daffainfo
/
nuclei
mirror of https://github.com/daffainfo/nuclei.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,385 Commits
1 Branch
0 Tags
28 MiB
Commit Graph

1686 Commits (0682b485d01a412a0d8639c804786cffa1bb00f6)

Author SHA1 Message Date
Sandeep Singh df55f7a2eb
Disabling no-sandbox in headless engine (#1135) 
* Disabling no-sandbox in headless engine

* limiting disabling sandbox to bare minimum

* adding warnings related to linux os and root user requirement

Co-authored-by: mzack <marco.rivoli.nvh@gmail.com>
 2021-12-05 20:14:16 +05:30
sandeep fb3b4fc510 version update 2021-12-05 19:45:44 +05:30
Mzack9999 3c88afac0c
Fixing payloads path during validation (#1320) 
* Fixing payloads path during validation

* Added GH Action for public template parsing / validation

* tracking payload errors as syntax warnings

* improving path parsing + introducing hard failure for runtime errors on validation

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2021-12-05 19:41:14 +05:30
Mzack9999 8336421179
Improving headless test cases (#1313) 
* Adding headless test cases
 2021-12-04 23:10:11 +05:30
GitHub Action 0ca39bb6d2 Auto Generate Syntax Docs + JSONSchema [Fri Dec 3 03:46:08 UTC 2021] 🤖 2021-12-03 03:46:08 +00:00
Sandeep Singh eac6ea1bfe
Merge pull request #1284 from projectdiscovery/dns-optional 
Added default fields for DNS requests
 2021-12-03 09:14:49 +05:30
GitHub Action 5eb17833e4 Auto Generate Syntax Docs + JSONSchema [Thu Dec 2 19:06:54 UTC 2021] 🤖 2021-12-02 19:06:54 +00:00
mzack c9b9725474 moving sign routine to helper function 2021-12-02 15:57:52 +01:00
GitHub Action 46a2a4440d Auto Generate Syntax Docs + JSONSchema [Thu Dec 2 12:32:20 UTC 2021] 🤖 2021-12-02 12:32:20 +00:00
Mzack9999 40baa302b2
Merge branch 'dev' into research-aws-signing 2021-12-02 12:56:37 +01:00
Sajad Parra d0deef72f5 Merge branch 'dev' into stop-at-first-match 2021-12-02 17:26:23 +05:30
Sandeep Singh a0da7452e3
Merge pull request #1315 from projectdiscovery/validate-flag 
validate flag updates
 2021-12-02 17:23:34 +05:30
Sajad Parra 18f57130ca Merge branch 'dev' into stop-at-first-match 2021-12-02 17:03:02 +05:30
Sajad Parra 7a96a7c931 Merge branch 'dev' into dsl-variable-support 2021-12-02 16:50:50 +05:30
GitHub Action 9a0ce60a4f Auto Generate Syntax Docs + JSONSchema [Thu Dec 2 10:59:29 UTC 2021] 🤖 2021-12-02 10:59:29 +00:00
Sandeep Singh 3b68c29f48
Merge pull request #1288 from projectdiscovery/dynamic-value-reuse-http 
Reusing dynamically extracted values as iterators in http request
 2021-12-02 16:27:59 +05:30
mzack c807438ecd fixing memory allocation for boolean pointer 2021-12-02 11:19:37 +01:00
LuitelSamikshya 6d5146e540 validate flag updates 2021-12-01 10:35:18 -06:00
GitHub Action a9f6f04394 Auto Generate Syntax Docs + JSONSchema [Tue Nov 30 17:17:46 UTC 2021] 🤖 2021-11-30 17:17:46 +00:00
Ice3man543 c17aba8646 Misc fixes to part definitions 2021-11-30 22:41:02 +05:30
Sajad Parra 5b99921d75 add unit and integration tests for dsl variable #555 2021-11-30 20:20:43 +05:30
Sajad Parra 10e5595980 Merge branch 'dev' into dsl-variable-support 2021-11-30 18:41:18 +05:30
Sajad Parra de236379a1 remove stop-at-first-match info log #1188 2021-11-30 17:22:39 +05:30
Ice3man543 72a387c40a Merge from dev 2021-11-30 16:55:09 +05:30
