External/nuclei
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei.git synced 2025-12-26 11:05:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,242 Commits 49 Branches 135 Tags
Commit Graph

1676 Commits

Author SHA1 Message Date
Mike Rheinheimer
9efba05e0c
expose hosterrorscache.Cache as an interface (#2291) 
* expose hosterrorscache as an interface, change signature to capture the error reason

* use the hosterrorscache.CacheInterface as struct field so users of Nuclei embedded can provide their own cache implementation

Co-authored-by: Mike Rheinheimer <mrheinheimer@atlassian.com>
 2022-07-19 02:05:53 +05:30
Ice3man
07d5beb73a
Fixed race condition with raw http options (#2306) 2022-07-19 01:08:30 +05:30
Mzack9999
cf1039f49c
Adding prototype of request flow override annotations (#2161) 
* Adding prototype of request flow override annotations

* reworking iteration engine

* adding directory to .gitignore
 2022-07-18 14:16:03 +05:30
sandeep
4ae458df98 readme update 2022-07-18 13:11:28 +05:30
dependabot[bot]
85ca247d26
chore(deps): bump github.com/go-rod/rod from 0.107.3 to 0.108.1 in /v2 (#2272) 
* chore(deps): bump github.com/go-rod/rod from 0.107.3 to 0.108.1 in /v2

Bumps [github.com/go-rod/rod](https://github.com/go-rod/rod) from 0.107.3 to 0.108.1.
- [Release notes](https://github.com/go-rod/rod/releases)
- [Commits](https://github.com/go-rod/rod/compare/v0.107.3...v0.108.1)

---
updated-dependencies:
- dependency-name: github.com/go-rod/rod
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* increasing page timeout

* further increasing timeout

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: mzack <marco.rivoli.nvh@gmail.com>
 2022-07-14 03:14:13 +05:30
invist
db727db006
Optionally disable templates syntax strict check (#2266) 
* nuclei::templates|define strict option (default)

* renaming flag and internal variable

* misc flag update

Co-authored-by: c-f <you@example.com>
Co-authored-by: mzack <marco.rivoli.nvh@gmail.com>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-07-13 17:00:11 +05:30
Sami
6c2fdd3387
Issue 2227 ntv flag run new templates added in specific version (#2275) 
* ntv flag to run templates added in specified version

* added missing arguments

* misc update

* added functional test and err check

* updated the min version

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-07-13 16:49:06 +05:30
Sajad
be73fde0db
use go-homedir instead of standard os.userhomedir (#2262) 
* use go-homedir instead of standard os.userhomedir

* set r.templatesConfig before write attempt to avoid panic
 2022-07-13 13:33:13 +05:30
Mzack9999
1c332bb85b
Improving RFC request/response passive parsing (#2192) 
* Improving RFC request/response passive parsing

* adding test
 2022-07-11 22:43:10 +05:30
Mzack9999
3c945f6ae9
Adding stricter check on offline templates list (#2213) 2022-07-11 22:38:07 +05:30
Ice3man
5b3c2861c2
Added interact-url placeholder support to variables in http requests (#2237) 
* Added interact-url placeholder support to variables in http requests

* Fixed variable errors

* Fixed issue with interactsh in req
 2022-07-11 22:18:13 +05:30
anykno
73a0043f2d
fix: socks5 proxy not working on https target (#2228) 
* fix: socks5 proxy not working on https target

* small name refactor

Co-authored-by: mzack <marco.rivoli.nvh@gmail.com>
 2022-07-01 15:31:00 +05:30
Mzack9999
476773ff8c
Replacing hasstdin with helper library (#2191) 
* Replacing hasstdin with helper library

* adding timeout reader on stdin

* adding large input read timeout

* reducing stdin timeout + nostdin flag

* go mod update

* readme update

* go mod tidy

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-06-30 17:51:54 +05:30
Mzack9999
3838d06aeb
Adding prototype for unexpected fields validation in matchers (#2171) 
* Adding unexpected fields validation

* using expected fields

* adding missing expected field

* using reflect
 2022-06-30 16:50:54 +05:30
Ice3man
f3de611b49
Added enhancements for http variables support (#2223) 2022-06-28 20:20:18 +05:30
Ice3man
8040b66370
Added http request timeout support with annotations (#2233) 
* Added http request timeout support with annotations

* Added nolint statements for lostcontext

* misc

* misc
 2022-06-27 18:36:46 +05:30
Ice3man
ffe6ab04b3
Added include-templates force-loading for templates (#2232) 
* Added include-templates force-loading for templates

* Fixed loader case with include-templates

* Added integration test for excluded-template in loader
 2022-06-27 18:09:29 +05:30
Ice3man
7875b06fc8
Added exclude-matchers support for template & matchers (#2218) 
* Added exclude-matchers support for template & matchers

* Fixed panics due to typo

* Added support for only template ID + misc cleanup
 2022-06-24 23:09:27 +05:30
Ice3man
9073b753ca
Added aes_gcm implementation for DSL function (#2196) 
* Added aes_gcm implementation for DSL function

* Added integration test for dsl-functions.yaml
 2022-06-23 16:16:24 +05:30
sandeep
7f28c048a6 version update 2022-06-22 00:45:08 +05:30
Mzack9999
0b351e83f3
Add self diagnostic functionality (#2178) 
* Adding Self-Diagnostic

* adding comment
 2022-06-22 00:40:10 +05:30
dependabot[bot]
1047047790
chore(deps): bump github.com/go-rod/rod from 0.106.8 to 0.107.1 in /v2 (#2114) 
* chore(deps): bump github.com/go-rod/rod from 0.106.8 to 0.107.1 in /v2

Bumps [github.com/go-rod/rod](https://github.com/go-rod/rod) from 0.106.8 to 0.107.1.
- [Release notes](https://github.com/go-rod/rod/releases)
- [Commits](https://github.com/go-rod/rod/compare/v0.106.8...v0.107.1)

---
updated-dependencies:
- dependency-name: github.com/go-rod/rod
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* fixing function call

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: mzack <marco.rivoli.nvh@gmail.com>
 2022-06-22 00:31:08 +05:30
Mzack9999
112762f024
Adding http request validation at compile time (#2193) 
* Adding http request validation at compile time

* misc update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-06-22 00:26:06 +05:30
Ice3man
50d21c0464
Fixed a issue with random invalid matches in DSL (#2195) 2022-06-21 21:58:43 +05:30
M. Ángel Jimeno
af4854f90d
output: fix WriteStoreDebugData file permissions (#2187) 
Fixes #2180
 2022-06-20 17:10:22 +05:30
Sajad
644c951449
use formedURL instead reqURL in http request dump message (#2174) 2022-06-16 17:24:21 +05:30
Sajad
b715a601e8
Adding nil operator check on clustering (#2173) 
* add nil operator check

* move nil pointer check
 2022-06-16 14:41:05 +05:30
Mzack9999
a4cdba0691
Improving literals detection in expression engine (#2148) 
* Improving literals detection in expression engine

* fixing lint errors

* re-add accidentally deleted test
 2022-06-13 13:55:06 +05:30
Sajad
e7591ec8b3
use request numbering as per template definition in req-condition (#2135) 
* use original request number instead of current iteration in request-condition

* add previousEvent tracking back for request condition

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-06-11 14:29:05 +05:30
tanimdiucse123
e575f53be7
Empty string test can be improved (#2115) 
It is not recommended to use len for empty string test.

A string can be tested for its emptiness either by treating it as a slice and calculating the length of the slice, or by treating it as a string and directly comparing the value. While both produce identical code when compiled, it makes more sense to treat a string as itself, than a slice, for the sake of comparison of values.

Examples

Bad practice

len(s) == 0

Recommended

s == ""

The recommended practice is considered more idiomatic in Go.

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
 2022-06-11 14:11:43 +05:30
Sandeep Singh
5281d342c0
Merge pull request #2138 from mikerott/dev 
protect against multiple unnecessary Init calls
 2022-06-10 18:12:31 +05:30
Mike Rheinheimer
22a8d72c65 protect against multiple unnecessary Init calls 2022-06-09 17:18:49 -05:00
forgedhallpass
9fd9892f49 test: extra DSL function test cases 2022-06-08 20:58:46 +03:00
forgedhallpass
04e7e053de refactor: replace date, time, time_format, time_to_string DSL functions to date_time 2022-06-08 20:41:32 +03:00
forgedhallpass
ef20e0711b refactor: replace date, time, time_format, time_to_string DSL functions to date_time 2022-06-08 20:33:55 +03:00
forgedhallpass
a10d58c6d2 refactor: rename concat_ws DSL function to join 2022-06-08 16:31:33 +03:00
forgedhallpass
145bdaabe5 refactor: extract duplicated hashing logic 2022-06-08 16:11:15 +03:00
forgedhallpass
6d8908c352 refactor: replace hmac_sha1 and hmac_sha256 DSL functions with hmac 2022-06-08 16:00:14 +03:00
James Turner
9d37bd6c0c Add two new DSL helper functions 
hmac_sha1 and concat_ws (with seperator) this are helpful in
signing API requests.
 2022-06-07 18:26:22 +03:00
forgedhallpass
f3514e9b92 Merge branch 'dev' into new_dsl_functions 2022-06-07 17:26:10 +03:00
Sajad
7170cc2828
dsl matcher separate ignorable(No parameter) errors from others (#2127) 2022-06-07 18:23:07 +05:30
Mzack9999
cc37382519
Adding Client TLS1.0 (#2091) 
* Adding Client TLS1.0

* bumping fastdialer version
 2022-06-04 17:45:16 +05:30
Sajad
b79817e0a9
change dsl evaluate warning messages to error (#2096) 
* change dsl evaluate warning messages to error

* add template-id to dsl match error logs
 2022-06-03 13:41:36 +05:30
Sami
fa369b728e
ssl protocol with ms flag crash (#2101) 
* crash with ssl protocol when used with ms flag fix

* added missing template info in case of failure
 2022-06-03 13:32:45 +05:30
sandeep
900addc43f version update 2022-06-03 03:02:11 +05:30
M4rtin Hsu
aebd32b198
Add decimal to hexadecimal helper function (#2076) 
* Add decimal to hexadecimal auxiliary functions

* Fixed unit test

* Modify the helper function name and check the unit test.

* dsl function update

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
 2022-06-03 02:17:35 +05:30
Ice3man
2b631e8e95
Add optional line number for file templates by default (#1966) 
* Add optional line number for file templates by default

* updating docs

* misc flag update

Co-authored-by: mzack <marco.rivoli.nvh@gmail.com>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-06-02 17:06:50 +05:30
Mzack9999
4bcb94e4df
Increasing timeout and fixed error msg (#2092) 
* Increasing timeout and fixed error msg

* increasing timeout
 2022-06-02 00:00:18 +05:30
Sajad
9f600d2829
keep the original extactor var for multiple results while preparing data for matchers (#1948) 2022-05-31 02:46:51 +05:30
Ice3man
be5f1a7623
Added redirected matched URL + stop-at-first-match for redirect chains (#2050) 
* Added redirected matched URL + stop-at-first-match for redirect chains

* Pleasing go-linter
 2022-05-30 15:19:09 +05:30