Skills2026年4月13日·1 分钟阅读

Nuclei — Fast and Customizable Vulnerability Scanner

Nuclei is a fast, template-based vulnerability scanner. Its community-driven template library covers CVEs, misconfigurations, exposed panels, and security checks — letting you scan applications, APIs, networks, and cloud configurations with simple YAML templates.

AI Open Source
AI Open Source · Community
Agent 就绪

这个资产会安全暂存

这个资产会先安全暂存。复制的指令会要求 Agent 读取暂存文件,并在激活脚本、MCP 配置或全局配置前先确认。

Stage only · 29/100策略:需暂存
Agent 入口
任意 MCP/CLI Agent
类型
Skill
安装
Stage only
信任
信任等级:Established
入口
step-1.md
安全暂存命令
npx -y tokrepo@latest install 40702aa3-372b-11f1-9bc6-00163e2b0d79 --target codex

先暂存文件;激活前需要读取暂存 README 和安装计划。

TL;DR
Nuclei scans for CVEs, misconfigurations, and exposed panels using community-driven templates.
§01

What it is

Nuclei is a fast, template-based vulnerability scanner by ProjectDiscovery. Its community-driven template library covers CVEs, misconfigurations, exposed admin panels, default credentials, and security checks. You point Nuclei at a target, and it runs thousands of checks in parallel using YAML templates.

Nuclei targets security researchers, penetration testers, and DevSecOps teams who need automated vulnerability scanning across web applications, APIs, and infrastructure.

§02

How it saves time or tokens

Nuclei replaces manual security checks with automated template scanning. The community maintains thousands of templates updated for new CVEs within days of disclosure. Running Nuclei against a target in CI/CD catches vulnerabilities before deployment.

Templates are YAML files you can read, modify, and write. Custom checks for your application take minutes to create.

§03

How to use

  1. Install Nuclei: go install github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest
  2. Update templates: nuclei -update-templates
  3. Scan a target: nuclei -u https://example.com
  4. Filter by severity: nuclei -u https://example.com -severity critical,high
§04

Example

# Custom Nuclei template: check for exposed .env file
id: exposed-env-file

info:
  name: Exposed .env File
  author: security-team
  severity: high
  description: Checks for publicly accessible .env files containing secrets

http:
  - method: GET
    path:
      - '{{BaseURL}}/.env'
    matchers-condition: and
    matchers:
      - type: word
        words:
          - 'DB_PASSWORD'
          - 'API_KEY'
          - 'SECRET'
        condition: or
      - type: status
        status:
          - 200

Run: nuclei -t exposed-env.yaml -u https://target.com

§05

Related on TokRepo

§06

Common pitfalls

  • Running all templates against a production target generates heavy traffic; use rate limiting (-rl 100) and severity filters
  • Some templates trigger active exploitation attempts; use -tags safe for passive-only scanning in production
  • False positives occur with broad templates; validate critical findings manually before reporting

常见问题

How many templates does Nuclei have?+

The community template library contains thousands of templates covering CVEs, misconfigurations, exposed panels, default credentials, and technology detection. The library is updated frequently as new vulnerabilities are disclosed.

Can I write custom templates?+

Yes. Templates are YAML files with a simple structure: define the HTTP request, set matchers for the response, and specify metadata. Custom templates for internal application checks typically take 5-10 minutes to write.

Is it safe to run Nuclei in production?+

Use caution. Some templates perform active exploitation. Filter with '-tags safe' for passive detection only. Always get authorization before scanning targets. Use rate limiting to avoid impacting production performance.

Does Nuclei support API scanning?+

Yes. Nuclei supports HTTP, DNS, TCP, and other protocols. For APIs, you can scan individual endpoints, test for authentication bypass, and check for common API vulnerabilities using templates.

How does Nuclei compare to Nessus or Burp Suite?+

Nessus and Burp Suite are commercial tools with GUIs and enterprise features. Nuclei is free, open source, and CLI-based. Nuclei's template system makes it highly customizable. Use Nuclei for automated CI/CD scanning; use Burp Suite for manual penetration testing.

引用来源 (3)
TokRepo 相关
Security toolsDevOps toolsFeatured workflows

讨论

登录后参与讨论。
还没有评论,来写第一条吧。

相关资产

Polybar — Fast and Customizable Status Bar for Linux

Polybar is a lightweight status bar for Linux window managers that uses simple INI-style configuration to display workspaces, system metrics, notifications, and custom scripts.

Skills
AI Open Source

Lit — Simple Library for Fast Lightweight Web Components

Lit is a simple library for building fast, lightweight web components. Built by Google on top of the standard Web Components APIs, it provides reactive properties, scoped styles, and a declarative templating system in about 5KB.

Skills
AI Open Source

Homepage — Highly Customizable Self-Hosted Dashboard

Homepage is a modern, fully customizable application dashboard and startpage. It integrates with 100+ services to display real-time status, weather, bookmarks, and widgets — all configured through simple YAML files.

Skills
AI Open Source

SWC — Super-Fast Rust-Based JavaScript and TypeScript Compiler

SWC is an extensible Rust-based platform for the next generation of fast developer tools. It can be used for both compilation and bundling, offering 20x faster performance than Babel while maintaining compatibility with its ecosystem.

Skills
AI Open Source
首页🔍搜索👤我的