Abstract | Extensible | Status | Identifiable | Custom Properties | Additional Properties | Access Restrictions | Defined In |
---|---|---|---|---|---|---|---|
Can be instantiated | No | Unknown status | No | Forbidden | Forbidden | none | nuclei-schema.schema.json* |
object
(Details)
Property | Type | Required | Nullable | Defined by |
---|---|---|---|---|
matchers | array | Optional | cannot be null | Untitled schema |
extractors | array | Optional | cannot be null | Untitled schema |
matchers-condition | string | Optional | cannot be null | Untitled schema |
path | array | Optional | cannot be null | Untitled schema |
raw | array | Optional | cannot be null | Untitled schema |
id | string | Optional | cannot be null | Untitled schema |
name | string | Optional | cannot be null | Untitled schema |
attack | object | Optional | cannot be null | Untitled schema |
method | object | Optional | cannot be null | Untitled schema |
body | string | Optional | cannot be null | Untitled schema |
payloads | object | Optional | cannot be null | Untitled schema |
headers | object | Optional | cannot be null | Untitled schema |
race_count | integer | Optional | cannot be null | Untitled schema |
max-redirects | integer | Optional | cannot be null | Untitled schema |
pipeline-concurrent-connections | integer | Optional | cannot be null | Untitled schema |
pipeline-requests-per-connection | integer | Optional | cannot be null | Untitled schema |
threads | integer | Optional | cannot be null | Untitled schema |
max-size | integer | Optional | cannot be null | Untitled schema |
fuzzing | array | Optional | cannot be null | Untitled schema |
self-contained | boolean | Optional | cannot be null | Untitled schema |
signature | object | Optional | cannot be null | Untitled schema |
cookie-reuse | boolean | Optional | cannot be null | Untitled schema |
disable-cookie | boolean | Optional | cannot be null | Untitled schema |
read-all | boolean | Optional | cannot be null | Untitled schema |
redirects | boolean | Optional | cannot be null | Untitled schema |
host-redirects | boolean | Optional | cannot be null | Untitled schema |
pipeline | boolean | Optional | cannot be null | Untitled schema |
unsafe | boolean | Optional | cannot be null | Untitled schema |
race | boolean | Optional | cannot be null | Untitled schema |
req-condition | boolean | Optional | cannot be null | Untitled schema |
stop-at-first-match | boolean | Optional | cannot be null | Untitled schema |
skip-variables-check | boolean | Optional | cannot be null | Untitled schema |
iterate-all | boolean | Optional | cannot be null | Untitled schema |
digest-username | string | Optional | cannot be null | Untitled schema |
digest-password | string | Optional | cannot be null | Untitled schema |
disable-path-automerge | boolean | Optional | cannot be null | Untitled schema |
filter | array | Optional | cannot be null | Untitled schema |
filter-condition | string | Optional | cannot be null | Untitled schema |
Detection mechanism to identify whether the request was successful by doing pattern matching
matchers
is optional
Type: object[]
(Details)
cannot be null
defined in: Untitled schema
object[]
(Details)
Extractors contains the extraction mechanism for the request to identify and extract parts of the response
extractors
is optional
Type: object[]
(Details)
cannot be null
defined in: Untitled schema
object[]
(Details)
Conditions between the matchers
matchers-condition
is optional
Type: string
(condition between the matchers)
cannot be null
defined in: Untitled schema
string
(condition between the matchers)
enum: the value of this property must be equal to one of the following values:
Value | Explanation |
---|---|
"and" | |
"or" |
Path(s) to send http requests to
path
is optional
Type: string[]
cannot be null
defined in: Untitled schema
string[]
HTTP Requests in Raw Format
raw
is optional
Type: string[]
cannot be null
defined in: Untitled schema
string[]
ID for the HTTP Request
id
is optional
Type: string
(id for the http request)
cannot be null
defined in: Untitled schema
string
(id for the http request)
Optional name for the HTTP Request
name
is optional
Type: string
(name for the http request)
cannot be null
defined in: Untitled schema
string
(name for the http request)
Attack is the type of payload combinations to perform
attack
is optional
Type: object
(attack is the payload combination)
