Nuclei - Fast Vulnerability Scanner


Nuclei is one of the best and free open-source DAST (Dynamic Application Security Testing) tools.

11 min read


What is Nuclei?

Nuclei is used to send requests across targets based on a template, leading to zero false positives and providing fast scanning on a large number of hosts.

Nuclei offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless etc. With powerful and flexible templating, Nuclei can be used to model all kinds of security checks.

Also, there are a lot of scan templates contributed by more than 300 security researchers and engineers.

Nuclei templates

How to install Nuclei?

Let’s get started. There are a few ways to get Nuclei on your machine:



					go install -v

Brew (macOS):

					brew install nuclei


					docker pull projectdiscovery/nuclei:latest


					git clone; \
cd nuclei/v2/cmd/nuclei; \
go build; \
mv nuclei /usr/local/bin/; \
nuclei -version;


					## Download the latest binary for your OS and unzip to run the binary

How to configure a Nuclei scan?

By default, all templates will get executed from the default template installation path.

					nuclei -u <Your target host>
## e.g. nuclei -u http://localhost:4000

to run scan with a custom template:

					nuclei -u <Target host> -t <Custom template path>
## e.g. nuclei -u http://localhost:4000 -t cves/

On this page:

Leave a Reply

Your email address will not be published.