47e75038f0
headless: fix panic + refactor waitevent action ( #4465 )
...
* fix waitEvent action
* avoid future panics
* integration test + bug fix
* headless: add max-duration support in waitevent
* fix comment + max-duration input
2023-12-06 19:08:26 +05:30
a9efb75d59
introduce disable-cookie ( #4292 )
...
* introduce disable-cookie
* remove debug statement
* fix headless template
* increase `-interactions-poll-duration` value to 5
* docs update
---------
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2023-11-18 13:02:10 +05:30
83abe0969e
introduce `self-contained` to headless ( #4322 )
...
* introduce `self-contained` to headless
* fix matched url print
2023-11-02 19:08:20 +05:30
595ba8e3a5
bug fixes in js , network protocol and flow ( #4313 )
...
* fix net read
* only return N bytes if extra available
* use ConnReadN from readerutil
* add integration test
* print unsigned warning in stderr
* fix js protocol in flow #4318
* fix integration test: url encoding issue
* fix network protocol issue + integration tests
* multiple improvements to integration test
* replace all conn.Read() from tests
* disable network-basic.yaml in windows
* disable code protocol in win CI
* fix bitwise login ps1-snippet.yaml
* hide previous matcher events in flow
* remove dead code+ update integration tests
---------
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2023-11-02 13:33:40 +05:30
c79d2f05c4
fix trailing dot ( #4295 )
...
* fix trailing dot
* remove trailing dot from `domain`
* remove trailing dots from answer
* remove dots
* fix integration test
2023-11-01 16:51:22 +05:30
83681fb308
misc sdk enhancements ( #4301 )
...
* add template sign/parse methods
* export installer package
* add readme
* consistent implementation of writefailure
* fix lint error
2023-10-30 19:02:06 +05:30
e9ab5f498a
template preprocessor + multi request variables indexing bug fix ( #4262 )
...
* add randstr preprocessor to defaults
* fix indexing in http + preprocessor integration test
* add multi-request integration test
* skip test if asnmap is down
2023-10-20 17:54:10 +05:30
dc44105baf
nuclei v3 : misc updates ( #4247 )
...
* use parsed options while signing
* update project layout to v3
* fix .gitignore
* remove example template
* misc updates
* bump tlsx version
* hide template sig warning with env
* js: retain value while using log
* fix nil pointer derefernce
* misc doc update
---------
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2023-10-17 17:44:13 +05:30
32de68d3a5
Merge branch 'v3-beta', remote-tracking branch 'origin' into dev
2023-10-16 15:00:00 +05:30
c35162c8ef
nuclei v3 bug fixes ( #4176 )
...
* store and generate signer keys
* fix trailing newline in code_response
* fix formatting and update error string
* fix integration test
* fix rsaSigned code integration test
* bug fixes , docs and more
* bump go -> 1.21
* use 'response' as default part in code templates
* disable sourcemaps for all js runtimes
* disable eval function
* rewrite file validation in sandbox mode
* sandbox file read improvements + minor refactor
* refactor sign and verify logic
* fix panic and missing id in code protocol
* disable re-signing code protocol templates
* fix code resigning in tests
* allow -lfa in test for signing templates
* start index from 1 in flow and multiproto
* remove testfiles
* add python in integration test
* update code protocol docs
* add python engine in template
* rework template signer
* fix integration test and more
* reworked template signer
* fix lint error
* display signature stats
* update docs
* add user fragment to signature
* use md5 to generate fragment
* update docs with code re-sign
* misc updates
* public crt update
* remove workflow info statement
* fix printing issues
* refactor preprocessor logic
* remove debug statement
* fix failing example test
* go mod tidy
---------
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2023-10-13 13:17:27 +05:30
9a39757caa
use std config directories ( #4228 )
...
* use std config directories
* use NUCLEI_CONFIG_DIR env for config dir
* add template sources option in sdk
* add cloud.projectdiscovery.io to trusted domain
* fix failing test
2023-10-13 11:55:09 +05:30
0137a40a35
Gitlab tracker: Duplicate issues ( #4152 )
...
* Added initial API docs
* dark mode fixes!
* gitlab tracker duplicate check
* integration test
* added In to search to restrict to title match
* added example GitLab yaml
---------
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2023-09-25 22:55:12 +05:30
c377221a78
header fuzzing support in http templates ( #4114 )
...
* Add headersPartType for fuzzing
* fix nil pointer dereference for headless mode
* minor changes+ add integration test
* update template in fuzz-header-multiple
---------
Co-authored-by: 0x123456789 <0x123456789>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
2023-09-19 00:01:32 +05:30
4f93520e47
javascript protocol for scripting (includes 15+ proto libs) ( #4109 )
...
* rebase js-layer PR from @ice3man543
* package restructuring
* working
* fix duplicated event & matcher status
* fix lint error
* fix response field
* add new functions
* multiple minor improvements
* fix incorrect stats in js protocol
* sort output metadata in cli
* remove temp files
* remove dead code
* add unit and integration test
* fix lint error
* add jsdoclint using llm
* fix error in test
* add js lint using llm
* generate docs of libs
* llm lint
* remove duplicated docs
* update generated docs
* update prompt in doclint
* update docs
* temp disable version check test
* fix unit test and add retry
* fix panic in it
* update and move jsdocs
* updated jsdocs
* update docs
* update container platform in test
* dir restructure and adding docs
* add api_reference and remove markdown docs
* fix imports
* add javascript design and contribution docs
* add js protocol documentation
* update integration test and docs
* update doc ext mdx->md
* minor update to docs
* new integration test and more
* move go libs and add docs
* gen new net docs and more
* final docs update
* add new devtool
* use fastdialer
* fix build fail
* use fastdialer + network sandbox support
* add reserved keyword 'Port'
* update Port to new syntax
* misc update
* always enable templatectx in js protocol
* move docs to 'js-proto-docs' repo
* remove scrapefuncs binary
---------
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2023-09-16 16:02:17 +05:30
eec907a370
resolve merge conflicts
2023-09-13 20:28:48 +05:30
584662f6af
add new field 'port' in network protocol ( #4123 )
...
* add reserved networkPort in template
* add 'port' field in network request
* add integration test
* add exclude-ports and update docs
* misc update
---------
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2023-09-12 04:34:15 +05:30
f7fe99f806
add `flow` support in template (i.e javascript scripting) ( #4015 )
...
* add flow logic
* progress
* working POC
* fix string slice normalization issue in variables
* update
* fix nil panic
* remove poll()
* load file with sandbox and more
* fix failing integration tests
* JS: log: print in vardump format
* fix missing id in protocols
* fix proto prefix in template context
* flow: add unit tests
* conditional flow support using flow
* fix proto callbacks + more unit tests
* adds integration test
* conditional flow: check if req has any matchers
* fix lint error
* deprecate iterate-all+ missing multi-proto implementation
* fix ip input in raw request
* JS: feat dedupe object+ more builtin funcs
* feat: hide protocol result using hide
* feat: async execution
* complete async execution support
* fix condition-flow without any matchers
* refactor: template executer package (tmplexec)
* flow executor working
* fix data race in templateCtx
* templateCtx redesign
* fix failing unit test
* add multiprotocol support to deprecated syntax
* fix race condition in utils & tlsx
* add documentation in flow package
* remove regions.txt file
* fix minor issue with self contained templates
* fix typos of copilot
* dep + misc update
* fix reqID: use req.Type instead of template.Type
---------
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2023-08-31 18:03:01 +05:30
d3928e080d
optional file read in headless protocol ( #4055 )
...
* use -lfa and -lna in headless
* fix lna in headless
* misc update
* fix nil pointer dereference in test
* fix lint & unit test
* use urlutil
* headless protocol scheme improvements
* add unit and integration tests
* run unit test from binary
---------
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
2023-08-25 18:30:46 +05:30
61fc7350d1
add integration test
2023-08-18 02:49:05 +05:30
7997e8dbec
Fix edge cases `disable-path-automerge` ( #4035 )
...
* fix edge cases for disable-path-automerge
* misc update
2023-08-10 19:28:05 +05:30
8125b6805c
resolve merge conflicts with dev
2023-08-04 20:21:22 +05:30
c8a7df98f3
fix removing double slash prefix in raw req path ( #3960 )
...
* update utils lib
* add integration test on unsafe:false
* fix build error
---------
Co-authored-by: mzack <marco.rivoli.nvh@gmail.com>
2023-08-04 00:56:32 +05:30
4c1c5301b9
Spelling ( #4008 )
...
