🐞 Bug report
Describe the bug
The nuclei cascading rule starts the nuclei scans only with the domain, not with a protocol.
Nuclei only runs a few select rules when you don't pass a protocol, the majority only run when the target starts with http / https
Steps To Reproduce
- Install cascading scans hook
- Install amass & nuclei
- Start subdomain scan
- Inspect params of started nuclei scans
Expected behavior
Nuclei scans should be created with a leading http / https protocol.
System (please complete the following information):
- secureCodeBox Version/Release: v3.1.1
Additional context
CascadingRule will probably have to be changed to only run when a scanner like nmap has detected if the http / https port are actually open, the domain findings do not indicate if http / https is used.
🐞 Bug report
Describe the bug
The nuclei cascading rule starts the nuclei scans only with the domain, not with a protocol.
Nuclei only runs a few select rules when you don't pass a protocol, the majority only run when the target starts with http / https
Steps To Reproduce
Expected behavior
Nuclei scans should be created with a leading http / https protocol.
System (please complete the following information):
Additional context
CascadingRule will probably have to be changed to only run when a scanner like nmap has detected if the http / https port are actually open, the domain findings do not indicate if http / https is used.