daffainfo
/
nuclei
mirror of https://github.com/daffainfo/nuclei.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,665 Commits
1 Branch
0 Tags
28 MiB
Commit Graph

151 Commits (59d208d44a9d967f459928d356c0cbc2822b82e6)

Author SHA1 Message Date
Tarun Koyalwar 29b69a12ce
pdcp result chunked upload (#4662) 
* chunked pdcp cloud results upload

* add -sid option to specify scanid

* fix scan result append endpoint
 2024-01-21 02:26:16 +05:30
sandeep f7ba2390bf dev version update 2024-01-19 02:02:58 +05:30
sandeep 4dca9a1959 version update 2024-01-18 05:55:34 +05:30
Tarun Koyalwar c7c35ffb94
fix multiple mem leaks + optimizations (#4630) 
* fix mem leak

* bump version tag

* http: add  global resp body read limit of 4MB

* skip creating templateCtx in normal templates

* fix mem leak via retryablehttp , fastdialer

* go mod tidy

* remove unused var

* dep update

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2024-01-18 05:53:42 +05:30
GitHub Action a942c05d22 Auto Generate Syntax Docs + JSONSchema [Wed Jan 17 23:10:24 UTC 2024] 🤖 2024-01-17 23:10:24 +00:00
Tarun Koyalwar a677fca192
misc improvements in js protocol execution (#4643) 
* js protocol  timeout using -timeout flag

* fix zgrab smb hang

* fix lint error

* custom timeout field in js protocol

* minor update: bound checking

* add 6 * -timeout in code protocol by default
 2024-01-18 04:39:15 +05:30
Tarun Koyalwar 68b9dd52ad
error handling + support offlinehttp in flow templates (#4653) 2024-01-17 23:16:57 +05:30
Dogan Can Bakir 76f7c0c903
fix panic in interactsh process interaction ( nil check on compiled operators) (#4511) 
* nil check

* misc updates

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2024-01-13 03:24:52 +05:30
Jean Rougé 39d25c3d4f
Adding an option to dump resume files when a runner hangs (#4440) 
* Adding an option to dump resume files when a runner hangs

Signed-off-by: Jean Rouge <rougej+github@gmail.com>

* Adding new option to README

* Removing unfinished comment

* always create resume file on hang

---------

Signed-off-by: Jean Rouge <rougej+github@gmail.com>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2024-01-13 01:46:57 +05:30
Tarun Koyalwar 619396a6b8
flow: flatten dynamic values array if len is 1 (#4625) 
* flow: flatten dynamic values array if len is 1

* wait for exporters when closing

* misc updates
 2024-01-13 00:44:25 +05:30
Valerio Casalino edae2f4ec4
implement GetKerberoastableUsers in ldap module (#4420) 
* add method 'GetKerberoastableUsers()'

* add more attributes to KerberostableUser in ldap module
 2024-01-13 00:32:00 +05:30
Tarun Koyalwar a8cdd21120
code: fix variables merge order (#4623) 
* fix variables merge order

* format screen: quote and trim extracted result

* code: interpret env vars in debug mode

* update integration test
 2024-01-12 23:10:00 +05:30
Valerio Casalino 70452efec1
add method GetServiceTicket to the kerberos module (#4422) 
* add method GetServiceTicket to the kerberos module

* add target username to service ticket

* destroy kerberos client when function returns
 2024-01-12 14:24:39 +05:30
sandeep 99775e0392 version update 2024-01-10 18:53:02 +05:30
Tarun Koyalwar 1d246329ea
add logical check before creating result: #4603 (#4608) 2024-01-10 16:34:40 +05:30
sandeep 018aecfbae version update 2024-01-08 05:25:58 +05:30
Tarun Koyalwar 02a9b86dd7
fix missing results in flow template + feature: internal matchers using `internal: true` (#4582) 
* log warnings + use scanContext in flow

* refactor flow to use scanContext + log all events

* feat: internal matcher

* fix integration test

* bug fix extractor: merge dynamic values, fix missing extractors in file

* flow: fix 'No Results Found' if last statement output is false

* fix unit test
 2024-01-08 05:12:11 +05:30
Mzack9999 5e48aed29b
Using network policy everywhere (#4578) 
* Using network policy everywhere

* fixing bool param

* fixing websocket parsing issue

* fixing other schemes

* go mod tidy

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2024-01-08 05:09:11 +05:30
Tarun Koyalwar 056073da25
code protocol: donot exit on non zero status code (#4585) 2024-01-08 03:27:08 +05:30
Mzack9999 342cc56a28
Merge pull request #4575 from projectdiscovery/feat-fastdialer-exclude 
pass exclude list to layer 4 fast dialer
 2024-01-05 12:46:07 +01:00
Tarun Koyalwar d064801270
fallthrough extracted values in order (#4574) 
* fallthrough extracted values in order

* fix unit test & update .gitignore

* remove temp file

---------

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
 2024-01-05 05:25:31 +05:30
Tarun Koyalwar f663d1c9cf
deprecate(remove): file write in extractor using `to` (#4565) 
* fix race-condition & oow in extracted file output

* add mutex for file.Write + set finalizer for os.File

* fix integration test

* disable extractor save to file in lib mode(configurable)

* use sync.Once for init

* disable out of bound image write in headless

* misc updates

* fix headless screenshot test

* fix extractor save to file integration test

* remove 'to' feature in extractors
 2024-01-05 03:23:08 +05:30
mzack 80d347d3f1 pass exclude list to layer 4 fast dialer 2024-01-04 21:18:20 +01:00
Dogan Can Bakir 2d3906cafc
add tags as addition to `-as` (#4543) 2023-12-29 03:35:56 +05:30
Dogan Can Bakir f6ebe7f5f1
fix fuzzing self-contained input requirement (#4531) 2023-12-24 14:16:09 +05:30
sandeep c60b7f02f2 version update 2023-12-21 18:18:58 +05:30
abut0n 199bd9d892
Make the SMTP client used in javascript templates able to send email (#4451) 
* Update smtp.go

make smtp module able to send mail

* Pass Lint Test

* chore(deps): bump github.com/projectdiscovery/retryablehttp-go

Bumps [github.com/projectdiscovery/retryablehttp-go](https://github.com/projectdiscovery/retryablehttp-go) from 1.0.36 to 1.0.38.
- [Release notes](https://github.com/projectdiscovery/retryablehttp-go/releases)
- [Commits](https://github.com/projectdiscovery/retryablehttp-go/compare/v1.0.36...v1.0.38)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/retryablehttp-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* chore(deps): bump github.com/projectdiscovery/clistats

Bumps [github.com/projectdiscovery/clistats](https://github.com/projectdiscovery/clistats) from 0.0.19 to 0.0.20.
- [Release notes](https://github.com/projectdiscovery/clistats/releases)
- [Commits](https://github.com/projectdiscovery/clistats/compare/v0.0.19...v0.0.20)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/clistats
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* chore(deps): bump github.com/projectdiscovery/retryabledns

Bumps [github.com/projectdiscovery/retryabledns](https://github.com/projectdiscovery/retryabledns) from 1.0.44 to 1.0.45.
- [Release notes](https://github.com/projectdiscovery/retryabledns/releases)
- [Commits](https://github.com/projectdiscovery/retryabledns/compare/v1.0.44...v1.0.45)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/retryabledns
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* chore(deps): bump github.com/projectdiscovery/dsl from 0.0.32 to 0.0.33

Bumps [github.com/projectdiscovery/dsl](https://github.com/projectdiscovery/dsl) from 0.0.32 to 0.0.33.
- [Release notes](https://github.com/projectdiscovery/dsl/releases)
- [Commits](https://github.com/projectdiscovery/dsl/compare/v0.0.32...v0.0.33)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/dsl
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* chore(deps): bump github.com/projectdiscovery/rawhttp

Bumps [github.com/projectdiscovery/rawhttp](https://github.com/projectdiscovery/rawhttp) from 0.1.27 to 0.1.28.
- [Release notes](https://github.com/projectdiscovery/rawhttp/releases)
- [Commits](https://github.com/projectdiscovery/rawhttp/compare/v0.1.27...v0.1.28)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/rawhttp
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* http: support arbitrary strings on TLS SNI annotation (#4462)

* headless: fix panic + refactor waitevent action (#4465)

* fix waitEvent action

* avoid future panics

* integration test + bug fix

* headless: add max-duration support in waitevent

* fix comment + max-duration input

* add timeout (#4467)

* add timeout

* ssh: make timeout configurable

* ssh: update bindings + docs

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>

* use file stat to check if file is empty (#4469)

* version update

* chore(deps): bump github.com/projectdiscovery/ratelimit

Bumps [github.com/projectdiscovery/ratelimit](https://github.com/projectdiscovery/ratelimit) from 0.0.17 to 0.0.19.
- [Release notes](https://github.com/projectdiscovery/ratelimit/releases)
- [Commits](https://github.com/projectdiscovery/ratelimit/compare/v0.0.17...v0.0.19)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/ratelimit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* chore(deps): bump github.com/projectdiscovery/retryabledns

