Community curated list of templates for the nuclei engine to find security vulnerabilities.

Go to file

zy9ard3 5f073f80ad Rename apache-druid-kafka-connect-rce.yaml to CVE-2023-25194.yaml (#9416 ) * Auto Generated New Template Addition List [Wed Mar 20 04:11:42 UTC 2024] 🤖 * Auto Generated Templates Checksum [Wed Mar 20 04:11:56 UTC 2024] 🤖 * Syncing Templates * Auto Template Signing [Wed Mar 20 04:13:43 UTC 2024] 🤖 * soa-detection * formatting * Auto Generated New Template Addition List [Wed Mar 20 04:57:34 UTC 2024] 🤖 * Auto Generated Templates Checksum [Wed Mar 20 04:57:39 UTC 2024] 🤖 * Syncing Templates * txt service detector * remove trailing spaces * remove another trailing space * fix formatting * Create wing-ftp-service-detect.yaml * Auto Generated Templates Checksum [Wed Mar 20 04:59:02 UTC 2024] 🤖 * Auto Generated New Template Addition List [Wed Mar 20 04:59:16 UTC 2024] 🤖 * Auto Template Signing [Wed Mar 20 04:59:22 UTC 2024] 🤖 * Syncing Templates * generic-db: Added checking of SQLite database files exposure. * generic-db: Added more exact matchers to make sure the exposured file is really SQLite file. * generic-db: Improved SQLite file signature matcher to match exactly beginning of the document. * Update generic-db.yaml * updated with path variable * minor update * Auto Generated New Template Addition List [Wed Mar 20 08:12:01 UTC 2024] 🤖 * Auto Generated Templates Checksum [Wed Mar 20 08:12:15 UTC 2024] 🤖 * Syncing Templates * Auto Template Signing [Wed Mar 20 08:13:55 UTC 2024] 🤖 * Auto Generated cves.json [Wed Mar 20 08:14:48 UTC 2024] 🤖 * spf record detection template * fix-formatting * Auto Generated New Template Addition List [Wed Mar 20 17:44:10 UTC 2024] 🤖 * Auto Generated Templates Checksum [Wed Mar 20 17:44:22 UTC 2024] 🤖 * Syncing Templates * Auto Template Signing [Wed Mar 20 17:46:15 UTC 2024] 🤖 * Update fingerprinthub-web-fingerprints.yaml * Auto Generated Templates Checksum [Wed Mar 20 18:18:58 UTC 2024] 🤖 * Auto Template Signing [Wed Mar 20 18:20:56 UTC 2024] 🤖 * Update microsoft-iis-version.yaml * Auto Generated New Template Addition List [Wed Mar 20 19:19:13 UTC 2024] 🤖 * Auto Generated Templates Checksum [Wed Mar 20 19:19:36 UTC 2024] 🤖 * Auto Template Signing [Wed Mar 20 19:21:17 UTC 2024] 🤖 * fix tag CVE-2012-4253.yaml * Auto Generated New Template Addition List [Thu Mar 21 05:00:37 UTC 2024] 🤖 * Auto Generated Templates Checksum [Thu Mar 21 05:00:49 UTC 2024] 🤖 * Auto Template Signing [Thu Mar 21 05:02:28 UTC 2024] 🤖 * Update drupal-install.yaml * Update and rename drupal-install.yaml to drupal-install.yaml * Auto Generated New Template Addition List [Thu Mar 21 07:45:17 UTC 2024] 🤖 * Auto Generated Templates Checksum [Thu Mar 21 07:45:49 UTC 2024] 🤖 * Auto Template Signing [Thu Mar 21 07:47:25 UTC 2024] 🤖 * fixing faulty template * Auto Generated New Template Addition List [Fri Mar 22 07:33:01 UTC 2024] 🤖 * Auto Generated Templates Checksum [Fri Mar 22 07:33:10 UTC 2024] 🤖 * Auto Template Signing [Fri Mar 22 07:34:51 UTC 2024] 🤖 * update-workflow * Auto Generated Templates Checksum [Fri Mar 22 07:41:50 UTC 2024] 🤖 * tag add * Auto Generated New Template Addition List [Fri Mar 22 07:44:49 UTC 2024] 🤖 * Auto Generated Templates Checksum [Fri Mar 22 07:44:53 UTC 2024] 🤖 * Auto Template Signing [Fri Mar 22 07:46:39 UTC 2024] 🤖 * Create CVE-2024-27954.yaml * Update CVE-2024-27954.yaml * added metadata * updated matcher & info * Auto Generated New Template Addition List [Fri Mar 22 16:05:42 UTC 2024] 🤖 * Auto Generated Templates Checksum [Fri Mar 22 16:05:58 UTC 2024] 🤖 * Syncing Templates * Add Directus Detect * minor update * Auto Template Signing [Fri Mar 22 16:07:42 UTC 2024] 🤖 * Auto Generated New Template Addition List [Fri Mar 22 16:07:58 UTC 2024] 🤖 * Auto Generated Templates Checksum [Fri Mar 22 16:08:03 UTC 2024] 🤖 * Syncing Templates * ups lfi add * Auto Generated Templates Checksum [Fri Mar 22 16:10:18 UTC 2024] 🤖 * Create softether-vpn-panel.yaml * fix-formatting * Auto Generated Templates Checksum [Fri Mar 22 16:11:18 UTC 2024] 🤖 * Auto Template Signing [Fri Mar 22 16:12:05 UTC 2024] 🤖 * fix CVE-2022-45917 fp * updated redirect domain * Auto Generated New Template Addition List [Sat Mar 23 03:27:48 UTC 2024] 🤖 * Auto Generated Templates Checksum [Sat Mar 23 03:28:06 UTC 2024] 🤖 * Syncing Templates * Auto Template Signing [Sat Mar 23 03:29:55 UTC 2024] 🤖 * Adding new templates from Unreleased Templates Repo * duplicate template * Added Helper for mysql * Update mysql-load-file.yaml * minor - changes * struct - changes * SMB Version -FP fix * struct -update * Update smb-version-detect.yaml * minor changes * mysql -update * mysql creds -update * Update mysql-default-login.yaml * Auto Generated New Template Addition List [Sat Mar 23 09:21:32 UTC 