7997e8dbec
Fix edge cases `disable-path-automerge` ( #4035 )
...
* fix edge cases for disable-path-automerge
* misc update
2023-08-10 19:28:05 +05:30
c8a7df98f3
fix removing double slash prefix in raw req path ( #3960 )
...
* update utils lib
* add integration test on unsafe:false
* fix build error
---------
Co-authored-by: mzack <marco.rivoli.nvh@gmail.com>
2023-08-04 00:56:32 +05:30
4c1c5301b9
Spelling ( #4008 )
...
* spelling: addresses
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: asynchronous
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: basic
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: brute force
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: constant
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: disables
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: engine
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: every time
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: execution
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: false positives
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: from
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: further
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: github
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: gitlab
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: highlight
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: hygiene
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: ignore
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: input
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: item
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: itself
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: latestxxx
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: navigation
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: negative
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: nonexistent
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: occurred
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: override
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: overrides
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: payload
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: performed
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: respective
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: retrieve
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: scanlist
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: separated
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: separator
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: severity
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: source
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: strategy
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: string
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: templates
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: terminal
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: timeout
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: trailing slash
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: trailing
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
* spelling: websocket
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
---------
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
2023-08-02 00:03:43 +05:30
6bdef68734
ignore version parsing error ( #3984 )
...
* ignore version parsing error
* hide no parameter error
* integration test+ DEBUG.md
* typo fix in DEBUG.md
* go mod tidy
---------
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2023-07-28 21:04:02 +05:30
16894cf0e0
fixing certificate expiration date ( #3995 )
2023-07-28 19:22:14 +05:30
66f0dc735c
Adding jarm helper via dsl ( #3906 )
...
* Adding jarm helper via dsl
* adding test
* removing debug file
* fixing tests
---------
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2023-07-14 21:24:12 +05:30
3dca03163c
Automatic target merge in network templates ( #3904 )
...
* skip visited actual addressess
* removed test
* adding disable clustering support
2023-07-06 21:33:52 +05:30
6707bc777a
fix showing multiple failure matches per template on -ms set ( #3770 )
...
* fix showing multiple failure matchers per template
add integration test
* exclude AS134029 from unit test
* Add flag for match status per request
* chore(deps): bump golangci/golangci-lint-action from 3.4.0 to 3.5.0 (#3777 )
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](https://github.com/golangci/golangci-lint-action/compare/v3.4.0...v3.5.0 )
---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump github.com/xanzy/go-gitlab in /v2 (#3778 )
Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab ) from 0.83.0 to 0.84.0.
- [Changelog](https://github.com/xanzy/go-gitlab/blob/master/releases_test.go )
- [Commits](https://github.com/xanzy/go-gitlab/compare/v0.83.0...v0.84.0 )
---
updated-dependencies:
- dependency-name: github.com/xanzy/go-gitlab
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump github.com/spf13/cast from 1.5.0 to 1.5.1 in /v2 (#3780 )
Bumps [github.com/spf13/cast](https://github.com/spf13/cast ) from 1.5.0 to 1.5.1.
- [Release notes](https://github.com/spf13/cast/releases )
- [Commits](https://github.com/spf13/cast/compare/v1.5.0...v1.5.1 )
---
updated-dependencies:
- dependency-name: github.com/spf13/cast
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* enable no-httpx when passive scan is launched (#3789 )
* chore(deps): bump github.com/projectdiscovery/fastdialer from 0.0.26 to 0.0.28 in /v2 (#3779 )
* chore(deps): bump github.com/projectdiscovery/fastdialer in /v2
Bumps [github.com/projectdiscovery/fastdialer](https://github.com/projectdiscovery/fastdialer ) from 0.0.26 to 0.0.28.
