Releases: projectdiscovery/nuclei
Releases · projectdiscovery/nuclei
v3.1.8
What's Changed
- Fixed multiple memory leaks and optimizations by @tarunKoyalwar in #4680
- Fixed issue with not resolving hosts from
/etc/hostsfile by @tarunKoyalwar in #4686 - Fixed issue of array iteration in flow by @tarunKoyalwar in #4688
- Fixed panic in smb javascript template by @tarunKoyalwar in #4700
- Fixed an issue with case sensitive dns interaction with interactsh by @monitor403 in #4697
- Fixed issue with reporting with optional support of
-oroption by @dogancanbakir in #4612 - Fixed issue with mysql module in JavaScript by @tarunKoyalwar in #4702
New Contributors
- @monitor403 made their first contribution in #4697
Full Changelog: v3.1.7...v3.1.8
Contributors
monitor403, tarunKoyalwar, and dogancanbakir
Assets 11
v3.1.7
What's Changed
- Added support to upload result to existing pdpc scan using
-scan-idoption by @tarunKoyalwar in #4662
$ nuclei -u example.com -cloud-upload -scan-id XXXXXX- Fixed issue with pdcp result upload with large output file by @tarunKoyalwar in #4662
- Fixed issue with pdcp result upload when using with env variable by @tarunKoyalwar in #4675
Full Changelog: v3.1.6...v3.1.7
Contributors
tarunKoyalwar
Assets 11
v3.1.6
What's Changed
- Added
GetServiceTicketmethod to the kerberos module by @5amu in #4422 - Added
GetKerberoastableUsersmethod in ldap module by @5amu in #4420 - Added support to dump resume files when a runner hangs by @wk8 in #4440
- Fixed multiple memory leaks + optimizations by @tarunKoyalwar in #4630
- Fixed timeout issue + added custom timeout support in js protocol by @tarunKoyalwar in #4643
- Fixed variables merge order in code templates by @tarunKoyalwar in #4623
- Fixed issue with dynamic extractors in flow by @tarunKoyalwar in #4625
- Fixed panic in interactsh process interaction ( nil check on compiled operators) by @dogancanbakir in #4511
- Fixed panic error + support offlinehttp in flow templates by @tarunKoyalwar in #4653
Full Changelog: v3.1.5...v3.1.6
Contributors
wk8, 5amu, and 2 other contributors
Assets 11
v3.1.5
What's Changed
Other Changes
- Fixed a bug introduced in previous version by @tarunKoyalwar in #4608
Full Changelog: v3.1.4...v3.1.5
Contributors
tarunKoyalwar
Assets 11
v3.1.4
What's Changed
🎉 New Features
- Added
self-containedinput support to fuzzing templates by @dogancanbakir in #4531 - Added support to include additional custom tags with
-asoption by @dogancanbakir in #4543 - Added internal matchers (to hide match results in flow) using
internal: trueby @tarunKoyalwar in #4582 - Added exclude list support to layer 4 via fastdialer by @Mzack9999 in #4575
🐞 Bug Fixes
- Fixed issue with dynamic extracted variable to make it reusable by @tarunKoyalwar in #4574
- Fixed early exit issue for non zero status code in code protocol by @tarunKoyalwar in #4585
- Fixed missing results issue in flow based template by @tarunKoyalwar in #4582
Other Changes
- deprecate(remove): file write in extractor using
toattribute for security reasons by @tarunKoyalwar in #4565 - Using network policy everywhere by @Mzack9999 in #4578
New Contributors
Full Changelog: v3.1.3...v3.1.4
Contributors
Mzack9999, tarunKoyalwar, and 2 other contributors
Assets 11
v3.1.3
What's Changed
- Added email support to SMTP client in javascript protocol by @Marcuccio in #4451
- Added Interface in Networkconfig (SDK) by @vince-isec in #4472
Other Changes
- Fixed issue with blank value for query param by @dogancanbakir in #4513
- Fixed issue with resume file creation by @dogancanbakir in #4514
- Fixed an issue with auth check API by @ehsandeep in #4527
- Updated README to point to centralized docs by @olearycrew in #4521
New Contributors
- @vince-isec made their first contribution in #4472
- @Marcuccio made their first contribution in #4451
Full Changelog: v3.1.2...v3.1.3
Contributors
olearycrew, ehsandeep, and 3 other contributors
Assets 11
v3.1.2
What's Changed
Other Changes
- Fixed bug with network protocol: revert full buffer size read by @tarunKoyalwar in #4497
Full Changelog: v3.1.1...v3.1.2
Contributors
tarunKoyalwar
Assets 11
v3.1.1
What's Changed
- Added support for arbitrary string input for TLS SNI annotation by @jimen0 in #4462
- Fixed panic + refactor headless waitevent action by @tarunKoyalwar in #4465
- Fixed wait time + added timeout for ssh connection by @dogancanbakir in #4467
- Fixed issue with headless result upload by @tarunKoyalwar in #4469
Full Changelog: v3.1.0...v3.1.1
Contributors
jimen0, tarunKoyalwar, and dogancanbakir
Assets 11
v3.1.0
What's Changed
🎉 New Features
-
Added support to upload / view results into PDCP Dashboard by @tarunKoyalwar in #4343
-
Added support to exclude target from scan input list by @dogancanbakir in #4214
- exclude
host,host:port - exclude
ip,ip:port - exclude
cidr - regex based exclusion
- exclude
-
Added support for multiple ports in network template by @tarunKoyalwar in #4401
tcp:
- host:
- "{{Hostname}}"
port: 22,2222- Added
port,schemeandurlfield in json(l) output by @tarunKoyalwar in #4417 - Added support to execute commands via ssh client in javascript protocol by @5amu in #4407
javascript:
- args:
Host: "{{Host}}"
Port: "22"
code: |
var m = require("nuclei/ssh");
var c = m.SSHClient();
c.Connect(Host, Port, template.Username, template.Password)
c.Run("echo lolz > /tmp/lolz");
var response = c.Run("cat /tmp/lolz");
c.Close()
to_json(response); -dt, -dialer-timeout value timeout for network requests.
-dka, -dialer-keep-alive value keep-alive duration for network requests.- Added
connection reset by peerto include error used for host exclusion by @XTeam-Wing in #4265 - Added support to include failed matches for errored hosts with
-msoption by @dogancanbakir in #4373
Other Changes
- Fixed memory leaks in rawhttp by @tarunKoyalwar in #4399
- Fixed issue with
hostfield in json(l) output by @tarunKoyalwar in #4417
Issues closed in this release - https://github.com/projectdiscovery/nuclei/milestone/44?closed=1
New Contributors
- @5amu made their first contribution in #4407
- @razin99 made their first contribution in #4416
- @XTeam-Wing made their first contribution in #4265
- @wk8 made their first contribution in #4441
Full Changelog: v3.0.4...v3.1.0
Contributors
wk8, XTeam-Wing, and 4 other contributors
Assets 11
v3.0.4
What's Changed
🎉 New Features
- Added base64 encoded template into json(l) result for custom templates with option to exclude by @dogancanbakir in #4315
-ot, -omit-template omit encoded template in the JSON, JSONL output
- Added TLS Cipher, Version enumeration in SSL protocol by @mionskowski-form3 in #4297
tls_version_enum: true
tls_cipher_enum: true
tls_cipher_types:
- insecure
- weak- Added base64 encoding helpers for javascript protocol by @Ice3man543 in #4344
🐞 Bug Fixes
- Bugfix bin pack by @Mzack9999 in #4298
🔨 Maintenance
- Disabled code template as default with option to enable using
-codeflag by @tarunKoyalwar in #4376 - Moved docs to centralized project https://github.com/projectdiscovery/docs by @olearycrew in #4342
- Append exclude tags instead of replacing by @tarunKoyalwar in #4353
Other Changes
- Enabled
cookie-reuseas default with ability to disable optionally by @dogancanbakir in #4292
disable-cookie: true- Added pprofiling with env by @tarunKoyalwar in #4377
PPROF=1 ./nuclei -u https://scanme.shFull Changelog: v3.0.3...v3.0.4
Contributors
olearycrew, Mzack9999, and 4 other contributors