Setup Automation to update default ignore list of headers,cookies for fuzzing

[tarunKoyalwar]

Please describe your feature request:

With recent addition of fuzzing in #4477 , we can now fuzz headers and cookies and to avoid fuzzing meta or third party cookies/headers we keep a default blacklist hardcoded in nuclei see:

nuclei/pkg/fuzz/component/headers.go

Lines 103 to 185 in 83fe481

	var defaultIgnoredHeaderKeys = map[string]struct{}{
	"Accept-Charset": {},
	"Accept-Datetime": {},
	"Accept-Encoding": {},
	"Accept-Language": {},
	"Accept": {},
	"Access-Control-Request-Headers": {},
	"Access-Control-Request-Method": {},
	"Authorization": {},
	"Cache-Control": {},
	"Connection": {},
	"Cookie": {},
	"Content-Length": {},
	"Content-Type": {},
	"Date": {},
	"Dnt": {},
	"Expect": {},
	"Forwarded": {},
	"From": {},
	"Host": {},
	"If-Match": {},
	"If-Modified-Since": {},
	"If-None-Match": {},
	"If-Range": {},
	"If-Unmodified-Since": {},
	"Max-Forwards": {},
	"Pragma": {},
	"Priority": {},
	"Proxy-Authorization": {},
	"Range": {},
	"Sec-Ch-Ua": {},
	"Sec-Ch-Ua-Mobile": {},
	"Sec-Ch-Ua-Platform": {},
	"Sec-Fetch-Dest": {},
	"Sec-Fetch-Mode": {},
	"Sec-Fetch-Site": {},
	"Sec-Fetch-User": {},
	"TE": {},
	"Upgrade": {},
	"Via": {},
	"Warning": {},
	"Upgrade-Insecure-Requests": {},
	"X-CSRF-Token": {},
	"X-Requested-With": {},
	"Strict-Transport-Security": {},
	"Content-Security-Policy": {},
	"X-Content-Type-Options": {},
	"X-Frame-Options": {},
	"X-XSS-Protection": {},
	"Public-Key-Pins": {},
	"Referrer-Policy": {},
	"Access-Control-Allow-Origin": {},
	"Access-Control-Allow-Credentials": {},
	"Access-Control-Expose-Headers": {},
	"Access-Control-Max-Age": {},
	"Access-Control-Allow-Methods": {},
	"Access-Control-Allow-Headers": {},
	"Server": {},
	"X-Powered-By": {},
	"X-AspNet-Version": {},
	"X-AspNetMvc-Version": {},
	"ETag": {},
	"Vary": {},
	"Expires": {},
	"Last-Modified": {},
	"X-Cache": {},
	"X-Proxy-ID": {},
	"CF-Ray": {}, // Cloudflare
	"X-Served-By": {}, // Varnish, etc.
	"X-Cache-Hits": {},
	"Content-Encoding": {},
	"Transfer-Encoding": {},
	"Location": {},
	"WWW-Authenticate": {},
	"Proxy-Authenticate": {},
	"X-Access-Token": {},
	"X-Refresh-Token": {},
	"Link": {},
	"X-Content-Duration": {},
	"X-UA-Compatible": {},
	"X-RateLimit-Limit": {}, // Rate limiting header
	"X-RateLimit-Remaining": {}, // Rate limiting header
	"X-RateLimit-Reset": {}, // Rate limiting header

nuclei/pkg/fuzz/component/cookie.go

Lines 98 to 137 in 83fe481

	var defaultIgnoredCookieKeys = map[string]struct{}{
	"awsELB": {},
	"AWSALB": {},
	"AWSALBCORS": {},
	"__utma": {},
	"__utmb": {},
	"__utmc": {},
	"__utmt": {},
	"__utmz": {},
	"_ga": {},
	"_gat": {},
	"_gid": {},
	"_gcl_au": {},
	"_fbp": {},
	"fr": {},
	"__hstc": {},
	"hubspotutk": {},
	"__hssc": {},
	"__hssrc": {},
	"mp_mixpanel__c": {},
	"JSESSIONID": {},
	"NREUM": {},
	"_pk_id": {},
	"_pk_ref": {},
	"_pk_ses": {},
	"_pk_cvar": {},
	"_pk_hsr": {},
	"_hjIncludedInSample": {},
	"__cfduid": {},
	"cf_use_ob": {},
	"cf_ob_info": {},
	"intercom-session": {},
	"optimizelyEndUserId": {},
	"optimizelySegments": {},
	"optimizelyBuckets": {},
	"optimizelyPendingLogEvents": {},
	"YSC": {},
	"VISITOR_INFO1_LIVE": {},
	"PREF": {},
	"GPS": {},

using wappalyzer and other sources we can generate a list of such default excludes and embed them in appropriate fuzzing components