External/nuclei
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei.git synced 2025-12-24 04:55:29 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,185 Commits 49 Branches 135 Tags
Commit Graph

83 Commits

Author SHA1 Message Date
Tarun Koyalwar
bdf77005d6 resolve merge conflicts 2023-06-27 20:21:14 +05:30
Ramana Reddy
cddae989f3
Add template option to disable merging target url path with raw request path (#3799) 
* add template option to disable merging target url path with raw request path

* rename disable-merge-path -> disable-path-automerge
add integration test
 2023-06-19 20:22:17 +05:30
Mzack9999
a7fb15d0bd
Adding support for code templates (#2930) 
* Adding support for code templates

* adding support for python, powershell and echo (test)

* removing debug code

* introducing command + trivial trust store mechanism

* updating tests

* adding basic tests

* removing deprecated oracle

* mod tidy

* adding signature proto with debug prints

* removing debug code

* fixing test

* fixing param order

* improving test conditional build

* disable file+offlinehttp+code with cloud

* adding env vars

* removing debug code

* reorganizing test folders

* adding code template test prototype with dummy priv/pub keys

* bump go to 1.20

* fixing go version

* fixing lint errors

* adding fatal on pub-key test failure

* switching to ecdsa asn1

* removing unused signature

* fixing signature

* adding more tests

* extending core with engine args + powershell win test

* adding unsigned code test

* skip template signing in particular test case

* improving test coverage

* refactoring key names + adding already signed algo

* removing debug code

* fixing syntax

* fixing lint issues

* removing test template

* fixing dns tests path

* output fmt

* adding interact

* fixing lint issues

* adding -sign cli helper

* fixing nil pointer + parse inline keys

* making rsa default

* adding code prot. ref

* moving file to correct loc

* moving test

* Issue 3339 headless fuzz (#3790)

* Basic headless fuzzing

* Remove debug statements

* Add integration tests

* Update template

* Fix recognize payload value in matcher

* Update tempalte

* use req.SetURL()

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>

* Auto Generate Syntax Docs + JSONSchema [Fri Jun  9 00:23:32 UTC 2023] 🤖

* Add headless header and status matchers (#3794)

* add headless header and status matchers

* rename headers as header

* add integration test for header+status

* fix typo

* add retry to py-interactsh integration test

---------

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: Shubham Rasal <shubham@projectdiscovery.io>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: Dogan Can Bakir <65292895+dogancanbakir@users.noreply.github.com>
Co-authored-by: Tarun Koyalwar <45962551+tarunKoyalwar@users.noreply.github.com>
 2023-06-09 20:54:24 +05:30
Mzack9999
0d2d510689
Adding support for constants (#3692) 
* adding support for constants

* fixing typo

* adding integration test

* fixing lint issues

* fixing template syntax
 2023-05-25 22:02:35 +05:30
Shubham Rasal
449afc0c5c
Issue 3564 var override (#3599) 
* Check if the variables are override by other means

- you can override the template variable value using command line flags

* Update lazy eval logic

- previously, we were checking any function/expression in variable
- now, update the logic, lazy eval only if variable contains any
  protocol variable(global)

* add integration tests

* Add test to check the dsl function working in variable

* gather all generate variables logic in utils

* go mod update

* Refactor the generate variables function

* go mod update+ fix typo

---------

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-05-02 23:49:56 +05:30
Tarun Koyalwar
7f5e4e2336
aws signer: fix missing x-content-sha256 header (#3601) 
* fix missing x-content-sha256 header

* fix variable priority in self-contained templates

* remove debug statement

* adds generic raw request parser for self-contained req

* more integration tests

* bug fix: 10x faster race requests

* fix failing integration test
 2023-05-01 12:15:35 +05:30
Tarun Koyalwar
4e6ef4490e
duplicated params in self contained requests (#3608) 
* fix duplicated params in self-contained+ export extracted values to file

* add integration tests + fix percentage overflow in pb

* fix integration test template id

* integration test: validate if file exists
 2023-04-26 12:35:07 +05:30
Mzack9999
6f4b1ae48a
Replacing ccache with generic gcache (#3523) 
* Replacing ccache with generic gcache

* fixing lint issues

* removing unecessary hashing + using errorutils

* making test more tolerant

* removing dead code + refactor

* removing redundant code

* removing race

* maint

* moving code

* adding more iterations

* note + typo

* temporary fixing stop-at-first-match with interact

* wrapping internal map with mux

* sort before running integration test

* fix deadlock in requestShouldStopAtFirstMatch

* add timeout to integration_test workflow

* attempting to remove outer lock

* adds interactsh protocol tests in integration_test

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-04-16 23:19:35 +05:30
Shubham Rasal
45cc676f96
Evaluate payload variables (#3503) 
* Evaluate payload variables

* Add variables evaluation

* Extend variables test

- to check evaluation of global variables in variables
- to check evaluation of golbal variables in payload

* Add default and cli variables to websocket, whois and dns proto

- use url.Parse with urlutil.Parse
 2023-04-12 01:50:58 +05:30
Mzack9999
6a0db1c234 restoring tests 2023-03-17 16:56:14 +01:00
Mzack9999
c115768b8e investigating tests 2023-03-17 15:39:12 +01:00
Ramana Reddy
c9634fae72
Issue 3350 matcher condition or not work (#3397) 
* fix or condition match even interactsh includes as matcher-part (#3350)

* add integration test

* add new template to integration test

* matcher-condtion: test case for both conditions

* fix lint errors

* upgrade dependencies

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-03-15 20:45:44 +05:30
Mzack9999
0bf8fc027d
Fixing nil pointer reference + use map helper (#3421) 
* Fixing nil pointer reference + use map helper

* bump tlsx version to v1.0.6

* increase interactsh polling in integration_test

* fix nil pointer dereference in integration_test

* fix lint error

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-03-14 21:27:48 +05:30
Shubham Rasal
572c8eb780
Issue 2987 fuzz options (#3355) 
* Add override fuzzing type and mode flags

* Update english readme

* Fix failing tests

* Add the integration tests

- validate the command line overriding type and mode for fuzzing
 2023-03-06 16:56:38 +05:30
Tarun Koyalwar
d9e953acfa
fix file input in custom vars for self contained http template (#3385) 
* fix file input in variables(-V)

* fix lint error

* fix nuclei-ignore file failures
 2023-03-04 04:57:27 +05:30
xm1k3
bab15e122b http.DefaultClient replaced with retryablehttp 2023-03-02 21:21:04 +01:00
Tarun Koyalwar
21b03a2e8a
bug fix in url path and adds integration tests (#3331) 
* fix unsafe edgecases+ adds integration test

* bug fixes and more url testcases

* upgrade cfssl

* fix template id in integration test
 2023-02-20 22:26:04 +05:30
xm1k3
cc2f796d2f
Helper function for IP Formats (#3286) 
* implemented ip_format helper function

* added tests on ip_format() helper

* fixes on logic

* fixes related to mapcidr docs

* better error value

* fixes + unit test to check index 11

* added call for integration tests

* fixes on dsl-functions number

---------

Co-authored-by: Mzack9999 <mzack9999@protonmail.com>
 2023-02-17 01:47:40 +05:30
Mzack9999
d608ffaeb2
clear after stop (#3312) 
* clear after stop

* fixing data races

* adding atomic cache

* fixing lint errors

* fixing imports
 2023-02-13 16:46:41 +05:30
Mzack9999
d956275e98
Adding content length edge cases (#3147) 
* adding content length edge cases

* fixing CL behavior

* suppressing -1 error

* fixing path
 2023-01-07 18:06:44 +05:30
Sandeep Singh
c273cbc8cb
Merge pull request #3134 from projectdiscovery/issue-3131-unused-code 
Removing unused code in integration tests
 2023-01-04 11:59:12 +05:30
Tarun Koyalwar
e66ed30cec
fix missing trailing slash (#3127) 
* raw: fix missing trailing slash

* adds rawpath integration test

* rename trailing slash test
 2023-01-03 23:45:34 +05:30
Mzack9999
463f4dd8c8 removing unused code in integration tests 2023-01-03 08:24:33 +01:00
Ice3man
3904d541be
Added http probing to clustering + add disable-clustering flag (#3019) 
* Added http probing to clustering + add disable-clustering flag

* misc update

* Commented out failing test

* Fixed lint error

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2022-12-11 18:06:21 +05:30
forgedhallpass
0295ca19bc
Add split DSL function (#2838) 
* Add support for showing overloaded DSL method signatures

* Add `split` DSL function #2837

* fixing lint warnings

* replacing faulty regex with strings methods

Co-authored-by: Mzack9999 <mzack9999@protonmail.com>
Co-authored-by: mzack <marco.rivoli.nvh@gmail.com>
 2022-11-14 06:08:12 +05:30
Mzack9999
1fbbca66f9
Adding support to scan all v4/v6 IPs (#2709) 
* Adding support to scan all v4/v6 IPs

* adding tests

* metainput prototype

* using new signature

* fixing nil pointer

* adding request context with metadata

* removing log instruction

* fixing merge conflicts

* adding clone helpers

* attempting to fix ipv6 square parenthesis wrap

* fixing dialed ip info

* fixing syntax

* fixing output ip selection

* adding integration tests

* disabling test due to gh ipv6 issue

* using ipv4 only due to GH limited networking

* extending metainput marshaling

* fixing hmap key

* adding test for httpx integration

* fixing lint error

* reworking marshaling/id-calculation

* adding ip version validation

* improving handling non url targets

* fixing condition check
 2022-11-09 18:48:56 +05:30
Ice3man
b9472cf7e1
Added fuzzing support for query params + var dump feature (#2679) 
* Added fuzzing support for query params + var dump feature

