Community curated list of templates for the nuclei engine to find security vulnerabilities.
Go to file
Borna Nematzadeh adc0964e3a
Add revealjs-postmessage-xss.yaml (CVE-2022-0776) (#4490)
* Add revealjs-postmessage-xss.yaml

* Update revealjs-postmessage-xss.yaml

* template id + matcher update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-05-29 16:09:24 +05:30
.github workflow updates 2022-03-23 20:55:35 +05:30
cnvd Dashboard Content Enhancements (#4426) 2022-05-18 16:58:07 -04:00
cves Add revealjs-postmessage-xss.yaml (CVE-2022-0776) (#4490) 2022-05-29 16:09:24 +05:30
default-logins Update octobercms-default-login.yaml 2022-05-17 11:49:23 +05:30
dns type typo update 2022-05-23 15:00:21 +05:30
exposed-panels Update drawio-flowchartmaker-panel.yaml 2022-05-28 22:47:38 +05:30
exposures Dashboard Content Enhancements (#4456) 2022-05-20 17:38:52 -04:00
file Dashboard Content Enhancements (#4456) 2022-05-20 17:38:52 -04:00
fuzzing Dashboard Content Enhancements (#4456) 2022-05-20 17:38:52 -04:00
headless Wrapping the JS code with a function (#4438) 2022-05-18 23:25:25 +05:30
helpers Merge branch 'master' into master 2022-05-23 13:30:04 +05:30
iot Dashboard Content Enhancements (#4456) 2022-05-20 17:38:52 -04:00
miscellaneous Iterate endpoints from robots.txt (#471) 2022-05-20 15:13:00 +05:30
misconfiguration Fix IIS Internal IP Disclosure (#4479) 2022-05-26 00:50:38 +05:30
network Dashboard Content Enhancements (#4475) 2022-05-23 17:29:29 -04:00
ssl Dashboard Content Enhancements (#4456) 2022-05-20 17:38:52 -04:00
takeovers refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
technologies Extract available endpoints from springboot-actuator (#4497) 2022-05-29 13:36:51 +05:30
token-spray Merge pull request #4486 from geeknik/patch-55 2022-05-27 10:13:49 +05:30
vulnerabilities Update digitalrebar-traversal.yaml 2022-05-28 22:59:19 +05:30
workflows Dashboard Content Enhancements (#4426) 2022-05-18 16:58:07 -04:00
.gitignore Merge branch 'master' into dynamic_attributes 2021-08-19 16:23:26 +03:00
.new-additions Auto Generated New Template Addition List [Sun May 29 07:59:47 UTC 2022] 🤖 2022-05-29 07:59:47 +00:00
.nuclei-ignore Update .nuclei-ignore 2022-03-25 23:58:22 +05:30
.pre-commit-config.yml pre-commit-config update 2021-09-11 12:16:55 +05:30
.yamllint pre-commit-config update 2021-09-11 12:16:55 +05:30
CODE_OF_CONDUCT.md Create CODE_OF_CONDUCT.md 2021-01-27 23:10:18 +05:30
CONTRIBUTING.md Remove: 2022-01-25 14:38:53 -05:00
LICENSE.md misc changes 2021-01-30 12:15:43 +05:30
PULL_REQUEST_TEMPLATE.md Fixes contribute link in PR template (#4152) 2022-04-15 13:30:01 +05:30
README.md Auto README Update [Sat May 28 17:27:28 UTC 2022] 🤖 2022-05-28 17:27:28 +00:00
TEMPLATES-STATS.json Auto Generated Templates Stats [Sat May 28 17:27:05 UTC 2022] 🤖 2022-05-28 17:27:05 +00:00
TEMPLATES-STATS.md Auto Generated Templates Stats [Sat May 28 17:27:05 UTC 2022] 🤖 2022-05-28 17:27:05 +00:00
TOP-10.md Auto Generated Templates Stats [Sat May 28 17:27:05 UTC 2022] 🤖 2022-05-28 17:27:05 +00:00
contributors.json Ivanti EPM CSA Code Injection(CVE-2021-44529) (#3937) 2022-03-20 13:14:37 +05:30
wappalyzer-mapping.yml Added additional tags mapping file (#4108) 2022-04-11 18:46:37 +05:30

README.md

Nuclei Templates

Community curated list of templates for the nuclei engine to find security vulnerabilities in applications.

DocumentationContributionsDiscussionCommunityFAQsJoin Discord


Templates are the core of the nuclei scanner which powers the actual scanning engine. This repository stores and houses various templates for the scanner provided by our team, as well as contributed by the community. We hope that you also contribute by sending templates via pull requests or Github issues to grow the list.

Nuclei Templates overview

An overview of the nuclei template project, including statistics on unique tags, author, directory, severity, and type of templates. The table below contains the top ten statistics for each matrix; an expanded version of this is available here, and also available in JSON format for integration.

Nuclei Templates Top 10 statistics

TAG COUNT AUTHOR COUNT DIRECTORY COUNT SEVERITY COUNT TYPE COUNT
cve 1185 daffainfo 565 cves 1190 info 1217 http 3254
panel 522 dhiyaneshdk 424 exposed-panels 531 high 892 file 68
lfi 466 pikpikcu 316 vulnerabilities 457 medium 678 network 50
xss 378 pdteam 266 technologies 257 critical 420 dns 17
wordpress 374 geeknik 181 exposures 205 low 186
rce 302 dwisiswant0 168 misconfiguration 200 unknown 6
exposure 298 princechaddha 138 workflows 187
cve2021 291 0x_akoko 138 token-spray 169
wp-plugin 273 gy741 122 default-logins 96
tech 273 pussycat0x 116 file 68

264 directories, 3612 files.

📖 Documentation

Please navigate to https://nuclei.projectdiscovery.io for detailed documentation to build new or your own custom templates. We have also added a set of templates to help you understand how things work.

💪 Contributions

Nuclei-templates is powered by major contributions from the community. Template contributions , Feature Requests and Bug Reports are more than welcome.

Alt

💬 Discussion

Have questions / doubts / ideas to discuss? Feel free to open a discussion on Github discussions board.

👨‍💻 Community

You are welcome to join the active Discord Community to discuss directly with project maintainers and share things with others around security and automation. Additionally, you may follow us on Twitter to be updated on all the things about Nuclei.

Thanks again for your contribution and keeping this community vibrant. ❤️