engine

package
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 12, 2026 License: MIT Imports: 11 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Runner 

type Runner struct {
	// contains filtered or unexported fields
}

Runner orchestrates the full scan pipeline: config + spec → classify → generate templates → scan → output

func NewRunner 

func NewRunner(cfg *config.Config, target string, out *output.OutputWriter, verbose bool) *Runner

NewRunner creates a new scan runner.

func (*Runner) GenerateOnly 

func (self *Runner) GenerateOnly(specPath, outputDir string) error

GenerateOnly generates all templates and writes them to outputDir without scanning.

func (*Runner) Run 

func (self *Runner) Run(ctx context.Context, specPath string) ([]output.Finding, error)

Run executes the full pipeline and returns findings.

func (*Runner) RunDASTOnly 

func (self *Runner) RunDASTOnly(ctx context.Context, specPath string) ([]output.Finding, error)

RunDASTOnly executes a DAST-only scan: generates only fuzzing/injection templates for every endpoint and runs them. Ignores classification — treats all endpoints as injection-eligible.

type ScanEngine 

type ScanEngine struct {
	// contains filtered or unexported fields
}

ScanEngine wraps dual nuclei-sdk engines for standard and DAST scanning.

Two engines are required because nuclei's DAST mode enables the fuzzing engine but silently filters out non-fuzzing templates. Standard templates (auth, misconfig, rate limit, race condition) must run on a non-DAST engine, while fuzzing templates (injection, error disclosure body) must run on a DAST-enabled engine.

func New 

func New(cfg *config.Config, out *output.OutputWriter, verbose bool) (*ScanEngine, error)

New creates and initializes a ScanEngine with dual nuclei engines. The standard engine is always created; the DAST engine is only created when cfg.IsDASTEnabled() returns true.

func (*ScanEngine) Close 

func (self *ScanEngine) Close()

Close shuts down both scan engines and releases resources.

func (*ScanEngine) Scan 

func (self *ScanEngine) Scan(
	ctx context.Context,
	target string,
	tmpls []templates.TemplateEntry,
) ([]output.Finding, error)

Scan runs all generated templates against the target and returns findings.

Templates are split into standard and fuzzing groups, written to temp directories, and passed to nuclei-sdk via TemplateDirs so nuclei handles template loading and concurrency natively.

Two-phase execution:

  • Phase 1: standard templates on the non-DAST engine (auth, misconfig, rate limit, race)
  • Phase 2: fuzzing templates on the DAST engine, grouped by endpoint (injection, error disclosure body)

nuclei's DAST mode enables the fuzzing engine but filters non-fuzzing templates, so templates are split and run on the appropriate engine.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.