Introducing Nuclei: A Fast and Flexible Tool for Security Testing and Vulnerability Scanning

• Nuclei is an open-source project designed for security testing and vulnerability scanning.
• It offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless, etc.
• Nuclei’s templating engine allows security professionals to define custom tests and protocols for scanning different types of targets, including web applications, APIs, network infrastructure, and more.
• Nuclei provides a comprehensive set of pre-defined templates for various protocols and technologies, which can be further customized and extended to meet specific requirements.
• One of the key benefits of Nuclei is its ability to detect vulnerabilities with zero false positives.

Examples of Nuclei commands:

1. Basic command to scan a target for HTTP vulnerabilities using a pre-defined template:

nuclei -t ~/nuclei-templates/vulnerabilities/ -u https://example.com/

2. Command to scan a target for DNS vulnerabilities using a custom template:

nuclei -t ~/custom-templates/dns/ -u example.com -type dns

3. Command to scan multiple targets for HTTP vulnerabilities using a list of URLs:

nuclei -t ~/nuclei-templates/vulnerabilities/ -l targets.txt -type http

4. Command to scan a target for SSL/TLS vulnerabilities using a pre-defined template and save the output to a file:

nuclei -t ~/nuclei-templates/vulnerabilities/ssl-tls/ -u https://example.com/ -o output.txt

This command uses the pre-defined SSL/TLS vulnerabilities template to scan the target website at “https://example.com/” and save the output to a file called “output.txt”.

For more details visit: https://github.com/projectdiscovery/nuclei