MCPcopy
hub / github.com/projectdiscovery/nuclei

github.com/projectdiscovery/nuclei @v3.10.0 sqlite

repository ↗ · DeepWiki ↗ · release v3.10.0 ↗
5,547 symbols 23,205 edges 782 files 2,766 documented · 50%
README

nuclei

English中文KoreanIndonesiaSpanish日本語PortugueseTürkçe

     


Nuclei es un escáner de vulnerabilidades moderno y de alto rendimiento que aprovecha plantillas simples basadas en YAML. Te permite diseñar escenarios personalizados de detección de vulnerabilidades que imitan condiciones del mundo real, logrando cero falsos positivos.

  • Formato YAML simple para crear y personalizar plantillas de vulnerabilidades.
  • Contribuido por miles de profesionales de seguridad para abordar vulnerabilidades emergentes.
  • Reduce los falsos positivos simulando pasos del mundo real para verificar una vulnerabilidad.
  • Procesamiento de escaneos paralelo ultrarrápido y agrupación de peticiones.
  • Se integra en pipelines de CI/CD para detección de vulnerabilidades y pruebas de regresión.
  • Soporta múltiples protocolos como TCP, DNS, HTTP, SSL, WHOIS, JavaScript, Code y más.
  • Se integra con Jira, Splunk, GitHub, Elastic, GitLab.

Índice

Primeros Pasos

1. Nuclei CLI

Instala Nuclei en tu máquina. Comienza siguiendo la guía de instalación aquí. Adicionalmente, ofrecemos una capa gratuita en la nube con generosos límites mensuales gratuitos:

  • Almacena y visualiza tus hallazgos de vulnerabilidades
  • Escribe y gestiona tus plantillas de nuclei
  • Accede a las últimas plantillas de nuclei
  • Descubre y almacena tus objetivos

[!Important] |Este proyecto está en desarrollo activo. Espera cambios incompatibles entre versiones. Revisa el changelog antes de actualizar.| |:--------------------------------| | Este proyecto está construido principalmente para ser utilizado como herramienta CLI independiente. Ejecutar nuclei como servicio puede suponer riesgos de seguridad. Se recomienda usarlo con precaución y medidas de seguridad adicionales. |

2. Ediciones Pro y Enterprise

Para equipos de seguridad y empresas, ofrecemos un servicio alojado en la nube construido sobre Nuclei OSS, optimizado para ayudarte a ejecutar escaneos de vulnerabilidades de forma continua y a escala con tu equipo y flujos de trabajo existentes:

  • Escaneos 50x más rápidos
  • Escaneo a gran escala con alta precisión
  • Integraciones con servicios cloud (AWS, GCP, Azure, Cloudflare, Fastly, Terraform, Kubernetes)
  • Jira, Slack, Linear, APIs y Webhooks
  • Informes ejecutivos y de cumplimiento
  • Además: Escaneo en tiempo real, SAML SSO, plataforma compatible con SOC 2 (con opciones de alojamiento en UE y EE.UU.), espacios de trabajo compartidos por equipo y más
  • ¡Estamos constantemente añadiendo nuevas funcionalidades!
  • Ideal para: Pentesters, equipos de seguridad y empresas

Regístrate en Pro o habla con nuestro equipo si tienes una organización grande y requisitos complejos.

Documentación

Consulta la documentación completa de Nuclei aquí. Si eres nuevo en Nuclei, mira nuestra serie introductoria en YouTube.

Instalación

nuclei requiere go >= 1.24.2 para instalarse correctamente. Ejecuta el siguiente comando para obtener el repositorio:

go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest

Para saber más sobre cómo instalar nuclei, consulta https://docs.projectdiscovery.io/tools/nuclei/install.

