Templates are the core of nuclei scanner which power the actual scanning engine. This repository stores and houses various templates for the scanner provided by our team as well as contributed by the community. We hope that you also contribute by sending templates via pull requests or Github issue and grow the list.
An overview of the nuclei template directory including number of templates associated with each directory.
Directory structure of nuclei templates:
| Templates | Counts | Templates | Counts |
|---|---|---|---|
| cves | 154 | default-logins | 8 |
| dns | 6 | exposed-panels | 73 |
| exposed-tokens | 9 | exposures | 39 |
| fuzzing | 5 | helpers | 3 |
| miscellaneous | 13 | misconfiguration | 40 |
| takeovers | 1 | technologies | 45 |
| vulnerabilities | 68 | workflows | 17 |
Tree structure of nuclei templates:
Nuclei templates
βββ LICENSE.md
βββ README.md
βββ cves
βΒ Β βββ 2005
βΒ Β βΒ Β βββ CVE-2005-2428.yaml
βΒ Β βββ 2008
βΒ Β βΒ Β βββ CVE-2008-2398.yaml
βΒ Β βββ 2013
βΒ Β βΒ Β βββ CVE-2013-2251.yaml
βΒ Β βββ 2014
βΒ Β βΒ Β βββ CVE-2014-6271.yaml
βΒ Β βββ 2017
βΒ Β βΒ Β βββ CVE-2017-10075.yaml
βΒ Β βΒ Β βββ CVE-2017-11444.yaml
βΒ Β βΒ Β βββ CVE-2017-12637.yaml
βΒ Β βΒ Β βββ CVE-2017-14537.yaml
βΒ Β βΒ Β βββ CVE-2017-14849.yaml
βΒ Β βΒ Β βββ CVE-2017-5638.yaml
βΒ Β βΒ Β βββ CVE-2017-7391.yaml
βΒ Β βΒ Β βββ CVE-2017-7615.yaml
βΒ Β βΒ Β βββ CVE-2017-9506.yaml
βΒ Β βΒ Β βββ CVE-2017-9841.yaml
βΒ Β βββ 2018
βΒ Β βΒ Β βββ CVE-2018-0296.yaml
βΒ Β βΒ Β βββ CVE-2018-1000129.yaml
βΒ Β βΒ Β βββ CVE-2018-11409.yaml
βΒ Β βΒ Β βββ CVE-2018-11759.yaml
βΒ Β βΒ Β βββ CVE-2018-1247.yaml
βΒ Β βΒ Β βββ CVE-2018-1271.yaml
βΒ Β βΒ Β βββ CVE-2018-1273.yaml
βΒ Β βΒ Β βββ CVE-2018-13379.yaml
βΒ Β βΒ Β βββ CVE-2018-13380.yaml
βΒ Β βΒ Β βββ CVE-2018-14728.yaml
βΒ Β βΒ Β βββ CVE-2018-16341.yaml
βΒ Β βΒ Β βββ CVE-2018-16763.yaml
βΒ Β βΒ Β βββ CVE-2018-17431.yaml
βΒ Β βΒ Β βββ CVE-2018-18069.yaml
βΒ Β βΒ Β βββ CVE-2018-19386.yaml
βΒ Β βΒ Β βββ CVE-2018-19439.yaml
βΒ Β βΒ Β βββ CVE-2018-20824.yaml
βΒ Β βΒ Β βββ CVE-2018-2791.yaml
βΒ Β βΒ Β βββ CVE-2018-3714.yaml
βΒ Β βΒ Β βββ CVE-2018-3760.yaml
βΒ Β βΒ Β βββ CVE-2018-5230.yaml
βΒ Β βΒ Β βββ CVE-2018-7251.yaml
βΒ Β βΒ Β βββ CVE-2018-7490.yaml
βΒ Β βΒ Β βββ CVE-2018-8006.yaml
βΒ Β βββ 2019
βΒ Β βΒ Β βββ CVE-2019-10092.yaml
βΒ Β βΒ Β βββ CVE-2019-1010287.yaml
βΒ Β βΒ Β βββ CVE-2019-10475.yaml
βΒ Β βΒ Β βββ CVE-2019-11248.yaml
βΒ Β βΒ Β βββ CVE-2019-11510.yaml
βΒ Β βΒ Β βββ CVE-2019-11580.yaml
βΒ Β βΒ Β βββ CVE-2019-11581.yaml
βΒ Β βΒ Β βββ CVE-2019-11869.yaml
βΒ Β βΒ Β βββ CVE-2019-12314.yaml
βΒ Β βΒ Β βββ CVE-2019-12461.yaml
βΒ Β βΒ Β βββ CVE-2019-12593.yaml
βΒ Β βΒ Β βββ CVE-2019-12725.yaml
βΒ Β βΒ Β βββ CVE-2019-14223.yaml
βΒ Β βΒ Β βββ CVE-2019-14322.yaml
βΒ Β βΒ Β βββ CVE-2019-14696.yaml
βΒ Β βΒ Β βββ CVE-2019-14974.yaml
βΒ Β βΒ Β βββ CVE-2019-15043.yaml
βΒ Β βΒ Β βββ CVE-2019-15107.yaml
βΒ Β βΒ Β βββ CVE-2019-15858.yaml
βΒ Β βΒ Β βββ CVE-2019-16278.yaml
βΒ Β βΒ Β βββ CVE-2019-1653.yaml
βΒ Β βΒ Β βββ CVE-2019-16662.yaml
βΒ Β βΒ Β βββ CVE-2019-16759-1.yaml
βΒ Β βΒ Β βββ CVE-2019-16759.yaml
βΒ Β βΒ Β βββ CVE-2019-16920.yaml
βΒ Β βΒ Β βββ CVE-2019-17382.yaml
βΒ Β βΒ Β βββ CVE-2019-17558.yaml
βΒ Β βΒ Β βββ CVE-2019-18394.yaml
βΒ Β βΒ Β βββ CVE-2019-19368.yaml
βΒ Β βΒ Β βββ CVE-2019-19781.yaml
βΒ Β βΒ Β βββ CVE-2019-19908.yaml
βΒ Β βΒ Β βββ CVE-2019-19985.yaml
βΒ Β βΒ Β βββ CVE-2019-20141.yaml
βΒ Β βΒ Β βββ CVE-2019-2588.yaml
βΒ Β βΒ Β βββ CVE-2019-2725.yaml
βΒ Β βΒ Β βββ CVE-2019-3396.yaml
βΒ Β βΒ Β βββ CVE-2019-3402.yaml
βΒ Β βΒ Β βββ CVE-2019-3799.yaml
βΒ Β βΒ Β βββ CVE-2019-5418.yaml
βΒ Β βΒ Β βββ CVE-2019-6112.yaml
βΒ Β βΒ Β βββ CVE-2019-6340.yaml
βΒ Β βΒ Β βββ CVE-2019-6715.yaml
βΒ Β βΒ Β βββ CVE-2019-7219.yaml
βΒ Β βΒ Β βββ CVE-2019-7256.yaml
βΒ Β βΒ Β βββ CVE-2019-7609.yaml
βΒ Β βΒ Β βββ CVE-2019-8442.yaml
βΒ Β βΒ Β βββ CVE-2019-8449.yaml
βΒ Β βΒ Β βββ CVE-2019-8451.yaml
βΒ Β βΒ Β βββ CVE-2019-8903.yaml
βΒ Β βΒ Β βββ CVE-2019-8982.yaml
βΒ Β βΒ Β βββ CVE-2019-9670.yaml
βΒ Β βΒ Β βββ CVE-2019-9733.yaml
βΒ Β βΒ Β βββ CVE-2019-9955.yaml
βΒ Β βΒ Β βββ CVE-2019-9978.yaml
βΒ Β βββ 2020
βΒ Β βββ CVE-2020-0618.yaml
βΒ Β βββ CVE-2020-10148.yaml
βΒ Β βββ CVE-2020-10199.yaml
βΒ Β βββ CVE-2020-10204.yaml
βΒ Β βββ CVE-2020-11034.yaml
βΒ Β βββ CVE-2020-1147.yaml
βΒ Β βββ CVE-2020-11738.yaml
βΒ Β βββ CVE-2020-12116.yaml
βΒ Β βββ CVE-2020-12720.yaml
βΒ Β βββ CVE-2020-13167.yaml
βΒ Β βββ CVE-2020-13942.yaml
βΒ Β βββ CVE-2020-14179.yaml
βΒ Β βββ CVE-2020-14181.yaml
βΒ Β βββ CVE-2020-14864.yaml
βΒ Β βββ CVE-2020-14882.yaml
βΒ Β βββ CVE-2020-15129.yaml
βΒ Β βββ CVE-2020-15505.yaml
βΒ Β βββ CVE-2020-15920.yaml
βΒ Β βββ CVE-2020-16846.yaml
βΒ Β βββ CVE-2020-16952.yaml