- [Release notes](https://github.com/projectdiscovery/fastdialer/releases )
- [Commits](https://github.com/projectdiscovery/fastdialer/compare/v0.0.26...v0.0.28 )
---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/fastdialer
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* Bump retryabledns to 0.28
* Update the retryabledns
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: shubhamrasal <shubhamdharmarasal@gmail.com>
* deprecatedProtocolNameTemplates concurrent map writes (#3785 )
* deprecatedProtocolNameTemplates
* use syncLock
* fix lint error
* change version in deprecated warning msg
* comment asnmap expand unit test
---------
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
Co-authored-by: Tarun Koyalwar <45962551+tarunKoyalwar@users.noreply.github.com>
* Issue 3339 headless fuzz (#3790 )
* Basic headless fuzzing
* Remove debug statements
* Add integration tests
* Update template
* Fix recognize payload value in matcher
* Update tempalte
* use req.SetURL()
---------
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
* Auto Generate Syntax Docs + JSONSchema [Fri Jun 9 00:23:32 UTC 2023] 🤖
* Add headless header and status matchers (#3794 )
* add headless header and status matchers
* rename headers as header
* add integration test for header+status
* fix typo
* chore(deps): bump golang from 1.20.4-alpine to 1.20.5-alpine (#3809 )
Bumps golang from 1.20.4-alpine to 1.20.5-alpine.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump github.com/go-playground/validator/v10 in /v2 (#3810 )
Bumps [github.com/go-playground/validator/v10](https://github.com/go-playground/validator ) from 10.11.2 to 10.14.1.
- [Release notes](https://github.com/go-playground/validator/releases )
- [Commits](https://github.com/go-playground/validator/compare/v10.11.2...v10.14.1 )
---
updated-dependencies:
- dependency-name: github.com/go-playground/validator/v10
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump github.com/projectdiscovery/rawhttp in /v2 (#3811 )
Bumps [github.com/projectdiscovery/rawhttp](https://github.com/projectdiscovery/rawhttp ) from 0.1.11 to 0.1.13.
- [Release notes](https://github.com/projectdiscovery/rawhttp/releases )
- [Commits](https://github.com/projectdiscovery/rawhttp/compare/v0.1.11...v0.1.13 )
---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/rawhttp
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 in /v2 (#3812 )
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git ) from 5.6.1 to 5.7.0.
- [Release notes](https://github.com/go-git/go-git/releases )
- [Commits](https://github.com/go-git/go-git/compare/v5.6.1...v5.7.0 )
---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump github.com/projectdiscovery/hmap in /v2 (#3781 )
Bumps [github.com/projectdiscovery/hmap](https://github.com/projectdiscovery/hmap ) from 0.0.11 to 0.0.13.
- [Release notes](https://github.com/projectdiscovery/hmap/releases )
- [Commits](https://github.com/projectdiscovery/hmap/compare/v0.0.11...v0.0.13 )
---
updated-dependencies:
- dependency-name: github.com/projectdiscovery/hmap
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Using safe dereferencing
* adding comment
* fixing and condition
* fixing test id
* adding integration test
* update goflags dependency
* update goflags dependency
* bump goflags v0.1.9 => v0.1.10
* handle failure matcher flags logic at executor itself
* add integration test to matcher status per request
* Adding random tls impersonate (#3844 )
* adding random tls impersonate
* dep update
---------
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
* Use templateman enhance api to populate CVE info (#3788 )
* use templateman enhance api to populate cve info
* rename cve-annotate => tmc
add additional flags to format, lint and enhance template using templateman apis
* minior changes
* remove duplicate code
* misc update
* Add validate and error log option
* print if updated
* print format and enhance only if updated
* make max-request optional
* fix reference unmarshal error
* fix removing self-contained tag
---------
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
* fix matcher status with network protocol
* fix test
* remove -msr flag
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Dogan Can Bakir <65292895+dogancanbakir@users.noreply.github.com>
Co-authored-by: shubhamrasal <shubhamdharmarasal@gmail.com>
Co-authored-by: 三米前有蕉皮 <kali-team@qq.com>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
Co-authored-by: Tarun Koyalwar <45962551+tarunKoyalwar@users.noreply.github.com>
Co-authored-by: Shubham Rasal <shubham@projectdiscovery.io>
Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: Mzack9999 <mzack9999@protonmail.com>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2023-06-30 23:32:00 +05:30
c9d0942bc1
Extend headless contextargs ( #3850 )
...
* extend headless contextargs
* using darwin-latest
* grouping page options
* temp commenting code out
* fixing test
* adding more checks
* more checks
* fixing first navigation metadata
* adding integration test
* proto update
---------
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2023-06-26 22:55:51 +05:30
fa199ed3b3
Improving clientpool with client certificates ( #3851 )
...
* Improving clientpool with client certificates
* adding test case
* Revert "Merge branch 'dev' into issue-3800-client-cert"
This reverts commit 7f057d742f4b9bda8e83b2052e29617b86b6776d, reversing
changes made to 7297cebcf8bb0f88961b644fc2ac7c040df8ffd9.
