nuclei-templates/config/recommended.yml

91 lines
1.9 KiB
YAML

# This is a configuration file for the recommended template profile.
# Additional configuration profiles can be created for different types of nuclei scans.
# They should be placed under the 'config' directory at:
# https://github.com/projectdiscovery/nuclei-templates
# Here is an example of how to use a config profile:
# nuclei -config config/recommended.yml -list target_list_to_scan.txt
severity:
- critical
- high
- medium
- low
- unknown
type:
- http
- tcp
- javascript
exclude-tags:
- tech
- dos
- brute-force
- creds-stuffing
- token-spray
- osint
exclude-id:
- CVE-2021-45967
- CVE-2021-36380
- CVE-2021-33544
- CVE-2021-32305
- CVE-2021-31755
- CVE-2021-28164
- CVE-2021-27931
- CVE-2021-26855
- CVE-2021-25052
- CVE-2021-1498
- CVE-2020-7796
- CVE-2020-5775
- CVE-2020-35713
- CVE-2020-26919
- CVE-2020-25223
- CVE-2020-24148
- CVE-2020-10770
- CVE-2019-9978
- CVE-2019-8451
- CVE-2019-3929
- CVE-2019-2767
- CVE-2019-2616
- CVE-2019-20224
- CVE-2019-19824
- CVE-2019-10758
- CVE-2018-16167
- CVE-2018-15517
- CVE-2018-1000600
- CVE-2017-9506
- CVE-2017-3506
- CVE-2017-18638
- CVE-2016-1555
- CVE-2015-8813
- CVE-2014-3206
- CVE-2009-4223
- CNVD-2021-09650
- generic-tokens
- credentials-disclosure
- targa-camera-ssrf
- cloudflare-external-image-resize
- linkerd-ssrf-detection
- ssrf-via-oauth-misconfig
- tls-sni-proxy
- xmlrpc-pingback-ssrf
- hashicorp-consul-rce
- mirai-unknown-rce
- optilink-ont1gew-gpon-rce
- sar2html-rce
- zimbra-preauth-ssrf
- wp-under-construction-ssrf
- wp-xmlrpc-pingback-detection
- fastjson-1-2-41-rce
- fastjson-1-2-42-rce
- fastjson-1-2-43-rce
- fastjson-1-2-62-rce
- fastjson-1-2-67-rce
- fastjson-1-2-68-rce
- request-based-interaction
- open-proxy-internal
- open-proxy-localhost
- open-proxy-portscan