#Nuclei

Showing 44 of 44 repositories tagged #nuclei, ranked by stars

projectdiscovery
projectdiscovery
nuclei-templates

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Score
100
★ 12.6k ⑂ 3.6k +13/day
JavaScript
six2dez
six2dez
reconftw

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Score
97
★ 7.8k ⑂ 1.2k +60/day
Shell
GhostTroops
GhostTroops
scan4all

Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

Score
50
★ 6.1k ⑂ 716
Go
ExpLangcn
ExpLangcn
NucleiTP

自动整合全网Nuclei的漏洞POC,实时同步更新最新POC!

Score
75
★ 2.9k ⑂ 371 +1/day
adysec
adysec
nuclei_poc

Nuclei POC,每2小时更新 | 自动整合全网Nuclei的漏洞POC,实时同步更新最新POC,保存已被删除的POC。通过批量克隆Github项目,获取Nuclei POC,并将POC按类别分类存放,使用Github Action实现。已有41w+POC,其中3.5w+高质量POC

Score
94
★ 2.1k ⑂ 474 +1/day
topscoder
topscoder
nuclei-wordfence-cve

75k+ WordPress Nuclei templates, updated daily from Wordfence intel—filter by severity/tags/CVE and scan in one line. 🚀🔒

Score
92
★ 1.3k ⑂ 156 +1/day
Python
ayoubfathi
ayoubfathi
leaky-paths

A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.

Score
86
★ 1.2k ⑂ 171
fit2cloud
fit2cloud
riskscanner

RiskScanner 是开源的多云安全合规扫描平台,基于 Cloud Custodian 和 Nuclei 引擎,实现对主流公(私)有云资源的安全合规扫描和漏洞扫描。

Score
0
★ 1.2k ⑂ 185
Java
xm1k3
xm1k3
cent

Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place

Score
89
★ 1.0k ⑂ 167
Go
yqcs
yqcs
prismx

:: Prism X · Automated Enterprise Network Security Risk Detection and Vulnerability Scanning Tool / 棱镜 X · 自动化企业网络安全风险检测、漏洞扫描工具

Score
100
★ 829 ⑂ 87 +3/day
Go
x1mdev
x1mdev
ReconPi

ReconPi - A lightweight recon tool that performs extensive scanning with the latest tools.

Score
47
★ 727 ⑂ 108
Shell
FuzzingLabs
FuzzingLabs
mcp-security-hub

A growing collection of MCP servers bringing offensive security tools to AI assistants. Nmap, Ghidra, Nuclei, SQLMap, Hashcat and more.

Score
83
★ 717 ⑂ 93 +15/day
Python
u21h2
u21h2
nacs

事件驱动的渗透测试扫描器 Event-driven pentest scanner

Score
0
★ 702 ⑂ 79
Go
komomon
komomon
Komo

🚀Komo, a comprehensive asset collection and vulnerability scanning tool. Komo 一个综合资产收集和漏洞扫描工具,集成了20余款工具,通过多种方式对子域进行获取,收集域名邮箱,进行存活探测,域名指纹识别,域名反查ip,ip端口扫描,web服务链接爬取并发送给xray,对web服务进行POC漏洞扫描,对主机进行主机漏洞扫描。

Score
39
★ 565 ⑂ 65
Python
ByCh4n
ByCh4n
BCHackTool

🔥 Professional Penetration Testing Framework v4.0 - Automated subdomain enumeration, vulnerability scanning with Nuclei, port scanning, and comprehensive HTML reports. Features parallel scanning, resume capability, and real-time progress tracking.

Score
72
★ 531 ⑂ 88 +1/day
Shell
edoardottt
edoardottt
missing-cve-nuclei-templates

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

Score
81
★ 439 ⑂ 50
Shell
tangxiaofeng7
tangxiaofeng7
cscan

Enterprise-grade Distributed Asset & Vulnerability Scanner. Features: Port Scanning, Subdomain Brute-force, Fingerprinting, and PoC Detection. Built on Go-Zero & Vue3. 高性能分布式网络资产扫描平台 (子域名扫描/端口扫描/指纹识别/弱口令爆破/JS识别/POC扫描)----------------------------点击下面URL获取高级POC

Score
78
★ 387 ⑂ 62 +5/day
Go
gotr00t0day
gotr00t0day
Gsec

Web Security Scanner

Score
58
★ 385 ⑂ 72
Python
youki992
youki992
VscanPlus

[VscanPlus内外网漏洞扫描工具]已更新HW热门漏洞检测POC。基于veo师傅的漏扫工具vscan二次开发的版本,端口扫描、指纹检测、目录fuzz、漏洞扫描功能工具,批量快速检测网站安全隐患。An open-source, cross-platform website vulnerability scanning tool that helps you quickly detect website security vulnerabilities.

Score
64
★ 346 ⑂ 26 +1/day
Go
geeknik
geeknik
the-nuclei-templates

Nuclei templates written by geeknik. Claude is my co-pilot. 🤖

Score
67
★ 303 ⑂ 74
Coff0xc
Coff0xc
AutoRedTeam-Orchestrator

Enterprise AI Red Team Platform | 企业级AI红队平台 | 132 MCP Tools | Pure Python Engines | SDK+CLI+MCP | Auto-Download sqlmap/nuclei/ffuf | Production C2 | LLM Enhanced | Docker Sandbox | SARIF CI/CD | 1980 Tests

Score
69
★ 254 ⑂ 52
Python
rxerium
rxerium
rxerium-templates

Nuclei scripts created by @rxerium for zero days / actively exploited vulnerabilities.

Score
61
★ 190 ⑂ 33
Python
AiGptCode
AiGptCode
AiGPT-WordPress-Exploitation-Framework

AiGPT started from the concept of CVE‑2024‑27956 , the WP Automatic CSV injection — but has been completely rebuilt into a multi‑vector, unauthenticated WordPress exploitation engine. It now chains 13 real‑world CVEs to create an administrator account or drop a web shell directly, then automatically injects a reverse shell into the active theme

Score
56
★ 127 ⑂ 33
Python
adampielak
adampielak
nuclei-templates

All Nuclei Templates

Score
53
★ 91 ⑂ 30 +1/day
KaanBicaklar
KaanBicaklar
nuclei-MonaCodeScanner

Nuclei templates for source code analysis. Detects hardcoded secrets, config leaks, debug endpoints. Also helps identify OWASP Top 10 issues in code. Ideal for SAST and CI/CD integration.

Score
17
★ 83 ⑂ 8
DEMON1A
DEMON1A
Discord-Recon

Discord bot created to automate bug bounty recon, automated scans and information gathering via a discord server

Score
0
★ 82 ⑂ 19
Python
Teycir
Teycir
BurpAPISecuritySuite

Burp Suite extension for API security testing with 15 attack types, 108+ payloads, intelligent fuzzing, BOLA/IDOR detection, AI integration, and automated reconnaissance. Supports REST/GraphQL/SOAP APIs with Nuclei, Turbo Intruder, and external tool integration. OWASP API Top 10 coverage.

Score
44
★ 73 ⑂ 9
Python
ktol1
ktol1
RedTeam-Agent

RedTeam-Agent: AI-Powered Autonomous Red Team Framework via Model Context Protocol. AI红队与内网渗透自动化框架,支持 gogo, fscan, httpx, nuclei, impacket, playwright 等 15+ 渗透工具,让 LLM 直接化身安全审计黑客。

Score
36
★ 63 ⑂ 6
C
vikrantbatra05
vikrantbatra05
HuntTheBug

Advanced reconnaissance framework for bug bounty hunters - Automate subdomain enumeration, vulnerability scanning, and security reconnaissance with 30+ integrated tools.

Score
42
★ 60 ⑂ 17
Shell
ildoonet
ildoonet
data-science-bowl-2018

End-to-end one-class instance segmentation based on U-Net architecture for Data Science Bowl 2018 in Kaggle

Score
0
★ 58 ⑂ 18
Python
dwisiswant0
dwisiswant0
continuous-nuclei

Running nuclei Continuously

Score
0
★ 57 ⑂ 16
Shell
A3-N
A3-N
xpfarm

Free XP on bug bounty, vulnerability scanning by wrapping well maintained tools, to perform automated tests. Alongside AI agents for binary analysis, which includes connecting to external Android or emulator to perform dynamic analysis.

Score
50
★ 43 ⑂ 43
HTML
ExploitCraft
ExploitCraft
ReconNinja

⚡ ReconNinja v9.1.2 — 38-phase recon framework for pentesters & bug bounty hunters. Subdomain enum → port scan → web recon → WAF/CORS/JS/cloud bucket detection → GitHub OSINT → CVE lookup → AI threat analysis → HTML report. Domains, IPs, CIDRs, target lists. Plugin system. 598 tests.

Score
33
★ 40 ⑂ 8
Python
rix4uni
rix4uni
nucleihub-templates

This repo collects nuclei template from 600+ github repos, updates every 6 hours.

Score
31
★ 38 ⑂ 21
ihuzaifashoukat
ihuzaifashoukat
wpaudit

WPAUDIT: Advanced WordPress security auditing suite & vulnerability scanner. Automates pentesting with Nmap, WPScan, Nuclei, SQLMap. Comprehensive reports. Ideal for ethical hackers & Kali Linux.

Score
8
★ 37 ⑂ 5
Python
PolitoInc
PolitoInc
EGOAlpha

EGO is a vulnerability scanner developed by chickenpwny at PolitoInc. It was created to provide a platform for hackers to store multiple projects in a REST API. Recognizing a need for such a tool, EGO was developed to utilize various open-source security tools and libraries to perform comprehensive reconnaissance scans.

Score
6
★ 27 ⑂ 2
Python
nucssistdev
nucssistdev
nucssist

nucssist是一款更现代化的POC管理方案,主要作为nuclei POC辅助编写工具和POC管理工具。支持代码高亮、自动提示和语法检查。深度融合nuclei POC语法和yaml语法。智能识别应用和漏洞类型。提供便捷的应用管理、POC管理和漏洞类型管理。优化POC编写体验。提供丝滑的实时响应搜索体验。

Score
22
★ 26 ⑂ 0
glferreira-devsecops
glferreira-devsecops
Cascavel

🐍 Cascavel — The zero-friction offensive security engine. Automate Red Team scans, validate exposures (CTEM), and generate compliance reports in one command.

Score
28
★ 24 ⑂ 4
Python
hackersatyamrastogi
hackersatyamrastogi
pentesting-cyber-mcp

🔐 50+ MCP Security Servers for AI-Powered Pentesting | Integrate Nmap, Burp Suite, Nuclei, Shodan, BloodHound, Semgrep, Trivy | Model Context Protocol for Cybersecurity

Score
25
★ 23 ⑂ 11 +2/day
JavaScript
oneclick-burp
oneclick-burp
BurpFusion-Core

One-Click BurpSuite Installer with essential plugins for penetration testers

Score
0
★ 13 ⑂ 2
Batchfile
rix4uni
rix4uni
nucleihub

A simple tool that allows you to organize all the Nuclei templates offered by the community in one place

Score
14
★ 12 ⑂ 0
Go
solo10010
solo10010
reconWTF

:boom: This tool is intended for bounty hunters, the script installs and launches the best set of tools for expanding the attack surface, for Web Sites, portals, and Organizations.

Score
3
★ 12 ⑂ 6
Shell
bogdanticu88
bogdanticu88
RatRace

A lightweight CLI tool for systematically detecting and exploiting race conditions in web applications, APIs, and modern services.

Score
11
★ 10 ⑂ 0
Go
TheOneOh1
TheOneOh1
Argus-Scan

Argus - A Python-based security automation tool that orchestrates Nmap, Nikto, and Nuclei with cool reporting.

Score
19
★ 10 ⑂ 2
Python
Related Topics
#penetration-testing#security#bugbounty#security-tools#cybersecurity#hacking#pentesting#nuclei-templates#bug-bounty#osint#recon#reconnaissance

© 2026 GitRepoTrend · GitHub repositories by topic · Updated weekly