Created
March 28, 2024 20:16
-
-
Save tarunKoyalwar/1feb600396610b375ae42ef241152788 to your computer and use it in GitHub Desktop.
schema file example
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "schema": "{\r\n \"$defs\": {\r\n \"AttackTypeHolder\": {\r\n \"enum\": [\r\n \"batteringram\",\r\n \"pitchfork\",\r\n \"clusterbomb\"\r\n ],\r\n \"markdownDescription\": \"Attack is the type of payload combinations to perform\",\r\n \"title\": \"attack is the payload combination\",\r\n \"type\": \"string\"\r\n },\r\n \"Classification\": {\r\n \"additionalProperties\": false,\r\n \"properties\": {\r\n \"cpe\": {\r\n \"examples\": [\r\n \"cpe:\/a:vendor:product:version\"\r\n ],\r\n \"markdownDescription\": \"CPE for the template\",\r\n \"title\": \"cpe for the template\",\r\n \"type\": \"string\"\r\n },\r\n \"cve-id\": {\r\n \"$ref\": \"#\/$defs\/StringOrSlice\",\r\n \"markdownDescription\": \"CVE IDs for the template\",\r\n \"title\": \"cve ids for the template\"\r\n },\r\n \"cvss-metrics\": {\r\n \"examples\": [\r\n \"3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:H\/A:H\"\r\n ],\r\n \"markdownDescription\": \"CVSS Metrics for the template\",\r\n \"title\": \"cvss metrics for the template\",\r\n \"type\": \"string\"\r\n },\r\n \"cvss-score\": {\r\n \"examples\": [\r\n 9.8\r\n ],\r\n \"markdownDescription\": \"CVSS Score for the template\",\r\n \"title\": \"cvss score for the template\",\r\n \"type\": \"number\"\r\n },\r\n \"cwe-id\": {\r\n \"$ref\": \"#\/$defs\/StringOrSlice\",\r\n \"markdownDescription\": \"CWE IDs for the template\",\r\n \"title\": \"cwe ids for the template\"\r\n },\r\n \"epss-percentile\": {\r\n \"examples\": [\r\n 0.42509\r\n ],\r\n \"markdownDescription\": \"EPSS Percentile for the template\",\r\n \"title\": \"epss percentile for the template\",\r\n \"type\": \"number\"\r\n },\r\n \"epss-score\": {\r\n \"examples\": [\r\n 0.42509\r\n ],\r\n \"markdownDescription\": \"EPSS Score for the template\",\r\n \"title\": \"epss score for the template\",\r\n \"type\": \"number\"\r\n }\r\n },\r\n \"type\": \"object\"\r\n },\r\n \"Extractor\": {\r\n \"additionalProperties\": false,\r\n \"properties\": {\r\n \"attribute\": {\r\n \"markdownDescription\": \"Optional attribute to extract from response XPath\",\r\n \"title\": \"optional attribute to extract from xpath\",\r\n \"type\": \"string\"\r\n },\r\n \"case-insensitive\": {\r\n \"markdownDescription\": \"use case insensitive extract\",\r\n \"title\": \"use case insensitive extract\",\r\n \"type\": \"boolean\"\r\n },\r\n \"dsl\": {\r\n \"items\": {\r\n \"type\": \"string\"\r\n },\r\n \"markdownDescription\": \"Optional attribute to extract from response dsl\",\r\n \"title\": \"dsl expressions to extract\",\r\n \"type\": \"array\"\r\n },\r\n \"group\": {\r\n \"markdownDescription\": \"Group to extract from regex\",\r\n \"title\": \"group to extract from regex\",\r\n \"type\": \"integer\"\r\n },\r\n \"internal\": {\r\n \"markdownDescription\": \"Internal when set to true will allow using the value extracted in the next request for some protocols\",\r\n \"title\": \"mark extracted value for internal variable use\",\r\n \"type\": \"boolean\"\r\n },\r\n \"json\": {\r\n \"items\": {\r\n \"type\": \"string\"\r\n },\r\n \"markdownDescription\": \"JSON JQ expressions to evaluate from response part\",\r\n \"title\": \"json jq expressions to extract data\",\r\n \"type\": \"array\"\r\n },\r\n \"kval\": {\r\n \"items\": {\r\n \"type\": \"string\"\r\n },\r\n \"markdownDescription\": \"Kval pairs to extract from response\",\r\n \"title\": \"kval pairs to extract from response\",\r\n \"type\": \"array\"\r\n },\r\n \"name\": {\r\n \"markdownDescription\": \"Name of the extractor\",\r\n \"title\": \"name of the extractor\",\r\n \"type\": \"string\"\r\n },\r\n \"part\": {\r\n \"markdownDescription\": \"Part of the request response to extract data from\",\r\n \"title\": \"part of response to extract data from\",\r\n \"type\": \"string\"\r\n },\r\n \"regex\": {\r\n \"items\": {\r\n \"type\": \"string\"\r\n },\r\n \"markdownDescription\": \"Regex to extract from part\",\r\n \"title\": \"regex to extract from part\",\r\n \"type\": \"array\"\r\n },\r\n \"type\": {\r\n \"$ref\": \"#\/$defs\/ExtractorTypeHolder\"\r\n },\r\n \"xpath\": {\r\n \"items\": {\r\n \"type\": \"string\"\r\n },\r\n \"markdownDescription\": \"XPath allows using xpath expressions to extract items from html response\",\r\n \"title\": \"html xpath expressions to extract data\",\r\n \"type\": \"array\"\r\n }\r\n },\r\n \"required\": [\r\n \"type\"\r\n ],\r\n \"type\": \"object\"\r\n },\r\n \"ExtractorTypeHolder\": {\r\n \"additionalProperties\": false,\r\n \"properties\": {\r\n \"ExtractorType\": {\r\n \"type\": \"integer\"\r\n }\r\n },\r\n \"required\": [\r\n \"ExtractorType\"\r\n ],\r\n \"type\": \"object\"\r\n },\r\n \"HTTPMethodTypeHolder\": {\r\n \"enum\": [\r\n \"GET\",\r\n \"HEAD\",\r\n \"POST\",\r\n \"PUT\",\r\n \"DELETE\",\r\n \"CONNECT\",\r\n \"OPTIONS\",\r\n \"TRACE\",\r\n \"PATCH\",\r\n \"PURGE\",\r\n \"DEBUG\"\r\n ],\r\n \"markdownDescription\": \"Method is the HTTP Request Method\",\r\n \"title\": \"method is the HTTP request method\",\r\n \"type\": \"string\"\r\n },\r\n \"Holder\": {\r\n \"enum\": [\r\n \"info\",\r\n \"low\",\r\n \"medium\",\r\n \"high\",\r\n \"critical\",\r\n \"unknown\"\r\n ],\r\n \"markdownDescription\": \"Seriousness of the implications of the template\",\r\n \"title\": \"severity of the template\",\r\n \"type\": \"string\"\r\n },\r\n \"Info\": {\r\n \"additionalProperties\": false,\r\n \"examples\": [\r\n \"\\n\\tname: Example Template\\n\\tauthor: pdteam\\n\\tseverity: info\\n\\tdescription: This is an example template\",\r\n \"\\n\\tname: example-template\\n\\tauthor: pdteam\\n\\tseverity: unknown\\n\\tdescription: Example description of the template\\n\\timpact: Impact of the template\\n\\treference: \\n\\t - https:\/\/example.com\\n\\tmetadata: \\n\\t max-request: 1\\n\\ttags: http\"\r\n ],\r\n \"properties\": {\r\n \"author\": {\r\n \"markdownDescription\": \"Author is the author of the template\",\r\n \"oneOf\": [\r\n {\r\n \"description\": \"Author of the template without any special characters\\nIt can be a single author or comma-separated multiple authors\",\r\n \"examples\": [\r\n \"pdteam\"\r\n ],\r\n \"type\": \"string\"\r\n },\r\n {\r\n \"description\": \"Author of the template without any special characters\\nIt can be a single author or comma-separated multiple authors\",\r\n \"examples\": [\r\n \"pdteam,mr.robot\"\r\n ],\r\n \"type\": \"array\"\r\n }\r\n ],\r\n \"title\": \"author of the template\"\r\n },\r\n \"classification\": {\r\n \"$ref\": \"#\/$defs\/Classification\",\r\n \"examples\": [\r\n \"\\n\\tcvss-metrics: CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:C\/C:H\/I:H\/A:H\\n\\tcvss-score: 10\\n\\tcve-id: CVE-2021-44228\",\r\n \"\\n\\tcwe-id: CWE-20,CWE-917\"\r\n ],\r\n \"markdownDescription\": \"Classification contains classification information about the template.\\nThis could be any classification information like CWE, CVE, EPSS etc.\\nNote - This is autogenerated and updated regularly for CVE templates merged in projectdiscovery\/nuclei-templates repository.\\nExample:\\n```yaml\\ncvss-metrics: CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:C\/C:H\/I:H\/A:H\\ncvss-score: 10\\ncve-id: CVE-2021-44228\\ncwe-id: CWE-20,CWE-917\\nepss-score: 0.97453\\nepss-percentile: 0.99942\\ncpe: cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*\\n```\",\r\n \"title\": \"classification info for the template\",\r\n \"type\": \"object\"\r\n },\r\n \"description\": {\r\n \"examples\": [\r\n \"Bower is a package manager which stores package information in the bower.json file\",\r\n \"Example description of the template\"\r\n ],\r\n \"markdownDescription\": \"Description of the template.\\nYou can go in-depth here on what the template actually does.\\nExample:\\nApache Log4j2 \\u003c=2.14.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled.\",\r\n \"title\": \"description of the template\",\r\n \"type\": \"string\"\r\n },\r\n \"impact\": {\r\n \"examples\": [\r\n \"Successful exploitation of this vulnerability could allow an attacker to execute arbitrary SQL queries\",\r\n \"Impact of the template\"\r\n ],\r\n \"markdownDescription\": \"Impact of the template.\\nYou can go in-depth here on impact of the template.\\nExample:\\nSuccessful exploitation of this vulnerability can lead to remote code execution, potentially compromising the affected system.\",\r\n \"title\": \"impact of the template\",\r\n \"type\": \"string\"\r\n },\r\n \"markdownDescription\": {\r\n \"markdownDescription\": \"Classification contains classification information about the template.\\nThis could be any classification information like CWE, CVE, EPSS etc.\\nNote - This is autogenerated and updated regularly for CVE templates merged in projectdiscovery\/nuclei-templates repository.\\nExample:\\n```yaml\\ncvss-metrics: CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:C\/C:H\/I:H\/A:H\\ncvss-score: 10\\ncve-id: CVE-2021-44228\\ncwe-id: CWE-20,CWE-917\\nepss-score: 0.97453\\nepss-percentile: 0.99942\\ncpe: cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*\\n```\",\r\n \"type\": \"string\"\r\n },\r\n \"metadata\": {\r\n \"examples\": [\r\n \"\\n\\tmax-request: 1\",\r\n \"\\n\\tmax-request: 2\\n\\tvendor: apache\\n\\tproduct: log4j2\"\r\n ],\r\n \"markdownDescription\": \"Optional metadata for the template.\\nthis could be any useful metadata like Vendor, Product, Version, etc.\\nNote - This is autogenerated and updated regularly for templates merged in projectdiscovery\/nuclei-templates repository.\\nExample:\\n```yaml\\nVendor: Apache\\nProduct: Log4j2\\nVersion: \\u003c=2.14.1\\n```\",\r\n \"title\": \"additional metadata for the template\",\r\n \"type\": \"object\"\r\n },\r\n \"name\": {\r\n \"examples\": [\r\n \"Nagios Default Credentials Check\",\r\n \"example-template\",\r\n \"TeamCity - Authentication Bypass\"\r\n ],\r\n \"markdownDescription\": \"Name should be good short summary that identifies what the template does\",\r\n \"title\": \"name of the template\",\r\n \"type\": \"string\"\r\n },\r\n \"reference\": {\r\n \"$ref\": \"#\/$defs\/StringOrSlice\",\r\n \"examples\": [\r\n \"\\n\\t- https:\/\/example.com\"\r\n ],\r\n \"markdownDescription\": \"References for the template.\\nThis should contain links relevant to the template.\\nExample:\\nhttps:\/\/logging.apache.org\/log4j\/2.x\/security.html\\nhttps:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2021-44228\",\r\n \"title\": \"references for the template\",\r\n \"type\": \"array\"\r\n },\r\n \"remediation\": {\r\n \"examples\": [\r\n \"Change the default administrative username and password of Apache ActiveMQ by editing the file jetty-realm.properties\"\r\n ],\r\n \"markdownDescription\": \"In-depth explanation on how to fix the issues found by the template\",\r\n \"title\": \"remediation steps for the template\",\r\n \"type\": \"string\"\r\n },\r\n \"severity\": {\r\n \"$ref\": \"#\/$defs\/Holder\",\r\n \"examples\": [\r\n \"info\"\r\n ],\r\n \"markdownDescription\": \"Severity of the template.