NUCLEI + NUCLEI TEMPLATES

The fastest exploits feed on the Internet

Nuclei uses a vast templating library to scan applications, cloud infrastructure, and networks to find and remediate vulnerabilities.

Try our platform
Learn more

30K+

Stars on GitHub

900+

Nuclei contributors

10K+

Templates created

50M+

Monthly scans

Trending vulnerabilities

View templates

Contributor leaderboard

    #

    Username

    Category

    Templates

    Points

    View all

    Put Nuclei to work

    Web Application

    Identify common web vulnerabilities with an active library of community-powered templates.

    Cloud

    Examine cloud environments and infrastructure for misconfigurations and vulnerabilities.

    Network Security

    Scan non web services like SSH, FTP, SMB, and more.

    API

    Test APIs with an active library of known vulnerabilities and misconfigurations.

    Infrastructure

    Audit server configurations, open ports, and services for security issues.

    CI/CD

    Integrate into your existing pipelines to minimize issues resurfacing into production.

    CUSTOMIZATION

    Write your own detection templates using AI powered by our Nuclei open source library

    Leverage the global security community to streamline your vulnerability management. With a template library full of contributions from pentest, bug bounty, and security teams to automate the most complex vulnerability detection.

    Broken Authentication

    Weak password

    Out of band

    SQL Injection

    Secrets

    IDOR

    1
    id: CVE-2024-27199
    2
    

    3
    info:
    4
      name: TeamCity < 2023.11.4 - Authentication Bypass
    5
      author: DhiyaneshDk
    6
      severity: high
    7
      description: |
    8
        In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible
    9
      reference:
    10
        - https://www.rapid7.com/blog/post/2024/03/04/etr-cve-2024-27198-and-cve-2024-27199-jetbrains-teamcity-multiple-authentication-bypass-vulnerabilities-fixed/
    11
        - https://nvd.nist.gov/vuln/detail/CVE-2024-27199
    12
      classification:
    13
        cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
    14
        cvss-score: 7.3
    15
        cwe-id: CWE-23
    16
      metadata:
    17
        verified: true
    18
        max-request: 3
    19
        shodan-query: http.component:"TeamCity"
    20
      tags: cve,cve2024,teamcity,jetbrains,auth-bypass
    21
    

    22
    http:
    23
      - method: GET
    24
        path:
    25
          - "{{BaseURL}}/res/../admin/diagnostic.jsp"
    26
          - "{{BaseURL}}/.well-known/acme-challenge/../../admin/diagnostic.jsp"
    27
          - "{{BaseURL}}/update/../admin/diagnostic.jsp"
    28
    

    29
        stop-at-first-match: true
    30
        matchers:
    31
          - type: dsl
    32
            dsl:
    33
              - 'status_code == 200'
    34
              - 'contains(header, "text/html")'
    35
              - 'contains_all(body, "Debug Logging", "CPU & Memory Usage")'
    36
            condition: and
    37
    # digest: 490a0046304402207d46ec6991f8498ff8c74ec6ebfe0f59f19210620cab88c23c7761c7701b640102201246e4baea4f5b436b45be21c4f66bbe35e8a5f3769b78de38ee94253f331fa7:922c64590222798bb761d5b6d8e72950
    View template
    Real world simulation

    Run the vulnerability tests as an attacker would to exploit a given vulnerability. Capture full logs behind a given test to triage faster for the team.

    AI-powered editor

    Use our AI-powered vulnerability automation editor to convert your internal vulnerability data into an automated detection pipeline.

    Supports 6 protocols

    Nuclei, built by our team, supports over 6 protocols as well as code protocols, so you can basically stitch almost any kind of vulnerability.

    Education Center

    Nuclei scanning foundation series

    A dedicated video series exploring our community-powered vulnerability scanner.

    Nuclei stories

    View all
    Effortless Passive Detection Using Global Matchers in Nuclei

    Effortless Passive Detection Using Global Matchers in Nuclei

    If you've ever found yourself repeatedly setting up the same matchers in multiple Nuclei templates, it's time to break free from that cycle. Meet global matchers, a killer feature in Nuclei that simplifies your detection workflow. Imagine having a single template that automatically hunts for specific patterns (like private keys, sensitive tokens, or webhooks) across every HTTP response from all your other templates. That's what global matchers do — and they do it effortlessly. In this post, we

    Nuclei & Templates
    Crafting DAST Nuclei Templates for OOB Template Engines Injection: A Practical Guide

    Crafting DAST Nuclei Templates for OOB Template Engines Injection: A Practical Guide

    We’re thrilled to announce the release of new DAST Out-of-Band Template Injection Templates tailored for various templating engines and programming frameworks. This update empowers us to assess vulnerabilities and misconfigurations in diverse tech stacks effectively. In this post, we’ll explore automating Out-of-Band Template Injection Testing, crafting custom vulnerability checks, and sharing the findings through the PDCP Cloud for streamlined collaboration. For those particularly interested i

    Nuclei & Templates
    Alibaba Cloud - Nuclei Templates v10.1.1 🎉

    Alibaba Cloud - Nuclei Templates v10.1.1 🎉

    We're excited to tell you about Nuclei Templates release v10.1.1 ! This new version includes newly added Alibaba Cloud Review templates. In this blog post, we'll discuss automating Alibaba cloud misconfiguration review, creating custom checks, and sharing results on the PDCP Cloud for review. An Alibaba Cloud Configuration Security Review is essential for assessing and improving the security of your cloud infrastructure. It ensures that your resources are configured correctly, compliant with re

    Nuclei & Templates