nucleisdk

package module
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 31, 2026 License: MIT Imports: 47 Imported by: 0

README

nuclei-sdk

Go Reference Release PyPI

The missing SDK for Nuclei. Build production security tools in Go or Python — scanners, platforms, CI gates, monitoring systems — powered by the world's most popular template-based vulnerability scanner.

The Problem

Nuclei has 60,000+ stars and is the industry standard for template-based vulnerability scanning. But integrating it into your own tools has always been painful:

Pain Point What Happens
Go-only Nuclei's lib/ API requires Go. Python, TypeScript, Java teams have no clean path
Heavy per-scan overhead Each scan re-initializes templates, interactsh, rate limiters, protocol state. Running 100 scans means 100x the startup cost
No concurrent architecture No built-in way to run multiple scan types simultaneously with shared resources
No worker pool Building continuous scanning (from APIs, queues, feeds) means writing your own concurrency from scratch
No presets Every project reinvents "API security scan" or "WordPress scan" configuration from scratch

The Solution

nuclei-sdk is a multi-language SDK that wraps Nuclei into a clean, embeddable library designed for building production security tools.

What you get
  • Go SDK — native library with init-once/scan-many architecture. Heavy resources (templates, interactsh, rate limiter, parser) initialized once; each Scan() call creates only a lightweight executor (~5 fields)
  • Python SDK — fully async (asyncio) client. No Go toolchain required — the bridge binary auto-installs from GitHub Releases with SHA256 verification
  • Any language next — the bridge speaks JSON lines over stdin/stdout (like MCP stdio). TypeScript, Rust, Java, Ruby — if it can spawn a process and parse JSON, it can use Nuclei
  • ScanEngine — run 1000+ concurrent scans on a single engine. Each scan filters from pre-loaded templates or brings its own
  • ScanPool — bounded worker pool for continuous scanning from APIs, queues, webhooks, or vulnerability feeds
  • RunParallel — fire multiple scan types simultaneously (HTTP CVEs + DNS takeover + SSL audit) with labeled results
  • 4 preset scanners — Web, API Security, WordPress, Network — ready to use, fully customizable
  • 82 configuration options — proxy, auth, headers, concurrency, sandboxing, HTTP probing, and everything else Nuclei supports
  • Runtime templates — pass raw YAML bytes, file paths, URLs, or directories per-scan. No upfront template configuration needed
Who is this for?
You are... You can build...
Security engineer Custom scanners for your org's specific stack (WordPress fleet, API gateway, microservices)
Platform developer SaaS security products with Nuclei as the scanning engine behind your API
DevSecOps engineer CI/CD gates that block deploys on critical findings
Bug bounty hunter Automated recon pipelines that scan continuously and alert on new findings
SOC/Blue team Continuous vulnerability monitoring fed from your asset inventory
Researcher Rapid prototyping of detection logic with runtime template injection

Architecture

                    nuclei-sdk
                        |
          +-------------+-------------+
          |                           |
       Go SDK                   Bridge Binary
    (native library)         (JSON-line protocol)
          |                           |
    import & use              stdin/stdout JSON
    directly in Go                    |
                        +-------------+-------------+
                        |             |             |
                     Python       TypeScript      Any
                      SDK          (soon)       Language

How the bridge works:

Python/Any Client                  nuclei-sdk-bridge (Go)
      |                                    |
      |  {"cmd":"setup","config":{...}}    |
      | ---------------------------------> |  Initialize engine
      |  {"type":"setup_complete"}         |
      | <--------------------------------- |
      |                                    |
      |  {"cmd":"scan","options":{...}}    |
      | ---------------------------------> |  Run scan
      |  {"type":"result","data":{...}}    |
      | <--------------------------------- |  Stream results
      |  {"type":"scan_complete"}          |
      | <--------------------------------- |

Engine resource model:

Global Resources (initialized once in Setup):
  Template Store, Parser, Catalog, Output Writer,
  Interactsh Client, Rate Limiter, Browser, Host Error Cache

Per-Scan Resources (created per Scan call, very lightweight):
  core.Engine (~5 fields), ExecutorOptions copy,
  SimpleInputProvider, Filtered template list

This is what makes nuclei-sdk fast — you pay the initialization cost once, then run thousands of lightweight scans against it.

Installation

Go
go get github.com/RevoltSecurities/nuclei-sdk
Python
pip install nuclei-sdk

The Go bridge binary is auto-installed from GitHub Releases on first use. Supports Linux, macOS, and Windows on amd64/arm64. No Go toolchain required.

Quick Start

Go — Simple Scan
package main

import (
    "context"
    "fmt"
    "log"

    nucleisdk "github.com/RevoltSecurities/nuclei-sdk"
)

func main() {
    scanner, err := nucleisdk.NewScanner(
        nucleisdk.WithTemplateDir("/path/to/nuclei-templates"),
        nucleisdk.WithTargets("https://example.com"),
        nucleisdk.WithSeverityFilter("high", "critical"),
        nucleisdk.WithThreads(25),
    )
    if err != nil {
        log.Fatal(err)
    }
    defer scanner.Close()

    results, _ := scanner.Run(context.Background())
    for result := range results {
        fmt.Printf("[%s] %s - %s\n", result.Severity, result.TemplateID, result.MatchedURL)
    }
}
Python — Simple Scan
import asyncio
from nucleisdk import ScanEngine

async def main():
    async with ScanEngine(
        template_dirs=["/path/to/nuclei-templates"],
        rate_limit=100,
        no_interactsh=True,
    ) as engine:
        async for r in engine.scan(
            targets=["https://example.com"],
            tags=["cve", "exposure"],
            severities=["high", "critical"],
        ):
            print(f"[{r.severity}] {r.template_id} - {r.matched_url}")

asyncio.run(main())

Real-World Use Cases

1. CI/CD Pipeline Gate

Block deploys when critical vulnerabilities are found:

Go:

engine.Setup()
results, _ := engine.Scan(ctx, &nucleisdk.ScanOptions{
    Targets:    []string{deployURL},
    Severities: []string{"critical", "high"},
})
for r := range results {
    if r.IsCritical() {
        log.Fatalf("BLOCKED: %s on %s", r.TemplateID, r.MatchedURL)
    }
}
fmt.Println("No critical findings — deploy approved")

Python:

async with ScanEngine(rate_limit=100, no_interactsh=True) as engine:
    findings = await engine.scan_collect(
        targets=[deploy_url], severities=["critical", "high"]
    )
    if any(r.is_critical() for r in findings):
        sys.exit("BLOCKED: Critical vulnerability found")
    print("Deploy approved")
2. Continuous Vulnerability Monitoring

