diff --git a/nuclei-jsonschema.json b/nuclei-jsonschema.json index b161393bcb..f39d5c89f4 100644 --- a/nuclei-jsonschema.json +++ b/nuclei-jsonschema.json @@ -1,111 +1,29 @@ { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/templates.Template", - "definitions": { - "fuzz.Rule": { - "properties": { - "type": { - "enum": [ - "replace", - "prefix", - "postfix", - "infix", - "replace-regex" - ], - "type": "string", - "title": "type of rule", - "description": "Type of fuzzing rule to perform" - }, - "part": { - "enum": [ - "query", - "header", - "path", - "body", - "cookie", - "request" - ], - "type": "string", - "title": "part of rule", - "description": "Part of request rule to fuzz" - }, - "mode": { - "enum": [ - "single", - "multiple" - ], - "type": "string", - "title": "mode of rule", - "description": "Mode of request rule to fuzz" - }, - "keys": { - "items": { - "type": "string" - }, - "type": "array", - "title": "keys of parameters to fuzz", - "description": "Keys of parameters to fuzz" - }, - "keys-regex": { - "items": { - "type": "string" - }, - "type": "array", - "title": "keys regex to fuzz", - "description": "Regex of parameter keys to fuzz" - }, - "values": { - "items": { - "type": "string" - }, - "type": "array", - "title": "values regex to fuzz", - "description": "Regex of parameter values to fuzz" - }, - "fuzz": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/fuzz.SliceOrMapSlice", - "title": "payloads of fuzz rule", - "description": "Payloads to perform fuzzing substitutions with" - }, - "replace-regex": { - "type": "string", - "title": "replace regex of rule", - "description": "Regex for regex-replace rule type" - } - }, - "additionalProperties": false, - "type": "object" - }, - "fuzz.SliceOrMapSlice": { - "required": [ - "Value", - "KV" - ], + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "https://template", + "$ref": "#/$defs/Template", + "$defs": { + "AttackTypeHolder": { "properties": { "Value": { - "items": { - "type": "string" - }, - "type": "array" - }, - "KV": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/github.com/projectdiscovery/utils/maps.OrderedMap[string,string]" + "type": "integer" } }, "additionalProperties": false, - "type": "object" + "type": "object", + "required": [ + "Value" + ] }, - "model.Classification": { + "Classification": { "properties": { "cve-id": { - "$ref": "#/definitions/stringslice.StringSlice", + "$ref": "#/$defs/StringOrSlice", "title": "cve ids for the template", "description": "CVE IDs for the template" }, "cwe-id": { - "$ref": "#/definitions/stringslice.StringSlice", + "$ref": "#/$defs/StringOrSlice", "title": "cwe ids for the template", "description": "CWE IDs for the template" }, @@ -120,17 +38,26 @@ "cvss-score": { "type": "number", "title": "cvss score for the template", - "description": "CVSS Score for the template" + "description": "CVSS Score for the template", + "examples": [ + 9.8 + ] }, "epss-score": { "type": "number", "title": "epss score for the template", - "description": "EPSS Score for the template" + "description": "EPSS Score for the template", + "examples": [ + 0.42509 + ] }, "epss-percentile": { "type": "number", "title": "epss percentile for the template", - "description": "EPSS Percentile for the template" + "description": "EPSS Percentile for the template", + "examples": [ + 0.42509 + ] }, "cpe": { "type": "string", @@ -144,128 +71,7 @@ "additionalProperties": false, "type": "object" }, - "model.Info": { - "properties": { - "name": { - "type": "string", - "title": "name of the template", - "description": "Name is a short summary of what the template does", - "examples": [ - "Nagios Default Credentials Check" - ] - }, - "author": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/stringslice.StringSlice", - "title": "author of the template", - "description": "Author is the author of the template" - }, - "tags": { - "$ref": "#/definitions/stringslice.StringSlice", - "title": "tags of the template", - "description": "Any tags for the template" - }, - "description": { - "type": "string", - "title": "description of the template", - "description": "In-depth explanation on what the template does", - "examples": [ - "Bower is a package manager which stores package information in the bower.json file" - ] - }, - "impact": { - "type": "string", - "title": "impact of the template", - "description": "In-depth explanation on the impact of the issue found by the template", - "examples": [ - "Successful exploitation of this vulnerability could allow an attacker to execute arbitrary SQL queries" - ] - }, - "reference": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/stringslice.RawStringSlice", - "title": "references for the template", - "description": "Links relevant to the template" - }, - "severity": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/severity.Holder" - }, - "metadata": { - "patternProperties": { - ".*": { - "additionalProperties": true - } - }, - "type": "object", - "title": "additional metadata for the template", - "description": "Additional metadata fields for the template" - }, - "classification": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/model.Classification", - "title": "classification info for the template", - "description": "Classification information for the template" - }, - "remediation": { - "type": "string", - "title": "remediation steps for the template", - "description": "In-depth explanation on how to fix the issues found by the template", - "examples": [ - "Change the default administrative username and password of Apache ActiveMQ by editing the file jetty-realm.properties" - ] - } - }, - "additionalProperties": false, - "type": "object" - }, - "severity.Holder": { - "enum": [ - "info", - "low", - "medium", - "high", - "critical", - "unknown" - ], - "type": "string", - "title": "severity of the template", - "description": "Seriousness of the implications of the template" - }, - "stringslice.RawStringSlice": { - "oneOf": [ - { - "type": "string" - }, - { - "type": "array" - } - ] - }, - "stringslice.StringSlice": { - "oneOf": [ - { - "type": "string" - }, - { - "type": "array" - } - ] - }, - "userAgent.UserAgentHolder": { - "enum": [ - "off", - "default", - "custom" - ], - "type": "string", - "title": "userAgent