Code smells

README.md

@@ -219,7 +219,7 @@ Nuclei offers great number of features that are helpful for security engineers t
 <tr>
 <td>  
 
-**For bugbounty hunters:**
+**For Bug Bounty hunters:**
 
 Nuclei allows you to customise your testing approach with your own suite of checks and easily run across your bug bounty programs. Moreover, Nuclei can be easily integrated into any continuous scanning workflow.
 
@@ -237,9 +237,9 @@ Please check our other open-source projects that might fit into your bug bounty
 <tr>
 <td>
 
-**For pentesters:**
+**For Penetration Testers:**
 
-Nuclei immensely improve how you approach security assessment by augmenting the manual repetitve processes. Consultancies are already converting their manual assessment steps with Nuclei, it allows them to run set of their custom assessment approach across thousands of hosts in an automated manner. 
+Nuclei immensely improve how you approach security assessment by augmenting the manual, repetitive processes. Consultancies are already converting their manual assessment steps with Nuclei, it allows them to run set of their custom assessment approach across thousands of hosts in an automated manner. 
 
 Pen-testers get the full power of our public templates and customization capabilities to speed-up their assessment process, and specifically with the regression cycle where you can easily verify the fix.
 
@@ -254,7 +254,7 @@ Pen-testers get the full power of our public templates and customization capabil
 
 # For Developers and Organisations
 
-Nuclei is built with simplicity in mind, with the community backed templates by hundreds of security researchers, it allows you to stay updated with latest security threats using continuous Nuclei scanning on the hosts. It is designed to be easily integrated into regression tests cycle, to verify the fixes and  eliminate vulnerabilities from occuring in future.
+Nuclei is built with simplicity in mind, with the community backed templates by hundreds of security researchers, it allows you to stay updated with the latest security threats using continuous Nuclei scanning on the hosts. It is designed to be easily integrated into regression tests cycle, to verify the fixes and eliminate vulnerabilities from occurring in the future.
 
 - **CI/CD:** Engineers are already utilising Nuclei within their CI/CD pipeline, it allows them to constantly monitor their staging and production environments with customised templates.
 - **Continuous Regression Cycle:** With Nuclei, you can create your custom template on every new identified vulnerability and put into Nuclei engine to eliminate in the continuous regression cycle.

SECURITY.md

@@ -2,4 +2,4 @@
 
 ## Reporting a Vulnerability
 
-DO NOT CREATE AN ISSUE to report a security problem. Instead, please send an email to security@projectdiscovery.io and we will acknowledge it within 3 working days.
+DO NOT CREATE AN ISSUE to report a security problem. Instead, please send an email to security@projectdiscovery.io, and we will acknowledge it within 3 working days.

v2/cmd/functional-test/main.go

@@ -10,6 +10,7 @@ import (
 
 	"github.com/logrusorgru/aurora"
 	"github.com/pkg/errors"
+
 	"github.com/projectdiscovery/nuclei/v2/internal/testutils"
 )
 
@@ -75,5 +76,5 @@ func runIndividualTestCase(testcase string) error {
 	if mainOutput == devOutput {
 		return nil
 	}
-	return fmt.Errorf("%s main is not equal to %s dev", mainOutput, devOutput)
+	return fmt.Errorf("%s main is not equal to %s dev", mainOutput, devOutput)
 }

v2/cmd/integration-test/dns.go

@@ -10,7 +10,7 @@ var dnsTestCases = map[string]testutils.TestCase{
 
 type dnsBasic struct{}
 
-// Executes executes a test case and returns an error if occurred
+// Execute executes a test case and returns an error if occurred
 func (h *dnsBasic) Execute(filePath string) error {
 	var routerErr error
 

v2/cmd/integration-test/http.go

@@ -44,7 +44,7 @@ func httpDebugRequestDump(r *http.Request) {
 
 type httpGetHeaders struct{}
 
-// Executes executes a test case and returns an error if occurred
+// Execute executes a test case and returns an error if occurred
 func (h *httpGetHeaders) Execute(filePath string) error {
 	router := httprouter.New()
 	router.GET("/", httprouter.Handle(func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
@@ -68,7 +68,7 @@ func (h *httpGetHeaders) Execute(filePath string) error {
 
 type httpGetQueryString struct{}
 
-// Executes executes a test case and returns an error if occurred
+// Execute executes a test case and returns an error if occurred
 func (h *httpGetQueryString) Execute(filePath string) error {
 	router := httprouter.New()
 	router.GET("/", httprouter.Handle(func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
@@ -92,7 +92,7 @@ func (h *httpGetQueryString) Execute(filePath string) error {
 
 type httpGetRedirects struct{}
 
-// Executes executes a test case and returns an error if occurred
+// Execute executes a test case and returns an error if occurred
 func (h *httpGetRedirects) Execute(filePath string) error {
 	router := httprouter.New()
 	router.GET("/", httprouter.Handle(func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
@@ -118,7 +118,7 @@ func (h *httpGetRedirects) Execute(filePath string) error {
 
 type httpGet struct{}
 
-// Executes executes a test case and returns an error if occurred
+// Execute executes a test case and returns an error if occurred
 func (h *httpGet) Execute(filePath string) error {
 	router := httprouter.New()
 	router.GET("/", httprouter.Handle(func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
@@ -140,7 +140,7 @@ func (h *httpGet) Execute(filePath string) error {
 
 type httpPostBody struct{}
 
-// Executes executes a test case and returns an error if occurred
+// Execute executes a test case and returns an error if occurred
 func (h *httpPostBody) Execute(filePath string) error {
 	router := httprouter.New()
 	var routerErr error
@@ -173,7 +173,7 @@ func (h *httpPostBody) Execute(filePath string) error {
 
 type httpPostJSONBody struct{}
 
-// Executes executes a test case and returns an error if occurred
+// Execute executes a test case and returns an error if occurred
 func (h *httpPostJSONBody) Execute(filePath string) error {
 	router := httprouter.New()
 	var routerErr error
@@ -212,7 +212,7 @@ func (h *httpPostJSONBody) Execute(filePath string) error {
 
 type httpPostMultipartBody struct{}
 
-// Executes executes a test case and returns an error if occurred
+// Execute executes a test case and returns an error if occurred
 func (h *httpPostMultipartBody) Execute(filePath string) error {
 	router := httprouter.New()
 	var routerErr error
@@ -255,7 +255,7 @@ func (h *httpPostMultipartBody) Execute(filePath string) error {
 
 type httpRawDynamicExtractor struct{}
 
-// Executes executes a test case and returns an error if occurred
+// Execute executes a test case and returns an error if occurred
 func (h *httpRawDynamicExtractor) Execute(filePath string) error {
 	router := httprouter.New()
 	var routerErr error
@@ -294,7 +294,7 @@ func (h *httpRawDynamicExtractor) Execute(filePath string) error {
 
 type httpRawGetQuery struct{}
 
-// Executes executes a test case and returns an error if occurred
+// Execute executes a test case and returns an error if occurred
 func (h *httpRawGetQuery) Execute(filePath string) error {
 	router := httprouter.New()
 	var routerErr error
@@ -323,7 +323,7 @@ func (h *httpRawGetQuery) Execute(filePath string) error {
 
 type httpRawGet struct{}
 
-// Executes executes a test case and returns an error if occurred
+// Execute executes a test case and returns an error if occurred
 func (h *httpRawGet) Execute(filePath string) error {
 	router := httprouter.New()
 	var routerErr error
@@ -351,7 +351,7 @@ func (h *httpRawGet) Execute(filePath string) error {
 
 type httpRawPayload struct{}
 
-// Executes executes a test case and returns an error if occurred
+// Execute executes a test case and returns an error if occurred
 func (h *httpRawPayload) Execute(filePath string) error {
 	router := httprouter.New()
 	var routerErr error
@@ -387,7 +387,7 @@ func (h *httpRawPayload) Execute(filePath string) error {
 
 type httpRawPostBody struct{}
 
-// Executes executes a test case and returns an error if occurred
+// Execute executes a test case and returns an error if occurred
 func (h *httpRawPostBody) Execute(filePath string) error {
 	router := httprouter.New()
 	var routerErr error
@@ -420,7 +420,7 @@ func (h *httpRawPostBody) Execute(filePath string) error {
 
 type httpRawCookieReuse struct{}
 
-// Executes executes a test case and returns an error if occurred
+// Execute executes a test case and returns an error if occurred
 func (h *httpRawCookieReuse) Execute(filePath string) error {
 	router := httprouter.New()
 	var routerErr error
@@ -469,7 +469,7 @@ func (h *httpRawCookieReuse) Execute(filePath string) error {
 
 type httpRawUnsafeRequest struct{}
 
-// Executes executes a test case and returns an error if occurred
+// Execute executes a test case and returns an error if occurred
 func (h *httpRawUnsafeRequest) Execute(filePath string) error {
 	var routerErr error
 
