Published in


Nuclei: A Community Powered Vulnerability Scanner

One of the best and free open-source DAST (Dynamic Application Security Testing) tool.

Photo by Markus Spiske on Unsplash

Recently, I was searching for a DAST tool for my work project and came across Nuclei, a fast and customizable vulnerability scanner based on simple YAML-based DSL. So far, my experience with Nuclei is that it is very easy to use and to get started. Thus, I thought to write this article to introduce to more people about this tool.

Nuclei can be used to send requests across multiple targets based on a template, leading to zero false positives and providing fast scanning on a large number of hosts. They have a dedicated repository that houses many types of vulnerability templates contributed by the community (security researchers and engineers). Therefore, it can be used to model many kinds of security checks. It offers to scan for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless, etc.

To Install

Let’s get started. The first step is to install Nuclei on your machine. There are a few ways to get Nuclei on your machine:

go install -v
  • Brew (probably the most convenient, if you are using macOS)
brew install nuclei
docker pull projectdiscovery/nuclei:latest
git clone; \
cd nuclei/v2/cmd/nuclei; \
go build; \
mv nuclei /usr/local/bin/; \
nuclei -version;
  • Binary
## Download the latest binary for your OS and unzip to run the binary

To Run

By default, if you don’t specify any templates (-t/templates), all templates (except nuclei-ignore list) will get executed from the default template installation path.

nuclei -u <Your target host>## e.g. nuclei -u http://localhost:4000
Screenshot of a sample result

If you would like to execute your own custom template directory, you may run the following command:

nuclei -u <Your target host> -t <Your custom template path>## e.g. nuclei -u http://localhost:4000 -t cves/

To find out more about the different features of Nuclei, you may check out Nuclei’s Get Started page.

And there we have it. I hope you have found this useful. Thank you for reading. If you enjoyed this article, remember to follow me for more updates!

Stay tuned for more articles ✌️.

If you are not a Medium member yet and want to become one, click here.




A humble place to learn Java and Programming better.

Recommended from Medium

Mastodon Systemic Sustainability

How to create a single hop encrypted relay connection using QuantumGate (C/C++)

Technical Series: Indexing Data Structures


AWS SSO with Azure Active Directory

Custom Classes!

Development of Quantum Programs for Use on Mobile Devices

9 Extraordinary Terraform Best Practices That Will Change Your Infra World

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Wei Kang

Wei Kang

Once a programmer, always a programmer

More from Medium

Endpoint Security: The Protection Mechanism of Web Application and Networks

How to train your MikroTik Router — Transparent proxying using NAT

Using the Flipper Zero to swipe AWS keys from MacOS

Threat Evasion for aws:multifactorAuthPresent condition using Cloudshell