Open In App

Nuclei – Fast and Customizable Vulnerability Scanner

Last Updated : 28 Jul, 2021
Like Article

Nuclei is a Fast and Customizable Vulnerability Scanner. Nuclei tool is Golang Language-based tool used to send requests across multiple targets based on nuclei templates leading to zero false positive or irrelevant results and provides fast scanning on various hosts. Nuclei have built-in support to automatically update the templates to their newer version with more data. Nuclei-templates projects provide a regular Updates list to ready-to-use templates regularly. Nuclei offer to scan for various protocols, including DNS, HTTP, TCP, and many more. All kinds of security checks can be performed using nuclei templates.

Note: As Nuclei is a Golang language-based tool, so you need to have a Golang environment on your system.

Installation of Nuclei Tool in Kali Linux

Step 1: If you have downloaded Golang in your system, verify the installation by checking the version of Golang, use the following command.

go version

Step 2: Get the Nuclei repository or clone the Nuclei tool from Github, use the following command.

sudo GO111MODULE=on go get -v

Step 3: Copy the Nuclei tool in the bin directory so we can easily use the tool without running the tool manually by golang, use the following command.

sudo cp /root/go/bin/nuclei /usr/local/go/bin/

Step 4: Update the Nuclei templates, use the following command.

sudo nuclei -update-templates

Step 5: Check the help menu page to get a better understanding of the Nuclei tool, use the following command.

nuclei -h


Example 1: Running single template

nuclei -u -t technologies/ngix-version.yaml

Example 2: Running multiple templates with speed.

nuclei -u -t cves/ -t exposures/

Example 3: Scanning for CVEs on a given list of URLs.

nuclei -l target_urls.txt -t cves/

Example 4: Excluding single template.

nuclei -u -t cves/ - evclude-templates cves/2020/

Example 5: Excluding single template.

nuclei -u -exclude-templates exposed-panels/ -exclude-templates technologies/

Example 6: Excluding templates with a single tag.

nuclei -u -t cves/ -etags xss

Example 7: Excluding templates with multiple tags.

nuclei -u -t cves/ -etags sqli.rce

Example 8: Running blocked templates.

nuclei -l target_urls.txt -include-tags iot,misc,fuzz

Like Article
Suggest improvement
Share your thoughts in the comments

Similar Reads