Navigation:
Browse pkgsrc
(this page)
security nuclei
CVSweb ] [ 
Homepage ] [ 
RSS ] [ 
Required by ] [ 
Add to tracker ] 2025-04-05 20:51:32 by Benny Siegert | Files touched by this commit (190) |  |
Log message: Belated revbump for all Go packages after go124 update I forgot to do the revbump again, sorry for doing it so late after the update. |
| 2025-03-07 21:54:34 by Benny Siegert | Files touched by this commit (190) | |
Log message: Revbump all Go packages after go124 update I realize I forgot to do the revbump after updating the default Go version to 1.24, so let's do that now. |
| 2025-03-02 20:02:20 by Leonardo Taccari | Files touched by this commit (3) |
Log message:
nuclei: Update to 3.3.9
Changes:
v3.3.9
* Added `-ai` option to generate and run nuclei templates on the fly in
natural langauge
* Added initial Live DAST Server API implementation (experimental)
* Added support for DSL expression evaluation in headless args
* Bug fixes
v3.3.8
* Bug fixes
v3.3.7
* Added `OS_MAX_THREADS_ENV` environment variable to control the
maximum number of OS threads the Go program can utilize
* Added `-enable-global-matchers`option to control the execution of
global matchers
* Bug fixes
v3.3.6
* (Breaking change) The `-enable-self-contained` or `-esc` flag is now
required to load self-contained templates.
* (Breaking change) The `-file` flag must be used to enable loading
file templates.
* Added analyzer support and time based delay analyzer for DAST mode
* Added batch output support for JSONL output format
* Added ENV variable handling in dynamic secret file
* Bug fixes
v3.3.5
* Added support for global matchers / extractors in http templates
* Added support for MongoDB for results reporting
* Added support for `stop-at-first-match` in network templates
* Bug fixes
v3.3.4
* Fixed (hopefully) skipping target list as found unresponsive erroneously
v3.3.3
* Added linear issue tracker support
* Added support for additional headless lifecycle events
* Bug fixes
v3.3.2
* Fixed security issue in template `signer` package
* Added `ActionWaitDialog` type in headless protocol to simplify XSS detection
v3.3.1
* Added `team-id` option to upload results to specific team workspace
* Added redaction support in output file
* Added support for multiple auth strategies per target from secret file
* Added support to generate matcher-status event for javascript protocol
* Added `skip-secret-file` template attribute to disable auth per template
* Bug fixes
v3.3.0
* Bug fixes
v3.2.9
* Fuzzing feature enhancements
- Added `part: request` to fuzz all the keys in request with fuzzing
templates.
- Added `-fuzz-aggression` CLI option to control fuzz aggression via
template.
- Added `-fuzz-param-frequency` option to control counter for skipping
uninteresting parameter.
- Added `-display-fuzz-points` option to display fuzzing points
(for debugging).
* PDCP Team ID input support via environment variable to upload results into
team account
* Bug fixes
|
| 2024-09-06 20:49:02 by Benny Siegert | Files touched by this commit (180) | |
Log message: Revbump all Go packages after go122 update |
| 2024-08-11 17:57:15 by Benny Siegert | Files touched by this commit (176) | |
Log message: Revbump all Go packages after update |
| 2024-07-03 08:59:36 by Benny Siegert | Files touched by this commit (169) | |
Log message: Revbump all Go packages after go122 security update |
| 2024-06-13 15:47:13 by Benny Siegert | Files touched by this commit (169) | |
Log message: Revbump all Go packages after go122 update |
| 2024-06-01 16:03:06 by Benny Siegert | Files touched by this commit (168) |
Log message: Revbump all Go packages, default Go version is now 1.22. |
New packages: