[FEATURE] Add Env variables to dynamic secret file variables

[alban-stourbe-wmx]

Describe your feature request

Today, if we want to pass variables to Dynamic Secret Files, we have to hard-code the secret in the model. This can lead to some secrets being pushed to Github, for example.

A simple feature is to allow env variables to pass the secret to Dynamic Secret Files. Until such time as it is directly possible to retrieve secrets via third-party solutions.

Describe the use case of the feature

Handle env variables in dynamic variables field :
Example:

dynamic: 
  - template: path/login.yaml
    input: "https://foorbar.com/login"
    variables:
      - key: username 
        value: $FOO_BAR_USERNAME
      - key: password
        value: $FOO_BAR_PASSWORD
    type: bearertoken
    domains:
      - ".*"
    token: "{{jwt_bearer}}"

Describe alternatives you've considered

No response

Additional context

I made a very simple PR for this feature. #5835

[dwisiswant0]

A secret file is meant to stay "secret". This means it should be written directly in the file and make sure it doesn't end up in your commits - just throw it in .gitignore. It is your responsibility to handle and protect it.

I'd prefer if the secret file could work with encrypted values, like using sops.

[alban-stourbe-wmx]

A secret file is meant to stay "secret". This means it should be written directly in the file and make sure it doesn't end up in your commits - just throw it in .gitignore. It is your responsibility to handle and protect it.

I'd prefer if the secret file could work with encrypted values, like using sops.

Okay i see thanks.
Do you know when we will be able to handle secret with AWS Secret Manager ?
According to the documentation : https://docs.projectdiscovery.io/tools/nuclei/authenticated-scans, is it available ?