\\nsupported values: info, low, medium, high, critical, unknown\"\r\n },\r\n \"tags\": {\r\n \"markdownDescription\": \"Any tags for the template\",\r\n \"oneOf\": [\r\n {\r\n \"description\": \"Tags for the template separated by commas (No spaces)\",\r\n \"examples\": [\r\n \"cve\"\r\n ],\r\n \"type\": \"string\"\r\n },\r\n {\r\n \"description\": \"Multiple tags for the template separated by commas (No spaces)\",\r\n \"examples\": [\r\n \"cve,http\",\r\n \"http,oast\",\r\n \"cve2024,cve\"\r\n ],\r\n \"type\": \"array\"\r\n }\r\n ],\r\n \"title\": \"tags of the template\"\r\n }\r\n },\r\n \"required\": [\r\n \"name\",\r\n \"author\"\r\n ],\r\n \"type\": \"object\"\r\n },\r\n \"Matcher\": {\r\n \"additionalProperties\": false,\r\n \"properties\": {\r\n \"binary\": {\r\n \"items\": {\r\n \"type\": \"string\"\r\n },\r\n \"markdownDescription\": \"Binary are the binary patterns required to be present in the response part\",\r\n \"title\": \"binary patterns to match in response\",\r\n \"type\": \"array\"\r\n },\r\n \"case-insensitive\": {\r\n \"markdownDescription\": \"use case insensitive match\",\r\n \"title\": \"use case insensitive match\",\r\n \"type\": \"boolean\"\r\n },\r\n \"condition\": {\r\n \"enum\": [\r\n \"and\",\r\n \"or\"\r\n ],\r\n \"markdownDescription\": \"Condition between the matcher variables\",\r\n \"title\": \"condition between matcher variables\",\r\n \"type\": \"string\"\r\n },\r\n \"dsl\": {\r\n \"items\": {\r\n \"type\": \"string\"\r\n },\r\n \"markdownDescription\": \"DSL are the dsl expressions that will be evaluated as part of nuclei matching rules\",\r\n \"title\": \"dsl expressions to match in response\",\r\n \"type\": \"array\"\r\n },\r\n \"encoding\": {\r\n \"enum\": [\r\n \"hex\"\r\n ],\r\n \"markdownDescription\": \"Optional encoding for the word fields\",\r\n \"title\": \"encoding for word field\",\r\n \"type\": \"string\"\r\n },\r\n \"internal\": {\r\n \"markdownDescription\": \"hide matcher from output\",\r\n \"title\": \"hide matcher from output\",\r\n \"type\": \"boolean\"\r\n },\r\n \"match-all\": {\r\n \"markdownDescription\": \"match all matcher values ignoring condition\",\r\n \"title\": \"match all values\",\r\n \"type\": \"boolean\"\r\n },\r\n \"name\": {\r\n \"markdownDescription\": \"Name of the matcher\",\r\n \"title\": \"name of the matcher\",\r\n \"type\": \"string\"\r\n },\r\n \"negative\": {\r\n \"markdownDescription\": \"Negative specifies if the match should be reversed. It will only match if the condition is not true\",\r\n \"title\": \"negative specifies if match reversed\",\r\n \"type\": \"boolean\"\r\n },\r\n \"part\": {\r\n \"markdownDescription\": \"Part of response to match data from\",\r\n \"title\": \"part of response to match\",\r\n \"type\": \"string\"\r\n },\r\n \"regex\": {\r\n \"items\": {\r\n \"type\": \"string\"\r\n },\r\n \"markdownDescription\": \"Regex contains regex patterns required to be present in the response part\",\r\n \"title\": \"regex to match in response\",\r\n \"type\": \"array\"\r\n },\r\n \"size\": {\r\n \"items\": {\r\n \"type\": \"integer\"\r\n },\r\n \"markdownDescription\": \"Size is the acceptable size for the response\",\r\n \"title\": \"acceptable size for response\",\r\n \"type\": \"array\"\r\n },\r\n \"status\": {\r\n \"items\": {\r\n \"type\": \"integer\"\r\n },\r\n \"markdownDescription\": \"Status to match for the response\",\r\n \"title\": \"status to match\",\r\n \"type\": \"array\"\r\n },\r\n \"type\": {\r\n \"$ref\": \"#\/$defs\/MatcherTypeHolder\",\r\n \"markdownDescription\": \"Type of the matcher\",\r\n \"title\": \"type of matcher\"\r\n },\r\n \"words\": {\r\n \"items\": {\r\n \"type\": \"string\"\r\n },\r\n \"markdownDescription\": \" Words contains word patterns required to be present in the response part\",\r\n \"title\": \"words to match in response\",\r\n \"type\": \"array\"\r\n },\r\n \"xpath\": {\r\n \"items\": {\r\n \"type\": \"string\"\r\n },\r\n \"markdownDescription\": \"xpath are the XPath queries that will be evaluated against the response part of nuclei matching rules\",\r\n \"title\": \"xpath queries to match in response\",\r\n \"type\": \"array\"\r\n }\r\n },\r\n \"required\": [\r\n \"type\"\r\n ],\r\n \"type\": \"object\"\r\n },\r\n \"MatcherTypeHolder\": {\r\n \"additionalProperties\": false,\r\n \"properties\": {\r\n \"MatcherType\": {\r\n \"type\": \"integer\"\r\n }\r\n },\r\n \"required\": [\r\n \"MatcherType\"\r\n ],\r\n \"type\": \"object\"\r\n },\r\n \"OrderedMap[string,string]\": {\r\n \"additionalProperties\": false,\r\n \"properties\": {},\r\n \"type\": \"object\"\r\n },\r\n \"Request\": {\r\n \"additionalProperties\": false,\r\n \"anyOf\": [\r\n {\r\n \"required\": [\r\n \"path\"\r\n ]\r\n },\r\n {\r\n \"required\": [\r\n \"raw\"\r\n ]\r\n },\r\n {\r\n \"required\": [\r\n \"filters\",\r\n \"payload\",\r\n \"fuzzing\"\r\n ]\r\n },\r\n {\r\n \"required\": [\r\n \"payloads\",\r\n \"path\"\r\n ]\r\n },\r\n {\r\n \"required\": [\r\n \"payloads\",\r\n \"raw\"\r\n ]\r\n }\r\n ],\r\n \"properties\": {\r\n \"attack\": {\r\n \"$ref\": \"#\/$defs\/AttackTypeHolder\",\r\n \"examples\": [\r\n \"batteringram\",\r\n \"pitchfork\",\r\n \"clusterbomb\"\r\n ],\r\n \"markdownDescription\": \"Attack is the type of payload combinations to perform\\nbatteringram the same payload into all defined payload positions at once, pitchfork combines multiple payload sets and clusterbomb generates permutations and combinations for all payloads\\nExample: \\n```yaml\\n- attack: clusterbomb\\n```\\nNote: this is only applicable when 'payloads' are defined\"\r\n },\r\n \"body\": {\r\n \"examples\": [\r\n \"key=value\\u0026key2=value2\"\r\n ],\r\n \"markdownDescription\": \"Body contains the HTTP body to be sent with the request\\nExample: \\n```yaml\\n- body: \\\"key=value\\u0026key2=value2\\\"\\n```\",\r\n \"title\": \"body is the http request body\",\r\n \"type\": \"string\"\r\n },\r\n \"cookie-reuse\": {\r\n \"deprecated\": true,\r\n \"examples\": [\r\n true\r\n ],\r\n \"markdownDescription\": \"Deprecated: this is default behaviour now use disable-cookie to explicitly disable cookie reuse\",\r\n \"title\": \"optional cookie reuse enable\",\r\n \"type\": \"boolean\"\r\n },\r\n \"digest-password\": {\r\n \"examples\": [\r\n \"admin\"\r\n ],\r\n \"markdownDescription\": \"DigestPassword specifies the password for digest authentication\\nExample: \\n```yaml\\n- digest-password: admin\\n```\",\r\n \"title\": \"specifies the password for digest authentication\",\r\n \"type\": \"string\"\r\n },\r\n \"digest-username\": {\r\n \"examples\": [\r\n \"admin\"\r\n ],\r\n \"markdownDescription\": \"DigestUsername specifies the username for digest authentication\\nExample: \\n```yaml\\n- digest-username: admin\\n```\",\r\n \"title\": \"specifies the username for digest authentication\",\r\n \"type\": \"string\"\r\n },\r\n \"disable-cookie\": {\r\n \"examples\": [\r\n true\r\n ],\r\n \"markdownDescription\": \"Disable Cookie is an optional setting to disable cookie reuse for this request\\nExample: \\n```yaml\\n- disable-cookie: true\\n```\",\r\n \"title\": \"optional disable cookie reuse\",\r\n \"type\": \"boolean\"\r\n },\r\n \"disable-path-automerge\": {\r\n \"examples\": [\r\n true\r\n ],\r\n \"markdownDescription\": \"DisablePathAutomerge disables the automatic merging of path\/query-params from input\/target to path defined in template\\nExample: \\n```yaml\\n- disable-path-automerge: true\\n```\",\r\n \"title\": \"disable auto merging of path\",\r\n \"type\": \"boolean\"\r\n },\r\n \"extractors\": {\r\n \"items\": {\r\n \"$ref\": \"#\/$defs\/Extractor\"\r\n },\r\n \"markdownDescription\": \"Extractors contains the extraction mechanism for the request to identify and extract parts of the response\",\r\n \"title\": \"extractors to run on response\",\r\n \"type\": \"array\"\r\n },\r\n \"filter\": {\r\n \"items\": {\r\n \"$ref\": \"#\/$defs\/Matcher\"\r\n },\r\n \"markdownDescription\": \"Filter is matcher-like field to check if fuzzing should be performed on this request or not\",\r\n \"title\": \"filter for fuzzing\",\r\n \"type\": \"array\"\r\n },\r\n \"filter-condition\": {\r\n \"enum\": [\r\n \"and\",\r\n \"or\"\r\n ],\r\n \"markdownDescription\": \"Conditions between the filters\",\r\n \"title\": \"condition between the filters\",\r\n \"type\": \"string\"\r\n },\r\n \"fuzzing\": {\r\n \"items\": {\r\n \"$ref\": \"#\/$defs\/Rule\"\r\n },\r\n \"markdownDescription\": \"Fuzzing or DAST specifies rules for fuzzing requests\\nthese rules mutate the input request to generate multiple requests\\nFor example, replacing all query param values with sqli payloads\",\r\n \"title\": \"fuzzin rules for http fuzzing\",\r\n \"type\": \"array\"\r\n },\r\n \"headers\": {\r\n \"additionalProperties\": {\r\n \"type\": \"string\"\r\n },\r\n \"examples\": [\r\n \"User-Agent: Mozilla\/5.0\",\r\n \"Authorization: Bearer {{token}}\",\r\n \"X-Forwarded-For: {{Hostname}}\",\r\n \"Origin: {{BaseURL}}\",\r\n \"Referer: {{BaseURL}}\/admin\"\r\n ],\r\n \"markdownDescription\": \"Headers contains the HTTP headers to be sent with the request\\nExample: \\n```yaml\\n- headers:\\n\\tUser-Agent: Mozilla\/5.0\\n```\",\r\n \"title\": \"headers to send with the http request\",\r\n \"type\": \"object\"\r\n },\r\n \"host-redirects\": {\r\n \"examples\": [\r\n true\r\n ],\r\n \"markdownDescription\": \"HostRedirects specifies whether only redirects to the same host should be followed by the HTTP Client\\nWhen set to true, only redirects to the same host are followed\\nExample: \\n```yaml\\n- host-redirects: true\\n```\",\r\n \"title\": \"follow same host http redirects\",\r\n \"type\": \"boolean\"\r\n },\r\n \"id\": {\r\n \"examples\": [\r\n \"example-http-id\"\r\n ],\r\n \"markdownDescription\": \"Optional ID of this HTTP Request Block\\nThis is useful when calling \/executing this request block in flow\\nBy default, current index in the http array is used as ID\\nExample: \\n```yaml\\n- id: wp-login\\n```\",\r\n \"title\": \"id for the http request\",\r\n \"type\": \"string\"\r\n },\r\n \"iterate-all\": {\r\n \"deprecated\": true,\r\n \"markdownDescription\": \"Deprecated: use flow to properly specify iteration logic\",\r\n \"title\": \"iterate all the values\",\r\n \"type\": \"boolean\"\r\n },\r\n \"markdownDescription\": {\r\n \"markdownDescription\": \"Signature is the HTTP Request signature Method\",\r\n \"type\": \"string\"\r\n },\r\n \"matchers\": {\r\n \"items\": {\r\n \"$ref\": \"#\/$defs\/Matcher\"\r\n },\r\n \"markdownDescription\": \"Detection mechanism to identify whether the request was successful by doing pattern matching\",\r\n \"title\": \"matchers to run on response\",\r\n \"type\": \"array\"\r\n },\r\n \"matchers-condition\": {\r\n \"enum\": [\r\n \"and\",\r\n \"or\"\r\n ],\r\n \"markdownDescription\": \"Conditions between the matchers\",\r\n \"title\": \"condition between the matchers\",\r\n \"type\": \"string\"\r\n },\r\n \"max-redirects\": {\r\n \"examples\": [\r\n 10\r\n ],\r\n \"markdownDescription\": \"MaxRedirects is the maximum number of redirects to follow\\nExample: \\n```yaml\\n- max-redirects: 10\\n```\",\r\n \"title\": \"maximum number of redirects to follow\",\r\n \"type\": \"integer\"\r\n },\r\n \"max-size\": {\r\n \"examples\": [\r\n 1024\r\n ],\r\n \"markdownDescription\": \"MaxSize is the maximum size of the response body to be read\\nExample: \\n```yaml\\n- max-size: 1024\\n```\",\r\n \"title\": \"maximum http response body size\",\r\n \"type\": \"integer\"\r\n },\r\n \"method\": {\r\n \"$ref\": \"#\/$defs\/HTTPMethodTypeHolder\",\r\n \"examples\": [\r\n \"GET\",\r\n \"HEAD\",\r\n \"POST\",\r\n \"PUT\",\r\n \"DELETE\",\r\n \"CONNECT\",\r\n \"OPTIONS\",\r\n \"TRACE\",\r\n \"PATCH\",\r\n \"PURGE\",\r\n \"DEBUG\"\r\n ],\r\n \"markdownDescription\": \"Method is the HTTP method to be used for the request\\nExample: \\n```yaml\\n- method: GET\\n```\"\r\n },\r\n \"name\": {\r\n \"examples\": [\r\n \"example-http-name\"\r\n ],\r\n \"markdownDescription\": \"Name is the optional name of the request\\nIf a name is specified, all the named request in a template can be matched upon\\nin a combined manner allowing multi-request based matchers.\",\r\n \"title\": \"name for the http request\",\r\n \"type\": \"string\"\r\n },\r\n \"path\": {\r\n \"examples\": [\r\n \"\\n\\t- '{{BaseURL}}'\",\r\n \"\\n\\t- '{{RootURL}}'\",\r\n \"\\n\\t- '{{Hostname}}:8080\/ca-cert'\"\r\n ],\r\n \"items\": {\r\n \"type\": \"string\"\r\n },\r\n \"markdownDescription\": \"Path contains HTTP URL[s] to be sent. Here only Path portion is generally specified and host is templatetized\\nExample: \\n```yaml\\n- path:\\n\\t{{BaseURL}}\/admin\\n```\",\r\n \"title\": \"path(s) for the http request\",\r\n \"type\": \"array\"\r\n },\r\n \"payloads\": {\r\n \"examples\": [\r\n \" # inline payloads\\n\\tusername:\\n\\t\\t- admin\\n\\t\\t- root\\n\\tpassword:\\n\\t\\t- password\\n\\t\\t- admin\\n\\n\",\r\n \" # file payloads\\n\\tusername: \/path\/to\/usernames.txt\\n\\tpassword: \/path\/to\/passwords.txt\\n\\n\"\r\n ],\r\n \"markdownDescription\": \"Payloads contains key-value pairs of payloads to be used\\nThese payloads when referenced in http request will be iterated appropriately and replaced\\nOptionally payload also support loading values from file instead of defining them inline\\nExample: \\n```yaml\\n- payloads:\\n\\tusername:\\n\\t\\t- admin\\n\\t\\t- root\\n\\tpassword:\\n\\t\\t- password\\n\\t\\t- admin\\n```\",\r\n \"title\": \"payloads for the http request\",\r\n \"type\": \"object\"\r\n },\r\n \"pipeline\": {\r\n \"examples\": [\r\n true\r\n ],\r\n \"markdownDescription\": \"Pipeline defines if the attack should be performed with HTTP 1.1 Pipelining\\nAll requests must be idempotent (GET\/POST). This can be used for race conditions\/billions requests.\\nExample: \\n```yaml\\n- pipeline: true\\n```\",\r\n \"title\": \"perform HTTP 1.1 pipelining\",\r\n \"type\": \"boolean\"\r\n },\r\n \"pipeline-concurrent-connections\": {\r\n \"examples\": [\r\n 10\r\n ],\r\n \"markdownDescription\": \"PipelineConcurrentConnections specifies the number of concurrent connections to be used for pipelining\\nExample: \\n```yaml\\n- pipeline-concurrent-connections: 10\\n pipeline: true\\n```\",\r\n \"title\": \"number of pipelining connections\",\r\n \"type\": \"integer\"\r\n },\r\n \"pipeline-requests-per-connection\": {\r\n \"examples\": [\r\n 10\r\n ],\r\n \"markdownDescription\": \"PipelineRequestsPerConnection specifies the number of requests to be sent per connection\\nExample: \\n```yaml\\n- pipeline: true\\n pipeline-requests-per-connection: 10\\n```\",\r\n \"title\": \"number of requests to send per pipelining connections\",\r\n \"type\": \"integer\"\r\n },\r\n \"race\": {\r\n \"examples\": [\r\n true\r\n ],\r\n \"markdownDescription\": \"Race determines if all the request have to be attempted at the same time (Race Condition)\\nThe actual number of requests that will be sent is determined by the `race_count` field.\\nExample: \\n```yaml\\n- race: true\\n race_count: 100\\n```\",\r\n \"title\": \"perform race-http request coordination attack\",\r\n \"type\": \"boolean\"\r\n },\r\n \"race_count\": {\r\n \"examples\": [\r\n 100\r\n ],\r\n \"markdownDescription\": \"RaceCount specifies the number of requests to be sent when attempting race condition attacks\\nExample: \\n```yaml\\n- race: true\\n race_count: 100\\n```\",\r\n \"title\": \"number of times to repeat request in race condition\",\r\n \"type\": \"integer\"\r\n },\r\n \"raw\": {\r\n \"examples\": [\r\n \"\\n# raw-get-request\\n\\t- |\\n\\t\\tGET \/ HTTP\/1.1\\n\\t\\tHost: {{Hostname}}\\n\\n\",\r\n \"\\n# raw-post-request\\n\\t- |\\n\\t\\tPOST \/ HTTP\/1.1\\n\\t\\tHost: {{Hostname}}\\n\\t\\tContent-Type: application\/json\\n\\t\\tContent-Length: 13\\n\\n\\n\\t\\t{\\\"key\\\": \\\"value\\\"}\\n\\n\"\r\n ],\r\n \"items\": {\r\n \"type\": \"string\"\r\n },\r\n \"markdownDescription\": \"Raw contains HTTP Request[s] in raw or request dump format\\nExample: \\n- raw:\\n\\t- |\\n\\t\\tGET \/ HTTP\/1.1\\n\\t\\tHost: {{Hostname}}\\n\\n\\n\\nNote: If input contains any path\/query-params they are automerged unless explicitly disabled using 'disable-path-automerge'\",\r\n \"type\": \"array\"\r\n },\r\n \"read-all\": {\r\n \"examples\": [\r\n true\r\n ],\r\n \"markdownDescription\": \"Enables force reading of the entire raw unsafe request body ignoring any specified content length headers\\nExample: \\n```yaml\\n- read-all: true\\n```\",\r\n \"title\": \"force read all body\",\r\n \"type\": \"boolean\"\r\n },\r\n \"redirects\": {\r\n \"examples\": [\r\n true\r\n ],\r\n \"markdownDescription\": \"Redirects specifies whether to follow redirects or not\\nThis can be use in conjunction with max-redirects to effectively control the redirects\\nExample: \\n```yaml\\n- redirects: true\\n```\",\r\n \"title\": \"follow http redirects\",\r\n \"type\": \"boolean\"\r\n },\r\n \"req-condition\": {\r\n \"deprecated\": true,\r\n \"markdownDescription\": \"Deprecated: this is automatically identified and used (https:\/\/github.com\/projectdiscovery\/nuclei\/issues\/2393)\",\r\n \"title\": \"preserve request history\",\r\n \"type\": \"boolean\"\r\n },\r\n \"self-contained\": {\r\n \"examples\": [\r\n true\r\n ],\r\n \"markdownDescription\": \"SelfContained specifies whether the request is self-contained or not\\nThis means if the request is dependent on input or is self-contained\\nExample: \\n```yaml\\n- self-contained: true\\n```\",\r\n \"type\": \"boolean\"\r\n },\r\n \"signature\": {\r\n \"$ref\": \"#\/$defs\/SignatureTypeHolder\",\r\n \"deprecated\": true,\r\n \"markdownDescription\": \"Signature is the HTTP Request signature Method\",\r\n \"title\": \"signature is the http request signature method\"\r\n },\r\n \"skip-variables-check\": {\r\n \"examples\": [\r\n true\r\n ],\r\n \"markdownDescription\": \"SkipVariablesCheck skips the check for unresolved variables in request\\nThis is also useful in case where body contains payload in format of {{xyz}}\\nExample: \\n```yaml\\n- skip-variables-check: true\\n```\",\r\n \"title\": \"skip variable checks\",\r\n \"type\": \"boolean\"\r\n },\r\n \"stop-at-first-match\": {\r\n \"markdownDescription\": \"StopAtFirstMatch specifies whether to stop at first match or not\\nThis is useful for cases like brute-forcing where we want to stop once we find the first correct login credential\\nExample: \\n```yaml\\n- stop-at-first-match: true\\n```\",\r\n \"title\": \"stop at first match\",\r\n \"type\": \"boolean\"\r\n },\r\n \"threads\": {\r\n \"examples\": [\r\n 10\r\n ],\r\n \"markdownDescription\": \"Threads specifies concurreny with which requests should be sent\\nIt should not be specified unless explicitly behaviour and its value is obtained from -pc (-payload-concurrency) flag\\nExample: \\n```yaml\\n- threads: 10\\n```\",\r\n \"title\": \"threads for sending requests\",\r\n \"type\": \"integer\"\r\n },\r\n \"unsafe\": {\r\n \"examples\": [\r\n true\r\n ],\r\n \"markdownDescription\": \"Unsafe specifies whether to use rawhttp engine for sending Non RFC-Compliant requests.\\nThis uses the [rawhttp](https:\/\/github.com\/projectdiscovery\/rawhttp) engine to achieve complete\\ncontrol over the request, with no normalization performed by the client.\\nExample: \\n```yaml\\n- unsafe: true\\n```\",\r\n \"title\": \"use rawhttp non-strict-rfc client\",\r\n \"type\": \"boolean\"\r\n }\r\n },\r\n \"type\": \"object\"\r\n },\r\n \"Rule\": {\r\n \"additionalProperties\": false,\r\n \"properties\": {\r\n \"fuzz\": {\r\n \"$ref\": \"#\/$defs\/SliceOrMapSlice\",\r\n \"markdownDescription\": \"Payloads to perform fuzzing substitutions with\",\r\n \"title\": \"payloads of fuzz rule\"\r\n },\r\n \"keys\": {\r\n \"items\": {\r\n \"type\": \"string\"\r\n },\r\n \"markdownDescription\": \"Keys of parameters to fuzz\",\r\n \"title\": \"keys of parameters to fuzz\",\r\n \"type\": \"array\"\r\n },\r\n \"keys-regex\": {\r\n \"items\": {\r\n \"type\": \"string\"\r\n },\r\n \"markdownDescription\": \"Regex of parameter keys to fuzz\",\r\n \"title\": \"keys regex to fuzz\",\r\n \"type\": \"array\"\r\n },\r\n \"mode\": {\r\n \"enum\": [\r\n \"single\",\r\n \"multiple\"\r\n ],\r\n \"markdownDescription\": \"Mode of request rule to fuzz\",\r\n \"title\": \"mode of rule\",\r\n \"type\": \"string\"\r\n },\r\n \"part\": {\r\n \"enum\": [\r\n \"query\",\r\n \"header\",\r\n \"path\",\r\n \"body\",\r\n \"cookie\",\r\n \"request\"\r\n ],\r\n \"markdownDescription\": \"Part of request rule to fuzz\",\r\n \"title\": \"part of rule\",\r\n \"type\": \"string\"\r\n },\r\n \"replace-regex\": {\r\n \"markdownDescription\": \"Regex for regex-replace rule type\",\r\n \"title\": \"replace regex of rule\",\r\n \"type\": \"string\"\r\n },\r\n \"type\": {\r\n \"enum\": [\r\n \"replace\",\r\n \"prefix\",\r\n \"postfix\",\r\n \"infix\",\r\n \"replace-regex\"\r\n ],\r\n \"markdownDescription\": \"Type of fuzzing rule to perform\",\r\n \"title\": \"type of rule\",\r\n \"type\": \"string\"\r\n },\r\n \"values\": {\r\n \"items\": {\r\n \"type\": \"string\"\r\n },\r\n \"markdownDescription\": \"Regex of parameter values to fuzz\",\r\n \"title\": \"values regex to fuzz\",\r\n \"type\": \"array\"\r\n }\r\n },\r\n \"type\": \"object\"\r\n },\r\n \"SignatureTypeHolder\": {\r\n \"enum\": [\r\n \"AWS\"\r\n ],\r\n \"markdownDescription\": \"Type of the signature\",\r\n \"title\": \"type of the signature\",\r\n \"type\": \"string\"\r\n },\r\n \"SliceOrMapSlice\": {\r\n \"additionalProperties\": false,\r\n \"properties\": {\r\n \"KV\": {\r\n \"$ref\": \"#\/$defs\/OrderedMap[string,string]\"\r\n },\r\n \"Value\": {\r\n \"items\": {\r\n \"type\": \"string\"\r\n },\r\n \"type\": \"array\"\r\n }\r\n },\r\n \"required\": [\r\n \"Value\",\r\n \"KV\"\r\n ],\r\n \"type\": \"object\"\r\n },\r\n \"StringOrSlice\": {\r\n \"oneOf\": [\r\n {\r\n \"type\": \"string\"\r\n },\r\n {\r\n \"type\": \"array\"\r\n }\r\n ]\r\n },\r\n \"Template\": {\r\n \"additionalProperties\": false,\r\n \"anyOf\": [\r\n {\r\n \"required\": [\r\n \"id\",\r\n \"info\",\r\n \"http\"\r\n ]\r\n },\r\n {\r\n \"required\": [\r\n \"id\",\r\n \"info\",\r\n \"dns\"\r\n ]\r\n },\r\n {\r\n \"required\": [\r\n \"id\",\r\n \"info\",\r\n \"file\"\r\n ]\r\n },\r\n {\r\n \"required\": [\r\n \"id\",\r\n \"info\",\r\n \"tcp\"\r\n ]\r\n },\r\n {\r\n \"required\": [\r\n \"id\",\r\n \"info\",\r\n \"headless\"\r\n ]\r\n },\r\n {\r\n \"required\": [\r\n \"id\",\r\n \"info\",\r\n \"ssl\"\r\n ]\r\n },\r\n {\r\n \"required\": [\r\n \"id\",\r\n \"info\",\r\n \"websocket\"\r\n ]\r\n },\r\n {\r\n \"required\": [\r\n \"id\",\r\n \"info\",\r\n \"whois\"\r\n ]\r\n },\r\n {\r\n \"required\": [\r\n \"id\",\r\n \"info\",\r\n \"code\"\r\n ]\r\n },\r\n {\r\n \"required\": [\r\n \"id\",\r\n \"info\",\r\n \"javascript\"\r\n ]\r\n },\r\n {\r\n \"required\": [\r\n \"id\",\r\n \"info\",\r\n \"requests\"\r\n ]\r\n },\r\n {\r\n \"required\": [\r\n \"id\",\r\n \"info\",\r\n \"network\"\r\n ]\r\n },\r\n {\r\n \"required\": [\r\n \"workflows\"\r\n ]\r\n }\r\n ],\r\n \"properties\": {\r\n \"code\": {\r\n \"items\": {\r\n \"$ref\": \"#\/$defs\/Request\"\r\n },\r\n \"markdownDescription\": \"Code snippets\",\r\n \"title\": \"code snippets to make\",\r\n \"type\": \"array\"\r\n },\r\n \"constants\": {\r\n \"examples\": [\r\n \"\\n\\texploit: 'x0x0x0x0x0x0x'\"\r\n ],\r\n \"markdownDescription\": \"Constants are the global constants that once defined here can be used anywhere in the template\\nIt can be used in same way as variables but only difference is that constants cannot be overridden by -V flag at runtime\\nExample: \\n```yaml\\nconstants:\\n exploit: 'x0x0x0x0x0x0x'\\n```\",\r\n \"title\": \"constant for the template\",\r\n \"type\": \"object\"\r\n },\r\n \"dns\": {\r\n \"items\": {\r\n \"$ref\": \"#\/$defs\/Request\"\r\n },\r\n \"markdownDescription\": \"DNS requests to make for the template\",\r\n \"title\": \"dns requests to make\",\r\n \"type\": \"array\"\r\n },\r\n \"file\": {\r\n \"items\": {\r\n \"$ref\": \"#\/$defs\/Request\"\r\n },\r\n \"markdownDescription\": \"File requests to make for the template\",\r\n \"title\": \"file requests to make\",\r\n \"type\": \"array\"\r\n },\r\n \"flow\": {\r\n \"examples\": [\r\n \"http(1) \\u0026\\u0026 http(2)\",\r\n \" | # example-vhost-enum\\n\\tssl(); \/\/ -\\u003e execute all ssl protocol requests\\n\\tdns(); \/\/ -\\u003e execute all dns protocol requests\\n\\tfor (let got of template.domains) { \/\/ -\\u003e iterate over 'domains' array variable\\n\\t\\tset('vhost', got); \/\/ -\\u003e set 'vhost' variable to current domain\\n\\t\\thttp(); \/\/ -\\u003e execute all http protocol requests\\n\\t}\\n\"\r\n ],\r\n \"markdownDescription\": \"Flow describes how multiple request-blocks\/protocols should be combined together and executed\\nIt is a javascript code where each protocol is a function and all request-blocks are indexed by their corresponding index in request array\\nExample: \\n flow: http(1) \\u0026\\u0026 http(2)\\n means that second http request will be executed only if first http request is successful (aka matched)\",\r\n \"title\": \"template execution flow in js\",\r\n \"type\": \"string\"\r\n },\r\n \"headless\": {\r\n \"items\": {\r\n \"$ref\": \"#\/$defs\/Request\"\r\n },\r\n \"markdownDescription\": \"Headless requests to make for the template\",\r\n \"title\": \"headless requests to make\",\r\n \"type\": \"array\"\r\n },\r\n \"http\": {\r\n \"examples\": [\r\n \" # http get\\n\\t- method: GET\\n\\t\\tpath:\\n\\t\\t\\t- \\\"{{BaseURL}}\\\"\\n\\t\\t\\n\\t\\tmatchers:\\n\\t\\t\\t- type: status\\n\\t\\t\\t\\tstatus:\\n\\t\\t\\t\\t\\t- 200\",\r\n \" # raw get\\n\\t- raw:\\n\\t\\t\\t- |\\n\\t\\t\\t\\t\\tGET HTTP\/1.1\\n\\t\\t\\t\\t\\tHost: {{Hostname}}\\n\\t\\t\\t\\t\\n\\t\\t\\tmatchers:\\n\\t\\t\\t- type: status\\n\\t\\t\\t\\tstatus:\\n\\t\\t\\t\\t\\t- 200\",\r\n \" # http self contained\\n\\t- method: GET\\n\\t\\tpath:\\n\\t\\t - \\\"https:\/\/api.stripe.com\/v1\/charges\\\"\\n\\t\\t\\n\\t\\tself-contained: true\\n\\t\\theaders:\\n\\t\\t\\tAuthorization: 'Basic {{base64(token)}}'\\n\\t\\t\\n\\t\\tmatchers:\\n\\t\\t - type: word\\n\\t\\t part: body\\n\\t\\t words:\\n\\t\\t - '\\\"object\\\":'\\n\\t\\t - '\\\"url\\\":'\\n\\t\\t - '\\\"data\\\":'\\n\\t\\t condition: and\"\r\n ],\r\n \"items\": {\r\n \"$ref\": \"#\/$defs\/Request\"\r\n },\r\n \"markdownDescription\": \"HTTP is the protocol block for sending HTTP requests\\nIt is of array type and can contain multiple requests\\nExample: \\n```yaml\\nhttp: \\n\\t- method: GET\\n\\t\\tpath:\\n\\t\\t\\t- \\\"{{BaseURL}}\\\"\\n\\t\\t\\n\\t\\tmatchers:\\n\\t\\t\\t- type: status\\n\\t\\t\\tstatus:\\n\\t\\t\\t\\t- 200\\n```\",\r\n \"title\": \"http requests to make\",\r\n \"type\": \"array\"\r\n },\r\n \"id\": {\r\n \"examples\": [\r\n \"example-id\",\r\n \"git-config-exposure\",\r\n \"azure-apps-nxdomain-takeover\",\r\n \"cve-2021-19520\"\r\n ],\r\n \"markdownDescription\": \"ID is the unique id for the template.\\n ### Good IDs \\nA good ID uniquely identifies what the requests in the template\\nare doing. Let's say you have a template that identifies a git-config\\nfile on the webservers, a good name would be `git-config-exposure`. Another\\nexample name is `azure-apps-nxdomain-takeover`\",\r\n \"pattern\": \"^([a-zA-Z0-9]+[-_])*[a-zA-Z0-9]+$\",\r\n \"title\": \"id of the template\",\r\n \"type\": \"string\"\r\n },\r\n \"info\": {\r\n \"$ref\": \"#\/$defs\/Info\",\r\n \"markdownDescription\": \"Info contains the required metadata information about the template\\nIt is meant to provide basic but necessary info like name, author , severity\\nalong with many other optional fields like metadata, classification etc\\nExample: \\n```yaml\\ninfo: \\n\\tname: Example Template\\n\\tauthor: pdteam\\n\\tseverity: info\\n\\tdescription: This is an example template\\n```\\n\\nNote: - \\nFor a template to be valid name,author,severity of `info` section must be set\",\r\n \"title\": \"info for the template\",\r\n \"type\": \"object\"\r\n },\r\n \"javascript\": {\r\n \"items\": {\r\n \"$ref\": \"#\/$defs\/Request\"\r\n },\r\n \"markdownDescription\": \"Javascript requests to make for the template\",\r\n \"title\": \"javascript requests to make\",\r\n \"type\": \"array\"\r\n },\r\n \"markdownDescription\": {\r\n \"markdownDescription\": \"HTTP is the protocol block for sending HTTP requests\\nIt is of array type and can contain multiple requests\\nExample: \\n```yaml\\nhttp: \\n\\t- method: GET\\n\\t\\tpath:\\n\\t\\t\\t- \\\"{{BaseURL}}\\\"\\n\\t\\t\\n\\t\\tmatchers:\\n\\t\\t\\t- type: status\\n\\t\\t\\tstatus:\\n\\t\\t\\t\\t- 200\\n```\",\r\n \"type\": \"string\"\r\n },\r\n \"network\": {\r\n \"deprecated\": true,\r\n \"items\": {\r\n \"$ref\": \"#\/$defs\/Request\"\r\n },\r\n \"markdownDescription\": \"Network requests to make for the template\",\r\n \"title\": \"network requests to make\",\r\n \"type\": \"array\"\r\n },\r\n \"requests\": {\r\n \"deprecated\": true,\r\n \"examples\": [\r\n \" # http get\\n\\t- method: GET\\n\\t\\tpath:\\n\\t\\t\\t- \\\"{{BaseURL}}\\\"\\n\\t\\t\\n\\t\\tmatchers:\\n\\t\\t\\t- type: status\\n\\t\\t\\t\\tstatus:\\n\\t\\t\\t\\t\\t- 200\",\r\n \" # raw get\\n\\t- raw:\\n\\t\\t\\t- |\\n\\t\\t\\t\\t\\tGET HTTP\/1.1\\n\\t\\t\\t\\t\\tHost: {{Hostname}}\\n\\t\\t\\t\\t\\n\\t\\t\\tmatchers:\\n\\t\\t\\t- type: status\\n\\t\\t\\t\\tstatus:\\n\\t\\t\\t\\t\\t- 200\",\r\n \" # http self contained\\n\\t- method: GET\\n\\t\\tpath:\\n\\t\\t - \\\"https:\/\/api.stripe.com\/v1\/charges\\\"\\n\\t\\t\\n\\t\\tself-contained: true\\n\\t\\theaders:\\n\\t\\t\\tAuthorization: 'Basic {{base64(token)}}'\\n\\t\\t\\n\\t\\tmatchers:\\n\\t\\t - type: word\\n\\t\\t part: body\\n\\t\\t words:\\n\\t\\t - '\\\"object\\\":'\\n\\t\\t - '\\\"url\\\":'\\n\\t\\t - '\\\"data\\\":'\\n\\t\\t condition: and\"\r\n ],\r\n \"items\": {\r\n \"$ref\": \"#\/$defs\/Request\"\r\n },\r\n \"markdownDescription\": \"HTTP is the protocol block for sending HTTP requests\\nIt is of array type and can contain multiple requests\\nExample: \\n```yaml\\nrequests: \\n\\t- method: GET\\n\\t\\tpath:\\n\\t\\t\\t- \\\"{{BaseURL}}\\\"\\n\\t\\t\\n\\t\\tmatchers:\\n\\t\\t\\t- type: status\\n\\t\\t\\tstatus:\\n\\t\\t\\t\\t- 200\\n```\",\r\n \"title\": \"http requests to make\",\r\n \"type\": \"array\"\r\n },\r\n \"self-contained\": {\r\n \"default\": false,\r\n \"examples\": [\r\n true\r\n ],\r\n \"markdownDescription\": \"Self-contained marks all requests in this template as independent of input which means input\/target is not required for execution of template\\nbut other variables defined in template need to be explicitly set using -V flag\\nDefault value is false\\nNote: self-contained templates only run once regardless of how many targets where provided to nuclei\\nExample: \\n```yaml\\nself-contained: true\\n```\\nFull example template of self-contained is available at https:\/\/cloud.projectdiscovery.io\/public\/aws-app-enum\",\r\n \"title\": \"mark requests as self-contained\",\r\n \"type\": \"boolean\"\r\n },\r\n \"signature\": {\r\n \"deprecated\": true,\r\n \"examples\": [\r\n \"aws\"\r\n ],\r\n \"markdownDescription\": \"Signature is the HTTP Request signature Method\",\r\n \"title\": \"signature is the http request signature method\",\r\n \"type\": \"string\"\r\n },\r\n \"ssl\": {\r\n \"items\": {\r\n \"$ref\": \"#\/$defs\/Request\"\r\n },\r\n \"markdownDescription\": \"SSL requests to make for the template\",\r\n \"title\": \"ssl requests to make\",\r\n \"type\": \"array\"\r\n },\r\n \"stop-at-first-match\": {\r\n \"default\": false,\r\n \"examples\": [\r\n true\r\n ],\r\n \"markdownDescription\": \"stop-at-first-match stops the execution of template as soon as first match\/result was found in a template given that template was sending multiple requests\\nthis is required in case of default-login , brute-force and even detection templates where multiple requests are sent from template but we want to exit as soon as first match\/result was found\\nExample: \\n```yaml\\nstop-at-first-match: true\\n```\\nFull example template of stop-at-first-match is available at https:\/\/cloud.projectdiscovery.io\/public\/bitbucket-public-repository\",\r\n \"title\": \"stop at first match\",\r\n \"type\": \"boolean\"\r\n },\r\n \"tcp\": {\r\n \"items\": {\r\n \"$ref\": \"#\/$defs\/Request\"\r\n },\r\n \"markdownDescription\": \"Network requests to make for the template\",\r\n \"title\": \"network(tcp) requests to make\",\r\n \"type\": \"array\"\r\n },\r\n \"variables\": {\r\n \"examples\": [\r\n \"\\n\\tdomain: \\\"{{FQDN}}\\\"\\n\\temail: pdteam@{{domain}}\",\r\n \"\\n\\toast: \\\"{{interact-sh}}\\\"\\n\\tpayload: \\\"{{base64(oast)}}\\\"\"\r\n ],\r\n \"markdownDescription\": \"Variables are the global variables that once defined here can be used anywhere in the template\\nVariables are evaluated in the order they are defined so one variable can be referenced in another variable\\nVariables are evaluated before sending every requests so one can reference any variables that are available at runtime and they will be evaluate and used when referenced\\nExample: \\n```yaml\\nvariables:\\n oast: {{interact-sh}}\\n payload: \\\"{{base64(oast)}}\\\"\\n```\\nFull example template of variables is available at https:\/\/cloud.projectdiscovery.io\/public\/screenshot\\nNote: -\\nThese variables can be overridden by -V flag at runtime if needed\",\r\n \"title\": \"variables for the http request\",\r\n \"type\": \"object\"\r\n },\r\n \"websocket\": {\r\n \"items\": {\r\n \"$ref\": \"#\/$defs\/Request\"\r\n },\r\n \"markdownDescription\": \"Websocket requests to make for the template\",\r\n \"title\": \"websocket requests to make\",\r\n \"type\": \"array\"\r\n },\r\n \"whois\": {\r\n \"items\": {\r\n \"$ref\": \"#\/$defs\/Request\"\r\n },\r\n \"markdownDescription\": \"WHOIS requests to make for the template\",\r\n \"title\": \"whois requests to make\",\r\n \"type\": \"array\"\r\n },\r\n \"workflows\": {\r\n \"items\": {\r\n \"$ref\": \"#\/$defs\/WorkflowTemplate\"\r\n },\r\n \"markdownDescription\": \"List of workflows to execute for template\",\r\n \"title\": \"list of workflows to execute\",\r\n \"type\": \"array\"\r\n }\r\n },\r\n \"required\": [\r\n \"id\",\r\n \"info\"\r\n ],\r\n \"type\": \"object\"\r\n },\r\n \"Variable\": {\r\n \"additionalProperties\": false,\r\n \"properties\": {},\r\n \"type\": \"object\"\r\n },\r\n \"WorkflowTemplate\": {\r\n \"additionalProperties\": false,\r\n \"properties\": {\r\n \"matchers\": {\r\n \"items\": {\r\n \"$ref\": \"#\/$defs\/Matcher\"\r\n },\r\n \"markdownDescription\": \"Matchers perform name based matching to run subtemplates for a workflow\",\r\n \"title\": \"name based template result matchers\",\r\n \"type\": \"array\"\r\n },\r\n \"subtemplates\": {\r\n \"items\": {\r\n \"$ref\": \"#\/$defs\/WorkflowTemplate\"\r\n },\r\n \"markdownDescription\": \"Subtemplates are ran if the template field Template matches\",\r\n \"title\": \"subtemplate based result matchers\",\r\n \"type\": \"array\"\r\n },\r\n \"tags\": {\r\n \"$ref\": \"#\/$defs\/StringOrSlice\",\r\n \"markdownDescription\": \"Tags to run template based on\",\r\n \"title\": \"tags to execute\"\r\n },\r\n \"template\": {\r\n \"markdownDescription\": \"Template or directory to execute as part of workflow\",\r\n \"title\": \"template\/directory to execute\",\r\n \"type\": \"string\"\r\n }\r\n },\r\n \"type\": \"object\"\r\n }\r\n },\r\n \"$id\": \"https:\/\/nuclei.projectdiscovery.io\/template\",\r\n \"$ref\": \"#\/$defs\/Template\",\r\n \"$schema\": \"https:\/\/json-schema.org\/draft\/2020-12\/schema\"\r\n}\n", | |
| "timestamp": 1711633481253 | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment