Merge pull request #571 from projectdiscovery/dev

naabu v2.1.2

.github/stale.yml

@@ -0,0 +1,27 @@
+# Number of days of inactivity before an issue becomes stale
+daysUntilStale: 7
+
+# Number of days of inactivity before a stale issue is closed
+daysUntilClose: 7
+
+# Issues with these labels will never be considered stale
+# exemptLabels:
+#   - pinned
+#   - security
+
+# Only issues or pull requests with all of these labels are check if stale.
+onlyLabels:
+  - "Status: Abandoned"
+  - "Type: Question"
+
+# Label to use when marking as stale
+staleLabel: stale
+
+# Comment to post when marking an issue as stale. Set to `false` to disable
+markComment: >
+  This issue has been automatically marked as stale because it has not had
+  recent activity. It will be closed if no further activity occurs. Thank you
+  for your contributions.
+
+# Comment to post when closing a stale issue. Set to `false` to disable
+closeComment: false

.github/workflows/build-test.yml

@@ -1,17 +1,16 @@
 name: 🔨 Build Test
 on:
-  push:
   pull_request:
   workflow_dispatch:
 
 jobs:
   build-linux:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-latest-16-cores
     steps:
       - name: Set up Go
         uses: actions/setup-go@v3
         with:
-          go-version: 1.18
+          go-version: 1.19
 
       - name: Check out code
         uses: actions/checkout@v3
@@ -38,7 +37,7 @@ jobs:
 
       - name: Race Condition Tests
         run: |
-          sudo go run -race . -host scanme.sh
+          go run -race . -host scanme.sh
         working-directory: v2/cmd/naabu/
 
   build-mac:
@@ -47,7 +46,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v3
         with:
-          go-version: 1.18
+          go-version: 1.19
 
       - name: Check out code
         uses: actions/checkout@v3
@@ -74,6 +73,7 @@ jobs:
 
       - name: Race Condition Tests
         run: |
+          go run -race . -host scanme.sh
           sudo go run -race . -host scanme.sh
         working-directory: v2/cmd/naabu/
 
@@ -83,7 +83,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v3
         with:
-          go-version: 1.18
+          go-version: 1.19
 
       - name: Check out code
         uses: actions/checkout@v3
@@ -100,4 +100,5 @@ jobs:
         # Known issue: https://github.com/golang/go/issues/46099
         run: |
           # go run -race . -host scanme.sh
+          # sudo go run -race . -host scanme.sh
         working-directory: v2/cmd/naabu/

.github/workflows/codeql-analysis.yml

@@ -2,15 +2,14 @@ name: 🚨 CodeQL Analysis
 
 on:
   workflow_dispatch:
-  push:
   pull_request:
     branches:
       - dev
 
 jobs:
   analyze:
     name: Analyze
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-latest-16-cores
     permissions:
       actions: read
       contents: read

.github/workflows/dockerhub-push.yml

@@ -9,15 +9,15 @@ on:
 
 jobs:
   docker:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-latest-16-cores
     steps:
       - name: Checkout
         uses: actions/checkout@v3
 
       - name: Get Github tag
         id: meta
         run: |
-          echo "::set-output name=tag::$(curl --silent "https://api.github.com/repos/projectdiscovery/naabu/releases/latest" | jq -r .tag_name)"
+          curl --silent "https://api.github.com/repos/projectdiscovery/naabu/releases/latest" | jq -r .tag_name | xargs -I {} echo TAG={} >> $GITHUB_OUTPUT
 
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v2
@@ -32,9 +32,9 @@ jobs:
           password: ${{ secrets.DOCKER_TOKEN }}
 
       - name: Build and push
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v4
         with:
           context: .
           platforms: linux/amd64,linux/arm64,linux/arm
           push: true
-          tags: projectdiscovery/naabu:latest,projectdiscovery/naabu:${{ steps.meta.outputs.tag }}
+          tags: projectdiscovery/naabu:latest,projectdiscovery/naabu:${{ steps.meta.outputs.TAG }}

.github/workflows/functional-test.yml

@@ -1,6 +1,5 @@
 name: 🧪 Functional Test
 on:
-  push:
   pull_request:
   workflow_dispatch:
 
