Open In App

Nuclei – Fast and Customizable Vulnerability Scanner

Last Updated : 28 Jul, 2021
Improve
Improve
Like Article
Like
Save
Share
Report

Nuclei is a Fast and Customizable Vulnerability Scanner. Nuclei tool is Golang Language-based tool used to send requests across multiple targets based on nuclei templates leading to zero false positive or irrelevant results and provides fast scanning on various hosts. Nuclei have built-in support to automatically update the templates to their newer version with more data. Nuclei-templates projects provide a regular Updates list to ready-to-use templates regularly. Nuclei offer to scan for various protocols, including DNS, HTTP, TCP, and many more. All kinds of security checks can be performed using nuclei templates.

Note: As Nuclei is a Golang language-based tool, so you need to have a Golang environment on your system.

Installation of Nuclei Tool in Kali Linux

Step 1: If you have downloaded Golang in your system, verify the installation by checking the version of Golang, use the following command.

go version

Step 2: Get the Nuclei repository or clone the Nuclei tool from Github, use the following command.

sudo GO111MODULE=on go get -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei

Step 3: Copy the Nuclei tool in the bin directory so we can easily use the tool without running the tool manually by golang, use the following command.

sudo cp /root/go/bin/nuclei /usr/local/go/bin/

Step 4: Update the Nuclei templates, use the following command.

sudo nuclei -update-templates

Step 5: Check the help menu page to get a better understanding of the Nuclei tool, use the following command.

nuclei -h

Usages:

Example 1: Running single template

nuclei -u http://testphp.vulnweb.com/ -t technologies/ngix-version.yaml

Example 2: Running multiple templates with speed.

nuclei -u http://example.com -t cves/ -t exposures/

Example 3: Scanning for CVEs on a given list of URLs.

nuclei -l target_urls.txt -t cves/

Example 4: Excluding single template.

nuclei -u https://evil.com -t cves/ - evclude-templates cves/2020/

Example 5: Excluding single template.

nuclei -u http://example.com -exclude-templates exposed-panels/ -exclude-templates technologies/

Example 6: Excluding templates with a single tag.

nuclei -u https://facebook.com -t cves/ -etags xss

Example 7: Excluding templates with multiple tags.

nuclei -u geeksforgeeks.org -t cves/ -etags sqli.rce

Example 8: Running blocked templates.

nuclei -l target_urls.txt -include-tags iot,misc,fuzz


Like Article
Suggest improvement
Previous
Detecting and Checking Rootkits with Chkrootkit and rkhunter Tool in Kali Linux
Next
MassDNS - High-Performance DNS Stub Resolver Tool
Share your thoughts in the comments

Similar Reads

FinDOM-XSS - Fast DOM Based XSS Vulnerability Scanner
Fuxploider - File Upload Vulnerability Scanner And Exploitation Tool
Vscan - Vulnerability Scanner Tool Using Nmap And NSE Scripts in Kali Linux
Vulnnr – Vulnerability Scanner and Auto Exploiter in Kali Linux
X Attacker Tool - Website Vulnerability Scanner and Auto Exploiter
JoomScan Vulnerability Scanner Tool in Kali Linux
PwnXSS - Automated XSS Vulnerability Scanner Tool in Kali Linux
RapidScan – The Multi-Tool Web Vulnerability Scanner in Kali Linux
Traxss – Automated XSS Vulnerability Scanner
Pyfiscan - Local Web Application Vulnerability Scanner

G
gauravgandal
Article Tags :
We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy
Lightbox