[FEATURE] Bypass SSL certificate verification in headless protocol #5550
Assignees
Labels
Type: Enhancement
Most issues will probably ask for additions or changes.
Comments
dwisiswant0
added
the
Type: Enhancement
|
It looks like we've already implemented this, and on my end, it's showing results, @ehsandeep. https://github.com/projectdiscovery/nuclei/blob/dev/pkg/protocols/headless/engine/engine.go#L41-L42 |
4 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe your feature request
Bypass certificate validation for insecure, self-signed, untrusted, or expired certificates when initializing the browser client with headless engine, similar to setting
tls.Config.InsecureSkipVerifyto true inhttp.Client.Describe the use case of the feature
By allowing SSL verification to be skipped, users can easily run headless protocol templates without being blocked by cert issues.
Describe alternatives you've considered
No response
Additional context
disable cert validation in headless? not sure if we do this but I don't find results when running with
https://honey.scanme.shthat has expired cert.Originally posted by @ehsandeep in #5545 (review)
The text was updated successfully, but these errors were encountered: