RES-87 # Improve Nuclei CLI interface

* updated the CLI argument descriptions
dev
forgedhallpass 2021-07-26 16:56:30 +03:00
parent 54efe77225
commit acf6a9d5b6
1 changed files with 69 additions and 65 deletions

View File

@ -41,105 +41,109 @@ func readConfig() {
set.SetDescription(`Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use.`) set.SetDescription(`Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use.`)
createGroup(set, "input", "Input Options", createGroup(set, "input", "Input Options",
set.StringVarP(&options.Target, "target", "u", "", "URL/Host to scan with nuclei templates"), set.StringVarP(&options.Target, "target", "u", "", "target URL/host to scan"),
set.StringVarP(&options.Targets, "list", "l", "", "List of URLs/Hosts to scan with nuclei templates"), set.StringVarP(&options.Targets, "list", "l", "", "path to file containing a list of target URLs/hosts to scan (one per line)"),
) )
createGroup(set, "templates", "Templates Options", createGroup(set, "templates", "Templates Options",
set.StringSliceVarP(&options.Templates, "templates", "t", []string{}, "Templates to run, supports single and multiple templates using directory."), set.StringSliceVarP(&options.Templates, "templates", "t", []string{}, "templates or directory names to run"),
set.StringSliceVarP(&options.Workflows, "workflows", "w", []string{}, "Workflows to run for nuclei"), set.StringSliceVarP(&options.Workflows, "workflows", "w", []string{}, "list of workflows to run"),
set.BoolVarP(&options.NewTemplates, "new-templates", "nt", false, "Only run newly added templates"), set.BoolVarP(&options.NewTemplates, "new-templates", "nt", false, "run newly added templates only"),
) )
createGroup(set, "filters", "Template Filter Options", createGroup(set, "filters", "Template Filter Options",
set.StringSliceVar(&options.Tags, "tags", []string{}, "Tags to execute templates for"), set.StringSliceVar(&options.Tags, "tags", []string{}, "execute a subset of templates that contain the provided tags"),
set.StringSliceVarP(&options.Severity, "impact", "severity", []string{}, "Templates to run based on severity"), set.StringSliceVar(&options.IncludeTags, "include-tags", []string{}, "list of tags from the default deny list that permit executing more intrusive templates"), // TODO show default deny list
set.StringSliceVar(&options.Author, "author", []string{}, "Templates to run based on author"), set.StringSliceVarP(&options.ExcludeTags, "exclude-tags", "etags", []string{}, "exclude templates with the provided tags"),
set.StringSliceVarP(&options.ExcludedTemplates, "exclude", "exclude-templates", []string{}, "Templates to exclude, supports single and multiple templates using directory."),
set.StringSliceVarP(&options.ExcludeTags, "exclude-tags", "etags", []string{}, "Exclude templates with the provided tags"), set.StringSliceVar(&options.IncludeTemplates, "include-templates", []string{}, "list of templates to be executed even if they are excluded either by default or configuration"),
set.StringSliceVar(&options.IncludeTemplates, "include-templates", []string{}, "Templates to force run even if they are in denylist"), set.StringSliceVarP(&options.ExcludedTemplates, "exclude", "exclude-templates", []string{}, "templates or directory names to exclude"),
set.StringSliceVar(&options.IncludeTags, "include-tags", []string{}, "Tags to force run even if they are in denylist"),
set.StringSliceVarP(&options.Severity, "impact", "severity", []string{}, "execute templates that match the provided severities only"),
set.StringSliceVar(&options.Author, "author", []string{}, "execute templates that are (co-)created by the specified authors"),
