nuclei v3.3.9 #6021

ehsandeep · 2025-02-01T08:50:23Z

Proposed changes

https://github.com/projectdiscovery/nuclei/milestone/68?closed=1

Checklist

Pull request is created against the dev branch
All checks passed (lint, unit/integration/regression tests etc.) with my changes
I have added tests that prove my fix is effective or that my feature works
I have added necessary documentation (if appropriate)

* chore(dependabot): added new `security` group Signed-off-by: Dwi Siswanto <git@dw1.io> * ci: added new `govulncheck` workflow Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(dependabot): merge 2 groups Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: Dwi Siswanto <git@dw1.io>

Signed-off-by: Dwi Siswanto <git@dw1.io>

* Allow comments in files * dep update --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>

Bumps the modules group with 9 updates: | Package | From | To | | --- | --- | --- | | [github.com/projectdiscovery/hmap](https://github.com/projectdiscovery/hmap) | `0.0.73` | `0.0.74` | | [github.com/projectdiscovery/rawhttp](https://github.com/projectdiscovery/rawhttp) | `0.1.80` | `0.1.81` | | [github.com/projectdiscovery/retryabledns](https://github.com/projectdiscovery/retryabledns) | `1.0.91` | `1.0.92` | | [github.com/projectdiscovery/retryablehttp-go](https://github.com/projectdiscovery/retryablehttp-go) | `1.0.93` | `1.0.94` | | [github.com/projectdiscovery/dsl](https://github.com/projectdiscovery/dsl) | `0.3.9` | `0.3.10` | | [github.com/projectdiscovery/gologger](https://github.com/projectdiscovery/gologger) | `1.1.38` | `1.1.39` | | [github.com/projectdiscovery/useragent](https://github.com/projectdiscovery/useragent) | `0.0.85` | `0.0.86` | | [github.com/projectdiscovery/utils](https://github.com/projectdiscovery/utils) | `0.4.4` | `0.4.5` | | [github.com/projectdiscovery/wappalyzergo](https://github.com/projectdiscovery/wappalyzergo) | `0.2.9` | `0.2.10` | Updates `github.com/projectdiscovery/hmap` from 0.0.73 to 0.0.74 - [Release notes](https://github.com/projectdiscovery/hmap/releases) - [Commits](projectdiscovery/hmap@v0.0.73...v0.0.74) Updates `github.com/projectdiscovery/rawhttp` from 0.1.80 to 0.1.81 - [Release notes](https://github.com/projectdiscovery/rawhttp/releases) - [Commits](projectdiscovery/rawhttp@v0.1.80...v0.1.81) Updates `github.com/projectdiscovery/retryabledns` from 1.0.91 to 1.0.92 - [Release notes](https://github.com/projectdiscovery/retryabledns/releases) - [Commits](projectdiscovery/retryabledns@v1.0.91...v1.0.92) Updates `github.com/projectdiscovery/retryablehttp-go` from 1.0.93 to 1.0.94 - [Release notes](https://github.com/projectdiscovery/retryablehttp-go/releases) - [Commits](projectdiscovery/retryablehttp-go@v1.0.93...v1.0.94) Updates `github.com/projectdiscovery/dsl` from 0.3.9 to 0.3.10 - [Release notes](https://github.com/projectdiscovery/dsl/releases) - [Commits](projectdiscovery/dsl@v0.3.9...v0.3.10) Updates `github.com/projectdiscovery/gologger` from 1.1.38 to 1.1.39 - [Release notes](https://github.com/projectdiscovery/gologger/releases) - [Commits](projectdiscovery/gologger@v1.1.38...v1.1.39) Updates `github.com/projectdiscovery/useragent` from 0.0.85 to 0.0.86 - [Release notes](https://github.com/projectdiscovery/useragent/releases) - [Commits](projectdiscovery/useragent@v0.0.85...v0.0.86) Updates `github.com/projectdiscovery/utils` from 0.4.4 to 0.4.5 - [Release notes](https://github.com/projectdiscovery/utils/releases) - [Changelog](https://github.com/projectdiscovery/utils/blob/main/CHANGELOG.md) - [Commits](projectdiscovery/utils@v0.4.4...v0.4.5) Updates `github.com/projectdiscovery/wappalyzergo` from 0.2.9 to 0.2.10 - [Release notes](https://github.com/projectdiscovery/wappalyzergo/releases) - [Commits](projectdiscovery/wappalyzergo@v0.2.9...v0.2.10) --- updated-dependencies: - dependency-name: github.com/projectdiscovery/hmap dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/rawhttp dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/retryabledns dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/retryablehttp-go dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/dsl dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/gologger dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/useragent dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/utils dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/wappalyzergo dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…5973) Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.11.0 to 5.13.0. - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](go-git/go-git@v5.11.0...v5.13.0) --- updated-dependencies: - dependency-name: github.com/go-git/go-git/v5 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Update README.md * Update README.md * Update README.md * Update README.md * beautified

Bumps the modules group with 13 updates: | Package | From | To | | --- | --- | --- | | [github.com/projectdiscovery/hmap](https://github.com/projectdiscovery/hmap) | `0.0.74` | `0.0.75` | | [github.com/projectdiscovery/interactsh](https://github.com/projectdiscovery/interactsh) | `1.2.2` | `1.2.3` | | [github.com/projectdiscovery/rawhttp](https://github.com/projectdiscovery/rawhttp) | `0.1.81` | `0.1.82` | | [github.com/projectdiscovery/retryabledns](https://github.com/projectdiscovery/retryabledns) | `1.0.92` | `1.0.93` | | [github.com/projectdiscovery/retryablehttp-go](https://github.com/projectdiscovery/retryablehttp-go) | `1.0.94` | `1.0.95` | | [github.com/projectdiscovery/dsl](https://github.com/projectdiscovery/dsl) | `0.3.10` | `0.3.11` | | [github.com/projectdiscovery/goflags](https://github.com/projectdiscovery/goflags) | `0.1.66` | `0.1.67` | | [github.com/projectdiscovery/gologger](https://github.com/projectdiscovery/gologger) | `1.1.39` | `1.1.40` | | [github.com/projectdiscovery/ratelimit](https://github.com/projectdiscovery/ratelimit) | `0.0.67` | `0.0.68` | | [github.com/projectdiscovery/useragent](https://github.com/projectdiscovery/useragent) | `0.0.86` | `0.0.87` | | [github.com/projectdiscovery/utils](https://github.com/projectdiscovery/utils) | `0.4.5` | `0.4.6` | | [github.com/projectdiscovery/wappalyzergo](https://github.com/projectdiscovery/wappalyzergo) | `0.2.10` | `0.2.11` | | [github.com/projectdiscovery/networkpolicy](https://github.com/projectdiscovery/networkpolicy) | `0.0.9` | `0.1.1` | Updates `github.com/projectdiscovery/hmap` from 0.0.74 to 0.0.75 - [Release notes](https://github.com/projectdiscovery/hmap/releases) - [Commits](projectdiscovery/hmap@v0.0.74...v0.0.75) Updates `github.com/projectdiscovery/interactsh` from 1.2.2 to 1.2.3 - [Release notes](https://github.com/projectdiscovery/interactsh/releases) - [Changelog](https://github.com/projectdiscovery/interactsh/blob/main/.goreleaser.yml) - [Commits](projectdiscovery/interactsh@v1.2.2...v1.2.3) Updates `github.com/projectdiscovery/rawhttp` from 0.1.81 to 0.1.82 - [Release notes](https://github.com/projectdiscovery/rawhttp/releases) - [Commits](projectdiscovery/rawhttp@v0.1.81...v0.1.82) Updates `github.com/projectdiscovery/retryabledns` from 1.0.92 to 1.0.93 - [Release notes](https://github.com/projectdiscovery/retryabledns/releases) - [Commits](projectdiscovery/retryabledns@v1.0.92...v1.0.93) Updates `github.com/projectdiscovery/retryablehttp-go` from 1.0.94 to 1.0.95 - [Release notes](https://github.com/projectdiscovery/retryablehttp-go/releases) - [Commits](projectdiscovery/retryablehttp-go@v1.0.94...v1.0.95) Updates `github.com/projectdiscovery/dsl` from 0.3.10 to 0.3.11 - [Release notes](https://github.com/projectdiscovery/dsl/releases) - [Commits](projectdiscovery/dsl@v0.3.10...v0.3.11) Updates `github.com/projectdiscovery/goflags` from 0.1.66 to 0.1.67 - [Release notes](https://github.com/projectdiscovery/goflags/releases) - [Commits](projectdiscovery/goflags@v0.1.66...v0.1.67) Updates `github.com/projectdiscovery/gologger` from 1.1.39 to 1.1.40 - [Release notes](https://github.com/projectdiscovery/gologger/releases) - [Commits](projectdiscovery/gologger@v1.1.39...v1.1.40) Updates `github.com/projectdiscovery/ratelimit` from 0.0.67 to 0.0.68 - [Release notes](https://github.com/projectdiscovery/ratelimit/releases) - [Commits](projectdiscovery/ratelimit@v0.0.67...v0.0.68) Updates `github.com/projectdiscovery/useragent` from 0.0.86 to 0.0.87 - [Release notes](https://github.com/projectdiscovery/useragent/releases) - [Commits](projectdiscovery/useragent@v0.0.86...v0.0.87) Updates `github.com/projectdiscovery/utils` from 0.4.5 to 0.4.6 - [Release notes](https://github.com/projectdiscovery/utils/releases) - [Changelog](https://github.com/projectdiscovery/utils/blob/main/CHANGELOG.md) - [Commits](projectdiscovery/utils@v0.4.5...v0.4.6) Updates `github.com/projectdiscovery/wappalyzergo` from 0.2.10 to 0.2.11 - [Release notes](https://github.com/projectdiscovery/wappalyzergo/releases) - [Commits](projectdiscovery/wappalyzergo@v0.2.10...v0.2.11) Updates `github.com/projectdiscovery/networkpolicy` from 0.0.9 to 0.1.1 - [Release notes](https://github.com/projectdiscovery/networkpolicy/releases) - [Commits](projectdiscovery/networkpolicy@v0.0.9...v0.1.1) --- updated-dependencies: - dependency-name: github.com/projectdiscovery/hmap dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/interactsh dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/rawhttp dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/retryabledns dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/retryablehttp-go dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/dsl dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/goflags dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/gologger dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/ratelimit dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/useragent dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/utils dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/wappalyzergo dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/networkpolicy dependency-type: direct:production update-type: version-update:semver-minor dependency-group: modules ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…teWithResults` (#5967) Signed-off-by: Dwi Siswanto <git@dw1.io>

