Improved exclusions using tags
sandeep
parent
d93bb5fea5
commit
804c36e971
|
|
@ -1,66 +1,18 @@
|
||||||
# ==| Nuclei Templates Ignore list |==
|
# ==| Nuclei Templates Ignore list |==
|
||||||
# ====================================
|
# ====================================
|
||||||
#
|
#
|
||||||
# This list can be used to define template/s that will be blocked from execution.
|
# This is default list of tags and files to excluded from default nuclei scan.
|
||||||
# When a folder/directory is listed under this list, the templates within folder can be executed only when running them directly.
|
|
||||||
# For example, "nuclei -t fuzzing" will not work, "nuclei -t fuzzing/wp-plugin-scan.yaml" will be executed.
|
|
||||||
#
|
|
||||||
# Why ignore list? - To ensure nuclei is not getting used to hammer the every web server with templates that are meant to be used for specific use cases.
|
|
||||||
# and that doesn't mean nuclei won't let you run these templates. if you know what you are doing, feel free to updates this list locally as per your need.
|
|
||||||
#
|
|
||||||
# This list also can be used to ignore templates that you wanted to exclude from every scan.
|
|
||||||
# More details - https://nuclei.projectdiscovery.io/nuclei/get-started/#template-exclusion
|
# More details - https://nuclei.projectdiscovery.io/nuclei/get-started/#template-exclusion
|
||||||
|
|
||||||
# Fuzzing is excluded to avoid running bruteforce on every server as default.
|
# tags is a list of tags to ignore execution for
|
||||||
fuzzing/adminer-panel-fuzz.yaml
|
# unless asked for by the user.
|
||||||
fuzzing/arbitrary-file-read.yaml
|
|
||||||
fuzzing/directory-traversal.yaml
|
|
||||||
fuzzing/generic-lfi-fuzzing.yaml
|
|
||||||
fuzzing/header-command-injection.yaml
|
|
||||||
fuzzing/iis-shortname.yaml
|
|
||||||
fuzzing/wp-plugin-scan.yaml
|
|
||||||
|
|
||||||
# Miscellaneous
|
tags:
|
||||||
|
- "headless"
|
||||||
|
- "dos"
|
||||||
|
- "iot"
|
||||||
|
- "misc"
|
||||||
|
- "fuzz"
|
||||||
|
|
||||||
miscellaneous/detect-dns-over-https.yaml
|
# files is a list of files to ignore template execution
|
||||||
miscellaneous/detect-options-method.yaml
|
# unless asked for by the user.
|
||||||
miscellaneous/dir-listing.yaml
|
|
||||||
miscellaneous/htaccess-config.yaml
|
|
||||||
miscellaneous/joomla-htaccess.yaml
|
|
||||||
miscellaneous/joomla-manifest-file.yaml
|
|
||||||
miscellaneous/missing-csp.yaml
|
|
||||||
miscellaneous/missing-hsts.yaml
|
|
||||||
miscellaneous/missing-x-frame-options.yaml
|
|
||||||
miscellaneous/moodle-changelog.yaml
|
|
||||||
miscellaneous/ntlm-directories.yaml
|
|
||||||
miscellaneous/old-copyright.yaml
|
|
||||||
miscellaneous/phpmyadmin-setup.yaml
|
|
||||||
miscellaneous/robots.txt.yaml
|
|
||||||
miscellaneous/security.txt.yaml
|
|
||||||
miscellaneous/trace-method.yaml
|
|
||||||
miscellaneous/unencrypted-bigip-ltm-cookie.yaml
|
|
||||||
miscellaneous/unpatched-coldfusion.yaml
|
|
||||||
miscellaneous/xml-schema-detect.yaml
|
|
||||||
|
|
||||||
# Headless
|
|
||||||
|
|
||||||
headless/dvwa-headless-automatic-login.yaml
|
|
||||||
headless/postmessage-tracker.yaml
|
|
||||||
headless/prototype-pollution-check.yaml
|
|
||||||
headless/window-name-domxss.yaml
|
|
||||||
|
|
||||||
# iot
|
|
||||||
|
|
||||||
iot/contacam.yaml
|
|
||||||
iot/epmp-login.yaml
|
|
||||||
iot/hp-laserjet-detect.yaml
|
|
||||||
iot/internet-service.yaml
|
|
||||||
iot/liveview-axis-camera.yaml
|
|
||||||
iot/mobotix-guest-camera.yaml
|
|
||||||
iot/network-camera-detect.yaml
|
|
||||||
iot/nuuno-network-login.yaml
|
|
||||||
iot/panasonic-network-management.yaml
|
|
||||||
iot/selea-ip-camera.yaml
|
|
||||||
|
|
||||||
# CVEs
|
|
||||||
cves/2017/CVE-2017-17562.yaml
|
|
||||||
Loading…
Reference in New Issue