) )
createGroup(set, "output", "Output Options", createGroup(set, "output", "Output Options",
set.StringVarP(&options.Output, "output", "o", "", "File to write output to (optional)"), set.StringVarP(&options.Output, "output", "o", "", "output file to write found issues/vulnerabilities"),
set.BoolVar(&options.JSON, "json", false, "Write json output to files"),
set.BoolVarP(&options.JSONRequests, "include-rr", "irr", false, "Write requests/responses for matches in JSON output"), set.BoolVar(&options.JSON, "json", false, "write output in JSONL(ines) format"),
set.StringVarP(&options.DiskExportDirectory, "markdown-export", "me", "", "Directory to export results in markdown format"), set.BoolVarP(&options.JSONRequests, "include-rr", "irr", false, "include request/response pairs in the JSON output (for findings only)"),
set.StringVarP(&options.ReportingConfig, "report-config", "rc", "", "Nuclei Reporting Module configuration file"),
set.StringVarP(&options.ReportingDB, "report-db", "rdb", "", "Local Nuclei Reporting Database (Always use this to persistent report data)"), set.StringVarP(&options.DiskExportDirectory, "markdown-export", "me", "", "directory to export results in markdown format"),
set.StringVarP(&options.SarifExport, "sarif-export", "se", "", "File to export results in sarif format"), set.StringVarP(&options.ReportingConfig, "report-config", "rc", "", "nuclei reporting module configuration file"), // TODO merge into the config file or rename to issue-tracking
set.StringVarP(&options.ReportingDB, "report-db", "rdb", "", "local nuclei reporting database (always use this to persist report data)"),
set.StringVarP(&options.SarifExport, "sarif-export", "se", "", "file to export results in SARIF format"),
) )
createGroup(set, "rate-limit", "Rate-Limit Options", createGroup(set, "rate-limit", "Rate-Limit Options",
set.IntVarP(&options.RateLimit, "rate-limit", "rl", 150, "Maximum requests to send per second"), set.IntVarP(&options.RateLimit, "rate-limit", "rl", 150, "maximum number of requests to send per second"),
set.IntVarP(&options.BulkSize, "bulk-size", "bs", 25, "Maximum Number of hosts analyzed in parallel per template"), set.IntVarP(&options.BulkSize, "bulk-size", "bs", 25, "maximum number of hosts to be analyzed in parallel per template"),
set.IntVarP(&options.TemplateThreads, "concurrency", "c", 10, "Maximum Number of templates executed in parallel"), set.IntVarP(&options.TemplateThreads, "concurrency", "c", 10, "maximum number of templates to be executed in parallel"),
) )
createGroup(set, "options", "Engine Options", createGroup(set, "options", "Engine Options",
set.StringVar(&cfgFile, "config", "", "Nuclei configuration file"), set.StringVar(&cfgFile, "config", "", "path to the nuclei configuration file"),
set.StringSliceVarP(&options.CustomHeaders, "header", "H", []string{}, "Custom Header."), set.StringSliceVarP(&options.CustomHeaders, "header", "H", []string{}, "custom headers in header:value format"),
set.BoolVarP(&options.NoColor, "no-color", "nc", false, "Disable colors in output"), set.BoolVarP(&options.NoColor, "no-color", "nc", false, "disable output content coloring (ANSI escape codes)"),
set.IntVar(&options.Retries, "retries", 1, "Number of times to retry a failed request"), set.IntVar(&options.Retries, "retries", 1, "number of times to retry a failed request"),
set.IntVar(&options.Timeout, "timeout", 5, "Time to wait in seconds before timeout"), set.IntVar(&options.Timeout, "timeout", 5, "time to wait in seconds before timeout"),
set.BoolVarP(&options.NoMeta, "no-meta", "nm", false, "Don't display metadata for the matches"), set.BoolVarP(&options.NoMeta, "no-meta", "nm", false, "don't display match metadata"),
