Community curated list of templates for the nuclei engine to find security vulnerabilities.

Go to file

Adam Crosser aa47b1d97b Added 23 Nuclei Templates (#3909 ) * Added 23 Nuclei Templates * Update cofense-vision-detection.yml * Update sophos-mobile-panel-detection.yml * Update cofense-vision-detection.yml * Update httpbin-open-redirect.yml * Update httpbin-xss.yml * Update ansible-semaphore-panel.yml * Rename ansible-semaphore-panel.yml to ansible-semaphore-panel.yaml * Update and rename avatier_password_management.yml to avatier-password-management.yaml * Update and rename buddy-panel.yml to buddy-panel.yaml * Update and rename buildbot-panel.yml to buildbot-panel.yaml * Update and rename cofense-vision-detection.yml to cofense-vision-panel.yaml * Update and rename concourse-ci-panel.yml to concourse-ci-panel.yaml * Update and rename drone-ci-panel.yml to drone-ci-panel.yaml * Update and rename flowci-detection.yml to flowci-panel.yaml * Update and rename gradle-enterprise-build-cache-detect.yml to gradle-cache-node-detect.yaml * Update and rename exposed-panels/gradle-cache-node-detect.yaml to exposed-panels/gradle/gradle-cache-node-detect.yaml * Update and rename exposed-panels/gradle-enterprise-panel.yml to exposed-panels/gradle/gradle-enterprise-panel.yaml * Update and rename httpbin-detection.yml to httpbin-panel.yaml * Update and rename leostream-detection.yml to leostream-panel.yaml * Delete redash-detection.yml * Update and rename sophos-mobile-panel-detection.yml to sophos-mobile-panel.yaml * Update and rename splunk-enterprise-login-panel.yml to splunk-enterprise-panel.yaml * Update splunk-enterprise-panel.yaml * Update and rename stridercd-detection.yml to stridercd-panel.yaml * Update and rename zuul-panel.yml to zuul-panel.yaml * Update and rename zentral-detection.yml to zentral-panel.yaml * Update and rename api-fastly.yml to api-fastly.yaml * Update and rename api-gitlab.yml to api-gitlab.yaml * Update and rename httpbin-xss.yml to httpbin-xss.yaml * Update and rename httpbin-open-redirect.yml to httpbin-open-redirect.yaml * Update and rename log4j-code42-rce.yml to code42-log4j-rce.yaml * minor matcher fixes * added missing hostname variable * meta data update Co-authored-by: Prince Chaddha <prince@projectdiscovery.io> Co-authored-by: sandeep <sandeep@projectdiscovery.io>		2022-03-16 18:47:58 +05:30
.github	CVE Annotation workflow improvements	2022-03-06 14:31:18 +05:30
cnvd	template name updates	2022-03-04 22:12:30 +05:30
cves	limit the matcher / extractor scope to location header	2022-03-15 11:46:47 +05:30
default-logins	more matchers	2022-03-15 01:19:48 +05:30
dns	Dashboard Text Enhancements (#3901 )	2022-03-14 09:44:54 -04:00
exposed-panels	Added 23 Nuclei Templates (#3909 )	2022-03-16 18:47:58 +05:30
exposures	severity update for token templates	2022-03-14 18:51:04 +05:30
file	severity update for token templates	2022-03-14 18:51:04 +05:30
fuzzing	Dashboard Text Enhancement (#3798 )	2022-02-28 09:09:26 -05:00
headless	Updated all templates tags with technologies (#3478 )	2022-01-05 01:04:16 +05:30
helpers	Added wordpress-xmlrpc-brute-force.yaml (#3445 )	2021-12-29 22:04:23 +05:30
iot	Created OctoPrint 3d Printer template (#3910 )	2022-03-16 13:12:50 +05:30
miscellaneous	Added netflix-conductor template	2022-02-25 16:45:17 +05:30
misconfiguration	Merge pull request #3866 from dolevf/master	2022-03-15 19:13:28 +05:30
network	Dashboard Text Enhancement (#3798 )	2022-02-28 09:09:26 -05:00
ssl	Detect hosts using deprecated versions of SSL/TLS. (#3680 )	2022-02-09 12:08:17 +05:30
takeovers	path update	2022-03-11 22:34:40 +05:30
technologies	Update smartstore-detect.yaml	2022-03-16 01:23:37 +05:30
token-spray	Added 23 Nuclei Templates (#3909 )	2022-03-16 18:47:58 +05:30
vulnerabilities	Added 23 Nuclei Templates (#3909 )	2022-03-16 18:47:58 +05:30
workflows	Dashboard Text Enhancement (#3798 )	2022-02-28 09:09:26 -05:00
.gitignore	Merge branch 'master' into dynamic_attributes	2021-08-19 16:23:26 +03:00
.new-additions	Auto Generated New Template Addition List [Wed Mar 16 07:43:05 UTC 2022] 🤖	2022-03-16 07:43:05 +00:00
.nuclei-ignore	temporally ignored template	2022-03-02 17:31:20 +05:30
.pre-commit-config.yml	pre-commit-config update	2021-09-11 12:16:55 +05:30
.yamllint	pre-commit-config update	2021-09-11 12:16:55 +05:30
CODE_OF_CONDUCT.md	Create CODE_OF_CONDUCT.md	2021-01-27 23:10:18 +05:30
CONTRIBUTING.md	Remove:	2022-01-25 14:38:53 -05:00
LICENSE.md	misc changes	2021-01-30 12:15:43 +05:30
PULL_REQUEST_TEMPLATE.md	typos	2021-07-10 22:06:59 +05:30
README.md	Auto README Update [Mon Mar 14 20:38:00 UTC 2022] 🤖	2022-03-14 20:38:00 +00:00
TEMPLATES-STATS.json	Auto Generated Templates Stats [Mon Mar 14 20:37:35 UTC 2022] 🤖	2022-03-14 20:37:35 +00:00
TEMPLATES-STATS.md	Auto Generated Templates Stats [Mon Mar 14 20:37:35 UTC 2022] 🤖	2022-03-14 20:37:35 +00:00
TOP-10.md	Auto Generated Templates Stats [Mon Mar 14 20:37:35 UTC 2022] 🤖	2022-03-14 20:37:35 +00:00
contributors.json	Updated own value in contributors.json	2022-01-21 15:54:34 +02:00

README.md

Nuclei Templates

Community curated list of templates for the nuclei engine to find security vulnerabilities in applications.

Documentation • Contributions • Discussion • Community • FAQs • Join Discord

Templates are the core of the nuclei scanner which powers the actual scanning engine. This repository stores and houses various templates for the scanner provided by our team, as well as contributed by the community. We hope that you also contribute by sending templates via pull requests or Github issues to grow the list.

Nuclei Templates overview

An overview of the nuclei template project, including statistics on unique tags, author, directory, severity, and type of templates. The table below contains the top ten statistics for each matrix; an expanded version of this is available here, and also available in JSON format for integration.

Nuclei Templates Top 10 statistics

TAG	COUNT	AUTHOR	COUNT	DIRECTORY	COUNT	SEVERITY	COUNT	TYPE	COUNT
cve	1056	daffainfo	544	cves	1061	info	1067	http	2905
panel	446	dhiyaneshdk	406	exposed-panels	447	high	789	file	57
lfi	430	pikpikcu	313	vulnerabilities	421	medium	622	network	49
xss	335	pdteam	257	technologies	227	critical	384	dns	17
wordpress	329	geeknik	174	exposures	199	low	169
exposure	282	dwisiswant0	163	misconfiguration	188	unknown	6
rce	268	0x_akoko	114	workflows	185
cve2021	251	gy741	109	token-spray	147
tech	238	princechaddha	109	default-logins	77
wp-plugin	235	pussycat0x	104	takeovers	67

225 directories, 3247 files.

📖 Documentation

Please navigate to https://nuclei.projectdiscovery.io for detailed documentation to build new or your own custom templates. We have also added a set of templates to help you understand how things work.

💪 Contributions

Nuclei-templates is powered by major contributions from the community. Template contributions , Feature Requests and Bug Reports are more than welcome.

💬 Discussion

Have questions / doubts / ideas to discuss? Feel free to open a discussion on Github discussions board.

👨‍💻 Community

You are welcome to join the active Discord Community to discuss directly with project maintainers and share things with others around security and automation. Additionally, you may follow us on Twitter to be updated on all the things about Nuclei.

Thanks again for your contribution and keeping this community vibrant. ❤️