Detect real vulnerabilities

Harness the power of Nuclei for fast and accurate findings without false positives.

;
mountain grid

Trusted by 100k+ security professionals

Real-time detection for teams that ship fast

Continuous security checks as your team deploys. Automated workflows to enable instant, organization-wide detection and triage. Transform noisy, ineffective scan results into relevant and actionable alerts.

Discover your entire attack surface

HOST

PORT

TECH

IP

Continuously scan for exploitable vulnerabilities

Atlassian

Command Injection

CVE-2022-36804

8.8

GitLab

Path Traversal

CVE-2023-2825

7.5

MOVEit Transfer

Code Execution

CVE-2023-34362

9.8

Redis

Code Execution

CVE-2022-0543

10

VMware

Code Execution

CVE-2023-20887

9.8

Atlassian

Command Injection

CVE-2022-36804

8.8

GitLab

Path Traversal

CVE-2023-2825

7.5

MOVEit Transfer

Code Execution

CVE-2023-34362

9.8

Redis

Code Execution

CVE-2022-0543

10

VMware

Code Execution

CVE-2023-20887

9.8

Atlassian

Command Injection

CVE-2022-36804

8.8

GitLab

Path Traversal

CVE-2023-2825

7.5

MOVEit Transfer

Code Execution

CVE-2023-34362

9.8

Redis

Code Execution

CVE-2022-0543

10

VMware

Code Execution

CVE-2023-20887

9.8

Atlassian

Command Injection

CVE-2022-36804

8.8

GitLab

Path Traversal

CVE-2023-2825

7.5

MOVEit Transfer

Code Execution

CVE-2023-34362

9.8

Redis

Code Execution

CVE-2022-0543

10

VMware

Code Execution

CVE-2023-20887

9.8

Assign tickets and alert your team in minutes

Our Solution

Dramatically reduce scanning times, tools, and resources

Consolidate scattered scanning tools into a single, precise, customizable framework for modern teams.

Application

DNS

Internal

Cloud

API

Database

Vulnerability Management
Attack Surface Management
Compliance
Vulnerability Management

Traditional vulnerability management platforms struggle with excessive false positives and noise. Our vulnerability management platform, powered by Nuclei, delivers high-fidelity scanning to identify actual exploitable vulnerabilities that have real-world impact rather than just relying on CVSS scores. By leveraging the global open-source community, our library of over 9,000 Nuclei templates reflect the latest CVEs and trending misconfigurations.

Our product integrates asset data from cloud platforms to provide essential context, allowing you to prioritize and manage vulnerabilities effectively. With multiple status tracking and easy export options via JSON, API, or Jira integration, remediation is streamlined for your engineering teams.

Exploitable vulnerabilities

10x faster triage

Open source community

Write your own detection templates using AI powered by our Nuclei open source library

Leverage the global security community to streamline your vulnerability management. With a template library full of contributions from pentest, bug bounty, and security teams to automate the most complex vulnerability detection.

Broken Authentication

Weak password

Out of band

SQL Injection

Secrets

IDOR

1
id: CVE-2024-27199
2
3
info:
4
name: TeamCity < 2023.11.4 - Authentication Bypass
5
author: DhiyaneshDk
6
severity: high
7
description: |
8
In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible
9
reference:
10
- https://www.rapid7.com/blog/post/2024/03/04/etr-cve-2024-27198-and-cve-2024-27199-jetbrains-teamcity-multiple-authentication-bypass-vulnerabilities-fixed/
11
- https://nvd.nist.gov/vuln/detail/CVE-2024-27199
12
classification:
13
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
14
cvss-score: 7.3
15
cwe-id: CWE-23
16
metadata:
17
verified: true
18
max-request: 3
19
shodan-query: http.component:"TeamCity"
20
tags: cve,cve2024,teamcity,jetbrains,auth-bypass
21
22
http:
23
- method: GET
24
path:
25
- "{{BaseURL}}/res/../admin/diagnostic.jsp"
26
- "{{BaseURL}}/.well-known/acme-challenge/../../admin/diagnostic.jsp"
27
- "{{BaseURL}}/update/../admin/diagnostic.jsp"
28
29
stop-at-first-match: true
30
matchers:
31
- type: dsl
32
dsl:
33
- 'status_code == 200'
34
- 'contains(header, "text/html")'
35
- 'contains_all(body, "Debug Logging", "CPU & Memory Usage")'
36
condition: and
37
# digest: 490a0046304402207d46ec6991f8498ff8c74ec6ebfe0f59f19210620cab88c23c7761c7701b640102201246e4baea4f5b436b45be21c4f66bbe35e8a5f3769b78de38ee94253f331fa7:922c64590222798bb761d5b6d8e72950
Real world simulation

Run the vulnerability tests as an attacker would to exploit a given vulnerability. Capture full logs behind a given test to triage faster for the team.

AI-powered editor

Use our AI-powered vulnerability automation editor to convert your internal vulnerability data into an automated detection pipeline.

Supports 6 protocols

Nuclei, built by our team, supports over 6 protocols as well as code protocols, so you can basically stitch almost any kind of vulnerability.

Faster detection. Faster protection.

How ProjectDiscovery responds to critical vulnerabilities faster than legacy scanners.

CVE-2025-1974

IngressNightmare

A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context of the ingress-nginx controller. This can lead to disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)

Time to detection

5 hrs

ProjectDiscovery

2-5 days

Legacy scanners

  1. Public advisory & patch release

    Kubernetes and Wiz Research publicly disclosed CVE-2025-1974 and released patched Ingress NGINX versions 1.12.1 and 1.11.5.

  2. ProjectDiscovery publishes internal detection template

    A Nuclei template for internal network scanning of CVE-2025-1974 was released, enabling detection within private infrastructures.

    • Realtime automated scans triggered

    • Remediation workflows initiated

  3. Qualys publishes upgrade advisory

    Qualys released a blog post recommending users upgrade their Ingress NGINX controller to the patched versions to mitigate CVE-2025-1974.

  4. ProjectDiscovery publishes external detection template

    A Nuclei template for external scanning was released, allowing detection of CVE-2025-1974 from outside target networks.

    • External scanning available

  5. Rapid7 releases Cluster Scanner plugin

    Rapid7 launched the Kubernetes Cluster Scanner plugin with checks for CVE-2025-1974, enabling customers to validate patch status across their clusters.

  6. Tenable releases Nessus plugin #233656

    Tenable published a direct remote check plugin for Nessus, allowing automated scanning for CVE-2025-1974 on target systems.

  7. Scan for CVE-2025-1974

COMMUNITY

Security teams love us

Learn, collaborate, and contribute with our community.

wormhole