<h1 align="center">
<br>
<a href="https://nuclei.projectdiscovery.io"><img src="static/nuclei-logo.png" width="200px" alt="Nuclei"></a>
</h1>
<h4 align="center">Fast and customisable vulnerability scanner based on simple YAML based DSL.</h4>
<p align="center">
<img src="https://img.shields.io/github/go-mod/go-version/projectdiscovery/nuclei">
<a href="https://github.com/projectdiscovery/nuclei/releases"><img src="https://img.shields.io/github/downloads/projectdiscovery/nuclei/total">
<a href="https://github.com/projectdiscovery/nuclei/graphs/contributors"><img src="https://img.shields.io/github/contributors-anon/projectdiscovery/nuclei">
<a href="https://github.com/projectdiscovery/nuclei/releases/"><img src="https://img.shields.io/github/release/projectdiscovery/nuclei">
<a href="https://github.com/projectdiscovery/nuclei/issues"><img src="https://img.shields.io/github/issues-raw/projectdiscovery/nuclei">
<a href="https://github.com/projectdiscovery/nuclei/discussions"><img src="https://img.shields.io/github/discussions/projectdiscovery/nuclei">
<a href="https://discord.gg/projectdiscovery"><img src="https://img.shields.io/discord/695645237418131507.svg?logo=discord"></a>
<a href="https://twitter.com/pdnuclei"><img src="https://img.shields.io/twitter/follow/pdnuclei.svg?logo=twitter"></a>
</p>
<p align="center">
<a href="#how-it-works">How</a> •
<a href="#install-nuclei">Install</a> •
<a href="https://docs.projectdiscovery.io/tools/nuclei/">Documentation</a> •
<a href="#credits">Credits</a> •
<a href="https://nuclei.projectdiscovery.io/faq/nuclei/">FAQs</a> •
<a href="https://discord.gg/projectdiscovery">Join Discord</a>
</p>
<p align="center">
<a href="https://github.com/projectdiscovery/nuclei/blob/main/README.md">English</a> •
<a href="https://github.com/projectdiscovery/nuclei/blob/main/README_CN.md">中文</a> •
<a href="https://github.com/projectdiscovery/nuclei/blob/main/README_KR.md">Korean</a> •
<a href="https://github.com/projectdiscovery/nuclei/blob/main/README_ID.md">Indonesia</a>
</p>
---
Nuclei is used to send requests across targets based on a template, leading to zero false positives and providing fast scanning on a large number of hosts. Nuclei offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless, Code etc. With powerful and flexible templating, Nuclei can be used to model all kinds of security checks.
We have a [dedicated repository](https://github.com/projectdiscovery/nuclei-templates) that houses various type of vulnerability templates contributed by **more than 300** security researchers and engineers.
## How it works
<h3 align="center">
<img src="static/nuclei-flow.jpg" alt="nuclei-flow" width="700px"></a>
</h3>
| :exclamation: **Disclaimer** |
|---------------------------------|
| **This project is in active development**. Expect breaking changes with releases. Review the release changelog before updating. |
| This project was primarily built to be used as a standalone CLI tool. **Running nuclei as a service may pose security risks.** It's recommended to use with caution and additional security measures. |
# Install Nuclei
Nuclei requires **go1.21** to install successfully. Run the following command to install the latest version -
```sh
go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest
```
<details>
<summary>Brew</summary>
```sh
brew install nuclei
```
</details>
<details>
<summary>Docker</summary>
```sh
docker pull projectdiscovery/nuclei:latest
```
</details>
**More installation [methods can be found here](https://docs.projectdiscovery.io/tools/nuclei/install).**
<table>
<tr>
<td>
### Nuclei Templates
Nuclei has built-in support for automatic template download/update as default since version [v2.5.2](https://github.com/projectdiscovery/nuclei/releases/tag/v2.5.2). [**Nuclei-Templates**](https://github.com/projectdiscovery/nuclei-templates) project provides a community-contributed list of ready-to-use templates that is constantly updated.
You may still use the `update-templates` flag to update the nuclei templates at any time; You can write your own checks for your individual workflow and needs following Nuclei's [templating guide](https://docs.projectdiscovery.io/templates/).
The YAML DSL reference syntax is available [here](SYNTAX-REFERENCE.md).
</td>
</tr>
</table>
### Usage
```sh
nuclei -h
```
This will display help for the tool. Here are all the switches it supports.
```console
Nuclei is a fast, template based vulnerability scanner focusing
on extensive configurability, massive extensibility and ease of use.