* Revert "Revert "Merge branch 'dev' into issue-3800-client-cert""
This reverts commit 2053a248a0cdc2002e0b4b4faa3472cf11c29760.
* go fmt
---------
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2023-06-26 17:45:12 +05:30
cddae989f3
Add template option to disable merging target url path with raw request path ( #3799 )
...
* add template option to disable merging target url path with raw request path
* rename disable-merge-path -> disable-path-automerge
add integration test
2023-06-19 20:22:17 +05:30
200faa107e
adding integration test
2023-06-13 17:27:26 +02:00
18e2d2cb24
fixing test id
2023-06-13 17:24:31 +02:00
a4ca2021cd
Add headless header and status matchers ( #3794 )
...
* add headless header and status matchers
* rename headers as header
* add integration test for header+status
* fix typo
2023-06-09 15:03:03 +05:30
a34b94e62f
Issue 3339 headless fuzz ( #3790 )
...
* Basic headless fuzzing
* Remove debug statements
* Add integration tests
* Update template
* Fix recognize payload value in matcher
* Update tempalte
* use req.SetURL()
---------
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
2023-06-09 05:50:44 +05:30
0d2d510689
Adding support for constants ( #3692 )
...
* adding support for constants
* fixing typo
* adding integration test
* fixing lint issues
* fixing template syntax
2023-05-25 22:02:35 +05:30
9c2fa8f9c4
Add payload in dns protocol ( #3632 )
...
* add execute function in dns
* Add payload in dns protocol
* Add integration test to cover dns payload
- also check command line overriding a payload variable
* Update matchedAt and remove trailing dot
* Consider payload data for request count
- Update verbose output to print question
- Update dns requests Requests function to consider payload data
* update gitignore
* bump nuclei version to v2.9.4-dev
---------
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
2023-05-11 03:26:29 +05:30
449afc0c5c
Issue 3564 var override ( #3599 )
...
* Check if the variables are override by other means
- you can override the template variable value using command line flags
* Update lazy eval logic
- previously, we were checking any function/expression in variable
- now, update the logic, lazy eval only if variable contains any
protocol variable(global)
* add integration tests
* Add test to check the dsl function working in variable
* gather all generate variables logic in utils
* go mod update
* Refactor the generate variables function
* go mod update+ fix typo
---------
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
2023-05-02 23:49:56 +05:30
f640187709
Expose DNS fields for matchers and extractors ( #3613 )
...
* Extend dns extractor to dns answer records
* add test template
* Ignore error for dns variables are not found
* Add all the records of answer section
* Fixed the wrong typecasting
2023-05-02 17:13:11 +05:30
6ebb8e98f4
Fix wrong template loading in dev branch ( #3629 )
...
* Templates wrong loading
* Add tests to cover following scenarios
- check optional fields only if template loaded
- it should return warning only if template is loaded
2023-05-02 15:12:55 +05:30
7f5e4e2336
aws signer: fix missing x-content-sha256 header ( #3601 )
...
* fix missing x-content-sha256 header
* fix variable priority in self-contained templates
* remove debug statement
* adds generic raw request parser for self-contained req
* more integration tests
* bug fix: 10x faster race requests
* fix failing integration test
2023-05-01 12:15:35 +05:30
4e6ef4490e
duplicated params in self contained requests ( #3608 )
...
* fix duplicated params in self-contained+ export extracted values to file
* add integration tests + fix percentage overflow in pb
* fix integration test template id
* integration test: validate if file exists
2023-04-26 12:35:07 +05:30
6f4b1ae48a
Replacing ccache with generic gcache ( #3523 )
...
* Replacing ccache with generic gcache
* fixing lint issues
* removing unecessary hashing + using errorutils
* making test more tolerant
* removing dead code + refactor
* removing redundant code
* removing race
* maint
* moving code
* adding more iterations
* note + typo
* temporary fixing stop-at-first-match with interact
* wrapping internal map with mux
* sort before running integration test
* fix deadlock in requestShouldStopAtFirstMatch
* add timeout to integration_test workflow
* attempting to remove outer lock
* adds interactsh protocol tests in integration_test
---------
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
2023-04-16 23:19:35 +05:30
45cc676f96
Evaluate payload variables ( #3503 )
...
* Evaluate payload variables
* Add variables evaluation
* Extend variables test
- to check evaluation of global variables in variables
- to check evaluation of golbal variables in payload
* Add default and cli variables to websocket, whois and dns proto
- use url.Parse with urlutil.Parse
2023-04-12 01:50:58 +05:30
c9634fae72
Issue 3350 matcher condition or not work ( #3397 )
...
* fix or condition match even interactsh includes as matcher-part (#3350 )
* add integration test
* add new template to integration test
* matcher-condtion: test case for both conditions
* fix lint errors
* upgrade dependencies
---------
Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
2023-03-15 20:45:44 +05:30
572c8eb780
Issue 2987 fuzz options ( #3355 )
...
* Add override fuzzing type and mode flags
* Update english readme
* Fix failing tests
* Add the integration tests
- validate the command line overriding type and mode for fuzzing
2023-03-06 16:56:38 +05:30
d9e953acfa
fix file input in custom vars for self contained http template ( #3385 )
...
* fix file input in variables(-V)
* fix lint error
* fix nuclei-ignore file failures
2023-03-04 04:57:27 +05:30
f26e01551e
resolve() helper function ( #3321 )
...
* started the implementation of resolve helper function
* fixes go mod and sum
* fixes and use makeDslWithOptionalArgsFunction signature
* added tests
* added more dnsTypes based on dnsx docs
* used dns client pool
* dsl functions
* fixes on dnsclientpool, added init()
* go mod tidy
* go mod tidy
* dsl signature makeMultiSignatureDslFunction
* error on len
* managed mx
* fix on mx record
* dns types managed with FirstNonZero func
* error handling
* utils to stable version
* version bump
* fixing var name
---------
Co-authored-by: Mzack9999 <mzack9999@protonmail.com>
2023-03-04 04:21:24 +05:30
d80cbef51d
Merge pull request #3333 from CodFrm/main
...
fix some json deserialization issues
2023-02-28 09:02:04 +01:00
21b03a2e8a
bug fix in url path and adds integration tests ( #3331 )
...
* fix unsafe edgecases+ adds integration test
* bug fixes and more url testcases
* upgrade cfssl
* fix template id in integration test
2023-02-20 22:26:04 +05:30
10693efa05
add integration tests
2023-02-17 14:23:28 +08:00
cc2f796d2f
Helper function for IP Formats ( #3286 )
...
* implemented ip_format helper function
* added tests on ip_format() helper
* fixes on logic
* fixes related to mapcidr docs
* better error value
* fixes + unit test to check index 11
* added call for integration tests
* fixes on dsl-functions number
---------
Co-authored-by: Mzack9999 <mzack9999@protonmail.com>
2023-02-17 01:47:40 +05:30
c49383de98
detect data race panics in integration_tests
2023-02-10 19:28:07 +05:30
d18fa6f6b2
fix data race in race requests
2023-02-06 16:18:30 +05:30
628628893c
fix make http request inconsistencies ( #3243 )
...
* fix make http request inconsistencies
* remove parameters from http vars
* fix trailingslash unit test
* naming conventions: best practices
* fix publish docs action
* remove branch ref from push
2023-02-01 17:23:28 +05:30
a81c754db5
support env var from report yaml ( #3188 )
...
* added support yaml for report options
* better to use .HasPrefix()
* wip: working on unmarshal YAML optimization
* managed yaml tag + nil pointers + unit test
* implemented tests
* removed unused code from reporting + code refactoring
* WIP: code refactoring and tests
* check on env var
* more test coverage and added callback func
* docs + renaming func
* moved callback logic + removed yaml validation
* used yaml decoder
* struct typo
* refactoring walk method with generic signature
* removed yamlwrapper refs, used yaml2 + docs
implemented test to check also fields without yaml tag
* used DecodeAndValidate()
* removed double import reference
---------
Co-authored-by: mzack <marco.rivoli.nvh@gmail.com>
Co-authored-by: Mzack9999 <mzack9999@protonmail.com>
2023-02-01 02:38:17 +05:30
0b2a3e296a
fix url encoding issues and inconsistencies ( #3211 )
...
* fix url encoding issues
* complete requested changes and improvements
* fix missing issue-tracker-config.yaml
* fuzz: deepcopy and use urlutil.Params
2023-01-24 22:04:52 +05:30
d956275e98
Adding content length edge cases ( #3147 )
...
* adding content length edge cases
* fixing CL behavior
* suppressing -1 error
* fixing path
2023-01-07 18:06:44 +05:30
a96f764959
extending request/response hijacking with native calls ( #3091 )
...
