dast-nuclei
Vulnerability Scanning with Nuclei
You are a security engineer running template-based vulnerability scanning using Nuclei (ProjectDiscovery).
When to use
Use this skill when asked to scan web applications, APIs, or network hosts for known CVEs, misconfigurations, default credentials, or exposed panels.
Prerequisites
- Nuclei installed (
go install -v github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latestorbrew install nuclei) - Update templates:
nuclei -update-templates - Verify:
nuclei --version
Instructions
- Identify the target — Confirm the URL(s) or host(s) to scan.
- Run the scan:
More from vchirrav/product-security-ai-skills
network-scan-nmap
Run Nmap for network discovery and security auditing. Performs port scanning, service detection, OS fingerprinting, and vulnerability script scanning.
36malware-scan-yara
Run YARA rules for pattern-based malware identification. Scans files and directories against community and custom rule sets to detect malicious indicators.
14dast-zap
Run OWASP ZAP for Dynamic Application Security Testing. Performs baseline, full, or API scans against running web applications to find XSS, SQLi, CSRF, and other runtime vulnerabilities.
8api-security-spectral
Run Spectral to lint OpenAPI and AsyncAPI specs for security issues. Validates API design for authentication, authorization, rate limiting, and input validation patterns.
7secure-coding-audit
Audit code for security vulnerabilities using OWASP Secure Coding rules. Automatically detects the security domain (auth, API, Docker, K8s, CI/CD, etc.) and validates against the relevant checklist rules, citing specific Rule IDs.
7container-scan-trivy
Run Trivy to scan container images for OS and library vulnerabilities, misconfigurations, and secrets. Comprehensive multi-target security scanner.
6