Nuclei

Fast, template-based open-source vulnerability scanner with 8,000+ community-contributed detection templates

ToolOpen Source Vulnerability ScannerOpen SourceCloudSelf-hosted

Pricing: Nuclei CLI free (open source, Apache-2.0); ProjectDiscovery Cloud Platform pay-as-you-go from $250 (50 credits/seat, $5/extra credit); Enterprise custom quote

Reviewed by the CyberSecTool editorial team against the public sources cited below · Last reviewed February 2026 · How we review listings

What is Nuclei?

Nuclei is a fast, template-based open-source vulnerability scanner developed by ProjectDiscovery. Built in Go for high performance, Nuclei uses YAML-based templates to define and execute vulnerability checks across web applications, networks, DNS, cloud services, and more. With over 8,000 community-contributed templates covering CVEs, misconfigurations, exposed panels, default credentials, and technology detection, Nuclei has become the preferred tool for security researchers, bug bounty hunters, and organizations wanting a highly customizable and extensible scanning engine.

Best for: Security teams and researchers wanting a fast, customizable, template-driven vulnerability scanner for web and infrastructure testing
Pros
  • Extremely fast scanning with Go-based concurrent execution
  • Highly customizable with easy-to-write YAML templates
  • Massive community-driven template library covering latest CVEs
  • Lightweight CLI tool perfect for CI/CD and automation pipelines
  • Active development with rapid community response to new vulnerabilities
Considerations
  • Requires security expertise to interpret results and write custom templates
  • No built-in vulnerability management workflow or dashboard
  • Template quality varies across community contributions
  • Limited authenticated scanning compared to enterprise scanners
  • Not a complete vulnerability management platform. Scanning engine only

Reported in public reviews and vendor documentation. See sources below.

Key Features

YAML-based template engine for custom checks
8,000+ community-contributed vulnerability templates
High-speed concurrent scanning in Go
Multi-protocol support (HTTP, DNS, TCP, SSL)
CI/CD pipeline integration for DevSecOps
Headless browser support for JavaScript-heavy applications
Automatic template updates from community repository
Output in JSON, SARIF, and multiple reporting formats

Are you Nuclei? Improve this listing with screenshots, case studies and more.

Quick Info
PricingNuclei CLI free (open source, Apache-2.0); ProjectDiscovery Cloud Platform pay-as-you-go from $250 (50 credits/seat, $5/extra credit); Enterprise custom quote
ModelOpen source with optional cloud platform
Founded2020
CloudYes
Self-HostedYes
Open SourceYes

Last updated: Feb 20, 2026

In the glossary