From 702ebcf4bb57fa886fc935c044225e57e753eace Mon Sep 17 00:00:00 2001 From: Parth Malhotra <28601533+parthmalhotra@users.noreply.github.com> Date: Tue, 25 Jun 2024 12:54:21 +0530 Subject: [PATCH] Update cves.yml --- profiles/cves.yml | 23 +++++++++++++++++------ 1 file changed, 17 insertions(+), 6 deletions(-) diff --git a/profiles/cves.yml b/profiles/cves.yml index 265cf0ea45..9fb0523b57 100644 --- a/profiles/cves.yml +++ b/profiles/cves.yml @@ -1,9 +1,20 @@ -# This is a configuration file for the cves template profile. -# Additional configuration profiles can be created for different types of nuclei scans. -# They should be placed under the 'config' directory at: -# https://github.com/projectdiscovery/nuclei-templates -# Here is an example of how to use a config profile: -# nuclei -config config/osint.yml -list target_list_to_scan.txt +# Nuclei Configuration Profile for CVEs Detection +# +# This configuration file is specifically tailored for detecting Common Vulnerabilities and Exposures (CVEs) using Nuclei. +# +# Purpose: +# This profile is focused on identifying vulnerabilities listed in the Common Vulnerabilities and Exposures (CVE) database. Detecting CVEs is essential for mitigating risks associated with known security flaws in software and systems. +# +# Included Templates: +# This configuration references specific templates designed to detect CVEs: +# - http/cves/: This directory contains templates for detecting CVEs in HTTP-based services. +# - http/cnvd/: This directory contains templates for detecting vulnerabilities listed in the Chinese National Vulnerability Database (CNVD). +# - network/cves/: This directory contains templates for detecting CVEs in network services. +# - javascript/cves/: This directory contains templates for detecting CVEs in JavaScript-based applications. +# +# Running this profile +# You can run this profile using the following command: +# nuclei -profile cves -u https://example.com templates: - http/cves/