projectdiscovery/nuclei-burp-plugin

Population of Template's information

Roni-Carta opened this issue · 1 comments

Roni-Carta commented

Hey ! :D

How are you today ?

It would be great to have the ability to auto populate or manually populate some fields of the template in the info part.

Here are some ideas:

  • template-id could be the name of the current repeater tab
  • Having a panel in the window to chose the severity and write the description, author name, reference and tags. Even though we can overwrite those informations easily in the editor, a population that might not have the knowledge of nuclei's templating syntax might be confused by how to populate some fields and having a GUI could help

Moreover it would be great to have a popup or a text somewhere stating "Hey be careful when sharing this template, you might want to strop some confidential data"

What do you think ?

Have an amazing day,

Cheers !

Roni

forgedhallpass commented

Hello @Roni-Carta,

First, thank you for your feedback!

template-id could be the name of the current repeater tab

Sadly the Burp Extender API does not provide a straight forward way to extract the repeater tab name.

Having a panel in the window to chose the severity and write the description, author name, reference and tags. Even though we can overwrite those informations easily in the editor, a population that might not have the knowledge of nuclei's templating syntax might be confused by how to populate some fields and having a GUI could help

Since the plugin already generates the fields you have mentioned, I'll consider this as low priority. I would argue that for a person who wants to "operate" a vulnerability scanner and generate templates for it, should not have problems with modifying values of YAML fields ;) BTW the author field can be configured through the settings.

Moreover it would be great to have a popup or a text somewhere stating "Hey be careful when sharing this template, you might want to strop some confidential data".

We can consider something like this for the future, although personally if I'd keep seeing this pop-up every time, I would find it rather annoying.