2024] 🤖 * Auto Generated Templates Checksum [Sat Mar 23 09:21:42 UTC 2024] 🤖 * Syncing Templates * Auto Template Signing [Sat Mar 23 09:23:23 UTC 2024] 🤖 * Update ispconfig-default-login.yaml * Auto Generated New Template Addition List [Sat Mar 23 09:25:18 UTC 2024] 🤖 * Auto Generated Templates Checksum [Sat Mar 23 09:25:22 UTC 2024] 🤖 * Auto Template Signing [Sat Mar 23 09:27:02 UTC 2024] 🤖 * TemplateMan Update [Sat Mar 23 09:28:19 UTC 2024] 🤖 * Update .nuclei-ignore * Auto Generated Templates Stats [Sun Mar 24 04:19:41 UTC 2024] 🤖 * Auto README Update [Sun Mar 24 04:20:11 UTC 2024] 🤖 * Rename apache-druid-kafka-connect-rce.yaml to CVE-2023-25194.yaml * Auto Generated New Template Addition List [Wed Mar 20 19:19:13 UTC 2024] 🤖 * Auto Generated New Template Addition List [Thu Mar 21 05:00:37 UTC 2024] 🤖 * Auto Generated New Template Addition List [Thu Mar 21 07:45:17 UTC 2024] 🤖 * Auto Generated New Template Addition List [Fri Mar 22 07:33:01 UTC 2024] 🤖 * Auto Generated New Template Addition List [Fri Mar 22 07:44:49 UTC 2024] 🤖 * Auto Generated New Template Addition List [Sat Mar 23 09:25:18 UTC 2024] 🤖 * Rename apache-druid-kafka-connect-rce.yaml to CVE-2023-25194.yaml --------- Co-authored-by: [PDBot] <bot@projectdiscovery.io> Co-authored-by: GitHub Action <action@github.com> Co-authored-by: Rishi <rishi@rxerium.com> Co-authored-by: Dhiyaneshwaran <leedhiyanesh@gmail.com> Co-authored-by: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Co-authored-by: Michal Mikolas <nanuqcz@gmail.com> Co-authored-by: Rishi <hakrishi@pm.me> Co-authored-by: Brandon Hutchinson <bhutch@gmail.com> Co-authored-by: Prince Chaddha <prince@projectdiscovery.io> Co-authored-by: 我会啊D,明小子,御剑 <104293903+pwnhxl@users.noreply.github.com> Co-authored-by: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Co-authored-by: mzack <marco.rivoli.nvh@gmail.com> Co-authored-by: Ricardo Maia <rsmaia@gmail.com> Co-authored-by: Kazgangap <halilkirazkaya@yandex.com> Co-authored-by: J4vaovo <128683738+j4vaovo@users.noreply.github.com> Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>		2024-03-26 13:47:01 +05:30
.github	Syncing Templates	2024-03-26 08:07:17 +00:00
cloud/enum	Auto Template Signing [Tue Mar 19 16:40:41 UTC 2024] 🤖	2024-03-19 16:40:42 +00:00
code	Auto Template Signing [Mon Mar 25 11:57:16 UTC 2024] 🤖	2024-03-25 11:57:17 +00:00
config	reverted bruteforce tags to fuzz	2024-03-19 20:50:31 +05:30
dns	Auto Template Signing [Mon Mar 25 11:57:16 UTC 2024] 🤖	2024-03-25 11:57:17 +00:00
file	Auto Template Signing [Tue Mar 19 03:38:58 UTC 2024] 🤖	2024-03-19 03:38:58 +00:00
headless	Auto Template Signing [Mon Mar 25 11:57:16 UTC 2024] 🤖	2024-03-25 11:57:17 +00:00
helpers	Added Helper for mysql	2024-03-09 21:36:14 +05:30
http	Rename apache-druid-kafka-connect-rce.yaml to CVE-2023-25194.yaml (#9416 )	2024-03-26 13:47:01 +05:30
javascript	Auto Template Signing [Mon Mar 25 11:57:16 UTC 2024] 🤖	2024-03-25 11:57:17 +00:00
network	Auto Template Signing [Tue Mar 26 08:05:25 UTC 2024] 🤖	2024-03-26 08:05:26 +00:00
ssl	Auto Template Signing [Sat Mar 23 09:23:23 UTC 2024] 🤖	2024-03-23 09:23:24 +00:00
workflows	update-workflow	2024-03-22 13:07:25 +05:30
.gitignore	matcher update	2023-10-01 17:36:17 +05:30
.new-additions	Auto Generated New Template Addition List [Tue Mar 26 08:06:39 UTC 2024] 🤖	2024-03-26 08:06:39 +00:00
.nuclei-ignore	Update .nuclei-ignore	2024-03-24 08:48:42 +05:30
.pre-commit-config.yml	pre-commit-config update	2021-09-11 12:16:55 +05:30
.yamllint	Updated .yamllint	2023-11-09 14:03:38 +05:30
CODE_OF_CONDUCT.md	Create CODE_OF_CONDUCT.md	2021-01-27 23:10:18 +05:30
CONTRIBUTING.md	misc update	2023-06-24 23:27:14 +05:30
LICENSE.md	misc changes	2021-01-30 12:15:43 +05:30
PULL_REQUEST_TEMPLATE.md	Fixes contribute link in PR template (#4152 )	2022-04-15 13:30:01 +05:30
README.md	Auto README Update [Sun Mar 24 04:20:11 UTC 2024] 🤖	2024-03-24 04:20:11 +00:00
README_KR.md	Create README_KR.md (#5022 )	2022-08-06 12:19:34 +05:30
TEMPLATES-STATS.json	Auto Generated Templates Stats [Sun Mar 24 04:19:41 UTC 2024] 🤖	2024-03-24 04:19:41 +00:00
TEMPLATES-STATS.md	Auto Generated Templates Stats [Sun Mar 24 04:19:41 UTC 2024] 🤖	2024-03-24 04:19:41 +00:00
TOP-10.md	Auto Generated Templates Stats [Sun Mar 24 04:19:41 UTC 2024] 🤖	2024-03-24 04:19:41 +00:00
contributors.json	Update contributors.json (#9374 )	2024-03-19 02:18:58 +05:30
cves.json	Auto Generated cves.json [Wed Mar 20 08:14:48 UTC 2024] 🤖	2024-03-20 08:14:48 +00:00
cves.json-checksum.txt	Auto Generated cves.json [Wed Mar 20 08:14:48 UTC 2024] 🤖	2024-03-20 08:14:48 +00:00
templates-checksum.txt	Auto Generated Templates Checksum [Tue Mar 26 08:07:09 UTC 2024] 🤖	2024-03-26 08:07:10 +00:00
wappalyzer-mapping.yml	Added additional tags mapping file (#4108 )	2022-04-11 18:46:37 +05:30

