v3.2.3
Important
Nuclei Templates for dynamic application security testing (DAST), which were maintained in a separate project at fuzzing-templates, are now being moved to the nuclei-templates project. This way, they can be made available for use with the default nuclei installation with the upcoming release of the template project. These templates will be disabled as default but can be used with the -dast
option.
More information of fuzzing support: https://blog.projectdiscovery.io/nuclei-fuzzing-for-unknown-vulnerabilities/
What's Changed
- Added
-dast
option to run all and only dast (fuzz) templates by @tarunKoyalwar in #4941 - Added
pre-condition
attribute in Code and DAST templates by @tarunKoyalwar in #4966 - Fixed multiple panic crash by @tarunKoyalwar in #4978
- Fixed multiple issues with query parameter fuzzing by @tarunKoyalwar in #4925
- Fixed issue with
{{interactsh-url}}
variable not working with nested variables by @tarunKoyalwar in #4941 - Fixed issue with
-ms
option for templates using flow by @tarunKoyalwar in #4978 - Fixed issue with
-ms
option generating blank target & template by @tarunKoyalwar in #4969 - Fixed issue with sarif version by @tibbon in #4976
- Fixed issue
-no-color
output by @dogancanbakir in #4954 - Updated outdated JSONSchema library by @kchason in #4943
New Contributors
Full Changelog: v3.2.2...v3.2.3