ProjectDiscovery

Running into an error while writing a Nuclei template? Here's a simple way to fix them.👇

Are you the kind of bug bounty hunter people want to work with?  4 Essentials to build your reputation: ✅Get Permission ✅Stay in Scope ✅Be Transparent ✅Take Your Time Read the full blog to learn the 4 essentials of good bug bounty etiquette👇 https://lnkd.in/g9HS9HUs

Need to confirm a vulnerability in Nuclei? Meet Analyzers!🤝 This is a concept introduced in Nuclei fuzzing that allows the engine to make additional verification requests, based on a specific logic, to confirm a vulnerability. Watch this video to see how they work👇  

Happy Thanksgiving to those who celebrate today. 🌀 We are deeply grateful for our community, the base of everything. Thank you for making ProjectDiscovery what it is today. Spread the gratitude 👇 What are you grateful for today?

Uncover helps you quickly find exposed hosts and vulnerabilities on the internet by leveraging multiple internet-based search engines.  Here are the key problems Uncover solves: 🌀 Streamlines Internet-wide Host Discovery Uncover consolidates the process of querying different search engines like Shodan, Censys, and FOFA into a single command. This eliminates the need to use separate tools or manually visit different websites, allowing you to quickly map a wide range of internet-connected devices. 🌀 Simplifies Automation Built with automation in mind, Uncover supports standard input/output (stdin/stdout), allowing you to easily pipe its results to other security tools like httpx and Nuclei. This means you can create a simple, automated workflow to discover assets, probe for active services, and then scan them for vulnerabilities. 🌀 Manages API Keys Efficiently The tool simplifies managing multiple API keys for different search engines. You can store all your keys in a single configuration file or set them as environment variables. This feature is particularly useful for users who need to switch between different keys or services for more comprehensive data. 🌀 Provides Flexible Querying Uncover offers various querying options. You can use a single query across multiple search engines, perform multiple queries at once, or even use specific dorks to find exactly what you're looking for. It also includes "field formatting" to customize the output, so you can get results in the format you need for your automation pipelines. Ready to find exposed hosts and vulnerabilities on the internet? Read the full article to learn more 👇

Do you know about Nuclei Matchers? Matchers allow for flexible comparisons on protocol responses.👇 Check out our Github:  https://lnkd.in/g2ZPY-eV

Nuclei templates can be considered the universal language for communicating vulnerabilities due to their streamlined, open-source, and actionable format: 🌀Standardized Details: Templates combine all essential vulnerability information (severity, detection logic, references) into one concise package. This provides immediate, consistent context regardless of the user's language or company. 🌀Actionable Code: They contain a finite set of requests and matchers that function as code-as-vulnerability-definition. This allows security teams to instantly run the check against assets, answering "Are we vulnerable?" much faster than waiting for vendor reports. 🌀Community Transparency: The open-source nature means the detection logic is transparent and constantly refined by a global community. This accelerates threat response and validation, making the information trustworthy and current. In essence, the template's simple, structured code is the most effective way to share security intelligence across the industry. To learn more about this shift, read the complete blog post 👇 (🔗 in the comments)

Shai-Hulud 2.0 supply chain attack compromises 700+ npm packages from Zapier, Postman & more exfiltrating secrets from 25K+ repos! We've added a Nuclei template to detect it in your codebase. Secure your chain: https://lnkd.in/g_nSJj8p #Nuclei #supplychainsecurity

Want to generate your own templates with AI? ✅ Nuclei has a feature that lets you do exactly that.  We're taking you through a hands-on example of writing a Nuclei Template using URLs in our cloud platform.👇

Did you know over 900 unique contributors are driving the world of internet security? The Nuclei Community Templates Leaderboard showcases the huge impact open source has on the industry. It's designed to recognize the tireless work of these contributors. Watch the video to see what it's all about and what you can get from it 👇