External/nuclei
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei.git synced 2025-12-24 22:25:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,097 Commits 49 Branches 135 Tags
Commit Graph

1031 Commits

Author SHA1 Message Date
Mzack9999
dfd4d5b855
Adding interact keepalive to reduce server-side id pruning (#3680) 
* adding interact keepalive + improving init logic

* dep update

* go version update

* readme update

* version bump

* fixing invalid format

---------

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2023-05-21 01:56:13 +05:30
Shubham Rasal
2dd13b9afb
Allow additional properties for variables inside jsonschema (#3669) 
* Allow additional properties in variables inside jsonschema

* Update variables jsonschema function

* Add tags for archive and mime-type
 2023-05-15 19:15:11 +05:30
Shubham Rasal
06ab56abea
fix memory leak in dns templates (#3676) 
* fix memory leak

* update test to cover the string slice case
 2023-05-12 17:29:37 +05:30
Shubham Rasal
9c2fa8f9c4
Add payload in dns protocol (#3632) 
* add execute function in dns

* Add payload in dns protocol

* Add integration test to cover dns payload

- also check command line overriding a payload variable

* Update matchedAt and remove trailing dot

* Consider payload data for request count

- Update verbose output to print question
- Update dns requests Requests function to consider payload data

* update gitignore

* bump nuclei version to v2.9.4-dev

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-05-11 03:26:29 +05:30
Tarun Koyalwar
c62dc01f9f
uncover logic refactor to v0.0.4 (#3663) 
* uncover logic refactor to v0.0.4

* remove deprecated import: stringsutil
 2023-05-09 03:57:56 +05:30
sandeep
82f7a0e939 added any dns query 2023-05-03 21:50:06 +05:30
Tarun Koyalwar
9b3a55d6c0
fix panic while parsing tlsx response (#3641) 2023-05-03 20:47:08 +05:30
lu4nx
027880af34
update rod to v0.112.9 #3552 (#3637) 
* update rod to v0.112.9

* removed unused reflection

---------

Co-authored-by: Mzack9999 <mzack9999@protonmail.com>
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2023-05-03 14:40:58 +05:30
Shubham Rasal
449afc0c5c
Issue 3564 var override (#3599) 
* Check if the variables are override by other means

- you can override the template variable value using command line flags

* Update lazy eval logic

- previously, we were checking any function/expression in variable
- now, update the logic, lazy eval only if variable contains any
  protocol variable(global)

* add integration tests

* Add test to check the dsl function working in variable

* gather all generate variables logic in utils

* go mod update

* Refactor the generate variables function

* go mod update+ fix typo

---------

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-05-02 23:49:56 +05:30
Shubham Rasal
f640187709
Expose DNS fields for matchers and extractors (#3613) 
* Extend dns extractor to dns answer records

* add test template

* Ignore error for dns variables are not found

* Add all the records of answer section

* Fixed the wrong typecasting
 2023-05-02 17:13:11 +05:30
Suraj Kamath
537814bae8
Fix check for OS made in MustDisableSandbox() (#3631) 
Signed-off-by: iamargus95 <kamathsuraj95@gmail.com>
 2023-05-02 15:04:24 +05:30
Tarun Koyalwar
7f5e4e2336
aws signer: fix missing x-content-sha256 header (#3601) 
* fix missing x-content-sha256 header

* fix variable priority in self-contained templates

* remove debug statement

* adds generic raw request parser for self-contained req

* more integration tests

* bug fix: 10x faster race requests

* fix failing integration test
 2023-05-01 12:15:35 +05:30
Tarun Koyalwar
4e6ef4490e
duplicated params in self contained requests (#3608) 
* fix duplicated params in self-contained+ export extracted values to file