@@ -494,7 +494,7 @@ func (h *httpRawUnsafeRequest) Execute(filePath string) error {
 
 type httpRequestCondition struct{}
 
-// Executes executes a test case and returns an error if occurred
+// Execute executes a test case and returns an error if occurred
 func (h *httpRequestCondition) Execute(filePath string) error {
 	router := httprouter.New()
 	var routerErr error

v2/cmd/integration-test/integration-test.go

@@ -35,8 +35,7 @@ func main() {
 				if customTest != "" && !strings.Contains(file, customTest) {
 					continue // only run tests user asked
 				}
-				err := test.Execute(file)
-				if err != nil {
+				if err := test.Execute(file); err != nil {
 					fmt.Fprintf(os.Stderr, "%s Test \"%s\" failed: %s\n", failed, file, err)
 					errored = true
 				} else {

v2/cmd/integration-test/network.go

@@ -14,7 +14,7 @@ var networkTestcases = map[string]testutils.TestCase{
 
 type networkBasic struct{}
 
-// Executes executes a test case and returns an error if occurred
+// Execute executes a test case and returns an error if occurred
 func (h *networkBasic) Execute(filePath string) error {
 	var routerErr error
 
@@ -47,7 +47,7 @@ func (h *networkBasic) Execute(filePath string) error {
 
 type networkMultiStep struct{}
 
-// Executes executes a test case and returns an error if occurred
+// Execute executes a test case and returns an error if occurred
 func (h *networkMultiStep) Execute(filePath string) error {
 	var routerErr error
 

v2/cmd/integration-test/workflow.go

@@ -6,6 +6,7 @@ import (
 	"net/http/httptest"
 
 	"github.com/julienschmidt/httprouter"
+
 	"github.com/projectdiscovery/nuclei/v2/internal/testutils"
 )
 
@@ -18,13 +19,13 @@ var workflowTestcases = map[string]testutils.TestCase{
 
 type workflowBasic struct{}
 
-// Executes executes a test case and returns an error if occurred
+// Execute executes a test case and returns an error if occurred
 func (h *workflowBasic) Execute(filePath string) error {
 	router := httprouter.New()
-	router.GET("/", httprouter.Handle(func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
+	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
 		httpDebugRequestDump(r)
 		fmt.Fprintf(w, "This is test matcher text")
-	}))
+	})
 	ts := httptest.NewServer(router)
 	defer ts.Close()
 
@@ -40,13 +41,13 @@ func (h *workflowBasic) Execute(filePath string) error {
 
 type workflowConditionMatched struct{}
 
-// Executes executes a test case and returns an error if occurred
+// Execute executes a test case and returns an error if occurred
 func (h *workflowConditionMatched) Execute(filePath string) error {
 	router := httprouter.New()
-	router.GET("/", httprouter.Handle(func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
+	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
 		httpDebugRequestDump(r)
 		fmt.Fprintf(w, "This is test matcher text")
-	}))
+	})
 	ts := httptest.NewServer(router)
 	defer ts.Close()
 
@@ -62,13 +63,13 @@ func (h *workflowConditionMatched) Execute(filePath string) error {
 
 type workflowConditionUnmatch struct{}
 
-// Executes executes a test case and returns an error if occurred
+// Execute executes a test case and returns an error if occurred
 func (h *workflowConditionUnmatch) Execute(filePath string) error {
 	router := httprouter.New()
-	router.GET("/", httprouter.Handle(func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
+	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
 		httpDebugRequestDump(r)
 		fmt.Fprintf(w, "This is test matcher text")
-	}))
+	})
 	ts := httptest.NewServer(router)
 	defer ts.Close()
 
