Hi Everyone
In this blog, I will cover the process of automating and identifying the bugs using Nuclei and the methodology of writing the customized nuclei templates
Nuclei
- Download and install nuclei using the following command
GO111MODULE=on go get -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei
Note: Make sure that you have already installed the Go version of 1.14 or above in your system.
How it Works
How to Write your Own Nuclei Template
Note : these below mentioned details are needed to write a good nuclei template
- Request
- Response
- Strict Matcher
Let's take an example , you are reading about a bug or vulnerability blog as shown below.
Now we have the request , response and matcher to create a nuclei template.
- Scanning for misconfiguration on given list of URLs.
nuclei -l target_urls.txt -t misconfigured-docker.yaml
Now let’s take a another example, you are scrolling through Twitter and found some New Exploit has been released as shown below.
If you know what is the Request, Response, Strict Matcher , it is easy to write a nuclei template.
- Scanning for CVE-2020-36289 on given list of URLs.
nuclei -l target_urls.txt -t CVE-2020-36289.yaml
More Nuclei Templates can be found here https://github.com/projectdiscovery/nuclei-templates.
Note:-
Below mentioned are some of the places where you can find source for writing nuclei templates.
- Google Dorks - GHDB is an index of search queries to get filtered search results
- Vulhub - Pre-Built Vulnerable Environments Based on Docker-Compose
- PeiQi-WIKI-POC - Place where Exploits of various Tech Stack are Stored
- Awesome-CVE-POC - Collection about Proof of Concepts of Common Vulnerabilities and Exposures
Multiple search engines are available for the information gathering of various technologies that are exposed on the Internet. These can prove to be useful while creating the nuclei templates. Some of which are as follows : -
- Shodan - Search Engine for the Internet of Everything
- Fofa - Cyberspace Surveying and Mapping
- PublicWWW - Source Code Search Engine
- ZoomEye - Cyberspace Search Engine
- Spyse - Internet Assets Search Engine
Nuclei Unleashed
Nuclei is capable of doing the following things
- Out-Of-Band Interaction (OOB) using Interactsh
- File Requests with Nuclei
- Author Based Execution
Reference:-
Writing Network Templates with Nuclei
Writing nuclei templates for WordPress CVEs
Writing security templates for Apache Airflow
Nuclei Unleashed - Quickly write complex exploits
Nuclei - Fuzz all the things
Exploiting Race conditions with Nuclei
Huge Shout out to Project Discovery Team for creating Amazing Tools
Kudos to all the active contributors out there !!!
Thanks a lot for reading !!!.