* add integration tests + fix percentage overflow in pb

* fix integration test template id

* integration test: validate if file exists
 2023-04-26 12:35:07 +05:30
Mzack9999
ea5f8a0638
Additional nil check on interactsh client (#3590) 2023-04-25 23:49:23 +05:30
Mzack9999
64adad131f Removing redundant code with utils 2023-04-23 21:37:25 +02:00
Mzack9999
978d0bcc23
Replacing goos with osutils (#3571) 
* Replacing goos with osutils

* pleasing his majesty the linter
 2023-04-19 23:00:15 +05:30
Tarun Koyalwar
bf08913cd0
update logic + config management refactor (#3567) 
* adds template manager

* refactor: checkpoint

* centrailized config & template download logic

* refactor removed unused code

* use global template directory

* update related bug fixes

* bug fix create cfg dir if missing

* fix lint error

* bug fix skip writing template dir in callback

* misc update

* remove unused code

* use strings.equalfold for comparison

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2023-04-19 21:58:48 +05:30
Shubham Rasal
d0f22f8b73
Issue 3488 http race (#3533) 
* debug

* Add body after the request creation

* fix race_count template hangs

* remove printf

* update if condition
 2023-04-19 01:57:53 +05:30
Mzack9999
6f4b1ae48a
Replacing ccache with generic gcache (#3523) 
* Replacing ccache with generic gcache

* fixing lint issues

* removing unecessary hashing + using errorutils

* making test more tolerant

* removing dead code + refactor

* removing redundant code

* removing race

* maint

* moving code

* adding more iterations

* note + typo

* temporary fixing stop-at-first-match with interact

* wrapping internal map with mux

* sort before running integration test

* fix deadlock in requestShouldStopAtFirstMatch

* add timeout to integration_test workflow

* attempting to remove outer lock

* adds interactsh protocol tests in integration_test

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-04-16 23:19:35 +05:30
Ramana Reddy
6ffdfcf19c
fix rate-limit on query fuzzing (#3458) (#3532) 2023-04-12 23:55:21 +05:30
Shubham Rasal
45cc676f96
Evaluate payload variables (#3503) 
* Evaluate payload variables

* Add variables evaluation

* Extend variables test

- to check evaluation of global variables in variables
- to check evaluation of golbal variables in payload

* Add default and cli variables to websocket, whois and dns proto

- use url.Parse with urlutil.Parse
 2023-04-12 01:50:58 +05:30
mlec
ed31fc4449
fix(links): Replace Master to Main in links 🩹 (#3485) 
Co-authored-by: Mzack9999 <mzack9999@protonmail.com>
 2023-03-31 16:27:15 +05:30
Keith Chason
5b97536c0e
Correct typo "Ciper" to "Cipher" (#3468) 2023-03-27 18:48:27 +05:30
Tarun Koyalwar
f8c5a45966
add mkdir support in headless screenshot (#3457) 
* add mkdir support in headless screenshot

* use filepath to join paths

* print info when screenshot is saved

* change version to v2.9.1-dev

* minor fixings on windows path

---------

Co-authored-by: Mzack9999 <mzack9999@protonmail.com>
 2023-03-24 00:44:32 +05:30
Mzack9999
4c0d988a67 reworking interact mutex mechanism 2023-03-17 14:41:16 +01:00
Tarun Koyalwar
c3771e874d
fix data race in internal resultevent (#3432) 2023-03-16 23:20:38 +05:30
Ramana Reddy
c9634fae72
Issue 3350 matcher condition or not work (#3397) 
* fix or condition match even interactsh includes as matcher-part (#3350)

* add integration test

* add new template to integration test

* matcher-condtion: test case for both conditions

* fix lint errors

* upgrade dependencies

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-03-15 20:45:44 +05:30
Austin Traver
0d90a555f6
adds -track-error option to add custom errors to max-host-error watchlist (#3399) 
* Allow user to specify for "context deadline exceeded" errors to count toward the max host error count

* Convert flag to a string slice `--track-error`

* Minimize diff

* Add documentation for `-track-error`

* adds unit test & minor improvements

* update flag description

---------

Co-authored-by: Austin Traver <austin_traver@intuit.com>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-03-14 13:59:42 +05:30
Shubham Rasal
572c8eb780
Issue 2987 fuzz options (#3355) 
* Add override fuzzing type and mode flags

