RedTeam
4.Exploitation
Scanner
Nuclei

What is Nuclei?

Nuclei is an open-source project and a fast, flexible, and powerful security scanner that allows security researchers, penetration testers, and developers to write simple or complex security checks (templates) to discover security issues in different application layers such as web, DNS, and others. It can be used to automate security testing and identify vulnerabilities in web applications, APIs, and other network services.


Common Use and Features

Nuclei is commonly used for:

  1. Security Scanning: Users can perform security scans on web applications, APIs, and other network services to identify common vulnerabilities and misconfigurations.

  2. Customization: Nuclei allows users to create custom security checks (templates) using a simple YAML-based syntax. These templates define the requests to be sent and the expected responses, enabling users to tailor scans to specific use cases or applications.

  3. Integration: Nuclei can be integrated into continuous integration/continuous deployment (CI/CD) pipelines or used as part of automated security testing workflows to detect issues early in the development lifecycle.

Template in Nuclei:

In Nuclei, a template is a YAML file that defines a security check to be performed. Each template specifies the following:

  • Name: A descriptive name for the template.
  • Requests: HTTP requests to be sent to the target application or service, including request method, URL path, headers, parameters, and body.
  • Matchers: Conditions to evaluate the responses received from the target, such as status codes, response bodies, headers, and other attributes.
  • Variants: Optional variations of the request to be tested against the target, useful for detecting different behavior or vulnerabilities.
  • Severity: An optional severity level assigned to the template to prioritize findings.

Usage Example:

To use Nuclei and execute a template against a target, users typically use the following command:

# General Command
nuclei -l targets.txt -t templates/directory-traversal.yaml

# Add Header Elements
nuclei -l targets.txt -t templates/directory-traversal.yaml -H "User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" -H "Referer: 127.0.0.1" -H "X-Forwarded-For: 127.0.0.1"
  • -l targets.txt: Specifies the file containing the list of target URLs or IP addresses.
  • -t templates/directory-traversal.yaml: Specifies the path to the template file to be executed.

This command will execute the specified template against each target listed in the targets.txt file, sending the defined requests and evaluating the responses for potential security issues.


More Information

For more details about Nuclei, including installation instructions, available templates, and documentation, visit the official GitHub repository: Nuclei (opens in a new tab)

Nuclei is continuously updated with new templates and features, making it a valuable tool for security testing and vulnerability discovery.