added support for custom regex on field scope (-fs "[regex pattern]") #571
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
dogancanbakir
requested changes
Sep 4, 2023
There was a problem hiding this comment.
Hey @c3l3si4n ,
Thanks for the PR! I left comments for you. Let me know if you have any questions!
dogancanbakir
approved these changes
Sep 11, 2023
There was a problem hiding this comment.
LGTM
$ go run . -u projectdiscovery.io -fs '(projectdiscovery.io|greenhouse.io)'
__ __
/ /_____ _/ /____ ____ ___ _
/ '_/ _ / __/ _ / _ \/ _ /
/_/\_\\_,_/\__/\_,_/_//_/\_,_/
projectdiscovery.io
[INF] Current katana version v1.0.3 (latest)
[INF] Started standard crawling for => https://projectdiscovery.io
https://projectdiscovery.io
https://projectdiscovery.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
https://projectdiscovery.io/cdn-cgi/l/email-protection
https://blog.projectdiscovery.io/stop-pentesting-start-programming/
https://chaos.projectdiscovery.io/
https://boards.greenhouse.io/projectdiscoveryinc
https://projectdiscovery.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/'+e.replace(/
https://blog.projectdiscovery.io/
https://blog.projectdiscovery.io/announcing-nuclei-cloud/
https://projectdiscovery.io/cdn-cgi/styles/cf.errors.css
https://blog.projectdiscovery.io/assets/js/post.js?v=7ec55e1143
https://blog.projectdiscovery.io/assets/js/index.js?v=7ec55e1143
https://boards.cdn.greenhouse.io/assets/index_init-b257fc242bdcd2b7d88beddbb8bbb8b171d1e40ebf2de22fd9f149d3bcfd82c2.js
https://projectdiscovery.io/community
https://projectdiscovery.io/
https://projectdiscovery.io/privacy
https://projectdiscovery.io/terms
https://projectdiscovery.io/aboutus
maitlto:[email protected]
mailtp:[email protected]
https://boards.cdn.greenhouse.io/assets/application-3512c70ccf00b7a60909abcd69ea73d77bfc016f3a3b3903d2e2d3f9a6710c35.js
https://blog.projectdiscovery.io/announcing-pdcp/amp/
https://blog.projectdiscovery.io/a-hackers-guide-to-ssl-certificates-featuring-tlsx/
https://blog.projectdiscovery.io/introducing-katana-the-best-cli-web-crawler/
https://policies.projectdiscovery.io/
https://policies.projectdiscovery.io/terms
https://blog.projectdiscovery.io/page/2/
https://blog.projectdiscovery.io/author/prithiv/
https://blog.projectdiscovery.io/author/pj/
https://blog.projectdiscovery.io/author/rishiraj/
https://blog.projectdiscovery.io/if-everything-is-a-9-8-then-nothing-is/
https://blog.projectdiscovery.io/prosvjoes-failure-at-the-warped-wall/
https://blog.projectdiscovery.io/announcing-projectdiscovery-cloud-platform-25-million-series-a-2/
https://blog.projectdiscovery.io/the-power-of-nuclei-templates-a-universal-language-of-vulnerabilities/
https://boards.cdn.greenhouse.io/assets/responsive-95ad71d0f9cbcb13adb28ed74687b15c00a64bb1c4a6ab47ab9072493777804c.css
https://projectdiscovery.io/?ref=blog.projectdiscovery.io
https://boards.cdn.greenhouse.io/assets/application-37fb77937add45f47b8aa211c6e36baf590f4e1ddea883f7fa2967cb913854f4.css
https://blog.projectdiscovery.io/assets/js/global.js?v=7ec55e1143
https://chaos.projectdiscovery.io/app.bundle.css
https://boards.greenhouse.io/projectdiscoveryinc/jobs/4251718006
https://blog.projectdiscovery.io/public/member-attribution.min.js?v=7ec55e1143
https://blog.projectdiscovery.io/public/cards.min.js?v=7ec55e1143
https://blog.projectdiscovery.io/public/cards.min.css?v=7ec55e1143
https://blog.projectdiscovery.io/webmentions/receive/
https://blog.projectdiscovery.io/stop-pentesting-start-programming/amp/
https://blog.projectdiscovery.io/assets/css/screen.css?v=7ec55e1143
https://blog.projectdiscovery.io/adobe-coldfusion-rce/
https://blog.projectdiscovery.io
https://blog.projectdiscovery.io/drop-your-insecurity-and-get-into-security/
https://blog.projectdiscovery.io/author/brendan/
https://blog.projectdiscovery.io/announcing-pdcp/
https://chaos.projectdiscovery.io/app.js
https://blog.projectdiscovery.io/rss/
https://blog.projectdiscovery.io/hunting-c2-servers/
https://blog.projectdiscovery.io/the-best-defense-is-a-good-offensive-security-program/
https://projectdiscovery.io/requestdemo
http://www.greenhouse.io/
http://www.projectdiscovery.io
https://projectdiscovery.io
https://projectdiscovery.io/cloudplatform
https://blog.projectdiscovery.io/hunting-c2-servers/amp/
https://blog.projectdiscovery.io/if-youre-not-writing-custom-nuclei-templates-youre-missing-out/
https://blog.projectdiscovery.io/understanding-automating-credential-stuffing-a-comprehensive-guide/
https://blog.projectdiscovery.io/the-best-defense-is-a-good-offensive-security-program/amp/
http://www.greenhouse.io/privacy-policy
ehsandeep
approved these changes
Sep 11, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This feature is needed on cases where you have a initial website to recon, and you know that the company can use multiple base domains in its application.
For example, you can start crawling all sites of
*.company.com, and then find mentions tocompany-staging.io. With this new commit, you can then add both hostnames to Katana's field scope by doing-fs '(company-staging.io|company.com)'.It made a lot of sense to implement this on Katana for my automation, it may be useful to others.