Nuclei

Fast vulnerability scanner with template-based detection

Web Vulnerabilities10 commands

#vuln-scanner#templates#automation#cve

Installation

1Install using Go

2Update nuclei templates

3Verify installation

# Using Go
go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest

# Update templates
nuclei -update-templates

# Verify
nuclei -version

Basic Usage

Scan targets using YAML templates for various vulnerabilities

# Basic scan
nuclei -u https://example.com

# Scan with specific templates
nuclei -u https://example.com -t cves/

# Multiple targets
nuclei -l urls.txt -t vulnerabilities/

# Severity filter
nuclei -u https://example.com -s critical,high

# Custom template
nuclei -u https://example.com -t my-template.yaml

Command Reference

10 commands

1Target URL

-u

2List of target URLs

-l

3Template or folder path

-t

4Severity filter

-s

5Filter by tags

-tags

6Output file

-o

7JSON output

-json

8Requests per second

-rate-limit

9Concurrent templates

-c

10Silent mode

-silent

When to Use

Automated vulnerability scanning

CVE detection

Misconfigurations discovery

Custom security checks

CI/CD security testing

Notes & Tips

Templates updated frequently - run -update-templates regularly

Create custom templates for specific checks

Use -rate-limit to avoid overwhelming targets

Combine with httpx for efficient scanning

Common Errors & Solutions

No templates found

Run nuclei -update-templates to download templates

Rate limited

Use -rate-limit flag to slow down requests

False positives

Verify manually and adjust template matchers

# Basic scan nuclei -u https://example.com # Scan with specific templates nuclei -u https://example.com -t cves/ # Multiple targets nuclei -l urls.txt -t vulnerabilities/ # Severity filter nuclei -u https://example.com -s critical,high # Custom template nuclei -u https://example.com -t my-template.yaml