From eb87c1cfe5ee42937c529a495518ba3929f40dda Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Sun, 14 Jan 2024 00:00:57 +0530
Subject: [PATCH] Nuclei config profiles for different use cases (#8859)

* Update CVE-2023-46359.yaml

* scan profiles

* updated configs

* misc update

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
---
 config/bugbounty.yml   | 26 ++++++++++++++++++++++++++
 config/cloud.yml       | 10 ++++++++++
 config/compliance.yml  | 29 +++++++++++++++++++++++++++++
 config/osint.yml       | 16 ++++++++++++++++
 config/pentest.yml     | 19 +++++++++++++++++++
 config/recommended.yml | 24 +++++++++++++-----------
 6 files changed, 113 insertions(+), 11 deletions(-)
 create mode 100644 config/bugbounty.yml
 create mode 100644 config/cloud.yml
 create mode 100644 config/compliance.yml
 create mode 100644 config/osint.yml
 create mode 100644 config/pentest.yml

diff --git a/config/bugbounty.yml b/config/bugbounty.yml
new file mode 100644
index 0000000000..0b04440ca1
--- /dev/null
+++ b/config/bugbounty.yml
@@ -0,0 +1,26 @@
+# This is a configuration file for the bugbounty template profile.
+# Additional configuration profiles can be created for different types of nuclei scans.
+# They should be placed under the 'config' directory at:
+# https://github.com/projectdiscovery/nuclei-templates
+# Here is an example of how to use a config profile:
+# nuclei -config config/bugbounty.yml -list target_list_to_scan.txt
+
+severity:
+  - critical
+  - high
+  - medium
+  - low
+  - unknown
+
+type:
+  - http
+  - tcp
+  - javascript
+
+exclude-tags:
+  - tech
+  - dos
+  - fuzz
+  - creds-stuffing
+  - token-spray
+  - osint
\ No newline at end of file
diff --git a/config/cloud.yml b/config/cloud.yml
new file mode 100644
index 0000000000..45455c520a
--- /dev/null
+++ b/config/cloud.yml
@@ -0,0 +1,10 @@
+# This is a configuration file for the cloud template profile.
+# Additional configuration profiles can be created for different types of nuclei scans.
+# They should be placed under the 'config' directory at:
+# https://github.com/projectdiscovery/nuclei-templates
+# Here is an example of how to use a config profile:
+# nuclei -config config/cloud.yml -list target_list_to_scan.txt
+
+tags:
+  - cloud
+  - devops
\ No newline at end of file
diff --git a/config/compliance.yml b/config/compliance.yml
new file mode 100644
index 0000000000..65e5be0b1b
--- /dev/null
+++ b/config/compliance.yml
@@ -0,0 +1,29 @@
+# This is a configuration file for the compliance template profile.
+# Additional configuration profiles can be created for different types of nuclei scans.
+# They should be placed under the 'config' directory at:
+# https://github.com/projectdiscovery/nuclei-templates
+# Here is an example of how to use a config profile:
+# nuclei -config config/compliance.yml -list target_list_to_scan.txt
+
+tags:
+  - misconfig
+  - cve
+  - exposure
+  - default-login
+  - xss
+  - lfi
+  - edb
+  - rce
+  - sqli
+  - unauth
+  - default-login
+  - ssrf
+  - redirect
+  - disclosure
+  - takeover
+  - traversal
+  - generic
+  - deserialization
+  - ssl
+  - keys
+  - token
\ No newline at end of file
diff --git a/config/osint.yml b/config/osint.yml
new file mode 100644
index 0000000000..72c9da245e
--- /dev/null
+++ b/config/osint.yml
@@ -0,0 +1,16 @@
+# This is a configuration file for the osint template profile.
+# Additional configuration profiles can be created for different types of nuclei scans.
+# They should be placed under the 'config' directory at:
+# https://github.com/projectdiscovery/nuclei-templates
+# Here is an example of how to use a config profile:
+# nuclei -config config/osint.yml -list target_list_to_scan.txt
+
+tags:
+  - osint
+  - honeypot
+  - backdoor
+  - c2
+  - osint-social
+  - exposures
+  - malware
+  - enum
\ No newline at end of file
diff --git a/config/pentest.yml b/config/pentest.yml
new file mode 100644
index 0000000000..2546416b85
--- /dev/null
+++ b/config/pentest.yml
@@ -0,0 +1,19 @@
+# This is a configuration file for the pentest template profile.
+# Additional configuration profiles can be created for different types of nuclei scans.
+# They should be placed under the 'config' directory at:
+# https://github.com/projectdiscovery/nuclei-templates
+# Here is an example of how to use a config profile:
+# nuclei -config config/pentest.yml -list target_list_to_scan.txt
+
+
+type:
+  - http
+  - tcp
+  - javascript
+  - dns
+  - ssl
+
+exclude-tags:
+  - dos
+  - fuzz
+  - osint
\ No newline at end of file
diff --git a/config/recommended.yml b/config/recommended.yml
index fe6d673451..5ecc419607 100644
--- a/config/recommended.yml
+++ b/config/recommended.yml
@@ -5,8 +5,17 @@
 # Here is an example of how to use a config profile:
 # nuclei -config config/recommended.yml -list target_list_to_scan.txt
 
-exclude-severity:
-  - info
+severity:
+  - critical
+  - high
+  - medium
+  - low
+  - unknown
+
+type:
+  - dns
+  - tcp
+  - javascript
 
 exclude-tags:
   - tech
@@ -14,15 +23,7 @@ exclude-tags:
   - fuzz
   - creds-stuffing
   - token-spray
-
-exclude-protocols:
-  - ssl
-  - dns
-  - file
-  - code
-  - whois
-  - headless
-  - workflow
+  - osint
 
 exclude-id:
   - CVE-2021-45967
@@ -86,3 +87,4 @@ exclude-id:
   - open-proxy-internal
   - open-proxy-localhost
   - open-proxy-portscan
+