Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

filter support to dast templates #4935

Closed
2 tasks done
ehsandeep opened this issue Mar 25, 2024 · 1 comment · Fixed by #4941
Closed
2 tasks done

filter support to dast templates #4935

ehsandeep opened this issue Mar 25, 2024 · 1 comment · Fixed by #4941
Assignees
@tarunKoyalwar
Labels
Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors.

Comments

@ehsandeep
Copy link
Member

ehsandeep commented Mar 25, 2024
edited by tarunKoyalwar

Follow up for #4925

  • support for filters for old dast templates ( missing value of method variable )
variables:
  first: "cookie_injection"

http:
  - filters:
      - type: dsl
        dsl:
          - 'method == "GET"'
        condition: and

    payloads:
      reflection:
        - "{{first}}"

    fuzzing:
      - part: query
        type: postfix
        fuzz:
          - "{{reflection}}"

    matchers:
      - type: regex
        part: header
        regex:
          - '(?m)(?i)(^set-cookie.*cookie_injection.*)'
  • improve -dast (fuzz) option to load only dast based templates
@ehsandeep ehsandeep added the Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors. label Mar 25, 2024
@tarunKoyalwar tarunKoyalwar mentioned this issue Mar 25, 2024
Merged
@InfoSecExplorer
Copy link

what is the purpose of using -dast flag

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tarunKoyalwar tarunKoyalwar

Labels
Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

add -dast flag and multiple bug fixes for dast templates projectdiscovery/nuclei
3 participants
@ehsandeep @tarunKoyalwar @InfoSecExplorer