External/nuclei
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei.git synced 2025-12-26 08:25:31 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,374 Commits 49 Branches 135 Tags
Commit Graph

2069 Commits

Author SHA1 Message Date
Daniil Morozov
c377221a78
header fuzzing support in http templates (#4114) 
* Add headersPartType for fuzzing

* fix nil pointer dereference for headless mode

* minor changes+ add integration test

* update template in fuzz-header-multiple

---------

Co-authored-by: 0x123456789 <0x123456789>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-09-19 00:01:32 +05:30
sandeep
45cd961557 version update 2023-09-16 21:00:04 +05:30
Tarun Koyalwar
cdd54acf70
use CL instead of TE + unit test (#4154) 
* force transfer encoding + unit test

* fix nil panic in integration_test
 2023-09-16 14:20:35 +05:30
Mzack9999
2a468548cf
Deterministic clustering (#4124) 
* deterministic clustering

* lint

* refactoring test for readability
 2023-09-13 22:27:48 +05:30
GitHub Action
b77ad93b9e Auto Generate Syntax Docs + JSONSchema [Mon Sep 11 23:06:51 UTC 2023] 🤖 2023-09-11 23:06:51 +00:00
Tarun Koyalwar
584662f6af
add new field 'port' in network protocol (#4123) 
* add reserved networkPort in template

* add 'port' field in network request

* add integration test

* add exclude-ports and update docs

* misc update

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2023-09-12 04:34:15 +05:30
Shubham Rasal
eebc4457af
Check matcher status for cluster template execution (#4132) 2023-09-12 02:48:39 +05:30
sandeep
9a37c92c75 version update 2023-09-04 16:01:51 +05:30
GitHub Action
ad015823c1 Auto Generate Syntax Docs + JSONSchema [Mon Sep 4 09:17:02 UTC 2023] 🤖 2023-09-04 09:17:02 +00:00
Sandeep Singh
584406416f
Added impact field under template information block (#4121) 2023-09-04 14:44:43 +05:30
Mzack9999
28be967643
Feat conn (#3991) 
* .

* introducing connection reuse with scan strategy

* bumping up to 500

probably should be set to a lower number to push connection reuse

* Removed debug panic

* merge conflict fix

* dep update

* removing useless comparison

* lint errs

* fmt

---------

Co-authored-by: Ice3man <nizamulrana@gmail.com>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2023-09-04 13:54:34 +05:30
Ramana Reddy
5bd4e68771
fix data-race warnings (#4036) 
* fix data-race warnings

* update utils pkg

* utils update

* update utils

* bumping utils

---------

Co-authored-by: mzack <marco.rivoli.nvh@gmail.com>
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
 2023-09-04 12:59:24 +05:30
Dogan Can Bakir
680fc5574b
update template url (#4110) 2023-09-01 23:40:55 +05:30
Mzack9999
388c1e8c39
Merge pull request #4099 from projectdiscovery/update-mock-outputwrite-write-failure 
Update mock-outputwriter to write the failed event
 2023-08-29 10:17:33 +02:00
Mzack9999
7a5caa606a adding conversion check 2023-08-29 09:12:43 +02:00
shubhamrasal
b3a76527d8
Update mock-outputwriter to write the failed event 2023-08-28 17:53:19 +05:30
Doğan Can Bakır
d720d4ec8d use stringsutil.HasPrefixAnyI 2023-08-28 08:15:30 +00:00
sandeep
6d9d17cea2 version update + moved template changelog update with vv option 2023-08-26 13:55:29 +05:30
Ice3man
592a8a2fd5
feat: added template-url support in template flag feature (#4089) 
* misc docs update

* feat: added template-url support in template flag feature

* bugfix: added check URL condition

* template domain update

* editor host update

* misc update

* handle -turl template editor urls

* view remote templates using -td

* remove warning

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-08-26 02:33:45 +05:30
DoI
f520d7e843
XPath matcher support (#4087) 
* Added xpath response matching support

* Add validation for user-supplied XPath

* xpath matcher comment fix

* Added XPath matched documentation

* minor changes: remove warnings

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-08-25 22:41:51 +05:30
Sandeep Singh
d3928e080d
optional file read in headless protocol (#4055) 
* use -lfa and -lna in headless

* fix lna in headless

* misc update

* fix nil pointer dereference in test

* fix lint & unit test

* use urlutil

* headless protocol scheme improvements

* add unit and integration tests

* run unit test from binary

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-08-25 18:30:46 +05:30
sandeep
fd2ae8de00 version update 2023-08-22 15:28:39 +05:30
Tarun Koyalwar
430e2b92c1
fix broken image link in TestActionGetResource (#4075) 2023-08-21 20:33:52 +05:30
Tarun Koyalwar
b4b769d501 fix logic bug in request[s] condition 2023-08-18 02:37:35 +05:30
sandeep
1ade5a0824 version update 2023-08-18 01:21:43 +05:30
Tarun Koyalwar
2d88c21923
fix duplicated result event in cli & SDK (#4059) 
* fix duplicated result in cli

* bump default interactsh httpclient timeout

* use .Store() instead of CompareandSwap()

* debug logging for interactsh in gh actions
 2023-08-18 01:01:16 +05:30
seeyarh
1ee108ed13
include request and response when matcher status is false (#3986) 
* include request and response when matcher status is false

