daffainfo
/
nuclei
mirror of https://github.com/daffainfo/nuclei.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,826 Commits
1 Branch
0 Tags
28 MiB
Commit Graph

42 Commits (de9f9620d52ff726b041406c0e5d0695c134eb94)

Author SHA1 Message Date
mzack 3f295226ad Merge branch 'dev' into maint-memory 2024-03-11 15:03:14 +01:00
Dogan Can Bakir 9bd4db3f74
introduce `disable-unsigned-templates` flag (#4820) 
* introduce `disable-unsigned-templates` flag

* minor

* skip instead of exit

* remove duplicate imports

* use stats package + misc enhancements

* force display warning + adjust skipped stats in unsigned count

* include unsigned skipped templates without -dut flag

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2024-03-11 02:01:17 +05:30
Ice3man fd024a3e8d
feat: issue tracker URLs in JSON + misc fixes (#4855) 
* feat: issue tracker URLs in JSON + misc fixes

* misc changes

* feat: status update support for issues

* feat: report metadata generation hook support

* feat: added CLI summary of tickets created

* misc changes
 2024-03-10 22:02:42 +05:30
mzack e98d1d6a97 removing storage 2024-03-06 13:29:41 +01:00
mzack 52beea3bcd Merge branch 'dev' into maint-memory 2024-03-05 01:26:06 +01:00
Leon Jacobs 3ab0ae6c6f
Implement more granular, issue tracker level filtering (#4780) 
* (feat) include gitea in default config

* (feat) implement tracker level filtering in #4779
 2024-03-02 18:25:13 +05:30
Mzack9999 4c7a0f424e
Transparent Memoization via func Annotation (#4742) 
* initial implementation with manual code generation

* testing generation

* refactor to package methods + auto memoize

* more memos

* fixing signatures

* refactor

* adding gen util

* adding util

* regenerate memoized files

---------

Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2024-03-01 18:40:18 +05:30
mzack 4d29bff759 using disk storage for large kv 2024-03-01 02:11:18 +01:00
Ramana Reddy 95f8bd76ad
Allow auth option to parse string input as api key (#4750) 2024-02-19 04:19:55 +05:30
Leon Jacobs 0bd447834c
(feat) add Gitea reporting platform support (#4522) 
* (feat) add Gitea reporting platform support

* (fix) remove debugging code

* (chore) fix typo

* (chore) update syntax with recent changes

* (fix) use Index to update issue comments

* (feat) add gitea config example

* added missing option

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2024-02-19 03:34:37 +05:30
Tarun Koyalwar cc732875cd
javascript: pooling and reuse with export functions + misc updates (#4709) 
* js hotfix: wrap javascript source in anon functions

* mysql module improvements

* misc mysql bugs

* js vm pooling: soft deprecation + incentivised pooling

* misc updates

* disable interactsh failed test

* disable interactsh.yaml integration test on win & mac
 2024-02-02 02:22:04 +05:30
Tarun Koyalwar 5bd9d9ee68
memory leak fixes and optimizations (#4680) 
* feat http response memory optimization + reuse buffers

* update nuclei version

* feat: reuse js vm's and compile to programs

* fix failing http integration test

* remove dead code + add -jsc

* feat reuse js vms in pool with concurrency

* update comments as per review

* bug fix+ update interactsh test to look for dns interaction

* try enabling all interactsh integration tests

---------

Co-authored-by: mzack <marco.rivoli.nvh@gmail.com>
 2024-01-31 01:59:49 +05:30
monitor c32acd0921
Fix: sometimes dnslog request record is uppercase caused by nuclei templates uneffective (#4697) 
* Fix: sometimes dnslog request record is upper caused by cannot validate vuln

* convert request to lower for dns only

---------

Co-authored-by: daiwei11 <daiwei11@baidu.com>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
Co-authored-by: Tarun Koyalwar <45962551+tarunKoyalwar@users.noreply.github.com>
 2024-01-31 01:30:03 +05:30
Tarun Koyalwar 032bba4acc
fix /etc/hosts issue by fastdialer bump (#4686) 
* fix /etc/hosts issue by fastdialer bump

* disable stop-at-first-match interactsh test

* dep update

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
 2024-01-30 19:09:13 +05:30
Tarun Koyalwar 2153cc6055
fix panic in smb javascript template + handle panics in js (#4700) 
* switch dependency to projectdiscovery/go-smb2 + handle panics

* bump projectdiscovery/go-smb2

* disable interactsh integration test
 2024-01-30 04:15:59 +05:30
Tarun Koyalwar 03718469c4
remove use of iterate() in flow (#4688) 2024-01-29 05:20:01 +05:30
Tarun Koyalwar 62f73fd7ef
pdcp env fix: make PDCP_API_SERVER env optional (#4675) 
* bump utils

* add pdcp directory to -version

* dep update

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2024-01-23 03:01:27 +05:30
Tarun Koyalwar 29b69a12ce
pdcp result chunked upload (#4662) 
* chunked pdcp cloud results upload

* add -sid option to specify scanid

* fix scan result append endpoint
 2024-01-21 02:26:16 +05:30
Jean Rougé 39d25c3d4f
Adding an option to dump resume files when a runner hangs (#4440) 
* Adding an option to dump resume files when a runner hangs

Signed-off-by: Jean Rouge <rougej+github@gmail.com>

* Adding new option to README

* Removing unfinished comment

* always create resume file on hang

---------

Signed-off-by: Jean Rouge <rougej+github@gmail.com>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
 2024-01-13 01:46:57 +05:30
Tarun Koyalwar 619396a6b8
flow: flatten dynamic values array if len is 1 (#4625) 
* flow: flatten dynamic values array if len is 1

* wait for exporters when closing

* misc updates
 2024-01-13 00:44:25 +05:30
Tarun Koyalwar a8cdd21120
code: fix variables merge order (#4623) 
* fix variables merge order

* format screen: quote and trim extracted result

* code: interpret env vars in debug mode

* update integration test
 2024-01-12 23:10:00 +05:30
Tarun Koyalwar 02a9b86dd7
fix missing results in flow template + feature: internal matchers using `internal: true` (#4582) 
* log warnings + use scanContext in flow

* refactor flow to use scanContext + log all events

* feat: internal matcher

* fix integration test

* bug fix extractor: merge dynamic values, fix missing extractors in file

* flow: fix 'No Results Found' if last statement output is false

* fix unit test
 2024-01-08 05:12:11 +05:30
Tarun Koyalwar f663d1c9cf
deprecate(remove): file write in extractor using `to` (#4565) 
* fix race-condition & oow in extracted file output

* add mutex for file.Write + set finalizer for os.File

* fix integration test

* disable extractor save to file in lib mode(configurable)

* use sync.Once for init

* disable out of bound image write in headless

* misc updates

* fix headless screenshot test

* fix extractor save to file integration test

* remove 'to' feature in extractors
 2024-01-05 03:23:08 +05:30
Tarun Koyalwar 47e75038f0
headless: fix panic + refactor waitevent action (#4465) 
* fix waitEvent action

* avoid future panics

* integration test + bug fix

* headless: add max-duration support in waitevent

* fix comment + max-duration input
 2023-12-06 19:08:26 +05:30
sandeep 7fb729898c removed deprecated host 2023-11-30 16:05:24 +05:30
Jean Rougé b420672b38
Allow to set dialers' timeout and keep-alive duration (#4441) 
* Allow to set dialers' timeout and keep-alive duration

* docs

---------

Co-authored-by: mzack <marco.rivoli.nvh@gmail.com>
 2023-11-30 01:47:10 +05:30
Dogan Can Bakir 7cb03f24b2
introduce exclude target flag (#4214) 
* introduce exclude target flag

* change logging

* update docs

* misc option update

* update input count

* separate funcs

* exclude with host-based comparison

* fix test

* fix lint

* remove duplicate

* introduce SetWithExclusions

* init map /shrug

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2023-11-24 00:05:20 +05:30
Tarun Koyalwar f1a4410019
optionally upload to pdcp cloud (#4396) 2023-11-20 21:19:19 +05:30
Tarun Koyalwar 87aeb57b0d
feat nuclei result upload (#4343) 
* feat: add pdcp api key support

* add '-auth' cli option

* fix creds test

* results auto upload to pdcp

* fix upload on empty file

* dashboard env + fix test

* purge old cloud cli options

* misc updates in runner package

* fix headless integration test

* misc update

* add disable cloud upload env

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2023-11-18 16:25:37 +05:30
Tarun Koyalwar 775c7f762b
add -code flag to run code proto templates (#4376) 2023-11-16 17:56:07 +05:30
Tarun Koyalwar 50aec0b215
enable pprofiling with env (#4377) 2023-11-16 17:53:27 +05:30
Dogan Can Bakir 7c2db9c394
introduce `template-encoded` field (#4315) 
* introduce `template-encoded` field

* remove IsCustomTemplate func

* refactor and move encoding to `MakeResultEventItem` func

* encode template in case of no results were found

* commit to last commit

* don't encode templates when`-ms` is used
 2023-11-11 04:42:27 +05:30
Dogan Can Bakir 83abe0969e
introduce `self-contained` to headless (#4322) 
* introduce `self-contained` to headless

* fix matched url print
 2023-11-02 19:08:20 +05:30
Tarun Koyalwar 595ba8e3a5
bug fixes in js , network protocol and flow (#4313) 
* fix net read

* only return N bytes if extra available

* use ConnReadN from readerutil

* add integration test

* print unsigned warning in stderr

* fix js protocol in flow #4318

* fix integration test: url encoding issue

* fix network protocol issue + integration tests

* multiple improvements to integration test

* replace all conn.Read() from tests

* disable network-basic.yaml in windows

* disable code protocol in win CI

* fix bitwise login  ps1-snippet.yaml

* hide previous matcher events in flow

* remove dead code+ update integration tests

---------

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
 2023-11-02 13:33:40 +05:30
Tarun Koyalwar 83681fb308
misc sdk enhancements (#4301) 
* add template sign/parse  methods

* export installer package

* add readme

* consistent implementation of writefailure

* fix lint error
 2023-10-30 19:02:06 +05:30
Tarun Koyalwar 5c9af62037
fix relative path issue + remove residual code (#4284) 
* fix relative path issue + remove residual code

* use template dir in templateFS

* fix dir relative path issue

* print metrics server address in verbose mode

* add timeout for downloading binary & templates

* update stats & metrics docs

* add template-id loader integration test
 2023-10-26 19:07:04 +05:30
Tarun Koyalwar e9ab5f498a
template preprocessor + multi request variables indexing bug fix (#4262) 
* add randstr preprocessor to defaults

* fix indexing in http + preprocessor integration test

* add multi-request integration test

* skip test if asnmap is down
 2023-10-20 17:54:10 +05:30
Tarun Koyalwar dc44105baf
nuclei v3 : misc updates (#4247) 
* use parsed options while signing

* update project layout to v3

* fix .gitignore

* remove example template

* misc updates

* bump tlsx version

* hide template sig warning with env

* js: retain value while using log

* fix nil pointer derefernce

* misc doc update

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
 2023-10-17 17:44:13 +05:30
Mzack9999 12c9ca7b12 fixing go mod 2020-09-23 22:38:59 +02:00
Víctor Zamanillo 60005290b1 Initial adoption of golangci-lint for CI 2020-08-25 23:33:20 +02:00
Ice3man543 458dbc1b38 v2 update 2020-07-01 16:17:24 +05:30
Ice3man543 b1cd18b99d Misc + cmd + final 2020-04-04 17:24:31 +05:30