updated profiles

profiles/all.yml

@@ -5,14 +5,6 @@
 # Purpose:
 # This profile is focused on identifying a wide range of security issues across different types of protocols and services. It includes templates for HTTP, TCP, JavaScript, DNS, and SSL to ensure thorough coverage of potential vulnerabilities.
 #
-# Included Templates:
-# This configuration references specific templates designed for comprehensive scanning:
-# - http: Templates for detecting vulnerabilities in HTTP-based services.
-# - tcp: Templates for detecting vulnerabilities in TCP-based services.
-# - javascript: Templates for detecting vulnerabilities that are written using the javascript protocol.
-# - dns: Templates for detecting vulnerabilities in DNS services.
-# - ssl: Templates for detecting SSL/TLS related issues.
-#
 # Running this profile
 # You can run this profile using the following command:
 # nuclei -profile all -u https://example.com

profiles/aws-cloud-config.yml

@@ -8,13 +8,9 @@
 # Included Templates:
 # This configuration references specific templates tagged with 'aws-cloud-config' to cover comprehensive scanning of AWS ACLs.
 #
-# Configuration:
-# The profile also includes code templates to enhance detection capabilities.
-# Additionally, it sets a variable for the AWS region to 'us-east-1' for template inputs.
-#
 # Running this profile
 # You can run this profile using the following command:
-# nuclei -profile aws-acls
+# nuclei -profile aws-cloud-config
 code: true # enable code templates
 
 tags:

profiles/cloud.yml

@@ -5,15 +5,10 @@
 # Purpose:
 # This profile is focused on identifying security issues in cloud environments. It includes templates that help detect vulnerabilities and misconfigurations in cloud services and infrastructure, ensuring the security of cloud deployments.
 #
-# Included Templates:
-# This configuration references specific templates tagged with 'cloud' and 'devops' to cover comprehensive scanning of cloud environments:
-# - cloud: Templates for detecting vulnerabilities and misconfigurations in cloud services.
-# - devops: Templates for detecting issues related to DevOps practices in cloud environments.
-#
 # Running this profile
 # You can run this profile using the following command:
 # nuclei -profile cloud -u https://example.com
 
 tags:
   - cloud
-  - devops
+  - devops

profiles/compliance.yml

@@ -5,29 +5,6 @@
 # Purpose:
 # This profile is focused on identifying a wide range of security issues to ensure compliance with various security standards and best practices. It includes templates for detecting misconfigurations, vulnerabilities, exposures, and other security risks.
 #
-# Included Templates:
-# This configuration references specific templates tagged with various security-related tags to cover comprehensive compliance scanning:
-# - misconfig: Templates for detecting misconfigurations.
-# - cve: Templates for detecting Common Vulnerabilities and Exposures.
-# - exposure: Templates for detecting sensitive information exposures.
-# - default-login: Templates for detecting default login credentials.
-# - xss: Templates for detecting Cross-Site Scripting vulnerabilities.
-# - lfi: Templates for detecting Local File Inclusion vulnerabilities.
-# - edb: Templates for vulnerabilities listed in the Exploit Database.
-# - rce: Templates for detecting Remote Code Execution vulnerabilities.
-# - sqli: Templates for detecting SQL Injection vulnerabilities.
-# - unauth: Templates for detecting unauthorized access vulnerabilities.
-# - ssrf: Templates for detecting Server-Side Request Forgery vulnerabilities.
-# - redirect: Templates for detecting open redirection vulnerabilities.
-# - disclosure: Templates for detecting sensitive information disclosure.
-# - takeover: Templates for detecting subdomain takeover vulnerabilities.
-# - traversal: Templates for detecting directory traversal vulnerabilities.
-# - generic: Templates for detecting generic security issues.
-# - deserialization: Templates for detecting deserialization vulnerabilities.
-# - ssl: Templates for detecting SSL/TLS related issues.
-# - keys: Templates for detecting exposed keys.
-# - token: Templates for detecting exposed tokens.
-#
 # Running this profile
 # You can run this profile using the following command:
 # nuclei -profile compliance -u https://example.com

profiles/cves.yml

@@ -5,13 +5,6 @@
 # Purpose:
 # This profile is focused on identifying vulnerabilities listed in the Common Vulnerabilities and Exposures (CVE) database. Detecting CVEs is essential for mitigating risks associated with known security flaws in software and systems.
 #
-# Included Templates:
-# This configuration references specific templates designed to detect CVEs:
-# - http/cves/: This directory contains templates for detecting CVEs in HTTP-based services.
-# - http/cnvd/: This directory contains templates for detecting vulnerabilities listed in the Chinese National Vulnerability Database (CNVD).
-# - network/cves/: This directory contains templates for detecting CVEs in network services.
-# - javascript/cves/: This directory contains templates for detecting CVEs in JavaScript-based applications.
-#
 # Running this profile
 # You can run this profile using the following command:
 # nuclei -profile cves -u https://example.com

