projectdiscovery/nuclei v3.3.6

on GitHub

⚠️ Breaking Changes:

• The -enable-self-contained or -esc flag is now required to load self-contained templates.
• The -file flag must be used to enable loading file templates.

What's Changed

🎉 New Features

• Added analyzer support and time based delay analyzer for DAST mode by @Ice3man543 in #5781

See Analyzer documentation here: https://docs.projectdiscovery.io/templates/protocols/http/fuzzing-overview#analyzer

• Added batch output support for JSONL output format by @kchason in #5705

Configuration options for JSONL exporter:

jsonl:
 # file is the file to export found JSONL result to
 file: ""
 # omit-raw whether to exclude the raw request and response from the output
 omit-raw: false
 # batch-size the number of records to keep in memory before writing them out to the JSONL file or 0 to disable batching (default)
 batch-size: 0

• Added ENV variable handling in dynamic secret file by @alban-stourbe-wmx in #5835

Secrets can be set using ENV variables or defined with -v and -env-vars options:

Env based secret

variables:
   - key: password
     value: $PASSWORD

Config file / Flag based secrets ( using -env-vars or -vars )

variables:
     - key: password
     - value: {{password}}

🐞Bug Fixes

• Fixed code protocol template execution issues by @tarunKoyalwar in #5767
• Fixed panic error in -stats option by @dogancanbakir in #5774
• Fixed the issue with Jira tracker related to find request by @Ice3man543 in #5798
• Fixed workflow validation logic by @dogancanbakir in #5805
• Fixed data race in protocolstate, contextargs and outdated tests by @dwisiswant0 in #5820

Other Changes

• Disabled self-contained and file protocol templates as default by @dogancanbakir in #5825
  • -esc flag (self-contained templates) is implicitly enabled when -code flag is used.
• Added SDK functions to improve nuclei store and workflow access by @iuliu8899 in #5766
• Fixed typo in headless protocol error message by @dmaciejak in #5768
• Added missing backtick in DESIGN document by @chengehe in #5789
• Improved GitHub Auto-Merge workflow by @dwisiswant0 in #5784
• Added SDK function to allow setting custom variables by @alban-stourbe-wmx in #5678
• Improved GitHub workflows to run concurrently by @dwisiswant0 in #5818

New Contributors

• @dmaciejak made their first contribution in #5768
• @chengehe made their first contribution in #5789

Full Changelog: v3.3.5...v3.3.6