v3.6.0

.github/workflows/auto-merge.yaml

@@ -18,7 +18,7 @@ jobs:
     runs-on: ubuntu-latest
     if: github.actor == 'dependabot[bot]'
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           token: ${{ secrets.DEPENDABOT_PAT }}
 

.github/workflows/compat-checks.yaml

@@ -13,7 +13,7 @@ jobs:
     permissions:
       contents: write
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - uses: projectdiscovery/actions/setup/go/compat-checks@v1
         with:
           release-test: true

.github/workflows/generate-docs.yaml

@@ -11,7 +11,7 @@ jobs:
     if: "${{ !endsWith(github.actor, '[bot]') }}"
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - uses: projectdiscovery/actions/setup/go@v1
       - uses: projectdiscovery/actions/setup/git@v1
       - run: make syntax-docs

.github/workflows/generate-pgo.yaml

@@ -28,9 +28,10 @@ jobs:
       LIST_FILE: "/tmp/targets-${{ matrix.targets }}.txt"
       PROFILE_MEM: "/tmp/nuclei-profile-${{ matrix.targets }}-targets"
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - uses: projectdiscovery/actions/setup/git@v1
       - uses: projectdiscovery/actions/setup/go@v1
+      - uses: projectdiscovery/actions/cache/nuclei@v1
       - name: Generate list
         run: for i in {1..${{ matrix.targets }}}; do echo "https://honey.scanme.sh/?_=${i}" >> "${LIST_FILE}"; done
       # NOTE(dwisiswant0): use `-no-mhe` flag to get better samples.

.github/workflows/govulncheck.yaml

@@ -16,7 +16,7 @@ jobs:
     env:
       OUTPUT: "/tmp/results.sarif"
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - uses: projectdiscovery/actions/setup/go@v1
       - run: go install golang.org/x/vuln/cmd/govulncheck@latest
       - run: govulncheck -scan package -format sarif ./... > $OUTPUT

.github/workflows/perf-regression.yaml

@@ -11,8 +11,10 @@ jobs:
     env:
       BENCH_OUT: "/tmp/bench.out"
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - uses: projectdiscovery/actions/setup/go@v1
+      - uses: projectdiscovery/actions/cache/go-rod-browser@v1
+      - uses: projectdiscovery/actions/cache/nuclei@v1
       - run: make build-test
       - run: ./bin/nuclei.test -test.run - -test.bench=. -test.benchmem ./cmd/nuclei/ | tee $BENCH_OUT
         env:

.github/workflows/perf-test.yaml

@@ -16,7 +16,7 @@ jobs:
       LIST_FILE: "/tmp/targets-${{ matrix.count }}.txt"
       PROFILE_MEM: "/tmp/nuclei-perf-test-${{ matrix.count }}"
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - uses: projectdiscovery/actions/setup/go@v1
       - run: make verify
       - name: Generate list

.github/workflows/release.yaml

@@ -10,7 +10,7 @@ jobs:
   release: 
     runs-on: ubuntu-latest-16-cores
     steps: 
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with: 
           fetch-depth: 0
       - uses: projectdiscovery/actions/setup/go@v1

.github/workflows/stale.yaml

@@ -37,5 +37,4 @@ jobs:
             it, please comment or feel free to reopen it.
           close-issue-label: "Status: Abandoned"
           close-pr-label: "Status: Abandoned"
-          exempt-issue-labels: "Status: Abandoned"
-          exempt-pr-labels: "Status: Abandoned"
+          exempt-issue-labels: "Type: Enhancement"

.github/workflows/tests.yaml

@@ -22,8 +22,9 @@ jobs:
     if: "${{ !endsWith(github.actor, '[bot]') }}"
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - uses: projectdiscovery/actions/setup/go@v1
+      - uses: projectdiscovery/actions/cache/go-rod-browser@v1
       - uses: projectdiscovery/actions/golangci-lint/v2@v1
 
   tests:
@@ -35,8 +36,19 @@ jobs:
         os: [ubuntu-latest, windows-latest, macOS-latest]
     runs-on: "${{ matrix.os }}"
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - uses: projectdiscovery/actions/setup/go@v1
+      - uses: projectdiscovery/actions/cache/go-rod-browser@v1
+      - uses: projectdiscovery/actions/cache/nuclei@v1
+      - uses: projectdiscovery/actions/free-disk-space@v1
+        with:
+          llvm: 'false'
+          php: 'false'
+          mongodb: 'false'
+          mysql: 'false'
+          misc-packages: 'false'
+          docker-images: 'false'
+          tools-cache: 'false'
       - run: make vet
       - run: make build
       - run: make test
@@ -52,8 +64,10 @@ jobs:
     needs: ["tests"]
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - uses: projectdiscovery/actions/setup/go@v1
+      - uses: projectdiscovery/actions/cache/go-rod-browser@v1
+      - uses: projectdiscovery/actions/cache/nuclei@v1
       - name: "Simple"
         run: go run .
         working-directory: examples/simple/
@@ -74,9 +88,11 @@ jobs:
         os: [ubuntu-latest, windows-latest, macOS-latest]
     runs-on: ${{ matrix.os }}
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - uses: projectdiscovery/actions/setup/go@v1
+      - uses: projectdiscovery/actions/cache/nuclei@v1
       - uses: projectdiscovery/actions/setup/python@v1
+      - uses: projectdiscovery/actions/cache/go-rod-browser@v1
       - run: bash run.sh "${{ matrix.os }}"
         env:
           GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
@@ -93,9 +109,11 @@ jobs:
         os: [ubuntu-latest, windows-latest, macOS-latest]
     runs-on: ${{ matrix.os }}
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - uses: projectdiscovery/actions/setup/go@v1
+      - uses: projectdiscovery/actions/cache/nuclei@v1
       - uses: projectdiscovery/actions/setup/python@v1
+      - uses: projectdiscovery/actions/cache/go-rod-browser@v1
       - run: bash run.sh
         env:
           GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
@@ -106,8 +124,9 @@ jobs:
     needs: ["tests"]
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - uses: projectdiscovery/actions/setup/go@v1
+      - uses: projectdiscovery/actions/cache/go-rod-browser@v1
       - run: make template-validate
 
   codeql:
@@ -119,7 +138,7 @@ jobs:
       contents: read
       security-events: write
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - uses: github/codeql-action/init@v4
         with:
           languages: 'go'
@@ -131,7 +150,7 @@ jobs:
     needs: ["tests"]
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - uses: projectdiscovery/actions/setup/go@v1
       - uses: projectdiscovery/actions/goreleaser@v1
 
@@ -143,7 +162,7 @@ jobs:
       TARGET_URL: "http://scanme.sh/a/?b=c"
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - run: make build
       - name: "Setup environment (push)"
         if: ${{ github.event_name == 'push' }}

README.md

@@ -140,7 +140,7 @@ TARGET:
    -u, -target string[]          target URLs/hosts to scan
    -l, -list string              path to file containing a list of target URLs/hosts to scan (one per line)
    -eh, -exclude-hosts string[]  hosts to exclude to scan from the input list (ip, cidr, hostname)
-   -resume string                resume scan using resume.cfg (clustering will be disabled)
+   -resume string                resume scan from and save to specified file (clustering will be disabled)
    -sa, -scan-all-ips            scan all the IP's associated with dns record
    -iv, -ip-version string[]     IP version to scan of hostname (4,6) - (default 4)
 

README_CN.md

@@ -119,7 +119,7 @@ Nuclei是一款注重于可配置性、可扩展性和易用性的基于模板
 目标：
    -u, -target string[]                  指定扫描的目标URL/主机（多个目标则指定多个-u参数）
    -l, -list string                      指定包含要扫描的目标URL/主机列表的文件路径（一行一个）
-   -resume string                        使用指定的resume.cfg文件恢复扫描（将禁用请求聚类）
+   -resume string                        从指定文件恢复扫描并保存到指定文件（将禁用请求聚类）
    -sa, -scan-all-ips                    扫描由目标解析出来的所有IP（针对域名对应多个IP的情况）
    -iv, -ip-version string[]             要扫描的主机名的IP版本（4,6）-（默认为4）
 

README_ES.md

@@ -118,7 +118,7 @@ TARGET:
    -u, -target string[]          URLs/hosts a escanear
    -l, -list string              ruta al archivo que contiene la lista de URLs/hosts a escanear (uno por línea)
    -eh, -exclude-hosts string[]  hosts a excluir para escanear de la lista de entrada (ip, cidr, hostname)
-   -resume string                reanudar el escaneo usando resume.cfg (la clusterización quedará inhabilitada)
+   -resume string                reanudar el escaneo desde y guardar en el archivo especificado (la clusterización quedará inhabilitada)
    -sa, -scan-all-ips            escanear todas las IP asociadas al registro dns
    -iv, -ip-version string[]     versión IP a escanear del nombre de host (4,6) - (por defecto 4)
 