Feed targets from your asset inventory and scan continuously:

Go:

pool := engine.NewScanPool(ctx, 20)

go func() {
    for r := range pool.Results() {
        saveToDatabase(r)
        if r.IsHighOrAbove() {
            sendSlackAlert(r)
        }
    }
}()

// Feed from asset inventory, CMDB, or discovery tool
for asset := range assetInventoryStream {
    pool.Submit(asset.ID, &nucleisdk.ScanOptions{
        Targets: []string{asset.URL},
        Tags:    []string{"cve", "exposure"},
    })
}
pool.Close()

Python:

async with ScanEngine(rate_limit=100, no_interactsh=True) as engine:
    pool = await engine.scan_pool(workers=20, on_result=save_to_database)

    async for asset in asset_inventory_stream():
        await pool.submit(asset["id"], targets=[asset["url"]], tags=["cve"])

    await pool.close()
    print(f"Scanned {pool.stats.completed} assets")
3. Multi-Protocol Parallel Scanning

Run HTTP, DNS, and SSL scans simultaneously with labeled results:

Go:

results, _ := engine.RunParallel(ctx,
    nucleisdk.ConcurrentScan{
        Label:   "http-cves",
        Options: []nucleisdk.Option{
            nucleisdk.WithProtocolTypes("http"),
            nucleisdk.WithTags("cve", "exposure"),
            nucleisdk.WithSeverityFilter("high", "critical"),
            nucleisdk.WithTargets("https://example.com"),
        },
    },
    nucleisdk.ConcurrentScan{
        Label:   "dns-takeover",
        Options: []nucleisdk.Option{
            nucleisdk.WithProtocolTypes("dns"),
            nucleisdk.WithTags("dns", "takeover"),
            nucleisdk.WithTargets("example.com"),
        },
    },
    nucleisdk.ConcurrentScan{
        Label:   "ssl-audit",
        Options: []nucleisdk.Option{
            nucleisdk.WithProtocolTypes("ssl"),
            nucleisdk.WithTargets("example.com:443"),
        },
    },
)

for lr := range results {
    fmt.Printf("[%s] [%s] %s - %s\n", lr.Label, lr.Severity, lr.TemplateID, lr.Host)
}

Python:

async with ScanEngine(rate_limit=100, no_interactsh=True) as engine:
    async for lr in engine.run_parallel(
        {"label": "http-cves", "targets": ["https://example.com"], "tags": ["cve"]},
        {"label": "dns-takeover", "targets": ["example.com"], "tags": ["dns", "takeover"]},
        {"label": "ssl-audit", "targets": ["example.com:443"], "protocol_types": "ssl"},
    ):
        print(f"[{lr.label}] [{lr.result.severity}] {lr.result.template_id}")
4. Runtime Template Injection

Set up the engine once with no templates, then pass templates dynamically per-scan. Perfect for platforms where templates come from a database, API, or user upload:

Go:

// Engine with NO templates — a "blank runner"
engine, _ := nucleisdk.NewScanEngine(
    nucleisdk.WithRateLimit(100),
    nucleisdk.WithSilent(),
)
engine.Setup()
defer engine.Close()

// Each scan brings its own template
templateYAML, _ := os.ReadFile("/path/to/CVE-2024-1234.yaml")
results, _ := engine.Scan(ctx, &nucleisdk.ScanOptions{
    Targets: []string{"https://target.com"},
    TemplateBytes: []nucleisdk.TemplateBytesEntry{
        nucleisdk.TemplateBytes("CVE-2024-1234", templateYAML),
    },
})

Python:

async with ScanEngine(rate_limit=100) as engine:
    template_yaml = Path("CVE-2024-1234.yaml").read_bytes()
    async for r in engine.scan(
        targets=["https://target.com"],
        template_bytes=[TemplateBytesEntry("CVE-2024-1234", template_yaml)],
    ):
        print(f"[{r.severity}] {r.template_id}")
5. WordPress Fleet Scanner

Scan all your WordPress sites with optimized presets:

Go:

scanner, _ := nucleisdk.NewWordPressScanner(
    nucleisdk.WithTargets(wpSites...),
    nucleisdk.WithTemplateDir("/path/to/nuclei-templates"),
)
defer scanner.Close()

results, _ := scanner.Run(ctx)
for r := range results {
    fmt.Printf("[%s] %s — %s\n", r.Severity, r.TemplateID, r.Host)
}

Python:

from nucleisdk import ScanEngine, wordpress_scanner

async with ScanEngine(**wordpress_scanner().__dict__) as engine:
    async for r in engine.scan(targets=wp_sites):
        print(f"[{r.severity}] {r.template_id} — {r.host}")
6. API Security Assessment

Scan APIs with OpenAPI specs and authenticated requests:

Go:

scanner, _ := nucleisdk.NewAPISecurityScanner(
    nucleisdk.WithOpenAPISpec("/path/to/openapi.yaml"),
    nucleisdk.WithAuth(nucleisdk.BearerToken("eyJ...", "api.example.com")),
    nucleisdk.WithRateLimit(30),
)

Python:

from nucleisdk import ScanEngine, api_security_scanner, bearer_token

async with ScanEngine(
    **api_security_scanner().__dict__,
    auth=[bearer_token("eyJ...", "api.example.com")],
    openapi_spec="/path/to/openapi.yaml",
) as engine:
    async for r in engine.scan(targets=["https://api.example.com"]):
        print(f"[{r.severity}] {r.template_id}")

Preset Scanners

Pre-configured scanning profiles — use as-is or override any option:

Preset Protocol Tags Defaults
WebScanner / web_scanner() HTTP all (excludes: dos, fuzz) 50 threads, 150 req/s
APISecurityScanner / api_security_scanner() HTTP api, graphql, swagger, rest 25 threads, 50 req/s
WordPressScanner / wordpress_scanner() HTTP wordpress, wp-plugin, wp-theme 25 threads, 30 req/s
NetworkScanner / network_scanner() network, dns, ssl network, dns, ssl, tls 25 threads, 100 req/s

Template Loading — How It Works

Understanding this is key to using ScanEngine effectively:

Setup()  →  Load & compile all templates  →  engine.allTemplates (in-memory)
                                                     |
Scan(tags=["http"])   →  filter from allTemplates  →  [http templates only]
Scan(tags=["dns"])    →  filter from allTemplates  →  [dns templates only]
Scan(tags=["ssl"])    →  filter from allTemplates  →  [ssl templates only]

