External/nuclei
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei.git synced 2025-12-28 21:06:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
5,207 Commits 49 Branches 135 Tags
Commit Graph

388 Commits

Author SHA1 Message Date
Tarun Koyalwar
01487ba1b8 network policy check + ASREP method 2024-02-05 23:56:16 +05:30
Tarun Koyalwar
06d9de3a27 refactor kerberos with nucleijs helper 2024-02-05 23:21:04 +05:30
sandeep
ee68de6ea8 version update 2024-02-02 22:19:07 +05:30
Tarun Koyalwar
29e8e4e5a3
fix concurrent map writes in tmplexec package (#4718) 
* fix concurrent map writes

* catch any possible panics
 2024-02-02 21:36:48 +05:30
sandeep
e2effc33c1 version update 2024-02-02 03:08:56 +05:30
Tarun Koyalwar
cc732875cd
javascript: pooling and reuse with export functions + misc updates (#4709) 
* js hotfix: wrap javascript source in anon functions

* mysql module improvements

* misc mysql bugs

* js vm pooling: soft deprecation + incentivised pooling

* misc updates

* disable interactsh failed test

* disable interactsh.yaml integration test on win & mac
 2024-02-02 02:22:04 +05:30
GitHub Action
68ab3d0152 Auto Generate Syntax Docs + JSONSchema [Thu Feb 1 20:36:30 UTC 2024] 🤖 2024-02-01 20:36:30 +00:00
Tarun Koyalwar
ead58f4ab9
implicit thread count when not specified in payloads + threads support in dns,network (#4715) 
* default threads + add threads support in dns payloads

* add threads support in network protocol

* add optional callback to override threadSetter

* fix broken fuzz integration tests
 2024-02-02 02:05:30 +05:30
Tarun Koyalwar
e4298a5ae1
fix misc issues with -as (#4714) 2024-02-02 01:48:22 +05:30
xxcdd
8d904709c0
HybridTechDetection with wappalyzer and tech templates. (#4656) 
* HybridTechDetection with wappalyzer and tech templates.

* automatic scan: refactor + misc updates

* fix progress multi init panic

* fix no result found statement

* fix target in print statement

* include detect,favicon tags as part of detection

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2024-02-01 12:49:20 +05:30
Dogan Can Bakir
5f4dcfb6be
use projectdiscovery/useragent (#4708) 
* use projectdiscovery/useragent

* minor
 2024-02-01 03:12:38 +05:30
sandeep
b23e176ee9 version update 2024-01-31 04:10:00 +05:30
Tarun Koyalwar
93b66af9fb
mysql: ignore warning log + misc updates (#4702) 2024-01-31 02:32:23 +05:30
Tarun Koyalwar
5bd9d9ee68
memory leak fixes and optimizations (#4680) 
* feat http response memory optimization + reuse buffers

* update nuclei version

* feat: reuse js vm's and compile to programs

* fix failing http integration test

* remove dead code + add -jsc

* feat reuse js vms in pool with concurrency

* update comments as per review

* bug fix+ update interactsh test to look for dns interaction

* try enabling all interactsh integration tests

---------

Co-authored-by: mzack <marco.rivoli.nvh@gmail.com>
 2024-01-31 01:59:49 +05:30
monitor
c32acd0921
Fix: sometimes dnslog request record is uppercase caused by nuclei templates uneffective (#4697) 
* Fix: sometimes dnslog request record is upper caused by cannot validate vuln

* convert request to lower for dns only

---------

Co-authored-by: daiwei11 <daiwei11@baidu.com>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
Co-authored-by: Tarun Koyalwar <45962551+tarunKoyalwar@users.noreply.github.com>
 2024-01-31 01:30:03 +05:30
Tarun Koyalwar
2153cc6055
fix panic in smb javascript template + handle panics in js (#4700) 
* switch dependency to projectdiscovery/go-smb2 + handle panics

* bump projectdiscovery/go-smb2

* disable interactsh integration test
 2024-01-30 04:15:59 +05:30
Tarun Koyalwar
03718469c4
remove use of iterate() in flow (#4688) 2024-01-29 05:20:01 +05:30
Dogan Can Bakir
e102caec78
omit raw from integrations (#4612) 
* omit raw from integrations

* fix lint
 2024-01-27 04:06:25 +05:30
Tarun Koyalwar
2c2cc2774a feat: introduce nucleijs utils 2024-01-23 04:11:04 +05:30
sandeep
b9e2665e9e version update 2024-01-23 03:12:50 +05:30
5amu
2f926c4f72 implement method to close the ldap connection 2024-01-21 19:50:33 +01:00
5amu
2019dab187 implement utilities for timestamps 2024-01-21 18:14:20 +01:00
5amu
642c99bcff move DecodeSID to utils.go making it a generic function exposed by the module 2024-01-21 17:57:23 +01:00
5amu
c703fffe80 implement method to grab domain SID 2024-01-21 17:31:08 +01:00
5amu
95d028c5f9 move ad filters to adenum.go 2024-01-21 17:12:09 +01:00
5amu
9d23f5f88f implement enumeration methods + rewrite kerberoastable 2024-01-21 17:11:28 +01:00
5amu
89d30d94d6 implement generic method to find AD objects 2024-01-21 16:55:17 +01:00
5amu
893129eb17 reflect changes for gojs 2024-01-21 12:54:49 +01:00
5amu
6bf8f8769b define frequently used filters and AD UAC filters 2024-01-21 12:53:41 +01:00
5amu
cb0d98e4b2 do not append an empty map when generating output in Search() 2024-01-20 23:59:26 +01:00
5amu
9821700f8e simplify CollectMetadata and remove session creation at runtime 2024-01-20 23:57:57 +01:00
Tarun Koyalwar
29b69a12ce
pdcp result chunked upload (#4662) 
* chunked pdcp cloud results upload

* add -sid option to specify scanid

* fix scan result append endpoint
 2024-01-21 02:26:16 +05:30
5amu
bd1238d27e implement authentication methods and change underlying connection because of bugs 2024-01-20 21:02:08 +01:00
5amu
fe59057c0d implement a generic search that returns a list of objects given a filter and desired attributes 2024-01-20 12:22:36 +01:00
5amu
73a73eeeac implement method to connect to and verify the ldap server (IsLdap -> Connect) 2024-01-20 01:50:54 +01:00
5amu
a167e6c57b make protocolstate.IsHostAllowed check the domaincontroller, not the domain 2024-01-20 00:39:29 +01:00
sandeep
f7ba2390bf dev version update 2024-01-19 02:02:58 +05:30
sandeep
4dca9a1959 version update 2024-01-18 05:55:34 +05:30
Tarun Koyalwar
c7c35ffb94
fix multiple mem leaks + optimizations (#4630) 
* fix mem leak

* bump version tag

* http: add  global resp body read limit of 4MB

* skip creating templateCtx in normal templates

* fix mem leak via retryablehttp , fastdialer

* go mod tidy

* remove unused var

* dep update

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2024-01-18 05:53:42 +05:30
GitHub Action
a942c05d22 Auto Generate Syntax Docs + JSONSchema [Wed Jan 17 23:10:24 UTC 2024] 🤖 2024-01-17 23:10:24 +00:00
Tarun Koyalwar
a677fca192
misc improvements in js protocol execution (#4643) 
* js protocol  timeout using -timeout flag

* fix zgrab smb hang

* fix lint error

* custom timeout field in js protocol

* minor update: bound checking

* add 6 * -timeout in code protocol by default
 2024-01-18 04:39:15 +05:30
Tarun Koyalwar
68b9dd52ad
error handling + support offlinehttp in flow templates (#4653) 2024-01-17 23:16:57 +05:30
5amu
3b5ce39e86 make protocolstate.IsHostAllowed check the domaincontroller, not the domain 2024-01-16 10:24:26 +01:00
5amu
77e2430788 switch dependency for kerberos in js module to upstream 2024-01-16 10:22:45 +01:00
Dogan Can Bakir
76f7c0c903
fix panic in interactsh process interaction ( nil check on compiled operators) (#4511) 
* nil check

* misc updates

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2024-01-13 03:24:52 +05:30
Jean Rougé
39d25c3d4f
Adding an option to dump resume files when a runner hangs (#4440) 
* Adding an option to dump resume files when a runner hangs

Signed-off-by: Jean Rouge <rougej+github@gmail.com>

* Adding new option to README

* Removing unfinished comment

* always create resume file on hang

---------

Signed-off-by: Jean Rouge <rougej+github@gmail.com>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2024-01-13 01:46:57 +05:30
Tarun Koyalwar
619396a6b8
flow: flatten dynamic values array if len is 1 (#4625) 
* flow: flatten dynamic values array if len is 1

* wait for exporters when closing

* misc updates
 2024-01-13 00:44:25 +05:30
Valerio Casalino
edae2f4ec4
implement GetKerberoastableUsers in ldap module (#4420) 
* add method 'GetKerberoastableUsers()'

* add more attributes to KerberostableUser in ldap module
 2024-01-13 00:32:00 +05:30
Tarun Koyalwar
a8cdd21120
code: fix variables merge order (#4623) 
* fix variables merge order

* format screen: quote and trim extracted result

* code: interpret env vars in debug mode

* update integration test
 2024-01-12 23:10:00 +05:30
Valerio Casalino
70452efec1
add method GetServiceTicket to the kerberos module (#4422) 
* add method GetServiceTicket to the kerberos module

* add target username to service ticket

* destroy kerberos client when function returns
 2024-01-12 14:24:39 +05:30