Banderas de Línea de Comandos

Para mostrar todas las banderas de la herramienta:

nuclei -h

Expandir todas las banderas de ayuda

```yaml Nuclei is a fast, template based vulnerability scanner focusing on extensive configurability, massive extensibility and ease of use.

Usage: ./nuclei [flags]

Flags: TARGET: -u, -target string[] target URLs/hosts to scan -l, -list string path to file containing a list of target URLs/hosts to scan (one per line) -eh, -exclude-hosts string[] hosts to exclude to scan from the input list (ip, cidr, hostname) -resume string resume scan from and save to specified file (clustering will be disabled) -sa, -scan-all-ips scan all the IP's associated with dns record -iv, -ip-version string[] IP version to scan of hostname (4,6) - (default 4)

TARGET-FORMAT: -im, -input-mode string mode of input file (list, burp, jsonl, yaml, openapi, swagger) (default "list") -ro, -required-only use only required fields in input format when generating requests -sfv, -skip-format-validation skip format validation (like missing vars) when parsing input file

TEMPLATES: -nt, -new-templates run only new templates added in latest nuclei-templates release -ntv, -new-templates-version string[] run new templates added in specific version -as, -automatic-scan automatic web scan using wappalyzer technology detection to tags mapping -t, -templates string[] list of template or template directory to run (comma-separated, file) -turl, -template-url string[] template url or list containing template urls to run (comma-separated, file) -ai, -prompt string generate and run template using ai prompt -w, -workflows string[] list of workflow or workflow directory to run (comma-separated, file) -wurl, -workflow-url string[] workflow url or list containing workflow urls to run (comma-separated, file) -validate validate the passed templates to nuclei -nss, -no-strict-syntax disable strict syntax check on templates -td, -template-display displays the templates content -tl list all templates matching current filters -tgl list all available tags -sign signs the templates with the private key defined in NUCLEI_SIGNATURE_PRIVATE_KEY env variable -code enable loading code protocol-based templates -dut, -disable-unsigned-templates disable running unsigned templates or templates with mismatched signature -esc, -enable-self-contained enable loading self-contained templates -egm, -enable-global-matchers enable loading global matchers templates -file enable loading file templates

FILTERING: -a, -author string[] templates to run based on authors (comma-separated, file) -tags string[] templates to run based on tags (comma-separated, file) -etags, -exclude-tags string[] templates to exclude based on tags (comma-separated, file) -itags, -include-tags string[] tags to be executed even if they are excluded either by default or configuration -id, -template-id string[] templates to run based on template ids (comma-separated, file, allow-wildcard) -eid, -exclude-id string[] templates to exclude based on template ids (comma-separated, file) -it, -include-templates string[] path to template file or directory to be executed even if they are excluded either by default or configuration -et, -exclude-templates string[] path to template file or directory to exclude (comma-separated, file) -em, -exclude-matchers string[] template matchers to exclude in result -s, -severity value[] templates to run based on severity. Possible values: info, low, medium, high, critical, unknown -es, -exclude-severity value[] templates to exclude based on severity. Possible values: info, low, medium, high, critical, unknown -pt, -type value[] templates to run based on protocol type. Possible values: dns, file, http, headless, tcp, workflow, ssl, websocket, whois, code, javascript -ept, -exclude-type value[] templates to exclude based on protocol type. Possible values: dns, file, http, headless, tcp, workflow, ssl, websocket, whois, code, javascript -tc, -template-condition string[] templates to run based on expression condition

