diff --git a/README.md b/README.md
index b22d077d5..457fdd37a 100644
--- a/README.md
+++ b/README.md
@@ -133,6 +133,8 @@ TEMPLATES:
-nss, -no-strict-syntax disable strict syntax check on templates
-td, -template-display displays the templates content
-tl list all available templates
+ -sign signs the templates with the private key defined in NUCLEI_SIGNATURE_PRIVATE_KEY env variable
+ -code enable loading code protocol-based templates
FILTERING:
-a, -author string[] templates to run based on authors (comma-separated, file)
@@ -157,8 +159,9 @@ OUTPUT:
-silent display findings only
-nc, -no-color disable output content coloring (ANSI escape codes)
-j, -jsonl write output in JSONL(ines) format
- -irr, -include-rr include request/response pairs in the JSON, JSONL, and Markdown outputs (for findings only) [DEPRECATED use -omit-raw] (default true)
+ -irr, -include-rr -omit-raw include request/response pairs in the JSON, JSONL, and Markdown outputs (for findings only) [DEPRECATED use -omit-raw] (default true)
-or, -omit-raw omit request/response pairs in the JSON, JSONL, and Markdown outputs (for findings only)
+ -ot, -omit-template omit encoded template in the JSON, JSONL output
-nm, -no-meta disable printing result metadata in cli output
-ts, -timestamp enables printing timestamp in cli output
-rdb, -report-db string nuclei reporting database (always use this to persist report data)
diff --git a/README_CN.md b/README_CN.md
index 60817e274..05c0dff3e 100644
--- a/README_CN.md
+++ b/README_CN.md
@@ -100,17 +100,19 @@ Nuclei是一款注重于可配置性、可扩展性和易用性的基于模板
-iv, -ip-version string[] 要扫描的主机名的IP版本(4,6)-(默认为4)
模板:
- -nt, -new-templates 只扫描最新nuclei-templates版本中添加的模板
- -ntv, -new-templates-version string[] 运行在特定nuclei-templates版本中添加的新模板
- -as, -automatic-scan 在web扫描中使用wappalyzer技术检测的指纹找包含对应tags的模板
- -t, -templates string[] 指定需要扫描的模板文件或者模板目录(逗号分隔,文件)
- -tu, -template-url string[] 从URL加载模板(逗号分隔,文件)
- -w, -workflows string[] 指定需要扫描中的工作流文件或者工作流目录(逗号分隔,文件)
- -wu, -workflow-url string[] 从URL加载工作流(逗号分隔,文件)
- -validate 验证模板
- -nss, -no-strict-syntax 禁用对模板的严格语法检查
- -td, -template-display 显示模板内容
- -tl 列出所有可用的模板
+ -nt, -new-templates run only new templates added in latest nuclei-templates release
+ -ntv, -new-templates-version string[] run new templates added in specific version
+ -as, -automatic-scan automatic web scan using wappalyzer technology detection to tags mapping
+ -t, -templates string[] list of template or template directory to run (comma-separated, file)
+ -turl, -template-url string[] template url or list containing template urls to run (comma-separated, file)
+ -w, -workflows string[] list of workflow or workflow directory to run (comma-separated, file)
+ -wurl, -workflow-url string[] workflow url or list containing workflow urls to run (comma-separated, file)
+ -validate validate the passed templates to nuclei
+ -nss, -no-strict-syntax disable strict syntax check on templates
+ -td, -template-display displays the templates content
+ -tl list all available templates
+ -sign signs the templates with the private key defined in NUCLEI_SIGNATURE_PRIVATE_KEY env variable
+ -code enable loading code protocol-based templates
过滤:
-a, -author string[] 执行指定作者的模板(逗号分隔,文件)
diff --git a/README_ID.md b/README_ID.md
index 4c0a6c108..afde0f220 100644
--- a/README_ID.md
+++ b/README_ID.md
@@ -105,13 +105,15 @@ TEMPLATES:
-ntv, -new-templates-version string[] run new templates added in specific version
-as, -automatic-scan automatic web scan using wappalyzer technology detection to tags mapping
-t, -templates string[] list of template or template directory to run (comma-separated, file)
- -tu, -template-url string[] list of template urls to run (comma-separated, file)
+ -turl, -template-url string[] template url or list containing template urls to run (comma-separated, file)
-w, -workflows string[] list of workflow or workflow directory to run (comma-separated, file)
- -wu, -workflow-url string[] list of workflow urls to run (comma-separated, file)
+ -wurl, -workflow-url string[] workflow url or list containing workflow urls to run (comma-separated, file)
-validate validate the passed templates to nuclei
-nss, -no-strict-syntax disable strict syntax check on templates
-td, -template-display displays the templates content
-tl list all available templates
+ -sign signs the templates with the private key defined in NUCLEI_SIGNATURE_PRIVATE_KEY env variable
+ -code enable loading code protocol-based templates
FILTERING:
-a, -author string[] templates to run based on authors (comma-separated, file)
diff --git a/README_KR.md b/README_KR.md
index b91998349..d9ea529b5 100644
--- a/README_KR.md
+++ b/README_KR.md
@@ -98,15 +98,19 @@ TARGET:
-resume string resume.cfg를 사용한 스캔 재개(클러스터링이 비활성화됨)
TEMPLATES:
- -nt, -new-templates nuclei-templates에 가장 최근에 추가된 새 템플릿만 실행
- -as, -automatic-scan 태그 매핑에 대한 wappalyzer 기술 탐지를 사용한 자동 웹 스캔
- -t, -templates string[] 실행할 템플릿 또는 템플릿 디렉터리 목록(쉼표로 구분된 파일)
- -tu, -template-url string[] 실행할 템플릿 URL 목록(쉼표로 구분된 파일)
- -w, -workflows string[] 실행할 워크플로 또는 워크플로 디렉터리 목록(쉼표로 구분된 파일)
- -wu, -workflow-url string[] 실행할 워크플로 URL 목록(쉼표로 구분된 파일)
- -validate nuclei로 전달된 템플릿 검증
- -tl 사용 가능한 모든 템플릿 목록
- -td 템플릿 내용 표시
+ -nt, -new-templates run only new templates added in latest nuclei-templates release
+ -ntv, -new-templates-version string[] run new templates added in specific version
+ -as, -automatic-scan automatic web scan using wappalyzer technology detection to tags mapping
+ -t, -templates string[] list of template or template directory to run (comma-separated, file)
+ -turl, -template-url string[] template url or list containing template urls to run (comma-separated, file)
+ -w, -workflows string[] list of workflow or workflow directory to run (comma-separated, file)
+ -wurl, -workflow-url string[] workflow url or list containing workflow urls to run (comma-separated, file)
+ -validate validate the passed templates to nuclei
+ -nss, -no-strict-syntax disable strict syntax check on templates
+ -td, -template-display displays the templates content
+ -tl list all available templates
+ -sign signs the templates with the private key defined in NUCLEI_SIGNATURE_PRIVATE_KEY env variable
+ -code enable loading code protocol-based templates
FILTERING:
-a, -author string[] 작성자를 기준으로 실행할 템플릿(쉼표로 구분된 파일)
diff --git a/SYNTAX-REFERENCE.md b/SYNTAX-REFERENCE.md
index 5aa3f10a4..c55ea94ee 100755
--- a/SYNTAX-REFERENCE.md
+++ b/SYNTAX-REFERENCE.md
@@ -1390,12 +1390,12 @@ Valid values:
-cookie-reusebool
+disable-cookiebool
-CookieReuse is an optional setting that enables cookie reuse for
+DisableCookie is an optional setting that disables cookie reuse for
all requests defined in raw section.
-CookieReuse is an optional setting that enables cookie reuse
+DisableCookie is an optional setting that disables cookie reuse
diff --git a/cmd/integration-test/code.go b/cmd/integration-test/code.go
index ebe234aa8..320eadf2f 100644
--- a/cmd/integration-test/code.go
+++ b/cmd/integration-test/code.go
@@ -87,7 +87,7 @@ type codeSnippet struct{}
// Execute executes a test case and returns an error if occurred
func (h *codeSnippet) Execute(filePath string) error {
- results, err := testutils.RunNucleiArgsWithEnvAndGetResults(debug, getEnvValues(), "-t", filePath, "-u", "input")
+ results, err := testutils.RunNucleiArgsWithEnvAndGetResults(debug, getEnvValues(), "-t", filePath, "-u", "input", "-code")
if err != nil {
return err
}
@@ -98,7 +98,7 @@ type codeFile struct{}
// Execute executes a test case and returns an error if occurred
func (h *codeFile) Execute(filePath string) error {
- results, err := testutils.RunNucleiArgsWithEnvAndGetResults(debug, getEnvValues(), "-t", filePath, "-u", "input")
+ results, err := testutils.RunNucleiArgsWithEnvAndGetResults(debug, getEnvValues(), "-t", filePath, "-u", "input", "-code")
if err != nil {
return err
}
@@ -109,7 +109,7 @@ type codeEnvVar struct{}
// Execute executes a test case and returns an error if occurred
func (h *codeEnvVar) Execute(filePath string) error {
- results, err := testutils.RunNucleiArgsWithEnvAndGetResults(debug, getEnvValues(), "-t", filePath, "-u", "input", "-V", "baz=baz")
+ results, err := testutils.RunNucleiArgsWithEnvAndGetResults(debug, getEnvValues(), "-t", filePath, "-u", "input", "-V", "baz=baz", "-code")
if err != nil {
return err
}
@@ -120,7 +120,7 @@ type unsignedCode struct{}
// Execute executes a test case and returns an error if occurred
func (h *unsignedCode) Execute(filePath string) error {
- results, err := testutils.RunNucleiArgsWithEnvAndGetResults(debug, getEnvValues(), "-t", filePath, "-u", "input")
+ results, err := testutils.RunNucleiArgsWithEnvAndGetResults(debug, getEnvValues(), "-t", filePath, "-u", "input", "-code")
// should error out
if err != nil {
@@ -135,7 +135,7 @@ type codePyNoSig struct{}
// Execute executes a test case and returns an error if occurred
func (h *codePyNoSig) Execute(filePath string) error {
- results, err := testutils.RunNucleiArgsWithEnvAndGetResults(debug, getEnvValues(), "-t", filePath, "-u", "input")
+ results, err := testutils.RunNucleiArgsWithEnvAndGetResults(debug, getEnvValues(), "-t", filePath, "-u", "input", "-code")
// should error out
if err != nil {
diff --git a/cmd/integration-test/library.go b/cmd/integration-test/library.go
index b16744dd9..62d88759b 100644
--- a/cmd/integration-test/library.go
+++ b/cmd/integration-test/library.go
@@ -75,12 +75,6 @@ func executeNucleiAsLibrary(templatePath, templateURL string) ([]string, error)
}
defer reportingClient.Close()
- outputWriter := testutils.NewMockOutputWriter()
- var results []string
- outputWriter.WriteCallback = func(event *output.ResultEvent) {
- results = append(results, fmt.Sprintf("%v\n", event))
- }
-
defaultOpts := types.DefaultOptions()
_ = protocolstate.Init(defaultOpts)
_ = protocolinit.Init(defaultOpts)
@@ -88,6 +82,12 @@ func executeNucleiAsLibrary(templatePath, templateURL string) ([]string, error)
defaultOpts.Templates = goflags.StringSlice{templatePath}
defaultOpts.ExcludeTags = config.ReadIgnoreFile().Tags
+ outputWriter := testutils.NewMockOutputWriter(defaultOpts.OmitTemplate)
+ var results []string
+ outputWriter.WriteCallback = func(event *output.ResultEvent) {
+ results = append(results, fmt.Sprintf("%v\n", event))
+ }
+
interactOpts := interactsh.DefaultOptions(outputWriter, reportingClient, mockProgress)
interactClient, err := interactsh.New(interactOpts)
if err != nil {
diff --git a/cmd/nuclei/main.go b/cmd/nuclei/main.go
index 539a5047f..3f11416e5 100644
--- a/cmd/nuclei/main.go
+++ b/cmd/nuclei/main.go
@@ -12,6 +12,8 @@ import (
"strings"
"time"
+ _ "github.com/projectdiscovery/utils/pprof"
+
"github.com/projectdiscovery/goflags"
"github.com/projectdiscovery/gologger"
"github.com/projectdiscovery/gologger/levels"
@@ -194,6 +196,7 @@ on extensive configurability, massive extensibility and ease of use.`)
flagSet.BoolVar(&options.TemplateList, "tl", false, "list all available templates"),
flagSet.StringSliceVarConfigOnly(&options.RemoteTemplateDomainList, "remote-template-domain", []string{"templates.nuclei.sh"}, "allowed domain list to load remote templates from"),
flagSet.BoolVar(&options.SignTemplates, "sign", false, "signs the templates with the private key defined in NUCLEI_SIGNATURE_PRIVATE_KEY env variable"),
+ flagSet.BoolVar(&options.EnableCodeTemplates, "code", false, "enable loading code protocol-based templates"),
)
flagSet.CreateGroup("filters", "Filtering",
@@ -222,6 +225,7 @@ on extensive configurability, massive extensibility and ease of use.`)
flagSet.BoolVarP(&options.JSONL, "jsonl", "j", false, "write output in JSONL(ines) format"),
flagSet.BoolVarP(&options.JSONRequests, "include-rr", "irr", true, "include request/response pairs in the JSON, JSONL, and Markdown outputs (for findings only) [DEPRECATED use `-omit-raw`]"),
flagSet.BoolVarP(&options.OmitRawRequests, "omit-raw", "or", false, "omit request/response pairs in the JSON, JSONL, and Markdown outputs (for findings only)"),
+ flagSet.BoolVarP(&options.OmitTemplate, "omit-template", "ot", false, "omit encoded template in the JSON, JSONL output"),
flagSet.BoolVarP(&options.NoMeta, "no-meta", "nm", false, "disable printing result metadata in cli output"),
flagSet.BoolVarP(&options.Timestamp, "timestamp", "ts", false, "enables printing timestamp in cli output"),
flagSet.StringVarP(&options.ReportingDB, "report-db", "rdb", "", "nuclei reporting database (always use this to persist report data)"),
diff --git a/cmd/tmc/main.go b/cmd/tmc/main.go
index 2677e0562..4f65a8b76 100644
--- a/cmd/tmc/main.go
+++ b/cmd/tmc/main.go
@@ -68,6 +68,7 @@ func init() {
defaultOpts := types.DefaultOptions()
// need to set headless to true for headless templates
defaultOpts.Headless = true
+ defaultOpts.EnableCodeTemplates = true
if err := protocolstate.Init(defaultOpts); err != nil {
gologger.Fatal().Msgf("Could not initialize protocol state: %s\n", err)
}
diff --git a/docs/editor/ai.mdx b/docs/editor/ai.mdx
deleted file mode 100644
index 4824d138a..000000000
--- a/docs/editor/ai.mdx
+++ /dev/null
@@ -1,265 +0,0 @@
----
-
-title: 'AI Assistance'
-
----
-
-
-
-[Nuclei Template Editor](https://templates.nuclei.sh/) has AI to generate templates for vulnerability reports. This document helps to guide you through the process, offering you usage tips and examples.
-
-## Overview
-
-Powered by public Nuclei templates and a rich CVE data set, the AI understands a broad array of security vulnerabilities. First, the system interprets the user's prompt to identify a specific vulnerability. Then, it generates a template based on the steps required to reproduce the vulnerability along with all the necessary meta information to reproduce and remediate.
-
----
-
-## Initial Setup
-
-Kick start your AI Assistance experience with these steps:
-
-1. **Provide Detailed Information**: Construct comprehensive Proof of Concepts (PoCs) for vulnerabilities like Cross-Site Scripting (XSS), and others.
-2. **Understand the Template Format**: Get to grips with the format to appropriately handle and modify the generated template.
-3. **Validation and Linting**: Utilize the integrated linter to guarantee the template's validity.
-4. **Test the Template**: Evaluate the template against a test target ensuring its accuracy.
-
-
----
-
-## Best Practices
-
-* **Precision Matters**: Detailed prompts yield superior templates.
-* **Review and Validate**: Consistently check matchers' accuracy.
-* **Template Verification**: Validate the template on known vulnerable targets before deployment.
----
-
-## Example Prompts
-
-The following examples demonstrate different vulnerabilities and the corresponding Prompt.
-
-
-
-Open redirect vulnerability identified in a web application. Here's the PoC:
-
-HTTP Request:
-
-```
-GET /redirect?url=http://malicious.com HTTP/1.1
-Host: example.com
-User-Agent: Mozilla/5.0
-```
-HTTP Response:
-
-```
-HTTP/1.1 302 Found
-Location: http://malicious.com
-Content-Length: 0
-Server: Apache
-```
-The application redirects the user to the URL specified in the url parameter, leading to an open redirect vulnerability.
-
-
-
-
-
-SQL Injection vulnerability in a login form. Here's the PoC:
-
-HTTP Request:
-
-```
-POST /login HTTP/1.1
-Host: example.com
-User-Agent: Mozilla/5.0
-Content-Type: application/x-www-form-urlencoded
-
-username=admin&password=' OR '1'='1
-```
-
-HTTP Response:
-
-```
-HTTP/1.1 200 OK
-Content-Type: text/html
-Content-Length: 1337
-Server: Apache
-
-
-...
-
Welcome back, admin
-...
-
-```
-
-The application improperly handles user input in the password field, leading to an SQL Injection vulnerability.
-
-
-
-
-
-Business Logic vulnerability in a web application's shopping cart function allows for negative quantities, leading to credit. Here's the PoC:
-
-HTTP Request:
-
-```
-POST /add-to-cart HTTP/1.1
-Host: example.com
-User-Agent: Mozilla/5.0
-Content-Type: application/x-www-form-urlencoded
-
-product_id=1001&quantity=-1
-```
-
-HTTP Response:
-
-```
-HTTP/1.1 200 OK
-Content-Type: text/html
-Content-Length: 1337
-Server: Apache
-
-
-...
-
Product added to cart. Current balance: -$19.99
-...
-
-```
-
-The application fails to validate the quantity parameter, resulting in a Business Logic vulnerability.
-
-
-
-
-
-Server-side Template Injection (SSTI) vulnerability through a web application's custom greeting card function. Here's the PoC:
-
-```
-HTTP Request:
-
-POST /create-card HTTP/1.1
-Host: example.com
-User-Agent: Mozilla/5.0
-Content-Type: application/x-www-form-urlencoded
-
-message={{7*7}}
-```
-
-```
-HTTP Response:
-
-HTTP/1.1 200 OK
-Content-Type: text/html
-Content-Length: 1337
-Server: Apache
-
-
-...
-
Your card: 49
-...
-
-```
-
-The application processes the message parameter as a template, leading to an SSTI vulnerability.
-
-
-
-
-
-Insecure Direct Object Reference (IDOR) vulnerability discovered in a website's user profile page. Here's the PoC:
-
-```
-HTTP Request:
-
-GET /profile?id=2 HTTP/1.1
-Host: example.com
-User-Agent: Mozilla/5.0
-Cookie: session=abcd1234
-```
-
-```
-HTTP Response:
-
-HTTP/1.1 200 OK
-Content-Type: text/html
-Content-Length: 1337
-Server: Apache
-
-
-...
-
Welcome, otheruser
-...
-
-```
-
-The application exposes sensitive information of a user (ID: 2) who is not the authenticated user (session: abcd1234), leading to an IDOR vulnerability.
-
-
-
-
-
-Path Traversal vulnerability identified in a web application's file download function. Here's the PoC:
-
-```
-HTTP Request:
-
-GET /download?file=../../etc/passwd HTTP/1.1
-Host: example.com
-User-Agent: Mozilla/5.0
-```
-
-```
-HTTP Response:
-
-HTTP/1.1 200 OK
-Content-Type: text/plain
-Content-Length: 1827
-Server: Apache
-
-root:x:0:0:root:/root:/bin/bash
-```
-
-The application fetches the file specified in the file parameter from the server file system, leading to a Path Traversal vulnerability.
-
-
-
-
-
-Business logic vulnerability in a web application's VIP subscription function allows users to extend the trial period indefinitely. Here's the PoC:
-
-```
-HTTP Request:
-
-POST /extend-trial HTTP/1.1
-Host: example.com
-User-Agent: Mozilla/5.0
-Cookie: session=abcd1234
-```
-
-```
-HTTP Response:
-
-HTTP/1.1 200 OK
-Content-Type: text/html
-Content-Length: 1337
-Server: Apache
-
-
-
-
Your VIP trial period has been extended by 7 days.
-
-
-```
-
-The application does not limit the number of times the trial period can be extended, leading to a business logic vulnerability.
-
-
-
-Each of these examples provides HTTP Requests and Responses to illustrate the vulnerabilities.
-
-
----
-
-## Limitations
-
-Please note that the current AI is trained primarily on HTTP data. Template generation for non-HTTP protocols is not supported at this time. Support for additional protocols is under development and will be available soon.
-
----
diff --git a/docs/editor/api/generate.mdx b/docs/editor/api/generate.mdx
deleted file mode 100644
index a334ede00..000000000
--- a/docs/editor/api/generate.mdx
+++ /dev/null
@@ -1,17 +0,0 @@
----
-title: "Generate Template (AI)"
-description: "Generate nuclei template using AI prompt"
-api: "POST https://templates-api.nuclei.sh/v1/template/user/generate"
-version: 'v1'
----
-
-
-## Parameters (required)
-
-
- AI Prompt to generate nuclei template
-
-
-
- OpenAI model to use
-
\ No newline at end of file
diff --git a/docs/editor/api/scan.mdx b/docs/editor/api/scan.mdx
deleted file mode 100644
index b631aa376..000000000
--- a/docs/editor/api/scan.mdx
+++ /dev/null
@@ -1,20 +0,0 @@
----
-title: "Scan Template"
-description: "Scan target host using a specified nuclei template."
-api: "POST https://templates-api.nuclei.sh/v1/template/user/scan"
-version: 'v1'
----
-
-## Parameters (required)
-
-
- Target host to scan using nuclei template.
-
- **Constraints**: Valid hostname or IP address or URL.
-
-
-
- Base64 encoded nuclei template.
-
- **Constraints**: Valid Base64 encoded template.
-
\ No newline at end of file
diff --git a/docs/editor/introduction.mdx b/docs/editor/introduction.mdx
deleted file mode 100644
index fb63c0d38..000000000
--- a/docs/editor/introduction.mdx
+++ /dev/null
@@ -1,43 +0,0 @@
----
-title: 'Introduction'
----
-
-
-
-[Nuclei Template Editor](https://templates.nuclei.sh) is a multi-functional cloud hosted tool designed for creating, running, and sharing Nuclei Templates. It's packed with helpful features for individual and professional users seeking to manage and execute templates.
-
-The following table showcases the current and upcoming features:
-
-| Feature | Description and Use | Availability |
-| ---------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------- |
-| **Editor** | Experience something akin to using VS Code with our integrated editor, built on top of Monaco. This feature allows easy writing and modification of Nuclei Templates. | Free |
-| **Optimizer** | Leverage the in-built TemplateMan API to automatically lint, format, validate, and enhance your Nuclei Templates. | Free |
-| **Scan (URL)** | Run your templates on a targeted URL to check their validity. | Free \* |
-| **Debugger** | Utilize the in-built debugging function that displays requests and responses of your template scans, aiding troubleshooting and understanding template behavior. | Free |
-| **Cloud Storage** | Store and access your Nuclei Templates securely anytime, anywhere using your account. | Free |
-| **Sharing** | Share your templates for better collaboration by generating untraceable unique links. | Free |
-| **AI-Assistance** | Employ AI to craft Nuclei Templates based on the context of specified vulnerabilities. This feature simplifies template creation and tailors them to minimize the time required for creation. | Free \* |
-| **Scan (LIST, CIDR, ASN)**| In the professional version, run scans on target lists, network ranges (CIDR), AS numbers (ASN). | Professional `(upcoming)` |
-| **REST API** | In the professional version, fetch templates, call the AI, and perform scans remotely using APIs. | Professional `(upcoming)` |
-| **PDCP Sync** | Sync your generated templates with the ProjectDiscovery Cloud Platform for easy access and management, available in the professional version. | Professional `(upcoming)` |
-
-## Free Feature Limitations
-
-Some features available within the free tier have usage caps in place:
-
-- **Scan (URL):** You're allowed up to **100** scans daily.
-- **AI-Assistance:** Up to **10** queries can be made each day.
-
-The limitations, reset daily, ensure system integrity and availability while providing access to key functions.
-
-***
-## How to Get Started
-
-Begin by ensuring you have an account. If not, sign up on [https://templates.nuclei.sh](https://templates.nuclei.sh/) and follow the steps below:
-
-1. Log in to your account at [https://templates.nuclei.sh](https://templates.nuclei.sh).
-2. Click on the "**Create new template**" button to open up a fresh editor.
-3. Write and modify your template. The editor avails tools like syntax highlighting, snippet suggestion, among other features to simplify your writing process.
-4. Having written your template, input your testing target and click the "**Scan**" button to authenticate your template's accuracy.
-
-
\ No newline at end of file
diff --git a/docs/editor/share.mdx b/docs/editor/share.mdx
deleted file mode 100644
index 55a555879..000000000
--- a/docs/editor/share.mdx
+++ /dev/null
@@ -1,23 +0,0 @@
----
-title: 'Template Share'
----
-
-Nuclei Template Editor offers the ability to share any public templates, including the ones you create.
-
-
-
-To share a template, click on the "Share" button which generates a link that can be sent to others.
-
-## How to Share Public Templates
-
-Public templates are designed for ease of sharing. You don't need to be authenticated to share them, meaning there's no need to log in. These templates are mapped with their Template ID, following a static URL pattern. For instance, a public template URL might resemble this: [https://templates.nuclei.sh/public/CVE-2023-35078](https://templates.nuclei.sh/public/CVE-2023-35078). In the given URL, `CVE-2023-35078` is the Template ID representing the template in the [nuclei-templates](https://github.com/projectdiscovery/nuclei-templates) project.
-
-## How to Share User Templates
-
-User templates, unlike public templates, require authentication for sharing. These templates are assigned a unique, UUID-based ID similar to YouTube's unlisted URLs for sharing purposes. This means anyone given the shared URL will be able to access the template.
-
-## Revoking Access to Shared Templates
-
-If at any point you want to limit the access to the shared template, it is as simple as changing the visibility of the template to private. After this change, the originally shared link will become inactive. However, you have the flexibility to share it again, which would generate a new unique ID.
-
-Please remember, while sharing is easy, it's important to distribute the URL cautiously as the link allows full access to the shared template.
diff --git a/docs/editor/shortcut.mdx b/docs/editor/shortcut.mdx
deleted file mode 100644
index 3b51a659c..000000000
--- a/docs/editor/shortcut.mdx
+++ /dev/null
@@ -1,20 +0,0 @@
----
-title: 'Editor Shortcut'
----
-
-Nuclei Template Editor is equipped with keyboard shortcuts to make your work process more efficient. You can utilize these shortcuts whether you're creating a new template or optimizing an existing one, enabling quicker actions without interfering with your workflow.
-
-Here is a list of the actions, along with their corresponding shortcut keys and descriptions:
-
-| **Action** | **Shortcut Key** | **Description** |
-| ---------------------- | ----------------------- | ----------------------------------------------------- |
-| Save Template | **CMD + S** | Saves the current template. |
-| Duplicate Template | **CMD + D** | Creates a copy of a public template. |
-| Execute Template | **CMD + SHIFT + SPACE** | Run a scan with the current template. |
-| Share Template Link | **ALT + SHIFT + SPACE** | Generates a URL for sharing the current template. |
-| Search Templates | **CMD + K** | Searches within your own templates. |
-| Copy Template | **CMD + SHIFT + C** | Copies the selected template to your clipboard. |
-| Show/Hide Side Bar | **CMD + B** | Toggles the visibility of the side bar. |
-| Show/Hide Debug Panel | **CMD + SHIFT + M** | Toggles the visibility of the debug panel for extra insight. |
-
-**Note:** For Mac users, the CMD key is used for these shortcuts. Non-Mac users (Windows and Linux) should use the CTRL key instead.
\ No newline at end of file
diff --git a/docs/faq/editor.mdx b/docs/faq/editor.mdx
deleted file mode 100644
index ded8ac548..000000000
--- a/docs/faq/editor.mdx
+++ /dev/null
@@ -1,12 +0,0 @@
----
-title: 'Editor'
----
-
-### **Q: Who owns the templates generated by the AI?**
-**A:** You own any templates generated by the AI through the Nuclei Templates Editor. They are your property, and you are granted a perpetual license to use and modify them as you see fit.
-
-### **Q: How accurate are the templates generated by the AI?**
-**A:** The accuracy of the generated templates is primarily dependent on the detail and specificity of the input you provide. The more detailed information you supply, the better the AI can understand the context and create an accurate template. However, as with any AI tool, it is highly recommended to review, validate, and test any generated templates before using them in a live environment.
-
-### **Q: Does AI learn from the templates I generate?**
-**A:** No, AI does not use the templates you generate for further training or improvement of the AI model. The system only utilizes public templates and CVE data for training, ensuring your unique templates remain confidential.
diff --git a/docs/faq/nuclei.mdx b/docs/faq/nuclei.mdx
deleted file mode 100644
index 4ab2a45ad..000000000
--- a/docs/faq/nuclei.mdx
+++ /dev/null
@@ -1,130 +0,0 @@
----
-title: "Nuclei"
----
-
-
-
- Nuclei is a fast and customizable vulnerability scanner based on simple **YAML-based templates**.
-
- It has two components, 1) [Nuclei](http://github.com/projectdiscovery/nuclei) engine - the core of the project allows scripting HTTP / DNS / Network / Headless / File protocols based checks in a very simple to read-and-write YAML-based format. 2) Nuclei [templates](http://github.com/projectdiscovery/nuclei-templates) - ready-to-use **community-contributed** vulnerability templates.
-
-
-
-
- Traditional scanners always lacked the features to allow easy-to-write custom checks on top of their engine. And this is why we started developing Nuclei with a core focus on simplicity, modularity, and the ability to scan on many assets.
-
- We wanted something simple enough to be used by _**everyone**_ while complex enough to integrate into the modern web with its intricacies. The features implemented in nuclei are tailored to allow very rapid prototyping of complex security checks.
-
-
-
- Nuclei engine supports the following type of modules.
-
- - [HTTP](/template-guide/http/base-http/)
- - [DNS](/template-guide/dns/)
- - [TCP](/template-guide/network/)
- - [FILE](/template-guide/file/)
-
-
-
- Nuclei can be used to detect security vulnerabilities in **Web Applications**, **Networks**, **DNS** based misconfiguration, and **Secrets scanning** in source code or files on the local file system.
-
-
-
- The nuclei project is actively developed and maintained by the [ProjectDiscovery](https://projectdiscovery.io/#/) team, and generally releases every 2 weeks.
-
-
-
- To help keep project momentum, we request everyone to write and share new templates with the community in the [template project](https://github.com/projectdiscovery/nuclei-templates). Please help us maintain this public, ready to use, and up-to-date nuclei template repository.
-
- If you found an interesting/unique security issue using nuclei and want to share the process walk-through in the form of a blog, we are happy to publish your guest post on the [ProjectDiscovery blog](https://blog.projectdiscovery.io).
-
-
-
- **Wait a minute** -- after nuclei detected a security issue, it's always advised to have a second look before reporting it. Here's a tip to confirm/validate the issues.
-
-
- Once nuclei finds a result, and you have vulnerable **target** and **template**, rerun the template with **`-debug`** flag to inspect the output against the expected matcher defined in the template. In this way, you can confirm the identified vulnerability.
-
-
-
-
- By default nuclei will make several thousand requests (both HTTP protocol and other services) against a single target when running **all nuclei-templates**. This stems from over 3500 nuclei templates in the [[template releases](https://github.com/projectdiscovery/nuclei-templates/releases/), with more added daily.
-
- As default, few templates listed [here](https://github.com/projectdiscovery/nuclei-templates/blob/master/.nuclei-ignore) are excluded from default scans.
-
-
-
- We consider two factors to say **"safe"** in context of nuclei -
-
- 1. The **traffic** nuclei makes against the target website.
- 2. The **impact** templates have on the target website.
-
-
- **HTTP Traffic**
-
- Nuclei usually makes fewer HTTP requests than the number of templates selected for a scan due to its intelligent request reduction. While some templates contain multiple requests, this rule generally holds true across most scan configurations.
-
-
-
- **Safe Templates**
-
- The nuclei templates project houses a variety of templates which perform fuzzing and other actions which may result in a DoS against the target system (see [the list here](https://github.com/projectdiscovery/nuclei-templates/blob/master/.nuclei-ignore)). To ensure these templates are not accidentally run, they are tagged and excluded them from the default scan. These templates can be only executed when explicitly invoked using the `-itags` option.
-
-
-
-
-
- Nuclei is an open-source project distributed under the [MIT License](https://github.com/projectdiscovery/nuclei/blob/master/LICENSE.md).
-
-
-
- Please join our [Discord server](https://discord.gg/projectdiscovery), or contact us via [Twitter](http://twitter.com/pdnuclei).
-
-
-
- Headless mode on machines based on Linux (OS or containers, eg. Docker) might face runtime errors due to missing dependencies related to specific OS-shared libraries used by chrome binary.
- Usually, these errors can be fixed by pre-installing the browser on the specific distribution. Here is a list of the steps needed for the most common distributions.
- Ubuntu
-
- With snap:
- ```sh
- sudo snap install chromium
- ```
-
- Without snap:
- ```sh
- sudo apt update
- sudo snap refresh
- sudo apt install zip curl wget git
- sudo snap install golang --classic
- wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | sudo apt-key add -
- sudo sh -c 'echo "deb http://dl.google.com/linux/chrome/deb/ stable main" >> /etc/apt/sources.list.d/google.list'
- sudo apt update
- sudo apt install google-chrome-stable
- ```
-
- In case you are unable to install the browser, or want to install only the minimum required dependencies, run the following command:
- ```
- sudo apt-get install libnss3 libgconf-2-4
- ```
-
- If you encounter an error similar to "libnss3.so: cannot open shared object file: No such file or directory," try running the following command to install the dev version:
-
- ```
- sudo apt-get install libnss3-dev
- ```
-
- Error type examples:
- ```
- Error: Expected nil, but got: &errors.errorString{s:"[launcher] Failed to launch the browser, the doc might help https://go-rod.github.io/#/compatibility?id=os: /root/.cache/rod/browser/chromium-1018003/chrome-linux/chrome: error while loading shared libraries: libnss3.so: cannot open shared object file: No such file or directory\n"}
- ```
- ```
- could not create browser
- ```
- ```
- Command '/usr/bin/chromium-browser' requires the chromium snap to be installed.
- Please install it with:
- snap install chromium
- ```
-
-
diff --git a/docs/faq/templates.mdx b/docs/faq/templates.mdx
deleted file mode 100644
index dda5dd72e..000000000
--- a/docs/faq/templates.mdx
+++ /dev/null
@@ -1,70 +0,0 @@
----
-title: "Templates"
----
-
-
-
- Nuclei [templates](http://github.com/projectdiscovery/nuclei-templates) are the core of the nuclei project. The templates contain the actual logic that is executed in order to detect various vulnerabilities. The project consists of **several thousand** ready-to-use **[community-contributed](https://github.com/projectdiscovery/nuclei-templates/graphs/contributors)** vulnerability templates.
-
-
-
- We maintain a [template guide](/template-guide/introduction) for writing new and custom nuclei templates. We also have [example templates](/template-example/http/base-http) for various modules nuclei supports.
-
-
-
-
- Performing security assessment of an application is time-consuming. It's always better and time-saving to automate steps whenever possible. Once you've found a security vulnerability, you can prepare a nuclei template by defining the required HTTP request to reproduce the issue, and test the same vulnerability across multiple hosts with ease. It's worth mentioning ==you write the template once and use it forever==, as you don't need to manually test that specific vulnerability any longer.
-
- Here are few examples from the community making use of templates to automate the security findings.
-
- - https://dhiyaneshgeek.github.io/web/security/2021/02/19/exploiting-out-of-band-xxe/
- - https://blog.melbadry9.xyz/fuzzing/nuclei-cache-poisoning
- - https://blog.melbadry9.xyz/dangling-dns/xyz-services/ddns-worksites
- - https://blog.melbadry9.xyz/dangling-dns/aws/ddns-ec2-current-state
- - https://blog.projectdiscovery.io/writing-nuclei-templates-for-wordpress-cves/
-
-
-
-
-
- Nuclei templates can be executed using a template name or with tags, using `-templates` (`-t`) and `-tags` flag, respectively.
-
- ```
- nuclei -tags cve -list target_urls.txt
- ```
-
-
-
- You are always welcome to share your nuclei templates with the community. You can either open a [GitHub issue](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=nuclei-template&template=submit-template.md&title=%5Bnuclei-template%5D+template-name) with the template details or open a GitHub [pull request](https://github.com/projectdiscovery/nuclei-templates/pulls) with your nuclei templates. If you don't have a GitHub account, you can also make use of the [discord server](https://discord.gg/projectdiscovery) to share the template with us.
-
-
-
-
- The nuclei template project is a **community-contributed project**. The ProjectDiscovery team manually reviews templates before merging them into the project. Still, there is a possibility that some templates with weak matchers will slip through the verification. This could produce false-positive results. **Templates are only as good as their matchers.**
-
- If you identified templates producing false positive/negative results, here are few steps that you can follow to fix them quickly.
-
-
- Direct message us on [Twitter](https://twitter.com/pdnuclei) or [Discord](https://discord.gg/projectdiscovery) to confirm the validity of the template.
-
-
-
- Please open a GitHub [issue](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=false-positive&template=false-positive.md&title=%5Bfalse-positive%5D+template-name+) with details, and we will work to address the problem and update the template.
-
-
-
- Please open a GitHub [pull request](https://github.com/projectdiscovery/nuclei-templates/pulls) with fix.
-
-
-
-
-
- The nuclei templates project houses a variety of templates which perform fuzzing and other actions which may result in a DoS against the target system (see [the list here](https://github.com/projectdiscovery/nuclei-templates/blob/master/.nuclei-ignore)). To ensure these templates are not accidentally run, they are tagged and excluded them from the default scan. These templates can be only executed when explicitly invoked using the `-itags` option.
-
-
-
-
- When you download or update nuclei templates using the nuclei binary, it downloads all the templates from the latest **release**. All templates added after the release exist in the [master branch](https://github.com/projectdiscovery/nuclei-templates) and are added to nuclei when a new template release is created.
-
-
-
diff --git a/docs/favicon.png b/docs/favicon.png
deleted file mode 100644
index 935179503..000000000
Binary files a/docs/favicon.png and /dev/null differ
diff --git a/docs/getting-started/features.mdx b/docs/getting-started/features.mdx
deleted file mode 100644
index ac4b1d007..000000000
--- a/docs/getting-started/features.mdx
+++ /dev/null
@@ -1,20 +0,0 @@
----
-title: 'Features'
----
-
-| Feature | Description |
-| ---------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| [Extensive Template Library](#) | Nuclei offers a vast collection of community-powered templates for targeted scans of various vulnerabilities and attack vectors. |
-| [Versatile Target Specification](#) | Support for various target specification options, such as URLs, IP ranges, ASN range, and file input, allowing flexibility in defining the scanning scope. |
-| [Bulk Scanning](#) | Perform bulk scanning by specifying multiple targets at once, enabling efficient scanning of a large number of assets or websites. |
-| [Flexible Customization](#) | Customize scanning templates to fit specific needs, allowing tailored scanning and focusing on relevant security checks. |
-| [Parallel Scanning](#) | Supports parallel scanning, reducing scanning time and improving efficiency, especially for large-scale targets. |
-| [Comprehensive Reporting `cloud`](#) | Generates detailed reports with actionable insights, including vulnerability details, severity levels, affected endpoints, and suggested remediation steps. |
-| [Integration with CI/CD Pipelines](#) | Seamlessly integrate Nuclei into CI/CD pipelines for automated security testing as part of the development and deployment process. |
-| [CI/CD Integration `cloud`](#) | Actively maintained and developed by the ProjectDiscovery team, introducing new features, bug fixes, and enhancements to provide an up-to-date scanning framework. |
-| [Ticketing integration `cloud`](#) | Two-way ticketing integration with Jira, Splunk, and many others to easily remediate and retest vulnerabilities. |
-| [Customizable Output Format](#) | Configure the output format of Nuclei's scan results to suit your needs, including options for JSON, YAML, and more. |
-| [Dynamic Variables](#) | Utilize dynamic variables in templates to perform parameterized scanning, enabling versatile and flexible scanning configurations. |
-| [Inclusion and Exclusion Filters](#) | Apply inclusion and exclusion filters to specify targets, reducing scanning scope and focusing on specific areas of interest. |
-| [Authentication Support](#) | Nuclei supports various authentication mechanisms, including HTTP basic authentication, JWT token authentication, and more. |
-| [Embedding custom code in templates `alpha`](#) | Execute custom code within Nuclei templates to incorporate user-defined logic, perform advanced scanning actions, and more. |
diff --git a/docs/getting-started/install.mdx b/docs/getting-started/install.mdx
deleted file mode 100644
index 44e3f2e87..000000000
--- a/docs/getting-started/install.mdx
+++ /dev/null
@@ -1,69 +0,0 @@
----
-title: 'Install'
----
-
-
-
-
- ```bash
- go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest
- ```
-
- Nuclei requires latest **GO** version to install successfully.
-
-
-
- ```bash
- brew install nuclei
- ```
-
- Supported in **macOS** (or Linux)
-
-
-
- ```bash
- docker pull projectdiscovery/nuclei:latest
- ```
-
- Docker-specific usage instructions can be found [here](./running#running-with-docker).
-
-
- ```bash
- git clone https://github.com/projectdiscovery/nuclei.git; \
- cd nuclei/cmd/nuclei; \
- go build; \
- mv nuclei /usr/local/bin/; \
- nuclei -version;
- ```
-
- Nuclei require the latest **GO** version to install successfully.
-
-
-
- ```bash
- https://github.com/projectdiscovery/nuclei/releases
- ```
-
-
- - Download the latest binary for your OS.
- - Unzip the ready to run binary.
-
-
-
-
- ```bash
- git clone https://github.com/projectdiscovery/nuclei.git
- cd nuclei/helm
- helm upgrade --install nuclei . -f values.yaml
- ```
-
-
- This Helm chart creates two primary resources (intended to be configured via `values.yaml`):
-
- - A Kubernetes CronJob to run Nuclei on a defined schedule
-
- - An [Interactsh](https://github.com/projectdiscovery/interactsh) service for Nuclei to use
-
-
-
-
diff --git a/docs/getting-started/overview.mdx b/docs/getting-started/overview.mdx
deleted file mode 100644
index 44a78827c..000000000
--- a/docs/getting-started/overview.mdx
+++ /dev/null
@@ -1,47 +0,0 @@
----
-title: 'Overview'
----
-
-## What is **Nuclei?**
-
-Nuclei is a fast scanner used to scan across the modern applications, infrastructure, cloud environments, and networks to help you find and remediate vulnerabilities.
-
-Under the hood, it operates on the concept of templates, which are essentially simple YAML file that describe how to detect, prioritize and remediate specific security vulnerabilities.
-
-Hundreds of security researchers and engineers from around the globe contribute to the template ecosystem, which is available and updated regularly within the Nuclei tool. Over 5000 templates have been contributed to date. These templates include real-world exploits and latest attack vectors, including the Log4j vulnerability, GitLab RCE, and many others, to match adaptability in an ever-evolving threat landscape.
-
-Each template represents a potential attack vector and includes a detailed description of the vulnerability, its severity, priority score, and sometimes even trending exploits. The template-driven approach not only adds a high degree of flexibility but also ensures that the vulnerabilities detected by Nuclei are not just theoretical risks but are indicative of real-world exploitability.
-
-Once configured, Nuclei can provide detailed information on each vulnerability, including:
-
-
-
-
-
-
-
-
-
-## Where to use Nuclei?
-
-| Use Case | Description |
-| -------------------------------- | ----------- |
-| Web Application Security | Identifies common web vulnerabilities with community-powered templates. |
-| Infrastructure Security | Audits server configurations, open ports, and insecure services for security issues. |
-| API Security Testing `alpha` | Tests APIs against known vulnerabilities and misconfigurations. |
-| (CI/CD) Security | Integrates into CI/CD pipelines to minimize vulnerability resurface into production. |
-| Third-party Vendor Assessment | Evaluates the security of third-party vendors by scanning their digital assets. |
-| Cloud Security `alpha` | Scans cloud environments for misconfigurations and vulnerabilities. |
-| Mobile Application Security | Scans mobile applications for security issues, including API tests and configuration checks. |
-| Network Device Security `alpha` | Identifies vulnerabilities in network devices like routers, switches, and firewalls. |
-| Web Server Assessment | Identifies common vulnerabilities and misconfigurations in web servers. |
-| Content Management System (CMS) Assessment | Identifies vulnerabilities specific to CMS platforms like WordPress, Joomla, or Drupal. |
-| Database Security Assessment | Scans databases for known vulnerabilities, default configurations, and access control issues. |
-
-People use Nuclei in a variety of ways:
-
-- **Security Engineers/Analysts**: Conduct security assessments, proactively identify vulnerabilities, convert custom vectors and analyze latest attack vectors.
-- **Red Teams**: Leverage Nuclei as part of their offensive security operations to simulate real-world attack scenarios, identify weaknesses, and provide actionable recommendations for enhancing overall security.
-- **DevOps Teams**: Integrate Nuclei into their CI/CD pipelines to ensure continuous security and regression of custom vulnerabilities.
-- **Bug Bounty Hunters**: Leverage Nuclei to find vulnerabilities across their programs listed on platforms like HackerOne, Bugcrowd, Intigriti etc.
-- **Penetration Testers**: Utilize Nuclei to automate their assessment methodologies into templates for their clients' systems.
diff --git a/docs/getting-started/running.mdx b/docs/getting-started/running.mdx
deleted file mode 100644
index 76fe24c41..000000000
--- a/docs/getting-started/running.mdx
+++ /dev/null
@@ -1,925 +0,0 @@
----
-title: 'Running Nuclei'
----
-
-
-
-
-## Running **Nuclei**
-
-Nuclei templates can be primarily executed in two ways:
-
-1. **Templates** (`-t/templates`)
-
-As default, all the templates (except nuclei-ignore list) get executed from the default template installation path.
-
-```sh
-nuclei -u https://example.com
-```
-
-Custom template directory or multiple template directory can be executed as follows:
-
-```sh
-nuclei -u https://example.com -t cves/ -t exposures/
-```
-
-Custom template Github repos are downloaded under `github` directory. Custom repo templates can be passed as follows:
-
-```sh
-nuclei -u https://example.com -t github/private-repo
-```
-
-Similarly, Templates can be executed against a list of URLs.
-
-```sh
-nuclei -list http_urls.txt
-```
-
-2. **Workflows** (`-w/workflows`)
-
-```sh
-nuclei -u https://example.com -w workflows/
-```
-
-Similarly, Workflows can be executed against a list of URLs.
-
-```sh
-nuclei -list http_urls.txt -w workflows/wordpress-workflow.yaml
-```
-
-### Nuclei **Filters**
-
-Nuclei engine supports three basic filters to customize template execution.
-
-1. Tags (`-tags`)
-
- Filter based on tags field available in the template.
-
-2. Severity (`-severity`)
-
- Filter based on severity field available in the template.
-
-3. Author (`-author`)
-
- Filter based on author field available in the template.
-
-As default, Filters are applied on installed path of templates and can be customized with manual template path input.
-
-For example, below command will run all the templates installed at `~/nuclei-templates/` directory and has `cve` tags in it.
-
-```sh
-nuclei -u https://example.com -tags cve
-```
-
-And this example will run all the templates available under `~/nuclei-templates/exposures/` directory and has `config` tag in it.
-
-```sh
-nuclei -u https://example.com -tags config -t exposures/
-```
-
-Multiple filters works together with AND condition,
-below example runs all templates with `cve` tags
-AND has `critical` OR `high` severity AND `geeknik` as author of template.
-
-```sh
-nuclei -u https://example.com -tags cve -severity critical,high -author geeknik
-```
-
-Multiple filters can also be combined using the template condition flag (`-tc`) that allows complex expressions like the following ones:
-
-```sh
-nuclei -tc "contains(id,'xss') || contains(tags,'xss')"
-nuclei -tc "contains(tags,'cve') && contains(tags,'ssrf')"
-nuclei -tc "contains(name, 'Local File Inclusion')"
-```
-
-The supported fields are:
-
-- `id` string
-- `name` string
-- `description` string
-- `tags` slice of strings
-- `authors` slice of strings
-- `severity` string
-- `protocol` string
-- `http_method` slice of strings
-- `body` string (containing all request bodies if any)
-- `matcher_type` slice of string
-- `extractor_type` slice of string
-- `description` string
-
-Also, every key-value pair from the template metadata section is accessible. All fields can be combined with logical operators (`||` and `&&`) and used with DSL helper functions.
-
-Similarly, all filters are supported in workflows as well.
-
-```sh
-nuclei -w workflows/wordpress-workflow.yaml -severity critical,high -list http_urls.txt
-```
-
-
-
-**Workflows**
-
-In Workflows, Nuclei filters are applied on templates or sub-templates running via workflows, not on the workflows itself.
-
-
-
-### Public Templates
-
-Nuclei has built-in support for automatic template download/update from [**nuclei templates**](https://github.com/projectdiscovery/nuclei-templates) project which provides [community-contributed](https://github.com/projectdiscovery/nuclei-templates#-community) list of ready-to-use templates that is constantly updated.
-
-Nuclei checks for new community template releases upon each execution and automatically downloads the latest version when available. optionally, this feature can be disabled using the `-duc` cli flag or the configuration file.
-
-### Custom Templates
-
-Users can create custom templates on a personal public / private GitHub / AWS Bucket that they wish to run / update while using nuclei from any environment without manually downloading the GitHub repository everywhere.
-
-To use this feature, users need to set the following environment variables:
-
-
-
- ```bash
- export GITHUB_TOKEN=gh_XXX
- export GITHUB_TEMPLATE_REPO=my_nuclei_template
- ```
-
-
-
- ```bash
- export GITLAB_SERVER_URL=https://gitlab.com
- # The GitLab token must have the read_api and read_repository scope
- export GITLAB_TOKEN=XXXXXXXXXX
- # Comma separated list of repository IDs (not names)
- export GITLAB_REPOSITORY_IDS=12345,67890
- ```
-
-
-
-
-```bash
-export AWS_ACCESS_KEY=AKIAXXXXXXXX
-export AWS_SECRET_KEY=XXXXXX
-export AWS_REGION=us-xxx-1
-export AWS_TEMPLATE_BUCKET=aws_bucket_name
-```
-
-
-
-
-```bash
-export AZURE_TENANT_ID=00000000-0000-0000-0000-000000000000
-export AZURE_CLIENT_ID=00000000-0000-0000-0000-000000000000
-export AZURE_CLIENT_SECRET=00000000-0000-0000-0000-000000000000
-export AZURE_SERVICE_URL=https://XXXXXXXXXX.blob.core.windows.net/
-export AZURE_CONTAINER_NAME=templates
-```
-
-
-
-
-
-Environment variables can also be provided to disable download from default and custom template locations:
-
-```bash
-# Disable download from the default nuclei-templates project
-export DISABLE_NUCLEI_TEMPLATES_PUBLIC_DOWNLOAD=true
-
-# Disable download from public / private GitHub project(s)
-export DISABLE_NUCLEI_TEMPLATES_GITHUB_DOWNLOAD=true
-
-# Disable download from public / private GitLab project(s)
-export DISABLE_NUCLEI_TEMPLATES_GITLAB_DOWNLOAD=true
-
-# Disable download from public / private AWS Bucket(s)
-export DISABLE_NUCLEI_TEMPLATES_AWS_DOWNLOAD=true
-
-# Disable download from public / private Azure Blob Storage
-export DISABLE_NUCLEI_TEMPLATES_AZURE_DOWNLOAD=true
-```
-
-Once the environment variables are set, following command to download the custom templates:
-
-```bash
-nuclei -update-templates
-```
-
-This command will clone the repository containing the custom templates to the default nuclei templates directory (`$HOME/nuclei-templates/github/`).
-
-The directory structure of the custom templates looks as follows:
-
-```bash
-tree $HOME/nuclei-templates/
-
-nuclei-templates/
-└── github/$GH_REPO_NAME # Custom templates downloaded from public / private GitHub project
-└── gitlab/$GL_REPO_NAME # Custom templates downloaded from public / private GitLab project
-└── s3/$BUCKET_NAME # Custom templates downloaded from public / private AWS Bucket
-└── azure/$CONTAINER_NAME # Custom templates downloaded from public / private Azure Blob Storage
-```
-
-Users can then use the custom templates with the `-t` flag as follows:
-
-```
-nuclei -t github/my_custom_template -u https://example.com
-```
-
-The nuclei engine can be updated to latest version by using the `-update` flag.
-
-
- Writing your own unique templates will always keep you one step ahead of
- others.
-
-
-### Flags
-
-```
-nuclei -h
-```
-
-This will display help for the tool. Here are all the switches it supports.
-
-```bash
-Nuclei is a fast, template based vulnerability scanner focusing
-on extensive configurability, massive extensibility and ease of use.
-
-Usage:
- nuclei [flags]
-
-Flags:
-TARGET:
- -u, -target string[] target URLs/hosts to scan
- -l, -list string path to file containing a list of target URLs/hosts to scan (one per line)
- -resume string resume scan using resume.cfg (clustering will be disabled)
- -sa, -scan-all-ips scan all the IP's associated with dns record
- -iv, -ip-version string[] IP version to scan of hostname (4,6) - (default 4)
-
-TEMPLATES:
- -nt, -new-templates run only new templates added in latest nuclei-templates release
- -ntv, -new-templates-version string[] run new templates added in specific version
- -as, -automatic-scan automatic web scan using wappalyzer technology detection to tags mapping
- -t, -templates string[] list of template or template directory to run (comma-separated, file)
- -tu, -template-url string[] list of template urls to run (comma-separated, file)
- -w, -workflows string[] list of workflow or workflow directory to run (comma-separated, file)
- -wu, -workflow-url string[] list of workflow urls to run (comma-separated, file)
- -validate validate the passed templates to nuclei
- -nss, -no-strict-syntax disable strict syntax check on templates
- -td, -template-display displays the templates content
- -tl list all available templates
-
-FILTERING:
- -a, -author string[] templates to run based on authors (comma-separated, file)
- -tags string[] templates to run based on tags (comma-separated, file)
- -etags, -exclude-tags string[] templates to exclude based on tags (comma-separated, file)
- -itags, -include-tags string[] tags to be executed even if they are excluded either by default or configuration
- -id, -template-id string[] templates to run based on template ids (comma-separated, file)
- -eid, -exclude-id string[] templates to exclude based on template ids (comma-separated, file)
- -it, -include-templates string[] templates to be executed even if they are excluded either by default or configuration
- -et, -exclude-templates string[] template or template directory to exclude (comma-separated, file)
- -em, -exclude-matchers string[] template matchers to exclude in result
- -s, -severity value[] templates to run based on severity. Possible values: info, low, medium, high, critical, unknown
- -es, -exclude-severity value[] templates to exclude based on severity. Possible values: info, low, medium, high, critical, unknown
- -pt, -type value[] templates to run based on protocol type. Possible values: dns, file, http, headless, network, workflow, ssl, websocket, whois
- -ept, -exclude-type value[] templates to exclude based on protocol type. Possible values: dns, file, http, headless, network, workflow, ssl, websocket, whois
- -tc, -template-condition string[] templates to run based on expression condition
-
-OUTPUT:
- -o, -output string output file to write found issues/vulnerabilities
- -sresp, -store-resp store all request/response passed through nuclei to output directory
- -srd, -store-resp-dir string store all request/response passed through nuclei to custom directory (default "output")
- -silent display findings only
- -nc, -no-color disable output content coloring (ANSI escape codes)
- -json write output in JSONL(ines) format
- -irr, -include-rr include request/response pairs in the JSONL output (for findings only)
- -nm, -no-meta disable printing result metadata in cli output
- -ts, -timestamp enables printing timestamp in cli output
- -rdb, -report-db string nuclei reporting database (always use this to persist report data)
- -ms, -matcher-status display match failure status
- -me, -markdown-export string directory to export results in markdown format
- -se, -sarif-export string file to export results in SARIF format
-
-CONFIGURATIONS:
- -config string path to the nuclei configuration file
- -fr, -follow-redirects enable following redirects for http templates
- -fhr, -follow-host-redirects follow redirects on the same host
- -mr, -max-redirects int max number of redirects to follow for http templates (default 10)
- -dr, -disable-redirects disable redirects for http templates
- -rc, -report-config string nuclei reporting module configuration file
- -H, -header string[] custom header/cookie to include in all http request in header:value format (cli, file)
- -V, -var value custom vars in key=value format
- -r, -resolvers string file containing resolver list for nuclei
- -sr, -system-resolvers use system DNS resolving as error fallback
- -dc, -disable-clustering disable clustering of requests
- -passive enable passive HTTP response processing mode
- -fh2, -force-http2 force http2 connection on requests
- -ev, -env-vars enable environment variables to be used in template
- -cc, -client-cert string client certificate file (PEM-encoded) used for authenticating against scanned hosts
- -ck, -client-key string client key file (PEM-encoded) used for authenticating against scanned hosts
- -ca, -client-ca string client certificate authority file (PEM-encoded) used for authenticating against scanned hosts
- -sml, -show-match-line show match lines for file templates, works with extractors only
- -ztls use ztls library with autofallback to standard one for tls13
- -sni string tls sni hostname to use (default: input domain name)
- -sandbox sandbox nuclei for safe templates execution
- -i, -interface string network interface to use for network scan
- -at, -attack-type string type of payload combinations to perform (batteringram,pitchfork,clusterbomb)
- -sip, -source-ip string source ip address to use for network scan
- -config-directory string override the default config path ($home/.config)
- -rsr, -response-size-read int max response size to read in bytes (default 10485760)
- -rss, -response-size-save int max response size to read in bytes (default 1048576)
-
-INTERACTSH:
- -iserver, -interactsh-server string interactsh server url for self-hosted instance (default: oast.pro,oast.live,oast.site,oast.online,oast.fun,oast.me)
- -itoken, -interactsh-token string authentication token for self-hosted interactsh server
- -interactions-cache-size int number of requests to keep in the interactions cache (default 5000)
- -interactions-eviction int number of seconds to wait before evicting requests from cache (default 60)
- -interactions-poll-duration int number of seconds to wait before each interaction poll request (default 5)
- -interactions-cooldown-period int extra time for interaction polling before exiting (default 5)
- -ni, -no-interactsh disable interactsh server for OAST testing, exclude OAST based templates
-
-UNCOVER:
- -uc, -uncover enable uncover engine
- -uq, -uncover-query string[] uncover search query
- -ue, -uncover-engine string[] uncover search engine (shodan,shodan-idb,fofa,censys,quake,hunter,zoomeye,netlas,criminalip) (default shodan)
- -uf, -uncover-field string uncover fields to return (ip,port,host) (default "ip:port")
- -ul, -uncover-limit int uncover results to return (default 100)
- -ucd, -uncover-delay int delay between uncover query requests in seconds (0 to disable) (default 1)
-
-RATE-LIMIT:
- -rl, -rate-limit int maximum number of requests to send per second (default 150)
- -rlm, -rate-limit-minute int maximum number of requests to send per minute
- -bs, -bulk-size int maximum number of hosts to be analyzed in parallel per template (default 25)
- -c, -concurrency int maximum number of templates to be executed in parallel (default 25)
- -hbs, -headless-bulk-size int maximum number of headless hosts to be analyzed in parallel per template (default 10)
- -headc, -headless-concurrency int maximum number of headless templates to be executed in parallel (default 10)
-
-OPTIMIZATIONS:
- -timeout int time to wait in seconds before timeout (default 10)
- -retries int number of times to retry a failed request (default 1)
- -ldp, -leave-default-ports leave default HTTP/HTTPS ports (eg. host:80,host:443)
- -mhe, -max-host-error int max errors for a host before skipping from scan (default 30)
- -nmhe, -no-mhe disable skipping host from scan based on errors
- -project use a project folder to avoid sending same request multiple times
- -project-path string set a specific project path
- -spm, -stop-at-first-match stop processing HTTP requests after the first match (may break template/workflow logic)
- -stream stream mode - start elaborating without sorting the input
- -ss, -scan-strategy value strategy to use while scanning(auto/host-spray/template-spray) (default 0)
- -irt, -input-read-timeout duration timeout on input read (default 3m0s)
- -nh, -no-httpx disable httpx probing for non-url input
- -no-stdin disable stdin processing
-
-HEADLESS:
- -headless enable templates that require headless browser support (root user on Linux will disable sandbox)
- -page-timeout int seconds to wait for each page in headless mode (default 20)
- -sb, -show-browser show the browser on the screen when running templates with headless mode
- -sc, -system-chrome use local installed Chrome browser instead of nuclei installed
- -lha, -list-headless-action list available headless actions
-
-DEBUG:
- -debug show all requests and responses
- -dreq, -debug-req show all sent requests
- -dresp, -debug-resp show all received responses
- -p, -proxy string[] list of http/socks5 proxy to use (comma separated or file input)
- -pi, -proxy-internal proxy all internal requests
- -ldf, -list-dsl-function list all supported DSL function signatures
- -tlog, -trace-log string file to write sent requests trace log
- -elog, -error-log string file to write sent requests error log
- -version show nuclei version
- -hm, -hang-monitor enable nuclei hang monitoring
- -v, -verbose show verbose output
- -profile-mem string optional nuclei memory profile dump file
- -vv display templates loaded for scan
- -svd, -show-var-dump show variables dump for debugging
- -ep, -enable-pprof enable pprof debugging server
- -tv, -templates-version shows the version of the installed nuclei-templates
- -hc, -health-check run diagnostic check up
-
-UPDATE:
- -un, -update update nuclei engine to the latest released version
- -ut, -update-templates update nuclei-templates to latest released version
- -ud, -update-template-dir string custom directory to install / update nuclei-templates
- -duc, -disable-update-check disable automatic nuclei/templates update check
-
-STATISTICS:
- -stats display statistics about the running scan
- -sj, -stats-json write statistics data to an output file in JSONL(ines) format
- -si, -stats-interval int number of seconds to wait between showing a statistics update (default 5)
- -mp, -metrics-port int port to expose nuclei metrics on (default 9092)
-```
-
-
- From Nuclei v3.0.0 `-metrics` port has been removed and merged with `-stats`
- when using `-stats` flag metrics will be by default available at `localhost:9092/metrics`
- and metrics-port can be configured by `-metrics-port` flag
-
-
-### Rate **Limits**
-
-Nuclei have multiple rate limit controls for multiple factors, including a number of templates to execute in parallel, a number of hosts to be scanned in parallel for each template, and the global number of request / per second you wanted to make/limit using nuclei, here is an example of each flag with description.
-
-| Flag | Description |
-| ---------- | -------------------------------------------------------------------- |
-| rate-limit | Control the total number of request to send per seconds |
-| bulk-size | Control the number of hosts to process in parallel for each template |
-| c | Control the number of templates to process in parallel |
-
-Feel free to play with these flags to tune your nuclei scan speed and accuracy.
-
-
- `rate-limit` flag takes precedence over the other two flags, the number of
- requests/seconds can't go beyond the value defined for `rate-limit` flag
- regardless the value of `c` and `bulk-size` flag.
-
-
-### Traffic **Tagging**
-
-Many BugBounty platform/programs requires you to identify the HTTP traffic you make, this can be achieved by setting custom header using config file at `$HOME/.config/nuclei/config.yaml` or CLI flag `-H / header`
-
-
-Setting custom header using config file
-
-```yaml
-# Headers to include with each request.
-header:
- - 'X-BugBounty-Hacker: h1/geekboy'
- - 'User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) / nuclei'
-```
-
-
-
-
-
-Setting custom header using CLI flag
-
-```yaml
-nuclei -header 'User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) / nuclei' -list urls.txt -tags cves
-```
-
-
-
-### Template **Exclusion**
-
-Nuclei supports a variety of methods for excluding / blocking templates from execution. By default, **nuclei** excludes the tags/templates listed below from execution to avoid unexpected fuzz based scans and some that are not supposed to run for mass scan, and these can be easily overwritten with nuclei configuration file / flags.
-
-- Default [Template ignore](https://github.com/projectdiscovery/nuclei-templates/blob/master/.nuclei-ignore) list.
-
-
- **nuclei-ignore** file is not supposed to be updated / edited / removed by
- user, to overwrite default ignore list, utilize [nuclei
- configuration](/getting-started/features#nuclei-config) file.{' '}
-
-
-Nuclei engine supports two ways to manually exclude templates from scan,
-
-1. Exclude Templates (`-exclude-templates/exclude`)
-
- **exclude-templates** flag is used to exclude single or multiple templates and directory, multiple `-exclude-templates` flag can be used to provide multiple values.
-
-2. Exclude Tags (`-exclude-tags/etags`)
-
- **exclude-tags** flag is used to exclude templates based in defined tags, single or multiple can be used to exclude templates.
-
-
-Example of excluding single template
-
-```
-nuclei -list urls.txt -t cves/ -exclude-templates cves/2020/CVE-2020-XXXX.yaml
-```
-
-
-
-
-Example of multiple template exclusion
-
-```
-nuclei -list urls.txt -exclude-templates exposed-panels/ -exclude-templates technologies/
-```
-
-
-
-
-Example of excluding templates with single tag
-
-```
-nuclei -l urls.txt -t cves/ -etags xss
-```
-
-
-
-
-Example of excluding templates with multiple tags
-
-```
-nuclei -l urls.txt -t cves/ -etags sqli,rce
-```
-
-
-
-To easily overwrite [nuclei-ignore](https://github.com/projectdiscovery/nuclei-templates/blob/master/.nuclei-ignore), Nuclei engine supports **include-tags** / **include-templates** flag.
-
-
-Example of running blocked templates
-
-```
-nuclei -l urls.txt -include-tags iot,misc,fuzz
-```
-
-
-
-### Scan on internet database
-
-Nuclei supports integration with [uncover module](https://github.com/projectdiscovery/uncover) that supports services like Shodan, Censys, Hunter, Zoomeye, many more to execute Nuclei on these databases.
-
-Here are uncover options to use -
-
-```console
-nuclei -h uncover
-
-UNCOVER:
- -uc, -uncover enable uncover engine
- -uq, -uncover-query string[] uncover search query
- -ue, -uncover-engine string[] uncover search engine (shodan,shodan-idb,fofa,censys,quake,hunter,zoomeye,netlas,criminalip) (default shodan)
- -uf, -uncover-field string uncover fields to return (ip,port,host) (default "ip:port")
- -ul, -uncover-limit int uncover results to return (default 100)
- -ucd, -uncover-delay int delay between uncover query requests in seconds (0 to disable) (default 1)
-```
-
-You need to set the API key of the engine you are using as an environment variable in your shell.
-
-```
-export SHODAN_API_KEY=xxx
-export CENSYS_API_ID=xxx
-export CENSYS_API_SECRET=xxx
-export FOFA_EMAIL=xxx
-export FOFA_KEY=xxx
-export QUAKE_TOKEN=xxx
-export HUNTER_API_KEY=xxx
-export ZOOMEYE_API_KEY=xxx
-```
-
-Required API keys can be obtained by signing up on following platform [Shodan](https://account.shodan.io/register), [Censys](https://censys.io/register), [Fofa](https://fofa.info/toLogin), [Quake](https://quake.360.net/quake/#/index), [Hunter](https://user.skyeye.qianxin.com/user/register?next=https%3A//hunter.qianxin.com/api/uLogin&fromLogin=1) and [ZoomEye](https://www.zoomeye.org/login) .
-
-Example of template execution using a search query.
-
-```
-export SHODAN_API_KEY=xxx
-nuclei -id 'CVE-2021-26855' -uq 'vuln:CVE-2021-26855' -ue shodan
-```
-
-It can also read queries from templates metadata and execute template against hosts returned by uncover for that query.
-
-Example of template execution using template-defined search queries.
-
-Template snippet of [CVE-2021-26855](https://github.com/projectdiscovery/nuclei-templates/blob/master/cves/2021/CVE-2021-26855.yaml)
-
-```yaml
-metadata:
- shodan-query: 'vuln:CVE-2021-26855'
-```
-
-```console
-nuclei -t cves/2021/CVE-2021-26855.yaml -uncover
-nuclei -tags cve -uncover
-```
-
-We can update the nuclei configuration file to include these tags for all scans.
-
-## **Large scans** using Nuclei
-
-Nuclei fully utilises resources to optimise scanning speed. However, when scanning **thousands**, if not **millions, of targets**, scanning using default parameter values is bound to cause some performance issues ex: low RPS, Slow Scans, Process Killed, High RAM consumption, etc. this is due to limited resources and network I/O. Hence following parameters need to be tuned based on system configuration and targets.
-
-For enterprises dealing with large-scale scanning, optimizing Nuclei can be a burdensome task, especially when scans change frequently. That's where [Nuclei Enterprise](https://nuclei.sh/enterprise) comes in. With its managed offering and dedicated support, Nuclei Enterprise minimizes the burden of optimizing Nuclei on large scans, making it an ideal choice for enterprise-level scanning needs.
-
-
-| Flag | Short | Description |
-| ------------- | ----- | --------------------------------------------------------- |
-| scan-strategy | -ss | Scan Strategy to Use (auto/host-spray/template-spray) |
-| bulk-size | -bs | Max Number of targets to scan in parallel |
-| concurrency | -c | Max Number of templates to use in parallel while scanning |
-| stream | - | stream mode - start elaborating without sorting the input |
-
-
- These are common parameters that need to be tuned. Apart from these
- `-rate-limit`, `-retries`, `-timeout`, `-max-host-error` also need to be tuned
- based on targets that are being scanned
-
-
-### Which Scan Strategy to Use?
-
-**scan-strategy** option can have three possible values
-
-- `host-spray` : All templates are iterated over each target.
-- `template-spray` : Each template is iterated over all targets.
-- `auto`(Default) : Placeholder of `template-spray` for now.
-
-User should select **Scan Strategy** based on number of targets and Each strategy has its own pros & cons.
-
-- When targets < 1000, `template-spray` should be used. This strategy is slightly faster than `host-spray` but uses more RAM and does not optimally reuse connections.
-- When targets > 1000, `host-spray` should be used. This strategy uses less RAM than `template-spray` and reuses HTTP connections along with some minor improvements and these are crucial when mass scanning.
-
-### Concurrency & Bulk-Size
-
-Whatever the `scan-strategy` is `-concurrency` and `-bulk-size` are crucial for tuning any type of scan. While tuning these parameters following points should be noted.
-
-**If `scan-strategy` is template-spray**
-
-- `-concurrency` < `bulk-size` (Ex: `-concurrency 10 -bulk-size 200`)
-
-**If `scan-strategy` is host-spray**
-
-- `-concurrency` > `bulk-size` (Ex: `-concurrency 200 -bulk-size 10`)
-
- `-concurrency` x `-bulk-size` \<\= 2500 (depending on system config)
-
-### Stream
-
-This option should only be enabled if targets > 10k . This skips any type of sorting or preprocessing on target list.
-
-## Nuclei **Config**
-
-> Since release of [v2.3.2](https://blog.projectdiscovery.io/nuclei-v2-3-0-release/) nuclei uses [goflags](https://github.com/projectdiscovery/goflags) for clean CLI experience and long/short formatted flags.
->
-> [goflags](https://github.com/projectdiscovery/goflags) comes with auto-generated config file support that coverts all available CLI flags into config file, basically you can define all CLI flags into config file to avoid repetitive CLI flags that loads as default for every scan of nuclei.
->
-> Default path of nuclei config file is `$HOME/.config/nuclei/config.yaml`, uncomment and configure the flags you wish to run as default.
-
-Here is an example config file:
-
-```yaml
-# Headers to include with all HTTP request
-header:
- - 'X-BugBounty-Hacker: h1/geekboy'
-
-# Directory based template execution
-templates:
- - cves/
- - vulnerabilities/
- - misconfiguration/
-
-# Tags based template execution
-tags: exposures,cve
-
-# Template Filters
-tags: exposures,cve
-author: geeknik,pikpikcu,dhiyaneshdk
-severity: critical,high,medium
-
-# Template Allowlist
-include-tags: dos,fuzz # Tag based inclusion (allows overwriting nuclei-ignore list)
-include-templates: # Template based inclusion (allows overwriting nuclei-ignore list)
- - vulnerabilities/xxx
- - misconfiguration/xxxx
-
-# Template Denylist
-exclude-tags: info # Tag based exclusion
-exclude-templates: # Template based exclusion
- - vulnerabilities/xxx
- - misconfiguration/xxxx
-
-# Rate Limit configuration
-rate-limit: 500
-bulk-size: 50
-concurrency: 50
-```
-
-Once configured, **config file be used as default**, additionally custom config file can be also provided using `-config` flag.
-
-
-**Running nuclei with custom config file**
-
- ```
- nuclei -config project.yaml -list urls.txt
- ```
-
-
-
-## Nuclei **Reporting**
-
-Nuclei comes with reporting module support with the release of [v2.3.0](https://nuclei.projectdiscovery.io/releases/nuclei-changelog/#nuclei-v230-10-march-2021) supporting GitHub, GitLab, and Jira integration, this allows nuclei engine to create automatic tickets on the supported platform based on found results.
-
-| **Platform** | GitHub | GitLab | Jira | Markdown | SARIF | Elasticsearch | Splunk HEC |
-| ------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| **Support** | | | | | | | |
-
-`-rc, -report-config` flag can be used to provide a config file to read configuration details of the platform to integrate. Here is an [example config file](https://github.com/projectdiscovery/nuclei/blob/main/cmd/nuclei/issue-tracker-config.yaml) for all supported platforms.
-
-For example, to create tickets on GitHub, create a config file with the following content and replace the appropriate values:
-
-```yaml
-# GitHub contains configuration options for GitHub issue tracker
-
-github:
- username: '$user'
- owner: '$user'
- token: '$token'
- project-name: 'testing-project'
- issue-label: 'Nuclei'
-```
-
-Alternatively if you use GitLab, create a config file following content and replace the appropriate values:
-
-```yaml
-# GitLab contains configuration options for GitLab issue tracker
-
-gitlab:
- username: '$user'
- base-url: 'gitlab.com'
- token: '$token'
- project-name: 'testing-project'
- issue-label: 'nuclei-label'
- severity-as-label: true
- duplicate-issue-check: true
-```
-
-To store results in Elasticsearch, create a config file with the following content and replace the appropriate values:
-
-```yaml
-# elasticsearch contains configuration options for elasticsearch exporter
-elasticsearch:
- # IP for elasticsearch instance
- ip: 127.0.0.1
- # Port is the port of elasticsearch instance
- port: 9200
- # IndexName is the name of the elasticsearch index
- index-name: nuclei
-```
-
-To forward results to Splunk HEC, create a config file with the following content and replace the appropriate values:
-
-```yaml
-# splunkhec contains configuration options for splunkhec exporter
-splunkhec:
- # Hostname for splunkhec instance
- host: '$hec_host'
- # Port is the port of splunkhec instance
- port: 8088
- # IndexName is the name of the splunkhec index
- index-name: nuclei
- # SSL enables ssl for splunkhec connection
- ssl: true
- # SSLVerification disables SSL verification for splunkhec
- ssl-verification: true
- # HEC Token for the splunkhec instance
- token: '$hec_token'
-```
-
-To forward results to Jira, create a config file with the following content and replace the appropriate values:
-
-The Jira reporting options allows for custom fields, as well as using variables from the Nuclei templates in those custom fields.
-The supported variables currently are: `$CVSSMetrics`, `$CVEID`, `$CWEID`, `$Host`, `$Severity`, `$CVSSScore`, `$Name`
-
-In addition, Jira is strict when it comes to custom field entry. If the field is a dropdown, Jira accepts only the case sensitive specific string and the API call is slightly different. To support this, there are three types of customfields.
-
-- `name` is the dropdown value
-- `id` is the ID value of the dropdown
-- `freeform` is if the customfield the entry of any value
-
-To avoid duplication, the JQL query run can be slightly modified by the config file.
-The `CLOSED_STATUS` can be changed in the Jira template file using the `status-not` variable.
-`summary ~ TEMPLATE_NAME AND summary ~ HOSTNAME AND status != CLOSED_STATUS`
-
-```yaml
-jira:
- # cloud is the boolean which tells if Jira instance is running in the cloud or on-prem version is used
- cloud: true
- # update-existing is the boolean which tells if the existing, opened issue should be updated or new one should be created
- update-existing: false
- # URL is the jira application url
- url: https://localhost/jira
- # account-id is the account-id of the Jira user or username in case of on-prem Jira
- account-id: test-account-id
- # email is the email of the user for Jira instance
- email: test@test.com
- # token is the token for Jira instance or password in case of on-prem Jira
- token: test-token
- #project-name is the name of the project.
- project-name: test-project-name
- #issue-type is the name of the created issue type (case sensitive)
- issue-type: Bug
- # SeverityAsLabel (optional) sends the severity as the label of the created issue
- # User custom fields for Jira Cloud instead
- severity-as-label: true
- # Whatever your final status is that you want to use as a closed ticket - Closed, Done, Remediated, etc
- # When checking for duplicates, the JQL query will filter out status's that match this.
- # If it finds a match _and_ the ticket does have this status, a new one will be created.
- status-not: Closed
- # Customfield supports name, id and freeform. name and id are to be used when the custom field is a dropdown.
- # freeform can be used if the custom field is just a text entry
- # Variables can be used to pull various pieces of data from the finding itself.
- # Supported variables: $CVSSMetrics, $CVEID, $CWEID, $Host, $Severity, $CVSSScore, $Name
- custom_fields:
- customfield_00001:
- name: 'Nuclei'
- customfield_00002:
- freeform: $CVSSMetrics
- customfield_00003:
- freeform: $CVSSScore
-```
-
-**Running nuclei with reporting module:**
-
-```bash
-nuclei -l urls.txt -t cves/ -rc issue-tracker.yaml
-```
-
-Similarly, other platforms can be configured. Reporting module also supports basic filtering and duplicate checks to avoid duplicate ticket creation.
-
-```yaml
-allow-list:
- severity: high,critical
-```
-
-This will ensure to only creating tickets for issues identified with **high** and **critical** severity; similarly, `deny-list` can be used to exclude issues with a specific severity.
-
-If you are running periodic scans on the same assets, you might want to consider `-rdb, -report-db` flag that creates a local copy of the valid findings in the given directory utilized by reporting module to compare and **create tickets for unique issues only**.
-
-```bash
-nuclei -l urls.txt -t cves/ -rc issue-tracker.yaml -rdb prod
-```
-
-**Markdown Export**
-
-Nuclei supports markdown export of valid findings with `-me, -markdown-export` flag, this flag takes directory as input to store markdown formatted reports.
-
-Including request/response in the markdown report is optional, and included when `-irr, -include-rr` flag is used along with `-me`.
-
-```bash
-nuclei -l urls.txt -t cves/ -irr -markdown-export reports
-```
-
-**SARIF Export**
-
-Nuclei supports SARIF export of valid findings with `-se, -sarif-export` flag. This flag takes a file as input to store SARIF formatted report.
-
-```bash
-nuclei -l urls.txt -t cves/ -sarif-export report.sarif
-```
-
-It is also possible to visualize Nuclei results using **SARIF** files.
-
-1. By uploading a SARIF file to [SARIF Viewer](https://microsoft.github.io/sarif-web-component/)
-
-2. By uploading a SARIF file to [Github Actions](https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github)
-
-More info on the SARIF output is documented [here](https://github.com/projectdiscovery/nuclei/pull/2925).
-
-
- These are **not official** viewers of Nuclei and `Nuclei` has no liability
- towards any of these options to visualize **Nuclei** results. These are just
- some publicly available options to visualize SARIF files.
-
-
-## Scan **Metrics**
-
-Nuclei expose running scan metrics on a local port `9092` when `-metrics` flag is used and can be accessed at **localhost:9092/metrics**, default port to expose scan information is configurable using `-metrics-port` flag.