Bumps [github.com/projectdiscovery/retryabledns](https://github.com/projectdiscovery/retryabledns) from 1.0.45 to 1.0.46.
- [Release notes](https://github.com/projectdiscovery/retryabledns/releases)
- [Commits](https://github.com/projectdiscovery/retryabledns/compare/v1.0.45...v1.0.46)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/retryabledns
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* chore(deps): bump github.com/projectdiscovery/interactsh

Bumps [github.com/projectdiscovery/interactsh](https://github.com/projectdiscovery/interactsh) from 1.1.7 to 1.1.8.
- [Release notes](https://github.com/projectdiscovery/interactsh/releases)
- [Changelog](https://github.com/projectdiscovery/interactsh/blob/main/.goreleaser.yml)
- [Commits](https://github.com/projectdiscovery/interactsh/compare/v1.1.7...v1.1.8)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/interactsh
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* chore(deps): bump github.com/projectdiscovery/utils

Bumps [github.com/projectdiscovery/utils](https://github.com/projectdiscovery/utils) from 0.0.65 to 0.0.67.
- [Release notes](https://github.com/projectdiscovery/utils/releases)
- [Changelog](https://github.com/projectdiscovery/utils/blob/main/CHANGELOG.md)
- [Commits](https://github.com/projectdiscovery/utils/compare/v0.0.65...v0.0.67)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/utils
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* chore(deps): bump github.com/projectdiscovery/fastdialer

Bumps [github.com/projectdiscovery/fastdialer](https://github.com/projectdiscovery/fastdialer) from 0.0.46 to 0.0.48.
- [Release notes](https://github.com/projectdiscovery/fastdialer/releases)
- [Commits](https://github.com/projectdiscovery/fastdialer/compare/v0.0.46...v0.0.48)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/fastdialer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* network proto: revert full buffer size read (#4497)

* network proto: revert full buffer size read

* fix read-all in network protocol

* version update

* chore(deps): bump github.com/projectdiscovery/retryabledns

Bumps [github.com/projectdiscovery/retryabledns](https://github.com/projectdiscovery/retryabledns) from 1.0.46 to 1.0.47.
- [Release notes](https://github.com/projectdiscovery/retryabledns/releases)
- [Commits](https://github.com/projectdiscovery/retryabledns/compare/v1.0.46...v1.0.47)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/retryabledns
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* chore(deps): bump github.com/projectdiscovery/fastdialer

Bumps [github.com/projectdiscovery/fastdialer](https://github.com/projectdiscovery/fastdialer) from 0.0.48 to 0.0.49.
- [Release notes](https://github.com/projectdiscovery/fastdialer/releases)
- [Commits](https://github.com/projectdiscovery/fastdialer/compare/v0.0.48...v0.0.49)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/fastdialer
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* chore(deps): bump github.com/projectdiscovery/ratelimit

Bumps [github.com/projectdiscovery/ratelimit](https://github.com/projectdiscovery/ratelimit) from 0.0.19 to 0.0.20.
- [Release notes](https://github.com/projectdiscovery/ratelimit/releases)
- [Commits](https://github.com/projectdiscovery/ratelimit/compare/v0.0.19...v0.0.20)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/ratelimit
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* chore(deps): bump github.com/projectdiscovery/dsl from 0.0.33 to 0.0.35

Bumps [github.com/projectdiscovery/dsl](https://github.com/projectdiscovery/dsl) from 0.0.33 to 0.0.35.
- [Release notes](https://github.com/projectdiscovery/dsl/releases)
- [Commits](https://github.com/projectdiscovery/dsl/compare/v0.0.33...v0.0.35)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/dsl
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* chore(deps): bump github.com/projectdiscovery/utils

Bumps [github.com/projectdiscovery/utils](https://github.com/projectdiscovery/utils) from 0.0.67 to 0.0.68.
- [Release notes](https://github.com/projectdiscovery/utils/releases)
- [Changelog](https://github.com/projectdiscovery/utils/blob/main/CHANGELOG.md)
- [Commits](https://github.com/projectdiscovery/utils/compare/v0.0.67...v0.0.68)

---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/utils
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* chore(deps): bump golang.org/x/crypto from 0.15.0 to 0.17.0

Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.15.0 to 0.17.0.
- [Commits](https://github.com/golang/crypto/compare/v0.15.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* misc updates

* misc updates + message builder struct

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: M. Ángel Jimeno <jimen0@users.noreply.github.com>
Co-authored-by: Tarun Koyalwar <45962551+tarunKoyalwar@users.noreply.github.com>
Co-authored-by: Dogan Can Bakir <65292895+dogancanbakir@users.noreply.github.com>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2023-12-21 18:04:22 +05:30
Dogan Can Bakir e6133ef6bc
fix missing eq sign (#4513) 2023-12-20 17:00:34 +05:30
sandeep 0cc37a9eeb version update 2023-12-17 23:10:43 +05:30
Tarun Koyalwar e912c7c58d
network proto: revert full buffer size read (#4497) 
* network proto: revert full buffer size read

* fix read-all in network protocol
 2023-12-17 18:02:19 +05:30
sandeep 4413716f58 version update 2023-12-09 18:45:35 +05:30
Dogan Can Bakir 5d1a4b7607
add timeout (#4467) 
* add timeout

* ssh: make timeout configurable

* ssh: update bindings + docs

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-12-07 22:08:32 +05:30
Tarun Koyalwar 47e75038f0
headless: fix panic + refactor waitevent action (#4465) 
* fix waitEvent action

* avoid future panics

* integration test + bug fix

* headless: add max-duration support in waitevent

* fix comment + max-duration input
 2023-12-06 19:08:26 +05:30
M. Ángel Jimeno 7da3921c12
http: support arbitrary strings on TLS SNI annotation (#4462) 2023-12-06 14:15:30 +05:30
sandeep 9e9a4a82da version update 2023-11-30 22:25:58 +05:30
sandeep 7fb729898c removed deprecated host 2023-11-30 16:05:24 +05:30
Jean Rougé b420672b38
Allow to set dialers' timeout and keep-alive duration (#4441) 
* Allow to set dialers' timeout and keep-alive duration

* docs

---------

Co-authored-by: mzack <marco.rivoli.nvh@gmail.com>
 2023-11-30 01:47:10 +05:30
Sandeep Singh 1d6890ca2f
cloud template url update (#4439) 2023-11-28 22:05:58 +05:30
Wing b633ef63dc
Fix the bug that nuclei keeps scanning for http connection failures (#4265) 
* misc update

* Fix the bug that nuclei keeps scanning for http connection failures

* Adding common error messages

* remove

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
Co-authored-by: Wing <taiyuan.yang@shopee.com>
 2023-11-28 21:16:23 +05:30
Dogan Can Bakir 7cd340b29a
add regex support for `-eh` (#4437) 2023-11-28 20:39:39 +05:30
Tarun Koyalwar 6e969cbd3c
add additional json fields: port,ip,scheme,url (#4417) 
* add additional json fields: port,ip,scheme,url

* include host field in case of ip input
 2023-11-28 14:26:23 +05:30
Dogan Can Bakir ce5df9cc02
introduce scan context (#4373) 
* introduce scan context

* minor

* add joined errors to resultevents

* change `executor` funcs' signature

* fix tests

* join errors in `LogError` func

* change func signature

* add guard
 2023-11-28 00:24:45 +05:30
Razin Idzuddin 80560720fd
update JQL to include project name (#4416) 2023-11-26 15:13:57 +05:30
Valerio Casalino ec5687e2ef
Make the SSH client used in javascript templates able to execute custom commands (#4407) 
* make ssh module store the connection

* make ssh module able to execute commands using the client

* add bingen + update docs

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2023-11-24 00:07:45 +05:30
Dogan Can Bakir 7cb03f24b2
introduce exclude target flag (#4214) 
* introduce exclude target flag

* change logging

* update docs

* misc option update

* update input count

* separate funcs

* exclude with host-based comparison

* fix test

* fix lint

* remove duplicate

* introduce SetWithExclusions

* init map /shrug

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2023-11-24 00:05:20 +05:30
Tarun Koyalwar a09b8afd0f
add support for multiple ports in network template (#4401) 
* add support for multiple ports in network template

* backwords compatibility for templates without 'port' field

* fix nil panic in compile
 2023-11-23 16:34:26 +05:30
Tarun Koyalwar f1a4410019
optionally upload to pdcp cloud (#4396) 2023-11-20 21:19:19 +05:30
Tarun Koyalwar 87aeb57b0d
feat nuclei result upload (#4343) 
* feat: add pdcp api key support

* add '-auth' cli option

* fix creds test

* results auto upload to pdcp

* fix upload on empty file

* dashboard env + fix test

* purge old cloud cli options

* misc updates in runner package

* fix headless integration test

* misc update

* add disable cloud upload env

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2023-11-18 16:25:37 +05:30
sandeep dbba3074d8 version update 2023-11-18 14:58:54 +05:30
sandeep 43750ea8c7 tls attribute update 2023-11-18 14:33:52 +05:30