@@ -10,13 +9,13 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        os: [ubuntu-latest] # Todo: windows-latest, macOS-latest
+        os: [ubuntu-latest-16-cores] # Todo: windows-latest, macOS-latest
 
     steps:
       - name: Set up Go
         uses: actions/setup-go@v3
         with:
-          go-version: 1.18
+          go-version: 1.19
 
       - name: Check out code
         uses: actions/checkout@v3

.github/workflows/lint-test.yml

@@ -1,27 +1,26 @@
 name: 🙏🏻 Lint Test
 on:
-  push:
   pull_request:
   workflow_dispatch:
 
 jobs:
   lint:
     name: Lint Test
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-latest-16-cores
     steps:
       - name: Checkout code
         uses: actions/checkout@v3
 
       - name: Set up Go
         uses: actions/setup-go@v3
         with:
-          go-version: 1.18
+          go-version: 1.19
 
       - name: Install Dependences
         run: sudo apt install libpcap-dev
 
       - name: Run golangci-lint
-        uses: golangci/golangci-lint-action@v3.3.0
+        uses: golangci/golangci-lint-action@v3.4.0
         with:
           version: latest
           args: --timeout 5m

.github/workflows/release-binary.yml

@@ -17,11 +17,11 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v3
         with:
-          go-version: 1.18
+          go-version: 1.19
       - name: Install Dependences
         run: brew install libpcap
       - name: Run GoReleaser
-        uses: goreleaser/goreleaser-action@v3
+        uses: goreleaser/goreleaser-action@v4
         with:
           version: latest
           args: release -f .goreleaser/mac.yml --rm-dist
@@ -30,7 +30,7 @@ jobs:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
   build-linux:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-latest-16-cores
     steps:
       - name: Code checkout
         uses: actions/checkout@v3
@@ -39,22 +39,24 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v3
         with:
-          go-version: 1.18
+          go-version: 1.19
       - name: Install Dependences
         run: sudo apt install libpcap-dev
 
       - name: Run GoReleaser
-        uses: goreleaser/goreleaser-action@v3
+        uses: goreleaser/goreleaser-action@v4
         with:
           version: latest
           args: release -f .goreleaser/linux.yml --rm-dist
           workdir: v2
         env: 
           GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
           SLACK_WEBHOOK: "${{ secrets.RELEASE_SLACK_WEBHOOK }}"
+          DISCORD_WEBHOOK_ID: "${{ secrets.DISCORD_WEBHOOK_ID }}"
+          DISCORD_WEBHOOK_TOKEN: "${{ secrets.DISCORD_WEBHOOK_TOKEN }}"
 
   build-windows:
-    runs-on: windows-latest
+    runs-on: windows-latest-8-cores
     steps:
       - name: Code checkout
         uses: actions/checkout@v3
@@ -63,9 +65,9 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v3
         with:
-          go-version: 1.18
+          go-version: 1.19
       - name: Run GoReleaser
-        uses: goreleaser/goreleaser-action@v3
+        uses: goreleaser/goreleaser-action@v4
         with:
           version: latest
           args: release -f .goreleaser/windows.yml --rm-dist

.gitignore

@@ -1,6 +1,8 @@
 cmd/naabu/naabu*
 v2/cmd/naabu/naabu*
 vendor
+integration_tests/naabu
+integration_tests/integration-test
 v2/cmd/functional-test/naabu_dev
 v2/cmd/functional-test/functional-test
 v2/cmd/functional-test/naabu

Dockerfile

@@ -1,8 +1,8 @@
-FROM golang:1.19.2-alpine AS builder
+FROM golang:1.20.1-alpine AS builder
 RUN apk add build-base libpcap-dev
 RUN go install -v github.com/projectdiscovery/naabu/v2/cmd/naabu@latest
 
-FROM alpine:3.16.2
+FROM alpine:3.17.2
 RUN apk add nmap libpcap-dev bind-tools ca-certificates nmap-scripts
 COPY --from=builder /go/bin/naabu /usr/local/bin/naabu
 ENTRYPOINT ["naabu"]

README.md

@@ -23,7 +23,7 @@
   <a href="https://discord.gg/projectdiscovery">Discord</a>
 </p>
 
-Naabu is a port scanning tool written in Go that allows you to enumerate valid ports for hosts in a fast and reliable manner. It is a really simple tool that does fast SYN/CONNECT scans on the host/list of hosts and lists
+Naabu is a port scanning tool written in Go that allows you to enumerate valid ports for hosts in a fast and reliable manner. It is a really simple tool that does fast SYN/CONNECT/UDP scans on the host/list of hosts and lists
 all ports that return a reply.
 
