search

projectdiscovery / nuclei

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
https://docs.projectdiscovery.io/tools/nuclei
MIT License
20.51k stars 2.5k forks source link

Create End-to-End (e2e) tests #2602

Open forgedhallpass opened 2 years ago

forgedhallpass commented 2 years ago

We want to make sure that our templates are working correctly even after a long periods of time.

Steps:

  1. Iterate all the existing templates from the nuclei-templates project
  2. Identify the subset which contains vulhub references
  3. Download the image, deploy it and run the template against it
  4. Make sure that nuclei found the vulnerability using the template

NOTE: The feasibility of the ticket has to be assessed, and it might require changes in the approach.

Other potential options:

  1. introducing a new field in the template that describes how the template needs to be executed against the target
  2. adding a mapping file with 3 columns: template | vulhub image/docker image | command to deploy image | command to execute template against the target

We might also need to consider creating a copy of the images in order no to be dependent on a third party, and this way we can also potentially add images from other sources, or create our own. This approach would require continuous maintenance work.

ehsandeep commented 2 years ago

apart from vulhub here is another project that may help while working on this - https://github.com/cckuailong/reapoc

forgedhallpass commented 2 years ago

apart from vulhub here is another project that may help while working on this - https://github.com/cckuailong/reapoc

Vulhub was just an example, we should definitely look into more sources!