On this page
Nuclei is a powerful, community-driven vulnerability scanning tool that simplifies vulnerability scanning for impactful findings. It allows security practitioners and developers to quickly identify vulnerabilities across different platforms and technologies. Please read our blog on how one could potentially scale nuclei and some more use cases.
Before using Nuclei, ensure you have downloaded and installed it. You can find the installation instructions and source code in the Nuclei GitHub repository.
Nuclei is used via the command line and works with templates that define specific security checks. To scan a target, use a command like:
This command checks the target
https://example.com against all the CVE (Common Vulnerabilities and Exposures) templates in Nuclei’s template directory.
Nuclei presents its findings in a straightforward format, detailing the vulnerability type, the matched template, and the affected URL:
One of the strengths of Nuclei is its customizable template system, allowing users to define or modify checks for a wide range of scenarios.
Creating a custom template involves defining the request and the condition for a match. For example, a basic template to check for a version in a webpage could be:
This template checks if “Version 1.0.0” is present in the response body of the specified path.
If the condition is met, Nuclei will report the match:
Nuclei stands out as a versatile and efficient tool for vulnerability scanning. Its template-driven approach provides flexibility, allowing both rapid scanning with community templates and tailored checks with custom templates.