-
-Here is an example to query `metrics` while running nuclei as following `nuclei -t cves/ -l urls.txt -metrics`
-
-```bash
-curl -s localhost:9092/metrics | jq .
-```
-
-```json
-{
- "duration": "0:00:03",
- "errors": "2",
- "hosts": "1",
- "matched": "0",
- "percent": "99",
- "requests": "350",
- "rps": "132",
- "startedAt": "2021-03-27T18:02:18.886745+05:30",
- "templates": "256",
- "total": "352"
-}
-```
-
-## Passive Scan
-
-Nuclei engine supports passive mode scanning for HTTP based template utilizing file support, with this support we can run HTTP based templates against locally stored HTTP response data collected from any other tool.
-
-```sh
-nuclei -passive -target http_data
-```
-
-Passive mode support is limited for templates having `{{BasedURL}}` or `{{BasedURL/}}` as base path.
-
-## Running With Docker
-If Nuclei was installed within a Docker container based on the [installation instructions](./install),
-the executable does not have the context of the host machine. This means that the executable will not be able to access
-local files such as those used for input lists or templates. To resolve this, the container should be run with volumes
-mapped to the local filesystem to allow access to these files.
-
-### Basic Usage
-This example runs a Nuclei container against `google.com`, prints the results to JSON and removes the container once it
-has completed:
-```sh
-docker run --rm projectdiscovery/nuclei -u google.com -jsonl
-```
-
-### Using Volumes
-This example runs a Nuclei container against a list of URLs, writes the results to a `.jsonl` file and removes the
-container once it has completed.
-```sh
-# This assumes there's a file called `urls.txt` in the current directory
-docker run --rm -v ./:/app/ projectdiscovery/nuclei -l /app/urls.txt -jsonl /app/results.jsonl
-# The results will be written to `./results.jsonl` on the host machine once the container has completed
-```
diff --git a/docs/images/ai.jpg b/docs/images/ai.jpg
deleted file mode 100644
index ad0e018e5..000000000
Binary files a/docs/images/ai.jpg and /dev/null differ
diff --git a/docs/images/background.png b/docs/images/background.png
deleted file mode 100644
index b1160a8c6..000000000
Binary files a/docs/images/background.png and /dev/null differ
diff --git a/docs/images/editor.jpg b/docs/images/editor.jpg
deleted file mode 100644
index 07d7f6778..000000000
Binary files a/docs/images/editor.jpg and /dev/null differ
diff --git a/docs/images/share-template.jpg b/docs/images/share-template.jpg
deleted file mode 100644
index 2ca43c6ca..000000000
Binary files a/docs/images/share-template.jpg and /dev/null differ
diff --git a/docs/logo/dark.png b/docs/logo/dark.png
deleted file mode 100644
index 7b6252683..000000000
Binary files a/docs/logo/dark.png and /dev/null differ
diff --git a/docs/logo/light.png b/docs/logo/light.png
deleted file mode 100644
index 5b5dd4fa0..000000000
Binary files a/docs/logo/light.png and /dev/null differ
diff --git a/docs/mint.json b/docs/mint.json
deleted file mode 100644
index e14d5cc7f..000000000
--- a/docs/mint.json
+++ /dev/null
@@ -1,148 +0,0 @@
-{
- "$schema":"https://mintlify.com/schema.json",
- "name":"Nuclei Documentation",
- "logo":{
- "dark":"/logo/dark.png",
- "light":"/logo/light.png"
- },
- "favicon":"/favicon.png",
- "colors":{
- "primary":"#3B2FC9",
- "light":"#6673FF",
- "dark":"#3B2FC9"
- },
- "backgroundImage":"/images/background.png",
- "topbarCtaButton":{
- "type":"github",
- "url":"https://github.com/projectdiscovery/nuclei"
- },
- "topAnchor":{
- "name":"Getting Started",
- "icon":"circle-play"
- },
- "primaryTab":{
- "name":"Getting Started"
- },
- "tabs":[
- {
- "name":"Template Guide",
- "url":"template-guide"
- },
- {
- "name":"Template Example",
- "url":"template-example"
- },
- {
- "name":"Template Editor",
- "url":"editor"
- },
- {
- "name":"FAQ",
- "url":"faq"
- }
- ],
- "navigation":[
- {
- "group":"Getting Started",
- "pages":[
- "getting-started/overview",
- "getting-started/features",
- "getting-started/install",
- "getting-started/running"
- ]
- },
- {
- "group":"Template Guide",
- "pages":[
- "template-guide/introduction",
- "template-guide/template-details",
- {
- "group":"HTTPs",
- "pages":[
- "template-guide/http/base-http",
- "template-guide/http/raw-http",
- "template-guide/http/http-payloads",
- "template-guide/http/http-fuzzing",
- "template-guide/http/unsafe-http",
- "template-guide/http/advance-http"
- ]
- },
- "template-guide/headless",
- "template-guide/network",
- "template-guide/dns",
- "template-guide/file",
- "template-guide/javascript",
- "template-guide/code",
- "template-guide/multi",
- "template-guide/flow",
- {
- "group":"Operators",
- "pages":[
- "template-guide/operators/matchers",
- "template-guide/operators/extractors"
- ]
- },
- "template-guide/oob-testing",
- "template-guide/helper-functions",
- "template-guide/variables",
- "template-guide/preprocessors",
- "template-guide/workflows"
- ]
- },
- {
- "group":"Template Example",
- "pages":[
- {
- "group":"HTTP",
- "pages":[
- "template-example/http/base-http",
- "template-example/http/raw-http",
- "template-example/http/http-fuzzing",
- "template-example/http/http-smuggling",
- "template-example/http/http-payloads",
- "template-example/http/http-race-conditions"
- ]
- },
- "template-example/dns",
- "template-example/file",
- "template-example/headless",
- "template-example/network",
- "template-example/workflow",
- "template-example/helper-functions"
- ]
- },
- {
- "group":"Editor",
- "pages":[
- "editor/introduction",
- "editor/ai",
- "editor/share",
- "editor/shortcut",
- {
- "group":"REST API",
- "pages":[
- "editor/api/scan",
- "editor/api/generate"
- ]
- }
- ]
- },
- {
- "group":"FAQ",
- "pages":[
- "faq/nuclei",
- "faq/templates",
- "faq/editor"
- ]
- }
- ],
- "footerSocials":{
- "twitter":"https://twitter.com/pdnuclei",
- "github":"https://github.com/projectdiscovery/nuclei",
- "discord":"https://discord.com/invite/projectdiscovery"
- },
- "feedback":{
- "thumbsRating":true,
- "suggestEdit":true
- }
-}
\ No newline at end of file
diff --git a/docs/template-example/dns.mdx b/docs/template-example/dns.mdx
deleted file mode 100644
index d6d5f3262..000000000
--- a/docs/template-example/dns.mdx
+++ /dev/null
@@ -1,58 +0,0 @@
----
-title: "DNS"
----
-
-## Basic template
-
-Basic DNS Request to detect if a CNAME record exists for an input.
-
-```yaml
-id: basic-dns-example
-
-info:
- name: Test DNS Template
- author: pdteam
- severity: info
-
-dns:
- - name: "{{FQDN}}"
- type: CNAME
- class: inet
- recursion: true
- retries: 3
- matchers:
- - type: word
- words:
- # The response must contain a CNAME record
- - "IN\tCNAME"
-```
-
-## Multiple matcher
-
-An example showcasing multiple matchers of nuclei, allowing detection of Subdomains with CNAME records that point to either `zendesk.com` or `github.io`.
-
-```yaml
-id: multiple-matcher
-
-info:
- name: Test DNS Template
- author: pdteam
- severity: info
-
-dns:
- - name: "{{FQDN}}"
- type: CNAME
- class: inet
- recursion: true
- retries: 5
- matchers-condition: or
- matchers:
- - type: word
- name: zendesk
- words:
- - "zendesk.com"
- - type: word
- name: github
- words:
- - "github.io"
-```
diff --git a/docs/template-example/file.mdx b/docs/template-example/file.mdx
deleted file mode 100644
index 9b7e4b741..000000000
--- a/docs/template-example/file.mdx
+++ /dev/null
@@ -1,58 +0,0 @@
----
-title: "File"
----
-
-## Basic File Template
-
-This template checks for a pattern in provided files.
-
-```yaml
-id: ssh-public-key
-
-info:
- name: SSH Public Key Detect
- author: pd-team
- severity: low
-
-file:
- - extensions:
- - pub
- max-size: 1024 # read very small chunks
-
- matchers:
- - type: word
- words:
- - "ssh-rsa"
-```
-
-## Extension Denylist with No-Recursive
-
-The below template is same as last one, but it makes use of an extension denylist along with the no-recursive option.
-
-```yaml
-id: ssh-private-key
-
-info:
- name: SSH Private Key Detect
- author: pd-team
- severity: high
-
-file:
- - extensions:
- - all
- denylist:
- - pub
- no-recursive: true
- max-size: 1024 # read very small chunks
-
- matchers:
- - type: word
- words:
- - "BEGIN OPENSSH PRIVATE KEY"
- - "BEGIN PRIVATE KEY"
- - "BEGIN RSA PRIVATE KEY"
- - "BEGIN DSA PRIVATE KEY"
- - "BEGIN EC PRIVATE KEY"
- - "BEGIN PGP PRIVATE KEY BLOCK"
- - "ssh-rsa"
-```
\ No newline at end of file
diff --git a/docs/template-example/headless.mdx b/docs/template-example/headless.mdx
deleted file mode 100644
index 4183266f8..000000000
--- a/docs/template-example/headless.mdx
+++ /dev/null
@@ -1,276 +0,0 @@
----
-title: "Headless"
----
-
-## Basic Headless Navigation Example
-
-This template visits a URL in the headless browser and waits for it to load.
-
-```yaml
-id: basic-headless-request
-
-info:
- name: Basic Headless Request
- author: pdteam
- severity: info
-
-headless:
- - steps:
- - action: navigate
- args:
- url: "{{BaseURL}}"
- - action: waitload
-```
-
-## Headless prototype pollution detection
-
-The below template detects prototype pollution on pages with Nuclei headless capabilities. The code for detection is taken from [https://github.com/msrkp/PPScan](https://github.com/msrkp/PPScan). We make use of script injection capabilities of nuclei to provide reliable detection for prototype pollution.
-
-```yaml
-id: prototype-pollution-check
-
-info:
- name: Prototype Pollution Check
- author: pd-team
- severity: medium
- reference: https://github.com/msrkp/PPScan
-
-headless:
- - steps:
- - action: setheader
- args:
- part: response
- key: Content-Security-Policy
- value: "default-src * 'unsafe-inline' 'unsafe-eval' data: blob:;"
- - action: setheader
- args:
- part: response
- key: X-Frame-Options
- value: foo
- - action: setheader
- args:
- part: response
- key: If-None-Match
- value: foo
- # Set the hook to override window.data for xss detection
- - action: script
- args:
- hook: true
- code: |
- // Hooking code adapted from https://github.com/msrkp/PPScan/blob/main/scripts/content_script.js
- (function() {window.alerts = [];
-
- function logger(found) {
- window.alerts.push(found);
- }
-
- function check() {
- loc = location.href;
-
- if (loc.indexOf("e32a5ec9c99") >= 0 && loc.search("a0def12bce") == -1) {
- setTimeout(function() {
- if (Object.prototype.e32a5ec9c99 == "ddcb362f1d60") {
- logger(location.href);
- }
- var url = new URL(location.origin + location.pathname);
- url.hash = "__proto__[a0def12bce]=ddcb362f1d60&__proto__.a0def12bce=ddcb362f1d60&dummy";
- location = url.href;
- }, 5 * 1000);
- } else if (loc.search("a0def12bce") != -1) {
- setTimeout(function() {
- if (Object.prototype.a0def12bce == "ddcb362f1d60") {
- logger(location.href);
- }
- window.close();
- }, 5 * 1000);
- } else {
- var url = new URL(loc);
- url.searchParams.append("__proto__[e32a5ec9c99]", "ddcb362f1d60");
- url.searchParams.append("__proto__.e32a5ec9c99", "ddcb362f1d60");
- location = url.href;
- }
- }
-
- window.onload = function() {
- if (Object.prototype.e32a5ec9c99 == "ddcb362f1d60" || Object.prototype.a0def12bce == "ddcb362f1d60") {
- logger(location.href);
- } else {
- check();
- }
- };
-
- var timerID = setInterval(function() {
- if (Object.prototype.e32a5ec9c99 == "ddcb362f1d60" || Object.prototype.a0def12bce == "ddcb362f1d60") {
- logger(location.href);
- clearInterval(timerID);
- }
- }, 5 * 1000)})();
- - args:
- url: "{{BaseURL}}"
- action: navigate
- - action: waitload
- - action: script
- name: alerts
- args:
- code: "window.alerts"
- matchers:
- - type: word
- part: alerts
- words:
- - "__proto__"
- extractors:
- - type: kval
- part: alerts
- kval:
- - alerts
-```
-
-## DVWA XSS Reproduction With Headless Mode
-
-This template logs into DVWA (Damn Vulnerable Web App) and tries to automatically reproduce a Reflected XSS, returning a match if it found that the payload was executed successfully.
