Skip to content

Instantly share code, notes, and snippets.

@lemajes

lemajes/NUCLEI-101.md

Last active September 1, 2023 10:15
Show Gist options
  • Save lemajes/243b3ae0d9716c81cf2ab56510c09ed2 to your computer and use it in GitHub Desktop.
Save lemajes/243b3ae0d9716c81cf2ab56510c09ed2 to your computer and use it in GitHub Desktop.
Download ZIP
[NUCLEI 101] Nuclei 101 #bash #linux #go #nuclei #101
Raw
NUCLEI-101.md

NUCLEI 101

  • Keep installing templates (bug) /root/go/bin/nuclei -ut -ud nuclei-templates -v

  • List templates /root/go/bin/nuclei -tl

  • Run on a website /root/go/bin/nuclei -u hxxps://xxx.xxx.xxx.xxx

  • Run a custom template on a website /root/go/bin/nuclei -u https://this.local -t nuclei_templates/this.yaml

  • Run a custom template on a list of websites and output to file /root/go/bin/nuclei -t nuclei_templates/this.yaml -t list.txt -o output.txt

  • Run a folder of templates on a list of websites and output to file /root/go/bin/nuclei -t nuclei_templates -t list.txt -o output.txt

  • Run a workflow for wordpress /root/go/bin/nuclei -w workflows/wordpress-workflow.yaml -u https://mywebsite.local -o output.txt

Raw
template_example.yaml
id: xmlrpc_access
info:
name: xmlrpc access
author: me
severity: high
description: Check if xmlrpc is not accessible
tags: wordpress,xmlrpc
requests:
- method: GET
redirects: true
path:
- "{{BaseURL}}/xmlrpc.php"
max-redirects: 3
matchers:
- type: status
status:
- 403
negative: yes
Raw
workflow_example.yaml
id: wordpress-workflow
info:
name: Wordpress Security Checks
author: kiblyn11,zomsop82
description: A simple workflow that runs all wordpress related nuclei templates on a given target.
workflows:
- template: http/technologies/wordpress-detect.yaml
subtemplates:
- tags: wordpress
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment