5 min read
Introducing Nuclei Templates Labs: A Hands-on Security Testing Playground
Table of Contents
- 🚀 What is Nuclei Templates Labs?
- 🔧 Why We Created This Repository
- 🛠 How to Use Nuclei Templates Labs
- 1️⃣ Initial Setup
- 2️⃣ Exploring Available Vulnerable Environments
- 3️⃣ Launching a Vulnerable Environment
- 4️⃣ Understanding the Vulnerability
- 5️⃣ Installing & Using Nuclei for Detection
- Option 1: Install via Go (recommended for developers)
- Option 2: Download pre-built binaries
- 6️⃣ Running Vulnerability Scans
- 🔥 Use Cases
- ✅ For Security Researchers
- 🎓 For Security Learners & Students
- 🏢 For Organizations & Red Teams
- 🏗️ Contributing to Nuclei Templates Labs
- 🐝 Join the Community
- 🚀 Start Hacking!
- Conclusion
Authors
🚀 What is Nuclei Templates Labs?
At ProjectDiscovery, we are always looking for ways to make security testing more accessible and practical. Nuclei Templates Labs is a collection of vulnerable environments bundled with ready-to-use Nuclei templates, designed for both security researchers and learners. This repository serves as a real-world security testing playground, allowing users to explore vulnerabilities, understand their impact, and learn how to detect them using Nuclei.
By combining vulnerable setups with detection templates in a controlled environment, we've created an ecosystem where security enthusiasts can safely experiment with vulnerability detection, exploitation techniques, and remediation strategies without the risks associated with real-world testing. This approach not only enhances learning but also promotes responsible security practices in an industry where hands-on experience is invaluable.
With Nuclei Templates Labs, you can:
- Perform hands-on security testing with real-world vulnerable setups.
- Follow step-by-step guides to understand and exploit vulnerabilities.
- Use prebuilt Nuclei templates to detect vulnerabilities efficiently.
- Gain practical experience with security scanning and automation.
🔧 Why We Created This Repository
Security research is best learned through practical experience. While tools like Nuclei make vulnerability detection simple, understanding the underlying issues requires deeper exploration. Our goal is to:
- Provide safe, controlled environments for learning.
- Vulnerable environment with a CVE templates can be helpful for debugging and understanding how the CVE works.
- Offer real attack scenarios that reflect vulnerabilities seen in the wild.
- Help researchers and security enthusiasts improve their skills in security testing.
🛠 How to Use Nuclei Templates Labs
These are testing labs designed for controlled environments. They contain vulnerable setups and should not be exposed publicly or deployed on internet-facing systems to prevent unintended access or exploitation.
1️⃣ Initial Setup
First, clone the repository to your local machine to access all the lab environments and templates:
cli
1git clone https://github.com/projectdiscovery/nuclei-templates-labs.git
2cd nuclei-templates-labsIf you haven't already installed Docker and Docker Compose, you can do so with the following commands on Ubuntu/Debian-based systems:
cli
1# Update package lists
2sudo apt update
3
4# Install Docker
5sudo apt install docker.io -y
6
7# Install Docker Compose
8sudo apt install docker-compose -y
9
10# Add your user to the docker group (optional, for running Docker without sudo)
11sudo usermod -aG docker $USER
12
13# Apply group changes (you may need to log out and back in)
14newgrp dockerFor other operating systems, please refer to the official Docker documentation at https://docs.docker.com/get-docker/.
Verify your installation by running:
cli
1docker --version
2docker-compose --version2️⃣ Exploring Available Vulnerable Environments
The repository is organized into categories based on vulnerability types and protocols. Browse through the directory structure to find labs that interest you:
cli
1# List all available categories
2ls -la
3
4# Explore HTTP vulnerability labs
5cd http/
6
7# View available CVE labs
8cd cve/
9
10# List labs by year
11ls 2024/Each lab directory contains:
- A
docker-compose.ymlfile for environment setup - A
README.mdwith detailed information about the vulnerability - Nuclei templates for detecting the vulnerability
- Additional resources like exploitation guides and remediation information
3️⃣ Launching a Vulnerable Environment
Each lab is containerized for isolation and ease of use. To launch a specific lab environment, navigate to its directory and use Docker Compose:
cli
1# Example: Setting up a lab for CVE-2024-55416
2cd http/cve/2024/CVE-2024-55416
3
4# Start the vulnerable environment
5docker-compose up -dThe -d flag runs containers in detached mode (background). You'll see Docker downloading necessary images and starting the containers.
Verify that your environment is running correctly:
cli
1# Check container status
2docker-compose ps
3
4# View container logs if needed
5docker-compose logsMost labs will expose web interfaces or services on localhost ports, which will be documented in the lab's README.md file. For example, a vulnerable web application might be accessible at http://localhost:8080.
4️⃣ Understanding the Vulnerability
- Read the lab's
README.mdfile for background information - Review the provided documentation about the vulnerability
- Examine the provided Nuclei template to understand the POC.
5️⃣ Installing & Using Nuclei for Detection
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
Option 1: Install via Go (recommended for developers)
cli
1# Install the latest version using Go
2go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latestEnsure Go is installed and your Go bin directory is in your PATH.
Option 2: Download pre-built binaries
Visit our releases page at https://github.com/projectdiscovery/nuclei/releases and download the appropriate binary for your operating system.
cli
1# Example for Linux (adjust version as needed)
2wget https://github.com/projectdiscovery/nuclei/releases/download/v3.0.0/nuclei_3.0.0_linux_amd64.zip
3unzip nuclei_3.0.0_linux_amd64.zip
4chmod +x nuclei
5sudo mv nuclei /usr/local/bin/6️⃣ Running Vulnerability Scans
Now that you have a running vulnerable environment and Nuclei installed, you can perform vulnerability scanning:
cli
1# Basic scan using the lab's template against the running service
2nuclei -t cve-2024-55416.yaml -u http://localhost:8080
3
4# For more detailed output
5nuclei -t cve-2024-55416.yaml -u http://localhost:8080 -v
6
7# Save results to a file
8nuclei -t cve-2024-55416.yaml -u http://localhost:8080 -o scan-results.txtNuclei will execute the template against the target and report if the vulnerability is detected. The output will include details about the vulnerability and its severity.
🔥 Use Cases
✅ For Security Researchers
- Test and validate new vulnerabilities.
- Automate scanning with custom Nuclei templates.
- Experiment with real-world exploitation techniques.
🎓 For Security Learners & Students
- Gain hands-on experience with security testing.
- Learn how vulnerabilities work and how to detect them.
- Follow structured exploitation guides to build expertise.
🏢 For Organizations & Red Teams
- Train security teams in identifying vulnerabilities.
- Validate detection rules and improve security tooling.
- Develop custom threat detection pipelines using Nuclei.
🏗️ Contributing to Nuclei Templates Labs
We welcome contributions from the security community! You can contribute by:
- Adding new vulnerable environments
- Creating Nuclei templates for detection
- Improving documentation and step-by-step guides
- Reporting issues or suggesting improvements
To contribute, simply fork the repository, make your changes, and submit a pull request.
🐝 Join the Community
Nuclei Templates Labs is open-source and community-driven. Join us to learn, share, and collaborate!
- Follow ProjectDiscovery for more security tools.
- Join our Discord community to discuss security research and automation.
🚀 Start Hacking!
Nuclei Templates Labs is your ultimate security testing playground. Whether you're a beginner learning about security or an expert looking to automate your scans, this repository is built for you.💡 Start testing vulnerabilities today and level up your security skills!
Conclusion
Security testing has always been challenging to learn and practice safely. With Nuclei Templates Labs, we’re changing that by providing a hands-on ecosystem where theory meets real-world application. Our containerized vulnerable environments, paired with detection templates, offer the perfect playground for security enthusiasts at all levels to refine their skills. As the security landscape evolves with new vulnerabilities emerging daily, practicing in controlled environments helps build both technical expertise and the critical mindset needed to identify, understand, and mitigate security risks effectively.
We believe that practical experience is the foundation of true security expertise. This repository was created to democratize access to hands-on security testing and foster a community of skilled professionals working together to improve security worldwide. Whether you’re using these labs for personal development, team training, or academic instruction, you’re contributing to a growing movement that makes security testing more accessible and effective. Clone the repository, launch your first vulnerable environment, and start your journey into hands-on security learning today—the entire ProjectDiscovery community is here to support you. Happy hacking! 🚀