nuclei
validator
nuclei | validator | |
---|---|---|
17 | 68 | |
17,293 | 15,597 | |
2.2% | 1.5% | |
9.8 | 7.4 | |
1 day ago | 4 days ago | |
Go | Go | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
nuclei
-
The 36 tools that SaaS can use to keep their product and data safe from criminal hackers (manual research)
Nuclei
- Show HN: Oneleet โ Penetration Testing for SoC 2 and beyond
-
Looking for short-term, resource intensive tasks to throw at a cloud server
If you own any web properties, you can use https://github.com/projectdiscovery/nuclei running in a beefy VM to scan them for vulnerabilities. It will scale to use all available resources if you give it a big box.
-
Pentesting Tools I Use Everyday
Learn more about nuclei here: https://nuclei.projectdiscovery.io/
-
How I found 130+ Sub-domain Takeover vulnerabilities using Nuclei
Read about how I was able to find 136 Sub-domain Takeover vulnerabilities on a Single Target using the Nuclei tool ๐๐๐Click Here - How I found 130+ Sub-domain Takeover vulnerabilities using Nuclei
-
How to develope a Network Vuln Scanner
Iโd look at flan and nmap and nuclei for inspiration.
-
Thoughts on Vuln scanning public facing websites/hosts during an incident?
Had an idea to leverage the community vuln scanner Nuclei (https://nuclei.projectdiscovery.io/) to just run a quick scan against the public facing hostname/IP. The job isn't supposed to be "hey you're vulnerable to xyz, but to aid in the discovering initial access. I believe this would be considered "good faith" and you're not technically be doing anything nefarious, but wanted to get the communities thoughts on this.
- Nuclei โ Community Powered Vulnerability Scanner
-
Log4J Network Scanning/Detection on a 100k+ Node Network
Check out Nuclei (https://github.com/projectdiscovery/nuclei)
validator
- API completa em Golang - Parte 7
- API completa em Golang - Parte 3
-
Is there any equivalent to pydantic, serde, etc?
go-playground/validator
- API completa em Golang - Parte 1
-
API validation in Gin: Ensuring Data Integrity in Your API
If you want to know all the available validation in Gin. Then you can look at this package because Gin uses this package under the hood. Package: https://github.com/go-playground/validator Specific-file: https://github.com/go-playground/validator/blob/master/baked_in.go#L73
-
Yet another validator 0.9.5
Now it has most of the Playground validator's common checks and a few own tricks.
-
Openapi server generation
In Go I've found this package - https://github.com/go-playground/validator. It seems popular in the community, but it is tag-based. It looks like if I wanted to use it - I would have to basically duplicate structs.
-
Validator in handler or domain
so I am working on a ecommerce api as a hobby project which is mostly inspired by wtf dial project I like to use validator package to remove boilerplate over my domain package for example take a look https://github.com/mortezadadgar/ecommerce-api/blob/b0bf43d042d62fdca1c2d097ec51b05bc539cef2/domain/users.go#L33 I have to option either add validate.Struct() to my domain which is suggested to avoid by author of wtf peoject or add it to handler which I doubt is a good idea as it's not in business logic of handler and makes unit testing harder
-
Request Validations in Go REST API
I use https://github.com/go-playground/validator, but honestly, I am not a fan. I just havenโt found anything better.
-
Tools besides Go for a newbie
IDE: use whatever make you productive. I personally use vscode. VCS: git, as golang communities use github heavily as base for many libraries. AFAIK Linter: use staticcheck for linting as it looks like mostly used linting tool in go, supported by many also. In Vscode it will be recommended once you install go plugin. Libraries/Framework: actually the standard libraries already included many things you need, decent enough for your day-to-day development cycles(e.g. `net/http`). But here are things for extra: - Struct fields validator: validator - Http server lib: chi router , httprouter , fasthttp (for non standard http implementations, but fast) - Web Framework: echo , gin , fiber , beego , etc - Http client lib: most already covered by stdlib(net/http), so you rarely need extra lib for this, but if you really need some are: resty - CLI: cobra - Config: godotenv , viper - DB Drivers: sqlx , postgre , sqlite , mysql - nosql: redis , mongodb , elasticsearch - ORM: gorm , entgo , sqlc(codegen) - JS Transpiler: gopherjs - GUI: fyne - grpc: grpc - logging: zerolog - test: testify , gomock , dockertest - and many others you can find here
What are some alternatives?
jaeles - The Swiss Army knife for automated Web Application Testing
ozzo-validation - An idiomatic Go (golang) validation package. Supports configurable and extensible validation rules (validators) using normal language constructs instead of error-prone struct tags.
ZAP - The ZAP core project
govalidator - [Go] Package of validators and sanitizers for strings, numerics, slices and structs
SQLMap - Automatic SQL injection and database takeover tool
grpc-go - The Go language implementation of gRPC. HTTP/2 based RPC
ffuf - Fast web fuzzer written in Go
viper - Go configuration with fangs
RustScan - ๐ค The Modern Port Scanner ๐ค
uuid - Go package for UUIDs based on RFC 4122 and DCE 1.1: Authentication and Security Services.
osmedeus - A Workflow Engine for Offensive Security
fiber-swagger - fiber middleware to automatically generate RESTful API documentation with Swagger 2.0.