* spelling: addresses
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: asynchronous
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: basic
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: brute force
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: constant
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: disables
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: engine
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: every time
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: execution
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: false positives
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: from
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: further
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: github
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: gitlab
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: highlight
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: hygiene
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: ignore
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: input
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: item
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: itself
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: latestxxx
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: navigation
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: negative
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: nonexistent
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: occurred
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: override
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: overrides
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: payload
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: performed
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: respective
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: retrieve
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: scanlist
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: separated
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: separator
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: severity
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: source
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: strategy
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: string
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: templates
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: terminal
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: timeout
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: trailing slash
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: trailing
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: websocket
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
---------
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
2023-08-02 00:03:43 +05:30
6bdef68734
ignore version parsing error ( #3984 )
...
* ignore version parsing error
* hide no parameter error
* integration test+ DEBUG.md
* typo fix in DEBUG.md
* go mod tidy
---------
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2023-07-28 21:04:02 +05:30
16894cf0e0
fixing certificate expiration date ( #3995 )
2023-07-28 19:22:14 +05:30
66f0dc735c
Adding jarm helper via dsl ( #3906 )
...
* Adding jarm helper via dsl
* adding test
* removing debug file
* fixing tests
---------
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2023-07-14 21:24:12 +05:30
3dca03163c
Automatic target merge in network templates ( #3904 )
...
* skip visited actual addressess
* removed test
* adding disable clustering support
2023-07-06 21:33:52 +05:30
6707bc777a
fix showing multiple failure matches per template on -ms set ( #3770 )
...
* fix showing multiple failure matchers per template
add integration test
* exclude AS134029 from unit test
* Add flag for match status per request
* chore(deps): bump golangci/golangci-lint-action from 3.4.0 to 3.5.0 (#3777 )
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](https://github.com/golangci/golangci-lint-action/compare/v3.4.0...v3.5.0 )
---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump github.com/xanzy/go-gitlab in /v2 (#3778 )
Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab ) from 0.83.0 to 0.84.0.
- [Changelog](https://github.com/xanzy/go-gitlab/blob/master/releases_test.go )
- [Commits](https://github.com/xanzy/go-gitlab/compare/v0.83.0...v0.84.0 )
---
updated-dependencies:
- dependency-name: github.com/xanzy/go-gitlab
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump github.com/spf13/cast from 1.5.0 to 1.5.1 in /v2 (#3780 )
Bumps [github.com/spf13/cast](https://github.com/spf13/cast ) from 1.5.0 to 1.5.1.
- [Release notes](https://github.com/spf13/cast/releases )
- [Commits](https://github.com/spf13/cast/compare/v1.5.0...v1.5.1 )
---
updated-dependencies:
- dependency-name: github.com/spf13/cast
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* enable no-httpx when passive scan is launched (#3789 )
* chore(deps): bump github.com/projectdiscovery/fastdialer from 0.0.26 to 0.0.28 in /v2 (#3779 )
* chore(deps): bump github.com/projectdiscovery/fastdialer in /v2
Bumps [github.com/projectdiscovery/fastdialer](https://github.com/projectdiscovery/fastdialer ) from 0.0.26 to 0.0.28.
- [Release notes](https://github.com/projectdiscovery/fastdialer/releases )
- [Commits](https://github.com/projectdiscovery/fastdialer/compare/v0.0.26...v0.0.28 )
---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/fastdialer
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* Bump retryabledns to 0.28
* Update the retryabledns
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shubhamrasal <shubhamdharmarasal@gmail.com>
* deprecatedProtocolNameTemplates concurrent map writes (#3785 )
* deprecatedProtocolNameTemplates
* use syncLock
* fix lint error
* change version in deprecated warning msg
* comment asnmap expand unit test
---------
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
Co-authored-by: Tarun Koyalwar <45962551+tarunKoyalwar@users.noreply.github.com>
* Issue 3339 headless fuzz (#3790 )
* Basic headless fuzzing
* Remove debug statements
* Add integration tests
* Update template
* Fix recognize payload value in matcher
* Update tempalte
* use req.SetURL()
---------
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
* Auto Generate Syntax Docs + JSONSchema [Fri Jun 9 00:23:32 UTC 2023] 🤖
* Add headless header and status matchers (#3794 )
* add headless header and status matchers
* rename headers as header
* add integration test for header+status
* fix typo
* chore(deps): bump golang from 1.20.4-alpine to 1.20.5-alpine (#3809 )
Bumps golang from 1.20.4-alpine to 1.20.5-alpine.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump github.com/go-playground/validator/v10 in /v2 (#3810 )
Bumps [github.com/go-playground/validator/v10](https://github.com/go-playground/validator ) from 10.11.2 to 10.14.1.
