daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/profiles/compliance.yml

57 lines
2.3 KiB
YAML
Raw Blame History

# Nuclei Configuration Profile for Compliance Detection
#
# This configuration file is specifically tailored for detecting compliance-related issues using Nuclei.
#
# Purpose:
# This profile is focused on identifying a wide range of security issues to ensure compliance with various security standards and best practices. It includes templates for detecting misconfigurations, vulnerabilities, exposures, and other security risks.
#
# Included Templates:
# This configuration references specific templates tagged with various security-related tags to cover comprehensive compliance scanning:
# - misconfig: Templates for detecting misconfigurations.
# - cve: Templates for detecting Common Vulnerabilities and Exposures.
# - exposure: Templates for detecting sensitive information exposures.
# - default-login: Templates for detecting default login credentials.
# - xss: Templates for detecting Cross-Site Scripting vulnerabilities.
# - lfi: Templates for detecting Local File Inclusion vulnerabilities.
# - edb: Templates for vulnerabilities listed in the Exploit Database.
# - rce: Templates for detecting Remote Code Execution vulnerabilities.
# - sqli: Templates for detecting SQL Injection vulnerabilities.
# - unauth: Templates for detecting unauthorized access vulnerabilities.
# - ssrf: Templates for detecting Server-Side Request Forgery vulnerabilities.
# - redirect: Templates for detecting open redirection vulnerabilities.
# - disclosure: Templates for detecting sensitive information disclosure.
# - takeover: Templates for detecting subdomain takeover vulnerabilities.
# - traversal: Templates for detecting directory traversal vulnerabilities.
# - generic: Templates for detecting generic security issues.
# - deserialization: Templates for detecting deserialization vulnerabilities.
# - ssl: Templates for detecting SSL/TLS related issues.
# - keys: Templates for detecting exposed keys.
# - token: Templates for detecting exposed tokens.
#
# Running this profile
# You can run this profile using the following command:
# nuclei -profile compliance -u https://example.com
tags:
- misconfig
- cve
- exposure
- default-login
- xss
- lfi
- edb
- rce
- sqli
- unauth
- default-login
- ssrf
- redirect
- disclosure
- takeover
- traversal
- generic
- deserialization
- ssl
- keys
- token
Reference in New Issue View Git Blame Copy Permalink