diff --git a/DESIGN.md b/DESIGN.md index 788e9a3f44..4801415a22 100644 --- a/DESIGN.md +++ b/DESIGN.md @@ -261,108 +261,6 @@ engine.SetExecuterOptions(executerOpts) results := engine.ExecuteWithOpts(finalTemplates, r.hmapInputProvider, true) ``` -### Using Nuclei From Go Code - -An example of using Nuclei From Go Code to run templates on targets is provided below. - -```go -package main - -import ( - "context" - "fmt" - "log" - "os" - "path" - "time" - - "github.com/logrusorgru/aurora" - - "github.com/projectdiscovery/goflags" - "github.com/projectdiscovery/nuclei/v2/pkg/catalog/config" - "github.com/projectdiscovery/nuclei/v2/pkg/catalog/disk" - "github.com/projectdiscovery/nuclei/v2/pkg/catalog/loader" - "github.com/projectdiscovery/nuclei/v2/pkg/core" - "github.com/projectdiscovery/nuclei/v2/pkg/core/inputs" - "github.com/projectdiscovery/nuclei/v2/pkg/output" - "github.com/projectdiscovery/nuclei/v2/pkg/parsers" - "github.com/projectdiscovery/nuclei/v2/pkg/protocols" - "github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/hosterrorscache" - "github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/interactsh" - "github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/protocolinit" - "github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/protocolstate" - "github.com/projectdiscovery/nuclei/v2/pkg/reporting" - "github.com/projectdiscovery/nuclei/v2/pkg/testutils" - "github.com/projectdiscovery/nuclei/v2/pkg/types" - "github.com/projectdiscovery/ratelimit" -) - -func main() { - cache := hosterrorscache.New(30, hosterrorscache.DefaultMaxHostsCount) - defer cache.Close() - - mockProgress := &testutils.MockProgressClient{} - reportingClient, _ := reporting.New(&reporting.Options{}, "") - defer reportingClient.Close() - - outputWriter := testutils.NewMockOutputWriter() - outputWriter.WriteCallback = func(event *output.ResultEvent) { - fmt.Printf("Got Result: %v\n", event) - } - - defaultOpts := types.DefaultOptions() - protocolstate.Init(defaultOpts) - protocolinit.Init(defaultOpts) - - defaultOpts.Templates = goflags.StringSlice{"dns/cname-service.yaml"} - defaultOpts.ExcludeTags = config.ReadIgnoreFile().Tags - - interactOpts := interactsh.NewDefaultOptions(outputWriter, reportingClient, mockProgress) - interactClient, err := interactsh.New(interactOpts) - if err != nil { - log.Fatalf("Could not create interact client: %s\n", err) - } - defer interactClient.Close() - - home, _ := os.UserHomeDir() - catalog := disk.NewCatalog(path.Join(home, "nuclei-templates")) - executerOpts := protocols.ExecuterOptions{ - Output: outputWriter, - Options: defaultOpts, - Progress: mockProgress, - Catalog: catalog, - IssuesClient: reportingClient, - RateLimiter: ratelimit.New(context.Background(), 150, time.Second), - Interactsh: interactClient, - HostErrorsCache: cache, - Colorizer: aurora.NewAurora(true), - ResumeCfg: types.NewResumeCfg(), - } - engine := core.New(defaultOpts) - engine.SetExecuterOptions(executerOpts) - - workflowLoader, err := parsers.NewLoader(&executerOpts) - if err != nil { - log.Fatalf("Could not create workflow loader: %s\n", err) - } - executerOpts.WorkflowLoader = workflowLoader - - configObject, err := config.ReadConfiguration() - if err != nil { - log.Fatalf("Could not read config: %s\n", err) - } - store, err := loader.New(loader.NewConfig(defaultOpts, configObject, catalog, executerOpts)) - if err != nil { - log.Fatalf("Could not create loader client: %s\n", err) - } - store.Load() - - input := &inputs.SimpleInputProvider{Inputs: []string{"docs.hackerone.com"}} - _ = engine.Execute(store.Templates(), input) - engine.WorkPool().Wait() // Wait for the scan to finish -} -``` - ### Adding a New Protocol Protocols form the core of Nuclei Engine. All the request types like `http`, `dns`, etc. are implemented in form of protocol