Dwi Siswanto d5d8d50ab7 fix(interactsh): skip DNS lookups on interactsh domains (#6614) ...

* fix(interactsh): skip DNS lookups on interactsh domains

to prevent false positives.

Prevents nuclei from resolving interactsh domains
injected in Host headers, which would cause
self-interactions to be incorrectly reported as
matches.

Changes:
* Add `GetHostname()` method to `interactsh.Client`
  to expose active server domain.
* Skip CNAME DNS lookups in
  `(*http.Request).addCNameIfAvailable` when
  hostname matches the
  `(*interactsh.Client).GetHostname`.

Fixes #6613

Signed-off-by: Dwi Siswanto <git@dw1.io>

* fix(http): prevent false `interactshDomain` matches

Signed-off-by: Dwi Siswanto <git@dw1.io>

---------

Signed-off-by: Dwi Siswanto <git@dw1.io>

2025-11-21 21:11:59 +05:30

..

code

adding support for execution in docker

2025-10-25 00:31:03 +04:00

common

fix(interactsh): skip DNS lookups on interactsh domains (#6614)

2025-11-21 21:11:59 +05:30

dns

Support concurrent Nuclei engines in the same process (#6322)

2025-07-19 00:10:58 +05:30

file

refactor: use maps.Copy for cleaner map handling (#6283)

2025-07-12 02:50:47 +05:30

headless

fix(headless): fixed memory leak issue during page initialization (#6569)

2025-11-02 00:33:25 +07:00

http

fix(interactsh): skip DNS lookups on interactsh domains (#6614)

2025-11-21 21:11:59 +05:30

javascript

adding test case

2025-11-18 21:43:28 +04:00

network

chore(typos): fix typos

2025-10-10 17:32:54 +02:00

offlinehttp

fix(offlinehttp): Replace "-" in headers with "_" for DSL variables (#6363)

2025-08-02 05:35:03 +07:00

ssl

Path-Based Fuzzing SQL fix (#6400)

2025-08-25 13:36:58 +05:30

utils

chore: fix inconsistent function name in comment

2025-07-21 14:13:22 +08:00

websocket

refactor: use maps.Copy for cleaner map handling (#6283)

2025-07-12 02:50:47 +05:30

whois

Support concurrent Nuclei engines in the same process (#6322)

2025-07-19 00:10:58 +05:30

protocols.go

chore(typos): fix typos

2025-10-10 17:32:54 +02:00