nuclei-templates/profiles/recommended.yml

# This is a configuration file for the recommended template profile.
# Additional configuration profiles can be created for different types of nuclei scans.
# They should be placed under the 'config' directory at:
# https://github.com/projectdiscovery/nuclei-templates
# Here is an example of how to use a config profile:
# nuclei -config config/recommended.yml -list target_list_to_scan.txt

severity:
  - critical
  - high
  - medium
  - low
  - unknown

type:
  - http
  - tcp
  - javascript

exclude-tags:
  - tech
  - dos
  - fuzz
  - creds-stuffing
  - token-spray
  - osint

exclude-id:
  - CVE-2021-45967
  - CVE-2021-36380
  - CVE-2021-33544
  - CVE-2021-32305
  - CVE-2021-31755
  - CVE-2021-28164
  - CVE-2021-27931
  - CVE-2021-26855
  - CVE-2021-25052
  - CVE-2021-1498
  - CVE-2020-7796
  - CVE-2020-5775
  - CVE-2020-35713
  - CVE-2020-26919
  - CVE-2020-25223
  - CVE-2020-24148
  - CVE-2020-10770
  - CVE-2019-9978
  - CVE-2019-8451
  - CVE-2019-3929
  - CVE-2019-2767
  - CVE-2019-2616
  - CVE-2019-20224
  - CVE-2019-19824
  - CVE-2019-10758
  - CVE-2018-16167
  - CVE-2018-15517
  - CVE-2018-1000600
  - CVE-2017-9506
  - CVE-2017-3506
  - CVE-2017-18638
  - CVE-2016-1555
  - CVE-2015-8813
  - CVE-2014-3206
  - CVE-2009-4223
  - CNVD-2021-09650
  - generic-tokens
  - credentials-disclosure
  - targa-camera-ssrf
  - cloudflare-external-image-resize
  - linkerd-ssrf-detection
  - ssrf-via-oauth-misconfig
  - tls-sni-proxy
  - xmlrpc-pingback-ssrf
  - hashicorp-consul-rce
  - mirai-unknown-rce
  - optilink-ont1gew-gpon-rce
  - sar2html-rce
  - zimbra-preauth-ssrf
  - wp-xmlrpc-pingback-detection
  - fastjson-1-2-41-rce
  - fastjson-1-2-42-rce
  - fastjson-1-2-43-rce
  - fastjson-1-2-62-rce
  - fastjson-1-2-67-rce
  - fastjson-1-2-68-rce
  - request-based-interaction
  - open-proxy-internal
  - open-proxy-localhost
  - open-proxy-portscan