Rule of thumb:

  • Single scan — set tags at Setup for efficiency (loads only what you need)
  • Multiple scans with different tags — don't set tags at Setup, filter per-scan instead
  • Runtime templates (TemplateBytes, TemplateFiles, TemplateDirs) — bypass the global store entirely, always work regardless of Setup config
Setup Config Per-Scan Filter Result
No tags (all templates) Tags: ["dns"] DNS templates found
WithTags("http") Tags: ["http"] HTTP templates found
WithTags("http") Tags: ["dns"] Zero results — DNS never loaded
Any config TemplateFiles: [...] Always works (direct mode)
Any config TemplateBytes: [...] Always works (direct mode)

Authentication

6 auth methods, usable in both Go and Python:

Go:

nucleisdk.WithAuth(nucleisdk.BasicAuth("user", "pass", "example.com"))
nucleisdk.WithAuth(nucleisdk.BearerToken("eyJ...", "api.example.com"))
nucleisdk.WithAuth(nucleisdk.APIKeyHeader("X-API-Key", "key123", "api.example.com"))
nucleisdk.WithAuth(nucleisdk.HeaderAuth(map[string]string{"Auth": "custom"}, "example.com"))
nucleisdk.WithAuth(nucleisdk.CookieAuth(map[string]string{"session": "abc"}, "example.com"))
nucleisdk.WithAuth(nucleisdk.QueryAuth(map[string]string{"token": "xyz"}, "example.com"))

Python:

from nucleisdk import basic_auth, bearer_token, api_key_header, header_auth, cookie_auth, query_auth

ScanEngine(auth=[
    bearer_token("eyJ...", "api.example.com"),
    basic_auth("user", "pass", "internal.example.com"),
])

Target Utilities

Load targets from files, CIDRs, or IP ranges:

Go:

targets, _ := nucleisdk.TargetsFromFile("/path/to/targets.txt")
targets, _ = nucleisdk.TargetsFromCIDR("192.168.1.0/24")
targets, _ = nucleisdk.IPRange("10.0.0.1", "10.0.0.254")

Python:

from nucleisdk import targets_from_file, targets_from_cidr, ip_range

targets = targets_from_file("/path/to/targets.txt")
targets = targets_from_cidr("192.168.1.0/24")     # 254 IPs
targets = ip_range("10.0.0.1", "10.0.0.254")

Or pass a file path directly to any scan:

async for r in engine.scan(target_file="/path/to/targets.txt", tags=["cve"]):
    ...

Configuration Reference

82 configuration options organized by category. Full reference in Go SDK docs and Python SDK docs.

Highlights:

// Concurrency
nucleisdk.WithThreads(50)            // concurrent templates
nucleisdk.WithHostConcurrency(25)    // concurrent hosts per template
nucleisdk.WithRateLimit(100)         // max requests/second
nucleisdk.WithPayloadConcurrency(10) // concurrent payloads per request

// Network
nucleisdk.WithProxy("http://127.0.0.1:8080")
nucleisdk.WithNetworkInterface("eth0")
nucleisdk.WithSourceIP("10.0.0.5")
nucleisdk.WithResolvers("8.8.8.8", "1.1.1.1")

// Headers & Variables
nucleisdk.WithHeader("User-Agent", "CustomScanner/1.0")
nucleisdk.WithVar("api_key", "test-key")

// HTTP Probing (scan raw hosts/IPs)
nucleisdk.WithHTTPProbe()
nucleisdk.WithProbeConcurrency(50)
nucleisdk.WithScanAllIPs()

// Sandbox
nucleisdk.WithSandboxOptions(allowLocalFile, restrictNetwork)

// Features
nucleisdk.WithDASTMode()
nucleisdk.WithHeadless(nil)
nucleisdk.WithCodeTemplates()

Extend to Any Language

The bridge binary speaks a simple JSON-line protocol over stdin/stdout. Building a client in your language takes ~200 lines:

$ echo '{"cmd":"version","id":"1"}' | nuclei-sdk-bridge
{"id":"1","type":"version","data":{"version":"1.0.0",...}}

Commands: version, setup, scan, pool_create, pool_submit, pool_stats, pool_close, close

See Bridge Protocol Reference for the full spec. The Python SDK implementation (python/nucleisdk/_bridge.py) is a working reference client.

Examples

Example Description
basic Simple one-shot scan with Scanner
reusable_engine Sequential scans with shared ScanEngine
concurrent Parallel multi-protocol scans with RunParallel
targeted_scan Per-scan templates (bytes, files, dirs)
scan_pool Worker pool for continuous dynamic scanning
api_security API security scanning with OpenAPI spec
wordpress WordPress-specific vulnerability scanning
raw_template Scanning with raw YAML template bytes
custom_config Advanced configuration options

Python examples in python/examples/.

Full Documentation
Go SDK docs/GOLANG-SDK.md — complete API reference, all 82 config options, all scan modes
Python SDK docs/PYTHON-SDK.md — async API, presets, auth, targets, templates, pool, parallel

Release & Versioning

Component Version Install
Go SDK v1.0.0 go get github.com/RevoltSecurities/nuclei-sdk
Python SDK 1.0.0 pip install nuclei-sdk
Bridge Binary 1.0.0 Auto-installed by Python SDK
Compatibility & Auto-Install
  • The Python SDK auto-downloads the bridge binary on first use with SHA256 checksum verification.
  • The SDK enforces a minimum bridge version and will auto-update if the local bridge is incompatible.
  • You can pin or override the bridge binary path if you need a custom build or air-gapped deployment.
  • Python template parsing utilities (validate_template, parse_template_info) require PyYAML.
    Install with pip install nuclei-sdk[templates] or pip install pyyaml.
Release Workflow
# Go binary release (goreleaser → GitHub Releases)
git tag v1.0.0 && git push origin v1.0.0

# Python package release (→ PyPI)
git tag py-v1.0.0 && git push origin py-v1.0.0

The Python SDK auto-downloads the bridge binary on first use with SHA256 checksum verification. If versions are incompatible, it auto-updates.

Credits

Made with ❤ by RevoltSecurities

Thanks

Special thanks to the ProjectDiscovery team for their open-source contributions. This project extends Nuclei for broader integration across the open-source community and aims to help scale vulnerability scanning in production environments.

Documentation

Index

Constants

View Source 
const (
	StrategyTemplateSpray = "template-spray"
	StrategyHostSpray     = "host-spray"
)

Scan strategy constants.

Variables

This section is empty.

