ProjectDiscovery
-validate flag
#6330
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
{{ message }}
Uh oh!
There was an error while loading. Please reload this page.
-
There is a flaw in Nuclei's -validate flag where it fails to detect certain semantic or type-level syntax errors in templates. For example, a matcher may use the field response_time—which is not a valid field—instead of the correct duration. Despite this mistake, the -validate flag still reports the template as valid. This indicates that while -validate can catch basic YAML syntax and structural issues, it does not fully verify whether all DSL fields and matcher types are semantically correct or officially supported by the engine
Beta Was this translation helpful? Give feedback.
All reactions