* Added query-fuzz integration test

* Fixed payloads + added keys-regex fuzz parameter

* Fixed interactsh not working + misc

* Fixed evaluation + added global variables/dsl support to payloads

* Misc fixes related to variables evaluations

* Added http variables support to fuzz

* misc

* Misc

* Added testing playground + misc renaming

* Added support for path and raw request to fuzzing

* Fixed fuzz integration test

* Fixed variable unresolved issue

* Add multiple parameter support with same name

* Added parameter value as 'value' dsl variable for parts

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
 2022-11-01 20:28:50 +05:30
Ice3man
d956f08cb9
Added attack-type option to override template attack-type (#2724) 
* Added attack-type option to override template attack-type

* Added docs + integration tests
 2022-10-19 03:51:45 +05:30
Mzack9999
a9f5d2defd
reordering unsafe test in the map (#2721) 2022-10-15 01:38:32 +05:30
Mzack9999
18f14b631c
Adding same host redirect support (#2655) 
* simplifying test syntax

* adding same host redirect + refactoring redirect handling

* adding missing file

* adding support for template syntax

* adding integration test

* updating options

* fixing issue on same host redirect
 2022-09-29 04:11:28 +05:30
Myung-jong Kim
9eea441b0e
Add sort(list), sort(string), uniq(list), uniq(string) helper functions (#2372) 
* Add feature in join() to sort a single string slice

Signed-off-by: Myung-jong Kim <mjkim610@gmail.com>

* Add sort helper function and related tests

Signed-off-by: Myung-jong Kim <mjkim610@gmail.com>

* Add uniq helper function and related tests

Signed-off-by: mjkim610 <mjkim610@gmail.com>

Signed-off-by: Myung-jong Kim <mjkim610@gmail.com>
Signed-off-by: mjkim610 <mjkim610@gmail.com>
 2022-09-27 02:59:13 +05:30
Sami
f3eb0daa39
additional dsl functions (#2550) 
* additional dsl functions

* avoid conversion at each iteration
 2022-09-08 14:25:34 +05:30
James Turner
42a0732d68
Add sha512 support (#2517) 2022-08-31 12:36:02 +05:30
M. Ángel Jimeno
ecb3f21076
http: prevent HTTP 'connection' header from being added twice (#2480) 
* http: prevent HTTP 'connection' header from being added twice

* misc fix

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-08-25 00:25:02 +05:30
Ice3man
e7cffad312
Fixed request annotation based timeout bugs + tests + misc (#2476) 2022-08-23 12:45:55 +05:30
Sajad
c4ba2b4edb
Additional helpers (#2359) 
* add starts_with, ends_with helper functions

* add test cases, update dsl signatures

* change split_starts_with to line_starts_with
 2022-08-06 23:16:03 +05:30
Ice3man
9073b753ca
Added aes_gcm implementation for DSL function (#2196) 
* Added aes_gcm implementation for DSL function

* Added integration test for dsl-functions.yaml
 2022-06-23 16:16:24 +05:30
forgedhallpass
cadba90a5a test: extended the DSL helper integration test cases 2022-06-10 15:58:54 +03:00
forgedhallpass
179cf908a8 Revert "test: extended the DSL helper integration test cases" 
This reverts commit ea0b6eae644f4965c34cd1436fc4e5ef6a597899.
 2022-06-10 13:48:34 +03:00
forgedhallpass
ea0b6eae64 test: extended the DSL helper integration test cases 2022-06-10 13:33:16 +03:00
forgedhallpass
9fd9892f49 test: extra DSL function test cases 2022-06-08 20:58:46 +03:00
Ice3man
be5f1a7623
Added redirected matched URL + stop-at-first-match for redirect chains (#2050) 
* Added redirected matched URL + stop-at-first-match for redirect chains

* Pleasing go-linter
 2022-05-30 15:19:09 +05:30
Mzack9999
16a05d0aa2
Adding CLI SNI support to unsafe http (#2077) 
* Adding CLI SNI support to unsafe http

* adding http unsafe sni test
 2022-05-27 21:53:07 +05:30
Mzack9999
39c7317ec3
Adding SNI override via request annotations (#1970) 
* Adding SNI override via request annotations

* adding cli flag priority
 2022-05-12 16:43:56 +05:30
Mzack9999
2f1330345f
Adding global SNI support for HTTP protocol via CLI (#1964) 
* Adding global SNI support via CLI

* adding integration test

* adding cli option to docs

* reverting deleted test
 2022-05-11 16:00:39 +05:30
LuitelSamikshya
96b6b7c8e1 format correction 2022-04-27 12:52:07 -05:00
LuitelSamikshya
1a3d0c90a7 removed a flag from test case 2022-04-27 11:21:58 -05:00
LuitelSamikshya
3ccbfe4626 disable redirects flag 2022-04-27 11:19:44 -05:00
Ice3man
aea79638c6 Merge branch 'dev' of https://github.com/projectdiscovery/nuclei into variables-introduction 2022-04-06 19:04:27 +05:30
Mzack9999
ef2c7a574f
fixing integration test condition (#1813) 2022-04-05 17:42:13 +05:30