226 lines
4.4 KiB
YAML
226 lines
4.4 KiB
YAML
# Nuclei Configuration File
|
|
# Save as ~/.config/nuclei/config.yaml or specify with -config flag
|
|
|
|
# Template configuration
|
|
templates:
|
|
# Auto-update templates on each run
|
|
update-templates: true
|
|
|
|
# Template directory (default: ~/.nuclei-templates/)
|
|
# templates-directory: /custom/path/to/templates
|
|
|
|
# Custom template paths
|
|
# custom-templates:
|
|
# - /path/to/custom/templates/
|
|
# - /path/to/organization/templates/
|
|
|
|
# Scan configuration
|
|
severity:
|
|
- critical
|
|
- high
|
|
# - medium
|
|
# - low
|
|
# - info
|
|
|
|
# Rate limiting (requests per second)
|
|
rate-limit: 50
|
|
|
|
# Concurrency (parallel template execution)
|
|
concurrency: 10
|
|
|
|
# Bulk size (parallel host scanning)
|
|
bulk-size: 10
|
|
|
|
# Timeout per request (seconds)
|
|
timeout: 10
|
|
|
|
# Retries for failed requests
|
|
retries: 1
|
|
|
|
# HTTP configuration
|
|
http:
|
|
# User agent
|
|
user-agent: "Mozilla/5.0 (compatible; Nuclei/3.0)"
|
|
|
|
# Follow redirects
|
|
follow-redirects: true
|
|
|
|
# Max redirects to follow
|
|
max-redirects: 3
|
|
|
|
# Custom headers (applied to all requests)
|
|
# headers:
|
|
# - "X-Custom-Header: value"
|
|
# - "Authorization: Bearer token"
|
|
|
|
# Proxy configuration
|
|
# proxy: http://proxy.example.com:8080
|
|
# proxy-socks: socks5://proxy.example.com:1080
|
|
|
|
# Network configuration
|
|
network:
|
|
# Disable SSL/TLS verification (use with caution)
|
|
# disable-ssl-verification: false
|
|
|
|
# Enable HTTP/2
|
|
# disable-http2: false
|
|
|
|
# Output configuration
|
|
output:
|
|
# Silent mode (only show findings)
|
|
silent: false
|
|
|
|
# Verbose mode (detailed output)
|
|
verbose: false
|
|
|
|
# No color output
|
|
no-color: false
|
|
|
|
# JSON output
|
|
json: false
|
|
|
|
# JSONL output (one JSON per line)
|
|
jsonl: true
|
|
|
|
# SARIF output
|
|
# sarif: true
|
|
|
|
# Markdown output
|
|
# markdown: false
|
|
|
|
# Filtering configuration
|
|
filters:
|
|
# Exclude templates by ID
|
|
# exclude-ids:
|
|
# - template-id-1
|
|
# - template-id-2
|
|
|
|
# Exclude templates by tag
|
|
# exclude-tags:
|
|
# - tech
|
|
# - info
|
|
|
|
# Exclude severity levels
|
|
# exclude-severity:
|
|
# - info
|
|
|
|
# Include only specific tags
|
|
# tags:
|
|
# - cve
|
|
# - owasp
|
|
|
|
# Include only specific templates
|
|
# include-templates:
|
|
# - /path/to/template.yaml
|
|
|
|
# Performance tuning
|
|
performance:
|
|
# Maximum number of templates to run
|
|
# max-templates: 1000
|
|
|
|
# Maximum number of hosts to scan
|
|
# max-hosts: 10000
|
|
|
|
# Memory optimization (reduces memory usage)
|
|
# stream: true
|
|
|
|
# Disable update check
|
|
# disable-update-check: false
|
|
|
|
# CI/CD specific settings
|
|
ci:
|
|
# Fail on findings (exit code 1 if vulnerabilities found)
|
|
# fail-on-severity:
|
|
# - critical
|
|
# - high
|
|
|
|
# No interactive prompts
|
|
# no-interaction: true
|
|
|
|
# Suppress progress bars
|
|
# no-progress: true
|
|
|
|
# Authentication configuration
|
|
authentication:
|
|
# For authenticated scanning, use headers or custom authentication scripts
|
|
# See authentication_patterns.md reference for details
|
|
|
|
# Example: Bearer token authentication
|
|
# headers:
|
|
# - "Authorization: Bearer ${API_TOKEN}"
|
|
|
|
# Example: Cookie-based authentication
|
|
# headers:
|
|
# - "Cookie: session=${SESSION_COOKIE}"
|
|
|
|
# Reporting configuration
|
|
reporting:
|
|
# Report directory
|
|
# report-directory: ./nuclei-reports
|
|
|
|
# Report format
|
|
# report-format: json
|
|
|
|
# Include timestamp in filenames
|
|
# include-timestamp: true
|
|
|
|
# Advanced configuration
|
|
advanced:
|
|
# Follow host redirects (allow redirects to different hosts)
|
|
# follow-host-redirects: false
|
|
|
|
# Maximum response body size to read (in KB)
|
|
# max-response-size: 10240
|
|
|
|
# Include request/response in output
|
|
# include-rr: false
|
|
|
|
# Store response
|
|
# store-response: false
|
|
|
|
# Store response directory
|
|
# store-response-dir: ./responses/
|
|
|
|
# Exclude configuration (global exclusions)
|
|
exclude:
|
|
# Exclude specific hosts
|
|
# hosts:
|
|
# - https://safe-domain.com
|
|
# - https://third-party.com
|
|
|
|
# Exclude URL patterns (regex)
|
|
# urls:
|
|
# - ".*\\.js$"
|
|
# - ".*\\.css$"
|
|
# - ".*logout.*"
|
|
|
|
# Interactsh configuration (for OAST testing)
|
|
interactsh:
|
|
# Enable interactsh
|
|
# enable: true
|
|
|
|
# Custom interactsh server
|
|
# server: https://interact.sh
|
|
|
|
# Disable automatic polling
|
|
# disable-polling: false
|
|
|
|
# Cloud configuration (for cloud-specific templates)
|
|
cloud:
|
|
# Enable cloud metadata service checks
|
|
# enable-metadata: true
|
|
|
|
# Debug configuration
|
|
debug:
|
|
# Enable debug mode
|
|
# enable: false
|
|
|
|
# Debug requests
|
|
# debug-req: false
|
|
|
|
# Debug responses
|
|
# debug-resp: false
|
|
|
|
# Example usage:
|
|
# nuclei -u https://target.com -config nuclei_config.yaml
|