Skip to content
You're viewing an older version of this GitHub Action. Do you want to see the latest version instead?
activity

GitHub Action

Nuclei - Vulnerability Scan

v1.0.2

Nuclei - Vulnerability Scan

activity

Nuclei - Vulnerability Scan

Nuclei is a fast and customisable vulnerability scanner based on simple YAML based DSL

Installation

Copy and paste the following snippet into your .yml file.

 
              
- name: Nuclei - Vulnerability Scan

              
  uses: projectdiscovery/[email protected]
Learn more about this action in projectdiscovery/nuclei-action

Choose a version

nuclei

Nuclei Action makes it easy to orchestrate Nuclei with GitHub Action. Integrate all of your Nuclei Templates into powerful continuous security workflows and make it part of your secure software development life cycle.

Example Usage

GitHub Action running nuclei on single URL

      - name: Nuclei Scan
        uses: projectdiscovery/[email protected]
        with:
          target: https://example.com

GitHub Action running nuclei with custom templates

      - name: Nuclei Scan
        uses: projectdiscovery/[email protected]
        with:
          target: https://example.com
          templates: custom_template_path

As default, all the default nuclei-templates are used for scan.

GitHub Action running nuclei on multiple URLs

      - name: Nuclei Scan
        uses: projectdiscovery/[email protected]
        with:
          urls: urls.txt

GitHub Example Action running nuclei with GitHub Issue reporting

      - name: Nuclei Scan
        uses: projectdiscovery/[email protected]
        with:
          target: https://example.com
          github-report: true
          github-token: ${{ secrets.GITHUB_TOKEN }}

Workflow - .github/workflows/nuclei.yml

name: Nuclei - DAST

on:
    schedule:
      - cron: '0 0 * * *'
  workflow_dispatch:

jobs:
  nuclei-scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - uses: actions/setup-go@v2
        with:
          go-version: 1.15

      - name: Nuclei Scan
        uses: projectdiscovery/[email protected]
        with:
          target: https://example.com

      - uses: actions/upload-artifact@v2
        with:
          name: nuclei.log
          path: nuclei.log

Available Inputs

Key Description Required
target Target URL to run nuclei scan true
urls List of urls to run nuclei scan false
templates Custom templates directory/file to run nuclei scan false
output File to save output result (default - nuclei.log) false
json Write results in JSON format false
include-rr Include request/response in results false
config Set custom nuclei config file to use false
user-agent Set custom user-agent header false
github-report Set true to generate Github issue with the report false
github-token Set the Github Token false