🔝 How to use Nuclei for vulnerability scanning

Penetration Testing Wiki

🔝 How to use Nuclei for vulnerability scanning

Nuclei is a tool developed by Project Discovery team, as they say it is a Fast and customizable vulnerability scanner based on simple YAML based DSL.

It is similar to Nmap NSE script engine but much more easy to develop as only uses YAML files.

First of all, in order to install nuclei you need to download the nuclei executable or compile from the original sources: https://github.com/projectdiscovery/nuclei

Once ready, this is some quick list of commands to execute:

Update database:

nuclei -ut

Search for sensitive API disclosures:

nuclei -u $URL -t exposures/apis/

Look all plugins under exposures:

ls ~/nuclei-templates/exposures

Scan for WordPress vulnerabilities:

nuclei -u $URL -t vulnerabilities/wordpress/

How useful was this post?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.