Key Features

Scans are at the heart of the ProjectDiscovery Cloud Platform (PDCP). Upload Assets to your environment, select the templates you want to use, and configure a scan to check for exploitable vulnerabilities.

Features include:

  • Connecting existing Nuclei scans
  • Creating new scans
  • Viewing active vulnerabilities
  • Scheduling scans
  • Exporting scan details
  • Determining active CVEs
  • Rescanning

Getting Started

Before you get started with scanning you will need two things:

  • To add your Assets
  • To select the templates you want to use

Assets

Assets can be added in several ways. Refer to the Assets documentation for details on adding your Assets through upload, asset discovery, or cloud integrations.

Templates

PDCP includes our large community-curated library of public Nuclei templates. You can use all of those templates, our subset of recommended templates, a specific selection of templates, or you can create or add your own custom templates.

  • Check out the main Nuclei templates section to learn more about templates or,
  • Review the Templates & Editor section for more information on using templates and the editor within PDCP

Creating Scans

Scans can be connected through an existing Nuclei setup, or directly created through PDCP. Select the assets you want to scan, choose your templates, and select your scan options as desired to create a scan.

Reviewing Scan Results (Vulnerabilities)

Find a scan

Existing scans are located in the main Scans section of your PDCP environment. You can scroll through the list or use search to locate a specific scan. You can also filter based on the scan status to narrow the scope of displayed scans.

Scan details (Viewing)

Selecting an individual scan opens a scan detail page that includes:

  • Summary information (Total vulnerabilities, Active CVEs, Total assets)
  • Filtering options for the displayed vulnerabilities (Status, Severity, Host information, templates)
  • All vulnerabilities identified by the scan with corresponding severities

Scan details (Actions)

The scan detail page also includes capabilities for:

  • Rescanning
  • Exporting
  • Retesting individual vulnerabilities
  • Status management for vulnerabilities (open, closed, mark as a false positive)

Vulnerability details

Selecting an individual vulnerability shows details including:

  • The location (URL) where the vulnerability was identified
  • The template used to identify the vulnerability
  • Vulnerability details including status, timestamp, IP address