- [Release notes](https://github.com/go-playground/validator/releases )
- [Commits](https://github.com/go-playground/validator/compare/v10.11.2...v10.14.1 )
---
updated-dependencies:
- dependency-name: github.com/go-playground/validator/v10
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump github.com/projectdiscovery/rawhttp in /v2 (#3811 )
Bumps [github.com/projectdiscovery/rawhttp](https://github.com/projectdiscovery/rawhttp ) from 0.1.11 to 0.1.13.
- [Release notes](https://github.com/projectdiscovery/rawhttp/releases )
- [Commits](https://github.com/projectdiscovery/rawhttp/compare/v0.1.11...v0.1.13 )
---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/rawhttp
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 in /v2 (#3812 )
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git ) from 5.6.1 to 5.7.0.
- [Release notes](https://github.com/go-git/go-git/releases )
- [Commits](https://github.com/go-git/go-git/compare/v5.6.1...v5.7.0 )
---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump github.com/projectdiscovery/hmap in /v2 (#3781 )
Bumps [github.com/projectdiscovery/hmap](https://github.com/projectdiscovery/hmap ) from 0.0.11 to 0.0.13.
- [Release notes](https://github.com/projectdiscovery/hmap/releases )
- [Commits](https://github.com/projectdiscovery/hmap/compare/v0.0.11...v0.0.13 )
---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/hmap
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Using safe dereferencing
* adding comment
* fixing and condition
* fixing test id
* adding integration test
* update goflags dependency
* update goflags dependency
* bump goflags v0.1.9 => v0.1.10
* handle failure matcher flags logic at executor itself
* add integration test to matcher status per request
* Adding random tls impersonate (#3844 )
* adding random tls impersonate
* dep update
---------
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
* Use templateman enhance api to populate CVE info (#3788 )
* use templateman enhance api to populate cve info
* rename cve-annotate => tmc
add additional flags to format, lint and enhance template using templateman apis
* minior changes
* remove duplicate code
* misc update
* Add validate and error log option
* print if updated
* print format and enhance only if updated
* make max-request optional
* fix reference unmarshal error
* fix removing self-contained tag
---------
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
* fix matcher status with network protocol
* fix test
* remove -msr flag
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Dogan Can Bakir <65292895+dogancanbakir@users.noreply.github.com>
Co-authored-by: shubhamrasal <shubhamdharmarasal@gmail.com>
Co-authored-by: 三米前有蕉皮 <kali-team@qq.com>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
Co-authored-by: Tarun Koyalwar <45962551+tarunKoyalwar@users.noreply.github.com>
Co-authored-by: Shubham Rasal <shubham@projectdiscovery.io>
Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: Mzack9999 <mzack9999@protonmail.com>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2023-06-30 23:32:00 +05:30
bdf77005d6
resolve merge conflicts
2023-06-27 20:21:14 +05:30
c9d0942bc1
Extend headless contextargs ( #3850 )
...
* extend headless contextargs
* using darwin-latest
* grouping page options
* temp commenting code out
* fixing test
* adding more checks
* more checks
* fixing first navigation metadata
* adding integration test
* proto update
---------
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2023-06-26 22:55:51 +05:30
fa199ed3b3
Improving clientpool with client certificates ( #3851 )
...
* Improving clientpool with client certificates
* adding test case
* Revert "Merge branch 'dev' into issue-3800-client-cert"
This reverts commit 7f057d742f4b9bda8e83b2052e29617b86b6776d, reversing
changes made to 7297cebcf8bb0f88961b644fc2ac7c040df8ffd9.
* Revert "Revert "Merge branch 'dev' into issue-3800-client-cert""
This reverts commit 2053a248a0cdc2002e0b4b4faa3472cf11c29760.
* go fmt
---------
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2023-06-26 17:45:12 +05:30
cddae989f3
Add template option to disable merging target url path with raw request path ( #3799 )
...
