Skip to main content

nuclei

Nuclei is a fast, template-based vulnerability scanner designed for automated security workflows in Canva. It enables workflow builders to effectively identify vulnerabilities across multiple targets by utilizing a rich library of predefined scanning templates.

Ideal Use Cases & Fit

Nuclei performs exceptionally well in scenarios where quick assessments of web applications or services are required. It is ideal for conducting reconnaissance during the early stages of a security assessment by scanning lists of URLs or hosts for known vulnerabilities. Typical inputs include newline-separated lists of target URLs or hosts. However, it is less suitable for in-depth application analysis or when custom, domain-specific checks are needed.

Value in Workflows

Integrating Nuclei into security workflows enhances the efficiency of vulnerability discovery processes. It serves as an early reconnaissance tool, efficiently identifying potential weaknesses that can then be targeted for remediation. By automating vulnerability detection, Nuclei helps streamline security assessments and allows teams to focus on high-priority security issues.

Input Data

Nuclei requires a target input file formatted as newline-separated URLs or hosts to scan. This input is essential for directing the scanning process. An example input format may include:

https://example1.com
https://example2.com

Configuration

  • silent: Controls whether output is saved to a file without displaying it on the console.
  • jsonl: Selects the output format for results, enabling JSONL (JSON Lines) formatting.
  • proxy: Specifies a list of HTTP/SOCKS5 proxies to be used during scans.
  • templates: Lists templates or directories of templates to execute during the scan.
  • workflow-url: Accepts a list of workflows or URLs for specific scans based on configured workflows.
  • max-host-error: Sets the maximum number of errors before a host is skipped from scanning.
  • input-read-timeout: Defines the timeout duration for reading input data.
  • headless: Enables support for templates that require a headless browser environment.
  • scan-strategy: Chooses the scanning strategy (e.g., auto, host-spray) for optimizing resource use during scans.
  • no-httpx: Decides whether to disable HTTPX probing for non-URL input. Updated: 2026-02-10