cannot be null
defined in: Untitled schema
object
(attack is the payload combination)
Method is the HTTP Request Method
method
is optional
Type: object
(method is the http request method)
cannot be null
defined in: Untitled schema
object
(method is the http request method)
Body is an optional parameter which contains HTTP Request body
body
is optional
Type: string
(body is the http request body)
cannot be null
defined in: Untitled schema
string
(body is the http request body)
Payloads contains any payloads for the current request
payloads
is optional
Type: object
(payloads for the http request)
cannot be null
defined in: Untitled schema
object
(payloads for the http request)
Headers contains HTTP Headers to send with the request
headers
is optional
Type: object
(headers to send with the http request)
cannot be null
defined in: Untitled schema
object
(headers to send with the http request)
Number of times to send a request in Race Condition Attack
race_count
is optional
Type: integer
(number of times to repeat request in race condition)
cannot be null
defined in: Untitled schema
integer
(number of times to repeat request in race condition)
Maximum number of redirects that should be followed
max-redirects
is optional
Type: integer
(maximum number of redirects to follow)
cannot be null
defined in: Untitled schema
integer
(maximum number of redirects to follow)
Number of connections to create during pipelining
pipeline-concurrent-connections
is optional
Type: integer
(number of pipelining connections)
cannot be null
defined in: Untitled schema
integer
(number of pipelining connections)
Number of requests to send per connection when pipelining
pipeline-requests-per-connection
is optional
Type: integer
(number of requests to send per pipelining connections)
cannot be null
defined in: Untitled schema
integer
(number of requests to send per pipelining connections)
Threads specifies number of threads to use sending requests. This enables Connection Pooling
threads
is optional
Type: integer
(threads for sending requests)
cannot be null
defined in: Untitled schema
integer
(threads for sending requests)
Maximum size of http response body to read in bytes
max-size
is optional
Type: integer
(maximum http response body size)
cannot be null
defined in: Untitled schema
integer
(maximum http response body size)
Fuzzing describes rule schema to fuzz http requests
fuzzing
is optional
Type: object[]
(Details)
cannot be null
defined in: Untitled schema
object[]
(Details)
self-contained
is optional
Type: boolean
cannot be null
defined in: Untitled schema
boolean
Signature is the HTTP Request signature Method
signature
is optional
Type: object
(signature is the http request signature method)
cannot be null
defined in: Untitled schema
object
(signature is the http request signature method)
Optional setting that enables cookie reuse
cookie-reuse
is optional
Type: boolean
(optional cookie reuse enable)
cannot be null
defined in: Untitled schema
boolean
(optional cookie reuse enable)
Optional setting that disables cookie reuse
disable-cookie
is optional
Type: boolean
(optional disable cookie reuse)
cannot be null
defined in: Untitled schema
boolean
(optional disable cookie reuse)
Enables force reading of entire unsafe http request body
read-all
is optional
Type: boolean
(force read all body)
cannot be null
defined in: Untitled schema
boolean
(force read all body)
Specifies whether redirects should be followed by the HTTP Client
redirects
is optional
Type: boolean
(follow http redirects)
cannot be null
defined in: Untitled schema
boolean
(follow http redirects)
Specifies whether redirects to the same host should be followed by the HTTP Client
host-redirects
is optional
Type: boolean
(follow same host http redirects)
cannot be null
defined in: Untitled schema
boolean
(follow same host http redirects)
Pipeline defines if the attack should be performed with HTTP 1.1 Pipelining
pipeline
is optional
Type: boolean
(perform HTTP 1.1 pipelining)
cannot be null
defined in: Untitled schema
boolean
(perform HTTP 1.1 pipelining)
Unsafe specifies whether to use rawhttp engine for sending Non RFC-Compliant requests
unsafe
is optional
Type: boolean
(use rawhttp non-strict-rfc client)
cannot be null
defined in: Untitled schema
boolean
(use rawhttp non-strict-rfc client)
Race determines if all the request have to be attempted at the same time (Race Condition)
race