* extending request/response hijacking with native calls
* fixing tests
2023-01-05 17:26:18 +05:30
e66ed30cec
fix missing trailing slash ( #3127 )
...
* raw: fix missing trailing slash
* adds rawpath integration test
* rename trailing slash test
2023-01-03 23:45:34 +05:30
a4ce231983
Replacing unstable interactsh with scanme.sh ( #3107 )
2022-12-30 20:13:07 +05:30
7093180b6d
Add support to query DNS TLSA record ( #3054 )
...
* Add support to query DNS TLSA record
* fix build test
* fix ci-lint
* set expected to 0
* test domain update
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2022-12-28 21:12:02 +05:30
bbb561b097
CLI variables are not accessible in SSL Protocol ( #3069 )
...
* added vars payload also in ssl
* fix on ssl.go, moved function on payloadValues creation
* added integration test
* rebase + minor changes
Co-authored-by: Mzack9999 <mzack9999@protonmail.com>
2022-12-21 02:02:18 +05:30
0295ca19bc
Add `split` DSL function ( #2838 )
...
* Add support for showing overloaded DSL method signatures
* Add `split` DSL function #2837
* fixing lint warnings
* replacing faulty regex with strings methods
Co-authored-by: Mzack9999 <mzack9999@protonmail.com>
Co-authored-by: mzack <marco.rivoli.nvh@gmail.com>
2022-11-14 06:08:12 +05:30
1fbbca66f9
Adding support to scan all v4/v6 IPs ( #2709 )
...
* Adding support to scan all v4/v6 IPs
* adding tests
* metainput prototype
* using new signature
* fixing nil pointer
* adding request context with metadata
* removing log instruction
* fixing merge conflicts
* adding clone helpers
* attempting to fix ipv6 square parenthesis wrap
* fixing dialed ip info
* fixing syntax
* fixing output ip selection
* adding integration tests
* disabling test due to gh ipv6 issue
* using ipv4 only due to GH limited networking
* extending metainput marshaling
* fixing hmap key
* adding test for httpx integration
* fixing lint error
* reworking marshaling/id-calculation
* adding ip version validation
* improving handling non url targets
* fixing condition check
2022-11-09 18:48:56 +05:30
b9472cf7e1
Added fuzzing support for query params + var dump feature ( #2679 )
...
* Added fuzzing support for query params + var dump feature
* Added query-fuzz integration test
* Fixed payloads + added keys-regex fuzz parameter
* Fixed interactsh not working + misc
* Fixed evaluation + added global variables/dsl support to payloads
* Misc fixes related to variables evaluations
* Added http variables support to fuzz
* misc
* Misc
* Added testing playground + misc renaming
* Added support for path and raw request to fuzzing
* Fixed fuzz integration test
* Fixed variable unresolved issue
* Add multiple parameter support with same name
* Added parameter value as 'value' dsl variable for parts
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2022-11-01 20:28:50 +05:30
d956f08cb9
Added attack-type option to override template attack-type ( #2724 )
...
* Added attack-type option to override template attack-type
* Added docs + integration tests
2022-10-19 03:51:45 +05:30
9493dfdb20
Adding automatic request condition detection ( #2707 )
...
* Adding automatic request condition detection
* adding missing checks on part
* test update as per latest change
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2022-10-15 15:19:04 +05:30
781e4e6105
Shared Execution Context Prototype ( #2576 )
...
* renaming var
* Introducing shared execution context prototype
* fixing field name
* adding shared values propagation
* adding shared context lock
* add slice values normalization
* adding integration tests
* adding metadata support for dns
* adding multi-protocol context sharing test
* removing debug test files
* moving contextargs around
* adding comments
* refactoring code
- getter/setter for complex types
- using pointers to avoid heap allocations
2022-10-03 15:42:20 +05:30
18f14b631c
Adding same host redirect support ( #2655 )
...
* simplifying test syntax
* adding same host redirect + refactoring redirect handling
* adding missing file
* adding support for template syntax
* adding integration test
* updating options
* fixing issue on same host redirect
2022-09-29 04:11:28 +05:30
Ramana Reddy
Josh Soref
Tarun Koyalwar
Mzack9999
Dogan Can Bakir
Shubham Rasal
xm1k3
王一之
Tarun Koyalwar
Taufik Mulyana
forgedhallpass
Ice3man