Nuclei is one of the best and free open-source DAST (Dynamic Application Security Testing) tools.
11 min read
Nuclei is used to send requests across targets based on a template, leading to zero false positives and providing fast scanning on a large number of hosts.
Nuclei offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless etc. With powerful and flexible templating, Nuclei can be used to model all kinds of security checks.
Also, there are a lot of scan templates contributed by more than 300 security researchers and engineers.
Let’s get started. There are a few ways to get Nuclei on your machine:
go install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest
brew install nuclei
docker pull projectdiscovery/nuclei:latest
git clone https://github.com/projectdiscovery/nuclei.git; \ cd nuclei/v2/cmd/nuclei; \ go build; \ mv nuclei /usr/local/bin/; \ nuclei -version;
## Download the latest binary for your OS and unzip to run the binary https://github.com/projectdiscovery/nuclei/releases
By default, all templates will get executed from the default template installation path.
nuclei -u ## e.g. nuclei -u http://localhost:4000
to run scan with a custom template:
nuclei -u -t ## e.g. nuclei -u http://localhost:4000 -t cves/