This project handles the orchestration of scanner nuclei, storing results in the database, and reporting to GitLab.
See SOCCER-Project-DEP/vulnman-ansible for Ansible that deploys this tool alongside vulnman-nuclei-orchestrator.
This tool is meant to be used via systemd services, so refer first to the Ansible repository for the most straightforward setup. If you know what you are doing, you can also use the manual usage instructions below.
# Install dependencies
poetry install
# Setup credentials
cp .env.template .env
# Setup credentials for testing
cp .env.template .env.testing# run the tool via poetry
sudo poetry run nuclei-scan-runnerMakefile is a useful wrapper for linting and fixing issues:
# only check
make lint
# try to fix
make fix# To see all available options
poetry run nuclei-scan-runner --help
# Most general run
poetry run nuclei-scan-runner --config ./configs/testing-config.tomlBy default, severity info and low are ignored. You can change this behavior by variable in nuclei_scan_runner/afterscan/script_constants.py
poetry run nuclei-scan-runner --skip-scan --logfile /var/log/vulnman_nuclei/logs/scheduled.ndjson.1 --results /var/log/vulnman_nuclei/results/scheduled/2024-09-12T03\:49\:33.433654.json --gitlab-project-id 6355PGPASSWORD=<PASSWORD> psql -h localhost -U postgres -t -d scan-db -c "select finding from findings" | jq -r | jq '{matched_at: .["matched-at"], name: .info.name}'- This repository is being developed as a part of the SOCCER project.
- Developed by the cybersecurity team of Masaryk University.
- This project is a "mirror" of the original repository hosted on university Gitlab. New features and fixes here are being added upon new releases of the original repository.
Are you missing something? Do you have any suggestions or problems? Please create an issue.
Or ask us at csirt-info@muni.cz; we are happy to help you, answer your questions, or discuss your ideas.