External/nuclei
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei.git synced 2025-12-26 13:45:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
4,374 Commits 49 Branches 135 Tags
Commit Graph

1074 Commits

Author SHA1 Message Date
Daniil Morozov
c377221a78
header fuzzing support in http templates (#4114) 
* Add headersPartType for fuzzing

* fix nil pointer dereference for headless mode

* minor changes+ add integration test

* update template in fuzz-header-multiple

---------

Co-authored-by: 0x123456789 <0x123456789>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-09-19 00:01:32 +05:30
Tarun Koyalwar
cdd54acf70
use CL instead of TE + unit test (#4154) 
* force transfer encoding + unit test

* fix nil panic in integration_test
 2023-09-16 14:20:35 +05:30
Mzack9999
2a468548cf
Deterministic clustering (#4124) 
* deterministic clustering

* lint

* refactoring test for readability
 2023-09-13 22:27:48 +05:30
Tarun Koyalwar
584662f6af
add new field 'port' in network protocol (#4123) 
* add reserved networkPort in template

* add 'port' field in network request

* add integration test

* add exclude-ports and update docs

* misc update

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2023-09-12 04:34:15 +05:30
Mzack9999
28be967643
Feat conn (#3991) 
* .

* introducing connection reuse with scan strategy

* bumping up to 500

probably should be set to a lower number to push connection reuse

* Removed debug panic

* merge conflict fix

* dep update

* removing useless comparison

* lint errs

* fmt

---------

Co-authored-by: Ice3man <nizamulrana@gmail.com>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2023-09-04 13:54:34 +05:30
Ramana Reddy
5bd4e68771
fix data-race warnings (#4036) 
* fix data-race warnings

* update utils pkg

* utils update

* update utils

* bumping utils

---------

Co-authored-by: mzack <marco.rivoli.nvh@gmail.com>
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
 2023-09-04 12:59:24 +05:30
Doğan Can Bakır
d720d4ec8d use stringsutil.HasPrefixAnyI 2023-08-28 08:15:30 +00:00
DoI
f520d7e843
XPath matcher support (#4087) 
* Added xpath response matching support

* Add validation for user-supplied XPath

* xpath matcher comment fix

* Added XPath matched documentation

* minor changes: remove warnings

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-08-25 22:41:51 +05:30
Sandeep Singh
d3928e080d
optional file read in headless protocol (#4055) 
* use -lfa and -lna in headless

* fix lna in headless

* misc update

* fix nil pointer dereference in test

* fix lint & unit test

* use urlutil

* headless protocol scheme improvements

* add unit and integration tests

* run unit test from binary

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-08-25 18:30:46 +05:30
Tarun Koyalwar
430e2b92c1
fix broken image link in TestActionGetResource (#4075) 2023-08-21 20:33:52 +05:30
Tarun Koyalwar
b4b769d501 fix logic bug in request[s] condition 2023-08-18 02:37:35 +05:30
Tarun Koyalwar
2d88c21923
fix duplicated result event in cli & SDK (#4059) 
* fix duplicated result in cli

* bump default interactsh httpclient timeout

* use .Store() instead of CompareandSwap()

* debug logging for interactsh in gh actions
 2023-08-18 01:01:16 +05:30
seeyarh
1ee108ed13
include request and response when matcher status is false (#3986) 
* include request and response when matcher status is false

* use failed result event to write failure

---------

Co-authored-by: Collins Huff <collins.huff@Collinss-MacBook-Pro-2.local>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-08-17 23:05:15 +05:30
Dogan Can Bakir
deb351c235
use default perms (#4039) 
* use default perms

* go mod tidy

* bump goflags

* dep update

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2023-08-11 19:30:43 +05:30
Ramana Reddy
7997e8dbec
Fix edge cases disable-path-automerge (#4035) 
* fix edge cases for disable-path-automerge

* misc update
 2023-08-10 19:28:05 +05:30
Dogan Can Bakir
0776b2e237
fix curl command (#4014) 2023-08-02 00:47:42 +05:30
Josh Soref
4c1c5301b9
Spelling (#4008) 
* spelling: addresses

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: asynchronous

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: basic

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: brute force

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: constant

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: disables

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: engine

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: every time

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: execution

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: false positives

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: from

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: further

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: github

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: gitlab

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: highlight

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: hygiene

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: ignore

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: input

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: item

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: itself

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: latestxxx

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: navigation

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: negative

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: nonexistent

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: occurred

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: override

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: overrides

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: payload

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: performed

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: respective

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: retrieve

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: scanlist

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: separated

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: separator

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: severity

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: source

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: strategy

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: string

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: templates

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: terminal

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: timeout

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: trailing slash

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: trailing

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

* spelling: websocket

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

---------

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2023-08-02 00:03:43 +05:30
Dogan Can Bakir
163bc22281
add headless options flag (#3951) 
* add headless options flag