for the headless", - "description": "userAgent for the headless http request" - }, - "extractors.Extractor": { - "required": [ - "type" - ], + "Extractor": { "properties": { "name": { "type": "string", @@ -273,8 +79,7 @@ "description": "Name of the extractor" }, "type": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/extractors.ExtractorTypeHolder" + "$ref": "#/$defs/ExtractorTypeHolder" }, "regex": { "items": { @@ -343,611 +148,272 @@ } }, "additionalProperties": false, - "type": "object" + "type": "object", + "required": [ + "type" + ] }, - "extractors.ExtractorTypeHolder": { - "enum": [ - "regex", - "kval", - "xpath", - "json", - "dsl" - ], - "type": "string", - "title": "type of the extractor", - "description": "Type of the extractor" + "ExtractorTypeHolder": { + "properties": { + "ExtractorType": { + "type": "integer" + } + }, + "additionalProperties": false, + "type": "object", + "required": [ + "ExtractorType" + ] }, - "matchers.Matcher": { + "HTTPMethodTypeHolder": { + "properties": { + "MethodType": { + "type": "integer" + } + }, + "additionalProperties": false, + "type": "object", "required": [ - "type" + "MethodType" + ] + }, + "Holder": { + "type": "string", + "enum": [ + "info", + "low", + "medium", + "high", + "critical", + "unknown" ], + "title": "severity of the template", + "description": "Seriousness of the implications of the template" + }, + "Info": { "properties": { - "type": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/matchers.MatcherTypeHolder", - "title": "type of matcher", - "description": "Type of the matcher" + "name": { + "type": "string", + "title": "name of the template", + "description": "Name is a short summary of what the template does", + "examples": [ + "Nagios Default Credentials Check" + ] }, - "condition": { - "enum": [ - "and", - "or" + "author": { + "$ref": "#/$defs/StringOrSlice", + "oneOf": [ + { + "type": "string", + "examples": [ + "pdteam" + ] + }, + { + "type": "array", + "examples": [ + "pdteam,mr.robot" + ] + } ], - "type": "string", - "title": "condition between matcher variables", - "description": "Condition between the matcher variables" + "title": "author of the template", + "description": "Author is the author of the template" }, - "part": { - "type": "string", - "title": "part of response to match", - "description": "Part of response to match data from" + "tags": { + "$ref": "#/$defs/StringOrSlice", + "title": "tags of the template", + "description": "Any tags for the template" }, - "negative": { - "type": "boolean", - "title": "negative specifies if match reversed", - "description": "Negative specifies if the match should be reversed. It will only match if the condition is not true" - }, - "name": { - "type": "string", - "title": "name of the matcher", - "description": "Name of the matcher" - }, - "status": { - "items": { - "type": "integer" - }, - "type": "array", - "title": "status to match", - "description": "Status to match for the response" - }, - "size": { - "items": { - "type": "integer" - }, - "type": "array", - "title": "acceptable size for response", - "description": "Size is the acceptable size for the response" - }, - "words": { - "items": { - "type": "string" - }, - "type": "array", - "title": "words to match in response", - "description": " Words contains word patterns required to be present in the response part" - }, - "regex": { - "items": { - "type": "string" - }, - "type": "array", - "title": "regex to match in response", - "description": "Regex contains regex patterns required to be present in the response part" - }, - "binary": { - "items": { - "type": "string" - }, - "type": "array", - "title": "binary patterns to match in response", - "description": "Binary are the binary patterns required to be present in the response part" - }, - "dsl": { - "items": { - "type": "string" - }, - "type": "array", - "title": "dsl expressions to match in response", - "description": "DSL are the dsl expressions that will be evaluated as part of nuclei matching rules" - }, - "xpath": { - "items": { - "type": "string" - }, - "type": "array", - "title": "xpath queries to match in response", - "description": "xpath are the XPath queries that will be evaluated against the response part of nuclei matching rules" - }, - "encoding": { - "enum": [ - "hex" - ], + "description": { "type": "string", - "title": "encoding for word field", - "description": "Optional encoding for the word fields" - }, - "case-insensitive": { - "type": "boolean", - "title": "use case insensitive match", - "description": "use case insensitive match" - }, - "match-all": { - "type": "boolean", - "title": "match all values", - "description": "match all matcher values ignoring condition" - }, - "internal": { - "type": "boolean", - "title": "hide matcher from output", - "description": "hide matcher from output" - } - }, - "additionalProperties": false, - "type": "object" - }, - "matchers.MatcherTypeHolder": { - "enum": [ - "word", - "regex", - "binary", - "status", - "size", - "dsl", - "xpath" - ], - "type": "string", - "title": "type of the matcher", - "description": "Type of the matcher" - }, - "code.Request": { - "properties": { - "matchers": { - "items": { - "$ref": "#/definitions/matchers.Matcher" - }, - "type": "array", - "title": "matchers to run on response", - "description": "Detection mechanism to identify whether the request was successful by doing pattern matching" - }, - "extractors": { - "items": { - "$ref": "#/definitions/extractors.Extractor" - }, - "type": "array", - "title": "extractors to run on response", - "description": "Extractors contains the extraction mechanism for the request to identify and extract parts of the response" + "title": "description of the template", + "description": "In-depth explanation on what the template does", + "examples": [ + "Bower is a package manager which stores package information in the bower.json file" + ] }, - "matchers-condition": { - "enum": [ - "and", - "or" - ], + "impact": { "type": "string", - "title": "condition between the matchers", - "description": "Conditions between the matchers" + "title": "impact of the template", + "description": "In-depth explanation on the impact of the issue found by the template", + "examples": [ + "Successful exploitation of this