Merge branch 'v3-beta', remote-tracking branch 'origin' into dev

.github/workflows/build-test.yml

@@ -12,7 +12,7 @@ jobs:
     name: Test Builds
     strategy:
       matrix:
-        go-version: [1.20.x]
+        go-version: [1.21.x]
         os: [ubuntu-latest, windows-latest, macOS-latest]
 
     runs-on: ${{ matrix.os }}
@@ -22,6 +22,11 @@ jobs:
         with:
           go-version: ${{ matrix.go-version }}
 
+      - name: Set up Python   # required for running python code in py-snippet.yaml integration test
+        uses: actions/setup-python@v4
+        with:
+          python-version: '3.10'
+
       - name: Check out code
         uses: actions/checkout@v3
 
@@ -56,6 +61,10 @@ jobs:
         run: go run -race . -l ../functional-test/targets.txt -id tech-detect,tls-version
         working-directory: v2/cmd/nuclei/
 
-      - name: Example Code Tests
-        run: go build .
-        working-directory: v2/examples/
+      - name: Example SDK Simple
+        run: go run .
+        working-directory: v2/examples/simple/
+
+      - name: Example SDK Advanced
+        run: go run .
+        working-directory: v2/examples/advanced/

.github/workflows/functional-test.yml

@@ -18,7 +18,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v4
         with:
-          go-version: 1.20.x
+          go-version: 1.21.x
 
       - name: Check out code
         uses: actions/checkout@v3

.github/workflows/lint-test.yml

@@ -15,7 +15,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v4
         with:
-          go-version: 1.20.x
+          go-version: 1.21.x
 
       - name: Checkout code
         uses: actions/checkout@v3

.github/workflows/performance-test.yaml

@@ -11,7 +11,7 @@ jobs:
     name: Test Performance
     strategy:
       matrix:
-        go-version: [1.20.x]
+        go-version: [1.21.x]
         os: [ubuntu-latest, macOS-latest]
 
     runs-on: ${{ matrix.os }}

.github/workflows/publish-docs.yaml

@@ -18,7 +18,7 @@ jobs:
       - name: "Set up Go"
         uses: actions/setup-go@v4
         with: 
-          go-version: 1.20.x
+          go-version: 1.21.x
 
       - name: Generate YAML Syntax Documentation
         id: generate-docs

.github/workflows/release-binary.yml

@@ -17,7 +17,7 @@ jobs:
 
       - uses: actions/setup-go@v4
         with: 
-          go-version: 1.20.x
+          go-version: 1.21.x
 
       - uses: goreleaser/goreleaser-action@v4
         with: 

.github/workflows/release-test.yml

@@ -19,7 +19,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v4
         with:
-          go-version: 1.20.x
+          go-version: 1.21.x
 
       - name: release test
         uses: goreleaser/goreleaser-action@v4

.github/workflows/template-validate.yml

@@ -13,7 +13,7 @@ jobs:
       - uses: actions/checkout@v3
       - uses: actions/setup-go@v4
         with: 
-          go-version: 1.20.x
+          go-version: 1.21.x
 
       - name: Template Validation
         run: |

.gitignore

@@ -17,4 +17,11 @@ v2/pkg/protocols/common/helpers/deserialization/testdata/ValueObject.class
 v2/pkg/protocols/common/helpers/deserialization/testdata/ValueObject2.ser
 *.exe
 v2/.gitignore
+v2/pkg/js/devtools/bindgen/cmd/bindgen
+v2/pkg/js/devtools/jsdocgen/jsdocgen
+bindgen
+jsdocgen
+nuclei
+v2/scrapefuncs
 *.DS_Store
+v2/pkg/protocols/headless/engine/.cache

DEBUG.md

@@ -34,9 +34,12 @@ When this flag is provided, nuclei will log all errors to the file specified. Th
 
 Nuclei was built with some environment variables in mind to help with debugging. These environment variables can be set to enable debugging of a particular component/functionality for nuclei.
 
-| Environment Variable   | Description                                              |
-| ---------------------- | -------------------------------------------------------- |
-| `DEBUG=true`           | Enables Printing Stack Traces for all errors             |
-| `SHOW_DSL_ERRORS=true` | Enables Printing DSL Errors (that are hidden by default) |
+| Environment Variable             | Description                                              |
+| -------------------------------- | -------------------------------------------------------- |
+| `DEBUG=true`                     | Enables Printing Stack Traces for all errors             |
+| `SHOW_DSL_ERRORS=true`           | Enables Printing DSL Errors (that are hidden by default) |
+| `HIDE_TEMPLATE_SIG_WARNING=true` | Hides Template Signature Verification Warnings           |
+| `NUCLEI_LOG_ALL=true`            | Log All Events that were skipped in verbose mode         |
+
 
 

Dockerfile

@@ -1,5 +1,5 @@
 # Build
-FROM golang:1.20.6-alpine AS build-env
+FROM golang:1.21-alpine AS build-env
 RUN apk add build-base
 WORKDIR /app
 COPY . /app

README.md

@@ -37,7 +37,7 @@
 
 ---
 
-Nuclei is used to send requests across targets based on a template, leading to zero false positives and providing fast scanning on a large number of hosts. Nuclei offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless etc. With powerful and flexible templating, Nuclei can be used to model all kinds of security checks.
+Nuclei is used to send requests across targets based on a template, leading to zero false positives and providing fast scanning on a large number of hosts. Nuclei offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless, Code etc. With powerful and flexible templating, Nuclei can be used to model all kinds of security checks.
 
 We have a [dedicated repository](https://github.com/projectdiscovery/nuclei-templates) that houses various type of vulnerability templates contributed by **more than 300** security researchers and engineers.
 
@@ -56,7 +56,7 @@ We have a [dedicated repository](https://github.com/projectdiscovery/nuclei-temp
 
 # Install Nuclei
 
-Nuclei requires **go1.20** to install successfully. Run the following command to install the latest version -
+Nuclei requires **go1.21** to install successfully. Run the following command to install the latest version -
 
 ```sh
 go install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest
@@ -146,8 +146,8 @@ FILTERING:
    -em, -exclude-matchers string[]    template matchers to exclude in result
    -s, -severity value[]              templates to run based on severity. Possible values: info, low, medium, high, critical, unknown
    -es, -exclude-severity value[]     templates to exclude based on severity. Possible values: info, low, medium, high, critical, unknown
-   -pt, -type value[]                 templates to run based on protocol type. Possible values: dns, file, http, headless, tcp, workflow, ssl, websocket, whois
-   -ept, -exclude-type value[]        templates to exclude based on protocol type. Possible values: dns, file, http, headless, tcp, workflow, ssl, websocket, whois
+   -pt, -type value[]                 templates to run based on protocol type. Possible values: dns, file, http, headless, tcp, workflow, ssl, websocket, whois, code
+   -ept, -exclude-type value[]        templates to exclude based on protocol type. Possible values: dns, file, http, headless, tcp, workflow, ssl, websocket, whois, code
    -tc, -template-condition string[]  templates to run based on expression condition
 
 OUTPUT:
@@ -379,7 +379,7 @@ We have [a discussion thread around this](https://github.com/projectdiscovery/nu
 
 ### Using Nuclei From Go Code
 
-Examples of using Nuclei From Go Code to run templates on targets are provided in the [examples](v2/examples/) folder.
+Complete guide of using Nuclei as Library/SDK is available at [lib](v2/lib/README.md)
 
 
 ### Resources

README_CN.md

@@ -52,7 +52,7 @@ Nuclei使用零误报的定制模板向目标发送请求，同时可以对主
 
 # 安装Nuclei
 
-Nuclei需要**go1.20**才能安装成功。执行下列命令安装最新版本的Nuclei
+Nuclei需要**go1**才能安装成功。执行下列命令安装最新版本的Nuclei
 
 ```sh
 go install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest

README_ID.md

@@ -52,7 +52,7 @@ Kami memiliki [repositori khusus](https://github.com/projectdiscovery/nuclei-tem
 
 # Instalasi Nuclei
 
-Nuclei membutuhkan **go1.20** agar dapat diinstall. Jalankan perintah berikut untuk menginstal versi terbaru -
+Nuclei membutuhkan **go1.21** agar dapat diinstall. Jalankan perintah berikut untuk menginstal versi terbaru -
 
 ```sh
 go install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest

README_KR.md

@@ -50,7 +50,7 @@ Nuclei는 템플릿을 기반으로 대상 간에 요청을 보내기 위해 사
 
 # 설치
 
-Nuclei를 성공적으로 설치하기 위해서 **go1.20**가 필요합니다. 다음 명령을 실행하여 최신 버전을 설치합니다.
+Nuclei를 성공적으로 설치하기 위해서 **go1.21**가 필요합니다. 다음 명령을 실행하여 최신 버전을 설치합니다.
 
 ```sh
 go install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest

SYNTAX-REFERENCE.md

@@ -2820,28 +2820,6 @@ StopAtFirstMatch stops the execution of the requests and template as soon as a m
 </div>
 <div class="dt">
 
-Fuzzing describes schema to fuzz headless requests
-
-</div>
-
-<hr />
-
-<div class="dd">
-
-<code>cookie-reuse</code>  <i>bool</i>
-
-</div>
-<div class="dt">
-
-CookieReuse is an optional setting that enables cookie reuse
-
-</div>
-
-<hr />
-
-
-
-
 
 ## engine.Action
 Action is an action taken by the browser to reach a navigation

docs/getting-started/running.mdx

@@ -178,6 +178,25 @@ export AZURE_CONTAINER_NAME=templates
 
 </AccordionGroup>
 
+Environment variables can also be provided to disable download from default and custom template locations:
+
+```bash
+# Disable download from the default nuclei-templates project
+export DISABLE_NUCLEI_TEMPLATES_PUBLIC_DOWNLOAD=true
+
+# Disable download from public / private GitHub project(s)
+export DISABLE_NUCLEI_TEMPLATES_GITHUB_DOWNLOAD=true
+
+# Disable download from public / private GitLab project(s)
+export DISABLE_NUCLEI_TEMPLATES_GITLAB_DOWNLOAD=true
+
+# Disable download from public / private AWS Bucket(s)
+export DISABLE_NUCLEI_TEMPLATES_AWS_DOWNLOAD=true
+
+# Disable download from public / private Azure Blob Storage
+export DISABLE_NUCLEI_TEMPLATES_AZURE_DOWNLOAD=true
+```
+
 Once the environment variables are set, following command to download the custom templates:
 
 ```bash

docs/mint.json

@@ -57,7 +57,7 @@
             "template-guide/introduction",
             "template-guide/template-details",
             {
-               "group":"HTTP",
+               "group":"HTTPs",
                "pages":[
                   "template-guide/http/base-http",
                   "template-guide/http/raw-http",
@@ -71,6 +71,8 @@
             "template-guide/network",
             "template-guide/dns",
             "template-guide/file",
+            "template-guide/javascript",
+            "template-guide/code",
             {
                "group":"Operators",
                "pages":[
@@ -140,11 +142,5 @@
    "feedback":{
       "thumbsRating":true,
       "suggestEdit":true
-   },
-   "api":{
-      "auth":{
-         "method":"key",
-         "name":"X-API-KEY"
-      }
    }
 }