@@ -84,13 +85,13 @@ func (h *workflowConditionUnmatch) Execute(filePath string) error {
 
 type workflowMatcherName struct{}
 
-// Executes executes a test case and returns an error if occurred
+// Execute executes a test case and returns an error if occurred
 func (h *workflowMatcherName) Execute(filePath string) error {
 	router := httprouter.New()
-	router.GET("/", httprouter.Handle(func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
+	router.GET("/", func(w http.ResponseWriter, r *http.Request, _ httprouter.Params) {
 		httpDebugRequestDump(r)
 		fmt.Fprintf(w, "This is test matcher text")
-	}))
+	})
 	ts := httptest.NewServer(router)
 	defer ts.Close()
 

v2/internal/runner/options.go

@@ -82,19 +82,15 @@ func hasStdin() bool {
 
 // validateOptions validates the configuration options passed
 func validateOptions(options *types.Options) error {
-	// Both verbose and silent flags were used
 	if options.Verbose && options.Silent {
 		return errors.New("both verbose and silent mode specified")
 	}
 
-	// Validate proxy options if provided
-	err := validateProxyURL(options.ProxyURL, "invalid http proxy format (It should be http://username:password@host:port)")
-	if err != nil {
+	if err := validateProxyURL(options.ProxyURL, "invalid http proxy format (It should be http://username:password@host:port)"); err != nil {
 		return err
 	}
 
-	err = validateProxyURL(options.ProxySocksURL, "invalid socks proxy format (It should be socks5://username:password@host:port)")
-	if err != nil {
+	if err := validateProxyURL(options.ProxySocksURL, "invalid socks proxy format (It should be socks5://username:password@host:port)"); err != nil {
 		return err
 	}
 
@@ -118,7 +114,7 @@ func isValidURL(urlString string) bool {
 	return err == nil
 }
 
-// configureOutput configures the output on the screen
+// configureOutput configures the output logging levels to be displayed on the screen
 func configureOutput(options *types.Options) {
 	// If the user desires verbose output, show verbose output
 	if options.Verbose || options.VerboseVerbose {

v2/internal/runner/processor.go

@@ -7,7 +7,7 @@ import (
 	"go.uber.org/atomic"
 )
 
-// processTemplateWithList process a template on the URL list
+// processTemplateWithList execute a template against the list of user provided targets
 func (r *Runner) processTemplateWithList(template *templates.Template) bool {
 	results := &atomic.Bool{}
 	wg := sizedwaitgroup.New(r.options.BulkSize)

v2/internal/runner/runner.go

@@ -208,7 +208,7 @@ func New(options *types.Options) (*Runner, error) {
 		return nil, progressErr
 	}
 
-	// create project file if requested or load existing one
+	// create project file if requested or load the existing one
 	if options.Project {
 		var projectFileErr error
 		runner.projectFile, projectFileErr = projectfile.New(&projectfile.Options{Path: options.ProjectPath, Cleanup: utils.IsBlank(options.ProjectPath)})
@@ -298,7 +298,7 @@ func (r *Runner) Close() {
 func (r *Runner) RunEnumeration() error {
 	defer r.Close()
 
-	// If user asked for new templates to be executed, collect the list from template directory.
+	// If user asked for new templates to be executed, collect the list from the templates' directory.
 	if r.options.NewTemplates {
 		templatesLoaded, err := r.readNewTemplatesFile()
 		if err != nil {
@@ -367,7 +367,7 @@ func (r *Runner) RunEnumeration() error {
 		return nil // exit
 	}
 
-	// Display stats for any loaded templates syntax warnings or errors
+	// Display stats for any loaded templates' syntax warnings or errors
 	stats.Display(parsers.SyntaxWarningStats)
 	stats.Display(parsers.SyntaxErrorStats)
 
@@ -561,7 +561,7 @@ func (r *Runner) readNewTemplatesFile() ([]string, error) {
 	return templatesList, nil
 }
 
-// readNewTemplatesFile reads newly added templates from directory if it exists
+// countNewTemplates returns the number of newly added templates
 func (r *Runner) countNewTemplates() int {
 	if r.templatesConfig == nil {
 		return 0