README.md

Nuclei Templates

Community curated list of templates for the nuclei engine to find security vulnerabilities in applications.

Documentation • Contributions • Discussion • Community • FAQs • Join Discord

Templates are the core of the nuclei scanner which powers the actual scanning engine. This repository stores and houses various templates for the scanner provided by our team, as well as contributed by the community. We hope that you also contribute by sending templates via pull requests or Github issues to grow the list.

Nuclei Templates overview

An overview of the nuclei template project, including statistics on unique tags, author, directory, severity, and type of templates. The table below contains the top ten statistics for each matrix; an expanded version of this is available here, and also available in JSON format for integration.

Nuclei Templates Top 10 statistics

TAG	COUNT	AUTHOR	COUNT	DIRECTORY	COUNT	SEVERITY	COUNT	TYPE	COUNT
cve	2396	dhiyaneshdk	1233	http	7267	info	3605	file	337
panel	1105	daffainfo	864	file	337	high	1601	dns	24
wordpress	958	dwisiswant0	802	workflows	191	medium	1463
exposure	894	pikpikcu	353	network	133	critical	967
xss	893	pussycat0x	328	code	80	low	257
wp-plugin	833	ritikchaddha	313	javascript	42	unknown	35
osint	799	pdteam	285	ssl	28
tech	667	ricardomaia	232	dns	21
lfi	640	geeknik	227	headless	11
edb	598	theamanrawat	221	cloud	9

594 directories, 8406 files.

📖 Documentation

Please navigate to https://nuclei.projectdiscovery.io for detailed documentation to build new or your own custom templates. We have also added a set of templates to help you understand how things work.

💪 Contributions

Nuclei-templates is powered by major contributions from the community. Template contributions , Feature Requests and Bug Reports are more than welcome.

💬 Discussion

Have questions / doubts / ideas to discuss? Feel free to open a discussion on Github discussions board.

👨‍💻 Community

You are welcome to join the active Discord Community to discuss directly with project maintainers and share things with others around security and automation. Additionally, you may follow us on Twitter to be updated on all the things about Nuclei.

Thanks again for your contribution and keeping this community vibrant. ❤️