* disable some tests for windows

* disable interactsh tests on darwin

* disable network/hex.yaml on windows

* make DisableOn func
 2023-07-28 21:20:57 +05:30
Tarun Koyalwar
beb1bf6d2c
headless: automerge and other improvements (#3958) 
* headless: automerge and other improvements

* fix typo in function signature
 2023-07-28 19:28:20 +05:30
Mzack9999
5074722f17
Reducing data race via SyncLockMap (#3959) 
* replacing custom map with synclockmap

* fixing initialization

* removing unused code
 2023-07-24 20:20:28 +05:30
Keith Chason
9558e22a64
Remove unused file (#3962) 2023-07-22 01:34:53 +05:30
Mzack9999
66f0dc735c
Adding jarm helper via dsl (#3906) 
* Adding jarm helper via dsl

* adding test

* removing debug file

* fixing tests

---------

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
 2023-07-14 21:24:12 +05:30
Mzack9999
e5154d362a
fixing payload load (#3927) 
* fixing payload load

* Added tests for load payloads edge-case + fixed error

* Added separate flags for network and file sandbox

* Fixed tests for payload loader

* Fixed integration tests locally

* readme update

---------

Co-authored-by: Ice3man <nizamulrana@gmail.com>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2023-07-14 19:39:32 +05:30
Tarun Koyalwar
d51e058791
add ErrNoMoreRequests for generator (#3918) 
* add ErrNoMoreRequests for generator

* fix gh repo name convention

* fix dirname in unit test
 2023-07-13 00:51:06 +05:30
Tarun Koyalwar
5e284879d3
adds default ztls fallback support for tls errors (#3909) 
* bump fastdialer

* make -ztls flag as no-op and deprecate

* bump fastdialer version from main branch

* dep update

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2023-07-07 05:39:14 +05:30
Mzack9999
3dca03163c
Automatic target merge in network templates (#3904) 
* skip visited actual addressess

* removed test

* adding disable clustering support
 2023-07-06 21:33:52 +05:30
Ramana Reddy
1eb4c7c80c
support disable-path-automerge in unsafe mode (#3888) 
* support disable-path-automerge in unsafe mode

* fix dump request url

* dep update

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2023-07-04 19:04:13 +05:30
Tarun Koyalwar
38129bac18
preserve order of query parameters (#3887) 
* preserve order of parameters

* rawhttp version bump

---------

Co-authored-by: Mzack9999 <mzack9999@protonmail.com>
 2023-07-03 12:43:24 +05:30
Ramana Reddy
6707bc777a
fix showing multiple failure matches per template on -ms set (#3770) 
* fix showing multiple failure matchers per template
add integration test

* exclude AS134029 from unit test

* Add flag for match status per request

* chore(deps): bump golangci/golangci-lint-action from 3.4.0 to 3.5.0 (#3777)

Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](https://github.com/golangci/golangci-lint-action/compare/v3.4.0...v3.5.0)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/xanzy/go-gitlab in /v2 (#3778)

Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab) from 0.83.0 to 0.84.0.
- [Changelog](https://github.com/xanzy/go-gitlab/blob/master/releases_test.go)
- [Commits](https://github.com/xanzy/go-gitlab/compare/v0.83.0...v0.84.0)

---
updated-dependencies:
- dependency-name: github.com/xanzy/go-gitlab
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/spf13/cast from 1.5.0 to 1.5.1 in /v2 (#3780)

Bumps [github.com/spf13/cast](https://github.com/spf13/cast) from 1.5.0 to 1.5.1.
- [Release notes](https://github.com/spf13/cast/releases)
- [Commits](https://github.com/spf13/cast/compare/v1.5.0...v1.5.1)

---
updated-dependencies:
- dependency-name: github.com/spf13/cast
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* enable no-httpx when passive scan is launched (#3789)

* chore(deps): bump github.com/projectdiscovery/fastdialer from 0.0.26 to 0.0.28 in /v2 (#3779)

* chore(deps): bump github.com/projectdiscovery/fastdialer in /v2

Bumps [github.com/projectdiscovery/fastdialer](https://github.com/projectdiscovery/fastdialer) from 0.0.26 to 0.0.28.
- [Release notes](https://github.com/projectdiscovery/fastdialer/releases)
- [Commits](https://github.com/projectdiscovery/fastdialer/compare/v0.0.26...v0.0.28)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/fastdialer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump retryabledns to 0.28