Functions

func FetchTemplateFromURL 

func FetchTemplateFromURL(ctx context.Context, templateURL string) ([]byte, error)

FetchTemplateFromURL downloads a template from a URL and returns the YAML bytes.

func IPRange 

func IPRange(startIP, endIP string) ([]string, error)

IPRange generates a list of IPs from a start to end IP (inclusive).

func TargetsFromCIDR 

func TargetsFromCIDR(cidr string) ([]string, error)

TargetsFromCIDR expands a CIDR notation into individual IP targets.

func TargetsFromCIDRs 

func TargetsFromCIDRs(cidrs []string) ([]string, error)

TargetsFromCIDRs expands multiple CIDR notations into individual IP targets.

func TargetsFromFile 

func TargetsFromFile(path string) ([]string, error)

TargetsFromFile reads targets from a file, one per line. Empty lines and lines starting with # are skipped.

func TargetsFromReader 

func TargetsFromReader(reader io.Reader) ([]string, error)

TargetsFromReader reads targets from an io.Reader, one per line. Empty lines and lines starting with # are skipped.

func ValidateTemplate 

func ValidateTemplate(data []byte) (string, error)

ValidateTemplate parses raw YAML bytes and validates them as a valid nuclei template. Returns the template ID and any validation error.

Types

type APISecurityScanner 

type APISecurityScanner struct {
	// contains filtered or unexported fields
}

APISecurityScanner is a pre-configured scanner for API security testing. It focuses on REST API, GraphQL, and OpenAPI/Swagger-related vulnerabilities.

func NewAPISecurityScanner 

func NewAPISecurityScanner(opts ...Option) (*APISecurityScanner, error)

NewAPISecurityScanner creates a new API security scanner with sensible defaults. User-provided options override the defaults. Note: DAST mode is NOT enabled by default because it filters out detection templates (swagger, exposure, misconfig, etc.). Use WithDASTMode() explicitly if you want fuzzing-only scanning.

func (*APISecurityScanner) Close 

func (a *APISecurityScanner) Close() error

Close releases resources.

func (*APISecurityScanner) Run 

func (a *APISecurityScanner) Run(ctx context.Context) (<-chan *ScanResult, error)

Run executes the API security scan and returns results via a channel.

func (*APISecurityScanner) RunWithCallback 

func (a *APISecurityScanner) RunWithCallback(ctx context.Context, cb func(*ScanResult)) error

RunWithCallback executes the API security scan with a callback.

func (APISecurityScanner) Scanner 

func (p APISecurityScanner) Scanner() *Scanner

Scanner returns the underlying Scanner for advanced access.

type AuthConfig 

type AuthConfig struct {
	Type        AuthType
	Domains     []string
	Username    string
	Password    string
	Token       string
	Headers     map[string]string
	Cookies     map[string]string
	QueryParams map[string]string
}

AuthConfig represents an authentication configuration for scanning.

func APIKeyHeader 

func APIKeyHeader(headerName, apiKey string, domains ...string) AuthConfig

APIKeyHeader is a convenience function for single API key header auth.

func BasicAuth 

func BasicAuth(username, password string, domains ...string) AuthConfig

BasicAuth creates a basic auth configuration.

func BearerToken 

func BearerToken(token string, domains ...string) AuthConfig

BearerToken creates a bearer token auth configuration.

func CookieAuth 

func CookieAuth(cookies map[string]string, domains ...string) AuthConfig

CookieAuth creates a cookie-based auth configuration.

func HeaderAuth 

func HeaderAuth(headers map[string]string, domains ...string) AuthConfig

HeaderAuth creates a header-based auth configuration.

func QueryAuth 

func QueryAuth(params map[string]string, domains ...string) AuthConfig

QueryAuth creates a query parameter auth configuration.

type AuthType 

type AuthType string

AuthType represents the type of authentication. 

const (
	AuthBasic  AuthType = "BasicAuth"
	AuthBearer AuthType = "BearerToken"
	AuthHeader AuthType = "Header"
	AuthCookie AuthType = "Cookie"
	AuthQuery  AuthType = "Query"
)

type ConcurrentScan 

type ConcurrentScan struct {
	Label   string   // Identifier for routing results (e.g., "http", "dns", "wordpress")
	Options []Option // Per-job options: targets, tags, protocol types, severity, etc.
}

ConcurrentScan defines a labeled scan job for RunParallel. Each job specifies its own targets, protocol types, tags, and severity filters.

type HeadlessConfig 

type HeadlessConfig struct {
	PageTimeout int
	ShowBrowser bool
	UseChrome   bool
	ExtraArgs   []string
}

HeadlessConfig wraps headless browser options.

type LabeledResult 

type LabeledResult struct {
	Label string `json:"label"`
	*ScanResult
}

LabeledResult wraps a ScanResult with the scan job label it was matched to.

type NetworkScanner 

type NetworkScanner struct {
	// contains filtered or unexported fields
}

NetworkScanner is a pre-configured scanner for network/infrastructure security testing. It focuses on DNS, SSL/TLS, and TCP-based vulnerability detection.

func NewNetworkScanner 

func NewNetworkScanner(opts ...Option) (*NetworkScanner, error)

NewNetworkScanner creates a new network/infra scanner with sensible defaults.

func (*NetworkScanner) Close 

func (n *NetworkScanner) Close() error

Close releases resources.

func (*NetworkScanner) Run 

func (n *NetworkScanner) Run(ctx context.Context) (<-chan *ScanResult, error)

Run executes the network scan and returns results via a channel.

func (*NetworkScanner) RunWithCallback 

func (n *NetworkScanner) RunWithCallback(ctx context.Context, cb func(*ScanResult)) error

RunWithCallback executes the network scan with a callback.

func (NetworkScanner) Scanner 

func (p NetworkScanner) Scanner() *Scanner

Scanner returns the underlying Scanner for advanced access.

type Option 

type Option func(*ScanConfig) error

Option is a functional option for configuring the Scanner.

func WithAuth 

func WithAuth(auth AuthConfig) Option

WithAuth adds an authentication configuration.

func WithAuthors 

func WithAuthors(authors ...string) Option

WithAuthors filters templates by author.

func WithBulkSize 

func WithBulkSize(count int) Option

WithBulkSize is an alias for WithHostConcurrency.

func WithCodeTemplates 

func WithCodeTemplates() Option

WithCodeTemplates enables code protocol template execution.

func WithDASTMode 

func WithDASTMode() Option

WithDASTMode enables DAST (fuzzing) mode.

func WithDebug 

func WithDebug() Option

WithDebug enables debug output.

func WithDisableMaxHostErr 

func WithDisableMaxHostErr() Option

WithDisableMaxHostErr disables skipping hosts that exceed max errors.

func WithDisableTemplateCache 

func WithDisableTemplateCache() Option

WithDisableTemplateCache disables caching of parsed templates.

func WithExcludeSeverities 

func WithExcludeSeverities(severities ...string) Option

WithExcludeSeverities excludes templates with these severities.

func WithExcludeTags 

func WithExcludeTags(tags ...string) Option

WithExcludeTags excludes templates with these tags.

func WithExcludeTargets 

func WithExcludeTargets(hosts ...string) Option

WithExcludeTargets excludes specific hosts from scanning.

func WithExcludeTemplateIDs 

func WithExcludeTemplateIDs(ids ...string) Option

WithExcludeTemplateIDs excludes templates by ID.

func WithFileTemplates 

func WithFileTemplates() Option

WithFileTemplates enables execution of file protocol templates.

func WithGlobalMatchersTemplates 

func WithGlobalMatchersTemplates() Option

WithGlobalMatchersTemplates enables execution of global-matchers templates.

func WithHTTPProbe 

func WithHTTPProbe() Option

WithHTTPProbe enables HTTP probing for non-URL targets. When targets are raw hosts/IPs (without http:// or https://), nuclei will probe them via httpx to discover HTTP/HTTPS services.

func WithHeader 

func WithHeader(key, value string) Option

WithHeader adds a single custom header.

func WithHeaders 

func WithHeaders(headers ...string) Option

WithHeaders adds custom headers to all HTTP requests ("Key: Value" format).

func WithHeadless 

func WithHeadless(opts *HeadlessConfig) Option

WithHeadless enables headless browser for headless templates.

func WithHostConcurrency 

func WithHostConcurrency(count int) Option

WithHostConcurrency sets the number of concurrent hosts per template.

func WithIPVersion 

func WithIPVersion(versions ...string) Option

WithIPVersion sets which IP versions to scan. Valid values: "4", "6". Default is IPv4 only. Pass both to scan dual-stack.

func WithLeaveDefaultPorts 

func WithLeaveDefaultPorts() Option

WithLeaveDefaultPorts preserves default ports in URLs (e.g., :80 for HTTP, :443 for HTTPS).

func WithMatcherStatus 

func WithMatcherStatus() Option

WithMatcherStatus enables reporting all matcher results (not just matches).

func WithNetworkInterface 

func WithNetworkInterface(iface string) Option

WithNetworkInterface sets the network interface to use for scanning.

func WithNoInteractsh 

func WithNoInteractsh() Option

WithNoInteractsh disables interactsh server for OOB testing. Use this when you don't need out-of-band interaction testing.

func WithOpenAPISpec 

func WithOpenAPISpec(path string) Option

WithOpenAPISpec sets an OpenAPI specification file for API security scanning. This is mutually exclusive with WithTargets/WithTargetFile/WithTargetReader.

func WithPassiveMode 

func WithPassiveMode() Option

WithPassiveMode enables passive HTTP response processing mode. In this mode, nuclei processes pre-recorded HTTP responses instead of sending requests.

func WithPayloadConcurrency 

func WithPayloadConcurrency(count int) Option

WithPayloadConcurrency sets the maximum concurrent payloads per template.

func WithProbeConcurrency 

func WithProbeConcurrency(n int) Option

WithProbeConcurrency sets the number of concurrent HTTP probes. Default is 50. Only effective when HTTP probing is enabled.

func WithProtocolTypes 

func WithProtocolTypes(types string) Option

WithProtocolTypes filters templates by protocol type (http, dns, network, ssl, etc.).

func WithProxies 

func WithProxies(proxies ...string) Option

WithProxies sets multiple proxy URLs.

func WithProxy 

func WithProxy(proxy string) Option

WithProxy sets a proxy URL (HTTP or SOCKS5).

func WithProxyInternal 

func WithProxyInternal(enabled bool) Option

WithProxyInternal enables proxy for internal nuclei requests.

func WithRateLimit 

func WithRateLimit(maxPerSecond int) Option

WithRateLimit sets the maximum requests per second.

func WithRateLimitCustom 

func WithRateLimitCustom(count int, duration time.Duration) Option

WithRateLimitCustom sets a custom rate limit with duration.

func WithResolvers 

func WithResolvers(resolvers ...string) Option

WithResolvers sets custom DNS resolvers.

func WithResponseReadSize 

func WithResponseReadSize(size int) Option

WithResponseReadSize sets the maximum response read size in bytes.

func WithResultSeverityFilter 

func WithResultSeverityFilter(severities ...string) Option

WithResultSeverityFilter filters results by severity after scanning. This is a post-scan filter, separate from WithSeverityFilter which filters templates.

func WithRetries 

func WithRetries(count int) Option

WithRetries sets the number of retries for failed requests.

func WithSandboxOptions 

func WithSandboxOptions(allowLocalFileAccess, restrictLocalNetworkAccess bool) Option

WithSandboxOptions sets sandbox options for template execution. allowLocalFileAccess: allow templates to access local files. restrictLocalNetworkAccess: restrict templates from accessing local network.

func WithScanAllIPs 

func WithScanAllIPs() Option

WithScanAllIPs enables scanning all IPs associated with a DNS record. By default, only the first resolved IP is scanned.

func WithScanStrategy 

func WithScanStrategy(strategy string) Option

WithScanStrategy sets the scan strategy ("template-spray" or "host-spray").

func WithSecretsFile 

func WithSecretsFile(path string) Option

WithSecretsFile adds a nuclei secrets/credentials file.

func WithSecretsFiles 

func WithSecretsFiles(paths ...string) Option

WithSecretsFiles adds multiple nuclei secrets/credentials files.

func WithSelfContainedTemplates 

func WithSelfContainedTemplates() Option

WithSelfContainedTemplates enables execution of self-contained templates.

func WithSeverityFilter 

func WithSeverityFilter(severities ...string) Option

WithSeverityFilter filters templates by severity (info, low, medium, high, critical).

func WithSignedTemplatesOnly 

func WithSignedTemplatesOnly() Option

WithSignedTemplatesOnly restricts execution to signed templates only.

func WithSilent 

func WithSilent() Option

WithSilent enables silent mode (no output except results).

func WithSourceIP 

func WithSourceIP(ip string) Option

WithSourceIP sets the source IP address to use for scanning.

func WithStopAtFirstMatch 

func WithStopAtFirstMatch() Option

WithStopAtFirstMatch stops scanning a host after the first match is found.

func WithSwaggerSpec 

func WithSwaggerSpec(path string) Option

WithSwaggerSpec sets a Swagger specification file for API security scanning.

func WithSystemResolvers 

func WithSystemResolvers() Option

WithSystemResolvers uses system DNS resolvers instead of nuclei's default resolvers.

func WithTags 

func WithTags(tags ...string) Option

WithTags filters templates by tags (OR logic).

func WithTargetFile 

func WithTargetFile(path string) Option

WithTargetFile sets a file path to read targets from (one per line).

func WithTargetReader 

func WithTargetReader(reader io.Reader) Option

WithTargetReader sets an io.Reader to read targets from (one per line).

func WithTargets 

func WithTargets(targets ...string) Option

WithTargets sets the target URLs/hosts to scan.

func WithTemplateBytes 

func WithTemplateBytes(name string, data []byte) Option

WithTemplateBytes adds a raw YAML template from bytes. The name is used as the filename (without .yaml extension).

func WithTemplateDir 

func WithTemplateDir(dir string) Option

WithTemplateDir adds a directory of templates to scan with. If not called, nuclei uses the default templates directory (~/.local/nuclei-templates/).

func WithTemplateDirs 

func WithTemplateDirs(dirs ...string) Option

WithTemplateDirs adds multiple template directories.

func WithTemplateFile 

func WithTemplateFile(file string) Option

WithTemplateFile adds a single template file path.

func WithTemplateFiles 

func WithTemplateFiles(files ...string) Option

WithTemplateFiles adds multiple template file paths.

func WithTemplateIDs 

func WithTemplateIDs(ids ...string) Option

WithTemplateIDs filters templates by ID.

func WithTemplateURL 

func WithTemplateURL(url string) Option

WithTemplateURL adds a template to fetch from a URL.

func WithTemplateURLs 

func WithTemplateURLs(urls ...string) Option

WithTemplateURLs adds multiple templates to fetch from URLs.

func WithThreads 

func WithThreads(count int) Option

WithThreads sets the number of concurrent templates to execute.

func WithTimeout 

func WithTimeout(seconds int) Option

WithTimeout sets the request timeout in seconds.

func WithTrustedDomains 

func WithTrustedDomains(domains ...string) Option

WithTrustedDomains adds trusted domains for remote template loading.

func WithUpdateCheck 

func WithUpdateCheck() Option

WithUpdateCheck enables nuclei update checks (disabled by default in SDK).

func WithVar 

func WithVar(key, value string) Option

WithVar adds a single custom variable.

func WithVars 

func WithVars(vars ...string) Option

WithVars adds custom variables ("key=value" format).

func WithVerbose 

func WithVerbose() Option

WithVerbose enables verbose output.

func WithWorkflows 

func WithWorkflows(paths ...string) Option

WithWorkflows adds workflow file/directory paths.

type PoolStats 

type PoolStats struct {
	Submitted int64 `json:"submitted"`
	Completed int64 `json:"completed"`
	Failed    int64 `json:"failed"`
	Pending   int64 `json:"pending"`
}

PoolStats holds scan pool statistics.

type ScanConfig 

type ScanConfig struct {
	// contains filtered or unexported fields
}

ScanConfig holds all scanner configuration, populated by Option functions.

type ScanEngine 

type ScanEngine struct {
	// contains filtered or unexported fields
}

ScanEngine provides a high-performance, concurrent scanning API.

Architecture: shared-global / ephemeral-per-scan

Global resources (initialized once in Setup, shared read-only across scans):

  • Template catalog, parser, and loaded template store
  • Output writer, progress tracker, interactsh client
  • Rate limiter, browser instance, host error cache

Per-scan resources (created in each Scan call, lightweight):

  • core.Engine (~5 fields), ExecutorOptions (shallow copy sharing global refs)
  • SimpleInputProvider (just a []MetaInput slice)
  • Filtered template list (runtime match from global store)

This design allows 1000+ concurrent Scan() calls with minimal per-scan overhead.

Usage: 

engine, _ := nucleisdk.NewScanEngine(
    nucleisdk.WithRateLimit(100),
    nucleisdk.WithTimeout(10),
    nucleisdk.WithNoInteractsh(),
)
if err := engine.Setup(); err != nil { log.Fatal(err) }
defer engine.Close()

// Lightweight concurrent scans
go func() {
    results, _ := engine.Scan(ctx, &nucleisdk.ScanOptions{
        Targets:       []string{"https://example.com"},
        Tags:          []string{"cve", "exposure"},
        Severities:    []string{"high", "critical"},
        ProtocolTypes: "http",
    })
    for r := range results { ... }
}()

func NewScanEngine 

func NewScanEngine(opts ...Option) (*ScanEngine, error)

NewScanEngine creates a new engine with the given configuration. This only stores config — call Setup() to initialize heavy resources.

func (*ScanEngine) Close 

func (se *ScanEngine) Close() error

Close releases all global resources held by the engine.

func (*ScanEngine) GetLoadedTemplates 

func (se *ScanEngine) GetLoadedTemplates() []*templates.Template

GetLoadedTemplates returns all templates loaded during Setup.

func (*ScanEngine) NewScanPool 

func (se *ScanEngine) NewScanPool(ctx context.Context, workers int) *ScanPool

NewScanPool creates a worker pool with the specified number of concurrent scan workers. Each worker calls engine.Scan() for each job it picks up, so the total concurrency is bounded by the worker count.

The pool starts immediately — workers begin consuming jobs as they are submitted. Call Close() when done to signal no more jobs and wait for completion.

The Results() channel MUST be consumed concurrently, otherwise workers will block.

func (*ScanEngine) NucleiOptions 

func (se *ScanEngine) NucleiOptions() *types.Options

NucleiOptions returns the underlying nuclei types.Options for advanced customization. Available only after Setup() has been called. Returns nil before Setup().

This gives Go users full access to every nuclei option beyond what the SDK's With* functions expose. Modify before calling Scan() — changes during a scan are not safe. 

engine, _ := nucleisdk.NewScanEngine(nucleisdk.WithRateLimit(100))
engine.Setup()
opts := engine.NucleiOptions()
opts.FollowRedirects = true
opts.MaxHostError = 5

func (*ScanEngine) RunParallel 

func (se *ScanEngine) RunParallel(ctx context.Context, scans ...ConcurrentScan) (<-chan *LabeledResult, error)

RunParallel launches multiple lightweight scans concurrently using the shared global resources. Each scan gets its own core.Engine and filtered templates. Results are tagged with the scan label.

