Update recommended.yml
Parth Malhotra
GitHub
parent
d22905cde8
commit
4f4d2f08f5
|
|
@ -1,9 +1,90 @@
|
||||||
# This is a configuration file for the recommended template profile.
|
# Nuclei Configuration Profile for Recommended Detection
|
||||||
# Additional configuration profiles can be created for different types of nuclei scans.
|
#
|
||||||
# They should be placed under the 'config' directory at:
|
# This configuration file is specifically tailored for performing recommended scans using Nuclei.
|
||||||
# https://github.com/projectdiscovery/nuclei-templates
|
#
|
||||||
# Here is an example of how to use a config profile:
|
# Purpose:
|
||||||
# nuclei -config config/recommended.yml -list target_list_to_scan.txt
|
# This profile is focused on identifying a wide range of security vulnerabilities across various protocols and services. It includes templates with different severity levels and excludes certain tags and template IDs to provide a balanced and focused detection approach.
|
||||||
|
#
|
||||||
|
# Included Templates:
|
||||||
|
# This configuration references specific templates designed for comprehensive security scanning:
|
||||||
|
# - severity: Templates with critical, high, medium, low, and unknown severity levels.
|
||||||
|
# - type: Templates for detecting vulnerabilities in HTTP, TCP, and templates written in javascript protocol.
|
||||||
|
#
|
||||||
|
# Excluded Tags:
|
||||||
|
# This configuration excludes templates tagged with the following to avoid unnecessary and potentially disruptive tests:
|
||||||
|
# - tech
|
||||||
|
# - dos
|
||||||
|
# - fuzz
|
||||||
|
# - creds-stuffing
|
||||||
|
# - token-spray
|
||||||
|
# - osint
|
||||||
|
#
|
||||||
|
# Excluded IDs:
|
||||||
|
# This configuration excludes specific template IDs to further refine the detection scope:
|
||||||
|
# - CVE-2021-45967
|
||||||
|
# - CVE-2021-36380
|
||||||
|
# - CVE-2021-33544
|
||||||
|
# - CVE-2021-32305
|
||||||
|
# - CVE-2021-31755
|
||||||
|
# - CVE-2021-28164
|
||||||
|
# - CVE-2021-27931
|
||||||
|
# - CVE-2021-26855
|
||||||
|
# - CVE-2021-25052
|
||||||
|
# - CVE-2021-1498
|
||||||
|
# - CVE-2020-7796
|
||||||
|
# - CVE-2020-5775
|
||||||
|
# - CVE-2020-35713
|
||||||
|
# - CVE-2020-26919
|
||||||
|
# - CVE-2020-25223
|
||||||
|
# - CVE-2020-24148
|
||||||
|
# - CVE-2020-10770
|
||||||
|
# - CVE-2019-9978
|
||||||
|
# - CVE-2019-8451
|
||||||
|
# - CVE-2019-3929
|
||||||
|
# - CVE-2019-2767
|
||||||
|
# - CVE-2019-2616
|
||||||
|
# - CVE-2019-20224
|
||||||
|
# - CVE-2019-19824
|
||||||
|
# - CVE-2019-10758
|
||||||
|
# - CVE-2018-16167
|
||||||
|
# - CVE-2018-15517
|
||||||
|
# - CVE-2018-1000600
|
||||||
|
# - CVE-2017-9506
|
||||||
|
# - CVE-2017-3506
|
||||||
|
# - CVE-2017-18638
|
||||||
|
# - CVE-2016-1555
|
||||||
|
# - CVE-2015-8813
|
||||||
|
# - CVE-2014-3206
|
||||||
|
# - CVE-2009-4223
|
||||||
|
# - CNVD-2021-09650
|
||||||
|
# - generic-tokens
|
||||||
|
# - credentials-disclosure
|
||||||
|
# - targa-camera-ssrf
|
||||||
|
# - cloudflare-external-image-resize
|
||||||
|
# - linkerd-ssrf-detection
|
||||||
|
# - ssrf-via-oauth-misconfig
|
||||||
|
# - tls-sni-proxy
|
||||||
|
# - xmlrpc-pingback-ssrf
|
||||||
|
# - hashicorp-consul-rce
|
||||||
|
# - mirai-unknown-rce
|
||||||
|
# - optilink-ont1gew-gpon-rce
|
||||||
|
# - sar2html-rce
|
||||||
|
# - zimbra-preauth-ssrf
|
||||||
|
# - wp-xmlrpc-pingback-detection
|
||||||
|
# - fastjson-1-2-41-rce
|
||||||
|
# - fastjson-1-2-42-rce
|
||||||
|
# - fastjson-1-2-43-rce
|
||||||
|
# - fastjson-1-2-62-rce
|
||||||
|
# - fastjson-1-2-67-rce
|
||||||
|
# - fastjson-1-2-68-rce
|
||||||
|
# - request-based-interaction
|
||||||
|
# - open-proxy-internal
|
||||||
|
# - open-proxy-localhost
|
||||||
|
# - open-proxy-portscan
|
||||||
|
#
|
||||||
|
# Running this profile
|
||||||
|
# You can run this profile using the following command:
|
||||||
|
# nuclei -profile recommended -u https://example.com
|
||||||
|
|
||||||
severity:
|
severity:
|
||||||
- critical
|
- critical
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue