nuclei-templates/profiles/recommended.yml

94 lines
2.0 KiB
YAML

# Nuclei Configuration Profile for Recommended Detection
#
# This configuration file is specifically tailored for performing recommended scans using Nuclei.
#
# Purpose:
# This profile is focused on identifying a wide range of security vulnerabilities across various protocols and services. It includes templates with different severity levels and excludes certain tags and template IDs to provide a balanced and focused detection approach.
#
# Running this profile
# You can run this profile using the following command:
# nuclei -profile recommended -u https://example.com
severity:
- critical
- high
- medium
- low
- unknown
type:
- http
- tcp
- javascript
exclude-tags:
- tech
- dos
- fuzz
- creds-stuffing
- token-spray
- osint
exclude-id:
- CVE-2021-45967
- CVE-2021-36380
- CVE-2021-33544
- CVE-2021-32305
- CVE-2021-31755
- CVE-2021-28164
- CVE-2021-27931
- CVE-2021-26855
- CVE-2021-25052
- CVE-2021-1498
- CVE-2020-7796
- CVE-2020-5775
- CVE-2020-35713
- CVE-2020-26919
- CVE-2020-25223
- CVE-2020-24148
- CVE-2020-10770
- CVE-2019-9978
- CVE-2019-8451
- CVE-2019-3929
- CVE-2019-2767
- CVE-2019-2616
- CVE-2019-20224
- CVE-2019-19824
- CVE-2019-10758
- CVE-2018-16167
- CVE-2018-15517
- CVE-2018-1000600
- CVE-2017-9506
- CVE-2017-3506
- CVE-2017-18638
- CVE-2016-1555
- CVE-2015-8813
- CVE-2014-3206
- CVE-2009-4223
- CNVD-2021-09650
- generic-tokens
- credentials-disclosure
- targa-camera-ssrf
- cloudflare-external-image-resize
- linkerd-ssrf-detection
- ssrf-via-oauth-misconfig
- tls-sni-proxy
- xmlrpc-pingback-ssrf
- hashicorp-consul-rce
- mirai-unknown-rce
- optilink-ont1gew-gpon-rce
- sar2html-rce
- zimbra-preauth-ssrf
- wp-xmlrpc-pingback-detection
- fastjson-1-2-41-rce
- fastjson-1-2-42-rce
- fastjson-1-2-43-rce
- fastjson-1-2-62-rce
- fastjson-1-2-67-rce
- fastjson-1-2-68-rce
- request-based-interaction
- open-proxy-internal
- open-proxy-localhost
- open-proxy-portscan