What is Nuclei?
Nuclei is a modern, high-performance vulnerability scanner that leverages simple YAML-based templates. It empowers you to design custom vulnerability detection scenarios that mimic real-world conditions, leading to zero false positives.Simple YAML templates
Create and customize vulnerability templates with an easy-to-learn YAML format
Community-driven
Contributed by thousands of security professionals to tackle trending vulnerabilities
Ultra-fast scanning
Parallel scan processing and request clustering for maximum performance
Multi-protocol support
Supports TCP, DNS, HTTP, SSL, WHOIS, JavaScript, Code and more protocols
Why Nuclei?
Traditional vulnerability scanners were built decades ago. They are closed-source, incredibly slow, and vendor-driven. Today’s attackers are mass exploiting newly released CVEs across the internet within days, unlike the years it used to take. This shift requires a completely different approach to tackling trending exploits on the internet.Nuclei reduces false positives by simulating real-world steps to verify a vulnerability, rather than relying on simple signature matching.
Key benefits
- Reduce false positives - Simulate real-world steps to verify vulnerabilities
- Integrate into CI/CD - Perfect for vulnerability detection and regression testing in pipelines
- Extensive integrations - Connect with Jira, Splunk, GitHub, Elastic, GitLab and more
- Open source - Fully transparent, customizable, and community-driven
- Rapid updates - Stay ahead with templates updated daily to cover the latest vulnerabilities
Use cases
Nuclei is now used and contributed by Fortune 500 enterprises, government agencies, and universities for various security use cases:Vulnerability assessment
Vulnerability assessment
Scan web applications, networks, and infrastructure for known CVEs and security misconfigurations using community templates or custom detection rules.
Continuous security testing
Continuous security testing
Integrate Nuclei into CI/CD pipelines to automatically detect vulnerabilities during development and deployment phases.
Attack surface monitoring
Attack surface monitoring
Continuously monitor your external attack surface for new vulnerabilities, exposed services, and security issues.
Security research
Security research
Create custom templates to identify and validate novel vulnerability patterns and security research findings.
Penetration testing
Penetration testing
Accelerate penetration testing engagements with automated vulnerability detection across multiple protocols.
Next steps
Get started with Nuclei in minutes:Install Nuclei
Install Nuclei using Go, package managers, or binary releases
Quick start guide
Run your first scan and learn the basics
Key features
Explore Nuclei’s powerful capabilities
Template library
Browse thousands of community templates
Community and support
Join Discord
Connect with the ProjectDiscovery community
GitHub repository
Star the repo and contribute to the project