#Nuclei
Showing 44 of 44 repositories tagged #nuclei, ranked by stars
Community curated list of templates for the nuclei engine to find security vulnerabilities.
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
自动整合全网Nuclei的漏洞POC,实时同步更新最新POC!
Nuclei POC,每2小时更新 | 自动整合全网Nuclei的漏洞POC,实时同步更新最新POC,保存已被删除的POC。通过批量克隆Github项目,获取Nuclei POC,并将POC按类别分类存放,使用Github Action实现。已有41w+POC,其中3.5w+高质量POC
75k+ WordPress Nuclei templates, updated daily from Wordfence intel—filter by severity/tags/CVE and scan in one line. 🚀🔒
A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
RiskScanner 是开源的多云安全合规扫描平台,基于 Cloud Custodian 和 Nuclei 引擎,实现对主流公(私)有云资源的安全合规扫描和漏洞扫描。
Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
:: Prism X · Automated Enterprise Network Security Risk Detection and Vulnerability Scanning Tool / 棱镜 X · 自动化企业网络安全风险检测、漏洞扫描工具
ReconPi - A lightweight recon tool that performs extensive scanning with the latest tools.
A growing collection of MCP servers bringing offensive security tools to AI assistants. Nmap, Ghidra, Nuclei, SQLMap, Hashcat and more.
事件驱动的渗透测试扫描器 Event-driven pentest scanner
🚀Komo, a comprehensive asset collection and vulnerability scanning tool. Komo 一个综合资产收集和漏洞扫描工具,集成了20余款工具,通过多种方式对子域进行获取,收集域名邮箱,进行存活探测,域名指纹识别,域名反查ip,ip端口扫描,web服务链接爬取并发送给xray,对web服务进行POC漏洞扫描,对主机进行主机漏洞扫描。
🔥 Professional Penetration Testing Framework v4.0 - Automated subdomain enumeration, vulnerability scanning with Nuclei, port scanning, and comprehensive HTML reports. Features parallel scanning, resume capability, and real-time progress tracking.
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
Enterprise-grade Distributed Asset & Vulnerability Scanner. Features: Port Scanning, Subdomain Brute-force, Fingerprinting, and PoC Detection. Built on Go-Zero & Vue3. 高性能分布式网络资产扫描平台 (子域名扫描/端口扫描/指纹识别/弱口令爆破/JS识别/POC扫描)----------------------------点击下面URL获取高级POC
Web Security Scanner
[VscanPlus内外网漏洞扫描工具]已更新HW热门漏洞检测POC。基于veo师傅的漏扫工具vscan二次开发的版本,端口扫描、指纹检测、目录fuzz、漏洞扫描功能工具,批量快速检测网站安全隐患。An open-source, cross-platform website vulnerability scanning tool that helps you quickly detect website security vulnerabilities.
Nuclei templates written by geeknik. Claude is my co-pilot. 🤖
Enterprise AI Red Team Platform | 企业级AI红队平台 | 132 MCP Tools | Pure Python Engines | SDK+CLI+MCP | Auto-Download sqlmap/nuclei/ffuf | Production C2 | LLM Enhanced | Docker Sandbox | SARIF CI/CD | 1980 Tests
Nuclei scripts created by @rxerium for zero days / actively exploited vulnerabilities.
AiGPT started from the concept of CVE‑2024‑27956 , the WP Automatic CSV injection — but has been completely rebuilt into a multi‑vector, unauthenticated WordPress exploitation engine. It now chains 13 real‑world CVEs to create an administrator account or drop a web shell directly, then automatically injects a reverse shell into the active theme
All Nuclei Templates
Nuclei templates for source code analysis. Detects hardcoded secrets, config leaks, debug endpoints. Also helps identify OWASP Top 10 issues in code. Ideal for SAST and CI/CD integration.
Discord bot created to automate bug bounty recon, automated scans and information gathering via a discord server
Burp Suite extension for API security testing with 15 attack types, 108+ payloads, intelligent fuzzing, BOLA/IDOR detection, AI integration, and automated reconnaissance. Supports REST/GraphQL/SOAP APIs with Nuclei, Turbo Intruder, and external tool integration. OWASP API Top 10 coverage.
RedTeam-Agent: AI-Powered Autonomous Red Team Framework via Model Context Protocol. AI红队与内网渗透自动化框架,支持 gogo, fscan, httpx, nuclei, impacket, playwright 等 15+ 渗透工具,让 LLM 直接化身安全审计黑客。
Advanced reconnaissance framework for bug bounty hunters - Automate subdomain enumeration, vulnerability scanning, and security reconnaissance with 30+ integrated tools.
End-to-end one-class instance segmentation based on U-Net architecture for Data Science Bowl 2018 in Kaggle
Running nuclei Continuously
Free XP on bug bounty, vulnerability scanning by wrapping well maintained tools, to perform automated tests. Alongside AI agents for binary analysis, which includes connecting to external Android or emulator to perform dynamic analysis.
⚡ ReconNinja v9.1.2 — 38-phase recon framework for pentesters & bug bounty hunters. Subdomain enum → port scan → web recon → WAF/CORS/JS/cloud bucket detection → GitHub OSINT → CVE lookup → AI threat analysis → HTML report. Domains, IPs, CIDRs, target lists. Plugin system. 598 tests.
This repo collects nuclei template from 600+ github repos, updates every 6 hours.
WPAUDIT: Advanced WordPress security auditing suite & vulnerability scanner. Automates pentesting with Nmap, WPScan, Nuclei, SQLMap. Comprehensive reports. Ideal for ethical hackers & Kali Linux.
EGO is a vulnerability scanner developed by chickenpwny at PolitoInc. It was created to provide a platform for hackers to store multiple projects in a REST API. Recognizing a need for such a tool, EGO was developed to utilize various open-source security tools and libraries to perform comprehensive reconnaissance scans.
nucssist是一款更现代化的POC管理方案,主要作为nuclei POC辅助编写工具和POC管理工具。支持代码高亮、自动提示和语法检查。深度融合nuclei POC语法和yaml语法。智能识别应用和漏洞类型。提供便捷的应用管理、POC管理和漏洞类型管理。优化POC编写体验。提供丝滑的实时响应搜索体验。
🐍 Cascavel — The zero-friction offensive security engine. Automate Red Team scans, validate exposures (CTEM), and generate compliance reports in one command.
🔐 50+ MCP Security Servers for AI-Powered Pentesting | Integrate Nmap, Burp Suite, Nuclei, Shodan, BloodHound, Semgrep, Trivy | Model Context Protocol for Cybersecurity
One-Click BurpSuite Installer with essential plugins for penetration testers
A simple tool that allows you to organize all the Nuclei templates offered by the community in one place
:boom: This tool is intended for bounty hunters, the script installs and launches the best set of tools for expanding the attack surface, for Web Sites, portals, and Organizations.
A lightweight CLI tool for systematically detecting and exploiting race conditions in web applications, APIs, and modern services.
Argus - A Python-based security automation tool that orchestrates Nmap, Nikto, and Nuclei with cool reporting.