This is the most efficient way to run multiple scan types concurrently. Unlike creating N separate engines, all scans share a single set of global resources (templates, interactsh, rate limiter, etc.).

func (*ScanEngine) RunScan 

func (se *ScanEngine) RunScan(ctx context.Context, perScanOpts ...Option) (<-chan *ScanResult, error)

RunScan provides backward compatibility with the old per-scan engine API. Internally, it creates a ScanOptions from the per-scan Option overrides and calls Scan(). Requires Setup() to have been called first.

func (*ScanEngine) RunScanWithCallback 

func (se *ScanEngine) RunScanWithCallback(ctx context.Context, callback func(*ScanResult), perScanOpts ...Option) error

RunScanWithCallback provides backward compatibility with the old callback API.

func (*ScanEngine) Scan 

func (se *ScanEngine) Scan(ctx context.Context, scanOpts *ScanOptions) (<-chan *ScanResult, error)

Scan executes a lightweight scan with the given per-scan options. Creates only a core.Engine, ExecutorOptions copy, and SimpleInputProvider per call. Safe to call concurrently from multiple goroutines.

Template selection has two modes:

  1. Filter mode: If no direct templates are specified (TemplateFiles/TemplateDirs/TemplateBytes), templates are filtered from the global store using Tags/Severities/ProtocolTypes/TemplateIDs.

  2. Direct mode: If TemplateFiles, TemplateDirs, or TemplateBytes are set, ONLY those templates are loaded and used. The global store filters are ignored. This is ideal for targeted scans (e.g., "scan target X with this specific CVE template").

func (*ScanEngine) ScanWithCallback 

func (se *ScanEngine) ScanWithCallback(ctx context.Context, scanOpts *ScanOptions, cb func(*ScanResult)) error

ScanWithCallback executes a scan and invokes the callback for each result. Blocks until scanning completes or the context is cancelled.

func (*ScanEngine) Setup 

func (se *ScanEngine) Setup() error

Setup performs the one-time heavy initialization of global resources: protocol state, catalog, parser, template loading, output writer, interactsh client, rate limiter, browser, etc.

This must be called before Scan(). It is safe to call only once.

type ScanOptions 

type ScanOptions struct {
	// Targets to scan (URLs, domains, IPs, host:port)
	Targets    []string
	TargetFile string

	// Template filtering (applied at runtime against the pre-loaded template store)
	// These are ignored when TemplateFiles/TemplateDirs/TemplateBytes are set.
	Tags          []string
	ExcludeTags   []string
	Severities    []string
	ProtocolTypes string // "http", "dns", "ssl", "network" — comma-separated
	TemplateIDs   []string
	ExcludeIDs    []string
	Authors       []string

	// Per-scan template sources (direct mode — bypasses global store)
	TemplateFiles []string             // Specific template file paths for this scan
	TemplateDirs  []string             // Template directories for this scan
	TemplateBytes []TemplateBytesEntry // Raw YAML templates (e.g., from API response)

	// Result severity filter (post-scan filtering)
	ResultSeverityFilter []string
}

ScanOptions defines per-scan parameters for ScanEngine.Scan(). These are lightweight, per-invocation settings — targets, template filters, etc. Global resources (interactsh, parser, catalog, browser) are shared from the engine.

Template selection works in two modes:

  1. Filter mode (default): When only Tags/Severities/ProtocolTypes/TemplateIDs are set, templates are filtered at runtime from the engine's pre-loaded global template store.

  2. Direct mode: When TemplateFiles, TemplateDirs, or TemplateBytes are set, ONLY those templates are loaded and used for this scan. The global store is not used. This is ideal for targeted scans where you know exactly which template to run.

type ScanPool 

type ScanPool struct {
	// contains filtered or unexported fields
}

ScanPool manages a pool of concurrent scan workers backed by a shared ScanEngine. Jobs can be submitted dynamically at any time, and results stream through a unified channel. This is ideal for continuous scanning workflows where new targets/templates arrive over time (e.g., from an API, message queue, or webhook).

Usage: 

pool := engine.NewScanPool(ctx, 10)

pool.Submit("CVE-2024-1234", &nucleisdk.ScanOptions{...})
pool.Submit("CVE-2024-5678", &nucleisdk.ScanOptions{...})

go func() {
    for r := range pool.Results() {
        fmt.Printf("[%s] %s\n", r.Label, r.TemplateID)
    }
}()

pool.Submit("CVE-2024-9999", &nucleisdk.ScanOptions{...})

pool.Close()
fmt.Println(pool.Stats())

func (*ScanPool) Close 

func (p *ScanPool) Close()

Close signals that no more jobs will be submitted and waits for all active scans to complete. The Results() channel is closed after the last result is sent.

Safe to call multiple times.

func (*ScanPool) Results 

func (p *ScanPool) Results() <-chan *LabeledResult

Results returns the channel that streams all scan results from all jobs. Each result is tagged with the job label it belongs to.

The channel is closed after Close() is called and all pending jobs complete. This channel MUST be consumed — otherwise workers will block.

func (*ScanPool) Stats 

func (p *ScanPool) Stats() PoolStats

Stats returns the current pool statistics.

func (*ScanPool) Submit 

func (p *ScanPool) Submit(label string, opts *ScanOptions) error

Submit queues a labeled scan job for execution. Safe to call from multiple goroutines concurrently. Blocks if the internal job queue is full.

Returns an error if the pool has been closed or the context is cancelled.

type ScanResult 

type ScanResult struct {
	// Core identification
	TemplateID   string `json:"template_id"`
	TemplateName string `json:"template_name"`
	TemplatePath string `json:"template_path,omitempty"`
	Severity     string `json:"severity"`
	Type         string `json:"type"`

	// Match details
	Host             string   `json:"host"`
	MatchedURL       string   `json:"matched_url"`
	MatcherName      string   `json:"matcher_name,omitempty"`
	ExtractorName    string   `json:"extractor_name,omitempty"`
	ExtractedResults []string `json:"extracted_results,omitempty"`
	IP               string   `json:"ip,omitempty"`
	Port             string   `json:"port,omitempty"`
	Scheme           string   `json:"scheme,omitempty"`
	URL              string   `json:"url,omitempty"`
	Path             string   `json:"path,omitempty"`

	// Request/Response
	Request     string `json:"request,omitempty"`
	Response    string `json:"response,omitempty"`
	CURLCommand string `json:"curl_command,omitempty"`

