From 4f4d2f08f51d6b86d149eab86d1b592c3dcd84e8 Mon Sep 17 00:00:00 2001
From: Parth Malhotra <28601533+parthmalhotra@users.noreply.github.com>
Date: Tue, 25 Jun 2024 13:21:02 +0530
Subject: [PATCH] Update recommended.yml

---
 profiles/recommended.yml | 93 +++++++++++++++++++++++++++++++++++++---
 1 file changed, 87 insertions(+), 6 deletions(-)

diff --git a/profiles/recommended.yml b/profiles/recommended.yml
index 910982340f..ea564d077a 100644
--- a/profiles/recommended.yml
+++ b/profiles/recommended.yml
@@ -1,9 +1,90 @@
-# This is a configuration file for the recommended template profile.
-# Additional configuration profiles can be created for different types of nuclei scans.
-# They should be placed under the 'config' directory at:
-# https://github.com/projectdiscovery/nuclei-templates
-# Here is an example of how to use a config profile:
-# nuclei -config config/recommended.yml -list target_list_to_scan.txt
+# Nuclei Configuration Profile for Recommended Detection
+#
+# This configuration file is specifically tailored for performing recommended scans using Nuclei.
+#
+# Purpose:
+# This profile is focused on identifying a wide range of security vulnerabilities across various protocols and services. It includes templates with different severity levels and excludes certain tags and template IDs to provide a balanced and focused detection approach.
+#
+# Included Templates:
+# This configuration references specific templates designed for comprehensive security scanning:
+# - severity: Templates with critical, high, medium, low, and unknown severity levels.
+# - type: Templates for detecting vulnerabilities in HTTP, TCP, and templates written in javascript protocol.
+#
+# Excluded Tags:
+# This configuration excludes templates tagged with the following to avoid unnecessary and potentially disruptive tests:
+# - tech
+# - dos
+# - fuzz
+# - creds-stuffing
+# - token-spray
+# - osint
+#
+# Excluded IDs:
+# This configuration excludes specific template IDs to further refine the detection scope:
+# - CVE-2021-45967
+# - CVE-2021-36380
+# - CVE-2021-33544
+# - CVE-2021-32305
+# - CVE-2021-31755
+# - CVE-2021-28164
+# - CVE-2021-27931
+# - CVE-2021-26855
+# - CVE-2021-25052
+# - CVE-2021-1498
+# - CVE-2020-7796
+# - CVE-2020-5775
+# - CVE-2020-35713
+# - CVE-2020-26919
+# - CVE-2020-25223
+# - CVE-2020-24148
+# - CVE-2020-10770
+# - CVE-2019-9978
+# - CVE-2019-8451
+# - CVE-2019-3929
+# - CVE-2019-2767
+# - CVE-2019-2616
+# - CVE-2019-20224
+# - CVE-2019-19824
+# - CVE-2019-10758
+# - CVE-2018-16167
+# - CVE-2018-15517
+# - CVE-2018-1000600
+# - CVE-2017-9506
+# - CVE-2017-3506
+# - CVE-2017-18638
+# - CVE-2016-1555
+# - CVE-2015-8813
+# - CVE-2014-3206
+# - CVE-2009-4223
+# - CNVD-2021-09650
+# - generic-tokens
+# - credentials-disclosure
+# - targa-camera-ssrf
+# - cloudflare-external-image-resize
+# - linkerd-ssrf-detection
+# - ssrf-via-oauth-misconfig
+# - tls-sni-proxy
+# - xmlrpc-pingback-ssrf
+# - hashicorp-consul-rce
+# - mirai-unknown-rce
+# - optilink-ont1gew-gpon-rce
+# - sar2html-rce
+# - zimbra-preauth-ssrf
+# - wp-xmlrpc-pingback-detection
+# - fastjson-1-2-41-rce
+# - fastjson-1-2-42-rce
+# - fastjson-1-2-43-rce
+# - fastjson-1-2-62-rce
+# - fastjson-1-2-67-rce
+# - fastjson-1-2-68-rce
+# - request-based-interaction
+# - open-proxy-internal
+# - open-proxy-localhost
+# - open-proxy-portscan
+#
+# Running this profile
+# You can run this profile using the following command:
+# nuclei -profile recommended -u https://example.com
 
 severity:
   - critical