Nuclei is a fast and customisable vulnerability scanner based on simple YAML based DSL. It focuses on extensive configurability, massive extensibility and ease of use.
It’s used to send requests across targets based on a template, leading to zero false positives and providing fast scanning on a large number of hosts.
The software offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless, Code etc. With powerful and flexible templating, Nuclei can be used to model all kinds of security checks.
At its core, Nuclei uses templates—expressed as straightforward YAML files, that delineate methods for detecting, ranking, and addressing specific security flaws.
Each template delineates a possible attack route, detailing the vulnerability, its severity, priority rating, and occasionally associated exploits. This template-centric methodology ensures Nuclei not only identifies potential threats, but pinpoints exploitable vulnerabilities with tangible real-world implications.
This is free and open source software.
Key Features
- Extensive Template Library – offers a vast collection of community-powered templates for targeted scans of various vulnerabilities and attack vectors.
- Versatile Target Specification – support for various target specification options, such as URLs, IP ranges, ASN range, and file input, allowing flexibility in defining the scanning scope.
- Bulk Scanning – perform bulk scanning by specifying multiple targets at once, enabling efficient scanning of a large number of assets or websites.
- Flexible Customization – customize scanning templates to fit specific needs, allowing tailored scanning and focusing on relevant security checks.
- Parallel Scanning – supports parallel scanning, reducing scanning time and improving efficiency, especially for large-scale targets.
- Comprehensive Reporting – generates detailed reports with actionable insights, including vulnerability details, severity levels, affected endpoints, and suggested remediation steps.
- Integration with CI/CD Pipelines – seamlessly integrate Nuclei into CI/CD pipelines for automated security testing as part of the development and deployment process.
- CI/CD Integration.
- Ticketing integration – two-way ticketing integration with Jira, Splunk, and many others to easily remediate and retest vulnerabilities.
- Customizable Output Format – configure the output format of Nuclei’s scan results to suit your needs, including options for JSON, YAML, and more.
- Dynamic Variables – use dynamic variables in templates to perform parameterized scanning, enabling versatile and flexible scanning configurations.
- Inclusion and Exclusion Filters – apply inclusion and exclusion filters to specify targets, reducing scanning scope and focusing on specific areas of interest.
- Authentication Support – supports various authentication mechanisms, including HTTP basic authentication, JWT token authentication, and more.
- Embedding custom code in templates – execute custom code within Nuclei templates to incorporate user-defined logic, perform advanced scanning actions, and more.
Website: github.com/projectdiscovery/nuclei
Support:
Developer: ProjectDiscovery, Inc.
License: MIT License
Nuclei is written in Go. Learn Go with our recommended free books and free tutorials.
Related Software
| Vulnerability Detection Tools | |
|---|---|
| Metasploit | Penetration testing framework |
| Nuclei | Fast and customisable vulnerability scanner |
| OpenVAS | Full-featured vulnerability scanner |
| Nikto | Web server scanner |
| Lynis | Auditing, system hardening, compliance testing |
| grype | Vulnerability scanner for container images and filesystems |
| OSSEC | Centralized architecture for monitoring and managing multiple systems |
| OpenSCAP | NIST Certified SCAP 1.2 toolkit |
| octoscan | Static vulnerability scanner for GitHub action workflows |
| Greenbone | Central management service between security scanners and the user clients. |
| Terrapin | Terrapin Vulnerability Scanner for the Terrapin attack |
| Tiger | Security audit and intrusion detection too |
| PRS | Web security scanner |
| Trivy | Terrapin Vulnerability Scanner for the Terrapin attack |
Read our verdict in the software roundup.
 Explore our comprehensive directory of recommended free and open source software. Our carefully curated collection spans every major software category.This directory is part of our ongoing series of informative articles for Linux enthusiasts. It features hundreds of detailed reviews, along with open source alternatives to proprietary solutions from major corporations such as Google, Microsoft, Apple, Adobe, IBM, Cisco, Oracle, and Autodesk. You’ll also find interesting projects to try, hardware coverage, free programming books and tutorials, and much more. Discovered a useful open source Linux program that we haven’t covered yet? Let us know by completing this form. |