* Update english readme

* Fix failing tests

* Add the integration tests

- validate the command line overriding type and mode for fuzzing
 2023-03-06 16:56:38 +05:30
Mzack9999
d7ac306bdf
Adding one-time method override (#3373) 2023-03-04 12:27:26 +05:30
Tarun Koyalwar
d9e953acfa
fix file input in custom vars for self contained http template (#3385) 
* fix file input in variables(-V)

* fix lint error

* fix nuclei-ignore file failures
 2023-03-04 04:57:27 +05:30
Tarun Koyalwar
3e53087617
fix missing port in matched ssl templates (#3380) 
* add openssl support + fix missing port

* fix failing tests

* go mod update

* workflow update

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2023-03-04 04:47:41 +05:30
xm1k3
32b79fdd36 used retryablehttp.DefaultClient().Do(req) 2023-03-02 09:35:53 +01:00
xm1k3
25098c8ea6 fix on ignore call 2023-03-02 09:01:24 +01:00
xm1k3
5959daa58f removed nucleiVersion var as unused 2023-03-01 18:05:56 +01:00
xm1k3
ee6b1bef61 used retryablehttp for api requests 2023-03-01 16:50:21 +01:00
Mzack9999
d80cbef51d
Merge pull request #3333 from CodFrm/main 
fix some json deserialization issues
 2023-02-28 09:02:04 +01:00
王一之
27fefe59d3 fix json deserialization issues 2023-02-27 14:29:49 +08:00
Mzack9999
84abef3f70 Merge branch 'dev' into issue-2188-reporting-client 2023-02-24 15:58:43 +01:00
王一之
994988357a adds missing json tags 2023-02-22 11:15:55 +08:00
Tarun Koyalwar
8cdc1338fc adds missing json tags and unit test 2023-02-22 02:24:45 +05:30
Alexandre ZANNI
e3e60d0ba8
uncover: add criminalip support (#3162) 
* update uncover engine options

* add criminalip support

* update criminalIP variable

---------

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: shubhamrasal <shubhamdharmarasal@gmail.com>
 2023-02-21 00:23:11 +05:30
Tarun Koyalwar
21b03a2e8a
bug fix in url path and adds integration tests (#3331) 
* fix unsafe edgecases+ adds integration test

* bug fixes and more url testcases

* upgrade cfssl

* fix template id in integration test
 2023-02-20 22:26:04 +05:30
Sandeep Singh
ba7fcd08ff
Merge branch 'dev' into issue-2188-reporting-client 2023-02-20 15:26:16 +05:30
王一之
85090b7531 fix some json deserialization issues 2023-02-17 14:21:25 +08:00
Ice3man
ecc1964ad9 Added optional doNotCache to protocols.ExecuterOptions 2023-02-13 18:00:25 +05:30
Mzack9999
d608ffaeb2
clear after stop (#3312) 
* clear after stop

* fixing data races

* adding atomic cache

* fixing lint errors

* fixing imports
 2023-02-13 16:46:41 +05:30
Tarun Koyalwar
e622b989fe
fix url re-encoding issues (#3294) 
* fix double url encoding in urls

* remove extra slash

* url encode matchedURL
 2023-02-10 18:28:28 +05:30
Ice3man
7e7bb1ed0a
AES CBC PKCS5Padding helper function update (#3287) 
* Added DSL helper functions for CVE + misc

* Added aes_cbc with pkcspadding

* Misc

* Misc

* Misc

* Removed debug statement

* Misc

* Misc

* Fixed tests
 2023-02-09 20:22:42 +05:30
Mzack9999
518944f6e8
Adding proxy use in headless binary download (#3290) 
* Adding proxy use in headless binary download

* bumping utils
 2023-02-09 20:01:49 +05:30