README_ID.md

@@ -98,7 +98,7 @@ Flags:
 TARGET:
    -u, -target string[]       target URLs/hosts to scan
    -l, -list string           path to file containing a list of target URLs/hosts to scan (one per line)
-   -resume string             resume scan using resume.cfg (clustering will be disabled)
+   -resume string             resume scan from and save to specified file (clustering will be disabled)
    -sa, -scan-all-ips         scan all the IP's associated with dns record
    -iv, -ip-version string[]  IP version to scan of hostname (4,6) - (default 4)
 

README_JP.md

@@ -113,7 +113,7 @@ Nucleiは、広範な設定可能性、大規模な拡張性、および使い
 ターゲット:
    -u, -target string[]          スキャンする対象のURL/ホスト
    -l, -list string              スキャンする対象のURL/ホストのリストが含まれているファイルへのパス（1行に1つ）
-   -resume string                resume.cfgを使用してスキャンを再開（クラスタリングは無効になります）
+   -resume string                指定されたファイルからスキャンを再開し、指定されたファイルに保存（クラスタリングは無効になります）
    -sa, -scan-all-ips            DNSレコードに関連付けられているすべてのIPをスキャン
    -iv, -ip-version string[]     ホスト名のスキャンするIPバージョン（4,6）-（デフォルトは4）
 

README_KR.md

@@ -96,7 +96,7 @@ Nuclei는 빠르고, 템플릿 기반의 취약점 스캐너로
 TARGET:
    -u, -target string[]       스캔할 대상 URL/호스트
    -l, -list string           스캔할 대상 URL/호스트 목록이 있는 파일 경로 (한 줄에 하나씩)
-   -resume string             resume.cfg를 사용하여 스캔 재개 (클러스터링은 비활성화됨)
+   -resume string             지정된 파일에서 스캔을 재개하고 지정된 파일에 저장 (클러스터링은 비활성화됨)
    -sa, -scan-all-ips         dns 레코드와 관련된 모든 IP 스캔
    -iv, -ip-version string[]  스캔할 호스트의 IP 버전 (4,6) - (기본값 4)
 

README_PT-BR.md

@@ -118,7 +118,7 @@ TARGET:
    -u, -target string[]          URLs/hosts a serem escaneados
    -l, -list string              caminho do arquivo contendo a lista de URLs/hosts a serem escaneados (um por linha)
    -eh, -exclude-hosts string[]  hosts a serem excluídos do escaneamento na lista de entrada (ip, cidr, hostname)
-   -resume string                retomar o escaneamento usando resume.cfg (a clusterização será desabilitada)
+   -resume string                retomar o escaneamento a partir de e salvar no arquivo especificado (a clusterização será desabilitada)
    -sa, -scan-all-ips            escanear todos os IPs associados ao registro DNS
    -iv, -ip-version string[]     versão de IP a escanear do nome do host (4,6) - (padrão 4)
 

cmd/integration-test/integration-test.go

@@ -6,6 +6,7 @@ import (
 	"os"
 	"regexp"
 	"runtime"
+	"slices"
 	"strings"
 
 	"github.com/kitabisa/go-ci"
@@ -24,7 +25,7 @@ type TestCaseInfo struct {
 }
 
 var (
-	debug       = os.Getenv("DEBUG") == "true"
+	debug       = isDebugMode()
 	customTests = os.Getenv("TESTS")
 	protocol    = os.Getenv("PROTO")
 
@@ -60,6 +61,7 @@ var (
 		"matcher-status":  matcherStatusTestcases,
 		"exporters":       exportersTestCases,
 	}
+
 	// flakyTests are run with a retry count of 3
 	flakyTests = map[string]bool{
 		"protocols/http/self-contained-file-input.yaml": true,
@@ -90,11 +92,12 @@ func main() {
 	}
 
 	// start fuzz playground server
-	defer fuzzplayground.Cleanup()
 	server := fuzzplayground.GetPlaygroundServer()
 	defer func() {
+		fuzzplayground.Cleanup()
 		_ = server.Close()
 	}()
+
 	go func() {
 		if err := server.Start("localhost:8082"); err != nil {
 			if !strings.Contains(err.Error(), "Server closed") {
@@ -104,7 +107,6 @@ func main() {
 	}()
 
 	customTestsList := normalizeSplit(customTests)
-
 	failedTestTemplatePaths := runTests(customTestsList)
 
 	if len(failedTestTemplatePaths) > 0 {
@@ -131,6 +133,27 @@ func main() {
 	}
 }
 
+// isDebugMode checks if debug mode is enabled via any of the supported debug
+// environment variables.
+func isDebugMode() bool {
+	debugEnvVars := []string{
+		"DEBUG",
+		"ACTIONS_RUNNER_DEBUG", // GitHub Actions runner debug
+		// Add more debug environment variables here as needed
+	}
+
+	truthyValues := []string{"true", "1", "yes", "on", "enabled"}
+
+	for _, envVar := range debugEnvVars {
+		envValue := strings.ToLower(strings.TrimSpace(os.Getenv(envVar)))
+		if slices.Contains(truthyValues, envValue) {
+			return true
+		}
+	}
+
+	return false
+}
+
 // execute a testcase with retry and consider best of N
 // intended for flaky tests like interactsh
 func executeWithRetry(testCase testutils.TestCase, templatePath string, retryCount int) (string, error) {

