# Nuclei

## What is Nuclei?

Nuclei is used to send requests across targets based on a template, leading to zero false positives and providing fast scanning on many hosts. Nuclei offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless, etc. With powerful and flexible templating, Nuclei can be used to model all kinds of security checks.

## Installation

To install Nuclei using the `go install` command, follow these steps:

1. Open a terminal window and navigate to the directory where you want to install Nuclei.
2. Run the following command:

```
go install github.com/projectdiscovery/nuclei@latest
```

This will download and install the latest version of Nuclei.

3. Once the installation is complete, you can verify that Nuclei is installed correctly by running the following command:

```
nuclei --version
```

This should output the version number of Nuclei that you have installed.

**Note:** If you are using a version of Go that is older than 1.16, you may need to use the following command to install Nuclei:

```
go get -u github.com/projectdiscovery/nuclei
```

**Usage:**

Once Nuclei is installed, you can start using it to scan for vulnerabilities. To do this, you need to create a template file. Template files are YAML files that contain the instructions for Nuclei to follow when scanning for vulnerabilities.

You can find a variety of template files on the Nuclei website. Once you have a template file, you can use the following command to scan a target:

```
nuclei -t <template-file> <target>
```

For example, to scan the website `https://example.com` for vulnerabilities, you would use the following command:

```
nuclei -t web/common.yaml https://example.com
```

Nuclei will output a report of the vulnerabilities that it finds. You can then use this report to remediate the vulnerabilities.

**Additional notes:**

* The `go install` command will install Nuclei to the `$GOBIN` directory, which is typically `/usr/local/go/bin`.
* If you want to install Nuclei to a different directory, you can use the `-d` flag with the `go install` command. For example, to install Nuclei to the `/opt/nuclei` directory, you would use the following command:

```
go install -d /opt/nuclei github.com/projectdiscovery/nuclei@latest
```

### Usage

To use Nuclei, you need to first create a template file. Template files are YAML files that contain the instructions for Nuclei to follow when scanning for vulnerabilities. You can find a variety of template files on the Nuclei website.

Once you have a template file, you can use the following command to scan a target:

```
nuclei -t <template-file> <target>
```

For example, to scan the website `https://example.com` for vulnerabilities, you would use the following command:

```
nuclei -t web/common.yaml https://example.com
```

Nuclei will output a report of the vulnerabilities that it finds. You can then use this report to remediate the vulnerabilities.

**Here are some additional tips for using Nuclei:**

* You can use the `-l` flag to specify a list of targets to scan.
* You can use the `-o` flag to specify the output file for the scan results.
* You can use the `-v` flag to increase the verbosity of the scan output.
* You can use the `-r` flag to recursively scan all subdomains of a target.
* You can use the `-c` flag to specify the number of concurrent workers to use during the scan.

**Example usage:**

To scan the website `https://example.com` for vulnerabilities, and save the results to a file called `results.txt`, you would use the following command:

```
nuclei -t web/common.yaml -o results.txt https://example.com
```

To scan all subdomains of the website `https://example.com` for vulnerabilities, you would use the following command:

```
nuclei -t web/common.yaml -r https://example.com
```

To scan the website `https://example.com` for vulnerabilities using 10 concurrent workers, you would use the following command:

```
nuclei -t web/common.yaml -c 10 https://example.com
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://bugbounty-for-starters.humbertojunior.com.br/scanning-phase/nuclei.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.