Nuclei – Fast and Customizable Vulnerability Scanner
Nuclei is a Fast and Customizable Vulnerability Scanner. Nuclei tool is Golang Language-based tool used to send requests across multiple targets based on nuclei templates leading to zero false positive or irrelevant results and provides fast scanning on various hosts. Nuclei have built-in support to automatically update the templates to their newer version with more data. Nuclei-templates projects provide a regular Updates list to ready-to-use templates regularly. Nuclei offer to scan for various protocols, including DNS, HTTP, TCP, and many more. All kinds of security checks can be performed using nuclei templates.
Note: As Nuclei is a Golang language-based tool, so you need to have a Golang environment on your system.
Installation of Nuclei Tool in Kali Linux
Step 1: If you have downloaded Golang in your system, verify the installation by checking the version of Golang, use the following command.
Step 2: Get the Nuclei repository or clone the Nuclei tool from Github, use the following command.
sudo GO111MODULE=on go get -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei
Step 3: Copy the Nuclei tool in the bin directory so we can easily use the tool without running the tool manually by golang, use the following command.
sudo cp /root/go/bin/nuclei /usr/local/go/bin/
Step 4: Update the Nuclei templates, use the following command.
sudo nuclei -update-templates
Step 5: Check the help menu page to get a better understanding of the Nuclei tool, use the following command.
Example 1: Running single template
nuclei -u http://testphp.vulnweb.com/ -t technologies/ngix-version.yaml
Example 2: Running multiple templates with speed.
nuclei -u http://example.com -t cves/ -t exposures/
Example 3: Scanning for CVEs on a given list of URLs.
nuclei -l target_urls.txt -t cves/
Example 4: Excluding single template.
nuclei -u https://evil.com -t cves/ - evclude-templates cves/2020/
Example 5: Excluding single template.
nuclei -u http://example.com -exclude-templates exposed-panels/ -exclude-templates technologies/
Example 6: Excluding templates with a single tag.
nuclei -u https://facebook.com -t cves/ -etags xss
Example 7: Excluding templates with multiple tags.
nuclei -u geeksforgeeks.org -t cves/ -etags sqli.rce
Example 8: Running blocked templates.
nuclei -l target_urls.txt -include-tags iot,misc,fuzz
Please Login to comment...