Replies: 1 comment
-
|
@akincibor Nuclei engine supports request clustering to reduce the number of requests, for example, here you can see only one request will be sent out even you are running 2 separate templates, so this is something already supported and works automatically. nuclei -id caddy-open-redirect,CVE-2021-3654 -u https://example.com -v
[INF] Templates loaded for scan: 2
[INF] Templates clustered: 2 (Reduced 1 HTTP Requests)
[VER] [CVE-2021-3654] Sent HTTP request to https://example.com//example.com/%2f..
[INF] No results found. Better luck next time!
I don't think removing the template will do any good as one can run the cves template but not the other template containing generic Unfortunately, we can not differentiate between generic and other kinds of redirects as responses are identical in all cases, but let me know if you have any more ideas or suggestions to improve this scenario. |
Beta Was this translation helpful? Give feedback.
-
Please describe your feature request:
I found that there are a lot of same template under different name that did the same request. We can reduce requests for these templates.
Describe the use case of this feature:
Reduction of request
Example
[2022-03-03 01:39:14] [open-redirect] [http] [low] https://REDACTED//example.com/%2F.. [redirect=/example.com/%2F..]
[2022-03-03 01:39:14] [caddy-open-redirect] [http] [medium] https://REDACTED//example.com/%2F..
[2022-03-03 01:39:14] [CVE-2021-3654] [http] [low] https://REDACTED//example.com/%2F..
caddy-open-redirect & CVE-2021-3654 can be deleted. There are a lot of false positive. This open redirect isn't related to caddy or this CVE. Just a normal open redirect.
Beta Was this translation helpful? Give feedback.
All reactions