nuclei
Описание
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
Языки
- Go96,1%
- TypeScript2,8%
- HTML0,4%
- JavaScript0,2%
- Shell0,2%
- Makefile0,2%
- Остальные0,1%
Nuclei is a modern, high-performance vulnerability scanner that leverages simple YAML-based templates. It empowers you to design custom vulnerability detection scenarios that mimic real-world conditions, leading to zero false positives.
- Simple YAML format for creating and customizing vulnerability templates.
- Contributed by thousands of security professionals to tackle trending vulnerabilities.
- Reduce false positives by simulating real-world steps to verify a vulnerability.
- Ultra-fast parallel scan processing and request clustering.
- Integrate into CI/CD pipelines for vulnerability detection and regression testing.
- Supports multiple protocols like TCP, DNS, HTTP, SSL, WHOIS JavaScript, Code and more.
- Integrate with Jira, Splunk, GitHub, Elastic, GitLab.
Table of Contents
- Get Started
- Documentation
- Our Mission
- License
Get Started
1. Nuclei CLI
Install Nuclei on your machine. Get started by following the installation guide
- Store and visualize your vulnerability findings
- Write and manage your nuclei templates
- Access latest nuclei templates
- Discover and store your targets
Important
This project is in active development. Expect breaking changes with releases. Review the release changelog before updating. This project is primarily built to be used as a standalone CLI tool. Running nuclei as a service may pose security risks. It's recommended to use with caution and additional security measures.
2. Pro and Enterprise Editions
For security teams and enterprises, we provide a cloud-hosted service built on top of Nuclei OSS, fine-tuned to help you continuously run vulnerability scans at scale with your team and existing workflows:
- 50x faster scans
- Large scale scanning with high accuracy
- Integrations with cloud services (AWS, GCP, Azure, CloudFlare, Fastly, Terraform, Kubernetes)
- Jira, Slack, Linear, APIs and Webhooks
- Executive and compliance reporting
- Plus: Real-time scanning, SAML SSO, SOC 2 compliant platform (with EU and US hosting options), shared team workspaces, and more
- We're constantly
- Ideal for: Pentesters, security teams, and enterprises
Documentation
Browse the full Nuclei
Installation
To learn more about installing nuclei, see
Command Line Flags
To display all the flags for the tool:
Expand full help flags
Additional documentation is available at:
Single target scan
To perform a quick scan on web-application:
Scanning multiple targets
Nuclei can handle bulk scanning by providing a list of targets. You can use a file containing multiple URLs.
Network scan
This will scan the entire subnet for network-related issues, such as open ports or misconfigured services.
Scanning with your custom template
To write and use your own template, create a
Connect Nuclei to ProjectDiscovery
You can run the scans on your machine and upload the results to the cloud platform for further analysis and remediation.
Note
This feature is absolutely free and does not require any subscription. For a detailed guide, refer to the
.documentation
Nuclei Templates, Community and Rewards 💎
Nuclei templates are based on the concepts of YAML based template files that define how the requests will be sent and processed. This allows easy extensibility capabilities to nuclei. The templates are written in YAML which specifies a simple human-readable format to quickly define the execution process.
Try it online with our free AI powered Nuclei Templates Editor by
Nuclei Templates offer a streamlined way to identify and communicate vulnerabilities, combining essential details like severity ratings and detection methods. This open-source, community-developed tool accelerates threat response and is widely recognized in the cybersecurity world. Nuclei templates are actively contributed by thousands of security researchers globally. We run two programs for our contributors:
Examples
Visit our documentation for use cases and ideas.
| Use case | Nuclei template |
|---|---|
| Detect known CVEs | CVE-2021-44228 (Log4Shell) |
| Identify Out-of-Band vulnerabilities | Blind SQL Injection via OOB |
| SQL Injection detection | Generic SQL Injection |
| Cross-Site Scripting (XSS) | Reflected XSS Detection |
| Default or weak passwords | Default Credentials Check |
| Secret files or data exposure | Sensitive File Disclosure |
| Identify open redirects | Open Redirect Detection |
| Detect subdomain takeovers | Subdomain Takeover Templates |
| Security misconfigurations | Unprotected Jenkins Console |
| Weak SSL/TLS configurations | SSL Certificate Expiry |
| Misconfigured cloud services | Open S3 Bucket Detection |
| Remote code execution vulnerabilities | RCE Detection Templates |
| Directory traversal attacks | Path Traversal Detection |
| File inclusion vulnerabilities | Local/Remote File Inclusion |
Our Mission
Traditional vulnerability scanners were built decades ago. They are closed-source, incredibly slow, and vendor-driven. Today's attackers are mass exploiting newly released CVEs across the internet within days, unlike the years it used to take. This shift requires a completely different approach to tackling trending exploits on the internet.
We built Nuclei to solve this challenge. We made the entire scanning engine framework open and customizable—allowing the global security community to collaborate and tackle the trending attack vectors and vulnerabilities on the internet. Nuclei is now used and contributed by Fortune 500 enterprises, government agencies, universities.
You can participate by contributing to our code,
Contributors ❤️
Thanks to all the amazing