…response read opt (#5961) * added WithResponseReadSize function to allow SDK users to modify max response read opt * Update lib/config.go improved comment, changed casing of param name, added negative input check Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * fixing rabbitai commit >:( --------- Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>

This introduces a "nucleitcp" protocol that Nuclei will use when making MySQL connections as part of its templates. Previously, this would register (and de-register!) a custom "tcp" dialer, and that applied globally, so any piece of software that used a MySQL database and included nuclei in SDK mode would have its database connections ripped out from under it due to the dialer hijacking. By using "nucleitcp" as the protocol, we are free to do whatever we want with the dialer and not impact any other packages. Within our `BuildDSN` function, we quietly replace the protocol to "nucleitcp" if it was "tcp", so nuclei developers don't have to do anything special to use this functionality; it will always do it.

Bumps the modules group with 12 updates: | Package | From | To | | --- | --- | --- | | [github.com/projectdiscovery/fastdialer](https://github.com/projectdiscovery/fastdialer) | `0.2.14` | `0.2.15` | | [github.com/projectdiscovery/hmap](https://github.com/projectdiscovery/hmap) | `0.0.75` | `0.0.76` | | [github.com/projectdiscovery/rawhttp](https://github.com/projectdiscovery/rawhttp) | `0.1.82` | `0.1.83` | | [github.com/projectdiscovery/retryabledns](https://github.com/projectdiscovery/retryabledns) | `1.0.93` | `1.0.94` | | [github.com/projectdiscovery/retryablehttp-go](https://github.com/projectdiscovery/retryablehttp-go) | `1.0.95` | `1.0.96` | | [github.com/projectdiscovery/dsl](https://github.com/projectdiscovery/dsl) | `0.3.11` | `0.3.12` | | [github.com/projectdiscovery/goflags](https://github.com/projectdiscovery/goflags) | `0.1.67` | `0.1.68` | | [github.com/projectdiscovery/gologger](https://github.com/projectdiscovery/gologger) | `1.1.40` | `1.1.41` | | [github.com/projectdiscovery/ratelimit](https://github.com/projectdiscovery/ratelimit) | `0.0.68` | `0.0.69` | | [github.com/projectdiscovery/useragent](https://github.com/projectdiscovery/useragent) | `0.0.87` | `0.0.88` | | [github.com/projectdiscovery/utils](https://github.com/projectdiscovery/utils) | `0.4.6` | `0.4.7` | | [github.com/projectdiscovery/wappalyzergo](https://github.com/projectdiscovery/wappalyzergo) | `0.2.11` | `0.2.12` | Updates `github.com/projectdiscovery/fastdialer` from 0.2.14 to 0.2.15 - [Release notes](https://github.com/projectdiscovery/fastdialer/releases) - [Commits](projectdiscovery/fastdialer@v0.2.14...v0.2.15) Updates `github.com/projectdiscovery/hmap` from 0.0.75 to 0.0.76 - [Release notes](https://github.com/projectdiscovery/hmap/releases) - [Commits](projectdiscovery/hmap@v0.0.75...v0.0.76) Updates `github.com/projectdiscovery/rawhttp` from 0.1.82 to 0.1.83 - [Release notes](https://github.com/projectdiscovery/rawhttp/releases) - [Commits](projectdiscovery/rawhttp@v0.1.82...v0.1.83) Updates `github.com/projectdiscovery/retryabledns` from 1.0.93 to 1.0.94 - [Release notes](https://github.com/projectdiscovery/retryabledns/releases) - [Commits](projectdiscovery/retryabledns@v1.0.93...v1.0.94) Updates `github.com/projectdiscovery/retryablehttp-go` from 1.0.95 to 1.0.96 - [Release notes](https://github.com/projectdiscovery/retryablehttp-go/releases) - [Commits](projectdiscovery/retryablehttp-go@v1.0.95...v1.0.96) Updates `github.com/projectdiscovery/dsl` from 0.3.11 to 0.3.12 - [Release notes](https://github.com/projectdiscovery/dsl/releases) - [Commits](projectdiscovery/dsl@v0.3.11...v0.3.12) Updates `github.com/projectdiscovery/goflags` from 0.1.67 to 0.1.68 - [Release notes](https://github.com/projectdiscovery/goflags/releases) - [Commits](projectdiscovery/goflags@v0.1.67...v0.1.68) Updates `github.com/projectdiscovery/gologger` from 1.1.40 to 1.1.41 - [Release notes](https://github.com/projectdiscovery/gologger/releases) - [Commits](projectdiscovery/gologger@v1.1.40...v1.1.41) Updates `github.com/projectdiscovery/ratelimit` from 0.0.68 to 0.0.69 - [Release notes](https://github.com/projectdiscovery/ratelimit/releases) - [Commits](projectdiscovery/ratelimit@v0.0.68...v0.0.69) Updates `github.com/projectdiscovery/useragent` from 0.0.87 to 0.0.88 - [Release notes](https://github.com/projectdiscovery/useragent/releases) - [Commits](projectdiscovery/useragent@v0.0.87...v0.0.88) Updates `github.com/projectdiscovery/utils` from 0.4.6 to 0.4.7 - [Release notes](https://github.com/projectdiscovery/utils/releases) - [Changelog](https://github.com/projectdiscovery/utils/blob/main/CHANGELOG.md) - [Commits](projectdiscovery/utils@v0.4.6...v0.4.7) Updates `github.com/projectdiscovery/wappalyzergo` from 0.2.11 to 0.2.12 - [Release notes](https://github.com/projectdiscovery/wappalyzergo/releases) - [Commits](projectdiscovery/wappalyzergo@v0.2.11...v0.2.12) --- updated-dependencies: - dependency-name: github.com/projectdiscovery/fastdialer dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/hmap dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/rawhttp dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/retryabledns dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/retryablehttp-go dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/dsl dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/goflags dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/gologger dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/ratelimit dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/useragent dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/utils dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/wappalyzergo dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules ... Signed-off-by: dependabot[bot] <support@github.com>

…dev/modules-5e9c5b17d7

* ci(perf-test): use 16 cores CPU Signed-off-by: Dwi Siswanto <git@dw1.io> * ci(perf-test): add `flags` matrix Signed-off-by: Dwi Siswanto <git@dw1.io> * ci(perf-test): add flamegraph action Signed-off-by: Dwi Siswanto <git@dw1.io> * ci(perf-test): debug Signed-off-by: Dwi Siswanto <git@dw1.io> * ci(perf-test): add input `name` for flamegraph action Signed-off-by: Dwi Siswanto <git@dw1.io> * ci(perf-test): run w/o `-race` Since it is irrelevant for the context of perf tests and doesn't show any noticeable difference (ref: https://github.com/projectdiscovery/nuclei/actions/runs/12805564634). Signed-off-by: Dwi Siswanto <git@dw1.io> * misc update --------- Signed-off-by: Dwi Siswanto <git@dw1.io> Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>

