External/nuclei
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei.git synced 2025-12-22 18:06:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update README.md

Browse Source
This commit is contained in:
sandeep 2021-07-08 21:03:02 +05:30
parent 4988ef76b5
commit 732cd46d4b
1 changed files with 79 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

146
README.md
View File

@ -45,22 +45,20 @@ We have a [dedicated repository](https://github.com/projectdiscovery/nuclei-temp
# Install Nuclei # Install Nuclei
```sh ```sh
GO111MODULE=on go get -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei GO111MODULE=on go get -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei
``` ```
**More installation [methods can be found here](https://nuclei.projectdiscovery.io/nuclei/get-started.html).** **More installation [methods can be found here](https://nuclei.projectdiscovery.io/nuclei/get-started/).**
<table> <table>
<tr> <tr>
<td> <td>
### Download Templates ### Nuclei Templates
You can download and update the nuclei templates using <ins>*update-templates*</ins> flag of nuclei that downloads all the available **nuclei-templates** from [Github project](https://github.com/projectdiscovery/nuclei-templates), a community curated list of templates that are ready to use. Nuclei has had built-in support for automatic update/download templates since version [v2.4.0](https://github.com/projectdiscovery/nuclei/releases/tag/v2.4.0). [**Nuclei-Templates**](https://github.com/projectdiscovery/nuclei-templates) project provides a community-contributed list of ready-to-use templates that is constantly updated.
`▶ nuclei -update-templates` You may still use the `update-templates` flag to update the nuclei templates at any time; automatic updates happen every 24 hours. You can write your own checks for your individual workflow and needs following Nuclei's [templating guide](https://nuclei.projectdiscovery.io/templating-guide/).
Nuclei is designed to used with custom templates according to the target and workflow, you can write your own checks for your specific workflow and needs, please refer to nuclei [templating guide](https://nuclei.projectdiscovery.io/templating-guide/) to write your own custom templates.
</td> </td>
</tr> </tr>
@ -82,74 +80,88 @@ Usage:
nuclei [flags] nuclei [flags]
Flags: Flags:
-H, -header value Custom Header. -H, -header value Custom Header.
-biid, -burp-collaborator-biid string Burp Collaborator BIID -author value Templates to run based on author
-bs, -bulk-size int Maximum Number of hosts analyzed in parallel per template (default 25) -bs, -bulk-size int Maximum Number of hosts analyzed in parallel per template (default 25)
-c, -concurrency int Maximum Number of templates executed in parallel (default 10) -c, -concurrency int Maximum Number of templates executed in parallel (default 10)
-config string Nuclei configuration file -config string Nuclei configuration file
-debug Debugging request and responses -debug Debugging request and responses
-debug-req Debugging request -debug-req Debugging request
-debug-resp Debugging response -debug-resp Debugging response
-et, -exclude value Templates to exclude, supports single and multiple templates using directory. -et, -exclude value Templates to exclude, supports single and multiple templates using directory.
-etags, -exclude-tags value Exclude templates with the provided tags -etags, -exclude-tags value Exclude templates with the provided tags
-headless Enable headless browser based templates support -headless Enable headless browser based templates support
-impact, -severity value Templates to run based on severity, supports single and multiple severity. -impact, -severity value Templates to run based on severity
-irr, -include-rr Write requests/responses for matches in JSON output -irr, -include-rr Write requests/responses for matches in JSON output
-interactions-cache-size int Number of requests to keep in interactions cache (default 5000) -include-tags value Tags to force run even if they are in denylist
-interactions-cooldown-period int Extra time for interaction polling before exiting (default 5) -include-templates value Templates to force run even if they are in denylist
-interactions-eviction int Number of seconds to wait before evicting requests from cache (default 60) -interactions-cache-size int Number of requests to keep in interactions cache (default 5000)
-interactions-poll-duration int Number of seconds before each interaction poll request (default 5) -interactions-cooldown-period int Extra time for interaction polling before exiting (default 5)
-interactsh-url string Self Hosted Interactsh Server URL (default https://interact.sh) -interactions-eviction int Number of seconds to wait before evicting requests from cache (default 60)
-json Write json output to files -interactions-poll-duration int Number of seconds before each interaction poll request (default 5)
-l, -list string List of URLs to run templates on -interactsh-url string Self Hosted Interactsh Server URL (default https://interact.sh)
-me, -markdown-export string Directory to export results in markdown format -json Write json output to files
-metrics Expose nuclei metrics on a port -l, -list string List of URLs to run templates on
-metrics-port int Port to expose nuclei metrics on (default 9092) -me, -markdown-export string Directory to export results in markdown format
-nc, -no-color Disable colors in output -metrics Expose nuclei metrics on a port
-nt, -new-templates Only run newly added templates -metrics-port int Port to expose nuclei metrics on (default 9092)
-nm, -no-meta Don't display metadata for the matches -nc, -no-color Disable colors in output
-no-interactsh Do not use interactsh server for blind interaction polling -nt, -new-templates Only run newly added templates
-o, -output string File to write output to (optional) -nm, -no-meta Don't display metadata for the matches
-page-timeout int Seconds to wait for each page in headless (default 20) -no-interactsh Do not use interactsh server for blind interaction polling
-passive Enable Passive HTTP response processing mode -o, -output string File to write output to (optional)
-project Use a project folder to avoid sending same request multiple times -page-timeout int Seconds to wait for each page in headless (default 20)
-project-path string Use a user defined project folder, temporary folder is used if not specified but enabled -passive Enable Passive HTTP response processing mode
-proxy-socks-url string URL of the proxy socks server -project Use a project folder to avoid sending same request multiple times
-proxy-url string URL of the proxy server -project-path string Use a user defined project folder, temporary folder is used if not specified but enabled
-r, -resolvers string File containing resolver list for nuclei -proxy-socks-url string URL of the proxy socks server
-rl, -rate-limit int Maximum requests to send per second (default 150) -proxy-url string URL of the proxy server
-rc, -report-config string Nuclei Reporting Module configuration file -r, -resolvers string File containing resolver list for nuclei
-rdb, -report-db string Local Nuclei Reporting Database (Always use this to persistent report data) -rl, -rate-limit int Maximum requests to send per second (default 150)
-retries int Number of times to retry a failed request (default 1) -rc, -report-config string Nuclei Reporting Module configuration file
-se, -sarif-export string File to export results in sarif format -rdb, -report-db string Local Nuclei Reporting Database (Always use this to persistent report data)
-show-browser Show the browser on the screen -retries int Number of times to retry a failed request (default 1)
-si, -stats-interval int Number of seconds between each stats line (default 5) -se, -sarif-export string File to export results in sarif format
-silent Show only results in output -show-browser Show the browser on the screen
-spm, -stop-at-first-path Stop processing http requests at first match (this may break template/workflow logic) -si, -stats-interval int Number of seconds between each stats line (default 5)
-stats Display stats of the running scan -silent Show only results in output
-system-resolvers Use system dns resolving as error fallback -spm, -stop-at-first-path Stop processing http requests at first match (this may break template/workflow logic)
-t, -templates value Templates to run, supports single and multiple templates using directory. -stats Display stats of the running scan
-tags value Tags to execute templates for -stats-json Write stats output in JSON format
-u, -target string URL to scan with nuclei -system-resolvers Use system dns resolving as error fallback
-tv, -templates-version Shows the installed nuclei-templates version -t, -templates value Templates to run, supports single and multiple templates using directory.
-timeout int Time to wait in seconds before timeout (default 5) -tags value Tags to execute templates for
-tl List available templates -u, -target string URL to scan with nuclei
-trace-log string File to write sent requests trace log -tv, -templates-version Shows the installed nuclei-templates version
-ud, -update-directory string Directory storing nuclei-templates (default /Users/geekboy/nuclei-templates) -timeout int Time to wait in seconds before timeout (default 5)
-ut, -update-templates Download / updates nuclei community templates -tl List available templates
-v, -verbose Show verbose output -trace-log string File to write sent requests trace log
-version Show version of nuclei -ud, -update-directory string Directory storing nuclei-templates (default /Users/geekboy/nuclei-templates)
-w, -workflows value Workflows to run for nuclei -ut, -update-templates Download / updates nuclei community templates
-v, -verbose Show verbose output
-validate Validate the passed templates to nuclei
-version Show version of nuclei
-vv Display Extra Verbose Information
-w, -workflows value Workflows to run for nuclei
``` ```
</details> </details>
### Running Nuclei ### Running Nuclei
Scanning for CVEs on given list of URLs. Scanning target URLs with [community-curated](https://github.com/projectdiscovery/nuclei-templates) nuclei templates.
```sh ```sh
▶ nuclei -l target_urls.txt -t cves/ nuclei -list urls.txt
```
Example of `urls.txt`:
```yaml
https://redacted.com
https://test.redacted.com
http://example.com
http://app.example.com
``` ```
**More detailed examples of running nuclei can be found [here](https://nuclei.projectdiscovery.io/nuclei/get-started/#running-nuclei).** **More detailed examples of running nuclei can be found [here](https://nuclei.projectdiscovery.io/nuclei/get-started/#running-nuclei).**