cmd/integration-test/javascript.go

@@ -17,6 +17,7 @@ var jsTestcases = []TestCaseInfo{
 	{Path: "protocols/javascript/net-https.yaml", TestCase: &javascriptNetHttps{}},
 	{Path: "protocols/javascript/oracle-auth-test.yaml", TestCase: &javascriptOracleAuthTest{}, DisableOn: func() bool { return osutils.IsWindows() || osutils.IsOSX() }},
 	{Path: "protocols/javascript/vnc-pass-brute.yaml", TestCase: &javascriptVncPassBrute{}},
+	{Path: "protocols/javascript/multi-ports.yaml", TestCase: &javascriptMultiPortsSSH{}},
 }
 
 var (
@@ -167,6 +168,17 @@ func (j *javascriptVncPassBrute) Execute(filePath string) error {
 	return multierr.Combine(errs...)
 }
 
+type javascriptMultiPortsSSH struct{}
+
+func (j *javascriptMultiPortsSSH) Execute(filePath string) error {
+	// use scanme.sh as target to ensure we match on the 2nd default port 22
+	results, err := testutils.RunNucleiTemplateAndGetResults(filePath, "scanme.sh", debug)
+	if err != nil {
+		return err
+	}
+	return expectResultsCount(results, 1)
+}
+
 // purge any given resource if it is not nil
 func purge(resource *dockertest.Resource) {
 	if resource != nil && pool != nil {

cmd/integration-test/library.go

@@ -15,6 +15,7 @@ import (
 	"github.com/logrusorgru/aurora"
 	"github.com/pkg/errors"
 	"github.com/projectdiscovery/goflags"
+	"github.com/projectdiscovery/gologger"
 	"github.com/projectdiscovery/nuclei/v3/pkg/catalog/config"
 	"github.com/projectdiscovery/nuclei/v3/pkg/catalog/disk"
 	"github.com/projectdiscovery/nuclei/v3/pkg/catalog/loader"
@@ -70,6 +71,7 @@ func executeNucleiAsLibrary(templatePath, templateURL string) ([]string, error)
 
 	defaultOpts := types.DefaultOptions()
 	defaultOpts.ExecutionId = "test"
+	defaultOpts.Logger = gologger.DefaultLogger
 
 	mockProgress := &testutils.MockProgressClient{}
 	reportingClient, err := reporting.New(&reporting.Options{ExecutionId: defaultOpts.ExecutionId}, "", false)

cmd/nuclei/main.go

@@ -194,8 +194,11 @@ func main() {
 		})
 	}
 
-	// Setup graceful exits
+	// Setup filename for graceful exits
 	resumeFileName := types.DefaultResumeFilePath()
+	if options.Resume == "" {
+		resumeFileName = options.Resume
+	}
 	c := make(chan os.Signal, 1)
 	signal.Notify(c, os.Interrupt)
 	go func() {
@@ -255,7 +258,7 @@ on extensive configurability, massive extensibility and ease of use.`)
 		flagSet.StringSliceVarP(&options.Targets, "target", "u", nil, "target URLs/hosts to scan", goflags.CommaSeparatedStringSliceOptions),
 		flagSet.StringVarP(&options.TargetsFilePath, "list", "l", "", "path to file containing a list of target URLs/hosts to scan (one per line)"),
 		flagSet.StringSliceVarP(&options.ExcludeTargets, "exclude-hosts", "eh", nil, "hosts to exclude to scan from the input list (ip, cidr, hostname)", goflags.FileCommaSeparatedStringSliceOptions),
-		flagSet.StringVar(&options.Resume, "resume", "", "resume scan using resume.cfg (clustering will be disabled)"),
+		flagSet.StringVar(&options.Resume, "resume", "", "resume scan from and save to specified file (clustering will be disabled)"),
 		flagSet.BoolVarP(&options.ScanAllIPs, "scan-all-ips", "sa", false, "scan all the IP's associated with dns record"),
 		flagSet.StringSliceVarP(&options.IPVersion, "ip-version", "iv", nil, "IP version to scan of hostname (4,6) - (default 4)", goflags.CommaSeparatedStringSliceOptions),
 	)