βΒ Β βββ CVE-2020-17505.yaml
βΒ Β βββ CVE-2020-17506.yaml
βΒ Β βββ CVE-2020-17518.yaml
βΒ Β βββ CVE-2020-17519.yaml
βΒ Β βββ CVE-2020-1943.yaml
βΒ Β βββ CVE-2020-2096.yaml
βΒ Β βββ CVE-2020-2140.yaml
βΒ Β βββ CVE-2020-23972.yaml
βΒ Β βββ CVE-2020-24223.yaml
βΒ Β βββ CVE-2020-24312.yaml
βΒ Β βββ CVE-2020-2551.yaml
βΒ Β βββ CVE-2020-25540.yaml
βΒ Β βββ CVE-2020-26214.yaml
βΒ Β βββ CVE-2020-3187.yaml
βΒ Β βββ CVE-2020-3452.yaml
βΒ Β βββ CVE-2020-4463.yaml
βΒ Β βββ CVE-2020-5284.yaml
βΒ Β βββ CVE-2020-5405.yaml
βΒ Β βββ CVE-2020-5410.yaml
βΒ Β βββ CVE-2020-5412.yaml
βΒ Β βββ CVE-2020-5776.yaml
βΒ Β βββ CVE-2020-5777.yaml
βΒ Β βββ CVE-2020-5902.yaml
βΒ Β βββ CVE-2020-6287.yaml
βΒ Β βββ CVE-2020-7209.yaml
βΒ Β βββ CVE-2020-7318.yaml
βΒ Β βββ CVE-2020-7961.yaml
βΒ Β βββ CVE-2020-8091.yaml
βΒ Β βββ CVE-2020-8115.yaml
βΒ Β βββ CVE-2020-8163.yaml
βΒ Β βββ CVE-2020-8191.yaml
βΒ Β βββ CVE-2020-8193.yaml
βΒ Β βββ CVE-2020-8194.yaml
βΒ Β βββ CVE-2020-8209.yaml
βΒ Β βββ CVE-2020-8512.yaml
βΒ Β βββ CVE-2020-8982.yaml
βΒ Β βββ CVE-2020-9047.yaml
βΒ Β βββ CVE-2020-9344.yaml
βΒ Β βββ CVE-2020-9376.yaml
βΒ Β βββ CVE-2020-9484.yaml
βΒ Β βββ CVE-2020-9496.yaml
βΒ Β βββ CVE-2020-9757.yaml
βββ default-logins
βΒ Β βββ activemq
βΒ Β βΒ Β βββ activemq-default-login.yaml
βΒ Β βββ ambari
βΒ Β βΒ Β βββ ambari-default-credentials.yaml
βΒ Β βββ apache
βΒ Β βΒ Β βββ tomcat-manager-default.yaml
βΒ Β βββ grafana
βΒ Β βΒ Β βββ grafana-default-credential.yaml
βΒ Β βββ ofbiz
βΒ Β βΒ Β βββ ofbiz-default-credentials.yaml
βΒ Β βββ rabbitmq
βΒ Β βΒ Β βββ rabbitmq-default-admin.yaml
βΒ Β βββ solarwinds
βΒ Β βΒ Β βββ solarwinds-default-admin.yaml
βΒ Β βββ zabbix
βΒ Β βββ zabbix-default-credentials.yaml
βββ dns
βΒ Β βββ azure-takeover-detection.yaml
βΒ Β βββ cname-service-detector.yaml
βΒ Β βββ dead-host-with-cname.yaml
βΒ Β βββ mx-service-detector.yaml
βΒ Β βββ servfail-refused-hosts.yaml
βΒ Β βββ spoofable-spf-records-ptr.yaml
βββ exposed-panels
βΒ Β βββ active-admin-exposure.yaml
βΒ Β βββ activemq-panel.yaml
βΒ Β βββ adminer-panel.yaml
βΒ Β βββ aims-password-mgmt-client.yaml
βΒ Β βββ airflow-exposure.yaml
βΒ Β βββ ambari-exposure.yaml
βΒ Β βββ ansible-tower-exposure.yaml
βΒ Β βββ atlassian-crowd-panel.yaml
βΒ Β βββ cisco-asa-panel.yaml
βΒ Β βββ citrix-adc-gateway-detect.yaml
βΒ Β βββ citrix-vpn-detect.yaml
βΒ Β βββ compal-panel.yaml
βΒ Β βββ couchdb-exposure.yaml
βΒ Β βββ couchdb-fauxton.yaml
βΒ Β βββ crxde.yaml
βΒ Β βββ django-admin-panel.yaml
βΒ Β βββ druid-console-exposure.yaml
βΒ Β βββ exposed-pagespeed-global-admin.yaml
βΒ Β βββ exposed-webalizer.yaml
βΒ Β βββ flink-exposure.yaml
βΒ Β βββ fortinet-fortigate-panel.yaml
βΒ Β βββ fortiweb-panel.yaml
βΒ Β βββ github-enterprise-detect.yaml
βΒ Β βββ gitlab-detect.yaml
βΒ Β βββ globalprotect-panel.yaml
βΒ Β βββ go-anywhere-client.yaml
βΒ Β βββ grafana-detect.yaml
βΒ Β βββ hadoop-exposure.yaml
βΒ Β βββ identityguard-selfservice-entrust.yaml
βΒ Β βββ iomega-lenovo-emc-shared-nas-detect.yaml
βΒ Β βββ jira-detect.yaml
βΒ Β βββ jmx-console.yaml
βΒ Β βββ kafka-connect-ui.yaml
βΒ Β βββ kafka-monitoring.yaml
βΒ Β βββ kafka-topics-ui.yaml
βΒ Β βββ kubernetes-dashboard.yaml
βΒ Β βββ manage-engine-admanager-panel.yaml
βΒ Β βββ mobileiron-login.yaml
βΒ Β βββ netscaler-gateway.yaml
βΒ Β βββ network-camera-detect.yaml
βΒ Β βββ oipm-detect.yaml
βΒ Β βββ parallels-html-client.yaml
βΒ Β βββ phpmyadmin-panel.yaml
βΒ Β βββ polycom-admin-detect.yaml
βΒ Β βββ prometheus-exporter-detect.yaml
βΒ Β βββ public-tomcat-manager.yaml
βΒ Β βββ pulse-secure-panel.yaml
βΒ Β βββ rabbitmq-dashboard.yaml
βΒ Β βββ rocketmq-console-exposure.yaml
βΒ Β βββ rsa-self-service.yaml
βΒ Β βββ sap-hana-xsengine-panel.yaml
βΒ Β βββ sap-netweaver-detect.yaml
βΒ Β βββ sap-recon-detect.yaml
βΒ Β βββ selenoid-ui-exposure.yaml
βΒ Β βββ setup-page-exposure.yaml
βΒ Β βββ solarwinds-orion.yaml
βΒ Β βββ solr-exposure.yaml
βΒ Β βββ sonarqube-login.yaml
βΒ Β βββ sonicwall-management-panel.yaml
βΒ Β βββ sonicwall-sslvpn-panel.yaml
βΒ Β βββ sophos-fw-version-detect.yaml
βΒ Β βββ supervpn-panel.yaml
βΒ Β βββ tikiwiki-cms.yaml
βΒ Β βββ tomcat-manager-pathnormalization.yaml
βΒ Β βββ traefik-dashboard.yaml
βΒ Β βββ virtual-ema-detect.yaml
βΒ Β βββ weave-scope-dashboard-detect.yaml
βΒ Β βββ webeditors.yaml
βΒ Β βββ webmin-panel.yaml
βΒ Β βββ workspace-one-uem.yaml
βΒ Β βββ workspaceone-uem-airwatch-dashboard-detect.yaml
βΒ Β βββ yarn-manager-exposure.yaml
βΒ Β βββ zipkin-exposure.yaml
βββ exposed-tokens
βΒ Β βββ aws
βΒ Β βΒ Β βββ amazon-mws-auth-token-value.yaml
βΒ Β βΒ Β βββ aws-access-key-value.yaml
βΒ Β βββ generic
βΒ Β βΒ Β βββ credentials-disclosure.yaml
βΒ Β βΒ Β βββ general-tokens.yaml
βΒ Β βΒ Β βββ http-username-password.yaml
βΒ Β βββ google
βΒ Β βΒ Β βββ fcm-server-key.yaml
βΒ Β βΒ Β βββ google-api-key.yaml
βΒ Β βββ mailchimp
βΒ Β βΒ Β βββ mailchimp-api-key.yaml
βΒ Β βββ slack
βΒ Β βββ slack-access-token.yaml
βββ exposures
βΒ Β βββ apis
βΒ Β βΒ Β βββ swagger-api.yaml
βΒ Β βΒ Β βββ wadl-api.yaml
βΒ Β βΒ Β βββ wsdl-api.yaml
βΒ Β βββ backups
βΒ Β βΒ Β βββ sql-dump.yaml
βΒ Β βΒ Β βββ zip-backup-files.yaml
βΒ Β βββ configs
βΒ Β βΒ Β βββ airflow-configuration-exposure.yaml
βΒ Β βΒ Β βββ amazon-docker-config-disclosure.yaml
βΒ Β βΒ Β βββ ansible-config-disclosure.yaml
βΒ Β βΒ Β βββ composer-config.yaml
βΒ Β βΒ Β βββ exposed-svn.yaml
βΒ Β βΒ Β βββ git-config-nginxoffbyslash.yaml
βΒ Β βΒ Β βββ git-config.yaml
βΒ Β βΒ Β βββ htpasswd-detection.yaml
βΒ Β βΒ Β βββ laravel-env.yaml
βΒ Β βΒ Β βββ magento-config.yaml
βΒ Β βΒ Β βββ opcache-status-exposure.yaml
βΒ Β βΒ Β βββ owncloud-config.yaml
βΒ Β βΒ Β βββ package-json.yaml
βΒ Β βΒ Β βββ perl-status.yaml
βΒ Β βΒ Β βββ phpinfo.yaml
βΒ Β βΒ Β βββ rails-database-config.yaml
βΒ Β βΒ Β βββ redmine-db-config.yaml
βΒ Β βΒ Β βββ syfmony-profiler.yaml
βΒ Β βΒ Β βββ symfony-database-config.yaml
βΒ Β βΒ Β βββ symfony-profiler.yaml
βΒ Β βΒ Β βββ web-config.yaml
βΒ Β βββ files
βΒ Β βΒ Β βββ domcfg-page.yaml
βΒ Β βΒ Β βββ drupal-install.yaml
βΒ Β βΒ Β βββ ds_store.yaml
βΒ Β βΒ Β βββ exposed-alps-spring.yaml
βΒ Β βΒ Β βββ filezilla.yaml
βΒ Β βΒ Β βββ lazy-file.yaml
βΒ Β βΒ Β βββ server-private-keys.yaml
βΒ Β βΒ Β βββ xprober-service.yaml
βΒ Β βββ logs
βΒ Β βββ elmah-log-file.yaml
βΒ Β βββ error-logs.yaml
βΒ Β βββ rails-debug-mode.yaml
βΒ Β βββ struts-debug-mode.yaml
βΒ Β βββ trace-axd-detect.yaml
βββ fuzzing
βΒ Β βββ arbitrary-file-read.yaml
βΒ Β βββ directory-traversal.yaml
βΒ Β βββ generic-lfi-fuzzing.yaml
βΒ Β βββ iis-shortname.yaml
βΒ Β βββ wp-plugin-scan.yaml
βββ helpers
βΒ Β βββ payloads
βΒ Β βΒ Β βββ CVE-2020-5776.csv
βΒ Β βΒ Β βββ CVE-2020-6287.xml
βΒ Β βββ wordlists
βΒ Β βββ wp-plugins.txt
βββ miscellaneous
βΒ Β βββ basic-cors-flash.yaml
βΒ Β βββ dir-listing.yaml
βΒ Β βββ htaccess-config.yaml
βΒ Β βββ missing-csp.yaml
βΒ Β βββ missing-hsts.yaml
βΒ Β βββ missing-x-frame-options.yaml
βΒ Β βββ ntlm-directories.yaml
βΒ Β βββ old-copyright.yaml
βΒ Β βββ robots.txt.yaml
βΒ Β βββ security.txt.yaml
βΒ Β βββ trace-method.yaml
βΒ Β βββ unencrypted-bigip-ltm-cookie.yaml
βΒ Β βββ xml-schema-detect.yaml
βββ misconfiguration
βΒ Β βββ aem-groovyconsole.yaml
βΒ Β βββ airflow-api-exposure.yaml
βΒ Β βββ apache-tomcat-snoop.yaml
βΒ Β βββ apc-info.yaml
βΒ Β βββ aspx-debug-mode.yaml
βΒ Β βββ aws-redirect.yaml
βΒ Β βββ cgi-test-page.yaml
βΒ Β βββ django-debug-detect.yaml
βΒ Β βββ docker-api.yaml
βΒ Β βββ docker-registry.yaml
βΒ Β βββ druid-monitor.yaml
βΒ Β βββ drupal-user-enum-ajax.yaml
βΒ Β βββ drupal-user-enum-redirect.yaml
βΒ Β βββ elasticsearch.yaml
βΒ Β βββ exposed-kibana.yaml
βΒ Β βββ exposed-service-now.yaml
βΒ Β βββ front-page-misconfig.yaml
βΒ Β βββ hadoop-unauth.yaml
βΒ Β βββ jkstatus-manager.yaml
βΒ Β βββ jupyter-ipython-unauth.yaml
βΒ Β βββ kubernetes-pods.yaml
βΒ Β βββ larvel-debug.yaml
βΒ Β βββ linkerd-ssrf-detect.yaml
βΒ Β βββ manage-engine-ad-search.yaml
βΒ Β βββ nginx-status.yaml
βΒ Β βββ php-errors.yaml
βΒ Β βββ php-fpm-status.yaml
βΒ Β βββ put-method-enabled.yaml
βΒ Β βββ rack-mini-profiler.yaml
βΒ Β βββ salesforce-aura-misconfig.yaml
βΒ Β βββ server-status-localhost.yaml
βΒ Β βββ shell-history.yaml
βΒ Β βββ sidekiq-dashboard.yaml
βΒ Β βββ springboot-detect.yaml
βΒ Β βββ symfony-debugmode.yaml
βΒ Β βββ tomcat-scripts.yaml
βΒ Β βββ unauthenticated-airflow.yaml
βΒ Β βββ unauthenticated-nacos-access.yaml
βΒ Β βββ wamp-xdebug-detect.yaml
βΒ Β βββ zenphoto-installation-sensitive-info.yaml
βββ takeovers
βΒ Β βββ subdomain-takeover.yaml
βββ technologies
βΒ Β βββ apache-detect.yaml
βΒ Β βββ artica-web-proxy-detect.yaml
βΒ Β βββ basic-auth-detection.yaml
βΒ Β βββ bigip-config-utility-detect.yaml
βΒ Β βββ cacti-detect.yaml
βΒ Β βββ clockwork-php-page.yaml
βΒ Β βββ couchdb-detect.yaml
βΒ Β βββ favicon-detection.yaml
βΒ Β βββ firebase-detect.yaml
βΒ Β βββ google-storage.yaml
βΒ Β βββ graphql.yaml
βΒ Β βββ graylog-api-browser.yaml
βΒ Β βββ home-assistant.yaml
βΒ Β βββ jaspersoft-detect.yaml
βΒ Β βββ jolokia.yaml
βΒ Β βββ kibana-detect.yaml
βΒ Β βββ kong-detect.yaml
βΒ Β βββ liferay-portal-detect.yaml
βΒ Β βββ linkerd-badrule-detect.yaml
βΒ Β βββ lotus-domino-version.yaml
βΒ Β βββ lucee-detect.yaml
βΒ Β βββ magmi-detect.yaml
βΒ Β βββ mrtg-detect.yaml
βΒ Β βββ netsweeper-webadmin-detect.yaml
βΒ Β βββ nifi-detech.yaml
βΒ Β βββ oidc-detect.yaml
βΒ Β βββ pi-hole-detect.yaml
βΒ Β βββ prometheus-exposed-panel.yaml
βΒ Β βββ prtg-detect.yaml
βΒ Β βββ redmine-cli-detect.yaml
βΒ Β βββ s3-detect.yaml
βΒ Β βββ sap-netweaver-as-java-detect.yaml
βΒ Β βββ sap-netweaver-detect.yaml
βΒ Β βββ selea-ip-camera.yaml
βΒ Β βββ shiro-detect.yaml
βΒ Β βββ sql-server-reporting.yaml
βΒ Β βββ tech-detect.yaml
βΒ Β βββ telerik-dialoghandler-detect.yaml
βΒ Β βββ telerik-fileupload-detect.yaml
βΒ Β βββ terraform-detect.yaml
βΒ Β βββ tomcat-detect.yaml
βΒ Β βββ tor-socks-proxy.yaml
βΒ Β βββ waf-detect.yaml
βΒ Β βββ weblogic-detect.yaml
βΒ Β βββ werkzeug-debugger-detect.yaml
βββ vulnerabilities
βΒ Β βββ generic
βΒ Β βΒ Β βββ basic-cors.yaml
βΒ Β βΒ Β βββ basic-xss-prober.yaml
βΒ Β βΒ Β βββ crlf-injection.yaml
βΒ Β βΒ Β βββ top-xss-params.yaml
βΒ Β βΒ Β βββ url-redirect.yaml
βΒ Β βββ ibm
βΒ Β βΒ Β βββ eclipse-help-system-xss.yaml
βΒ Β βΒ Β βββ ibm-infoprint-directory-traversal.yaml
βΒ Β βββ jenkins
βΒ Β βΒ Β βββ jenkins-asyncpeople.yaml
βΒ Β βΒ Β βββ jenkins-stack-trace.yaml
βΒ Β βΒ Β βββ unauthenticated-jenkin-dashboard.yaml
βΒ Β βββ jira
βΒ Β βΒ Β βββ jira-service-desk-signup.yaml
βΒ Β βΒ Β βββ jira-unauthenticated-dashboards.yaml
βΒ Β βΒ Β βββ jira-unauthenticated-popular-filters.yaml
βΒ Β βΒ Β βββ jira-unauthenticated-projects.yaml
βΒ Β βΒ Β βββ jira-unauthenticated-user-picker.yaml
βΒ Β βββ moodle
βΒ Β βΒ Β βββ moodle-filter-jmol-lfi.yaml
βΒ Β βΒ Β βββ moodle-filter-jmol-xss.yaml
βΒ Β βββ oracle
βΒ Β βΒ Β βββ oracle-ebs-bispgraph-file-access.yaml
βΒ Β βββ other
βΒ Β βΒ Β βββ acme-xss.yaml
βΒ Β βΒ Β βββ aspnuke-openredirect.yaml
βΒ Β βΒ Β βββ bullwark-momentum-series-directory-traversal.yaml
βΒ Β βΒ Β βββ cached-aem-pages.yaml
βΒ Β βΒ Β βββ couchdb-adminparty.yaml
βΒ Β βΒ Β βββ discourse-xss.yaml
βΒ Β βΒ Β βββ mcafee-epo-rce.yaml
βΒ Β βΒ Β βββ microstrategy-ssrf.yaml
βΒ Β βΒ Β βββ mida-eframework-xss.yaml
βΒ Β βΒ Β βββ nginx-module-vts-xss.yaml
βΒ Β βΒ Β βββ nuuo-nvrmini2-rce.yaml
βΒ Β βΒ Β βββ pdf-signer-ssti-to-rce.yaml
βΒ Β βΒ Β βββ rce-shellshock-user-agent.yaml
βΒ Β βΒ Β βββ rce-via-java-deserialization.yaml
βΒ Β βΒ Β βββ rconfig-rce.yaml
βΒ Β βΒ Β βββ sick-beard-xss.yaml
βΒ Β βΒ Β βββ symantec-messaging-gateway.yaml
βΒ Β βΒ Β βββ thinkific-redirect.yaml
βΒ Β βΒ Β βββ tikiwiki-reflected-xss.yaml
βΒ Β βΒ Β βββ twig-php-ssti.yaml
βΒ Β βΒ Β βββ vpms-auth-bypass.yaml
βΒ Β βΒ Β βββ wems-manager-xss.yaml
βΒ Β βΒ Β βββ yarn-resourcemanager-rce.yaml
βΒ Β βΒ Β βββ zms-auth-bypass.yaml
βΒ Β βββ rails
βΒ Β βΒ Β βββ rails6-xss.yaml
βΒ Β βββ springboot
