Learn about using a headless browser with Nuclei
{{BaseURL}}
, {{Hostname}}
to customize the request fully.
code
argument with the JS snippet you want to execute, and it will be run on the page.
window.random-object
with a value, and you want to match on that value.
hook
argument. This will always run the provided Javascript, before any of the pages load.
The example provided hooks window.alert
so that the alerts that are generated by the application do not stop the crawler.
fullpage: true
option in the args.
waitload
action waits for DOM to load, and window.onload event to be received after which we wait for the page to become idle for 1 seconds.
extracted-value
with matchers and extractors.
keys
argument accepts key-codes.
Note: Only use this for debugging purposes, don’t use this in production templates.
Selector | Description |
---|---|
r / regex | Element matches CSS Selector and Text Matches Regex |
x / xpath | Element matches XPath selector |
js | Return elements from a JS function |
search | Search for a query (can be text, XPATH, CSS) |
selector (default) | Element matches CSS Selector |
part
values supported by Headless protocol for Matchers / Extractor are -
Value | Description |
---|---|
request | Headless Request |
<out_names> | Action names with stored values |
raw / body / data | Final DOM response from browser |