94 lines
2.0 KiB
YAML
94 lines
2.0 KiB
YAML
# Nuclei Configuration Profile for Recommended Detection
|
|
#
|
|
# This configuration file is specifically tailored for performing recommended scans using Nuclei.
|
|
#
|
|
# Purpose:
|
|
# This profile is focused on identifying a wide range of security vulnerabilities across various protocols and services. It includes templates with different severity levels and excludes certain tags and template IDs to provide a balanced and focused detection approach.
|
|
#
|
|
# Running this profile
|
|
# You can run this profile using the following command:
|
|
# nuclei -profile recommended -u https://example.com
|
|
|
|
severity:
|
|
- critical
|
|
- high
|
|
- medium
|
|
- low
|
|
- unknown
|
|
|
|
type:
|
|
- http
|
|
- tcp
|
|
- javascript
|
|
|
|
exclude-tags:
|
|
- tech
|
|
- dos
|
|
- fuzz
|
|
- creds-stuffing
|
|
- token-spray
|
|
- osint
|
|
|
|
exclude-id:
|
|
- CVE-2021-45967
|
|
- CVE-2021-36380
|
|
- CVE-2021-33544
|
|
- CVE-2021-32305
|
|
- CVE-2021-31755
|
|
- CVE-2021-28164
|
|
- CVE-2021-27931
|
|
- CVE-2021-26855
|
|
- CVE-2021-25052
|
|
- CVE-2021-1498
|
|
- CVE-2020-7796
|
|
- CVE-2020-5775
|
|
- CVE-2020-35713
|
|
- CVE-2020-26919
|
|
- CVE-2020-25223
|
|
- CVE-2020-24148
|
|
- CVE-2020-10770
|
|
- CVE-2019-9978
|
|
- CVE-2019-8451
|
|
- CVE-2019-3929
|
|
- CVE-2019-2767
|
|
- CVE-2019-2616
|
|
- CVE-2019-20224
|
|
- CVE-2019-19824
|
|
- CVE-2019-10758
|
|
- CVE-2018-16167
|
|
- CVE-2018-15517
|
|
- CVE-2018-1000600
|
|
- CVE-2017-9506
|
|
- CVE-2017-3506
|
|
- CVE-2017-18638
|
|
- CVE-2016-1555
|
|
- CVE-2015-8813
|
|
- CVE-2014-3206
|
|
- CVE-2009-4223
|
|
- CNVD-2021-09650
|
|
- generic-tokens
|
|
- credentials-disclosure
|
|
- targa-camera-ssrf
|
|
- cloudflare-external-image-resize
|
|
- linkerd-ssrf-detection
|
|
- ssrf-via-oauth-misconfig
|
|
- tls-sni-proxy
|
|
- xmlrpc-pingback-ssrf
|
|
- hashicorp-consul-rce
|
|
- mirai-unknown-rce
|
|
- optilink-ont1gew-gpon-rce
|
|
- sar2html-rce
|
|
- zimbra-preauth-ssrf
|
|
- wp-xmlrpc-pingback-detection
|
|
- fastjson-1-2-41-rce
|
|
- fastjson-1-2-42-rce
|
|
- fastjson-1-2-43-rce
|
|
- fastjson-1-2-62-rce
|
|
- fastjson-1-2-67-rce
|
|
- fastjson-1-2-68-rce
|
|
- request-based-interaction
|
|
- open-proxy-internal
|
|
- open-proxy-localhost
|
|
- open-proxy-portscan
|
|
|