commit
0f80bc32ce
|
@ -1,10 +1,27 @@
|
||||||
# This is a configuration file for the pentest template profile.
|
# Nuclei Configuration Profile for Penetration Testing
|
||||||
# Additional configuration profiles can be created for different types of nuclei scans.
|
#
|
||||||
# They should be placed under the 'config' directory at:
|
# This configuration file is specifically tailored for performing penetration testing using Nuclei.
|
||||||
# https://github.com/projectdiscovery/nuclei-templates
|
#
|
||||||
# Here is an example of how to use a config profile:
|
# Purpose:
|
||||||
# nuclei -config config/pentest.yml -list target_list_to_scan.txt
|
# This profile is focused on identifying security vulnerabilities across various protocols and services, including HTTP, TCP, JavaScript, DNS, and SSL. It excludes templates related to Denial of Service (DoS), fuzzing, and Open Source Intelligence (OSINT) to ensure focused and efficient penetration testing.
|
||||||
|
#
|
||||||
|
# Included Templates:
|
||||||
|
# This configuration references specific templates designed for penetration testing:
|
||||||
|
# - http: Templates for detecting vulnerabilities in HTTP-based services.
|
||||||
|
# - tcp: Templates for detecting vulnerabilities in TCP-based services.
|
||||||
|
# - javascript: Templates written using javasxript protocol for detecting vulnerabilities in applications.
|
||||||
|
# - dns: Templates for detecting vulnerabilities in DNS services.
|
||||||
|
# - ssl: Templates for detecting SSL/TLS related issues.
|
||||||
|
#
|
||||||
|
# Excluded Tags:
|
||||||
|
# This configuration excludes templates tagged with 'dos', 'fuzz', and 'osint' to avoid unnecessary and potentially disruptive tests:
|
||||||
|
# - dos: Templates for Denial of Service attacks.
|
||||||
|
# - fuzz: Templates for fuzzing.
|
||||||
|
# - osint: Templates for Open Source Intelligence gathering.
|
||||||
|
#
|
||||||
|
# Running this profile
|
||||||
|
# You can run this profile using the following command:
|
||||||
|
# nuclei -profile pentest -u https://example.com
|
||||||
|
|
||||||
type:
|
type:
|
||||||
- http
|
- http
|
||||||
|
|
Loading…
Reference in New Issue