**Note: The content in this article is only for educational purposes and understanding of cybersecurity concepts. It should enable people and organizations to have a better grip on threats and know how to protect themselves against them. Please use this information responsibly.**
A lightweight tool to check for vulnerabilities, Nuclei is an open-source tool that scans for vulnerabilities in networks and web applications. It’s known for being fast and adaptable. Created by ProjectDiscovery, it stands out for its template-based scanning approach. These templates, written in YAML, allow users to define specific vulnerabilities they want to scan for, making Nuclei highly customizable and adaptable to different needs. This flexibility empowers security professionals to tailor their scans, focusing on specific threats or network configurations.
Nuclei supports scanning across multiple protocols, including HTTP, DNS, TCP, and others, providing a wide range of use cases. It’s built to be high-performance and capable of handling large-scale scans across massive infrastructures without sacrificing speed or efficiency. The tool’s extendibility also means users can modify or create new templates, making it versatile for different vulnerability detection scenarios.
Key features:
1. Template-Based Scanning: Nuclei works with YAML templates you can customize. These templates set up different scans for vulnerabilities.
2. High Performance: It can handle big networks and applications due to its processing capabilities.
3. Customizable and Extendable: You can change existing templates or create new ones to look for specific vulnerabilities or situations.
4. Integration Capabilities: You can add Nuclei to other tools and platforms, including CI/CD systems. This allows for automatic and ongoing security checks.
5. Multi-Protocol Support: It can scan various protocols like HTTP, DNS, and TCP. This gives you options for different scanning needs.
How to install Go in Kali:
- Visit https://go.dev/ and click on Download.
- In the download section, see the latest version of Linux. Right-click on it and copy its download link.
The latest version of Go while writing this article is 1.22.6
Download link: https://go.dev/dl/go1.22.6.linux-amd64.tar.gz
- Open Kali Linux and open the terminal. Make sure you are the root user.
Download using this command: wget https://go.dev/dl/go1.22.6.linux-amd64.tar.gz
- Extract into usr/local and create a Go tree using the following command:
rm -rf /usr/local/go && tar -C /usr/local -xzf go1.22.6.linux-amd64.tar.gz
- To add environment PATH variable, write in terminal: nano ~/.zshrc
- Go to the bottom of the file and write the following commands:
GOPATH=/root/go-workspace
export GOROOT=/usr/local/go
PATH=$PATH:$GOROOT/bin/:$GOPATH/bin
Save the file after pasting all the commands.
- After that write the command: source ~/.zshrc
- Go Lang is installed successfully. Check it by writing: go version
Let’s install Nuclei now
- Run the command:
go install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest
- Go to the following directory:
cp /root/go/bin/nuclei /usr/local/go/bin/
- Update all the templates: nuclei -update-templates
- To update the nuclei engine: nuclei -update
Testing http://testphp.vulnweb.com/ using nuclei
Input: nuclei -target http://testphp.vulnweb.com/
Output:
Conclusion
Nuclei has some perks. It performs well and works because it can scan many applications at once. You can change its template system to fit what you need, and it works with different protocols, so you can use it for various scanning scenarios. Plus, it is open-source, so it is free and gets help from the community. But Nuclei isn’t perfect. You need to learn how to use YAML to make the templates work for you. It might not cover everything you want right away, so you might have to make or change templates to scan everything you need. Also, if you want to use Nuclei in CI/CD pipelines, it can be tricky and setting up could have some complex steps.
Summary points:
1. Installing Go on Kali Linux:
- Download the latest version of Go from the official website.
- Use terminal commands to download and extract Go.
- Configure environment variables in ~/.zshrc.
- Verify the installation with go version.
2. Installing Nuclei:
- Use go install command to install Nuclei.
- Copy the binary to /usr/local/go/bin/.
- Update templates with nuclei -update-templates and the engine with nuclei -update.
3. Testing Nuclei:
- Example scan using nuclei -target http://testphp.vulnweb.com/