vulnerability could allow an attacker to execute arbitrary SQL queries" + ] }, - "id": { - "type": "string", - "title": "id of the request", - "description": "ID is the optional ID of the Request" + "reference": { + "$ref": "#/$defs/StringOrSlice", + "title": "references for the template", + "description": "Links relevant to the template" }, - "engine": { - "items": { - "type": "string" - }, - "type": "array", - "title": "engine", - "description": "Engine" + "severity": { + "$ref": "#/$defs/Holder" }, - "args": { - "items": { - "type": "string" - }, - "type": "array", - "title": "args", - "description": "Args" + "metadata": { + "type": "object", + "title": "additional metadata for the template", + "description": "Additional metadata fields for the template" }, - "pattern": { - "type": "string", - "title": "pattern", - "description": "Pattern" + "classification": { + "$ref": "#/$defs/Classification", + "type": "object", + "title": "classification info for the template", + "description": "Classification information for the template" }, - "source": { + "remediation": { "type": "string", - "title": "source file/snippet", - "description": "Source snippet" + "title": "remediation steps for the template", + "description": "In-depth explanation on how to fix the issues found by the template", + "examples": [ + "Change the default administrative username and password of Apache ActiveMQ by editing the file jetty-realm.properties" + ] } }, "additionalProperties": false, - "type": "object" - }, - "generators.AttackTypeHolder": { - "enum": [ - "batteringram", - "pitchfork", - "clusterbomb" - ], - "type": "string", - "title": "type of the attack", - "description": "Type of the attack" - }, - "variables.Variable": { - "additionalProperties": true, "type": "object", - "title": "variables for the request", - "description": "Additional variables for the request" - }, - "dns.DNSRequestTypeHolder": { - "enum": [ - "A", - "NS", - "DS", - "CNAME", - "SOA", - "PTR", - "MX", - "TXT", - "AAAA", - "CAA", - "TLSA", - "ANY" - ], - "type": "string", - "title": "type of DNS request to make", - "description": "Type is the type of DNS request to make" + "required": [ + "name", + "author" + ] }, - "dns.Request": { + "Matcher": { "properties": { - "matchers": { - "items": { - "$ref": "#/definitions/matchers.Matcher" - }, - "type": "array", - "title": "matchers to run on response", - "description": "Detection mechanism to identify whether the request was successful by doing pattern matching" - }, - "extractors": { - "items": { - "$ref": "#/definitions/extractors.Extractor" - }, - "type": "array", - "title": "extractors to run on response", - "description": "Extractors contains the extraction mechanism for the request to identify and extract parts of the response" + "type": { + "$ref": "#/$defs/MatcherTypeHolder", + "title": "type of matcher", + "description": "Type of the matcher" }, - "matchers-condition": { + "condition": { + "type": "string", "enum": [ "and", "or" ], - "type": "string", - "title": "condition between the matchers", - "description": "Conditions between the matchers" - }, - "id": { - "type": "string", - "title": "id of the dns request", - "description": "ID is the optional ID of the DNS Request" - }, - "name": { - "type": "string", - "title": "hostname to make dns request for", - "description": "Name is the Hostname to make DNS request for" - }, - "type": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/dns.DNSRequestTypeHolder", - "title": "type of dns request to make", - "description": "Type is the type of DNS request to make" + "title": "condition between matcher variables", + "description": "Condition between the matcher variables" }, - "class": { - "enum": [ - "inet", - "csnet", - "chaos", - "hesiod", - "none", - "any" - ], + "part": { "type": "string", - "title": "class of DNS request", - "description": "Class is the class of the DNS request" - }, - "retries": { - "type": "integer", - "title": "retries for dns request", - "description": "Retries is the number of retries for the DNS request" - }, - "trace": { - "type": "boolean", - "title": "trace operation", - "description": "Trace performs a trace operation for the target." - }, - "trace-max-recursion": { - "type": "integer", - "title": "trace-max-recursion level for dns request", - "description": "TraceMaxRecursion is the number of max recursion allowed for trace operations" - }, - "attack": { - "$ref": "#/definitions/generators.AttackTypeHolder", - "title": "attack is the payload combination", - "description": "Attack is the type of payload combinations to perform" - }, - "payloads": { - "patternProperties": { - ".*": { - "additionalProperties": true - } - }, - "type": "object", - "title": "payloads for the network request", - "description": "Payloads contains any payloads for the current request" - }, - "threads": { - "type": "integer", - "title": "threads for sending requests", - "description": "Threads specifies number of threads to use sending requests. This enables Connection Pooling" + "title": "part of response to match", + "description": "Part of response to match data from" }, - "recursion": { + "negative": { "type": "boolean", - "title": "recurse all servers", - "description": "Recursion determines if resolver should recurse all records to get fresh results" + "title": "negative specifies if match reversed", + "description": "Negative specifies if the match should be reversed. It will only match if the condition is not true" }, - "resolvers": { - "items": { - "type": "string" - }, - "type": "array", - "title": "Resolvers", - "description": "Define resolvers to use within the template" - } - }, - "additionalProperties": false, - "type": "object" - }, - "file.Request": { - "properties": { - "matchers": { - "items": { - "$ref": "#/definitions/matchers.Matcher" - }, - "type": "array", - "title": "matchers to run on response", - "description": "Detection mechanism to identify whether the request was successful by doing pattern matching" + "name": { + "type": "string", + "title": "name of the matcher", + "description": "Name of the matcher" }, - "extractors": { + "status": { "items": { - "$ref": "#/definitions/extractors.Extractor" + "type": "integer" }, "type": "array", - "title": "extractors to run on response", - "description": "Extractors contains the extraction mechanism for the request to identify and extract parts of the response" - }, - "matchers-condition": { - "enum": [ - "and", - "or" - ], - "type": "string", - "title": "condition between the matchers", - "description": "Conditions between the matchers" + "title": "status to match", + "description": "Status to match for the response" }, - "extensions": { + "size": { "items": { - "type": "string" + "type": "integer" }, "type": "array", - "title": "extensions to match", - "description": "List of extensions to perform matching on" + "title": "acceptable size for response", + "description": "Size is the acceptable size for the response" }, - "denylist": { + "words": { "items": { "type": "string" }, - "type": "array", - "title": "denylist", - "description": "List of files" - }, - "id": { - "type": "string", - "title": "id of the request", - "description": "ID is the optional ID for the request" - }, - "max-size": { - "type": "string", - "title": "max size data to run request on", - "description": "Maximum size of the file to run request on" - }, - "archive": { - "type": "boolean", - "title": "enable archives", - "description": "Process compressed archives without unpacking" - }, - "mime-type": { - "type": "boolean", - "title": "enable filtering by mime-type", - "description": "Filter files by mime-type" - }, - "no-recursive": { - "type": "boolean", - "title": "do not perform recursion", - "description": "Specifies whether to not do recursive checks if folders are provided" - } - }, - "additionalProperties": false, - "type": "object" - }, - "headless.Request": { - "properties": { - "id": { - "type": "string", - "title": "id of the request", - "description": "Optional ID of the headless request" - }, - "attack": { - "$ref": "#/definitions/generators.AttackTypeHolder", - "title": "attack is the payload combination", - "description": "Attack is the type of payload combinations to perform" - }, - "payloads": { - "patternProperties": { - ".*": { - "additionalProperties": true - } - }, - "type": "object", - "title": "payloads for the headless request", - "description": "Payloads contains any payloads for the current request" + "type": "array", + "title": "words to match in response", + "description": " Words contains word patterns required to be present in the response part" }, - "steps": { + "regex": { "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/engine.Action" + "type": "string" }, "type": "array", - "title": "list of actions for headless request", - "description": "List of actions to run for headless request" - }, - "user_agent": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/userAgent.UserAgentHolder", - "title": "user agent for the headless request", - "description": "User agent for the headless request" - }, - "custom_user_agent": { - "type": "string", - "title": "custom user agent for the headless request", - "description": "Custom user agent for the headless request" + "title": "regex to match in response", + "description": "Regex contains regex patterns required to be present in the response part" }, - "stop-at-first-match": { - "type": "boolean", - "title": "stop at first match", - "description": "Stop the execution after a match is found" + "binary": { + "items": { + "type": "string" + }, + "type": "array", + "title": "binary patterns to match in response", + "description": "Binary are the binary patterns required to be present in the response part" }, - "matchers": { + "dsl": { "items": { - "$ref": "#/definitions/matchers.Matcher" + "type": "string" }, "type": "array", - "title": "matchers to run on response", - "description": "Detection mechanism to identify whether the request was successful by doing pattern matching" + "title": "dsl expressions to match in response", + "description": "DSL are the dsl expressions that will be evaluated as part of nuclei matching rules" }, - "extractors": { + "xpath": { "items": { - "$ref": "#/definitions/extractors.Extractor" + "type": "string" }, "type": "array", - "title": "extractors to run on response", - "description": "Extractors contains the extraction mechanism for the request to identify and extract parts of the response" + "title": "xpath queries to match in response", + "description": "xpath are the XPath queries that will be evaluated against the response part of nuclei matching rules" }, - "matchers-condition": { + "encoding": { + "type": "string", "enum": [ - "and", - "or" + "hex" ], - "type": "string", - "title": "condition between the matchers", - "description": "Conditions between the matchers" + "title": "encoding for word field", + "description": "Optional encoding for the word fields" }, - "fuzzing": { - "items": { - "$ref": "#/definitions/fuzz.Rule" - }, - "type": "array", - "title": "fuzzin rules for http fuzzing", - "description": "Fuzzing describes rule schema to fuzz headless requests" + "case-insensitive": { + "type": "boolean", + "title": "use case insensitive match", + "description": "use case insensitive match" }, - "cookie-reuse": { + "match-all": { "type": "boolean", - "title": "optional cookie reuse enable", - "description": "Optional setting that enables cookie reuse" + "title": "match all values", + "description": "match all matcher values ignoring condition" }, - "disable-cookie": { + "internal": { "type": "boolean", - "title": "optional disable cookie reuse", - "description": "Optional setting that disables cookie reuse" + "title": "hide matcher from output", + "description": "hide matcher from output" } }, "additionalProperties": false, - "type": "object" - }, - "engine.Action": { + "type": "object", "required": [ - "action" - ], + "type" + ] + }, + "MatcherTypeHolder": { "properties": { - "args": { - "patternProperties": { - ".