OUTPUT: -o, -output string output file to write found issues/vulnerabilities -sresp, -store-resp store all request/response passed through nuclei to output directory -srd, -store-resp-dir string store all request/response passed through nuclei to custom directory (default "output") -silent display findings only -nc, -no-color disable output content coloring (ANSI escape codes) -j, -jsonl write output in JSONL(ines) format -irr, -include-rr -omit-raw include request/response pairs in the JSON, JSONL, and Markdown outputs (for findings only) [DEPRECATED use -omit-raw] (default true) -or, -omit-raw omit request/response pairs in the JSON, JSONL, and Markdown outputs (for findings only) -ot, -omit-template omit encoded template in the JSON, JSONL output -nm, -no-meta disable printing result metadata in cli output -ts, -timestamp enables printing timestamp in cli output -rdb, -report-db string nuclei reporting database (always use this to persist report data) -ms, -matcher-status display match failure status -me, -markdown-export string directory to export results in markdown format -se, -sarif-export string file to export results in SARIF format -je, -json-export string file to export results in JSON format -jle, -jsonl-export string file to export results in JSONL(ine) format -rd, -redact string[] redact given list of keys fro

Extension points exported contracts — how you extend this code

Exporter (Interface)
Exporter is an interface implemented by an issue exporter [8 implementers]
pkg/reporting/reporting.go
Marshaler (Interface)
Marshaler is the YAML marshaling interface used by the project. [14 implementers]
pkg/utils/yaml/yaml_decode_wrapper.go
AuthStrategy (Interface)
AuthStrategy is an interface for auth strategies basic auth , bearer token, headers, cookies, query [6 implementers]
pkg/authprovider/authx/strategy.go
Executer (Interface)
Executer is an interface implemented any protocol based request executer. [6 implementers]
pkg/protocols/protocols.go
TestCase (Interface)
TestCase is a single integration test case. [148 implementers]
internal/tests/testutils/integration.go
Component (Interface)
Component is a component for a request [5 implementers]
pkg/fuzz/component/component.go
Format (Interface)
Format is an interface implemented by all input formats [5 implementers]
pkg/input/formats/formats.go
Writer (Interface)
Writer is an interface which writes output to somewhere for nuclei events. [4 implementers]
pkg/output/output.go

Core symbols most depended-on inside this repo

Msgf
called by 564
pkg/protocols/http/build_request.go
Run
called by 507
pkg/js/libs/goexec/adapter.go
Set
called by 338
pkg/js/gojs/gojs.go
Wrap
called by 335
pkg/protocols/http/build_request.go
Close
called by 327
pkg/output/output.go
WriteString
called by 315
pkg/js/libs/bytes/buffer.go
Error
called by 263
pkg/js/libs/goexec/redact.go
Get
called by 246
pkg/js/gojs/gojs.go

Shape

Function 2,399
Method 2,210
Struct 675
Interface 130
TypeAlias 59
Class 50
FuncType 24

Languages

Go94%
TypeScript6%
Java1%

Modules by API surface

internal/tests/integration/http_test.go129 symbols
lib/config.go54 symbols
internal/tests/integration/javascript_test.go46 symbols
pkg/protocols/http/httpclientpool/clientpool_benchmark_test.go41 symbols
pkg/protocols/headless/engine/page_actions.go37 symbols
internal/tests/testutils/integration.go37 symbols
pkg/protocols/protocols.go35 symbols
pkg/output/output.go35 symbols
pkg/protocols/http/httpclientpool/clientpool.go34 symbols
pkg/protocols/http/request_test.go33 symbols
pkg/protocols/headless/engine/page_actions_test.go33 symbols
pkg/catalog/config/nucleiconfig.go32 symbols

Dependencies from manifests, versioned

aead.dev/minisignv0.3.0 · 1×
carvel.dev/yttv0.52.0 · 1×
dario.cat/mergov1.0.2 · 1×
filippo.io/edwards25519v1.1.1 · 1×
git.mills.io/prologic/smtpdv0.0.0-2021071012211 · 1×
github.com/Azure/azure-sdk-for-go/sdk/azcorev1.18.0 · 1×
github.com/Azure/azure-sdk-for-go/sdk/azidentityv1.10.1 · 1×
github.com/Azure/azure-sdk-for-go/sdk/internalv1.11.1 · 1×
github.com/Azure/azure-sdk-for-go/sdk/storage/azblobv1.1.0 · 1×
github.com/Azure/go-ansitermv0.0.0-2025010203350 · 1×
github.com/Azure/go-ntlmsspv0.1.1 · 1×

Datastores touched

(mongodb)Database · 1 repos
nucleiDatabase · 1 repos

For agents

$ claude mcp add nuclei \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact