Sandeep Singh

icon indicating an email [email protected]

icon company @projectdiscovery icon location India icon location Co-Founder / CTO @projectdiscovery On a mission to simplify the security process and make it more accessible.

Results 151 issues of Sandeep Singh

Reference based template auto-tagging (cve-annotate)

### Please describe your feature request: Similar to https://github.com/projectdiscovery/nuclei/pull/2323, auto tagging can be extended to cover other well known sources for exploits to self-tagging template based on available information in...

Priority: Low
Type: Enhancement

starts_with & ends_with helper function

### Please describe your feature request: Two new helper function as shared below: ```yaml # match if the string starts with any of the provided strings {{starts_with(body, "ports:", ...)}} #...

Status: Completed
Type: Enhancement

Helper function for IP Formats

4 comment

### Please describe your feature request: Helper function to support https://github.com/projectdiscovery/mapcidr#ip-formats ### Describe the use case of this feature: To write templates including IP in various formats to fuzz/bypass multiple...

Priority: Medium
Status: In Progress
Type: Enhancement

tls: no renegotiation (sni) issue with unsafe template

### Nuclei version: dev,master Test template: ```yaml id: aws-ssrf info: name: AWS SSRF author: test severity: critical requests: - raw: - |+ GET http://169.254.169.254/ HTTP/1.1 Host: {{Hostname}} unsafe: true matchers:...

Priority: Medium
Type: Bug

Connection reuse for RFC compliant HTTP requests

2 comment

### Please describe your feature request: For **HTTP** protocol excluding `unsafe` requests, connection reuse could be used for performance improvements.

wontfix
Priority: Medium
Type: Enhancement
Investigation

Invalid action type: setmethod (headless)

3 comment

### Nuclei version: dev,latest ### Current Behavior: Using `setmethod` action to set arbitrary method to use. ### Expected Behavior: Error: `Invalid action type: setmethod` ### Steps To Reproduce: ```yaml id:...

Status: Completed
Type: Bug

resolve / resolve_all helper functions

1 comment

New helpers for DNS resolution enable writing more complex nuclei templates. - [ ] resolve - [ ] resolve_all Helper example: ```yaml {{resolve ("hackerone.com")}} # Resolve hackerone.com, returns single IPv4...

Status: On Hold
Type: Enhancement

Support for AND based tags execution (tags / etags / itags)

1 comment

### Discussed in https://github.com/projectdiscovery/nuclei-templates/discussions/4546 Originally posted by **AaronChen0** June 6, 2022 I want to scan only xss on wordpress sites. I try something like, `nuclei -tags wordpress -s medium -etags...

Status: Abandoned
Priority: Medium
Type: Enhancement

missing "ip:" field in json output in case of unsafe templates

### Nuclei version: dev, latest ### Current Behavior: `ip:` field is missing in **json output** with **unsafe** templates. ### Expected Behavior: Populate `ip:` field as any other output ### Steps...

Priority: Medium
Status: Completed
Type: Bug

File protocol regex search improvement

3 comment

### Please describe your feature request: Currently, we read everything in memory with assumption of processing samller data, which might not be the case all the time and slows down...

Priority: Low
Status: On Hold
Type: Enhancement
Investigation