# README
Using Nuclei as Library
Nuclei was primarily built as a CLI tool, but with increasing choice of users wanting to use nuclei as library in their own automation, we have added a simplified Library/SDK of nuclei in v3
Installation
To add nuclei as a library to your go project, you can use the following command:
go get -u github.com/Explorer1092/nuclei/v3/lib
Or add below import to your go file and let IDE handle the rest:
import nuclei "github.com/Explorer1092/nuclei/v3/lib"
Basic Example of using Nuclei Library/SDK
// create nuclei engine with options
ne, err := nuclei.NewNucleiEngine(
nuclei.WithTemplateFilters(nuclei.TemplateFilters{Severity: "critical"}), // run critical severity templates only
)
if err != nil {
panic(err)
}
// load targets and optionally probe non http/https targets
ne.LoadTargets([]string{"scanme.sh"}, false)
err = ne.ExecuteWithCallback(nil)
if err != nil {
panic(err)
}
defer ne.Close()
Advanced Example of using Nuclei Library/SDK
For Various use cases like batching etc you might want to run nuclei in goroutines this can be done by using nuclei.NewThreadSafeNucleiEngine
// create nuclei engine with options
ne, err := nuclei.NewThreadSafeNucleiEngine()
if err != nil{
panic(err)
}
// setup waitgroup to handle concurrency
wg := &sync.WaitGroup{}
// scan 1 = run dns templates on scanme.sh
wg.Add(1)
go func() {
defer wg.Done()
err = ne.ExecuteNucleiWithOpts([]string{"scanme.sh"}, nuclei.WithTemplateFilters(nuclei.TemplateFilters{ProtocolTypes: "http"}))
if err != nil {
panic(err)
}
}()
// scan 2 = run http templates on honey.scanme.sh
wg.Add(1)
go func() {
defer wg.Done()
err = ne.ExecuteNucleiWithOpts([]string{"honey.scanme.sh"}, nuclei.WithTemplateFilters(nuclei.TemplateFilters{ProtocolTypes: "dns"}))
if err != nil {
panic(err)
}
}()
// wait for all scans to finish
wg.Wait()
defer ne.Close()
More Documentation
For complete documentation of nuclei library, please refer to godoc which contains all available options and methods.
Note
| :exclamation: Disclaimer |
|---|
| This project is in active development. Expect breaking changes with releases. Review the release changelog before updating. |
| This project was primarily built to be used as a standalone CLI tool. Running nuclei as a service may pose security risks. It's recommended to use with caution and additional security measures. |
# Packages
No description provided by the author
# Functions
DASTMode only run DAST templates.
EnableCodeTemplates allows loading/executing code protocol templates.
EnableHeadless allows execution of headless templates *Use With Caution*: Enabling headless mode may open up attack surface due to browser usage and can be prone to exploitation by custom unverified templates if not properly configured.
EnablePassiveMode allows enabling passive HTTP response processing mode.
EnableStats enables Stats collection with defined interval(in sec) and callback Note: callback is executed in a separate goroutine.
GetTargetsFromTemplateMetadata returns all targets by querying engine metadata (ex: fofo-query,shodan-query) etc from given templates .
GetTargetsFromUncover returns targets from uncover in given format .
LoadSecretsFromFile allows loading secrets from file.
NewNucleiEngine creates a new nuclei engine instance.
NewThreadSafeNucleiEngine creates a new nuclei engine with given options whose methods are thread-safe and can be used concurrently Note: Non-thread-safe methods start with Global prefix.
SignedTemplatesOnly only run signed templates and disabled loading all unsigned templates.
UseOutputWriter allows setting custom output writer by default a mock writer is used with user defined callback if outputWriter is used callback will be ignored.
UseStatsWriter allows setting a custom stats writer which can be used to write stats somewhere (ex: send to webserver etc).
WithAuthProvider allows setting a custom authprovider implementation.
WithCatalog uses a supplied catalog.
WithConcurrency sets concurrency options.
WithGlobalRateLimit sets global rate (i.e all hosts combined) limit options.
WithHeaders allows setting custom header/cookie to include in all http request in header:value format.
WithInteractshOptions sets interactsh options.
WithNetworkConfig allows setting network config options.
WithProxy allows setting proxy options.
WithSandboxOptions allows setting supported sandbox options.
WithScanStrategy allows setting scan strategy options.
WithTemplateFilters sets template filters and only templates matching the filters will be loaded and executed.
WithTemplatesOrWorkflows sets templates / workflows to use /load.
WithTemplateUpdateCallback allows setting a callback which will be called when nuclei templates are outdated Note: Nuclei-templates are crucial part of nuclei and using outdated templates or nuclei sdk is not recommended as it may cause unexpected results due to compatibility issues.
WithVerbosity allows setting verbosity options of (internal) nuclei engine and does not affect SDK output.
# Variables
DefaultConfig is instance of default nuclei configs any mutations to this config will be reflected in all nuclei instances (saves some config to disk).
ErrNoTargetsAvailable is returned when no targets are available to scan.
ErrNoTemplatesAvailable is returned when no templates are available to execute.
ErrNotImplemented is returned when a feature is not implemented.
ErrOptionsNotSupported is returned when an option is not supported in thread safe mode.
# Structs
Concurrency options.
HeadlessOpts contains options for headless templates.
NetworkConfig contains network config options ex: retries , httpx probe , timeout etc.
NucleiEngine is the Engine/Client for nuclei which runs scans using templates and returns results.
StatsOptions.
config contains all SDK configuration options.
TemplateSources contains template sources which define where to load templates from.
ThreadSafeNucleiEngine is a tweaked version of nuclei.Engine whose methods are thread-safe and can be used concurrently.
VerbosityOptions.
# Type aliases
InteractshOpts contains options for interactsh.
NucleiSDKOptions contains options for nuclei SDK.
OutputWriter.
StatsWriter.