nuclei: A fast and customisable vulnerability scanner
Nuclei
Nuclei is a fast vulnerability scanner designed to probe modern applications, infrastructure, cloud platforms, and networks, aiding in the identification and mitigation of exploitable vulnerabilities.
At its core, Nuclei uses templates—expressed as straightforward YAML files, that delineate methods for detecting, ranking, and addressing specific security flaws.
Each template delineates a possible attack route, detailing the vulnerability, its severity, priority rating, and occasionally associated exploits. This template-centric methodology ensures Nuclei not only identifies potential threats, but pinpoints exploitable vulnerabilities with tangible real-world implications.
What are Nuclei’s features?
| Feature | Description |
|---|---|
| Extensive Template Library | Nuclei offers a vast collection of community-powered templates for targeted scans of various vulnerabilities and attack vectors. |
| Versatile Target Specification | Support for various target specification options, such as URLs, IP ranges, ASN range, and file input, allowing flexibility in defining the scanning scope. |
| Bulk Scanning | Perform bulk scanning by specifying multiple targets at once, enabling efficient scanning of a large number of assets or websites. |
| Flexible Customization | Customize scanning templates to fit specific needs, allowing tailored scanning and focusing on relevant security checks. |
| Parallel Scanning | Supports parallel scanning, reducing scanning time and improving efficiency, especially for large-scale targets. |
Comprehensive Reporting cloud |
Generates detailed reports with actionable insights, including vulnerability details, severity levels, affected endpoints, and suggested remediation steps. |
| Integration with CI/CD Pipelines | Seamlessly integrate Nuclei into CI/CD pipelines for automated security testing as part of the development and deployment process. |
CI/CD Integration cloud |
Actively maintained and developed by the ProjectDiscovery team, introducing new features, bug fixes, and enhancements to provide an up-to-date scanning framework. |
Ticketing integration cloud |
Two-way ticketing integration with Jira, Splunk, and many others to easily remediate and retest vulnerabilities. |
| Customizable Output Format | Configure the output format of Nuclei’s scan results to suit your needs, including options for JSON, YAML, and more. |
| Dynamic Variables | Utilize dynamic variables in templates to perform parameterized scanning, enabling versatile and flexible scanning configurations. |
| Inclusion and Exclusion Filters | Apply inclusion and exclusion filters to specify targets, reducing scanning scope and focusing on specific areas of interest. |
| Authentication Support | Nuclei supports various authentication mechanisms, including HTTP basic authentication, JWT token authentication, and more. |
| Embedding custom code in templates | Execute custom code within Nuclei templates to incorporate user-defined logic, perform advanced scanning actions, and more. |
