daffainfo
/
nuclei
mirror of https://github.com/daffainfo/nuclei.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,542 Commits
1 Branch
0 Tags
28 MiB
Commit Graph

189 Commits (6534deedc6cb29ce7910c21f8bd982cd3f0832c4)

Author SHA1 Message Date
forgedhallpass 0295ca19bc
Add `split` DSL function (#2838) 
* Add support for showing overloaded DSL method signatures

* Add `split` DSL function #2837

* fixing lint warnings

* replacing faulty regex with strings methods

Co-authored-by: Mzack9999 <mzack9999@protonmail.com>
Co-authored-by: mzack <marco.rivoli.nvh@gmail.com>
 2022-11-14 06:08:12 +05:30
vrenzolaverace 2aaf2a2158
Use utils helpers libraries (#2809) (#2810) 
* Use utils helpers libraries (#2809)

* Use utils helpers libraries (#2809)
 2022-11-07 01:54:23 +05:30
Ice3man cd0517c887
Fixed invalid fields in request (#2788) 2022-11-01 16:10:41 +05:30
Ice3man 1fd83c03bc
Improved dsl test by removing coloring + fix datatime tests (#2654) 
* Improved dsl test by removing coloring + fix datatime tests

* Fixed tests for dsl coloring
 2022-10-06 03:18:05 +05:30
Mzack9999 18f14b631c
Adding same host redirect support (#2655) 
* simplifying test syntax

* adding same host redirect + refactoring redirect handling

* adding missing file

* adding support for template syntax

* adding integration test

* updating options

* fixing issue on same host redirect
 2022-09-29 04:11:28 +05:30
aprp 57b0d78dcf
add unit tests for extract.go (#2635) 2022-09-28 01:24:00 +05:30
Myung-jong Kim 9eea441b0e
Add `sort(list)`, `sort(string)`, `uniq(list)`, `uniq(string)` helper functions (#2372) 
* Add feature in join() to sort a single string slice

Signed-off-by: Myung-jong Kim <mjkim610@gmail.com>

* Add sort helper function and related tests

Signed-off-by: Myung-jong Kim <mjkim610@gmail.com>

* Add uniq helper function and related tests

Signed-off-by: mjkim610 <mjkim610@gmail.com>

Signed-off-by: Myung-jong Kim <mjkim610@gmail.com>
Signed-off-by: mjkim610 <mjkim610@gmail.com>
 2022-09-27 02:59:13 +05:30
Sami f3eb0daa39
additional dsl functions (#2550) 
* additional dsl functions

* avoid conversion at each iteration
 2022-09-08 14:25:34 +05:30
forgedhallpass fc0763641f
New dsl functions (#2545) 
* Update GO version to 1.18

* Removed redundant entry from the .gitignore file

* Added new DSL functions

to_unix_time(input string, optionalLayout string) int64
hex_to_dec(input string) float64
oct_to_dec(input string|number) float64
bin_to_dec(intput string|number) float64

* Notify if debug is enabled when a proxy cannot be validated

* Documentation: Go version requirement updated to 1.18

* test fix: Timezone agnostic date expectation in the assertion

* code review: extracted the default date-time layouts into a global variable
 2022-09-07 00:44:29 +05:30
James Turner 42a0732d68
Add sha512 support (#2517) 2022-08-31 12:36:02 +05:30
M. Ángel Jimeno 62a4e0aa52
Return wrapped errors for DSL compilation problems (#2492) 
This allows the DSL help information to be printed when in debug mode.