Bumps the modules group with 13 updates: | Package | From | To | | --- | --- | --- | | [github.com/projectdiscovery/fastdialer](https://github.com/projectdiscovery/fastdialer) | `0.2.15` | `0.3.0` | | [github.com/projectdiscovery/hmap](https://github.com/projectdiscovery/hmap) | `0.0.76` | `0.0.77` | | [github.com/projectdiscovery/rawhttp](https://github.com/projectdiscovery/rawhttp) | `0.1.83` | `0.1.84` | | [github.com/projectdiscovery/retryablehttp-go](https://github.com/projectdiscovery/retryablehttp-go) | `1.0.96` | `1.0.97` | | [github.com/projectdiscovery/dsl](https://github.com/projectdiscovery/dsl) | `0.3.12` | `0.3.13` | | [github.com/projectdiscovery/goflags](https://github.com/projectdiscovery/goflags) | `0.1.68` | `0.1.69` | | [github.com/projectdiscovery/gologger](https://github.com/projectdiscovery/gologger) | `1.1.41` | `1.1.42` | | [github.com/projectdiscovery/ratelimit](https://github.com/projectdiscovery/ratelimit) | `0.0.69` | `0.0.70` | | [github.com/projectdiscovery/tlsx](https://github.com/projectdiscovery/tlsx) | `1.1.8` | `1.1.9` | | [github.com/projectdiscovery/useragent](https://github.com/projectdiscovery/useragent) | `0.0.88` | `0.0.89` | | [github.com/projectdiscovery/utils](https://github.com/projectdiscovery/utils) | `0.4.7` | `0.4.8` | | [github.com/projectdiscovery/wappalyzergo](https://github.com/projectdiscovery/wappalyzergo) | `0.2.12` | `0.2.13` | | [github.com/projectdiscovery/networkpolicy](https://github.com/projectdiscovery/networkpolicy) | `0.1.1` | `0.1.2` | Updates `github.com/projectdiscovery/fastdialer` from 0.2.15 to 0.3.0 - [Release notes](https://github.com/projectdiscovery/fastdialer/releases) - [Commits](projectdiscovery/fastdialer@v0.2.15...v0.3.0) Updates `github.com/projectdiscovery/hmap` from 0.0.76 to 0.0.77 - [Release notes](https://github.com/projectdiscovery/hmap/releases) - [Commits](projectdiscovery/hmap@v0.0.76...v0.0.77) Updates `github.com/projectdiscovery/rawhttp` from 0.1.83 to 0.1.84 - [Release notes](https://github.com/projectdiscovery/rawhttp/releases) - [Commits](projectdiscovery/rawhttp@v0.1.83...v0.1.84) Updates `github.com/projectdiscovery/retryablehttp-go` from 1.0.96 to 1.0.97 - [Release notes](https://github.com/projectdiscovery/retryablehttp-go/releases) - [Commits](projectdiscovery/retryablehttp-go@v1.0.96...v1.0.97) Updates `github.com/projectdiscovery/dsl` from 0.3.12 to 0.3.13 - [Release notes](https://github.com/projectdiscovery/dsl/releases) - [Commits](projectdiscovery/dsl@v0.3.12...v0.3.13) Updates `github.com/projectdiscovery/goflags` from 0.1.68 to 0.1.69 - [Release notes](https://github.com/projectdiscovery/goflags/releases) - [Commits](projectdiscovery/goflags@v0.1.68...v0.1.69) Updates `github.com/projectdiscovery/gologger` from 1.1.41 to 1.1.42 - [Release notes](https://github.com/projectdiscovery/gologger/releases) - [Commits](projectdiscovery/gologger@v1.1.41...v1.1.42) Updates `github.com/projectdiscovery/ratelimit` from 0.0.69 to 0.0.70 - [Release notes](https://github.com/projectdiscovery/ratelimit/releases) - [Commits](projectdiscovery/ratelimit@v0.0.69...v0.0.70) Updates `github.com/projectdiscovery/tlsx` from 1.1.8 to 1.1.9 - [Release notes](https://github.com/projectdiscovery/tlsx/releases) - [Changelog](https://github.com/projectdiscovery/tlsx/blob/main/.goreleaser.yml) - [Commits](projectdiscovery/tlsx@v1.1.8...v1.1.9) Updates `github.com/projectdiscovery/useragent` from 0.0.88 to 0.0.89 - [Release notes](https://github.com/projectdiscovery/useragent/releases) - [Commits](projectdiscovery/useragent@v0.0.88...v0.0.89) Updates `github.com/projectdiscovery/utils` from 0.4.7 to 0.4.8 - [Release notes](https://github.com/projectdiscovery/utils/releases) - [Changelog](https://github.com/projectdiscovery/utils/blob/main/CHANGELOG.md) - [Commits](projectdiscovery/utils@v0.4.7...v0.4.8) Updates `github.com/projectdiscovery/wappalyzergo` from 0.2.12 to 0.2.13 - [Release notes](https://github.com/projectdiscovery/wappalyzergo/releases) - [Commits](projectdiscovery/wappalyzergo@v0.2.12...v0.2.13) Updates `github.com/projectdiscovery/networkpolicy` from 0.1.1 to 0.1.2 - [Release notes](https://github.com/projectdiscovery/networkpolicy/releases) - [Commits](projectdiscovery/networkpolicy@v0.1.1...v0.1.2) --- updated-dependencies: - dependency-name: github.com/projectdiscovery/fastdialer dependency-type: direct:production update-type: version-update:semver-minor dependency-group: modules - dependency-name: github.com/projectdiscovery/hmap dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/rawhttp dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/retryablehttp-go dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/dsl dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/goflags dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/gologger dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/ratelimit dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/tlsx dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/useragent dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/utils dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/wappalyzergo dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules - dependency-name: github.com/projectdiscovery/networkpolicy dependency-type: direct:production update-type: version-update:semver-patch dependency-group: modules ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

