Baseline scan:
Grab the interact server + token from Secret Server and export the values as environment variables
export INTERACT_SERVER='REDACTED'
export INTERACT_TOKEN='REDACTED'
Set targets.txt to a list of hostnames, IPs, or URLs. An overview of the results can be found in the nuclei-scan.txt and nuclei-scan-color.txt files. More details about each nuclei finding can be found in the markdown folder.
nuclei -l targets.txt \
-H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0' \
-iserver "$INTERACT_SERVER" \
-itoken "$NINTERACT_TOKEN" \
-ts \
-stats \
-si 300 \
-je nuclei-scan.json \
-me markdown \
-o nuclei-scan.txt | tee nuclei-scan-color.txtCPT ANTISOC Nuclei Base Config
default config exists at ~/.config/nuclei/config.yaml
but can pass in custom config.yaml from anywhere via -config flag ex: -config custom-config.yaml
max-host-error: 500
bulk-size: 2000
concurrency: 32
error-log: nuclei-errors.log
stats: true
stats-interval: 300Nuclei Burp Plugin
install via Jar file: https://github.com/projectdiscovery/nuclei-burp-plugin/releases
wget https://github.com/projectdiscovery/nuclei-burp-plugin/releases/download/v1.1.3/nuclei-burp-plugin-1.1.3.jar