Pinned
🚨 CVE-2025-0133 – Reflected XSS in PAN-OS
Affects Palo Alto firewalls. Issued just 6 days ago.
Nuclei detection template is now live ⚡️
#xss #infosec #security #bugbounty #paloalto
Nuclei by ProjectDiscovery
2,027 posts
Nuclei by ProjectDiscovery
@pdnuclei
Nuclei uses a vast templating library to scan applications, cloud infrastructure, and networks to find and remediate vulnerabilities.
Joined April 2020
- Using wildcard glob support in nuclei, you can quickly scan for CVEs of specific years, for example, 𝗻𝘂𝗰𝗹𝗲𝗶 -𝘁 '𝗰𝘃𝗲𝘀/𝗖𝗩𝗘-𝟮𝟬𝟮𝟬*' will scan for all the CVEs assigned in 2020 from nuclei templates project. #nucleitips #hackwithautomation
- Scanning Log4j RCE - CVE-2021-44228 using Nuclei Template shared by @_melbadry9 @daffainfo @DhiyaneshDK Template - github.com/projectdiscove… Reference - github.com/advisories/GHS… #hackwithautomation #bugbounty #pentest #security
- Subdomain takeover detection #OneLiners - used command and details are in the thread. #bugbountytips #security #takeover #detection
- Apache <= 2.4.48 - Mod_Proxy SSRF (CVE-2021-40438) Nuclei Template - github.com/projectdiscove… Reference - firzen.de/building-a-poc… #apache #cve #ssrf #bugbounty #pentest #appsec
- Scan for CVE-2024-47176 (CUPS - Remote Code Execution) with Nuclei Vulnerability discovery and analysis by @evilsocket: evilsocket.net/2024/09/26/Att… Nuclei Template: cloud.projectdiscovery.io/?template=CVE-… #hackwithautomation #cybersecurity #bugbounty
- New - Grafana unauthorized arbitrary file read Template: github.com/projectdiscove… by z0ne, dhiyaneshDk Reference: nosec.org/home/detail/49… #bugbounty #pentest #appsec
- Here is how you can use #httpx to import a list of a) URLs b) Subdomains c) Endpoints to Burp suite for further crawling or scanning. #bugbountytips #pentest #security #hackwithautomation #burpsuite
00:00 - Scan for F5 BIG-IP - Unauthenticated RCE via AJP Smuggling (CVE-2023-46747) using nuclei templates shared by @iamnoooob @rootxharsh Template - github.com/projectdiscove… Analysis - praetorian.com/blog/refresh-c… by @praetorianlabs Advisory - my.f5.com/manage/s/artic…
- #oneliner ✅ Subdomain enumeration ✅ Full port scan ✅ HTTP web server detection #security #bugbountytips #portscan #subdomain #chaos
- Nuclei reaches 10K 🌟on GitHub 🎉 To celebrate this, we're giving away 1 @Burp_Suite pro license. To participate, retweet this and comment with the most impactful bug/bounty you have found using nuclei. github.com/projectdiscove… #hackwithautomation #security #oss #bugbounty
- You can use #httpx to request any path and see the status code and length and other details on the go, filter, or matcher flags if you want to be more specific. httpx -path /swagger-api/ -status-code -content-length #hackwithautomation #recon #bugbountytips #infosec
- [NEW-RELEASE] Nuclei Template Editor - AI-powered hub to create, debug, scan, and store templates. Collaborate effortlessly with your team and community. Public signup is open; we're eager to hear your feedback on this early release. - Editor: templates.nuclei.sh - Docs:
00:00
