Nuclei Executor¶
Category: Network and Vulnerability Scanners
Script: nuclei.py
Integration: CLI
Faraday Plugin: NucleiPlugin
Website: https://nuclei.projectdiscovery.io/
Description¶
Runs ProjectDiscovery's Nuclei template-based vulnerability scanner against one or more targets. Nuclei uses YAML templates to detect security issues across web applications, APIs, networks, and cloud infrastructure.
Prerequisites¶
- Nuclei installed and available in
$PATH - Nuclei templates directory available locally
- Verify:
nuclei --version
Configuration¶
Environment Variables (Setup)¶
| Variable | Required | Description |
|---|---|---|
NUCLEI_TEMPLATES |
Yes | Path to the Nuclei templates directory (e.g., /root/nuclei-templates) |
Execution Arguments¶
| Parameter | Type | Mandatory | Description |
|---|---|---|---|
NUCLEI_TARGET |
list | Yes | Comma-separated list of target URLs or IPs |
NUCLEI_EXCLUDE |
list | No | Comma-separated list of template paths to exclude (relative to the templates directory) |
YAML Configuration Example¶
executors:
nuclei_scan:
repo_executor: nuclei.py
max_size: 65536
varenvs:
NUCLEI_TEMPLATES: /root/nuclei-templates
params:
NUCLEI_TARGET:
mandatory: true
type: list
base: list
NUCLEI_EXCLUDE:
mandatory: false
type: list
base: list
How It Works¶
- Reads the target list from
NUCLEI_TARGET - For a single target, runs:
nuclei -target <url> -t <templates_path> -j -o <output.json> - For multiple targets, writes them to a file and runs:
nuclei -l <urls_file> -t <templates_path> -j -o <output.json> - Applies template exclusions if
NUCLEI_EXCLUDEis specified - Parses the JSON output through
NucleiPluginand outputs Faraday JSON
Notes¶
- The
-jflag enables JSON output, which is required for the Faraday plugin to parse results - Template exclusions are relative paths within the templates directory (e.g.,
cves/2020/) - Keep templates updated with
nuclei -update-templatesfor best coverage