profiles/default-login.yml

@@ -5,12 +5,6 @@
 # Purpose:
 # This profile is focused on identifying instances where default login credentials are being used. Default logins can pose significant security risks as they are often targeted by attackers to gain unauthorized access to systems.
 #
-# Included Templates:
-# This configuration references specific templates designed to detect default login scenarios:
-# - http/default-logins/: This directory contains templates for detecting default login credentials in HTTP-based services.
-# - network/default-login/: This directory contains templates for detecting default login credentials in network services.
-# - javascript/default-logins/: This directory contains templates for detecting default login credentials, the templates are made using the javascript protocol.
-#
 # Running this profile
 # You can run this profile using the following command:
 # nuclei -profile default-login -u https://example.com

profiles/kev.yml

@@ -6,10 +6,6 @@
 # This profile is focused on identifying vulnerabilities that are listed in the Cybersecurity and Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities (KEV) catalog.
 # Detecting KEVs is crucial for mitigating risks associated with known and actively exploited vulnerabilities.
 #
-# Included Templates:
-# This configuration references specific templates designed to detect KEVs:
-# - tags/kev/: This directory contains templates tagged with 'kev' that are specifically focused on detecting known exploited vulnerabilities.
-#
 # Running this profile
 # You can run this profile using the following command:
 # nuclei -profile kev -u https://example.com

profiles/misconfigurations.yml

@@ -5,12 +5,6 @@
 # Purpose:
 # This profile is focused on identifying various misconfigurations that can lead to security vulnerabilities. Detecting and correcting misconfigurations is essential for maintaining the security and integrity of systems and applications.
 #
-# Included Templates:
-# This configuration references specific templates designed to detect misconfigurations:
-# - http/misconfiguration/: Templates for detecting misconfigurations in HTTP-based services.
-# - network/misconfig/: Templates for detecting misconfigurations in network services.
-# - javascript/misconfiguration/: Templates written using javascript protocol for detecting misconfigurations in applications.
-#
 # Running this profile
 # You can run this profile using the following command:
 # nuclei -profile misconfigurations -u https://example.com

profiles/osint.yml

@@ -5,21 +5,6 @@
 # Purpose:
 # This profile is focused on identifying various OSINT-related security risks, including exposed information, backdoors, command and control servers, and more. OSINT scanning helps in gathering intelligence that could be used to identify potential threats and vulnerabilities.
 #
-# Included Templates:
-# This configuration references specific templates tagged with various OSINT-related tags to cover comprehensive OSINT scanning:
-# - osint: Templates for detecting OSINT-related vulnerabilities and exposures.
-# - honeypot: Templates for detecting honeypots.
-# - backdoor: Templates for detecting backdoors.
-# - c2: Templates for detecting command and control servers.
-# - osint-social: Templates for detecting social media related exposures.
-# - exposures: Templates for detecting exposed sensitive information.
-# - malware: Templates for detecting malware-related activities.
-# - enum: Templates for enumeration activities.
-# - phishing: Templates for detecting phishing-related issues.
-#
-# Included Tags:
-# This configuration also includes additional templates tagged with 'phishing' for a more focused detection.
-#
 # Running this profile
 # You can run this profile using the following command:
 # nuclei -profile osint -u https://example.com

profiles/pentest.yml

@@ -5,20 +5,6 @@
 # Purpose:
 # This profile is focused on identifying security vulnerabilities across various protocols and services, including HTTP, TCP, JavaScript, DNS, and SSL. It excludes templates related to Denial of Service (DoS), fuzzing, and Open Source Intelligence (OSINT) to ensure focused and efficient penetration testing.
 #
-# Included Templates:
-# This configuration references specific templates designed for penetration testing:
-# - http: Templates for detecting vulnerabilities in HTTP-based services.
-# - tcp: Templates for detecting vulnerabilities in TCP-based services.
-# - javascript: Templates written using javasxript protocol for detecting vulnerabilities in applications.
-# - dns: Templates for detecting vulnerabilities in DNS services.
-# - ssl: Templates for detecting SSL/TLS related issues.
-#
-# Excluded Tags:
-# This configuration excludes templates tagged with 'dos', 'fuzz', and 'osint' to avoid unnecessary and potentially disruptive tests:
-# - dos: Templates for Denial of Service attacks.
-# - fuzz: Templates for fuzzing.
-# - osint: Templates for Open Source Intelligence gathering.
-#
 # Running this profile
 # You can run this profile using the following command:
 # nuclei -profile pentest -u https://example.com

