Merge pull request #10115 from projectdiscovery/parthmalhotra-patch-3

Update pentest.yml
patch-4
Parth Malhotra 2024-06-25 13:13:26 +05:30 committed by GitHub
commit 0f80bc32ce
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 25 additions and 8 deletions

View File

@ -1,10 +1,27 @@
# This is a configuration file for the pentest template profile.
# Additional configuration profiles can be created for different types of nuclei scans.
# They should be placed under the 'config' directory at:
# https://github.com/projectdiscovery/nuclei-templates
# Here is an example of how to use a config profile:
# nuclei -config config/pentest.yml -list target_list_to_scan.txt
# Nuclei Configuration Profile for Penetration Testing
#
# This configuration file is specifically tailored for performing penetration testing using Nuclei.
#
# Purpose:
# This profile is focused on identifying security vulnerabilities across various protocols and services, including HTTP, TCP, JavaScript, DNS, and SSL. It excludes templates related to Denial of Service (DoS), fuzzing, and Open Source Intelligence (OSINT) to ensure focused and efficient penetration testing.
#
# Included Templates:
# This configuration references specific templates designed for penetration testing:
# - http: Templates for detecting vulnerabilities in HTTP-based services.
# - tcp: Templates for detecting vulnerabilities in TCP-based services.
# - javascript: Templates written using javasxript protocol for detecting vulnerabilities in applications.
# - dns: Templates for detecting vulnerabilities in DNS services.
# - ssl: Templates for detecting SSL/TLS related issues.
#
# Excluded Tags:
# This configuration excludes templates tagged with 'dos', 'fuzz', and 'osint' to avoid unnecessary and potentially disruptive tests:
# - dos: Templates for Denial of Service attacks.
# - fuzz: Templates for fuzzing.
# - osint: Templates for Open Source Intelligence gathering.
#
# Running this profile
# You can run this profile using the following command:
# nuclei -profile pentest -u https://example.com
type:
- http