Cloud Platform
- Introduction
- OSS vs Cloud
- Integrations
- Assets
- Vulnerability Scanning
- Templates & Editor
- Overview
- FAQ
- Editor
- Recommended
- General Admin
Templates & Editor FAQ
Answers to common questions about Nuclei templates and our cloud platform template editor
Nuclei templates are the core of the Nuclei project and ProjectDiscovery Cloud Platform. The templates contain the actual logic that is executed in order to detect various vulnerabilities.
The ProjectDiscovery template library contains several thousand ready-to-use community-contributed vulnerability templates. We are continuously working with our open source community to update and add templates as vulnerabilities are discovered.
We maintain a template guide for writing new and custom Nuclei templates. ProjectDiscovery Cloud Platform also provides AI support to assist in writing and testing custom templates. - Check out our documentation on the Templates Editor for more information.
Performing security assessment of an application is time-consuming. It’s always better and time-saving to automate steps whenever possible. Once you’ve found a security vulnerability, you can prepare a Nuclei template by defining the required HTTP request to reproduce the issue, and test the same vulnerability across multiple hosts with ease. It’s worth mentioning ==you write the template once and use it forever==, as you don’t need to manually test that specific vulnerability any longer.
Here are few examples from the community making use of templates to automate the security findings:
- https://dhiyaneshgeek.github.io/web/security/2021/02/19/exploiting-out-of-band-xxe/
- https://blog.melbadry9.xyz/fuzzing/nuclei-cache-poisoning
- https://blog.melbadry9.xyz/dangling-dns/xyz-services/ddns-worksites
- https://blog.melbadry9.xyz/dangling-dns/aws/ddns-ec2-current-state
- https://projectdiscovery.io/blog/if-youre-not-writing-custom-nuclei-templates-youre-missing-out
- https://projectdiscovery.io/blog/the-power-of-nuclei-templates-a-universal-language-of-vulnerabilities
Nuclei templates are selected as part of any scans you create. You can select pre-configured groups of templates, individual templates, or add your own custom templates as part of your scan configuration.
- Check out the scanning documentation to learn more.
You are always welcome to share your templates with the community. You can either open a GitHub issue with the template details or open a GitHub pull request with your Nuclei templates. If you don’t have a GitHub account, you can also make use of the discord server to share the template with us.
You own any templates generated by the AI through the Template Editor. They are your property, and you are granted a perpetual license to use and modify them as you see fit.
The Template Editor feature in PDCP uses OpenAI.
Yes, prompts are stored as part of the generated template metadata. This data is deleted as soon as the template or the user are deleted.
The accuracy of the generated templates is primarily dependent on the detail and specificity of the input you provide. The more detailed information you supply, the better the AI can understand the context and create an accurate template. However, as with any AI tool, it is highly recommended to review, validate, and test any generated templates before using them in a live environment.
No, AI does not use the templates you generate for further training or improvement of the AI model. The system only uses public templates and CVE data for training, ensuring your unique templates remain confidential.
Was this page helpful?