Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Build out the default command string #82

Closed
epi052 opened this issue Aug 12, 2020 · 1 comment
Closed

Build out the default command string #82

epi052 opened this issue Aug 12, 2020 · 1 comment
Labels
project-item Issue related to an ongoing effort
Projects
Add Nuclei Scanner to Pipeline
Milestone
v1.1.0

Comments

@epi052
Copy link
Owner

epi052 commented Aug 12, 2020

Nuclei is a template based scanner. As such, not every template is appropriate to use on every single scan.

Ones that need to be excluded:

  • brute-force
  • payloads
  • workflows

Workflows appear to simply wrap existing templates with add'l logic. We're probably double-tapping if we include them.

Command is probably something like

nuclei -t /tmp/stuff/nuclei-templates/cves -l TARGETS -silent -json

Need to explore -json vs. -json-requests
@epi052 epi052 added this to To do in Add Nuclei Scanner to Pipeline via automation Aug 12, 2020
@epi052 epi052 added the project-item Issue related to an ongoing effort label Aug 12, 2020
@epi052 epi052 changed the title [PROJECT ITEM] Build out the default command string Build out the default command string Aug 12, 2020
This was referenced Aug 12, 2020
Closed
Closed
@epi052 epi052 added this to the v1.1.0 milestone Aug 27, 2020
@epi052
Copy link
Owner Author

epi052 commented Aug 30, 2020

nuclei -t ~/.local/recon-pipeline/tools/nuclei-templates/panels -t /home/epi/.local/recon-pipeline/tools/nuclei-templates/subdomain-takeover -t /home/epi/.local/recon-pipeline/tools/nuclei-templates/tokens -t /home/epi/.local/recon-pipeline/tools/nuclei-templates/security-misconfiguration -t /home/epi/.local/recon-pipeline/tools/nuclei-templates/default-credentials -t /home/epi/.local/recon-pipeline/tools/nuclei-templates/dns -t /home/epi/.local/recon-pipeline/tools/nuclei-templates/vulnerabilities -t /home/epi/.local/recon-pipeline/tools/nuclei-templates/files -t /home/epi/.local/recon-pipeline/tools/nuclei-templates/generic-detections -t ~/.local/recon-pipeline/tools/nuclei-templates/cves/ -t ~/.local/recon-pipeline/tools/nuclei-templates/technologies/ -l TARGET_LIST -silent -o whatver-output-file -json

@epi052 epi052 closed this as completed Aug 30, 2020
Add Nuclei Scanner to Pipeline automation moved this from To do to Done Aug 30, 2020
@epi052 epi052 reopened this Aug 30, 2020
Add Nuclei Scanner to Pipeline automation moved this from Done to In progress Aug 30, 2020
@epi052 epi052 moved this from In progress to Done in Add Nuclei Scanner to Pipeline Aug 30, 2020
@epi052 epi052 closed this as completed Aug 30, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
project-item Issue related to an ongoing effort
Projects
Add Nuclei Scanner to Pipeline
  
Done
Milestone
v1.1.0
Development

No branches or pull requests
1 participant
@epi052