Nuclei is a community-powered vulnerability scanner that uses YAML-based templates to detect CVEs, misconfigurations, exposed panels, and more across HTTP, DNS, TCP, and other protocols.
go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest # Update templates nuclei -update-templates # Verify nuclei -version
# Scan a single target nuclei -u http://localhost # Scan with specific tags nuclei -u http://localhost -tags sqli,xss,lfi # Scan with severity filter nuclei -u http://localhost -severity high,critical # Scan a list of targets nuclei -l targets.txt -t exposures/ -o results.txt # Scan with rate limiting nuclei -u http://target.com -rate-limit 50 -concurrency 10
# Exposed admin panels nuclei -u http://localhost -tags panel # Default credentials nuclei -u http://localhost -tags default-login # Misconfigurations nuclei -u http://localhost -t misconfiguration/ # CVE detection nuclei -u http://localhost -t cves/ -severity critical,high # File exposure nuclei -u http://localhost -t exposures/files/
# Scan local labs for low-hanging fruit nuclei -u http://localhost -tags lfi,rfi,sqli,xss -severity medium,high,critical # Look for exposed files (robots.txt, .git, backups) nuclei -u http://localhost -t exposures/files/ -t exposures/configs/ # Look for open redirects nuclei -u http://localhost -tags redirect
id: custom-flag-finder
info:
name: hackxpert Flag Finder
author: you
severity: info
requests:
- method: GET
path:
- "{{BaseURL}}/flag.txt"
- "{{BaseURL}}/secret.txt"
- "{{BaseURL}}/.env"
matchers:
- type: word
words:
- "flag{"