is optional
Type: boolean
(perform race-http request coordination attack)
cannot be null
defined in: Untitled schema
boolean
(perform race-http request coordination attack)
Automatically assigns numbers to requests and preserves their history
req-condition
is optional
Type: boolean
(preserve request history)
cannot be null
defined in: Untitled schema
boolean
(preserve request history)
Stop the execution after a match is found
stop-at-first-match
is optional
Type: boolean
(stop at first match)
cannot be null
defined in: Untitled schema
boolean
(stop at first match)
Skips the check for unresolved variables in request
skip-variables-check
is optional
Type: boolean
(skip variable checks)
cannot be null
defined in: Untitled schema
boolean
(skip variable checks)
Iterates all the values extracted from internal extractors
iterate-all
is optional
Type: boolean
(iterate all the values)
cannot be null
defined in: Untitled schema
boolean
(iterate all the values)
Optional parameter which specifies the username for digest auth
digest-username
is optional
Type: string
(specifies the username for digest authentication)
cannot be null
defined in: Untitled schema
string
(specifies the username for digest authentication)
Optional parameter which specifies the password for digest auth
digest-password
is optional
Type: string
(specifies the password for digest authentication)
cannot be null
defined in: Untitled schema
string
(specifies the password for digest authentication)
Disable merging target url path with raw request path
disable-path-automerge
is optional
Type: boolean
(disable auto merging of path)
cannot be null
defined in: Untitled schema
boolean
(disable auto merging of path)
Filter is matcher-like field to check if fuzzing should be performed on this request or not
filter
is optional
Type: object[]
(Details)
cannot be null
defined in: Untitled schema
object[]
(Details)
Conditions between the filters
filter-condition
is optional
Type: string
(condition between the filters)
cannot be null
defined in: Untitled schema
string
(condition between the filters)
enum: the value of this property must be equal to one of the following values:
Value | Explanation |
---|---|
"and" | |
"or" |
Abstract | Extensible | Status | Identifiable | Custom Properties | Additional Properties | Access Restrictions | Defined In |
---|---|---|---|---|---|---|---|
Can be instantiated | No | Unknown status | No | Forbidden | Forbidden | none | nuclei-schema.schema.json* |
object
(Details)
Property | Type | Required | Nullable | Defined by |
---|---|---|---|---|
matchers | array | Optional | cannot be null | Untitled schema |
extractors | array | Optional | cannot be null | Untitled schema |
matchers-condition | string | Optional | cannot be null | Untitled schema |
path | array | Optional | cannot be null | Untitled schema |
raw | array | Optional | cannot be null | Untitled schema |
id | string | Optional | cannot be null | Untitled schema |
name | string | Optional | cannot be null | Untitled schema |
attack | object | Optional | cannot be null | Untitled schema |
method | object | Optional | cannot be null | Untitled schema |
body | string | Optional | cannot be null | Untitled schema |
payloads | object | Optional | cannot be null | Untitled schema |
headers | object | Optional | cannot be null | Untitled schema |
race_count | integer | Optional | cannot be null | Untitled schema |
max-redirects | integer | Optional | cannot be null | Untitled schema |
pipeline-concurrent-connections | integer | Optional | cannot be null | Untitled schema |
pipeline-requests-per-connection | integer | Optional | cannot be null | Untitled schema |
threads | integer | Optional | cannot be null | Untitled schema |
max-size | integer | Optional | cannot be null | Untitled schema |
fuzzing | array | Optional | cannot be null | Untitled schema |
self-contained | boolean | Optional | cannot be null | Untitled schema |
signature | object | Optional | cannot be null | Untitled schema |
cookie-reuse | boolean | Optional | cannot be null | Untitled schema |
disable-cookie | boolean | Optional | cannot be null | Untitled schema |
read-all | boolean | Optional | cannot be null | Untitled schema |
redirects | boolean | Optional | cannot be null | Untitled schema |
host-redirects | boolean | Optional | cannot be null | Untitled schema |
pipeline | boolean | Optional | cannot be null | Untitled schema |