) * fix(installer): handle removal of deleted templates during update Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(installer): no log for non-existent deleted templates err Signed-off-by: Dwi Siswanto <git@dw1.io> * feat(installer): purge empty dirs after removing deleted templates Signed-off-by: Dwi Siswanto <git@dw1.io> * Revert "feat(installer): purge empty dirs after removing deleted templates" This reverts commit 8175e2a. * fix(installer): use semicolons as delimiters Signed-off-by: Dwi Siswanto <git@dw1.io> * feat(installer): add mods count in `*templateUpdateResults.String` Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: Dwi Siswanto <git@dw1.io>

* test(dns): update input, requires, and enable recursion Signed-off-by: Dwi Siswanto <git@dw1.io> * Update go.mod --------- Signed-off-by: Dwi Siswanto <git@dw1.io> Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>

Signed-off-by: Dwi Siswanto <git@dw1.io>

* stop using deprecated mholt/archiver * Fix CR * chore: go mod tidy Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: Dwi Siswanto <git@dw1.io> Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io> Co-authored-by: Dwi Siswanto <git@dw1.io>

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>

Signed-off-by: piguagua <piguagua@aliyun.com>

…5984) * feat(hosterrorscache): add `Remove` and `MarkFailedOrRemove` methods and also deprecating `MarkFailed` Signed-off-by: Dwi Siswanto <git@dw1.io> * refactor(*): unwraps `hosterrorscache\.MarkFailed` invocation Signed-off-by: Dwi Siswanto <git@dw1.io> * feat(hosterrorscache): add sync in `Check` and `MarkFailedOrRemove` methods * test(hosterrorscache): add concurrent test for `Check` method * refactor(hosterrorscache): do NOT change `MarkFailed` behavior Signed-off-by: Dwi Siswanto <git@dw1.io> * feat(*): use `MarkFailedOrRemove` explicitly Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: Dwi Siswanto <git@dw1.io>

* feat: misc sdk changes to parser * misc * feat: fixed failing tests * fix lint error + update yamldoc-go * return 0 exit code if integration test re-run passes * exclude tech / wordpress template from test --------- Co-authored-by: Ice3man <nizamulrana@gmail.com>

coderabbitai · 2025-02-01T08:50:32Z

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

Review comments: Directly reply to a review comment made by CodeRabbit. Example:
- I pushed a fix in commit <commit_id>, please review it.
- Generate unit testing code for this file.
- Open a follow-up GitHub issue for this discussion.
Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
- @coderabbitai generate unit testing code for this file.
- @coderabbitai modularize this function.
PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
- @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
- @coderabbitai read src/utils.ts and generate unit testing code.
- @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
- @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

@coderabbitai pause to pause the reviews on a PR.
@coderabbitai resume to resume the paused reviews.
@coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
@coderabbitai full review to do a full review from scratch and review all the files again.
@coderabbitai summary to regenerate the summary of the PR.
@coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
@coderabbitai resolve resolve all the CodeRabbit review comments.
@coderabbitai configuration to show the current CodeRabbit configuration for the repository.
@coderabbitai help to get help.

Other keywords and placeholders

Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (`.coderabbit.yaml`)

You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
Please see the configuration documentation for more information.
If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

Visit our Documentation for detailed information on how to use CodeRabbit.
Join our Discord Community to get help, request features, and share feedback.
Follow us on X/Twitter for updates and announcements.

github-advanced-security · 2025-02-02T00:29:46Z

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

* Update generator.go * Update README.md

* Adding PT-BR translation and making the proper adjustments * fixing documentation links

Signed-off-by: Dwi Siswanto <git@dw1.io>

This reverts commit f36b851.