-
-```yaml
-id: dvwa-xss-verification
-
-info:
- name: DVWA Reflected XSS Verification
- author: pd-team
- severity: info
-
-headless:
- - steps:
- - args:
- url: "{{BaseURL}}"
- action: navigate
- - action: waitload
-
- # Set the hook to override window.data for xss detection
- - action: script
- args:
- hook: true
- code: "(function() { window.alert = function() { window.data = 'found' } })()"
- - args:
- by: x
- value: admin
- xpath: /html/body/div/div[2]/form/fieldset/input
- action: text
- - args:
- by: x
- value: password
- xpath: /html/body/div/div[2]/form/fieldset/input[2]
- action: text
- - args:
- by: x
- xpath: /html/body/div/div[2]/form/fieldset/p/input
- action: click
- - action: waitload
- - args:
- by: x
- xpath: /html/body/div/div[2]/div/ul[2]/li[11]/a
- action: click
- - action: waitload
- - args:
- by: x
- value: '">
")}}
- 24: {{html_unescape("<body>test</body>")}}
- 25: {{join("_", "hello", "world")}}
- 26: {{len("Hello")}}
- 27: {{len(5555)}}
- 28: {{md5("Hello")}}
- 29: {{md5(1234)}}
- 30: {{mmh3("Hello")}}
- 31: {{print_debug(1+2, "Hello")}}
- 32: {{rand_base(5, "abc")}}
- 33: {{rand_base(5, "")}}
- 34: {{rand_base(5)}}
- 35: {{rand_char("abc")}}
- 36: {{rand_char("")}}
- 37: {{rand_char()}}
- 38: {{rand_int(1, 10)}}
- 39: {{rand_int(10)}}
- 40: {{rand_int()}}
- 41: {{rand_ip("192.168.0.0/24")}}
- 42: {{rand_ip("2002:c0a8::/24")}}
- 43: {{rand_ip("192.168.0.0/24","10.0.100.0/24")}}
- 44: {{rand_text_alpha(10, "abc")}}
- 45: {{rand_text_alpha(10, "")}}
- 46: {{rand_text_alpha(10)}}
- 47: {{rand_text_alphanumeric(10, "ab12")}}
- 48: {{rand_text_alphanumeric(10)}}
- 49: {{rand_text_numeric(10, 123)}}
- 50: {{rand_text_numeric(10)}}
- 51: {{regex("H([a-z]+)o", "Hello")}}
- 52: {{remove_bad_chars("abcd", "bc")}}
- 53: {{repeat("a", 5)}}
- 54: {{replace("Hello", "He", "Ha")}}
- 55: {{replace_regex("He123llo", "(\\d+)", "")}}
- 56: {{reverse("abc")}}
- 57: {{sha1("Hello")}}
- 58: {{sha256("Hello")}}
- 59: {{to_lower("HELLO")}}
- 60: {{to_upper("hello")}}
- 61: {{trim("aaaHelloddd", "ad")}}
- 62: {{trim_left("aaaHelloddd", "ad")}}
- 63: {{trim_prefix("aaHelloaa", "aa")}}
- 64: {{trim_right("aaaHelloddd", "ad")}}
- 65: {{trim_space(" Hello ")}}
- 66: {{trim_suffix("aaHelloaa", "aa")}}
- 67: {{unix_time(10)}}
- 68: {{url_decode("https:%2F%2Fprojectdiscovery.io%3Ftest=1")}}
- 69: {{url_encode("https://projectdiscovery.io/test?a=1")}}
- 70: {{wait_for(1)}}
- 71: {{zlib("Hello")}}
- 72: {{zlib_decode(hex_decode("789cf248cdc9c907040000ffff058c01f5"))}}
- 73: {{hex_encode(aes_gcm("AES256Key-32Characters1234567890", "exampleplaintext"))}}
- 74: {{starts_with("Hello", "He")}}
- 75: {{ends_with("Hello", "lo")}}
- 76: {{line_starts_with("Hi\nHello", "He")}}
- 77: {{line_ends_with("Hello\nHi", "lo")}}
- 78: {{ip_format("169.254.169.254", 4)}}
-```
\ No newline at end of file
diff --git a/docs/template-example/http/base-http.mdx b/docs/template-example/http/base-http.mdx
deleted file mode 100644
index bdd335f20..000000000
--- a/docs/template-example/http/base-http.mdx
+++ /dev/null
@@ -1,218 +0,0 @@
----
-title: "Base HTTP"
----
-
-## Basic Template
-
-This template requests `/` path of URL and match string in the response.
-
-
-```yaml
-id: basic-example
-
-info:
- name: Test HTTP Template
- author: pdteam
- severity: info
-
-http:
- - method: GET
- path:
- - "{{BaseURL}}"
- matchers:
- - type: word
- words:
- - "This is test matcher text"
-```
-
-## Multiple matchers
-
-This template requests `/` path of URL and run multiple OR based matchers against response.
-
-
-```yaml
-id: http-multiple-matchers
-
-info:
- name: Test HTTP Template
- author: pdteam
- severity: info
-
-http:
- - method: GET
- path:
- - "{{BaseURL}}"
-
- matchers:
- - type: word
- name: php
- words:
- - "X-Powered-By: PHP"
- - "PHPSESSID"
- part: header
-
- - type: word
- name: node
- words:
- - "Server: NodeJS"
- - "X-Powered-By: nodejs"
- condition: or
- part: header
-
- - type: word
- name: python
- words:
- - "Python/2."
- - "Python/3."
- part: header
-```
-
-## Matchers with conditions
-
-This template requests `/` path of URL and runs two matchers, one with AND conditions with string match in header and another matcher against response body.
-
-
-```yaml
-id: matchers-conditions
-
-info:
- name: Test HTTP Template
- author: pdteam
- severity: info
-
-http:
- - method: GET
- path:
- - "{{BaseURL}}"
-
- matchers:
- - type: word
- words:
- - "X-Powered-By: PHP"
- - "PHPSESSID"
- condition: and
- part: header
-
- - type: word
- words:
- - "PHP"
- part: body
-```
-## Multiple matcher conditions
-
-This template requests `/` path of URL and runs two matchers with AND conditions, one with OR conditions with string match in header and another matcher against response body, both condition has to be true in order to match this template.
-
-```yaml
-id: multiple-matchers-conditions
-
-info:
- name: Test HTTP Template
- author: pdteam
- severity: info
-
-http:
- - method: GET
- path:
- - "{{BaseURL}}"
-
- matchers-condition: and
- matchers:
-
- - type: word
- words:
- - "X-Powered-By: PHP"
- - "PHPSESSID"
- condition: or
- part: header
-
- - type: word
- words:
- - PHP
- part: body
-```
-
-## Custom headers
-
-This template requests `/` path of the URL as GET request with additional custom headers defined in the template.
-
-```yaml
-id: custom-headers
-
-info:
- name: Test HTTP Template
- author: pdteam
- severity: info
-
-http:
- - method: GET
-
- # Example of sending some headers to the servers
-
- headers:
-
- X-Client-IP: 127.0.0.1
- X-Remote-IP: 127.0.0.1
- X-Remote-Addr: 127.0.0.1
- X-Forwarded-For: 127.0.0.1
- X-Originating-IP: 127.0.0.1
-
- path:
- - "{{BaseURL}}/server-status"
-
- matchers:
- - type: word
- words:
- - Apache Server Status
- - Server Version
- condition: and
-```
-
-## POST requests
-
-This template makes POST request to `/admin` endpoint with defined data as body parameter in the template.
-
-
-
-```yaml
-id: post-request
-
-info:
- name: Test HTTP Template
- author: pdteam
- severity: info
-
-http:
- - method: POST
- path:
- - "{{BaseURL}}/admin"
-
- body: 'admin=test'
-
- matchers:
- - type: word
- words:
- - Welcome Admin
-```
-
-## Time based Matcher
-
-This template is example of DSL based duration matcher that returns `true` when the response time matched the defined duration, in this case 6 or more than 6 seconds.
-
-```yaml
-id: time-based-matcher
-
-info:
- name: DSL based response time matcher
- author: pdteam
- severity: none
-
-http:
- - raw:
- - |
- GET /slow HTTP/1.1
-
- matchers:
- - type: dsl
- dsl:
- - 'duration>=6'
-```
diff --git a/docs/template-example/http/http-fuzzing.mdx b/docs/template-example/http/http-fuzzing.mdx
deleted file mode 100644
index d814da1d7..000000000
--- a/docs/template-example/http/http-fuzzing.mdx
+++ /dev/null
@@ -1,209 +0,0 @@
----
-title: "HTTP Fuzzing"
----
-
-## Basic SSTI Template
-
-A simple template to discover `{{
-
-[Nuclei Template Editor](https://templates.nuclei.sh/) has AI to generate templates for vulnerability reports. This document helps to guide you through the process, offering you usage tips and examples.
-
-## Overview
-
-Powered by public Nuclei templates and a rich CVE data set, the AI understands a broad array of security vulnerabilities. First, the system interprets the user's prompt to identify a specific vulnerability. Then, it generates a template based on the steps required to reproduce the vulnerability along with all the necessary meta information to reproduce and remediate.
-
----
-
-## Initial Setup
-
-Kick start your AI Assistance experience with these steps:
-
-1. **Provide Detailed Information**: Construct comprehensive Proof of Concepts (PoCs) for vulnerabilities like Cross-Site Scripting (XSS), and others.
-2. **Understand the Template Format**: Get to grips with the format to appropriately handle and modify the generated template.
-3. **Validation and Linting**: Utilize the integrated linter to guarantee the template's validity.
-4. **Test the Template**: Evaluate the template against a test target ensuring its accuracy.
-
-
----
-
-## Best Practices
-
-* **Precision Matters**: Detailed prompts yield superior templates.
-* **Review and Validate**: Consistently check matchers' accuracy.
-* **Template Verification**: Validate the template on known vulnerable targets before deployment.
----
-
-## Example Prompts
-
-The following examples demonstrate different vulnerabilities and the corresponding Prompt.
-
-
-
-To share a template, click on the "Share" button which generates a link that can be sent to others.
-
-## How to Share Public Templates
-
-Public templates are designed for ease of sharing. You don't need to be authenticated to share them, meaning there's no need to log in. These templates are mapped with their Template ID, following a static URL pattern. For instance, a public template URL might resemble this: [https://templates.nuclei.sh/public/CVE-2023-35078](https://templates.nuclei.sh/public/CVE-2023-35078). In the given URL, `CVE-2023-35078` is the Template ID representing the template in the [nuclei-templates](https://github.com/projectdiscovery/nuclei-templates) project.
-
-## How to Share User Templates
-
-User templates, unlike public templates, require authentication for sharing. These templates are assigned a unique, UUID-based ID similar to YouTube's unlisted URLs for sharing purposes. This means anyone given the shared URL will be able to access the template.
-
-## Revoking Access to Shared Templates
-
-If at any point you want to limit the access to the shared template, it is as simple as changing the visibility of the template to private. After this change, the originally shared link will become inactive. However, you have the flexibility to share it again, which would generate a new unique ID.
-
-Please remember, while sharing is easy, it's important to distribute the URL cautiously as the link allows full access to the shared template.
diff --git a/docs/editor/shortcut.mdx b/docs/editor/shortcut.mdx
deleted file mode 100644
index 3b51a659c..000000000
--- a/docs/editor/shortcut.mdx
+++ /dev/null
@@ -1,20 +0,0 @@
----
-title: 'Editor Shortcut'
----
-
-Nuclei Template Editor is equipped with keyboard shortcuts to make your work process more efficient. You can utilize these shortcuts whether you're creating a new template or optimizing an existing one, enabling quicker actions without interfering with your workflow.
-
-Here is a list of the actions, along with their corresponding shortcut keys and descriptions:
-
-| **Action** | **Shortcut Key** | **Description** |
-| ---------------------- | ----------------------- | ----------------------------------------------------- |
-| Save Template | **CMD + S** | Saves the current template. |
-| Duplicate Template | **CMD + D** | Creates a copy of a public template. |
-| Execute Template | **CMD + SHIFT + SPACE** | Run a scan with the current template. |
-| Share Template Link | **ALT + SHIFT + SPACE** | Generates a URL for sharing the current template. |
-| Search Templates | **CMD + K** | Searches within your own templates. |
-| Copy Template | **CMD + SHIFT + C** | Copies the selected template to your clipboard. |
-| Show/Hide Side Bar | **CMD + B** | Toggles the visibility of the side bar. |
-| Show/Hide Debug Panel | **CMD + SHIFT + M** | Toggles the visibility of the debug panel for extra insight. |
-
-**Note:** For Mac users, the CMD key is used for these shortcuts. Non-Mac users (Windows and Linux) should use the CTRL key instead.
\ No newline at end of file
diff --git a/docs/faq/editor.mdx b/docs/faq/editor.mdx
deleted file mode 100644
index ded8ac548..000000000
--- a/docs/faq/editor.mdx
+++ /dev/null
@@ -1,12 +0,0 @@
----
-title: 'Editor'
----
-
-### **Q: Who owns the templates generated by the AI?**
-**A:** You own any templates generated by the AI through the Nuclei Templates Editor. They are your property, and you are granted a perpetual license to use and modify them as you see fit.
-
-### **Q: How accurate are the templates generated by the AI?**
-**A:** The accuracy of the generated templates is primarily dependent on the detail and specificity of the input you provide. The more detailed information you supply, the better the AI can understand the context and create an accurate template. However, as with any AI tool, it is highly recommended to review, validate, and test any generated templates before using them in a live environment.
-
-### **Q: Does AI learn from the templates I generate?**
-**A:** No, AI does not use the templates you generate for further training or improvement of the AI model. The system only utilizes public templates and CVE data for training, ensuring your unique templates remain confidential.
diff --git a/docs/faq/nuclei.mdx b/docs/faq/nuclei.mdx
deleted file mode 100644
index 4ab2a45ad..000000000
--- a/docs/faq/nuclei.mdx
+++ /dev/null
@@ -1,130 +0,0 @@
----
-title: "Nuclei"
----
-
-