unsafe | boolean | Optional | cannot be null | Untitled schema |
race | boolean | Optional | cannot be null | Untitled schema |
req-condition | boolean | Optional | cannot be null | Untitled schema |
stop-at-first-match | boolean | Optional | cannot be null | Untitled schema |
skip-variables-check | boolean | Optional | cannot be null | Untitled schema |
iterate-all | boolean | Optional | cannot be null | Untitled schema |
digest-username | string | Optional | cannot be null | Untitled schema |
digest-password | string | Optional | cannot be null | Untitled schema |
disable-path-automerge | boolean | Optional | cannot be null | Untitled schema |
filter | array | Optional | cannot be null | Untitled schema |
filter-condition | string | Optional | cannot be null | Untitled schema |
Detection mechanism to identify whether the request was successful by doing pattern matching
matchers
is optional
Type: object[]
(Details)
cannot be null
defined in: Untitled schema
object[]
(Details)
Extractors contains the extraction mechanism for the request to identify and extract parts of the response
extractors
is optional
Type: object[]
(Details)
cannot be null
defined in: Untitled schema
object[]
(Details)
Conditions between the matchers
matchers-condition
is optional
Type: string
(condition between the matchers)
cannot be null
defined in: Untitled schema
string
(condition between the matchers)
enum: the value of this property must be equal to one of the following values:
Value | Explanation |
---|---|
"and" | |
"or" |
Path(s) to send http requests to
path
is optional
Type: string[]
cannot be null
defined in: Untitled schema
string[]
HTTP Requests in Raw Format
raw
is optional
Type: string[]
cannot be null
defined in: Untitled schema
string[]
ID for the HTTP Request
id
is optional
Type: string
(id for the http request)
cannot be null
defined in: Untitled schema
string
(id for the http request)
Optional name for the HTTP Request
name
is optional
Type: string
(name for the http request)
cannot be null
defined in: Untitled schema
string
(name for the http request)
Attack is the type of payload combinations to perform
attack
is optional
Type: object
(attack is the payload combination)
cannot be null
defined in: Untitled schema
object
(attack is the payload combination)
Method is the HTTP Request Method
method
is optional
Type: object
(method is the http request method)
cannot be null
defined in: Untitled schema
object
(method is the http request method)
Body is an optional parameter which contains HTTP Request body
body
is optional
Type: string
(body is the http request body)
cannot be null
defined in: Untitled schema
string
(body is the http request body)
Payloads contains any payloads for the current request
payloads
is optional
Type: object
(payloads for the http request)
cannot be null
defined in: Untitled schema
object
(payloads for the http request)
Headers contains HTTP Headers to send with the request
headers
is optional
Type: object
(headers to send with the http request)
cannot be null
defined in: Untitled schema
object
(headers to send with the http request)
Number of times to send a request in Race Condition Attack
race_count
is optional
Type: integer
(number of times to repeat request in race condition)
cannot be null
defined in: Untitled schema
integer
(number of times to repeat request in race condition)
Maximum number of redirects that should be followed
max-redirects
is optional
Type: integer
(maximum number of redirects to follow)
cannot be null
defined in: Untitled schema
integer
(maximum number of redirects to follow)
Number of connections to create during pipelining
pipeline-concurrent-connections
is optional
Type: integer
(number of pipelining connections)
cannot be null
defined in: Untitled schema
integer
(number of pipelining connections)
Number of requests to send per connection when pipelining
pipeline-requests-per-connection
is optional
Type: integer
(number of requests to send per pipelining connections)
cannot be null
defined in: Untitled schema
integer
(number of requests to send per pipelining connections)
Threads specifies number of threads to use sending requests. This enables Connection Pooling
threads
is optional
Type: integer
(threads for sending requests)
cannot be null
defined in: Untitled schema
integer
(threads for sending requests)
Maximum size of http response body to read in bytes
max-size
is optional
Type: integer
(maximum http response body size)
cannot be null
defined in: Untitled schema
integer
(maximum http response body size)
Fuzzing describes rule schema to fuzz http requests
fuzzing
is optional
Type: object[]
(Details)
cannot be null
defined in: Untitled schema
object[]
(Details)
self-contained
is optional
Type: boolean
cannot be null
defined in: Untitled schema
boolean
Signature is the HTTP Request signature Method
signature
is optional
Type: object
(signature is the http request signature method)
cannot be null
defined in: Untitled schema
object
(signature is the http request signature method)
Optional setting that enables cookie reuse
cookie-reuse
is optional
Type: boolean
(optional cookie reuse enable)
cannot be null
defined in: Untitled schema
boolean
(optional cookie reuse enable)
Optional setting that disables cookie reuse
disable-cookie
is optional
Type: boolean
(optional disable cookie reuse)
cannot be null
defined in: Untitled schema
boolean
(optional disable cookie reuse)
Enables force reading of entire unsafe http request body
read-all
is optional
Type: boolean
(force read all body)
cannot be null
defined in: Untitled schema
boolean
(force read all body)
Specifies whether redirects should be followed by the HTTP Client
redirects
is optional
Type: boolean
(follow http redirects)
cannot be null
defined in: Untitled schema
boolean
(follow http redirects)
Specifies whether redirects to the same host should be followed by the HTTP Client
host-redirects
is optional
Type: boolean
(follow same host http redirects)
cannot be null
defined in: Untitled schema
boolean
(follow same host http redirects)
Pipeline defines if the attack should be performed with HTTP 1.1 Pipelining
pipeline
is optional
Type: boolean
(perform HTTP 1.1 pipelining)
cannot be null
defined in: Untitled schema
boolean
(perform HTTP 1.1 pipelining)
Unsafe specifies whether to use rawhttp engine for sending Non RFC-Compliant requests
unsafe
is optional
Type: boolean
(use rawhttp non-strict-rfc client)
cannot be null
defined in: Untitled schema
boolean
(use rawhttp non-strict-rfc client)
Race determines if all the request have to be attempted at the same time (Race Condition)
race
is optional
Type: boolean
(perform race-http request coordination attack)
cannot be null
defined in: Untitled schema
boolean
(perform race-http request coordination attack)
Automatically assigns numbers to requests and preserves their history
req-condition
is optional
Type: boolean
(preserve request history)
cannot be null
defined in: Untitled schema
boolean
(preserve request history)
Stop the execution after a match is found
stop-at-first-match
is optional
Type: boolean
(stop at first match)
cannot be null
defined in: Untitled schema
boolean
(stop at first match)
Skips the check for unresolved variables in request
skip-variables-check
is optional
Type: boolean
(skip variable checks)
cannot be null
defined in: Untitled schema
boolean
(skip variable checks)
Iterates all the values extracted from internal extractors
iterate-all
is optional
Type: boolean
(iterate all the values)
cannot be null
defined in: Untitled schema
boolean
(iterate all the values)
Optional parameter which specifies the username for digest auth
digest-username
is optional
Type: string
(specifies the username for digest authentication)
cannot be null
defined in: Untitled schema
string
(specifies the username for digest authentication)
Optional parameter which specifies the password for digest auth
digest-password
is optional
Type: string
(specifies the password for digest authentication)
cannot be null
defined in: Untitled schema
string
(specifies the password for digest authentication)
Disable merging target url path with raw request path
disable-path-automerge
is optional
Type: boolean
(disable auto merging of path)
cannot be null
defined in: Untitled schema
boolean
(disable auto merging of path)
Filter is matcher-like field to check if fuzzing should be performed on this request or not
filter
is optional
Type: object[]
(Details)
cannot be null
defined in: Untitled schema
object[]
(Details)
Conditions between the filters
filter-condition
is optional
Type: string
(condition between the filters)
cannot be null
defined in: Untitled schema
string
(condition between the filters)
enum: the value of this property must be equal to one of the following values:
Value | Explanation |
---|---|
"and" | |
"or" |