69b561d
feat: added linear issue tracker support to nuclei (#5601) 
* feat: added linear issue tracker support to nuclei

* misc

* feat: fixed unmarshal issues

* added linear config

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2024-09-12 15:34:50 +05:30
Dwi Siswanto
fcdead9157
chore: bump go-ci to v1.0.3 (#5611) 
Signed-off-by: Dwi Siswanto <git@dw1.io>
 2024-09-09 19:24:49 +05:30
dependabot[bot]
f7f8d53019
Merge pull request #5615 from projectdiscovery/dependabot/go_modules/dev/github.com/projectdiscovery/clistats-0.1.1 2024-09-09 05:49:09 +00:00
dependabot[bot]
4ef78ae5fa
Merge pull request #5616 from projectdiscovery/dependabot/go_modules/dev/github.com/projectdiscovery/rawhttp-0.1.65 2024-09-09 05:49:07 +00:00
dependabot[bot]
e88c7e31d0
Merge pull request #5617 from projectdiscovery/dependabot/go_modules/dev/github.com/projectdiscovery/gologger-1.1.23 2024-09-09 05:48:23 +00:00
dependabot[bot]
7f4cdf6196
chore(deps): bump github.com/projectdiscovery/gologger 
Bumps [github.com/projectdiscovery/gologger](https://github.com/projectdiscovery/gologger) from 1.1.21 to 1.1.23.
- [Release notes](https://github.com/projectdiscovery/gologger/releases)
- [Commits](https://github.com/projectdiscovery/gologger/compare/v1.1.21...v1.1.23)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/gologger
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-09 05:21:57 +00:00