*": { - "type": "string" - } - }, - "type": "object", - "title": "arguments for headless action", - "description": "Args contain arguments for the headless action" - }, - "name": { - "type": "string", - "title": "name for headless action", - "description": "Name is the name assigned to the headless action" - }, - "description": { - "type": "string", - "title": "description for headless action", - "description": "Description of the headless action" - }, - "action": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/engine.ActionTypeHolder", - "title": "action to perform", - "description": "Type of actions to perform" + "MatcherType": { + "type": "integer" } }, "additionalProperties": false, - "type": "object" - }, - "engine.ActionTypeHolder": { - "enum": [ - "navigate", - "script", - "click", - "rightclick", - "text", - "screenshot", - "time", - "select", - "files", - "waitload", - "getresource", - "extract", - "setmethod", - "addheader", - "setheader", - "deleteheader", - "setbody", - "waitevent", - "keyboard", - "debug", - "sleep", - "waitvisible" - ], - "type": "string", - "title": "action to perform", - "description": "Type of actions to perform" + "type": "object", + "required": [ + "MatcherType" + ] }, - "http.HTTPMethodTypeHolder": { - "enum": [ - "GET", - "HEAD", - "POST", - "PUT", - "DELETE", - "CONNECT", - "OPTIONS", - "TRACE", - "PATCH", - "PURGE", - "DEBUG" - ], - "type": "string", - "title": "method is the HTTP request method", - "description": "Method is the HTTP Request Method" + "OrderedMap[string,string]": { + "properties": {}, + "additionalProperties": false, + "type": "object" }, - "http.Request": { + "Request": { "properties": { "matchers": { "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/matchers.Matcher" + "$ref": "#/$defs/Matcher" }, "type": "array", "title": "matchers to run on response", @@ -955,19 +421,18 @@ }, "extractors": { "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/extractors.Extractor" + "$ref": "#/$defs/Extractor" }, "type": "array", "title": "extractors to run on response", "description": "Extractors contains the extraction mechanism for the request to identify and extract parts of the response" }, "matchers-condition": { + "type": "string", "enum": [ "and", "or" ], - "type": "string", "title": "condition between the matchers", "description": "Conditions between the matchers" }, @@ -997,14 +462,12 @@ "description": "Optional name for the HTTP Request" }, "attack": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/generators.AttackTypeHolder", + "$ref": "#/$defs/AttackTypeHolder", "title": "attack is the payload combination", "description": "Attack is the type of payload combinations to perform" }, "method": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/http.HTTPMethodTypeHolder", + "$ref": "#/$defs/HTTPMethodTypeHolder", "title": "method is the http request method", "description": "Method is the HTTP Request Method" }, @@ -1014,20 +477,13 @@ "description": "Body is an optional parameter which contains HTTP Request body" }, "payloads": { - "patternProperties": { - ".*": { - "additionalProperties": true - } - }, "type": "object", "title": "payloads for the http request", "description": "Payloads contains any payloads for the current request" }, "headers": { - "patternProperties": { - ".*": { - "type": "string" - } + "additionalProperties": { + "type": "string" }, "type": "object", "title": "headers to send with the http request", @@ -1065,8 +521,7 @@ }, "fuzzing": { "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/fuzz.Rule" + "$ref": "#/$defs/Rule" }, "type": "array", "title": "fuzzin rules for http fuzzing", @@ -1076,8 +531,7 @@ "type": "boolean" }, "signature": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/http.SignatureTypeHolder", + "$ref": "#/$defs/SignatureTypeHolder", "title": "signature is the http request signature method", "description": "Signature is the HTTP Request signature Method" }, @@ -1136,524 +590,167 @@ "title": "skip variable checks", "description": "Skips the check for unresolved variables in request" }, - "iterate-all": { - "type": "boolean", - "title": "iterate all the values", - "description": "Iterates all the values extracted from internal extractors" - }, - "digest-username": { - "type": "string", - "title": "specifies the username for digest authentication", - "description": "Optional parameter which specifies the username for digest auth" - }, - "digest-password": { - "type": "string", - "title": "specifies the password for digest authentication", - "description": "Optional parameter which specifies the password for digest auth" - }, - "disable-path-automerge": { - "type": "boolean", - "title": "disable auto merging of path", - "description": "Disable merging target url path with raw request path" - }, - "filters": { - "items": { - "$ref": "#/definitions/matchers.Matcher" - }, - "type": "array", - "title": "filter for fuzzing", - "description": "Filter is matcher-like field to check if fuzzing should be performed on this request or not" - }, - "filters-condition": { - "enum": [ - "and", - "or" - ], - "type": "string", - "title": "condition between the filters", - "description": "Conditions between the filters" - } - }, - "additionalProperties": false, - "type": "object" - }, - "http.SignatureTypeHolder": { - "enum": [ - "AWS" - ], - "type": "string", - "title": "type of the signature", - "description": "Type of the signature" - }, - "javascript.Request": { - "properties": { - "matchers": { - "items": { - "$ref": "#/definitions/matchers.Matcher" - }, - "type": "array", - "title": "matchers to run on response", - "description": "Detection mechanism to identify whether the request was successful by doing pattern matching" - }, - "extractors": { - "items": { - "$ref": "#/definitions/extractors.Extractor" - }, - "type": "array", - "title": "extractors to run on response", - "description": "Extractors contains the extraction mechanism for the request to identify and extract parts of the response" - }, - "matchers-condition": { - "enum": [ - "and", - "or" - ], - "type": "string", - "title": "condition between the matchers", - "description": "Conditions between the matchers" - }, - "id": { - "type": "string", - "title": "id of the request", - "description": "ID is the optional ID of the Request" - }, - "init": { - "type": "string", - "title": "init javascript code", - "description": "Init is the javascript code to execute after compiling template" - }, - "pre-condition": { - "type": "string", - "title": "pre-condition for the request", - "description": "PreCondition is a condition which is evaluated before sending the request" - }, - "args": { - "patternProperties": { - ".*": { - "additionalProperties": true - } - }, - "type": "object" - }, - "code": { - "type": "string", - "title": "code to execute in javascript", - "description": "Executes inline javascript code for the request" - }, - "timeout": { - "type": "integer", - "title": "timeout for javascript execution", - "description": "Timeout in seconds is optional timeout for entire javascript script execution" - }, - "stop-at-first-match": { - "type": "boolean", - "title": "stop at first match", - "description": "Stop the execution after a match is found" - }, - "attack": { - "$ref": "#/definitions/generators.AttackTypeHolder", - "title": "attack is the payload combination", - "description": "Attack is the type of payload combinations to perform" - }, - "threads": { - "type": "integer", - "title": "threads for sending requests", - "description": "Threads specifies number of threads to use sending requests. This enables Connection Pooling" - }, - "payloads": { - "patternProperties": { - ".*": { - "additionalProperties": true - } - }, - "type": "object", - "title": "payloads for the webosocket request", - "description": "Payloads contains any payloads for the current request" - } - }, - "additionalProperties": false, - "type": "object" - }, - "network.Input": { - "properties": { - "data": { - "type": "string", - "title": "data to send as input", - "description": "Data is the data to send as the input" - }, - "type": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/network.NetworkInputTypeHolder", - "title": "type is the type of input data", - "description": "Type of input specified in data field" - }, - "read": { - "type": "integer", - "title": "bytes to read from socket", - "description": "Number of bytes to read from socket" - }, - "name": { - "type": "string", - "title": "optional name for data read", - "description": "Optional name of the data read to provide matching on" - } - }, - "additionalProperties": false, - "type": "object" - }, - "network.NetworkInputTypeHolder": { - "enum": [ - "hex", - "text" - ], - "type": "string", - "title": "type is the type of input data", - "description": "description=Type of input specified in data field" - }, - "network.Request": { - "properties": { - "id": { - "type": "string", - "title": "id of the request", - "description": "ID of the network request" - }, - "host": { - "items": { - "type": "string" - }, - "type": "array", - "title": "host to send requests to", - "description": "Host to send network requests to" - }, - "attack": { - "$ref": "#/definitions/generators.AttackTypeHolder", - "title": "attack is the payload combination", - "description": "Attack is the type of payload combinations to perform" - }, - "payloads": { - "patternProperties": { - ".*": { - "additionalProperties": true - } - }, - "type": "object", - "title": "payloads for the network request", - "description": "Payloads contains any payloads for the current request" - }, - "threads": { - "type": "integer", - "title": "threads for sending requests", - "description": "Threads specifies number of threads to use sending requests. This enables Connection Pooling" - }, - "inputs": { - "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/network.Input" - }, - "type": "array", - "title": "inputs for the network request", - "description": "Inputs contains any input/output for the current request" - }, - "port": { - "type": "string", - "title": "port to send requests to", - "description": "Port to send network requests to" + "iterate-all": { + "type": "boolean", + "title": "iterate all the values", + "description": "Iterates all the values extracted from internal extractors" }, - "exclude-ports": { + "digest-username": { "type": "string", - "title": "exclude ports from being scanned", - "description": "Exclude ports from being scanned" + "title": "specifies the username for digest authentication", + "description": "Optional parameter which specifies the username for digest auth" }, - "read-size": { - "type": "integer", - "title": "size of network response to read", - "description": "Size of response to read at the end. Default is 1024 bytes" + "digest-password": { + "type": "string", + "title": "specifies the password for digest authentication", + "description": "Optional parameter which specifies the password for digest auth" }, - "read-all": { + "disable-path-automerge": { "type": "boolean", - "title": "read all response stream", - "description": "Read all response stream till the server stops sending" - }, - "matchers": { - "items": { - "$ref": "#/definitions/matchers.Matcher" - }, - "type": "array", - "title": "matchers to run on response", - "description": "Detection mechanism to identify whether the request was successful by doing pattern matching" + "title": "disable auto merging of path", + "description": "Disable merging target url path with raw request path" }, - "extractors": { + "filter": { "items": { - "$ref": "#/definitions/extractors.Extractor" + "$ref": "#/$defs/Matcher" }, "type": "array", - "title": "extractors to run on response", - "description": "Extractors contains the extraction mechanism for the request to identify and extract parts of the response" + "title": "filter for fuzzing", + "description": "Filter is matcher-like field to check if fuzzing should be performed on this request or not" }, - "matchers-condition": { + "filter-condition": { + "type": "string", "enum": [ "and", "or" ], - "type": "string", - "title": "condition between the matchers", - "description": "Conditions between the matchers" + "title": "condition between the filters", + "description": "Conditions between the filters" } }, "additionalProperties": false, "type": "object" }, - "ssl.Request": { + "Rule": { "properties": { - "matchers": { - "items": { - "$ref": "#/definitions/matchers.Matcher" - }, - "type": "array", - "title": "matchers to run on response", - "description": "Detection mechanism to identify whether the request was successful by doing pattern matching" - }, - "extractors": { - "items": { - "$ref": "#/definitions/extractors.Extractor" - }, - "type": "array", - "title": "extractors to run on response", - "description": "Extractors contains the extraction mechanism for the request to identify and extract parts of the response" - }, - "matchers-condition": { + "type": { + "type": "string", "enum": [ - "and", - "or" + "replace", + "prefix", + "postfix", + "infix", + "replace-regex" ], - "type": "string", - "title": "condition between the matchers", - "description": "Conditions between the matchers" - }, - "id": { - "type": "string", - "title": "id of the request", - "description": "ID of the request" + "title": "type of rule", + "description": "Type of fuzzing rule to perform" }, - "address": { + "part": { "type": "string", - "title": "address for the ssl request", - "description": "Address contains address for the request" - }, - "min_version": { "enum": [ - "sslv3", - "tls10", - "tls11", - "tls12", - "tls13" + "query", + "header", + "path", + "body", + "cookie", + "request" ], - "type": "string", - "title": "Min. TLS version", - "description": "Minimum tls version - automatic if not specified." + "title": "part of rule", + "description": "Part of request rule to fuzz" }, - "max_version": { + "mode": { + "type": "string", "enum": [ - "sslv3", - "tls10", - "tls11", - "tls12", - "tls13" + "single", + "multiple" ], - "type": "string", - "title": "Max. TLS version", - "description": "Max tls version - automatic if not specified." + "title": "mode of rule", + "description": "Mode of request rule to fuzz" }, - "cipher_suites": { + "keys": { "items": { "type": "string" }, - "type": "array" - }, - "scan_mode": { - "enum": [ - "ctls", - "ztls", - "auto" - ], - "type": "string", - "title": "Scan Mode", - "description": "Scan Mode - auto if not specified." - }, - "tls_version_enum": { - "type": "boolean", - "title": "Enumerate Versions", - "description": "Enumerate Version - false if not specified" + "type": "array", + "title": "keys of parameters to fuzz", + "description": "Keys of parameters to fuzz" }, - "tls_cipher_enum": { - "type": "boolean", - "title": "Enumerate Ciphers", - "description": "Enumerate Ciphers - false if not specified" + "keys-regex": { + "items": { + "type": "string" + }, + "type": "array", + "title": "keys regex to fuzz", + "description": "Regex of parameter keys to fuzz" }, - "tls_cipher_types": { + "values": { "items": { - "enum": [ - "weak", - "secure", - "insecure", - "all" - ], "type": "string" }, "type": "array", - "title": "TLS Cipher Types", - "description": "TLS Cipher Types to enumerate" + "title": "values regex to fuzz", + "description": "Regex of parameter values to fuzz" + }, + "fuzz": { + "$ref": "#/$defs/SliceOrMapSlice", + "title": "payloads of fuzz rule", + "description": "Payloads to perform fuzzing substitutions with" + }, + "replace-regex": { + "type": "string", + "title": "replace regex of rule", + "description": "Regex for regex-replace rule type" } }, "additionalProperties": false, "type": "object" }, - "websocket.Input": { + "SignatureTypeHolder": { "properties": { - "data": { - "type": "string", - "title": "data to send as input", - "description": "Data is the data to send as the input" - }, - "name": { - "type": "string", - "title": "optional name for data read", - "description": "Optional name of the data read to provide matching on" + "Value": { + "type": "integer" } }, "additionalProperties": false, - "type": "object" + "type": "object", + "required": [ + "Value" + ] }, - "websocket.Request": { + "SliceOrMapSlice": { "properties": { - "matchers": { - "items": { - "$ref": "#/definitions/matchers.Matcher" - }, - "type": "array", - "title": "matchers to run on response", - "description": "Detection mechanism to identify whether the request was successful by doing pattern matching" - }, - "extractors": { - "items": { - "$ref": "#/definitions/extractors.Extractor" - }, - "type": "array", - "title": "extractors to run on response", - "description": "Extractors contains the extraction mechanism for the request to identify and extract parts of the response" - }, - "matchers-condition": { - "enum": [ - "and", - "or" - ], - "type": "string", - "title": "condition between the matchers", - "description": "Conditions between the matchers" - }, - "id": { - "type": "string", - "title": "id of the request", - "description": "ID of the network request" - }, - "address": { - "type": "string", - "title": "address for the websocket request", - "description": "Address contains address for the request" - }, - "inputs": { + "Value": { "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/websocket.Input" - }, - "type": "array", - "title": "inputs for the websocket request", - "description": "Inputs contains any input/output for the current request" - }, - "headers": { - "patternProperties": { - ".*": { - "type": "string" - } + "type": "string" }, - "type": "object", - "title": "headers contains the request headers", - "description": "Headers contains headers for the request" - }, - "attack": { - "$ref": "#/definitions/generators.AttackTypeHolder", - "title": "attack is the payload combination", - "description": "Attack is the type of payload combinations to perform" + "type": "array" }, - "payloads": { - "patternProperties": { - ".*": { - "additionalProperties": true - } - }, - "type": "object", - "title": "payloads for the websocket request", - "description": "Payloads contains any payloads for the current request" + "KV": { + "$ref": "#/$defs/OrderedMap[string,string]" } }, "additionalProperties": false, - "type": "object" + "type": "object", + "required": [ + "Value", + "KV" + ] }, - "whois.Request": { - "properties": { - "matchers": { - "items": { - "$ref": "#/definitions/matchers.Matcher" - }, - "type": "array", - "title": "matchers to run on response", - "description": "Detection mechanism to identify whether the request was successful by doing pattern matching" - }, - "extractors": { - "items": { - "$ref": "#/definitions/extractors.Extractor" - }, - "type": "array", - "title": "extractors to run on response", - "description": "Extractors contains the extraction mechanism for the request to identify and extract parts of the response" - }, - "matchers-condition": { - "enum": [ - "and", - "or" - ], - "type": "string", - "title": "condition between the matchers", - "description": "Conditions between the matchers" - }, - "id": { - "type": "string", - "title": "id of the request", - "description": "ID of the network request" - }, - "query": { - "type": "string", - "title": "query for the WHOIS request", - "description": "Query