Executive brief on how PCI DSS 4.0 affects offensive security practices, penetration testing, and segmentation testing. Watch Now

Leveraging Nuclei for Scalable, Custom Vulnerability Scanning

In our third edition of the Tool Talk series, we dive into the open-source tool Nuclei, a fast and customizable vulnerability scanner based on simple YAML-based DSL.

Traditional scanners often lack the features to allow easy-to-write custom checks on top of their engine. To help solve this issue, Nuclei was developed by Project Discovery with a core focus on simplicity, modularity, and the ability to scan on many assets. The open-source vulnerability scanner is simple enough to be used by everyone, while complex enough to integrate into the modern web with its intricacies.

And here, at Bishop Fox, we love to take advantage of innovative, community-powered tools (even creating some ourselves via Labs) to offer automated solutions for our offensive security customers.

In our third edition of the Tool Talk series, we dive into Nuclei to discover:

  • The basics – what it is and how it works
  • How it overcomes the challenges of traditional scanners
  • Why it's a favorite tool of our consultants and Cosmos team
Sandeep Singh Project Discovery Headshot

About the author, Sandeep Singh

Co-Founder & CTO at ProjectDiscovery.io

Sandeep Singh is an application security enthusiast with nearly 10 years of experience. He actively participated in bug bounty programs that led him to secure Top 3 positions at HackerOne. Sandeep worked as a Security Analyst at HackerOne, where he triaged reports from web and mobile domains.

In 2019, Sandeep co-founded ProjectDiscovery.io and currently serves as the organizations' Chief Technology Officer. ProjectDiscovery is a cloud based reconnaissance and continuous monitoring platform that automates the entire process of recon and provides the data in an organized and managed manner.

More by Sandeep
Joe sechman

About the author, Joe Sechman

AVP of R&D at Bishop Fox

Joe is a Bishop Fox alumnus. Over his career, Joe has amassed many security certifications, delivered several presentations, and has co-authored multiple industry publications with groups such as ISC2, ISACA, ASIS, HP, and IEEE.

Additionally, Joe is a prolific inventor with nine granted patents in the fields of dynamic and runtime application security testing, attack surface enumeration, and coverage (U.S. Patents 10,699,017, 10,515,219, 10,516,692, 10,515,220, 10,423,793, 9,846,781, 10,650,148, 10,587,641, and 11,057,395). Prior to joining Bishop Fox, Joe held leadership positions with companies such as Cobalt Labs, HP Fortify, Royal Philips, and Sunera LLC (now Focal Point Data Risk). Earlier in his career, Joe served as the lead penetration tester within SPI Labs at SPI Dynamics where he cut his teeth alongside some of the best and brightest application security industry professionals. Joe received his Bachelor of Business Administration degree in Management Information Systems from the Terry College of Business - University of Georgia.
More by Joe
David Bravo

About the author, David Bravo

Security Consultant

David Bravo is a Security Consultant at Bishop Fox who focuses on application and cloud security. He has worked with Fortune 500 firms and startups in various industries to assess and improve the security of their applications and cloud environments. David holds a Bachelor of Science in Computer Science from New York University.

More by David
Matt Thoresen

About the author, Matt Thoreson

Senior Security Consultant

Matt Thoreson (OSCP, CISSP) is a Senior Consultant at Bishop Fox and leads the External Penetration Testing service, He currently focuses on penetration testing external and internal networks. Matt also has extensive experience in red teaming, social engineering, and mobile application testing. He has advised Fortune 500 brands and startups in industries such as technology, healthcare, energy, finance, and retail.

More by Matt
Zach zeitlin

About the author, Zach Zeitlin

Senior Operator

Zachary Zeitlin is a Senior Operator with Bishop Fox’s Cosmos (formerly CAST) team. Prior to coming to Bishop Fox, he served as an operator in the US Department of Defense's most elite computer network exploitation (CNE) unit.

More by Zach

Extend Your Knowledge

Check out these related resources.

Nuclei tool template page displayed on white laptop
Technical

Apr 05, 2022

Nuclei: Packing a Punch with Vulnerability Scanning

By Matt Thoreson, David Bravo, Zach Zeitlin, Sandeep Singh

Bishop Fox Tool Talk Episode 8 asminject.py
Workshops & Training

Process Injection on Linux: A Deep Dive into asminject.py

Watch as we explore Bishop Fox’s very own asminject.py, a code injection tool that tampers with trusted Linux processes to capture sensitive data and change program behavior.

Learn More
Bishop Fox Tool Talk episode 7 CloudFox to find exploitable attack paths in cloud infrastructure presented by three security consultants
Workshops & Training

CloudFox in Action: Mapping Exploitable Paths in AWS

Watch as we explore Bishop Fox’s very own CloudFox, a command line tool that helps offensive security practitioners navigate unfamiliar cloud environments and find exploitable attack paths in cloud infrastructure. Tune in to our livestream for a demo of CloudFox!

Learn More

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.