Automated Codification of Vulnerabilities into Nuclei Templates.
NucleiGPT leverages the power of Embeddings & Large Language Models (LLMs) to transform vulnerability data from diverse sources into actionable Nuclei templates. This project is intended to help security professionals automate the process of codifying vulnerabilities into Nuclei templates.
- Codify Bug Bounty Reports: Integrating with HackerOne allows NucleiGPT to automatically generate a nuclei template for each new bounty report that comes in. By doing so, you allow empower developers with a security unit test that proves their patch works by integrating the nuclei test into their CI/CD pipeline.
- Codify Pentest Reports: Upload your pentest report and have NucleiGPT automatically parse findings that can be codified into nuclei templates.
- Vulnerability Surface: Vulnerabilities that are identified from a scanner, pentest or bug bounty program are great, but due to a limited scope they may not be able to identify all instances of the vulnerability across your attack surface. Using NucleiGPT you can run precision tests across all assets that may be out of scope for bug bounties or pentests.
Check out our detailed blog article that dives into the engineering aspects and design decisions behind the project.
- CVE to Nuclei Template:
Turn common vulnerability exposures into actionable templates. (This will even attempt to convert CVEs that are not yet supported by ProjectDiscovery's Nuclei Templates repository.) - Pentest to Nuclei Template:
Transform pentest pdf reports into standardized Nuclei Templates. - HackerOne to Nuclei Template:
Convert bug bounty findings from HackerOne into ready-to-use templates. - Jira (Vuln) to Nuclei Template:
(Coming Soon): Seamlessly shift from vulnerability tickets to actionable templates. - Vulcan to Nuclei Template:
(Coming Soon): Migrate findings from Vulcan to Nuclei effortlessly.
(Coming Soon)
(Coming Soon)