* use failed result event to write failure

---------

Co-authored-by: Collins Huff <collins.huff@Collinss-MacBook-Pro-2.local>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-08-17 23:05:15 +05:30
Mzack9999
d07c273ab4
adding default resp size to options (#4050) 2023-08-14 20:39:02 +05:30
Dogan Can Bakir
deb351c235
use default perms (#4039) 
* use default perms

* go mod tidy

* bump goflags

* dep update

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2023-08-11 19:30:43 +05:30
Ramana Reddy
7997e8dbec
Fix edge cases disable-path-automerge (#4035) 
* fix edge cases for disable-path-automerge

* misc update
 2023-08-10 19:28:05 +05:30
Ramana Reddy
237cb0bc79 remove deprecated dsl helper func 2023-08-07 23:50:16 +05:30
Dogan Can Bakir
0776b2e237
fix curl command (#4014) 2023-08-02 00:47:42 +05:30
Josh Soref
4c1c5301b9
Spelling (#4008) 
* spelling: addresses

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: asynchronous

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: basic

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: brute force

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: constant

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: disables

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: engine

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: every time

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: execution

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: false positives

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: from

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: further

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: github

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: gitlab

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: highlight

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: hygiene

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: ignore

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: input

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: item

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: itself

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: latestxxx

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: navigation

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: negative

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: nonexistent

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: occurred

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: override

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: overrides

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: payload

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: performed

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: respective

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: retrieve

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: scanlist

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: separated

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: separator

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: severity

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: source

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: strategy

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: string

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: templates

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: terminal

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: timeout

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: trailing slash

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: trailing

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: websocket

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

---------

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2023-08-02 00:03:43 +05:30
lu4nx
5ab39fca25
Fix 'reference' info nil pointer dereference. (#4005) (#4006) 
* Fix 'reference' info nil pointer dereference. (#4005)

* test path update

* test fixes

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2023-07-30 13:02:50 +05:30
sandeep
3894d466ad version update 2023-07-28 21:43:09 +05:30
Dogan Can Bakir
163bc22281
add headless options flag (#3951) 
* add headless options flag

* disable some tests for windows

* disable interactsh tests on darwin

* disable network/hex.yaml on windows

* make DisableOn func
 2023-07-28 21:20:57 +05:30
Tarun Koyalwar
6bdef68734
ignore version parsing error (#3984) 
* ignore version parsing error

* hide no parameter error

* integration test+ DEBUG.md

* typo fix in DEBUG.md

* go mod tidy

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2023-07-28 21:04:02 +05:30
lu4nx
9adce978b4
Support wildcard matching for the -template-id parameter (#3967) 
* Support wildcard matching for the `-template-id' parameter

* Remove _ identifier

* Fix: If tagFilter.allowedIds is empty, included should be true.
 2023-07-28 21:01:28 +05:30
Keith Chason
fd13225b27
Omit Empty Fields (#3977) 
* Don't show Lines/matched-line on null

* Remove unused "info.references" property

* Revert "Remove unused "info.references" property"

This reverts commit 6466644bcac6952ece8d2bc880ea9157f2e10c16.

* Switch to pointer so omitempty works properly

* keeping matcher status output in jsonl output always

* rename function to NewRawStringSlice

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-07-28 19:48:15 +05:30
Tarun Koyalwar
beb1bf6d2c
headless: automerge and other improvements (#3958) 
* headless: automerge and other improvements

* fix typo in function signature
 2023-07-28 19:28:20 +05:30
Mzack9999
5074722f17
Reducing data race via SyncLockMap (#3959) 
* replacing custom map with synclockmap

* fixing initialization

* removing unused code
 2023-07-24 20:20:28 +05:30
sandeep
1635a2f58a Merge remote-tracking branch 'origin' into dev 2023-07-22 04:21:43 +05:30
Mzack9999
ac51b571ae
adding set with httpx probe (#3955) 2023-07-22 04:19:52 +05:30
Keith Chason
759ee3d5f8
Markdown Export Sorting (#3961) 
* Sort markdown exports by host, severity, or template

* Switch default to empty string

* use fileutil to create folder

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-07-22 02:24:06 +05:30
Keith Chason
9558e22a64
Remove unused file (#3962) 2023-07-22 01:34:53 +05:30
sandeep
0828339de6 version update 2023-07-18 03:24:39 +05:30
Keith Chason
08e1ab9ddd
Disable Template Locations (#3705) (#3926) 
* Download override option definition

* Update the variable names for consistency

* Add checks for custom template disable flags

* Environment variable controlled template downloads

* Switch env naming per feedback from @ehsandeep

* minor changes

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-07-18 00:53:10 +05:30
Mzack9999
66f0dc735c
Adding jarm helper via dsl (#3906) 
* Adding jarm helper via dsl

* adding test

* removing debug file

* fixing tests

---------

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
 2023-07-14 21:24:12 +05:30
Mzack9999
e5154d362a
fixing payload load (#3927) 
* fixing payload load

* Added tests for load payloads edge-case + fixed error

* Added separate flags for network and file sandbox

* Fixed tests for payload loader

* Fixed integration tests locally

* readme update

---------

Co-authored-by: Ice3man <nizamulrana@gmail.com>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2023-07-14 19:39:32 +05:30
Tarun Koyalwar
d51e058791
add ErrNoMoreRequests for generator (#3918) 
* add ErrNoMoreRequests for generator

* fix gh repo name convention

* fix dirname in unit test
 2023-07-13 00:51:06 +05:30