Nuclei Templates FAQ

For info on the Nuclei Template Editor or using templates on our cloud platform - learn more here.

What are Nuclei templates?

Nuclei templates are the core of the Nuclei project. The templates contain the actual logic that is executed in order to detect various vulnerabilities. The project consists of several thousand ready-to-use community-contributed vulnerability templates.

How can I write Nuclei templates?

We maintain a template guide for writing new and custom Nuclei templates.

How can writing Nuclei templates help me or my organization?

Performing security assessment of an application is time-consuming. It’s always better and time-saving to automate steps whenever possible. Once you’ve found a security vulnerability, you can prepare a Nuclei template by defining the required HTTP request to reproduce the issue, and test the same vulnerability across multiple hosts with ease. It’s worth mentioning ==you write the template once and use it forever==, as you don’t need to manually test that specific vulnerability any longer.

Here are few examples from the community making use of templates to automate the security findings:

https://dhiyaneshgeek.github.io/web/security/2021/02/19/exploiting-out-of-band-xxe/

How do I run Nuclei templates?

Nuclei templates can be executed using a template name or with tags, using -templates (-t) and -tags flag, respectively.

Copy

Ask AI

nuclei -tags cve -list target_urls.txt

How can I contribute a Nuclei template?

You are always welcome to share your templates with the community. You can either open a GitHub issue with the template details or open a GitHub pull request with your nuclei templates. If you don’t have a GitHub account, you can also make use of the discord server to share the template with us.

I'm getting false-positive results!

The Nuclei template project is a community-contributed project. The ProjectDiscovery team manually reviews templates before merging them into the project. Still, there is a possibility that some templates with weak matchers will slip through the verification. This could produce false-positive results. Templates are only as good as their matchers.

If you identified templates producing false positive/negative results, here are few steps that you can follow to fix them quickly.

I found a template producing false positive or negative results, but I'm not sure if this is accurate.

Direct message us on Twitter or Discord to confirm the validity of the template.

I found a template producing false positive or negative result and I don't know how to fix it.

Please open a GitHub issue with details, and we will work to address the problem and update the template.

I found a template producing a false positive or negative result and I know how to fix it.

Please open a GitHub pull request with fix.

Why can't I run all Nuclei templates?

The Nuclei templates project houses a variety of templates which perform fuzzing and other actions which may result in a DoS against the target system (see the list here). To ensure these templates are not accidentally run, they are tagged and excluded them from the default scan. These templates can be only executed when explicitly invoked using the -itags option.

Templates exist on GitHub but are not running with Nuclei?

When you download or update Nuclei templates using the Nuclei binary, it downloads all the templates from the latest release. All templates added after the release exist in the master branch and are added to Nuclei when a new template release is created.

Templates

Protocols

Reference

Workflows