Fixes #2481
 2022-08-29 13:41:32 +05:30
51pwn 606c361b2a
Add `substr` and `aes_cbc` DSL functions (#2361) 
* 1、add DSL substr for #2304 By @hktalent
substr('xxtestxxx',2)。   testxxx
substr('xxtestxxx',2,-2)  testx
substr('xxtestxxx',2,6)   test

2、add DSL aes_cbc for #2243 By @hktalent
aes_cbc("key111key111key111key111", "dataxxxxxxdataxxxxxxdataxxxxxxdataxxxxxxdataxxxxxx")

3、fixed An error occurs when running nuclei with multiple instances #2301 By @hktalent

* refactoring helpers

* removing unwanted mutex

* commenting out test

* removing aes_cbc test due to random iv

Co-authored-by: 51pwn <51pwn@51pwn.com>
Co-authored-by: Mzack9999 <mzack9999@protonmail.com>
 2022-08-25 15:50:08 +05:30
Ice3man 8f313629b8
Memory usage optimizations (#2350) 
* Replaced strings.Replaced with fasttemplate reducing allocations

Custom template parsing logic was replaced with fasttemplate package for reducing
allocations in the replacer.Replace hotpath leading to allocation reduction which
accounted for 30% of total nuclei allocations.

$ go test -bench=. -benchmem
goos: darwin
goarch: arm64
pkg: github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/replacer
BenchmarkReplacer-8               837232              1422 ns/op            2112 B/op         31 allocs/op
BenchmarkReplacerNew-8           3672765               320.3 ns/op            48 B/op          4 allocs/op

* Fixed tests failing

* Use pre-compiled map of DSL expressions

* Reworked expression parsing logic to reduce memory allocations

$ go test -bench=. -benchmem
goos: darwin
goarch: arm64
pkg: github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/expressions
BenchmarkEvaluate-8        31560             37769 ns/op           31731 B/op        265 allocs/op
BenchmarkEvaluateNew-8       109144              9621 ns/op            6253 B/op        116 allocs/op
 2022-08-23 13:16:41 +05:30
Dani Goland 8670c8b20d
Modified "xpath" extractor to support XML XPath in addition to HTML XPath (#2471) 
* Modified "xpath" extractor to support XML XPath in addition to HTML XPath

* Updated function docs
 2022-08-22 15:27:32 +05:30
Sajad c4ba2b4edb
Additional helpers (#2359) 
* add starts_with, ends_with helper functions

* add test cases, update dsl signatures

* change split_starts_with to line_starts_with
 2022-08-06 23:16:03 +05:30
Mzack9999 3838d06aeb
Adding prototype for unexpected fields validation in matchers (#2171) 
* Adding unexpected fields validation

* using expected fields

* adding missing expected field

* using reflect
 2022-06-30 16:50:54 +05:30
Ice3man 7875b06fc8
Added exclude-matchers support for template & matchers (#2218) 
* Added exclude-matchers support for template & matchers

* Fixed panics due to typo

* Added support for only template ID + misc cleanup
 2022-06-24 23:09:27 +05:30
Ice3man 9073b753ca
Added aes_gcm implementation for DSL function (#2196) 
* Added aes_gcm implementation for DSL function

* Added integration test for dsl-functions.yaml
 2022-06-23 16:16:24 +05:30
Ice3man 50d21c0464
Fixed a issue with random invalid matches in DSL (#2195) 2022-06-21 21:58:43 +05:30
forgedhallpass 9fd9892f49 test: extra DSL function test cases 2022-06-08 20:58:46 +03:00
forgedhallpass ef20e0711b refactor: replace date, time, time_format, time_to_string DSL functions to date_time 2022-06-08 20:33:55 +03:00
forgedhallpass a10d58c6d2 refactor: rename concat_ws DSL function to join 2022-06-08 16:31:33 +03:00
forgedhallpass 145bdaabe5 refactor: extract duplicated hashing logic 2022-06-08 16:11:15 +03:00
forgedhallpass 6d8908c352 refactor: replace hmac_sha1 and hmac_sha256 DSL functions with hmac 2022-06-08 16:00:14 +03:00
James Turner 9d37bd6c0c Add two new DSL helper functions 
hmac_sha1 and concat_ws (with seperator) this are helpful in
signing API requests.
 2022-06-07 18:26:22 +03:00
forgedhallpass f3514e9b92 Merge branch 'dev' into new_dsl_functions 2022-06-07 17:26:10 +03:00
Sajad 7170cc2828
dsl matcher separate ignorable(No parameter) errors from others (#2127) 2022-06-07 18:23:07 +05:30
Sajad b79817e0a9
change dsl evaluate warning messages to error (#2096) 
* change dsl evaluate warning messages to error

* add template-id to dsl match error logs
 2022-06-03 13:41:36 +05:30
M4rtin Hsu aebd32b198
Add decimal to hexadecimal helper function (#2076) 
* Add decimal to hexadecimal auxiliary functions

* Fixed unit test

* Modify the helper function name and check the unit test.

* dsl function update

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
 2022-06-03 02:17:35 +05:30
Sajad 9f600d2829
keep the original extactor var for multiple results while preparing data for matchers (#1948) 2022-05-31 02:46:51 +05:30
forgedhallpass 096f34e4e3 refactor: DSL date/time functions 2022-05-24 13:38:26 +03:00
forgedhallpass 346db4cf15 refactor: timetostring DSL to time_to_string 2022-05-24 13:11:55 +03:00
forgedhallpass 45c27bc5f0 test: DSL test fixes (hmac_sha256, time_format) 2022-05-24 13:11:03 +03:00
Rahmat feae805834 Add hmac_sha256 dslExpression 2022-05-24 12:59:09 +03:00
Rahmat f2ca75c536 Add time_format dslExpression 2022-05-24 12:47:56 +03:00
Mzack9999 72c5c399ec adding support for dsl extractors 2022-04-20 11:32:13 +02:00
Ice3man ea4e8cc265
Added version comparison helpers (#1783) 
* Added version comparison helpers

* Added multiple condition example

* Added variadic version of compare_versions

* Fixed failing DSL integration test
 2022-04-07 00:48:34 +05:30
Ice3man 159d84465d Fixed failing DSL tests 2022-03-29 17:51:40 +05:30
Xavier Stevens 4a65097194 Squashed commit of the following: 
commit b590de2de14923e4cb35dd19845e12833a4ccbfa
Author: Xavier Stevens <xstevens@users.noreply.github.com>
Date:   Wed Mar 23 08:29:37 2022 -0700

    Updated rand_ip to use variadic args

commit ea883be8c0aa56174a1301252129289334659f3f
Author: Xavier Stevens <xstevens@users.noreply.github.com>
Date:   Tue Mar 22 16:59:19 2022 -0700

    Updated rand_ip function to handle multiple CIDRs
 2022-03-23 08:37:05 -07:00
mzack 6213454cb3 small code refactor 2022-03-22 15:16:22 +01:00
skhalsa-sigsci 63eccc85ba random ip helper function 2022-03-21 17:39:10 -07:00
Ice3man be0e4b227c Pad date and time helper strings with double digits 2022-03-21 16:32:21 +05:30
Ice3man bebdb29706 Added time + zlib dsl functions + misc 2022-03-16 14:12:26 +05:30
mzack 1991f16eb3 exposing dynamicvalues to ongoing iteration 2022-03-11 13:32:55 +01:00
mzack f7c2226c39 Adding number/string conversion helpers 2022-03-10 10:57:59 +01:00
Ice3man ca7e30b3fb Added tests for DSL function + misc 2022-03-10 11:56:11 +05:30
mzack ea9f9c9c9a fixing logic condition + removing redundant code 2022-03-03 07:18:35 +01:00
mzack 2334195bac adding deduping in matches + extract 2022-03-02 08:31:23 +01:00
mzack 6cb522c9b2 Merge branch 'dev' into issue-1594-regexp 2022-02-28 11:42:46 +01:00
mzack 06ab0dfa99 making code more uniform with chosen architecture 2022-02-26 09:06:43 +01:00