	// Metadata
	Tags        []string               `json:"tags,omitempty"`
	Authors     []string               `json:"authors,omitempty"`
	Description string                 `json:"description,omitempty"`
	Impact      string                 `json:"impact,omitempty"`
	Remediation string                 `json:"remediation,omitempty"`
	Reference   []string               `json:"reference,omitempty"`
	Metadata    map[string]interface{} `json:"metadata,omitempty"`

	// Classification
	CVEID       []string `json:"cve_id,omitempty"`
	CWEID       []string `json:"cwe_id,omitempty"`
	CVSSMetrics string   `json:"cvss_metrics,omitempty"`
	CVSSScore   float64  `json:"cvss_score,omitempty"`
	EPSSScore   float64  `json:"epss_score,omitempty"`
	CPE         string   `json:"cpe,omitempty"`

	// Fuzzing
	IsFuzzingResult  bool   `json:"is_fuzzing_result,omitempty"`
	FuzzingMethod    string `json:"fuzzing_method,omitempty"`
	FuzzingParameter string `json:"fuzzing_parameter,omitempty"`
	FuzzingPosition  string `json:"fuzzing_position,omitempty"`

	// Status
	MatcherStatus bool      `json:"matcher_status"`
	Timestamp     time.Time `json:"timestamp"`
	Error         string    `json:"error,omitempty"`
	// contains filtered or unexported fields
}

ScanResult represents a single scan finding with a clean API.

func (*ScanResult) IsCritical 

func (r *ScanResult) IsCritical() bool

IsCritical returns true if the severity is critical.

func (*ScanResult) IsHighOrAbove 

func (r *ScanResult) IsHighOrAbove() bool

IsHighOrAbove returns true if the severity is high or critical.

func (*ScanResult) JSON 

func (r *ScanResult) JSON() string

JSON returns the result serialized as a JSON string.

func (*ScanResult) JSONBytes 

func (r *ScanResult) JSONBytes() ([]byte, error)

JSONBytes returns the result serialized as JSON bytes.

func (*ScanResult) JSONPretty 

func (r *ScanResult) JSONPretty() string

JSONPretty returns the result serialized as pretty-printed JSON.

func (*ScanResult) RawEvent 

func (r *ScanResult) RawEvent() *output.ResultEvent

RawEvent returns the underlying nuclei output.ResultEvent for advanced users.

func (*ScanResult) SeverityLevel 

func (r *ScanResult) SeverityLevel() int

SeverityLevel returns a numeric severity level. 0=unknown, 1=info, 2=low, 3=medium, 4=high, 5=critical

type Scanner 

type Scanner struct {
	// contains filtered or unexported fields
}

Scanner is the main entry point for running nuclei scans.

func NewScanner 

func NewScanner(opts ...Option) (*Scanner, error)

NewScanner creates a new Scanner with the given options.

func (*Scanner) Close 

func (s *Scanner) Close() error

Close releases resources held by the scanner.

func (*Scanner) Run 

func (s *Scanner) Run(ctx context.Context) (<-chan *ScanResult, error)

Run executes the scan and returns results via a channel. The channel is closed when scanning completes or the context is cancelled. Any scan execution errors are sent as a ScanResult with the Error field set.

func (*Scanner) RunWithCallback 

func (s *Scanner) RunWithCallback(ctx context.Context, callback func(*ScanResult)) error

RunWithCallback executes the scan and invokes the callback for each result. Blocks until scanning is complete or the context is cancelled.

type TemplateBytesEntry 

type TemplateBytesEntry struct {
	Name string
	Data []byte
}

TemplateBytesEntry holds a named raw YAML template.

func TemplateBytes 

func TemplateBytes(name string, data []byte) TemplateBytesEntry

TemplateBytes creates a TemplateBytesEntry from a name and YAML data.

type TemplateInfo 

type TemplateInfo struct {
	ID          string   `json:"id"`
	Name        string   `json:"name"`
	Author      string   `json:"author"`
	Severity    string   `json:"severity"`
	Tags        []string `json:"tags,omitempty"`
	Description string   `json:"description,omitempty"`
}

TemplateInfo contains parsed metadata from a nuclei template.

func ParseTemplateInfo 

func ParseTemplateInfo(data []byte) (*TemplateInfo, error)

ParseTemplateInfo extracts metadata from raw YAML template bytes without creating a full nuclei engine.

type WebScanner 

type WebScanner struct {
	// contains filtered or unexported fields
}

WebScanner is a pre-configured scanner for general web security testing. It runs HTTP-based templates excluding destructive categories.

func NewWebScanner 

func NewWebScanner(opts ...Option) (*WebScanner, error)

NewWebScanner creates a new general web scanner with sensible defaults.

func (*WebScanner) Close 

func (w *WebScanner) Close() error

Close releases resources.

func (*WebScanner) Run 

func (w *WebScanner) Run(ctx context.Context) (<-chan *ScanResult, error)

Run executes the web scan and returns results via a channel.

func (*WebScanner) RunWithCallback 

func (w *WebScanner) RunWithCallback(ctx context.Context, cb func(*ScanResult)) error

RunWithCallback executes the web scan with a callback.

func (WebScanner) Scanner 

func (p WebScanner) Scanner() *Scanner

Scanner returns the underlying Scanner for advanced access.

type WordPressScanner 

type WordPressScanner struct {
	// contains filtered or unexported fields
}

WordPressScanner is a pre-configured scanner for WordPress security testing. It focuses on WordPress core, plugins, themes, and common misconfigurations.

func NewWordPressScanner 

func NewWordPressScanner(opts ...Option) (*WordPressScanner, error)

NewWordPressScanner creates a new WordPress scanner with sensible defaults.

func (*WordPressScanner) Close 

func (w *WordPressScanner) Close() error

Close releases resources.

func (*WordPressScanner) Run 

func (w *WordPressScanner) Run(ctx context.Context) (<-chan *ScanResult, error)

Run executes the WordPress scan and returns results via a channel.

func (*WordPressScanner) RunWithCallback 

func (w *WordPressScanner) RunWithCallback(ctx context.Context, cb func(*ScanResult)) error

RunWithCallback executes the WordPress scan with a callback.

func (WordPressScanner) Scanner 

func (p WordPressScanner) Scanner() *Scanner

Scanner returns the underlying Scanner for advanced access.

Source Files

View all Source files

Directories

Path Synopsis
cmd
nuclei-sdk-bridge command
examples
api_security command
basic command
concurrent command
custom_config command
raw_template command
reusable_engine command
scan_pool command
targeted_scan command
wordpress command

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.