Usage:
./nuclei [flags]
Flags:
TARGET:
-u, -target string[] target URLs/hosts to scan
-l, -list string path to file containing a list of target URLs/hosts to scan (one per line)
-eh, -exclude-hosts string[] hosts to exclude to scan from the input list (ip, cidr, hostname)
-resume string resume scan using resume.cfg (clustering will be disabled)
-sa, -scan-all-ips scan all the IP's associated with dns record
-iv, -ip-version string[] IP version to scan of hostname (4,6) - (default 4)
TARGET-FORMAT:
-im, -input-mode string mode of input file (list, burp, jsonl, yaml, openapi, swagger) (default "list")
-ro, -required-only use only required fields in input format when generating requests
-sfv, -skip-format-validation skip format validation (like missing vars) when parsing input file
TEMPLATES:
-nt, -new-templates run only new templates added in latest nuclei-templates release
-ntv, -new-templates-version string[] run new templates added in specific version
-as, -automatic-scan automatic web scan using wappalyzer technology detection to tags mapping
-t, -templates string[] list of template or template directory to run (comma-separated, file)
-turl, -template-url string[] template url or list containing template urls to run (comma-separated, file)
-w, -workflows string[] list of workflow or workflow directory to run (comma-separated, file)
-wurl, -workflow-url string[] workflow url or list containing workflow urls to run (comma-separated, file)
-validate validate the passed templates to nuclei
-nss, -no-strict-syntax disable strict syntax check on templates
-td, -template-display displays the templates content
-tl list all available templates
-sign signs the templates with the private key defined in NUCLEI_SIGNATURE_PRIVATE_KEY env variable
-code enable loading code protocol-based templates
-dut, -disable-unsigned-templates disable running unsigned templates or templates with mismatched signature
FILTERING:
-a, -author string[] templates to run based on authors (comma-separated, file)
-tags string[] templates to run based on tags (comma-separated, file)
-etags, -exclude-tags string[] templates to exclude based on tags (comma-separated, file)
-itags, -include-tags string[] tags to be executed even if they are excluded either by default or configuration
-id, -template-id string[] templates to run based on template ids (comma-separated, file, allow-wildcard)
-eid, -exclude-id string[] templates to exclude based on template ids (comma-separated, file)
-it, -include-templates string[] path to template file or directory to be executed even if they are excluded either by default or configuration
-et, -exclude-templates string[] path to template file or directory to exclude (comma-separated, file)
-em, -exclude-matchers string[] template matchers to exclude in result
没有合适的资源?快使用搜索试试~ 我知道了~
nuclei-3.2.2.zip
共857个文件
go:527个
yaml:203个
md:32个
需积分: 0 0 下载量 90 浏览量
2024-11-01
17:54:27
上传
评论
收藏 2.49MB ZIP 举报
温馨提示
nuclei-3.2.2.zip
资源推荐
资源详情
资源评论
收起资源包目录
nuclei-3.2.2.zip (857个子文件)
server.crt 1KB
client.crt 1KB
nuclei.crt 612B
ci.crt 523B
Dockerfile 348B
.gitignore 883B
templates_doc.go 102KB
http.go 48KB
request.go 37KB
main.go 36KB
java.go 31KB
js.go 28KB
runner.go 26KB
page_actions_test.go 25KB
http.go 23KB
page_actions.go 22KB
templates.go 22KB
types.go 21KB
loader.go 18KB
websocket.go 17KB
build_request.go 17KB
ssl.go 17KB
request.go 16KB
nucleiconfig.go 16KB
generator.go 16KB
parser.go 16KB
options.go 16KB
interactsh.go 15KB
operators_test.go 15KB
tag_filter.go 15KB
protocols.go 15KB
output.go 14KB
main.go 14KB
hmap.go 14KB
template.go 14KB
config.go 13KB
tag_filter_test.go 13KB
code.go 13KB
compile.go 13KB
operators.go 13KB
request.go 13KB
generator.go 12KB
adenum.go 12KB
dns.go 11KB
cluster.go 11KB
request_fuzz.go 11KB
kerberosx.go 11KB
network.go 11KB
operators_test.go 11KB
flow_executor.go 11KB
request.go 10KB
ldap.go 10KB
response_highlighter_test.go 10KB
automaticscan.go 10KB
jira.go 10KB
operators_test.go 10KB
operators_test.go 10KB
clientpool.go 10KB
reporting.go 10KB
integration.go 10KB
raw.go 9KB
build_request_test.go 9KB
request.go 9KB
workflow_execute_test.go 9KB
match.go 9KB
handler.go 9KB
progress.go 8KB
execute.go 8KB
pool.go 8KB
whois.go 8KB
net.go 8KB
matchers.go 8KB
format_utils.go 8KB
testutils.go 8KB
fuzz.go 8KB
operators_test.go 8KB
http.go 8KB
headless.go 8KB
headless.go 8KB
sdk_private.go 7KB
sdk.go 7KB
executors.go 7KB
match_test.go 7KB
page.go 7KB
operators.go 7KB
mysql.go 7KB
file.go 7KB
compile_test.go 7KB
find.go 7KB
file.go 7KB
parts.go 7KB
flow_executor_test.go 7KB
examples.go 7KB
tmpl_signer.go 7KB
model.go 7KB
integration-test.go 7KB
github.go 7KB
sendtokdc.go 7KB
exec.go 7KB
find.go 6KB
共 857 条
- 1
- 2
- 3
- 4
- 5
- 6
- 9
资源评论
ccino.
- 粉丝: 104
- 资源: 1
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
最新资源
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功