nuclei-templates/profiles/recommended.yml

# This is a configuration file for the recommended template profile.
# Additional configuration profiles can be created for different types of nuclei scans.
# They should be placed under the 'config' directory at:
# https://github.com/projectdiscovery/nuclei-templates
# Here is an example of how to use a config profile:
# nuclei -config config/recommended.yml -list target_list_to_scan.txt

severity:
  - critical
  - high
  - medium
  - low
  - unknown

type:
  - http
  - tcp
  - javascript

exclude-tags:
  - tech
  - dos
  - fuzz
  - creds-stuffing
  - token-spray
  - osint

exclude-id:
  - CVE-2021-45967
  - CVE-2021-36380
  - CVE-2021-33544
  - CVE-2021-32305
  - CVE-2021-31755
  - CVE-2021-28164
  - CVE-2021-27931
  - CVE-2021-26855
  - CVE-2021-25052
  - CVE-2021-1498
  - CVE-2020-7796
  - CVE-2020-5775
  - CVE-2020-35713
  - CVE-2020-26919
  - CVE-2020-25223
  - CVE-2020-24148
  - CVE-2020-10770
  - CVE-2019-9978
  - CVE-2019-8451
  - CVE-2019-3929
  - CVE-2019-2767
  - CVE-2019-2616
  - CVE-2019-20224
  - CVE-2019-19824
  - CVE-2019-10758
  - CVE-2018-16167
  - CVE-2018-15517
  - CVE-2018-1000600
  - CVE-2017-9506
  - CVE-2017-3506
  - CVE-2017-18638
  - CVE-2016-1555
  - CVE-2015-8813
  - CVE-2014-3206
  - CVE-2009-4223
  - CNVD-2021-09650
  - generic-tokens
  - credentials-disclosure
  - targa-camera-ssrf
  - cloudflare-external-image-resize
  - linkerd-ssrf-detection
  - ssrf-via-oauth-misconfig
  - tls-sni-proxy
  - xmlrpc-pingback-ssrf
  - hashicorp-consul-rce
  - mirai-unknown-rce
  - optilink-ont1gew-gpon-rce
  - sar2html-rce
  - zimbra-preauth-ssrf
  - wp-xmlrpc-pingback-detection
  - fastjson-1-2-41-rce
  - fastjson-1-2-42-rce
  - fastjson-1-2-43-rce
  - fastjson-1-2-62-rce
  - fastjson-1-2-67-rce
  - fastjson-1-2-68-rce
  - request-based-interaction
  - open-proxy-internal
  - open-proxy-localhost
  - open-proxy-portscan
Added recommended template config profile 2023-12-14 17:11:05 +00:00			`# This is a configuration file for the recommended template profile.`
			`# Additional configuration profiles can be created for different types of nuclei scans.`
lint update 2023-12-14 17:16:52 +00:00			`# They should be placed under the 'config' directory at:`
Added recommended template config profile 2023-12-14 17:11:05 +00:00			`# https://github.com/projectdiscovery/nuclei-templates`
lint update 2023-12-14 17:16:52 +00:00			`# Here is an example of how to use a config profile:`
ext update 2023-12-14 17:40:06 +00:00			`# nuclei -config config/recommended.yml -list target_list_to_scan.txt`
Added recommended template config profile 2023-12-14 17:11:05 +00:00
Nuclei config profiles for different use cases (#8859) * Update CVE-2023-46359.yaml * scan profiles * updated configs * misc update --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2024-01-13 18:30:57 +00:00			`severity:`
			`- critical`
			`- high`
			`- medium`
			`- low`
			`- unknown`

			`type:`
Update recommended.yml (#8959) 2024-01-17 19:14:39 +00:00			`- http`
Nuclei config profiles for different use cases (#8859) * Update CVE-2023-46359.yaml * scan profiles * updated configs * misc update --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2024-01-13 18:30:57 +00:00			`- tcp`
			`- javascript`
Added recommended template config profile 2023-12-14 17:11:05 +00:00
			`exclude-tags:`
			`- tech`
			`- dos`
reverted bruteforce tags to fuzz 2024-03-19 15:20:31 +00:00			`- fuzz`
Added recommended template config profile 2023-12-14 17:11:05 +00:00			`- creds-stuffing`
			`- token-spray`
Nuclei config profiles for different use cases (#8859) * Update CVE-2023-46359.yaml * scan profiles * updated configs * misc update --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2024-01-13 18:30:57 +00:00			`- osint`
Added recommended template config profile 2023-12-14 17:11:05 +00:00
			`exclude-id:`
			`- CVE-2021-45967`
			`- CVE-2021-36380`
			`- CVE-2021-33544`
			`- CVE-2021-32305`
			`- CVE-2021-31755`
			`- CVE-2021-28164`
			`- CVE-2021-27931`
			`- CVE-2021-26855`
			`- CVE-2021-25052`
			`- CVE-2021-1498`
			`- CVE-2020-7796`
			`- CVE-2020-5775`
			`- CVE-2020-35713`
			`- CVE-2020-26919`
			`- CVE-2020-25223`
			`- CVE-2020-24148`
			`- CVE-2020-10770`
			`- CVE-2019-9978`
			`- CVE-2019-8451`
			`- CVE-2019-3929`
			`- CVE-2019-2767`
			`- CVE-2019-2616`
			`- CVE-2019-20224`
			`- CVE-2019-19824`
			`- CVE-2019-10758`
			`- CVE-2018-16167`
			`- CVE-2018-15517`
			`- CVE-2018-1000600`
			`- CVE-2017-9506`
			`- CVE-2017-3506`
			`- CVE-2017-18638`
			`- CVE-2016-1555`
			`- CVE-2015-8813`
			`- CVE-2014-3206`
			`- CVE-2009-4223`
			`- CNVD-2021-09650`
			`- generic-tokens`
			`- credentials-disclosure`
			`- targa-camera-ssrf`
			`- cloudflare-external-image-resize`
			`- linkerd-ssrf-detection`
			`- ssrf-via-oauth-misconfig`
			`- tls-sni-proxy`
			`- xmlrpc-pingback-ssrf`
			`- hashicorp-consul-rce`
			`- mirai-unknown-rce`
			`- optilink-ont1gew-gpon-rce`
			`- sar2html-rce`
			`- zimbra-preauth-ssrf`
			`- wp-xmlrpc-pingback-detection`
			`- fastjson-1-2-41-rce`
			`- fastjson-1-2-42-rce`
			`- fastjson-1-2-43-rce`
			`- fastjson-1-2-62-rce`
			`- fastjson-1-2-67-rce`
			`- fastjson-1-2-68-rce`
			`- request-based-interaction`
			`- open-proxy-internal`
			`- open-proxy-localhost`
Updated recommended.yml 2023-12-20 07:41:57 +00:00			`- open-proxy-portscan`
Nuclei config profiles for different use cases (#8859) * Update CVE-2023-46359.yaml * scan profiles * updated configs * misc update --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2024-01-13 18:30:57 +00:00