Co-authored-by: Ice3man <nizamulrana@gmail.com>

* Revert "chore: Revert "chore(dependabot): merge 2 groups" (#5975)" This reverts commit bfb1808. * chore(dependabot): allow specific dependencies Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: Dwi Siswanto <git@dw1.io>

* refactor(headless): mv `input` -> `ctx` field name Signed-off-by: Dwi Siswanto <git@dw1.io> * feat(headless): eval DSL exprs in args Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(headless): rm duplicate imports Signed-off-by: Dwi Siswanto <git@dw1.io> * feat(headless): rm duplicate dumped req vars * refactor(headless): unify `getTimeParameter` retrieval Now, `getTimeParameter` tries to get the parameter as an integer, then as a `time.Duration`, and finally falls back to the default value (multiplied by the unit). Signed-off-by: Dwi Siswanto <git@dw1.io> * feat(headless): adjust default timeout value to 5s Signed-off-by: Dwi Siswanto <git@dw1.io> * refactor(headless): use `getTimeParameter` Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(headless): add nolint directive - `replaceWithValues` Signed-off-by: Dwi Siswanto <git@dw1.io> * feat(headless): revert parameter automerge & adds `inputURL` field Signed-off-by: Dwi Siswanto <git@dw1.io> * test(headless): add headless-dsl integration test Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: Dwi Siswanto <git@dw1.io>

…6019) * perf(*): replace `encoding/json` w/ sonic Signed-off-by: Dwi Siswanto <git@dw1.io> * feat(utils): add `json` pkg (sonic wrapper) Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(*): use `sonic` wrapper instead Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(*): replace `sonic.ConfigStd` -> `json` (wrapper) Signed-off-by: Dwi Siswanto <git@dw1.io> * test(model): adjust expected marshal'd JSON Signed-off-by: Dwi Siswanto <git@dw1.io> * feat(json): dynamic backend; `sonic` -> `go-json` (fallback) Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(json): merge config - as its not usable Signed-off-by: Dwi Siswanto <git@dw1.io> * chore(json): rm go version constraints Signed-off-by: Dwi Siswanto <git@dw1.io> * chore: go mod tidy Signed-off-by: Dwi Siswanto <git@dw1.io> --------- Signed-off-by: Dwi Siswanto <git@dw1.io>

…r given prompt (#6041) * Add ai flag * Add AI flag 2 * fix stdin * fix stdin 2 * minor * print both url and path * store ai generated templates in `$HOME/nuclei-templates/pdcp` * todo * do not remove all * make it less restrictive * use retryablehttp * fix creds check * return errs * return more detailed err for non-ok status code * add prompt validation * fix integration tests --------- Co-authored-by: Doğan Can Bakır <dogancanbakir@protonmail.com>

…6028) * feat: added tracking for status code, waf-detection & grouped errors * lint error fixes * feat: review changes + moving to package + misc --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>

* fix var dump * fix dump test

Co-authored-by: Andrey Matveenko <an.matveenko@vkteam.ru>

… dev

* feat: added initial live DAST server implementation * feat: more logging + misc additions * feat: auth file support enhancements for more complex scenarios + misc * feat: added io.Reader support to input providers for http * feat: added stats db to fuzzing + use sdk for dast server + misc * feat: more additions and enhancements * misc changes to live server * misc * use utils pprof server * feat: added simpler stats tracking system * feat: fixed analyzer timeout issue + missing case fix * misc changes fix * feat: changed the logics a bit + misc changes and additions * feat: re-added slope checks + misc * feat: added baseline measurements for time based checks * chore(server): fix typos Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * fix(templates): potential DOM XSS Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * fix(authx): potential NIL deref Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * feat: misc review changes * removed debug logging * feat: remove existing cookies only * feat: lint fixes * misc * misc text update * request endpoint update * feat: added tracking for status code, waf-detection & grouped errors (#6028) * feat: added tracking for status code, waf-detection & grouped errors * lint error fixes * feat: review changes + moving to package + misc --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> * fix var dump (#5921) * fix var dump * fix dump test * Added filename length restriction for debug mode (-srd flag) (#5931) Co-authored-by: Andrey Matveenko <an.matveenko@vkteam.ru> * more updates * Update pkg/output/stats/waf/waf.go Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> Co-authored-by: Dwi Siswanto <25837540+dwisiswant0@users.noreply.github.com> Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> Co-authored-by: Dogan Can Bakir <65292895+dogancanbakir@users.noreply.github.com> Co-authored-by: 9flowers <51699499+Lercas@users.noreply.github.com> Co-authored-by: Andrey Matveenko <an.matveenko@vkteam.ru> Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>

dwisiswant0 and others added 25 commits January 9, 2025 15:24

ci(tests): add flamegraph job (#5966)