* add template option to disable merging target url path with raw request path
* rename disable-merge-path -> disable-path-automerge
add integration test
2023-06-19 20:22:17 +05:30
200faa107e
adding integration test
2023-06-13 17:27:26 +02:00
18e2d2cb24
fixing test id
2023-06-13 17:24:31 +02:00
a7fb15d0bd
Adding support for code templates ( #2930 )
...
* Adding support for code templates
* adding support for python, powershell and echo (test)
* removing debug code
* introducing command + trivial trust store mechanism
* updating tests
* adding basic tests
* removing deprecated oracle
* mod tidy
* adding signature proto with debug prints
* removing debug code
* fixing test
* fixing param order
* improving test conditional build
* disable file+offlinehttp+code with cloud
* adding env vars
* removing debug code
* reorganizing test folders
* adding code template test prototype with dummy priv/pub keys
* bump go to 1.20
* fixing go version
* fixing lint errors
* adding fatal on pub-key test failure
* switching to ecdsa asn1
* removing unused signature
* fixing signature
* adding more tests
* extending core with engine args + powershell win test
* adding unsigned code test
* skip template signing in particular test case
* improving test coverage
* refactoring key names + adding already signed algo
* removing debug code
* fixing syntax
* fixing lint issues
* removing test template
* fixing dns tests path
* output fmt
* adding interact
* fixing lint issues
* adding -sign cli helper
* fixing nil pointer + parse inline keys
* making rsa default
* adding code prot. ref
* moving file to correct loc
* moving test
* Issue 3339 headless fuzz (#3790 )
* Basic headless fuzzing
* Remove debug statements
* Add integration tests
* Update template
* Fix recognize payload value in matcher
* Update tempalte
* use req.SetURL()
---------
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
* Auto Generate Syntax Docs + JSONSchema [Fri Jun 9 00:23:32 UTC 2023] 🤖
* Add headless header and status matchers (#3794 )
* add headless header and status matchers
* rename headers as header
* add integration test for header+status
* fix typo
* add retry to py-interactsh integration test
---------
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: Shubham Rasal <shubham@projectdiscovery.io>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: Dogan Can Bakir <65292895+dogancanbakir@users.noreply.github.com>
Co-authored-by: Tarun Koyalwar <45962551+tarunKoyalwar@users.noreply.github.com>
2023-06-09 20:54:24 +05:30
e1d3f474a4
support for dynamic variables in template context (multi protocol execution) ( #3672 )
...
* multi proto request genesis
* adds template context dynamic vars
* feat: proto level resp variables
* remove proto prefix hacky logic
* implement template ctx args
* remove old var name logic
* improve AddTemplateVars func
* add multi proto comments+docs
* vardump with sorted keys
* fix race condition in ctx args
* default initialize ctx args
* use generic map
* index variables with multiple values
* fix nil cookies
* use synclock map
* fix build failure
* fix lint error
* resolve merge conflicts
* multi proto: add unit+ integration tests
* fix unit tests
* Issue 3339 headless fuzz (#3790 )
* Basic headless fuzzing
* Remove debug statements
* Add integration tests
* Update template
* Fix recognize payload value in matcher
* Update tempalte
* use req.SetURL()
---------
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
* Auto Generate Syntax Docs + JSONSchema [Fri Jun 9 00:23:32 UTC 2023] 🤖
* Add headless header and status matchers (#3794 )
* add headless header and status matchers
* rename headers as header
* add integration test for header+status
* fix typo
---------
Co-authored-by: Shubham Rasal <shubham@projectdiscovery.io>
Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: Dogan Can Bakir <65292895+dogancanbakir@users.noreply.github.com>
2023-06-09 19:52:56 +05:30
a4ca2021cd
Add headless header and status matchers ( #3794 )
...
* add headless header and status matchers
* rename headers as header
* add integration test for header+status
* fix typo
2023-06-09 15:03:03 +05:30
a34b94e62f
Issue 3339 headless fuzz ( #3790 )
...
* Basic headless fuzzing
* Remove debug statements
* Add integration tests
* Update template
* Fix recognize payload value in matcher
* Update tempalte
* use req.SetURL()
---------
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
2023-06-09 05:50:44 +05:30
0d2d510689
Adding support for constants ( #3692 )
...
