* add execute function in dns
* Add payload in dns protocol
* Add integration test to cover dns payload
- also check command line overriding a payload variable
* Update matchedAt and remove trailing dot
* Consider payload data for request count
- Update verbose output to print question
- Update dns requests Requests function to consider payload data
* update gitignore
* bump nuclei version to v2.9.4-dev
---------
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
* Check if the variables are override by other means
- you can override the template variable value using command line flags
* Update lazy eval logic
- previously, we were checking any function/expression in variable
- now, update the logic, lazy eval only if variable contains any
protocol variable(global)
* add integration tests
* Add test to check the dsl function working in variable
* gather all generate variables logic in utils
* go mod update
* Refactor the generate variables function
* go mod update+ fix typo
---------
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
* Extend dns extractor to dns answer records
* add test template
* Ignore error for dns variables are not found
* Add all the records of answer section
* Fixed the wrong typecasting
* Templates wrong loading
* Add tests to cover following scenarios
- check optional fields only if template loaded
- it should return warning only if template is loaded
* Evaluate payload variables
* Add variables evaluation
* Extend variables test
- to check evaluation of global variables in variables
- to check evaluation of golbal variables in payload
* Add default and cli variables to websocket, whois and dns proto
- use url.Parse with urlutil.Parse
* fix or condition match even interactsh includes as matcher-part (#3350)
* add integration test
* add new template to integration test
* matcher-condtion: test case for both conditions
* fix lint errors
* upgrade dependencies
---------
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
* Add override fuzzing type and mode flags
* Update english readme
* Fix failing tests
* Add the integration tests
- validate the command line overriding type and mode for fuzzing
* started the implementation of resolve helper function
* fixes go mod and sum
* fixes and use makeDslWithOptionalArgsFunction signature
* added tests
* added more dnsTypes based on dnsx docs
* used dns client pool
* dsl functions
* fixes on dnsclientpool, added init()
* go mod tidy
* go mod tidy
* dsl signature makeMultiSignatureDslFunction
* error on len
* managed mx
* fix on mx record
* dns types managed with FirstNonZero func
* error handling
* utils to stable version
* version bump
* fixing var name
---------
Co-authored-by: Mzack9999 <mzack9999@protonmail.com>
* implemented ip_format helper function
* added tests on ip_format() helper
* fixes on logic
* fixes related to mapcidr docs
* better error value
* fixes + unit test to check index 11
* added call for integration tests
* fixes on dsl-functions number
---------
Co-authored-by: Mzack9999 <mzack9999@protonmail.com>
* fix make http request inconsistencies
* remove parameters from http vars
* fix trailingslash unit test
* naming conventions: best practices
* fix publish docs action
* remove branch ref from push
* added support yaml for report options
* better to use .HasPrefix()
* wip: working on unmarshal YAML optimization
* managed yaml tag + nil pointers + unit test
* implemented tests
* removed unused code from reporting + code refactoring
* WIP: code refactoring and tests
* check on env var
* more test coverage and added callback func
* docs + renaming func
* moved callback logic + removed yaml validation
* used yaml decoder
* struct typo
* refactoring walk method with generic signature
* removed yamlwrapper refs, used yaml2 + docs
implemented test to check also fields without yaml tag
* used DecodeAndValidate()
* removed double import reference
---------
Co-authored-by: mzack <marco.rivoli.nvh@gmail.com>
Co-authored-by: Mzack9999 <mzack9999@protonmail.com>
* Add support to query DNS TLSA record
* fix build test
* fix ci-lint
* set expected to 0
* test domain update
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
* added vars payload also in ssl
* fix on ssl.go, moved function on payloadValues creation
* added integration test
* rebase + minor changes
Co-authored-by: Mzack9999 <mzack9999@protonmail.com>
* Added fuzzing support for query params + var dump feature
* Added query-fuzz integration test
* Fixed payloads + added keys-regex fuzz parameter
* Fixed interactsh not working + misc
* Fixed evaluation + added global variables/dsl support to payloads
* Misc fixes related to variables evaluations
* Added http variables support to fuzz
* misc
* Misc
* Added testing playground + misc renaming
* Added support for path and raw request to fuzzing
* Fixed fuzz integration test
* Fixed variable unresolved issue
* Add multiple parameter support with same name
* Added parameter value as 'value' dsl variable for parts
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
* Adding automatic request condition detection
* adding missing checks on part
* test update as per latest change
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
* Add feature in join() to sort a single string slice
Signed-off-by: Myung-jong Kim <mjkim610@gmail.com>
* Add sort helper function and related tests
Signed-off-by: Myung-jong Kim <mjkim610@gmail.com>
* Add uniq helper function and related tests
Signed-off-by: mjkim610 <mjkim610@gmail.com>
Signed-off-by: Myung-jong Kim <mjkim610@gmail.com>
Signed-off-by: mjkim610 <mjkim610@gmail.com>
* Added tlsx integration to nuclei
* tls tests fix
* Added helper functions + upgrade tlsx to fix
* go mod update
* workflow fix to race test on windows
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
* Added include-templates force-loading for templates
* Fixed loader case with include-templates
* Added integration test for excluded-template in loader
* init rdap
* add an integration test, option to supply RDAP server to execute the request on
* add rdap protocolMappings
* add debug info, add IP, ASN query type support
* rename rdap to whois, Host to Query in template
* rename pending rdap to whois
* remove port from whois varaiables
* set Host variable even if input is not a parsable url
* feat: Improve DSL function UX #1295
Sort the output signatures
* feat: Improve DSL function UX #1295
Sort the output signatures.
Lint: simplified the sorting.
* bug: fixed couple of bugs in the DSL functions
Input number parameters are stored as float64 types, hence the type conversion should happen accordingly. Affected functions:
* rand_int
* wait_for
* unix_time
* rand_text_numeric
Added tests for all functions.
Related: #1261
* bug: fixed couple of bugs in the DSL functions
Handle cases when the optional input character set is an empty string. Affected methods:
* rand_char
* rand_base
* bug: fixed couple of bugs in the DSL functions
Change rand_char to return a one character string, instead of the character code
* refactor: Minor integration test changes to show the actual and expected result numbers
* test: Added integration test for all existing DSL functions
* test: Added integration test for all existing DSL functions
Fixing linter issues.
* feat: Add "repeat" DSL function
* test: Add "repeat" DSL function
* If the tests are executed through GitHub actions and there are failed integration tests, they will be re-executed with verbose output to help figuring out the underlying issues.
* Added some grouping to make reading the logs easier
Ticket: #1365
Dogan Can Bakir
Shubham Rasal
Mzack9999
Tarun Koyalwar
Ramana Reddy
xm1k3
王一之
Tarun Koyalwar
Taufik Mulyana
forgedhallpass
Ice3man
Myung-jong Kim
Sami
James Turner
Sajad
Sandeep Singh
LuitelSamikshya
Xavier Stevens
mzack
skhalsa-sigsci