nuclei icon indicating copy to clipboard operation
nuclei copied to clipboard

verified publisher icon projectdiscovery

Metadata

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the int...

Results 695 nuclei issues
Sort by recently updated
recently updated
newest added

Refactor and move all variables to ScanContext

1 comment

### Proposed Change In Nuclei , we use map data type to store all variables and different types of variables at that . and for every request we create new...

tarunKoyalwar avatar tarunKoyalwar

Priority: Medium
Type: Enhancement

Duplicate Query Parameter

2 comment

### Nuclei version: v3.1.1 ### Current Behavior: Duplicate query parameter when receive from input ![image](https://github.com/projectdiscovery/nuclei/assets/43785370/7ac8a53e-31b1-4151-9cad-8deb3d7d68ba) ### Expected Behavior: Only one parameter nothing ### Steps To Reproduce: Template: ```yaml id: fuzz-header-multiple...

n00b-bot avatar n00b-bot

Type: Bug

[Library] Take a context for cancellation

1 comment

### Please describe your feature request: The function core.Execute should take a [`context.Context`](https://pkg.go.dev/context#Context) parameter and cancel the execution when the context is cancelled. https://github.com/projectdiscovery/nuclei/blob/1f9a065713924b28b203e2108fc76d7a1ec49068/v2/pkg/core/executors.go#L208 The current CLI implementation bypass this...

gnuletik avatar gnuletik

Type: Enhancement
sdk

New feature requests Extract the dictionary and push it into the queue for scanning the same domain name

1 comment

New feature requests: 1. in yaml file,Extract the dictionary and push it into the queue for scanning the same domain name. 2. in yaml file,Extract new targets and add them...

hktalent avatar hktalent

Type: Enhancement

weird behaviour when running python code with raw http

when I run a very simple template that contains python code it stores wrong output from the code, I use the `urlparse` from `urllib.parse` python package. here is my template:...

ntriisii avatar ntriisii

Type: Bug

There is an exception in the DSL matcher when using the len() function for sequential processing of request packets

1 comment

### Nuclei version: Preliminary tests indicate that the issue exists in versions 2.9.0 to 2.9.13. However, versions 2.8.x and older have not been tested. ### Current Behavior: The len(body_2) cannot...

kenyon-wong avatar kenyon-wong

Type: Bug

Skipped target still getting scanned

1 comment

#### Start a web server as target with: ``` bash python3 -m http.server 21 -b 127.0.0.1 ``` #### Start nuclei ``` bash nuclei -ss host-spray -duc

dksslq avatar dksslq

Type: Bug
Investigation

refactor(raw&fuzzing): Fix duplicate query parameter. Allow fuzzing query from raw template

- Refactored the `Parse` function in `pkg/protocols/http/raw/raw.go` to simplify the URL parsing and modification logic. - Created a `cloned` variable to clone the input URL for further modifications. - Removed...

n00b-bot avatar n00b-bot

Improve error logging for unresolved variables

## Proposed changes - #3386 ### test ```console ✗ go run . -t ~/nuclei-templates/http/token-spray -v __ _ ____ __ _______/ /__ (_) / __ \/ / / / ___/ /...

RamanaReddy0M avatar RamanaReddy0M

Support stdIn to continuously input targets and execute tasks one by one instead of waiting for stdin to close.

Support stdIn to continuously input targets and execute tasks one by one instead of waiting for stdin to close. in some specific cases We integrate more intelligently with nuclei So...

hktalent avatar hktalent

Type: Enhancement

Metadata

21.6k
Stars
2.6k
Forks
Watchers

Owner

verified publisher icon projectdiscovery

Metadata

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the int...

Back