v2.7.1

What's Changed

• Added support for tls SNI input in http protocol using cli flag -sni by @Mzack9999 in #1964

   -sni string   tls sni hostname to use (default: input domain name)

• Added support for tls SNI input in http protocol in templates by @Mzack9999 in #1970

requests:
  - raw:
      - |
        @tls-sni:localhost
        GET / HTTP/1.1
        Host: {{interactsh-url}}
        Origin: {{BaseURL}}

• Added urldns gadget from ysoserial by @Ice3man543 in #1985
• Added mutex to output writing by @Ice3man543 in #1969
• Fixed bug to include custom templates from same directory for -autoscan by @Ice3man543 in #1968
• Fixed bug in query parameter input by @Ice3man543 in #1975
• Fixed bug with concurrent read/write map by @Mzack9999 in #1989
• Fixed bug for sequential iteration when using payloads by @Mzack9999 in #1981

Issues closed in this release: https://github.com/projectdiscovery/nuclei/milestone/12?closed=1

New Contributors

• @owenrumney made their first contribution in #1930

Full Changelog: v2.7.0...v2.7.1

v2.7.0

What's Changed

• Fixed bug with POST body dump #1929 by @parrasajad in #1938
• Fixed bug with using http pipeline template http by @parrasajad in #1934
• Fixed nuclei go example + added relevant integration test by @Ice3man543 in #1902
• Fixed static compilation in Makefile for MacOS by @Mzack9999 in #1908
• Fixed multiple tests on windows by @Mzack9999 in #1951
• Added optional CLI flag to disable global redirects in http templates by @LuitelSamikshya in #1901

   -dr, -disable-redirects      disable following redirects for http templates

• Added automatic fallback to system chrome on docker alpine via musl detection by @Mzack9999 in #1903

Full Changelog: v2.6.9...v2.7.0

v2.6.9

What's Changed

• Added template variable support by @Ice3man543 in #1785

variables:
  a1: "{{to_lower(rand_base(5))}}"

requests:
  - method: GET
    path:
      - "{{BaseURL}}/?test={{a1}}"

    matchers:
      - type: word
        words:
          - "{{a1}}"

• Added support for dsl as a new extractor type by @Mzack9999 in #1873

    extractors:
      - type: dsl
        dsl:
          - "len(body)"

• Added requests annotation support for RAW HTTP Templates by @Mzack9999 in #1805

  - raw:
      - |
        GET / HTTP/1.1
        Host: {{Hostname}}

      - |
        @Host: https://login.microsoftonline.com:443
        GET /{{Host}}/v2.0/.well-known/openid-configuration HTTP/1.1
        Host: login.microsoftonline.com

• Fixed internal bug in interactsh integration with unsafe HTTP template by @Mzack9999 in #1875
• Fixed bug to support custom template directory input for automatic-scan by @LuitelSamikshya in #1870

Full Changelog: v2.6.8...v2.6.9

v2.6.8

What's Changed

• Fixed nil crash with -stats flag by @Mzack9999 in #1853
• Added support for digest authentication by @Mzack9999 in #1811
• Added support for auto clean up of old resume files by @LuitelSamikshya in #1821

Full Changelog: v2.6.7...v2.6.8

v2.6.7

What's Changed

• Fixed nuclei scan freeze bug while running external templates in unexpected format by @Mzack9999 in #1839

Full Changelog: v2.6.6...v2.6.7

v2.6.6

What's Changed

• Added support to store all responses to disk by @LuitelSamikshya in #1727

   -sresp, -store-resp           store all request/response passed through nuclei to output directory
   -srd, -store-resp-dir string  store all request/response passed through nuclei to custom directory (default "output")

• Added support to match specific interactsh-url payload in case of multiple placeholders #1698 by @parrasajad in #1760
• Added version comparison helpers (compare_versions) by @Ice3man543 in #1783

      - type: dsl
        dsl:
          - compare_versions(version, '< 5.5.7')

• Added random IP generator helpers (rand_ip) by @skhalsa-sigsci in #1744

  headers:
    X-Forwarded-For: '{{rand_ip("192.168.0.0/24")}}'

• Added file input support for custom header/cookie by @Mzack9999 in #1756

nuclei -H cookies.txt

• Added custom technology to tags mapping file support with -automatic-scan by @Ice3man543 in #1796
• Fixed bug to skip unused payloads by @Mzack9999 in #1790
• Fixed bug using payloads in matchers with helpers by @Ice3man543 in #1780
• Fixed special chars in markdown file paths by @Mzack9999 in #1758

Issues closed in release: https://github.com/projectdiscovery/nuclei/milestone/11?closed=1

New Contributors

• @skhalsa-sigsci made their first contribution in #1744

Full Changelog: v2.6.5...v2.6.6

Bugfix release

What's Changed

• Fixed a crash in rawhttp by @Ice3man543 in #1740

Full Changelog: v2.6.4...v2.6.5

v2.6.4

What's Changed

• Added initial implementation of atomatic HTTP scan using wappalyzergo with tags by @Ice3man543 in #1517

   -as, -automatic-scan         automatic web scan using wappalyzer technology detection to tags mapping

• Added option to enable global redirect in HTTP protocol by @Ice3man543 in #1716

   -fr, -follow-redirects      enable following redirects for http templates
   -mr, -max-redirects int     max number of redirects to follow for http templates (default 10)

• Added custom ciphersuits input + match support for SSL protocol by @Ice3man543 in #1685

ssl:
  - address: "{{Host}}:{{Port}}"
    cipher_suites: 
      - TLS_AES_128_GCM_SHA256

    matchers:
      - type: word
        part: response
        words:
          - "TLS_AES_128_GCM_SHA256"

• Added proxy support to unsafe templates in HTTP protocol by @akkuman in #1701
• Added number + string conversion helpers by @Mzack9999 in #1704
• Added time + date + zlib helpers by @Ice3man543 in #1721
• Added pprof-server support for debugging by @Ice3man543 in #1673
• Fixed a bug with template update fail by @Mzack9999 in #1725
• Fixed a bug with custom templates directory use by @parrasajad in #1667
• Fixed a bug in labels when creating jira issue by @vavkamil in #1690
• Updated file protocol to handle large files in chunks by @Mzack9999 in #1634

Issues closed in release: https://github.com/projectdiscovery/nuclei/milestone/10?closed=1

New Contributors

• @vavkamil made their first contribution in #1690
• @akkuman made their first contribution in #1701

Full Changelog: v2.6.3...v2.6.4

v2.6.3

What's Changed

• Added random resume file generation with resume flag by @Ice3man543 in #1639
• Added read-all attribute to http unsafe request by @Ice3man543 in #1644
• Added interaction event highlighting support in debug mode by @Ice3man543 in #1646
• Added custom type in metadata attribute by @zt2 in #1649
• Added unknown as a new severity option by @Ice3man543 in #1659
• Added user-agent customization in headless template by @parrasajad in #1638
• Added duplicate template ID check with validate flag by @Ice3man543 in #1654
• Fixed network response error + timeout handling by @Ice3man543 in #1663

Issues closed in release: https://github.com/projectdiscovery/nuclei/milestone/9?closed=1

New Contributors

• @zt2 made their first contribution in #1649

Full Changelog: v2.6.2...v2.6.3

v2.6.2

What's Changed

• Input / path normalization bugfix by @Ice3man543 in #1635

Full Changelog: v2.6.1...v2.6.2