Nuclei Full Tutorial | Updated [ 2024 ]


In this post, You will learn what is nuclei and how it works and all the commands related to the tool.

Below is the video format of the post, Do check it out


What is Nuclei

Nuclei is a vulnerability analysis tool, Nuclei is used to send requests across targets based on a template, leading to zero false positives and providing fast scanning on a large number of hosts.

Nuclei offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless etc.

Just using the nuclei we can do a lot of security checks, The results are quiet awesome.

Some alternative for Nuclei is OpenVas, Nessus, Nikto. My personal favourite is going to be Nessus and Openvas.

In simple Nuclei is another vulnerability analysis tool with additional features.


Who Developed Nuclei

The initial release was done by Ice3man543 And later maintained by sandeep singh. And also I appreciate the other developer who contributed to this tool ❤️

Features in Nuclei

  • YAML-based templates
  • Extensible template library
  • Support for multiple protocols
  • Parallel and fast scanning
  • Integration with other tools

How to Install Nuclei ⬇️

Before installing nuclei, Make sure you have installed go and dependencies and below is the command to install nuclei.

Linux: sudo apt-get install nuclei 
Win: go get -u

How to use Nuclei

Follow every example carefully by end of thispost you will be very familiar with the tool and if you continuously work for 2 -4 hrs you will become a pro.

Work hard until you reach your goal let’s make hand’s wet

BY ME ????

Default Mode

In default mode we can just mention a domain to scan for with no additional commands. Also If there is any open ports we can add that to get specific results.

nuclei -u

I have found my site has open ports, And I thought of scanning the port 22 that is SSH.

These commands will use nuclei to scan for thousands of known vulnerabilities and enumerate information about the target(s).

The results are quiet great, Try on my site you can see all the in depth results of DNS record. I am really surprised so far ❤️

Scanning Multiple Sites

To scan for multiple sites we can add the -l command.

nuclei -l domains.txt

Tool Integration

We can integrate multiple tools to reduce the work burden and get some awesome result.

subfinder -d domains.txt | httpx | nuclei -t "http/technologies/prestashop-detect.yaml"


If you don’t know what template to use against the target, Then just use the auto selection.

nuclei -u -as

If you want to use the latest template then try the below command.

nuclei -u -nt

We can also add a specific template to scan against the target.

You know what we can filter by tags, Check the below command.

nuclei -u -tags jira,generic

Selecting templates by severity.

nuclei -u -s critical,high,medium,low,info -as


You will be wondering where I got the templates from, Well below is a link go check it out.

In the search options you can enter whatever you need, If you need DNS results just enter DNS and copy the yaml script and run against the target.

Also you can find many templates ink OSINT, PD Teams, CVE-2023, RCE and takeover.

Rate Limiting

Rate limiting can also be specified in terms of requests per minute with the -rlm <int> option.

nuclei -u -rl 3 -c 2

Also we can set timeout, retries and errors.

  • Timeout Length (-timeout) (Default value is 5)
  • Number of Retries (-retries)
  • Number of Errors (-mhe)

Resume Scan

We can also resume the scan, All the scan results will be in /home/user/.config dir.

nuclei -l domains.txt -resume /home/rick/.config/nuclei/resume-ci5g1996u63ag4n7897g.cfg


In my personal opinion this is one of the best vulnerability analysis tool, It’s really very fun to use it and it’s better than Nikto.

See you guys in the next post ❤️


Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions or brave browser to block ads. Please support us by disabling these ads blocker.Our website is made possible by displaying Ads hope you whitelist our site. We use very minimal Ads in our site


Scroll to Top