Community curated list of templates for the nuclei engine to find security vulnerabilities.
Go to file
GwanYeong Kim c11328da0b Create CVE-2021-32030.yaml
The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 allows authentication bypass when processing remote input from an unauthenticated user, leading to unauthorized access to the administrator interface. This relates to handle_request in router/httpd/httpd.c and auth_check in web_hook.o. An attacker-supplied value of '\0' matches the device's default value of '\0' in some situations.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-16 20:13:22 +09:00
.github minor update 2021-08-10 01:17:08 +05:30
cnvd matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
cves Create CVE-2021-32030.yaml 2021-08-16 20:13:22 +09:00
default-logins Rename azkaban-web-client-defaulr-creds.yaml to azkaban-web-client-default-creds.yaml 2021-08-12 16:18:42 +05:30
dns Update can-i-take-over-dns.yaml 2021-08-11 17:21:09 +07:00
exposed-panels Merge pull request #2381 from r3dg33k/bazarr-login 2021-08-14 17:25:58 +05:30
exposures severity update 2021-08-14 17:28:23 +05:30
file Merge pull request #2327 from geeknik/patch-7 2021-08-06 21:08:04 +05:30
fuzzing Merge pull request #2197 from mesaglio/master 2021-08-07 23:15:29 +05:30
headless Add extract-urls (an headless) 2021-06-18 13:31:59 +07:00
helpers Added Prestashop module fuzz template 2021-07-26 18:10:23 +01:00
iot removed extra headers 2021-07-27 21:43:39 +05:30
miscellaneous ntlm-directories path/payload update 2021-08-14 05:12:43 +05:30
misconfiguration matcher + payload + regex updates 2021-08-09 21:58:28 +05:30
network Update detect-addpac-voip-gateway.yaml 2021-07-26 13:50:41 +05:30
takeovers vercel takeover update 2021-08-08 19:51:42 +05:30
technologies Create oneblog-detect.yaml 2021-08-12 18:48:48 +07:00
vulnerabilities Added woocommerce-pdf-invoice-listing 2021-08-16 15:37:07 +05:30
workflows Added azkaban workflow 2021-08-10 15:12:17 +05:30
.gitignore Update .gitignore 2020-07-29 13:21:06 +05:30
.nuclei-ignore minor update 2021-07-20 00:11:27 +05:30
.pre-commit-config.yaml Add pre-commit and yamllint configuration 2020-05-24 23:20:42 +02:00
.yamllint Update yamllint config to ignore non-templates 2021-03-11 23:23:05 +07:00
CODE_OF_CONDUCT.md Create CODE_OF_CONDUCT.md 2021-01-27 23:10:18 +05:30
CONTRIBUTING.md Update CONTRIBUTING.md 2021-08-02 20:44:27 +02:00
LICENSE.md misc changes 2021-01-30 12:15:43 +05:30
PULL_REQUEST_TEMPLATE.md typos 2021-07-10 22:06:59 +05:30
README.md Auto Update README [Thu Aug 12 19:27:30 UTC 2021] 🤖 2021-08-12 19:27:30 +00:00
TEMPLATES-STATS.json Auto Generated Templates Stats [Thu Aug 12 19:26:50 UTC 2021] 🤖 2021-08-12 19:26:50 +00:00
TEMPLATES-STATS.md Auto Generated Templates Stats [Thu Aug 12 19:26:50 UTC 2021] 🤖 2021-08-12 19:26:50 +00:00
TOP-10.md Auto Generated Templates Stats [Thu Aug 12 19:26:50 UTC 2021] 🤖 2021-08-12 19:26:50 +00:00

README.md

Nuclei Templates

Community curated list of templates for the nuclei engine to find security vulnerabilities in applications.

DocumentationContributionsDiscussionCommunityFAQsJoin Discord


Templates are the core of the nuclei scanner which powers the actual scanning engine. This repository stores and houses various templates for the scanner provided by our team, as well as contributed by the community. We hope that you also contribute by sending templates via pull requests or Github issues to grow the list.

Nuclei Templates overview

An overview of the nuclei template project, including statistics on unique tags, author, directory, severity, and type of templates. The table below contains the top ten statistics for each matrix; an expanded version of this is available here, and also available in JSON format for integration.

Nuclei Templates Top 10 statistics

TAG COUNT AUTHOR COUNT DIRECTORY COUNT SEVERITY COUNT TYPE COUNT
cve 590 dhiyaneshdk 239 cves 597 info 583 http 1720
panel 219 pikpikcu 237 vulnerabilities 265 high 465 file 46
xss 215 pdteam 194 exposed-panels 221 medium 387 network 35
wordpress 201 daffainfo 136 exposures 174 critical 226 dns 11
exposure 196 dwisiswant0 128 technologies 159 low 156
rce 187 geeknik 127 misconfiguration 124
lfi 176 gy741 68 takeovers 70
cve2020 155 madrobot 60 default-logins 51
wp-plugin 136 princechaddha 53 file 46
tech 101 gaurang 42 workflows 35

144 directories, 1870 files.

📖 Documentation

Please navigate to https://nuclei.projectdiscovery.io for detailed documentation to build new or your own custom templates. We have also added a set of templates to help you understand how things work.

💪 Contributions

Nuclei-templates is powered by major contributions from the community. Template contributions , Feature Requests and Bug Reports are more than welcome.

💬 Discussion

Have questions / doubts / ideas to discuss? Feel free to open a discussion on Github discussions board.

👨‍💻 Community

You are welcome to join our Discord Community. You can also follow us on Twitter to keep up with everything related to projectdiscovery.

💡 Notes

  • Use YAMLlint (e.g. yamllint to validate the syntax of templates before sending pull requests.

Thanks again for your contribution and keeping this community vibrant. ❤️