⚛️Nuclei
What is Nuclei?
Nuclei is used to send requests across targets based on a template, leading to zero false positives and providing fast scanning on a large number of hosts. Nuclei offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless, Code etc. With powerful and flexible templating, Nuclei can be used to model all kinds of security checks.
Installation
go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest
Usage
# Help Menu
nuclei -h
# Update Nuclei
nuclei -update
# Update Templates
nuclei -update-templates
Nuclei Template Location
/home/user/nuclei-templates
OR
/go/bin/nuclei-templates
Examples
# Tomcat Default Login
nuclei -t tomcat-default-login.yaml -u http://<IP>:<Port>/ -v
# Templates
nuclei -t exposures/configs/git-config.yaml -l urls.txt
nuclei -t cves/2021/ -l urls.txt
nuclei -t cves/2020/ -t exposed-tokens -t misconfiguration -l urls.txt
# Tags
nuclei -tags cve -u urls.txt
nuclei -tags config -t exposures/ -u urls.txt
nuclei -tags lfi,ssrf,rce -t cves/ -l urls.txt
# Workflows
nuclei -w workflows/wordpress-workflow.yaml -l wordpress_urls.txt
nuclei -w workflows/wordpress-workflow.yaml -w workflows/jira-workflow.yaml -l urls.txt
# Severity
nuclei -t cves/ -severity critical -l urls.txt
nuclei -t cves/ -t vulnerabilities -severity critical,high -l urls.txt
REFERENCES
Last updated
Was this helpful?