* Update the retryabledns

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shubhamrasal <shubhamdharmarasal@gmail.com>

* deprecatedProtocolNameTemplates concurrent map writes (#3785)

* deprecatedProtocolNameTemplates

* use syncLock

* fix lint error

* change version in deprecated warning msg

* comment asnmap expand unit test

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
Co-authored-by: Tarun Koyalwar <45962551+tarunKoyalwar@users.noreply.github.com>

* Issue 3339 headless fuzz (#3790)

* Basic headless fuzzing

* Remove debug statements

* Add integration tests

* Update template

* Fix recognize payload value in matcher

* Update tempalte

* use req.SetURL()

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>

* Auto Generate Syntax Docs + JSONSchema [Fri Jun  9 00:23:32 UTC 2023] 🤖

* Add headless header and status matchers (#3794)

* add headless header and status matchers

* rename headers as header

* add integration test for header+status

* fix typo

* chore(deps): bump golang from 1.20.4-alpine to 1.20.5-alpine (#3809)

Bumps golang from 1.20.4-alpine to 1.20.5-alpine.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/go-playground/validator/v10 in /v2 (#3810)

Bumps [github.com/go-playground/validator/v10](https://github.com/go-playground/validator) from 10.11.2 to 10.14.1.
- [Release notes](https://github.com/go-playground/validator/releases)
- [Commits](https://github.com/go-playground/validator/compare/v10.11.2...v10.14.1)

---
updated-dependencies:
- dependency-name: github.com/go-playground/validator/v10
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/projectdiscovery/rawhttp in /v2 (#3811)

Bumps [github.com/projectdiscovery/rawhttp](https://github.com/projectdiscovery/rawhttp) from 0.1.11 to 0.1.13.
- [Release notes](https://github.com/projectdiscovery/rawhttp/releases)
- [Commits](https://github.com/projectdiscovery/rawhttp/compare/v0.1.11...v0.1.13)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/rawhttp
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 in /v2 (#3812)

Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.6.1 to 5.7.0.
- [Release notes](https://github.com/go-git/go-git/releases)
- [Commits](https://github.com/go-git/go-git/compare/v5.6.1...v5.7.0)

---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/projectdiscovery/hmap in /v2 (#3781)

Bumps [github.com/projectdiscovery/hmap](https://github.com/projectdiscovery/hmap) from 0.0.11 to 0.0.13.
- [Release notes](https://github.com/projectdiscovery/hmap/releases)
- [Commits](https://github.com/projectdiscovery/hmap/compare/v0.0.11...v0.0.13)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/hmap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Using safe dereferencing

* adding comment

* fixing and condition

* fixing test id

* adding integration test

* update goflags dependency

* update goflags dependency

* bump goflags v0.1.9 => v0.1.10

* handle failure matcher flags logic at executor itself

* add integration test to matcher status per request

* Adding random tls impersonate (#3844)

* adding random tls impersonate

* dep update

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>

* Use templateman enhance api to populate CVE info (#3788)

* use templateman enhance api to populate cve info

* rename cve-annotate => tmc
add additional flags to format, lint and enhance template using templateman apis

* minior changes

* remove duplicate code

* misc update

* Add validate and error log option

* print if updated

* print format and enhance only if updated

* make max-request optional

* fix reference unmarshal error

* fix removing self-contained tag

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>

* fix matcher status with network protocol

* fix test

* remove -msr flag

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Dogan Can Bakir <65292895+dogancanbakir@users.noreply.github.com>
Co-authored-by: shubhamrasal <shubhamdharmarasal@gmail.com>
Co-authored-by: 三米前有蕉皮 <kali-team@qq.com>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
Co-authored-by: Tarun Koyalwar <45962551+tarunKoyalwar@users.noreply.github.com>
Co-authored-by: Shubham Rasal <shubham@projectdiscovery.io>
Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: Mzack9999 <mzack9999@protonmail.com>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
 2023-06-30 23:32:00 +05:30
mzack
f3cc119aab Merge branch 'dev' into pr/3845 2023-06-28 09:48:15 +02:00
Mzack9999
c9d0942bc1
Extend headless contextargs (#3850) 
* extend headless contextargs

* using darwin-latest

* grouping page options

* temp commenting code out

* fixing test

* adding more checks

* more checks

* fixing first navigation metadata

* adding integration test

* proto update

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2023-06-26 22:55:51 +05:30
Mzack9999
fa199ed3b3
Improving clientpool with client certificates (#3851) 
* Improving clientpool with client certificates

* adding test case

* Revert "Merge branch 'dev' into issue-3800-client-cert"

This reverts commit 7f057d742f4b9bda8e83b2052e29617b86b6776d, reversing
changes made to 7297cebcf8bb0f88961b644fc2ac7c040df8ffd9.

* Revert "Revert "Merge branch 'dev' into issue-3800-client-cert""

This reverts commit 2053a248a0cdc2002e0b4b4faa3472cf11c29760.

* go fmt

---------

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2023-06-26 17:45:12 +05:30
Mzack9999
4d8c4b7024
Refactoring variables logic with map + get public ip (#3853) 
* refactoring variables logic with map + get public ip

* moving to dsl package

* updating dep

* updating dsl with new ip endpoint

* deps bump

---------

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
 2023-06-22 16:37:31 +05:30
Mzack9999
2a32ed9cba
Adding random tls impersonate (#3844) 
* adding random tls impersonate

* dep update

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2023-06-21 17:17:18 +05:30
Sandeep Singh
0c8ec5e535
fix output path in unsafe mode (#3831) 
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-06-20 01:25:22 +05:30
Ramana Reddy
cddae989f3
Add template option to disable merging target url path with raw request path (#3799) 
* add template option to disable merging target url path with raw request path

* rename disable-merge-path -> disable-path-automerge
add integration test
 2023-06-19 20:22:17 +05:30
Thomas Hendrickson
b6002a5e89 set read and write deadline 2023-06-19 09:53:24 -04:00
Mzack9999
a4ef3ea3a9 fixing and condition 2023-06-13 17:24:23 +02:00
Dogan Can Bakir
a4ca2021cd
Add headless header and status matchers (#3794) 
* add headless header and status matchers

* rename headers as header

* add integration test for header+status

* fix typo
 2023-06-09 15:03:03 +05:30
Shubham Rasal
a34b94e62f
Issue 3339 headless fuzz (#3790) 
* Basic headless fuzzing

* Remove debug statements

* Add integration tests

* Update template

* Fix recognize payload value in matcher

* Update tempalte

* use req.SetURL()

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-06-09 05:50:44 +05:30
Mzack9999
168d9e2c21
Extending multistep support (#3546) 
* Extending multistep support

* duping buffer

* adding python pack/unpack

* fixing deps

* bump dsl version

* fixing go sum

* adding inline matchers/extractors

* pointing to latest dsl

* fixing looping

* refining inline matchers/extractors

* bumping dsl

* bump dsl

* show conn read errors

* removing redundant logic

superseded by js layer

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
 2023-06-01 06:19:19 +05:30
Keith Chason
4d6080f3bc
"Executer" to "Executor" (#3760) 
* Fix spelling of "executer" to "executor"

* minor change: use defer file.Close()

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-06-01 02:28:10 +05:30
Mzack9999
0d2d510689
Adding support for constants (#3692) 
* adding support for constants

* fixing typo

* adding integration test

* fixing lint issues

* fixing template syntax
 2023-05-25 22:02:35 +05:30
Mzack9999
dfd4d5b855
Adding interact keepalive to reduce server-side id pruning (#3680) 
* adding interact keepalive + improving init logic

* dep update

* go version update

* readme update

* version bump

* fixing invalid format

---------

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2023-05-21 01:56:13 +05:30
Shubham Rasal
2dd13b9afb
Allow additional properties for variables inside jsonschema (#3669) 
* Allow additional properties in variables inside jsonschema

* Update variables jsonschema function

* Add tags for archive and mime-type
 2023-05-15 19:15:11 +05:30
Shubham Rasal
06ab56abea
fix memory leak in dns templates (#3676) 
* fix memory leak

* update test to cover the string slice case
 2023-05-12 17:29:37 +05:30
Shubham Rasal
9c2fa8f9c4
Add payload in dns protocol (#3632) 
* add execute function in dns

* Add payload in dns protocol

* Add integration test to cover dns payload

- also check command line overriding a payload variable

* Update matchedAt and remove trailing dot

* Consider payload data for request count

- Update verbose output to print question
- Update dns requests Requests function to consider payload data

* update gitignore

* bump nuclei version to v2.9.4-dev

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-05-11 03:26:29 +05:30
Tarun Koyalwar
c62dc01f9f
uncover logic refactor to v0.0.4 (#3663) 
* uncover logic refactor to v0.0.4

* remove deprecated import: stringsutil
 2023-05-09 03:57:56 +05:30
sandeep
82f7a0e939 added any dns query 2023-05-03 21:50:06 +05:30
Tarun Koyalwar
9b3a55d6c0
fix panic while parsing tlsx response (#3641) 2023-05-03 20:47:08 +05:30