nuclei
by projectdiscovery
Nuclei is a fast, customizable vulnerability scanner that uses simple YAML-based templates to detect and verify security issues across applications, networks, and cloud environments.
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
Primary Use Case
Nuclei is primarily used by security professionals and DevSecOps teams to automate vulnerability detection and regression testing in applications, APIs, networks, DNS, and cloud configurations. It enables users to create custom detection scenarios and integrate scanning into CI/CD pipelines for continuous security assurance.
- Simple YAML format for creating and customizing vulnerability templates
- Contributions from thousands of security professionals for trending vulnerabilities
- Reduces false positives by simulating real-world verification steps
- Ultra-fast parallel scanning and request clustering
- Supports multiple protocols including TCP, DNS, HTTP, SSL, WHOIS, JavaScript, and code
- Integrates with Jira, Splunk, GitHub, Elastic, and GitLab
- Designed for integration into CI/CD pipelines for automated security testing
Installation
- Install Go 1.22 or higher
- Run `go install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest` to install the CLI tool
- Verify installation by running `nuclei -version`
Usage
>_ nuclei -u https://example.comScan a single target URL for vulnerabilities using default templates
>_ nuclei -l targets.txtScan multiple targets listed in a file
>_ nuclei -t custom-template.yaml -u https://example.comScan a target using a custom YAML template
>_ nuclei -tags cves,exposed-panelsRun scans filtered by specific tags such as CVEs or exposed panels
>_ nuclei -json -o results.json -u https://example.comOutput scan results in JSON format to a file
- Integrate Nuclei into CI/CD pipelines to enable continuous vulnerability detection and regression testing.
- Leverage the customizable YAML templates to create organization-specific scanning scenarios for emerging threats.
- Combine Nuclei scans with SIEM tools like Splunk or Elastic for enriched alerting and faster incident detection.
- Use Nuclei’s fast parallel scanning capabilities to perform large-scale internet-wide reconnaissance efficiently.
- Employ Nuclei in purple team exercises to simulate attacker reconnaissance and test blue team detection capabilities.
Docs Take 2 Hours. AI Takes 10 Seconds.
Ask anything about nuclei. Installation? Config? Troubleshooting? Get answers trained on real docs and GitHub issues—not generic ChatGPT fluff.
3 free chats per tool • Instant responses • No credit card
Related Tools
trivy
aquasecurity/trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
lynis
CISOfy/lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
vuls
future-architect/vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
oss-fuzz
google/oss-fuzz
OSS-Fuzz - continuous fuzzing for open source software.
nuclei-templates
projectdiscovery/nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
grype
anchore/grype
A vulnerability scanner for container images and filesystems