 # Features
@@ -33,7 +33,7 @@ all ports that return a reply.
   <br>
 </h1>
 
- - Fast And Simple **SYN/CONNECT** probe based scanning
+ - Fast And Simple **SYN/CONNECT/UDP** probe based scanning
  - Optimized for ease of use and **lightweight** on resources
  - **DNS** Port scan
  - **Automatic IP Deduplication** for DNS port scan
@@ -63,7 +63,7 @@ INPUT:
    -exclude-file, -ef string   list of hosts to exclude from scan (file)
 
 PORT:
-   -port, -p string            ports to scan (80,443, 100-200)
+   -port, -p string            ports to scan (80,443,100-200,u:53)
    -top-ports, -tp string      top ports to scan (default 100)
    -exclude-ports, -ep string  ports to exclude from scan (comma-separated)
    -ports-file, -pf string     list of ports to scan (file)
@@ -108,6 +108,7 @@ HOST-DISCOVERY:
    -pm, -probe-icmp-address-mask  ICMP address mask request Ping (host discovery needs to be enabled)
    -arp, -arp-ping                ARP ping (host discovery needs to be enabled)
    -nd, -nd-ping                  IPv6 Neighbor Discovery (host discovery needs to be enabled)
+   -rev-ptr                       Reverse PTR lookup for input ips
 
 OPTIMIZATION:
    -retries int       number of retries for the port scan (default 3)
@@ -174,10 +175,10 @@ hackerone.com:8443
 hackerone.com:8080
 ```
 
-The ports to scan for on the host can be specified via `-p` parameter. It takes nmap format ports and runs enumeration on them.
+The ports to scan for on the host can be specified via `-p` parameter (udp ports must be expressed as `u:port`). It takes nmap format ports and runs enumeration on them.
 
 ```sh
-naabu -p 80,443,21-23 -host hackerone.com
+naabu -p 80,443,21-23,u:53 -host hackerone.com
 ```
 
 By default, the Naabu checks for nmap's `Top 100` ports. It supports following in-built port lists -
@@ -360,8 +361,6 @@ import (
 
 func main() {
 	options := runner.Options{
-		ResumeCfg: &runner.ResumeCfg{},
-		Retries:   1,
 		Host:      goflags.StringSlice{"scanme.sh"},
 		OnResult: func(hr *result.HostResult) {
 			log.Println(hr.Host, hr.Ports)

v2/.goreleaser/linux.yml

@@ -27,4 +27,8 @@ announce:
     enabled: true
     channel: '#release'
     username: GoReleaser
-    message_template: '{{ .ProjectName }} {{ .Tag }} is out! Check it out at {{ .ReleaseURL }}' 
+    message_template: 'New Release: {{ .ProjectName }} {{.Tag}} is published! Check it out at {{ .ReleaseURL }}'
+
+  discord:
+    enabled: true
+    message_template: '**New Release: {{ .ProjectName }} {{.Tag}}** is published! Check it out at {{ .ReleaseURL }}'

v2/cmd/functional-test/testcases.txt

@@ -3,8 +3,8 @@
 127.0.0.1 {{binary}} -tp 100
 127.0.0.1 {{binary}} -ep 80 -p 8000
 127.0.0.1 {{binary}} -c 25 -p 8000
-127.0.0.1 {{binary}} -nmap-cli 'nmap -Pn -sT' -p 8000
+127.0.0.1 {{binary}} -nmap-cli '-Pn -sT' -p 8000
 127.0.0.1 {{binary}} -json
-127.0.0.1 {{binary}} -nmap-cli 'nmap -sT'
+127.0.0.1 {{binary}} -nmap-cli '-sT'
 scanme.sh {{binary}} -stream -passive
 scanme.sh {{binary}} -stream -passive -verify