Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

nuclei plugin added. #200

Closed
wants to merge 1 commit into from
Closed

nuclei plugin added. #200

wants to merge 1 commit into from

Conversation

JeffreyShran
Copy link

This is a plugin template for the Nuclei tool.

-scan-all-ips -automatic-scan added for coverage and to perform targeted vuln scans respectively.

The -automatic-scan uses Wappalyzer to detect the technology in use and only scans for that specific stuff making it considerably less noisy than usual.

@JeffreyShran
Copy link
Author

@Tib3rius - I'm curious to get your opinion on this if you have some spare time please.

@Tib3rius
Copy link
Owner

@JeffreyShran sorry, GitHub notifications are hit or miss (mostly miss) for me. I have a few minor changes if you want to make them, otherwise I can at some point:

  1. The class is still called Nikto (I assume you copied that plugin). Plugin classes need to have unique names, so Nuclei would do in this case.
  2. Please look at https://github.com/Tib3rius/AutoRecon/blob/main/autorecon/default-plugins/dnsrecon.py#L16 to see how to implement a check() function. This is important to prevent errors when nuclei isn't installed. Note that you'll need to use the import on line 2 of that file. Please keep the check() function in the same style (i.e. update the program name and installation steps but keep the other language the same).
  3. Does nuclei have an output file setting? If so, consider using that instead of tee, provided you believe nothing of value is lost from the regular command line output.

Let me know if you have any questions or if you are unable to do the above. Thanks for the contribution!

@JeffreyShran
Copy link
Author

@JeffreyShran sorry, GitHub notifications are hit or miss (mostly miss) for me. I have a few minor changes if you want to make them, otherwise I can at some point:

  1. The class is still called Nikto (I assume you copied that plugin). Plugin classes need to have unique names, so Nuclei would do in this case.
  2. Please look at https://github.com/Tib3rius/AutoRecon/blob/main/autorecon/default-plugins/dnsrecon.py#L16 to see how to implement a check() function. This is important to prevent errors when nuclei isn't installed. Note that you'll need to use the import on line 2 of that file. Please keep the check() function in the same style (i.e. update the program name and installation steps but keep the other language the same).
  3. Does nuclei have an output file setting? If so, consider using that instead of tee, provided you believe nothing of value is lost from the regular command line output.

Let me know if you have any questions or if you are unable to do the above. Thanks for the contribution!

@Tib3rius - Thanks for the feedback and apologies for harassing you. :)

Yes I copied Nikto! I'm disappointed with my lack of attention to detail. I will revisit this and bring it up to the required standard. I think I'll add an override and additional params to the main program too (like nmap has). There should be a check that the templates exist too, now that I think about it more in terms of practical usage.

I have other ideas for more plugins and features, but perhaps the best approach is to complete this one first to avoid distractions.

I should have some time next week to make a start and thanks again.

@boghicieusebiu boghicieusebiu mentioned this pull request Oct 3, 2023
Open
@JeffreyShran
Copy link
Author

I am maxed out, please go with: #212

@JeffreyShran JeffreyShran deleted the plugin-add branch November 10, 2023 10:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@JeffreyShran @Tib3rius