βΒ Β βΒ Β βββ springboot-actuators-jolokia-xxe.yaml
βΒ Β βΒ Β βββ springboot-h2-db-rce.yaml
βΒ Β βββ thinkphp
βΒ Β βΒ Β βββ thinkphp-2-rce.yaml
βΒ Β βΒ Β βββ thinkphp-5022-rce.yaml
βΒ Β βΒ Β βββ thinkphp-5023-rce.yaml
βΒ Β βΒ Β βββ thinkphp-509-information-disclosure.yaml
βΒ Β βββ vmware
βΒ Β βΒ Β βββ vmware-vcenter-lfi-linux.yaml
βΒ Β βΒ Β βββ vmware-vcenter-lfi.yaml
βΒ Β βββ wordpress
βΒ Β βββ easy-wp-smtp-listing.yaml
βΒ Β βββ sassy-social-share.yaml
βΒ Β βββ w3c-total-cache-ssrf.yaml
βΒ Β βββ wordpress-accessible-wpconfig.yaml
βΒ Β βββ wordpress-db-backup.yaml
βΒ Β βββ wordpress-debug-log.yaml
βΒ Β βββ wordpress-directory-listing.yaml
βΒ Β βββ wordpress-emails-verification-for-woocommerce.yaml
βΒ Β βββ wordpress-emergency-script.yaml
βΒ Β βββ wordpress-installer-log.yaml
βΒ Β βββ wordpress-social-metrics-tracker.yaml
βΒ Β βββ wordpress-tmm-db-migrate.yaml
βΒ Β βββ wordpress-user-enumeration.yaml
βΒ Β βββ wordpress-wordfence-xss.yaml
βΒ Β βββ wordpress-wpcourses-info-disclosure.yaml
βΒ Β βββ wp-enabled-registration.yaml
βΒ Β βββ wp-xmlrpc.yaml
βββ workflows
βββ artica-web-proxy-workflow.yaml
βββ bigip-workflow.yaml
βββ cisco-asa-workflow.yaml
βββ grafana-workflow.yaml
βββ jira-workflow.yaml
βββ liferay-workflow.yaml
βββ lotus-domino-workflow.yaml
βββ magmi-workflow.yaml
βββ mida-eframework-workflow.yaml
βββ netsweeper-workflow.yaml
βββ rabbitmq-workflow.yaml
βββ sap-netweaver-workflow.yaml
βββ solarwinds-orion-workflow.yaml
βββ springboot-workflow.yaml
βββ thinkphp-workflow.yaml
βββ vbulletin-workflow.yaml
βββ wordpress-workflow.yaml
54 directories, 483 files.
Please navigate to https://nuclei.projectdiscovery.io for detailed documentation to build new and your own custom templates, we have also added many example templates for easy understanding.
Nuclei-templates is powered by major contributions from the community. Template contributions , Feature Requests and Bug Reports are more than welcome.
Have questions / doubts / ideas to discuss? feel free to open a discussion using Github discussions board.
You are welcomed to join our Discord Community. You can also follow us on Twitter to keep up with everything related to projectdiscovery.
- Use YAMLlint (e.g. yamllint to validate the syntax of templates before sending pull requests.
Thanks again for your contribution and keeping the community vibrant. β€οΈ