set.BoolVarP(&options.StopAtFirstMatch, "stop-at-first-path", "spm", false, "Stop processing http requests at first match (this may break template/workflow logic)"), set.BoolVarP(&options.StopAtFirstMatch, "stop-at-first-path", "spm", false, "stop processing HTTP requests after the first match (may break template/workflow logic)"),
set.BoolVar(&options.OfflineHTTP, "passive", false, "Enable Passive HTTP response processing mode"), set.BoolVar(&options.OfflineHTTP, "passive", false, "enable passive HTTP response processing mode"),
set.StringVarP(&options.ResolversFile, "resolvers", "r", "", "File containing resolver list for nuclei"), set.StringVarP(&options.ResolversFile, "resolvers", "r", "", "file containing resolver list for nuclei"),
set.BoolVar(&options.SystemResolvers, "system-resolvers", false, "Use system dns resolving as error fallback"), set.BoolVar(&options.SystemResolvers, "system-resolvers", false, "use system DNS resolving as error fallback"),
) )
createGroup(set, "interactsh", "interactsh Options", createGroup(set, "interactsh", "interactsh Options",
set.StringVar(&options.InteractshURL, "interactsh-url", "https://interact.sh", "Self Hosted Interactsh Server URL"), set.StringVar(&options.InteractshURL, "interactsh-url", "https://interact.sh", "self-hosted Interactsh Server URL"),
set.IntVar(&options.InteractionsCacheSize, "interactions-cache-size", 5000, "Number of requests to keep in interactions cache"), set.IntVar(&options.InteractionsCacheSize, "interactions-cache-size", 5000, "number of requests to keep in the interactions cache"),
set.IntVar(&options.InteractionsEviction, "interactions-eviction", 60, "Number of seconds to wait before evicting requests from cache"), set.IntVar(&options.InteractionsEviction, "interactions-eviction", 60, "number of seconds to wait before evicting requests from cache"),
set.IntVar(&options.InteractionsPollDuration, "interactions-poll-duration", 5, "Number of seconds before each interaction poll request"), set.IntVar(&options.InteractionsPollDuration, "interactions-poll-duration", 5, "number of seconds to wait before each interaction poll request"),
set.IntVar(&options.InteractionsColldownPeriod, "interactions-cooldown-period", 5, "Extra time for interaction polling before exiting"), set.IntVar(&options.InteractionsColldownPeriod, "interactions-cooldown-period", 5, "extra time for interaction polling before exiting"),
set.BoolVar(&options.NoInteractsh, "no-interactsh", false, "Do not use interactsh server for blind interaction polling"), set.BoolVar(&options.NoInteractsh, "no-interactsh", false, "do not use interactsh server for blind interaction polling"),
) )
createGroup(set, "headless", "Headless Options", createGroup(set, "headless", "Headless Options",
set.BoolVar(&options.Headless, "headless", false, "Enable headless browser based templates support"), set.BoolVar(&options.Headless, "headless", false, "enable templates that require headless browser support"),
set.IntVar(&options.PageTimeout, "page-timeout", 20, "Seconds to wait for each page in headless mode"), set.IntVar(&options.PageTimeout, "page-timeout", 20, "seconds to wait for each page in headless mode"),
set.BoolVar(&options.ShowBrowser, "show-browser", false, "Show the browser on the screen in headless mode"), set.BoolVar(&options.ShowBrowser, "show-browser", false, "show the browser on the screen when running templates with headless mode"),
) )
createGroup(set, "proxy", "Proxy Options", createGroup(set, "proxy", "Proxy Options", // TODO should auto-set the HTTP_PROXY variable for the process?
