❎
wiki.hackerlab.cz
  • About me
  • Vulnerability Assessment
  • CLOUD PENTESTING
    • AWS
    • GCP
    • Microsoft Azure
    • Labs
  • REST API - Bypasses and Privilege Escalations
  • Python Virtual Environment (VENV)
  • OSINT & Information Gathering
  • Web Pentesting
    • JavaScript .maps
    • SSRF
    • LDAP Injection
    • Django ORM Exploitation
    • HTTP Request Smuggling
    • Server Side Template Injection (SSTI)
    • Insecure Deserialization
    • Brute force
    • Shell Fu - Oneliners
    • CORS
    • Special Chars & NULL Bytes
    • XSS
    • XXE
    • Nuclei
    • SQL Injection
    • Blind SQL Injection
    • SQLmap
    • NoSQL Injection
    • CRLF Injection
    • Input Validation - Fuzz1
    • HTTP Headers - X-Forwarded
    • Log4j
    • Enumeration with Wordlists
    • Bug Bounty - Web Recon
    • HTTP Proxy Override
    • CSV Injection
    • Windows Forbidden File Names
    • Path Traversal
    • OS Command Injection
    • Open Redirect
    • JWT Tool
    • Burp Extensions - TokenJAR & ATOR
    • Upload RCE
    • GUID and UUIDs
  • Toolset
    • Git - Repo and Tools
    • Docker for Pentesters
  • Infrastructure Pentesting
    • Active Directory (AD)
      • Vulnerable Machines (labs)
      • Pass the hash
      • Azure Active Directory
      • Password Cracking
      • Domain Enumeration
      • LLMNR Poisoning with Responder
      • HTB Forest
      • LDAP
      • WinRM
      • SMB & RPC Enumeration
      • SMB Relay
      • Impacket
      • Bloodhound
      • OWA Exchange Server 2019
      • Active Directory Web Services (ADWS)
      • Active Directory Attacks
    • Mail Server Attacks
    • NFS Enumeration
    • Windows PostExploitation
      • Windows Enumeration
      • Powershell Payloads
      • Add RDP Account & Ride on Meterpreter
    • Dump File Analysis
  • Other Pentest Projects
    • Security Projects
  • WIFI Pentesting
    • Kali Linux - Alpha card AWUS 1900 (VirtualBox)
    • Active Card & Monitor Mode
    • Aircrack-ng Suite
  • Certs
    • Burp Suite Certified Practitioner
  • Linux
    • Network Manager
  • Books
    • The Hacker Playbook 3
Powered by GitBook
On this page
  • Docs
  • Basic Parameters
  • Update Nuclei Engine
  • Update Nulcei templates (-ut) but this is done automatically!
  • Network Scan (-target)
  • Web URL scan (-u)
  • Automatic scan (-as) with HTTP proxy
  • Automatic scans with (-rate-limit) 4 requests per second against proxy 8088
  • Scan according severities (-s)
  • Templates (-t) and Tags (-tags)

Was this helpful?

  1. Web Pentesting

Nuclei

Nuclei automates the detection of vulnerabilities in IT systems (web apps, cloud infrastructure, networks, etc.).

PreviousXXENextSQL Injection

Last updated 16 days ago

Was this helpful?

Docs

Basic Parameters

-u URL
-t template directory
-as automatic scan
-s critical,high,medium (SEVERITY)

Markdown results
-me results/

Update Nuclei Engine

nuclei -update

Update Nulcei templates (-ut) but this is done automatically!

nuclei -ut

Network Scan (-target)

nuclei -target 192.168.1.0/24

Web URL scan (-u)

nuclei -u http://server

Automatic scan (-as) with HTTP proxy

nuclei -u http://server -as --proxy http://127.0.0.1:8080

Automatic scans with (-rate-limit) 4 requests per second against proxy 8088

nuclei -u http://server -as -rate-limit 4 --proxy http://127.0.0.1:8088

Scan according severities (-s)

nuclei -u http://server -s critical,high,medium

Templates (-t) and Tags (-tags)

nuclei -u http://server -t  http/exposures/ --proxy http://127.0.0.1:8080
nuclei -u http://server -tags cve --proxy http://127.0.0.1:8080
Nuclei Overview - ProjectDiscovery DocumentationProjectDiscovery Documentation
GitHub - projectdiscovery/nuclei-templates: Community curated list of templates for the nuclei engine to find security vulnerabilities.GitHub
Logo
Logo