nuclei X uncover integration

[ehsandeep]

Please describe your feature request:

1. Template execution using search query
   • executes template against hosts returned by uncover for the given query

Example:

nuclei -t cves/2022/ -uq 'ssl:"Uber Technologies, Inc."'
nuclei -tags misconfig -uq 'ssl:"Uber Technologies, Inc."'

2. Automatic template execution using self-contained metadata information
   • works with template including search query metadata information
     • shodan-query:
     • fofa-query:
     • censys-query:
   • executes template against hosts returned by uncover.

Example:

Template snippet of CVE-2021-26855

  metadata:
    shodan-query: 'vuln:CVE-2021-26855'

nuclei -t cves/2021/CVE-2021-26855.yaml -uncover
nuclei -tags ssrf -uncover

CLI flags to expose:

UNCOVER:
   -uc, -uncover                  enable uncover engine
   -uq, -uncover-query string[]   uncover search query # "-uncover" set to true internally when "uq" flag is used.
   -ue, -uncover-engine string[]  uncover search engine (shodan,shodan-idb,fofa,censys) (default shodan)
   -uf, -uncover-field string     uncover fields to return (ip,port,host) (default "ip:port")
   -ul, -uncover-limit int        uncover results to return (default 100)
   -ud, -uncover-delay int        delay between uncover query requests in seconds (0 to disable) (default 1)

Describe the use case of this feature:

Let us run a set of nuclei templates against our target organization assets exposed on the internet.