profiles/recommended.yml

@@ -5,83 +5,6 @@
 # Purpose:
 # This profile is focused on identifying a wide range of security vulnerabilities across various protocols and services. It includes templates with different severity levels and excludes certain tags and template IDs to provide a balanced and focused detection approach.
 #
-# Included Templates:
-# This configuration references specific templates designed for comprehensive security scanning:
-# - severity: Templates with critical, high, medium, low, and unknown severity levels.
-# - type: Templates for detecting vulnerabilities in HTTP, TCP, and templates written in javascript protocol.
-#
-# Excluded Tags:
-# This configuration excludes templates tagged with the following to avoid unnecessary and potentially disruptive tests:
-# - tech
-# - dos
-# - fuzz
-# - creds-stuffing
-# - token-spray
-# - osint
-#
-# Excluded IDs:
-# This configuration excludes specific template IDs to further refine the detection scope:
-# - CVE-2021-45967
-# - CVE-2021-36380
-# - CVE-2021-33544
-# - CVE-2021-32305
-# - CVE-2021-31755
-# - CVE-2021-28164
-# - CVE-2021-27931
-# - CVE-2021-26855
-# - CVE-2021-25052
-# - CVE-2021-1498
-# - CVE-2020-7796
-# - CVE-2020-5775
-# - CVE-2020-35713
-# - CVE-2020-26919
-# - CVE-2020-25223
-# - CVE-2020-24148
-# - CVE-2020-10770
-# - CVE-2019-9978
-# - CVE-2019-8451
-# - CVE-2019-3929
-# - CVE-2019-2767
-# - CVE-2019-2616
-# - CVE-2019-20224
-# - CVE-2019-19824
-# - CVE-2019-10758
-# - CVE-2018-16167
-# - CVE-2018-15517
-# - CVE-2018-1000600
-# - CVE-2017-9506
-# - CVE-2017-3506
-# - CVE-2017-18638
-# - CVE-2016-1555
-# - CVE-2015-8813
-# - CVE-2014-3206
-# - CVE-2009-4223
-# - CNVD-2021-09650
-# - generic-tokens
-# - credentials-disclosure
-# - targa-camera-ssrf
-# - cloudflare-external-image-resize
-# - linkerd-ssrf-detection
-# - ssrf-via-oauth-misconfig
-# - tls-sni-proxy
-# - xmlrpc-pingback-ssrf
-# - hashicorp-consul-rce
-# - mirai-unknown-rce
-# - optilink-ont1gew-gpon-rce
-# - sar2html-rce
-# - zimbra-preauth-ssrf
-# - wp-xmlrpc-pingback-detection
-# - fastjson-1-2-41-rce
-# - fastjson-1-2-42-rce
-# - fastjson-1-2-43-rce
-# - fastjson-1-2-62-rce
-# - fastjson-1-2-67-rce
-# - fastjson-1-2-68-rce
-# - request-based-interaction
-# - open-proxy-internal
-# - open-proxy-localhost
-# - open-proxy-portscan
-#
 # Running this profile
 # You can run this profile using the following command:
 # nuclei -profile recommended -u https://example.com

profiles/subdomain-takeovers.yml

@@ -7,12 +7,6 @@
 # Subdomain takeovers can occur when a DNS entry points to a deprovisioned or unclaimed cloud resource, potentially
 # allowing an attacker to claim the resource and hijack the subdomain.
 #
-# Included Templates:
-# This configuration references specific templates designed to detect subdomain takeover scenarios:
-# - http/takeovers/: This directory contains general templates for detecting HTTP-based subdomain takeovers.
-# - dns/azure-takeover-detection.yaml: This template specifically checks for subdomain takeovers on Microsoft Azure.
-# - dns/elasticbeanstalk-takeover.yaml: This template specifically checks for subdomain takeovers on AWS Elastic Beanstalk.
-#
 # Running this profile
 # You can run this profile using the following command :
 # nuclei -profile subdomain-takeovers -u https://www.example.com

profiles/wordpress.yml

@@ -5,10 +5,6 @@
 # Purpose:
 # This profile is focused on identifying security issues specific to WordPress, including vulnerable plugins, themes, and core components. Ensuring the security of WordPress installations is crucial due to its widespread use and common targeting by attackers.
 #
-# Included Templates:
-# This configuration references specific templates tagged with 'wordpress' to cover comprehensive WordPress scanning:
-# - wordpress: Templates for detecting vulnerabilities and misconfigurations in WordPress installations, plugins, and themes.
-#
 # Running this profile
 # You can run this profile using the following command:
 # nuclei -profile wordpress -u https://example.com