Initial commit

Author: ehsandeep

LICENSE.md

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2020 ProjectDiscovery, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,47 @@
+<h1 align="left">
+  <img src="https://github.com/projectdiscovery/nuclei/blob/master/static/nuclei-logo.png" alt="nuclei" width="200px"></a>
+  <br>
+</h1>
+
+[Nuclei Action](https://github.com/projectdiscovery/nuclei-action) makes it easy to orchestrate [Nuclei](https://github.com/projectdiscovery/nuclei) with [GitHub Action](https://github.com/features/actions).
+Integrate all of your [Nuclei Templates](https://github.com/projectdiscovery/nuclei-templates) into powerful continuous security workflows and make it part of your secure software development life cycle.
+
+
+
+Usage
+-----
+
+*.github/workflows/nuclei.yml* 
+```
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: "0 10 * * *"
+
+jobs:
+  worker:
+    runs-on: ubuntu-20.04
+    steps:
+      - uses: actions/checkout@v2
+
+      - uses: projectdiscovery/nuclei-action@main
+        with:
+          urls: "urls.txt"
+          output: "nuclei.log"
+
+      - uses: actions/upload-artifact@v2
+        with:
+          name: nuclei.log
+          path: nuclei.log
+```
+
+Inputs
+------
+
+| Key  | Description | Required |
+| :---:     |     :---:   |    :---:   |
+| `urls` | List of urls to run templates | true
+| `templates` | Templates input file/files to check across hosts | false
+| `output` | File to save output result | false
+| `nuclei-ignore` | Define templates that will be blocked from execution | false
+| `user-agent` | Set a User-Agent header | false

action.yml

@@ -0,0 +1,50 @@
+name: "Nuclei Action"
+description: "Nuclei is a fast and customisable vulnerability scanner based on simple YAML based DSL"
+
+inputs:
+  urls:
+    description: "List of urls to run templates"
+    required: true
+    default: "urls.txt"
+  templates:
+    description: "Templates input file/files to check across hosts"
+    required: false
+    default: "nuclei-templates"
+  output:
+    description: "File to save output result"
+    required: false
+    default: "nuclei.log"
+  nuclei-ignore:
+    description: "define templates that will be blocked from execution"
+    required: false
+    default: ".nuclei-ignore"
+  user-agent:
+    description: "Set a User-Agent header"
+    required: false
+    default: "Nuclei - Open-source project (github.com/projectdiscovery/nuclei)"
+
+runs:
+  using: "composite"
+  steps:
+    - run: |
+        GO111MODULE=on go get -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei
+        echo "/home/runner/go/bin/" >> $GITHUB_PATH
+      shell: bash
+
+    - run: |
+        nuclei \
+          -update-templates \
+          -update-directory ./ \
+          \
+
+        test -e ${{ inputs.nuclei-ignore }} && cp ${{ inputs.nuclei-ignore }} ${{ inputs.templates }}/.nuclei-ignore
+
+        nuclei \
+          -l ${{ inputs.urls }} \
+          -t ${{ inputs.templates }} \
+          -o ${{ inputs.output }} \
+          -H "User-Agent: ${{ inputs.user-agent }}" \
+          -json \
+          -include-rr \
+          \
+      shell: bash