Option to output tech detect from automatic scans

[h3dg3h0gg]

Please describe your feature request:

Since Nuclei now performs automatic scans based on both wappalyzer and tech scripts, it would be cool to have a feature that prints the techs in the same format as httpx.

Describe the use case of this feature:

In cases where you want to identify the techs and run a nuclei -as scan, to get the tech detect output, you need to run wappalyzer twice.

Also, now that Nuclei uses both wappalyzer and tech templates to identify the technologies, I believe Nuclei could be a better choice than httpx for this task.

Workaround

In the meanwhile, you can run this command to get the techs from a -as scan:

nuclei -u $URL -as -vv -j -o nuclei-output.json 2>&1 | grep "Final tags identified" | sed 's/.*: \[\(.*\)\]/\1/' | sed "s/ /', '/g" | awk "{print \"['\"\$0\"']\"}"
# Saves the result of the Nuclei scan as json in nuclei-output.json
# Prints ['python', 'simplehttp'], the result of wappalyzer and tech scripts combined

There is a debug line that prints the techs found, so we can grep it and output it formatted as a python list while the actual scan outputs in a json file.

[GeorginaReeder]

Thanks so much for this feature request @h3dg3h0gg , we appreciate it!

[kchason]

I can work on this.

What is the desired output from this? Inline console output after the hostname e.g. wordpress.org [wordpress] or added to the JSON output as a new array field?