350da41

Signed-off-by: Dwi Siswanto <git@dw1.io>

Allow comments in files (#5960)

812a30e

* Allow comments in files * dep update --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>

Some silly improvements (decoration) in README.md (#5974)

01668d7

* Update README.md * Update README.md * Update README.md * Update README.md * beautified

feat: added improvements to sdk for offlinehttp (#5982)

2ac02f4

fix(multiproto): missing previous InternalEvents output when `Execu…

2450ecb

…teWithResults` (#5967) Signed-off-by: Dwi Siswanto <git@dw1.io>

Merge pull request #5996 from projectdiscovery/dependabot/go_modules/…

a0c3075

…dev/modules-5e9c5b17d7

feat(templates): rm string conversion (#6016)

265051f

Signed-off-by: Dwi Siswanto <git@dw1.io>

ci(compability-check): checks go.mod integrity (#6015)

69870fe

Signed-off-by: Dwi Siswanto <git@dw1.io>

fix missing event for multi protocol (#5995)

540711c

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>

Ensure Headless protocol accesses flow protocol variables (#6003)

d77eab6

chore: fix some function names in comment (#5986)

5a52e93

Signed-off-by: piguagua <piguagua@aliyun.com>

kilavvy and others added 3 commits February 4, 2025 13:44

fix: typos in documentation files (#6027)

82a5d35

* Update generator.go * Update README.md

Adding PT-BR translation and making the proper adjustments (#6033)

1a354cb

* Adding PT-BR translation and making the proper adjustments * fixing documentation links

ci(compability-check): use single runner & goreleaser test (#6034)

b8830af

Signed-off-by: Dwi Siswanto <git@dw1.io>

dwisiswant0 and others added 13 commits February 8, 2025 15:29

chore: Revert "chore(dependabot): merge 2 groups" (#5975)

bfb1808

This reverts commit f36b851.

feat: added rebuildGenerators for misc rebuilding (#6037)

04db1bb

Co-authored-by: Ice3man <nizamulrana@gmail.com>

fix var dump (#5921)

3c825e8

* fix var dump * fix dump test

Added filename length restriction for debug mode (-srd flag) (#5931)

ef11565

Co-authored-by: Andrey Matveenko <an.matveenko@vkteam.ru>

version update

027c393

Merge branch 'dev' of https://github.com/projectdiscovery/nuclei into…

31fb7c8

… dev

readme updates

50f2ff5

ehsandeep marked this pull request as ready for review February 13, 2025 13:26

auto-assign bot requested a review from dogancanbakir February 13, 2025 13:26

ehsandeep merged commit 2403700 into main Feb 13, 2025
4 of 6 checks passed

ehsandeep removed the request for review from dogancanbakir February 13, 2025 13:28

BrewTestBot mentioned this pull request Feb 13, 2025

nuclei 3.3.9 Homebrew/homebrew-core#207563

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

nuclei v3.3.9 #6021

nuclei v3.3.9 #6021

ehsandeep commented Feb 1, 2025 •

edited

Loading

coderabbitai bot commented Feb 1, 2025 •

edited

Loading

Review skipped

Chat

CodeRabbit Commands (Invoked using PR comments)

Other keywords and placeholders

CodeRabbit Configuration File (`.coderabbit.yaml`)

Documentation and Community

github-advanced-security bot commented Feb 2, 2025

nuclei v3.3.9 #6021

nuclei v3.3.9 #6021

Conversation

ehsandeep commented Feb 1, 2025 • edited Loading

Proposed changes

Checklist

coderabbitai bot commented Feb 1, 2025 • edited Loading

Review skipped

Chat

CodeRabbit Commands (Invoked using PR comments)

Other keywords and placeholders

CodeRabbit Configuration File (.coderabbit.yaml)

Documentation and Community

github-advanced-security bot commented Feb 2, 2025

ehsandeep commented Feb 1, 2025 •

edited

Loading

coderabbitai bot commented Feb 1, 2025 •

edited

Loading

CodeRabbit Configuration File (`.coderabbit.yaml`)