requests. diff --git a/README.md b/README.md index 5449a4da3f..8dab51cf09 100644 --- a/README.md +++ b/README.md @@ -338,6 +338,109 @@ We have [a discussion thread around this](https://github.com/projectdiscovery/nu Learn More +### Using Nuclei From Go Code + +An example of using Nuclei From Go Code to run templates on targets is provided below. + +```go +package main + +import ( + "context" + "fmt" + "log" + "os" + "path" + "time" + + "github.com/logrusorgru/aurora" + + "github.com/projectdiscovery/goflags" + "github.com/projectdiscovery/nuclei/v2/pkg/catalog/config" + "github.com/projectdiscovery/nuclei/v2/pkg/catalog/disk" + "github.com/projectdiscovery/nuclei/v2/pkg/catalog/loader" + "github.com/projectdiscovery/nuclei/v2/pkg/core" + "github.com/projectdiscovery/nuclei/v2/pkg/core/inputs" + "github.com/projectdiscovery/nuclei/v2/pkg/output" + "github.com/projectdiscovery/nuclei/v2/pkg/parsers" + "github.com/projectdiscovery/nuclei/v2/pkg/protocols" + "github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/hosterrorscache" + "github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/interactsh" + "github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/protocolinit" + "github.com/projectdiscovery/nuclei/v2/pkg/protocols/common/protocolstate" + "github.com/projectdiscovery/nuclei/v2/pkg/reporting" + "github.com/projectdiscovery/nuclei/v2/pkg/testutils" + "github.com/projectdiscovery/nuclei/v2/pkg/types" + "github.com/projectdiscovery/ratelimit" +) + +func main() { + cache := hosterrorscache.New(30, hosterrorscache.DefaultMaxHostsCount) + defer cache.Close() + + mockProgress := &testutils.MockProgressClient{} + reportingClient, _ := reporting.New(&reporting.Options{}, "") + defer reportingClient.Close() + + outputWriter := testutils.NewMockOutputWriter() + outputWriter.WriteCallback = func(event *output.ResultEvent) { + fmt.Printf("Got Result: %v\n", event) + } + + defaultOpts := types.DefaultOptions() + protocolstate.Init(defaultOpts) + protocolinit.Init(defaultOpts) + + defaultOpts.Templates = goflags.StringSlice{"dns/cname-service.yaml"} + defaultOpts.ExcludeTags = config.ReadIgnoreFile().Tags + + interactOpts := interactsh.NewDefaultOptions(outputWriter, reportingClient, mockProgress) + interactClient, err := interactsh.New(interactOpts) + if err != nil { + log.Fatalf("Could not create interact client: %s\n", err) + } + defer interactClient.Close() + + home, _ := os.UserHomeDir() + catalog := disk.NewCatalog(path.Join(home, "nuclei-templates")) + executerOpts := protocols.ExecuterOptions{ + Output: outputWriter, + Options: defaultOpts, + Progress: mockProgress, + Catalog: catalog, + IssuesClient: reportingClient, + RateLimiter: ratelimit.New(context.Background(), 150, time.Second), + Interactsh: interactClient, + HostErrorsCache: cache, + Colorizer: aurora.NewAurora(true), + ResumeCfg: types.NewResumeCfg(), + } + engine := core.New(defaultOpts) + engine.SetExecuterOptions(executerOpts) + + workflowLoader, err := parsers.NewLoader(&executerOpts) + if err != nil { + log.Fatalf("Could not create workflow loader: %s\n", err) + } + executerOpts.WorkflowLoader = workflowLoader + + configObject, err := config.ReadConfiguration() + if err != nil { + log.Fatalf("Could not read config: %s\n", err) + } + store, err := loader.New(loader.NewConfig(defaultOpts, configObject, catalog, executerOpts)) + if err != nil { + log.Fatalf("Could not create loader client: %s\n", err) + } + store.Load() + + input := &inputs.SimpleInputProvider{Inputs: []string{"docs.hackerone.com"}} + _ = engine.Execute(store.Templates(), input) + engine.WorkPool().Wait() // Wait for the scan to finish +} +``` + + ### Resources - [Finding bugs with Nuclei with PinkDraconian (Robbe Van Roey)](https://www.youtube.com/watch?v=ewP0xVPW-Pk) by **[@PinkDraconian](https://twitter.com/PinkDraconian)**