Ice3man543 847e9d7c44 Misc changes to fix testa and lint 2021-11-30 16:26:29 +05:30
Ice3man543 eb7c704d36 Merging from dev 2021-11-30 16:23:39 +05:30
Sandeep Singh be66166b9d
Merge pull request #1282 from projectdiscovery/network-vars 
Added additional variables for network + simplified logic
 2021-11-30 12:10:26 +05:30
sandeep 684f332599 fix: {{Hostname}} to {{Host}} in test 2021-11-30 12:04:47 +05:30
Sandeep Singh edad82ad98
Merge pull request #1310 from projectdiscovery/speed-regression-bugfix 
fix #1303: speed regression due to missing goroutine in executer
 2021-11-30 11:19:31 +05:30
Ice3man d6cfa556b8
Merge pull request #1306 from projectdiscovery/fix-stdin-reading 
fix: #1274 spawned nuclei child process hangs reading stdin
 2021-11-30 00:28:00 +05:30
Ice3man543 65a1858f94 fix #1303: speed regression due to missing goroutine in executer 
Fixed speed regression introduced in dev due to missing go() statement when executing template input
 2021-11-30 00:17:52 +05:30
Sajad Parra a7ecadf189 add template level stop-at-first-match to workflows 2021-11-29 18:06:25 +05:30
Sajad Parra f60e93aae1 add template level stop at first match option 2021-11-29 16:01:06 +05:30
Ice3man543 c9943c0b2a fix: #1274 spawned nuclei child process hangs reading stdin 
Next and final attempt at fixing the stdin parsing issue when spawing as child from nodejs
 2021-11-29 14:38:55 +05:30
mzack a631262d91 Merge branch 'dev' into research-aws-signing 2021-11-29 09:36:12 +01:00
Sajad Parra d97aee01c3 Merge branch 'dev' of https://github.com/projectdiscovery/nuclei into dsl-variable-support 2021-11-29 13:36:09 +05:30
Sajad Parra 5deb454a81 merge Hostname variable to payloads in network request 2021-11-29 13:26:03 +05:30
GitHub Action 345a5a3de5 Auto Generate Syntax Docs + JSONSchema [Mon Nov 29 06:49:56 UTC 2021] 🤖 2021-11-29 06:49:56 +00:00
Sandeep Singh 95f31090dc
Merge pull request #1292 from projectdiscovery/improvements 
Small refactorings and linter driven improvements
 2021-11-29 12:18:28 +05:30
sandeep 75333dae3b Revert "Fixed stdin input parsing bug (#1286)" 
This reverts commit b59582bde7.
 2021-11-28 05:29:01 +05:30
sandeep 5a1c7a62b2 missing goimports 2021-11-28 04:55:18 +05:30
Sandeep Singh 670f0d6775
Merge branch 'dev' into network-vars 2021-11-28 04:42:08 +05:30
LuitelSamikshya b3805999f3
Unsafe flag with base template (#1279) 
* unsafe flag with base template
 2021-11-28 04:40:27 +05:30
Ice3man b59582bde7
Fixed stdin input parsing bug (#1286) 2021-11-28 04:31:39 +05:30
forgedhallpass c61ec5f673 feat: Improve DSL function UX #1295 2021-11-26 17:14:25 +02:00
forgedhallpass cd651ddf6f fix: Escaped the dot in a regex matching a domain 2021-11-26 17:12:27 +02:00
Ice3man dfe284664c
Fixed a crash with http module (#1285) 2021-11-26 18:51:02 +05:30
mzack a3319930c0 code refactor + request dump fix 
Fixes indirectly #844
 2021-11-26 13:49:12 +01:00
Ice3man543 c720354be2 Added part definition information to docs + misc 2021-11-26 16:23:54 +05:30
forgedhallpass 5eca474c5e refactor(CR): better way of writing switch statement 2021-11-26 11:38:09 +02:00
forgedhallpass 7e22d70ded refactor/documentation: typos and grammatical errors 2021-11-25 18:54:16 +02:00
forgedhallpass ec6889931d refactor: linter driven fixes 
* x = x + ""  => x += ""
* pre-allocating slice with known size
* added t.Helper() methods in test helpers
* complex if-else conditions replaced by switches
* errors should be checked using error.Is() instead of ==
* function parameter should start with lower case letter
* removed unnecessary type definition
* variable/label naming convention: camelCase instead of snake_case
 2021-11-25 17:57:22 +02:00
forgedhallpass fdaa8e4539 refactor: removed redundant type conversion 2021-11-25 17:18:54 +02:00
forgedhallpass 47340f06b0 refactor: uniformly sorted imports 2021-11-25 17:09:20 +02:00
forgedhallpass 3fd1f57b96 refactor: godoc and comment uniformization 
Adding space after // and before the godoc/comment
 2021-11-25 17:03:56 +02:00
forgedhallpass c8d009654c fix: Receiver mismatch warnings 2021-11-25 16:57:43 +02:00
forgedhallpass bebe5cbcfd refactor: Remove redundant character escapes from regexes 2021-11-25 16:24:37 +02:00
forgedhallpass fdd22ab668 refactor: Wrap errors using %w in fmt.Errorf 
see:
 * https://github.com/xxpxxxxp/intellij-plugin-golangci-lint/blob/master/explanation/goerr113.md
 * https://go.dev/blog/go1.13-errors#wrapping-errors-with-w
 2021-11-25 16:24:37 +02:00
forgedhallpass f9c214a66f refactor: update logic refactor to make it more testable 
Introduced logic to test for zip slip (path traversal)
 2021-11-25 16:24:28 +02:00
Ice3man543 caaa5c6594 Automatically generate docs for enum values 2021-11-25 19:34:01 +05:30
forgedhallpass 4bccb6cf8a fix: File and directory creation permission changes 
Directories: 0755 (5 - group and other can read cd into the directory and read it's content)
Files: 0644 (4 - group and other can only read the created files)
Tests files: 0777
 2021-11-25 14:37:57 +02:00
Sajad Parra 7e9272776d add variable support to dsl, remove dynamicValues from request struct 2021-11-25 16:19:42 +05:30
Ice3man543 f6072e9a95 Updating name of variable 2021-11-24 22:44:43 +05:30
Ice3man543 393babe3c3 Made iterate of values controllable with iterate-all-values flag in http 2021-11-24 22:40:17 +05:30
Ice3man543 273233bb81 Fixed a bug with mergemanymaps + misc lint fixes 2021-11-24 21:56:55 +05:30
Ice3man543 ef5b476c6d Reusing dynamically extracted values as iterators in http request 
This PR adds the support in http module to iterate over the dynamically extracted data from extractors
and use it in other requests. This allows nuclei to follow links on pages, do operations with
multiple versions of the same extracted value, etc.
 2021-11-24 21:08:08 +05:30
Ice3man543 a908a1515a Fixed example docs 2021-11-23 13:17:19 +05:30
Ice3man543 44e304179a Fixed a linter error 2021-11-23 13:15:24 +05:30
Ice3man543 831114bdbd Added default fields for DNS requests 2021-11-23 13:09:22 +05:30
Ice3man 1851e37aef
Merge pull request #1273 from projectdiscovery/fixed-missing-ip 
fix #1220: no ip returned for dialers
 2021-11-23 10:49:51 +05:30
Ice3man543 6c819d7917 Added additional variables for network + simplified logic 2021-11-23 10:44:31 +05:30
Ice3man 1581c96e4e
Added matched-status flag + template-path and url to output (#1272) 
* Added matched-status flag + template-path and url to output
 2021-11-22 17:53:25 +05:30
Ice3man543 ba67f8c8fe fix #1220: no ip returned for dialers 2021-11-22 09:51:13 +05:30