set.StringVarP(&options.ProxyURL, "proxy-url", "proxy", "", "URL of the proxy server"), set.StringVarP(&options.ProxyURL, "proxy-url", "proxy", "", "URL of the HTTP proxy server"), // TODO why the separation? http://proxy:port vs socks5://proxy:port etc
set.StringVar(&options.ProxySocksURL, "proxy-socks-url", "", "URL of the proxy socks server"), set.StringVar(&options.ProxySocksURL, "proxy-socks-url", "", "URL of the SOCKS proxy server"),
) )
createGroup(set, "stats", "Stats Options", createGroup(set, "stats", "Stats Options",
set.BoolVar(&options.EnableProgressBar, "stats", false, "Display stats of the running scan"), set.BoolVar(&options.EnableProgressBar, "stats", false, "display statistics about the running scan"),
set.BoolVar(&options.StatsJSON, "stats-json", false, "Write stats output in JSON format"), set.BoolVar(&options.StatsJSON, "stats-json", false, "write statistics data to and output file in JSONL(ines) format"),
set.IntVarP(&options.StatsInterval, "stats-interval", "si", 5, "Number of seconds between each stats line"), set.IntVarP(&options.StatsInterval, "stats-interval", "si", 5, "number of seconds to wait between showing a statistics update"),
set.BoolVar(&options.Metrics, "metrics", false, "Expose nuclei metrics on a port"), set.BoolVar(&options.Metrics, "metrics", false, "expose nuclei metrics on a port"),
set.IntVar(&options.MetricsPort, "metrics-port", 9092, "Port to expose nuclei metrics on"), set.IntVar(&options.MetricsPort, "metrics-port", 9092, "port to expose nuclei metrics on"),
) )
createGroup(set, "debug", "Debug Options", createGroup(set, "debug", "Debug Options",
set.BoolVarP(&options.Verbose, "verbose", "v", false, "Show verbose output"), set.BoolVarP(&options.Verbose, "verbose", "v", false, "show verbose output"),
set.BoolVar(&options.VerboseVerbose, "vv", false, "Display Extra Verbose Information"), set.BoolVar(&options.VerboseVerbose, "vv", false, "display extra verbose information"),
set.BoolVar(&options.Debug, "debug", false, "Debugging request and responses"), set.BoolVar(&options.Debug, "debug", false, "show all requests and responses"),
set.BoolVar(&options.DebugRequests, "debug-req", false, "Debugging request"), set.BoolVar(&options.DebugRequests, "debug-req", false, "show all sent requests"),
set.BoolVar(&options.DebugResponse, "debug-resp", false, "Debugging response"), set.BoolVar(&options.DebugResponse, "debug-resp", false, "show all received responses"),
set.BoolVar(&options.Silent, "silent", false, "Show only results in output"), set.BoolVar(&options.Silent, "silent", false, "display findings only"),
set.BoolVar(&options.Version, "version", false, "Show version of nuclei"), set.BoolVar(&options.Version, "version", false, "show nuclei version"),
set.BoolVarP(&options.TemplatesVersion, "templates-version", "tv", false, "Shows the installed nuclei-templates version"), set.BoolVarP(&options.TemplatesVersion, "templates-version", "tv", false, "shows the version of the installed nuclei-templates"),
set.StringVar(&options.TraceLogFile, "trace-log", "", "File to write sent requests trace log"), set.StringVar(&options.TraceLogFile, "trace-log", "", "file to write sent requests trace log"),
) )
createGroup(set, "update", "Update Options", createGroup(set, "update", "Update Options",
set.BoolVar(&options.UpdateNuclei, "update", false, "Self update the nuclei engine to latest release"), set.BoolVar(&options.UpdateNuclei, "update", false, "update nuclei to the latest released version"),
set.BoolVarP(&options.UpdateTemplates, "update-templates", "ut", false, "Self update the community templates to latest release"), set.BoolVarP(&options.UpdateTemplates, "update-templates", "ut", false, "update the community templates to latest released version"),
set.StringVarP(&options.TemplatesDirectory, "update-directory", "ud", templatesDirectory, "Directory storing nuclei-templates"), set.StringVarP(&options.TemplatesDirectory, "update-directory", "ud", templatesDirectory, "overwrite the default nuclei-templates directory"),
) )
set.BoolVar(&options.Project, "project", false, "Use a project folder to avoid sending same request multiple times") set.BoolVar(&options.Project, "project", false, "use a project folder to avoid sending same request multiple times")
set.StringVar(&options.ProjectPath, "project-path", "", "Use a user defined project folder, temporary folder is used if not specified but enabled") set.StringVar(&options.ProjectPath, "project-path", os.TempDir(), "set a specific project path")
set.BoolVar(&options.TemplateList, "tl", false, "List available templates") set.BoolVar(&options.TemplateList, "tl", false, "list all available templates")
set.BoolVar(&options.Validate, "validate", false, "Validate the passed templates to nuclei") set.BoolVar(&options.Validate, "validate", false, "validate the passed templates to nuclei")
_ = set.Parse() _ = set.Parse()