Basic Usage Example
This tool offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless etc. It is used to send requests across target(s) based on a template, leading to zero false positives and providing fast scanning on a large number of hosts.
By default, nuclei tool uses ready-to-go community-curated templates. If you find more appropriate to write and use your own template(s), provide GitHub repository URL containing your template(s), as a nuclei
template input's value:
In the examples below, we're performing scanning with community-curated nuclei templates.
Vulnerability Scanning of One Domain
Pass a domain (e.g. trickest.io) to the
target input, as
string type value:
Vulnerability Scanning of Multiple Domain
Pass a list of domains to the
urls-list input, as file type value:
Using single template file
If you want to pass to
nuclei private uploaded file as a single template, you can use
custom-script like below. Script will copy template file to input folder and pass it further to
Improving scanning performance
Tool options related to speed
Nuclei has some options that will make it faster depending on your list of targets. You can take a look at:
Tool options related to filtering
It might be a good idea to filter the templates that are passed to nuclei, using one or more of the following options:
exclude-severity (info and low templates may or may not be worth it for you), and
automatic-scan that will let nuclei run templates based on the discovered technologies.
Tool options related to debugging
It's always good to have more debug info using the
stats flags so that you can analyze the tool's stdout and figure out ways to make it go faster.