Getting started
Knowledge hub
- Overview
-
-
- 34 M Wordlist Subdomain Brute Force
- Asn Based Network Scan
- Asset Discovery and Vulnerability Scanning
- Custom Subdomain Brute Force Wordlist From Ip Ranges
- Enumerate Cloud Resources
- Full Subdomain Enumeration
- Get Ips and Cnames
- Getdns
- Github Recon and Scanner
- Hostnames S3 Bucket Finder
- Simple Content Discovery
-
-
- amass
- anew
- apkurlgrep
- assetfinder
- cent
- cero
- cewl
- cloudenum
- crosslinked
- dnsdumpster-dns-lookup
- dnsdumpster-host-search
- dnstwist
- dnsvalidator
- dsieve
- dumpsterdiver
- eyeballer
- ffuf
- find-gh-poc
- findomain
- gau
- generate-yaml-report
- get-asn-prefixes
- get-trickest-output
- gf
- github-subdomains
- goaltdns
- gospider
- gotator
- hakcheckurl
- httprobe
- httpx
- infoga
- ipinfo
- jldc-subdomains
- katana
- mapcidr
- mass-linkfinder
- masscan
- massdns
- meg
- mksub
- naabu
- notify
- nrich
- nuclei
- oneforall
- puredns
- pymeta
- s3scanner
- securitytrails-subdomains
- spiderfoot
- sslyze
- subdomainizer
- subfinder
- tlsx
- uncover
- unfurl
- uro
- vita
- webanalyze-1
- webanalyze
- x8
Tutorials
- Creating a Workflow
- Downloading a Result
- Executing a Workflow
- How Do Machines Work
- Keeping Track of a Run
- Navigating in Workflow Editor
- Overview
- Saving a Workflow and History
- Scheduling a Workflow
- Using Workflows From Library
Concepts
nuclei
Basic Usage Example
This tool offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless etc. It is used to send requests across target(s) based on a template, leading to zero false positives and providing fast scanning on a large number of hosts.
Providing template
By default, nuclei tool uses ready-to-go community-curated templates. If you find more appropriate to write and use your own template(s), provide GitHub repository URL containing your template(s), as a nuclei template input’s value:
Scanning with your own nuclei templates
In the examples below, we’re performing scanning with community-curated nuclei templates.
Vulnerability Scanning of One Domain
Pass a domain (e.g. trickest.io) to the target input, as string type value:
Scanning target with community-curated nuclei templates
Vulnerability Scanning of Multiple Domain
Pass a list of domains to the urls-list input, as file type value:
trickest.com
trickest.io
Scanning targets with community-curated nuclei templates
Improvements
Using single template file
If you want to pass to nuclei private uploaded file as a single template, you can use custom-script like below. Script will copy template file to input folder and pass it further to nuclei.
Custom script command
Improving scanning performance
Tool options related to speed
Nuclei has some options that will make it faster depending on your list of targets. You can take a look at: bulk-size and rate-limit threads.
Tool options related to filtering
It might be a good idea to filter the templates that are passed to nuclei, using one or more of the following options: severity and exclude-severity (info and low templates may or may not be worth it for you), and automatic-scan that will let nuclei run templates based on the discovered technologies.
Tool options related to debugging
It’s always good to have more debug info using the verbose and stats flags so that you can analyze the tool’s stdout and figure out ways to make it go faster.
Notable Workflows
Get a Video Demo
Fill out and submit this form to receive an in-depth video demo of the Trickest platform.
Talk To Sales
Fill out the form and we'll get back to you about any questions you have on our products, services, pricing, or scheduling a demo.