Mzack9999 ca9676f52e
Adding support for clustering within workflow (#1255) 
* Adding support for clustering within workflow
 2021-11-22 04:49:53 +05:30
Ice3man543 bdf1c2010b Fixed jsonschema for matchertype missing String() 2021-11-20 19:50:18 +05:30
Ice3man543 66dacccfb4 Fixed matcher type integer issue 2021-11-20 19:47:05 +05:30
Sajad f74ff3fc49
Tag based struct validation (#1256) 
* Added tag based struct validation
 2021-11-20 13:25:27 +05:30
mzack ed55de71d9 fixing internal normalized value 2021-11-20 02:26:16 +01:00
GitHub Action b8246ab8e5 Auto Generate Syntax Docs + JSONSchema [Fri Nov 19 10:55:27 UTC 2021] 🤖 2021-11-19 10:55:27 +00:00
LuitelSamikshya 4b8ec29d8d
struct to enums changes for Matchers (#1246) 
* struct to enums changes for Matchers
 2021-11-19 16:24:09 +05:30
forgedhallpass 09eba6c0cf
feat: In case of binary data, show a hexadecimal view as well #1080 (#1266) 
Highlight the longest occurrences when there are matches that are substrings of each other
 2021-11-19 15:45:43 +05:30
mzack 71d4e5318a . 2021-11-18 22:28:10 +01:00
mzack 359eb7c3d2 making iota zero based 2021-11-18 21:58:32 +01:00
mzack bdffa373cf solving linting issues 2021-11-18 21:54:24 +01:00
mzack b42f0d32ea Merge branch 'dev' into research-aws-signing 2021-11-18 21:50:49 +01:00
mzack ddb07ebb75 adding support for aws file credential 2021-11-18 21:44:58 +01:00
GitHub Action 5a0f483cd3 Auto Generate Syntax Docs + JSONSchema [Thu Nov 18 20:12:46 UTC 2021] 🤖 2021-11-18 20:12:46 +00:00
LuitelSamikshya 2856e7e247
Extractor + Headless Actions structures to enums (#1217) 
* enum support for extractor
 2021-11-19 01:41:10 +05:30
GitHub Action ccb588f383 Auto Generate Syntax Docs + JSONSchema [Thu Nov 18 13:53:42 UTC 2021] 🤖 2021-11-18 13:53:42 +00:00
Mzack9999 7f5f791e23
Adding dns trace support in dns templates (#1236) 
* Adding dns trace support in dns templates + minor refactoring
 2021-11-18 19:22:11 +05:30
LuitelSamikshya d078b72381
enum changes for http method (#1234) 
* enum changes for http method
 2021-11-18 19:20:21 +05:30
GitHub Action 25189c3ae7 Auto Generate Syntax Docs + JSONSchema [Thu Nov 18 13:50:07 UTC 2021] 🤖 2021-11-18 13:50:07 +00:00
LuitelSamikshya 64a93a4570
enum changes for network type (#1233) 
* enum changes for network type
 2021-11-18 19:18:47 +05:30
LuitelSamikshya 4ff90c1373
struct to enum changes for Dns Type (#1245) 
* struct to enum changes for Dns Type
 2021-11-18 19:17:34 +05:30
mzack 38ff8f75b1 adding signature syntax validation 2021-11-17 01:28:35 +01:00
mzack 0379afc748 Merge branch 'dev' into research-aws-signing 2021-11-17 00:03:00 +01:00
Ice3man eaa0d37065
feat #1092: Validate binary values + precompile them as well (#1213) 
* Added validation for binary values + precompile them

* Changed name of the binary matcher field

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2021-11-17 02:04:27 +05:30
sandeep f73b20e415 Merge branch 'dev' of https://github.com/projectdiscovery/nuclei into research-aws-signing 2021-11-17 02:02:07 +05:30
Ice3man 50a816fce9
Fixed a crash with uninitialized interactsh client (#1251) 
* Fixed a crash with uninitialized interactsh client
 2021-11-16 20:02:39 +05:30
Ice3man543 cc33366acb fixed a conditon with workflow type switch 2021-11-14 15:30:28 +05:30