Community curated list of templates for the nuclei engine to find security vulnerabilities.

Go to file

Prince Chaddha 54fb25799c Merge pull request #4377 from ritikchaddha/patch-56 Create ecsimagingpacs-rce.yaml		2022-05-12 16:49:28 +05:30
.github	workflow updates	2022-03-23 20:55:35 +05:30
cnvd	refactor: Description field uniformization	2022-04-22 13:38:41 +03:00
cves	Merge pull request #4372 from Akokonunes/patch-145	2022-05-12 15:56:12 +05:30
default-logins	Update and rename default-logins/others/h3c-secparh-default-login.yaml to misconfiguration/unauthorized-h3csecparh-login.yaml	2022-05-12 15:36:08 +05:30
dns	refactor: Description field uniformization	2022-04-22 13:38:41 +03:00
exposed-panels	Create zyxel-vsg1432b101-login.yaml	2022-05-12 16:20:18 +05:30
exposures	Update msmtp-config.yaml	2022-05-12 02:07:01 +05:30
file	FortiGate config-audit (#4275 )	2022-05-07 12:19:43 +05:30
fuzzing	added reference	2022-05-07 13:03:25 +05:30
headless	refactor: Description field uniformization	2022-04-22 13:38:41 +03:00
helpers	Added wordpress-xmlrpc-brute-force.yaml (#3445 )	2021-12-29 22:04:23 +05:30
iot	Improved AXIS detection (#4185 )	2022-04-23 19:58:33 +05:30
miscellaneous	Update and rename extract-firebase-database.yaml to firebase-database-extractor.yaml	2022-04-25 03:04:22 +04:00
misconfiguration	Update and rename default-logins/others/h3c-secparh-default-login.yaml to misconfiguration/unauthorized-h3csecparh-login.yaml	2022-05-12 15:36:08 +05:30
network	Increase judgment conditions to avoid false positives (#4317 )	2022-05-08 12:20:52 +05:30
ssl	refactor: Description field uniformization	2022-04-22 13:38:41 +03:00
takeovers	refactor: Description field uniformization	2022-04-22 13:38:41 +03:00
technologies	Create dedecms-detect.yaml (#4370 )	2022-05-12 13:56:30 +05:30
token-spray	Update api-bitly.yaml (#4265 )	2022-04-29 22:58:27 +05:30
vulnerabilities	Update ecsimagingpacs-rce.yaml	2022-05-12 16:38:58 +05:30
workflows	oracle enterprise manager login and oracle container for jee panel (#4128 )	2022-05-05 23:51:38 +05:30
.gitignore	Merge branch 'master' into dynamic_attributes	2021-08-19 16:23:26 +03:00
.new-additions	Auto Generated New Template Addition List [Thu May 12 11:09:44 UTC 2022] 🤖	2022-05-12 11:09:44 +00:00
.nuclei-ignore	Update .nuclei-ignore	2022-03-25 23:58:22 +05:30
.pre-commit-config.yml	pre-commit-config update	2021-09-11 12:16:55 +05:30
.yamllint	pre-commit-config update	2021-09-11 12:16:55 +05:30
CODE_OF_CONDUCT.md	Create CODE_OF_CONDUCT.md	2021-01-27 23:10:18 +05:30
CONTRIBUTING.md	Remove:	2022-01-25 14:38:53 -05:00
LICENSE.md	misc changes	2021-01-30 12:15:43 +05:30
PULL_REQUEST_TEMPLATE.md	Fixes contribute link in PR template (#4152 )	2022-04-15 13:30:01 +05:30
README.md	Auto README Update [Mon May 9 09:57:52 UTC 2022] 🤖	2022-05-09 09:57:52 +00:00
TEMPLATES-STATS.json	Auto Generated Templates Stats [Mon May 9 09:55:55 UTC 2022] 🤖	2022-05-09 09:55:55 +00:00
TEMPLATES-STATS.md	Auto Generated Templates Stats [Mon May 9 09:55:55 UTC 2022] 🤖	2022-05-09 09:55:55 +00:00
TOP-10.md	Auto Generated Templates Stats [Mon May 9 09:55:55 UTC 2022] 🤖	2022-05-09 09:55:55 +00:00
contributors.json	Ivanti EPM CSA Code Injection(CVE-2021-44529) (#3937 )	2022-03-20 13:14:37 +05:30
wappalyzer-mapping.yml	Added additional tags mapping file (#4108 )	2022-04-11 18:46:37 +05:30

README.md

Nuclei Templates

Community curated list of templates for the nuclei engine to find security vulnerabilities in applications.

Documentation • Contributions • Discussion • Community • FAQs • Join Discord

Templates are the core of the nuclei scanner which powers the actual scanning engine. This repository stores and houses various templates for the scanner provided by our team, as well as contributed by the community. We hope that you also contribute by sending templates via pull requests or Github issues to grow the list.

Nuclei Templates overview

An overview of the nuclei template project, including statistics on unique tags, author, directory, severity, and type of templates. The table below contains the top ten statistics for each matrix; an expanded version of this is available here, and also available in JSON format for integration.

Nuclei Templates Top 10 statistics

TAG	COUNT	AUTHOR	COUNT	DIRECTORY	COUNT	SEVERITY	COUNT	TYPE	COUNT
cve	1150	daffainfo	560	cves	1154	info	1183	http	3164
panel	513	dhiyaneshdk	421	exposed-panels	519	high	870	file	68
lfi	460	pikpikcu	316	vulnerabilities	446	medium	658	network	50
xss	363	pdteam	262	technologies	251	critical	411	dns	17
wordpress	358	geeknik	178	exposures	203	low	180
exposure	292	dwisiswant0	168	misconfiguration	196	unknown	6
rce	289	princechaddha	130	workflows	186
cve2021	283	0x_akoko	129	token-spray	153
tech	265	gy741	117	default-logins	95
wp-plugin	259	pussycat0x	116	file	68

260 directories, 3520 files.

📖 Documentation

Please navigate to https://nuclei.projectdiscovery.io for detailed documentation to build new or your own custom templates. We have also added a set of templates to help you understand how things work.

💪 Contributions

Nuclei-templates is powered by major contributions from the community. Template contributions , Feature Requests and Bug Reports are more than welcome.

💬 Discussion

Have questions / doubts / ideas to discuss? Feel free to open a discussion on Github discussions board.

👨‍💻 Community

You are welcome to join the active Discord Community to discuss directly with project maintainers and share things with others around security and automation. Additionally, you may follow us on Twitter to be updated on all the things about Nuclei.

Thanks again for your contribution and keeping this community vibrant. ❤️