nuclei v3.2.0

.github/workflows/performance-test.yaml

@@ -15,6 +15,7 @@ jobs:
         os: [ubuntu-latest, macOS-latest]
 
     runs-on: ${{ matrix.os }}
+    if: github.repository == 'projectdiscovery/nuclei'
     steps:
       - name: Set up Go
         uses: actions/setup-go@v4

.github/workflows/publish-docs.yaml

@@ -29,7 +29,7 @@ jobs:
           fi
           go generate pkg/templates/templates.go
           go build -o "cmd/docgen/docgen" cmd/docgen/docgen.go 
-          ./cmd/docgen/docgen ../SYNTAX-REFERENCE.md ../nuclei-jsonschema.json
+          ./cmd/docgen/docgen SYNTAX-REFERENCE.md nuclei-jsonschema.json
           git status -s | wc -l | xargs -I {} echo CHANGES={} >> $GITHUB_OUTPUT
 
       - name: Commit files

.gitignore

@@ -20,12 +20,19 @@ pkg/protocols/common/helpers/deserialization/testdata/ValueObject2.ser
 .gitignore
 pkg/js/devtools/bindgen/cmd/bindgen/bindgen
 pkg/js/devtools/jsdocgen/jsdocgen
+pkg/js/devtools/tsgen/tsgen
+pkg/js/devtools/tsgen/cmd/tsgen/tsgen
 *.DS_Store
 pkg/protocols/headless/engine/.cache
 /nuclei
 /bindgen
 /jsdocgen
+/tsgen
 /scrapefuncs
 /integration_tests/.cache/
-/integration_tests/.nuclei-config/
-/*.yaml
+/*.yaml
+**/*-config
+**/*-cache
+/fuzzplayground
+integration_tests/fuzzplayground
+

Makefile

@@ -32,6 +32,19 @@ tidy:
 	$(GOMOD) tidy
 devtools:
 	$(GOBUILD) $(GOFLAGS) -ldflags '$(LDFLAGS)' -o "bindgen" pkg/js/devtools/bindgen/cmd/bindgen/main.go
-	$(GOBUILD) $(GOFLAGS) -ldflags '$(LDFLAGS)' -o "jsdocgen" pkg/js/devtools/jsdocgen/main.go
+	$(GOBUILD) $(GOFLAGS) -ldflags '$(LDFLAGS)' -o "tsgen" pkg/js/devtools/tsgen/cmd/tsgen/main.go
 	$(GOBUILD) $(GOFLAGS) -ldflags '$(LDFLAGS)' -o "scrapefuncs" pkg/js/devtools/scrapefuncs/main.go
+jsupdate:
+	$(GOBUILD) $(GOFLAGS) -ldflags '$(LDFLAGS)' -o "bindgen" pkg/js/devtools/bindgen/cmd/bindgen/main.go
+	$(GOBUILD) $(GOFLAGS) -ldflags '$(LDFLAGS)' -o "tsgen" pkg/js/devtools/tsgen/cmd/tsgen/main.go
+	./bindgen -dir pkg/js/libs -out pkg/js/generated
+	./tsgen -dir pkg/js/libs -out pkg/js/generated/ts
+ts:
+	$(GOBUILD) $(GOFLAGS) -ldflags '$(LDFLAGS)' -o "tsgen" pkg/js/devtools/tsgen/cmd/tsgen/main.go
+	./tsgen -dir pkg/js/libs -out pkg/js/generated/ts
+fuzzplayground:
+	$(GOBUILD) $(GOFLAGS) -ldflags '$(LDFLAGS)' -o "fuzzplayground" cmd/tools/fuzzplayground/main.go
+memogen:
+	$(GOBUILD) $(GOFLAGS) -ldflags '$(LDFLAGS)' -o "memogen" cmd/memogen/memogen.go
+	./memogen -src pkg/js/libs -tpl cmd/memogen/function.tpl
 

README.md

@@ -20,8 +20,6 @@
 <p align="center">
   <a href="#how-it-works">How</a> •
   <a href="#install-nuclei">Install</a> •
-  <a href="#for-security-engineers">For Security Engineers</a> •
-  <a href="#for-developers-and-organizations">For Developers</a> •
   <a href="https://docs.projectdiscovery.io/tools/nuclei/">Documentation</a> •
   <a href="#credits">Credits</a> •
   <a href="https://nuclei.projectdiscovery.io/faq/nuclei/">FAQs</a> •
@@ -115,12 +113,17 @@ Usage:
 
