search

infobyte / faraday_plugins

Security tools report parsers for Faradaysec.com
https://www.faradaysec.com/
GNU General Public License v3.0
47 stars 17 forks source link

Nuclei plugin doesn't report to faraday #9

Closed Dr4s1l closed 2 years ago

Dr4s1l commented 2 years ago

Does the nuclei plugin actually work ? Looks like it load the command using faraday-cli nuclei -u url but no data are returned to faraday GUI

Dr4s1l commented 2 years ago

ok no console interaction, build one.

f-amato commented 2 years ago

Hi @Dr4s1l, you can import using faraday-cli or web-ui the nuclei json. Let me know what are you looking for. Are you looking a way to run nuclei directly in nuclei and automagic import the results like nmap? Could you please send us more info? Happy hacking!

Dr4s1l commented 2 years ago

Hello @f-amato, thanks for the answer. Yes I want something interactive like the nmap console module one. Why not using this scheme for most cli tools ?

f-amato commented 2 years ago

It isn't a thing about cli. We manage a lot of plugins maybe that function isn't available in the moment in the develop of that specify plugin didn't support command but I just add for u, It will available in the next faraday-plugin releases in the mean time you can patch using the follow file attached nuclei.txt

Remember you have first uninstall your pip faraday-plugins

$ pip uninstall faraday-plugins
$ git clone https://github.com/infobyte/faraday_plugins.git
$ cd faraday_plugins
$ patch -p1 < nuclei.txt

$ pip install -e .

You can try use the nuclei command from the cli testing:

$ faraday-plugins detect-command "nuclei -u www.google.com"
$ faraday-plugins process-command -dr "nuclei -u www.google.com"
Command:  nuclei --json -irr -o /var/folders/xf/m_rnzh4j5k1fclc67krl5h1m0000gn/T/nuclei_jp3l0p1s.json -u www.google.com

Then you can try directly from your faraday-cli instance if everything is ok