contains query for the request" + "StringOrSlice": { + "oneOf": [ + { + "type": "string" }, - "server": { - "type": "string", - "title": "server url to execute the WHOIS request on", - "description": "Server contains the server url to execute the WHOIS request on" + { + "type": "array" } - }, - "additionalProperties": false, - "type": "object" + ] }, - "templates.Template": { - "required": [ - "id", - "info" - ], + "Template": { "properties": { "id": { - "pattern": "^([a-zA-Z0-9]+[-_])*[a-zA-Z0-9]+$", "type": "string", + "pattern": "^([a-zA-Z0-9]+[-_])*[a-zA-Z0-9]+$", "title": "id of the template", "description": "The Unique ID for the template", "examples": [ @@ -1661,20 +758,22 @@ ] }, "info": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/model.Info", + "$ref": "#/$defs/Info", + "type": "object", "title": "info for the template", "description": "Info contains metadata for the template" }, "flow": { "type": "string", "title": "template execution flow in js", - "description": "Flow contains js code which defines how the template should be executed" + "description": "Flow contains js code which defines how the template should be executed", + "examples": [ + "'flow: http(0) \u0026\u0026 http(1)'" + ] }, "requests": { "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/http.Request" + "$ref": "#/$defs/Request" }, "type": "array", "title": "http requests to make", @@ -1682,7 +781,7 @@ }, "http": { "items": { - "$ref": "#/definitions/http.Request" + "$ref": "#/$defs/Request" }, "type": "array", "title": "http requests to make", @@ -1690,8 +789,7 @@ }, "dns": { "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/dns.Request" + "$ref": "#/$defs/Request" }, "type": "array", "title": "dns requests to make", @@ -1699,8 +797,7 @@ }, "file": { "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/file.Request" + "$ref": "#/$defs/Request" }, "type": "array", "title": "file requests to make", @@ -1708,8 +805,7 @@ }, "network": { "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/network.Request" + "$ref": "#/$defs/Request" }, "type": "array", "title": "network requests to make", @@ -1717,7 +813,7 @@ }, "tcp": { "items": { - "$ref": "#/definitions/network.Request" + "$ref": "#/$defs/Request" }, "type": "array", "title": "network(tcp) requests to make", @@ -1725,8 +821,7 @@ }, "headless": { "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/headless.Request" + "$ref": "#/$defs/Request" }, "type": "array", "title": "headless requests to make", @@ -1734,8 +829,7 @@ }, "ssl": { "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/ssl.Request" + "$ref": "#/$defs/Request" }, "type": "array", "title": "ssl requests to make", @@ -1743,8 +837,7 @@ }, "websocket": { "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/websocket.Request" + "$ref": "#/$defs/Request" }, "type": "array", "title": "websocket requests to make", @@ -1752,8 +845,7 @@ }, "whois": { "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/whois.Request" + "$ref": "#/$defs/Request" }, "type": "array", "title": "whois requests to make", @@ -1761,8 +853,7 @@ }, "code": { "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/code.Request" + "$ref": "#/$defs/Request" }, "type": "array", "title": "code snippets to make", @@ -1770,8 +861,7 @@ }, "javascript": { "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/javascript.Request" + "$ref": "#/$defs/Request" }, "type": "array", "title": "javascript requests to make", @@ -1779,8 +869,7 @@ }, "workflows": { "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/workflows.WorkflowTemplate" + "$ref": "#/$defs/WorkflowTemplate" }, "type": "array", "title": "list of workflows to execute", @@ -1797,59 +886,35 @@ "description": "Stop at first match for the template" }, "signature": { - "$ref": "#/definitions/http.SignatureTypeHolder", + "$ref": "#/$defs/SignatureTypeHolder", "title": "signature is the http request signature method", "description": "Signature is the HTTP Request signature Method" }, "variables": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/variables.Variable", + "$ref": "#/$defs/Variable", + "type": "object", "title": "variables for the http request", "description": "Variables contains any variables for the current request" }, "constants": { - "patternProperties": { - ".*": { - "additionalProperties": true - } - }, "type": "object", "title": "constant for the template", "description": "constants contains any constant for the template" } }, "additionalProperties": false, - "type": "object" + "type": "object", + "required": [ + "id", + "info" + ] }, - "workflows.Matcher": { - "properties": { - "name": { - "$ref": "#/definitions/stringslice.StringSlice", - "title": "name of items to match", - "description": "Name of items to match" - }, - "condition": { - "enum": [ - "and", - "or" - ], - "type": "string", - "title": "condition between names", - "description": "Condition between the names" - }, - "subtemplates": { - "items": { - "$ref": "#/definitions/workflows.WorkflowTemplate" - }, - "type": "array", - "title": "templates to run after match", - "description": "Templates to run after match" - } - }, + "Variable": { + "properties": {}, "additionalProperties": false, "type": "object" }, - "workflows.WorkflowTemplate": { + "WorkflowTemplate": { "properties": { "template": { "type": "string", @@ -1857,14 +922,13 @@ "description": "Template or directory to execute as part of workflow" }, "tags": { - "$ref": "#/definitions/stringslice.StringSlice", + "$ref": "#/$defs/StringOrSlice", "title": "tags to execute", "description": "Tags to run template based on" }, "matchers": { "items": { - "$schema": "http://json-schema.org/draft-04/schema#", - "$ref": "#/definitions/workflows.Matcher" + "$ref": "#/$defs/Matcher" }, "type": "array", "title": "name based template result matchers", @@ -1872,7 +936,7 @@ }, "subtemplates": { "items": { - "$ref": "#/definitions/workflows.WorkflowTemplate" + "$ref": "#/$defs/WorkflowTemplate" }, "type": "array", "title": "subtemplate based result matchers", @@ -1881,11 +945,6 @@ }, "additionalProperties": false, "type": "object" - }, - "github.com/projectdiscovery/utils/maps.OrderedMap[string,string]": { - "properties": {}, - "additionalProperties": false, - "type": "object" } } }