* adding support for constants
* fixing typo
* adding integration test
* fixing lint issues
* fixing template syntax
2023-05-25 22:02:35 +05:30
9c2fa8f9c4
Add payload in dns protocol ( #3632 )
...
* add execute function in dns
* Add payload in dns protocol
* Add integration test to cover dns payload
- also check command line overriding a payload variable
* Update matchedAt and remove trailing dot
* Consider payload data for request count
- Update verbose output to print question
- Update dns requests Requests function to consider payload data
* update gitignore
* bump nuclei version to v2.9.4-dev
---------
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
2023-05-11 03:26:29 +05:30
449afc0c5c
Issue 3564 var override ( #3599 )
...
* Check if the variables are override by other means
- you can override the template variable value using command line flags
* Update lazy eval logic
- previously, we were checking any function/expression in variable
- now, update the logic, lazy eval only if variable contains any
protocol variable(global)
* add integration tests
* Add test to check the dsl function working in variable
* gather all generate variables logic in utils
* go mod update
* Refactor the generate variables function
* go mod update+ fix typo
---------
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
2023-05-02 23:49:56 +05:30
f640187709
Expose DNS fields for matchers and extractors ( #3613 )
...
* Extend dns extractor to dns answer records
* add test template
* Ignore error for dns variables are not found
* Add all the records of answer section
* Fixed the wrong typecasting
2023-05-02 17:13:11 +05:30
6ebb8e98f4
Fix wrong template loading in dev branch ( #3629 )
...
* Templates wrong loading
* Add tests to cover following scenarios
- check optional fields only if template loaded
- it should return warning only if template is loaded
2023-05-02 15:12:55 +05:30
7f5e4e2336
aws signer: fix missing x-content-sha256 header ( #3601 )
...
* fix missing x-content-sha256 header
* fix variable priority in self-contained templates
* remove debug statement
* adds generic raw request parser for self-contained req
* more integration tests
* bug fix: 10x faster race requests
* fix failing integration test
2023-05-01 12:15:35 +05:30
4e6ef4490e
duplicated params in self contained requests ( #3608 )
...
* fix duplicated params in self-contained+ export extracted values to file
* add integration tests + fix percentage overflow in pb
* fix integration test template id
* integration test: validate if file exists
2023-04-26 12:35:07 +05:30
6f4b1ae48a
Replacing ccache with generic gcache ( #3523 )
...
* Replacing ccache with generic gcache
* fixing lint issues
* removing unecessary hashing + using errorutils
* making test more tolerant
* removing dead code + refactor
* removing redundant code
* removing race
* maint
* moving code
* adding more iterations
* note + typo
* temporary fixing stop-at-first-match with interact
* wrapping internal map with mux
* sort before running integration test
* fix deadlock in requestShouldStopAtFirstMatch
* add timeout to integration_test workflow
* attempting to remove outer lock
* adds interactsh protocol tests in integration_test
---------
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
2023-04-16 23:19:35 +05:30
45cc676f96
Evaluate payload variables ( #3503 )
...
* Evaluate payload variables
* Add variables evaluation
* Extend variables test
- to check evaluation of global variables in variables
- to check evaluation of golbal variables in payload
* Add default and cli variables to websocket, whois and dns proto
- use url.Parse with urlutil.Parse
2023-04-12 01:50:58 +05:30
c9634fae72
Issue 3350 matcher condition or not work ( #3397 )
...
* fix or condition match even interactsh includes as matcher-part (#3350 )
* add integration test
* add new template to integration test
* matcher-condtion: test case for both conditions
* fix lint errors
* upgrade dependencies
---------
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
2023-03-15 20:45:44 +05:30
572c8eb780
Issue 2987 fuzz options ( #3355 )
...
* Add override fuzzing type and mode flags
* Update english readme
* Fix failing tests
* Add the integration tests
- validate the command line overriding type and mode for fuzzing
2023-03-06 16:56:38 +05:30
d9e953acfa
fix file input in custom vars for self contained http template ( #3385 )
...
* fix file input in variables(-V)
* fix lint error
* fix nuclei-ignore file failures
2023-03-04 04:57:27 +05:30
Tarun Koyalwar
Dogan Can Bakir
sandeep
Stefan Kahn
Daniil Morozov
Tarun Koyalwar
Sandeep Singh
Ramana Reddy
Josh Soref
Mzack9999
Shubham Rasal