 Flags:
 TARGET:
-   -u, -target string[]             target URLs/hosts to scan
-   -l, -list string                 path to file containing a list of target URLs/hosts to scan (one per line)
-   -eh, -exclude-hosts string[]     hosts to exclude to scan from the input list (ip, cidr, hostname)
-   -resume string                   resume scan using resume.cfg (clustering will be disabled)
-   -sa, -scan-all-ips               scan all the IP's associated with dns record
-   -iv, -ip-version string[]        IP version to scan of hostname (4,6) - (default 4)
+   -u, -target string[]          target URLs/hosts to scan
+   -l, -list string              path to file containing a list of target URLs/hosts to scan (one per line)
+   -eh, -exclude-hosts string[]  hosts to exclude to scan from the input list (ip, cidr, hostname)
+   -resume string                resume scan using resume.cfg (clustering will be disabled)
+   -sa, -scan-all-ips            scan all the IP's associated with dns record
+   -iv, -ip-version string[]     IP version to scan of hostname (4,6) - (default 4)
+
+TARGET-FORMAT:
+   -im, -input-mode string        mode of input file (list, burp, jsonl, yaml, openapi, swagger) (default "list")
+   -ro, -required-only            use only required fields in input format when generating requests
+   -sfv, -skip-format-validation  skip format validation (like missing vars) when parsing input file
 
 TEMPLATES:
    -nt, -new-templates                    run only new templates added in latest nuclei-templates release
@@ -136,6 +139,7 @@ TEMPLATES:
    -tl                                    list all available templates
    -sign                                  signs the templates with the private key defined in NUCLEI_SIGNATURE_PRIVATE_KEY env variable
    -code                                  enable loading code protocol-based templates
+   -dut, -disable-unsigned-templates      disable running unsigned templates or templates with mismatched signature
 
 FILTERING:
    -a, -author string[]               templates to run based on authors (comma-separated, file)
@@ -144,8 +148,8 @@ FILTERING:
    -itags, -include-tags string[]     tags to be executed even if they are excluded either by default or configuration
    -id, -template-id string[]         templates to run based on template ids (comma-separated, file, allow-wildcard)
    -eid, -exclude-id string[]         templates to exclude based on template ids (comma-separated, file)
-   -it, -include-templates string[]   templates to be executed even if they are excluded either by default or configuration
-   -et, -exclude-templates string[]   template or template directory to exclude (comma-separated, file)
+   -it, -include-templates string[]   path to template file or directory to be executed even if they are excluded either by default or configuration
+   -et, -exclude-templates string[]   path to template file or directory to exclude (comma-separated, file)
    -em, -exclude-matchers string[]    template matchers to exclude in result
    -s, -severity value[]              templates to run based on severity. Possible values: info, low, medium, high, critical, unknown
    -es, -exclude-severity value[]     templates to exclude based on severity. Possible values: info, low, medium, high, critical, unknown
@@ -217,6 +221,7 @@ INTERACTSH:
 FUZZING:
    -ft, -fuzzing-type string  overrides fuzzing type set in template (replace, prefix, postfix, infix)
    -fm, -fuzzing-mode string  overrides fuzzing mode set in template (multiple, single)
+   -fuzz                      enable loading fuzzing templates
 
 UNCOVER:
    -uc, -uncover                  enable uncover engine
@@ -233,6 +238,8 @@ RATE-LIMIT:
    -c, -concurrency int               maximum number of templates to be executed in parallel (default 25)
    -hbs, -headless-bulk-size int      maximum number of headless hosts to be analyzed in parallel per template (default 10)
    -headc, -headless-concurrency int  maximum number of headless templates to be executed in parallel (default 10)
+   -jsc, -js-concurrency int          maximum number of javascript runtimes to be executed in parallel (default 120)
+   -pc, -payload-concurrency int      max payload concurrency for each template (default 25)
 
 OPTIMIZATIONS:
    -timeout int                     time to wait in seconds before timeout (default 10)
@@ -294,22 +301,26 @@ CLOUD:
    -cup, -cloud-upload    upload scan results to pdcp dashboard
    -sid, -scan-id string  upload scan results to given scan id
 
+AUTHENTICATION:
+   -sf, -secret-file string[]  path to config file containing secrets for nuclei authenticated scan
+   -ps, -prefetch-secrets      prefetch secrets from the secrets file
+
 
 EXAMPLES:
 Run nuclei on single host:
-	$ nuclei -target example.com
+   $ nuclei -target example.com
 
 Run nuclei with specific template directories:
-	$ nuclei -target example.com -t http/cves/ -t ssl
+   $ nuclei -target example.com -t http/cves/ -t ssl
 
 Run nuclei against a list of hosts:
-	$ nuclei -list hosts.txt
+   $ nuclei -list hosts.txt
 
 Run nuclei with a JSON output:
-	$ nuclei -target example.com -json-export output.json
+   $ nuclei -target example.com -json-export output.json
 
 Run nuclei with sorted Markdown outputs (with environment variables):
-	$ MARKDOWN_EXPORT_SORT_MODE=template nuclei -target example.com -markdown-export nuclei_report/
+   $ MARKDOWN_EXPORT_SORT_MODE=template nuclei -target example.com -markdown-export nuclei_report/
 
 Additional documentation is available at: https://docs.nuclei.sh/getting-started/running
 ```