com um clique
strix-nuclei
Strix Nuclei 命令手册,覆盖模板选择、高吞吐执行与自动化边界控制;触发名:strix-nuclei
Instalar com Codex ou Claude Copie este prompt, cole no Codex, Claude ou outro assistente e deixe que ele revise a página da skill e instale para você.
Menu
Strix Nuclei 命令手册,覆盖模板选择、高吞吐执行与自动化边界控制;触发名:strix-nuclei
Instalar com Codex ou Claude Copie este prompt, cole no Codex, Claude ou outro assistente e deixe que ele revise a página da skill e instale para você.
Baseado na classificação ocupacional SOC
面向中文用户和新手的统一入口,保持原有两种模式:1) 自动分流,2) 先头脑风暴再分流。分流目标既可以是 ctf-*,也可以在 Web/接口/漏洞验证阶段增强到 strix-*;适合不知道该用哪个 skill、想先理清题意、又不想自己先判断何时该切到工具链或漏洞专项的场景;触发名:ctf-beginner-hub
面向 CTF 新手与综合题的统一总控 skill。保持原有两种主模式:1) 自动分流,2) 先头脑风暴再分流。分流目标既可以是 ctf-*,也可以在 Web/接口/漏洞验证阶段增强到 strix-*;适合不知道该用哪个 skill、想边做边学、又不想自己先判断何时切换到工具链或漏洞专项的场景;触发名:ctf-super-hub
Strix JWT 与 OIDC 安全测试手册,覆盖令牌伪造、算法混淆与声明篡改;触发名:strix-authentication-jwt
给中文用户和新手用的 Strix Lite 统一入口:先判断该用哪一个 strix-* 工具或漏洞测试 skill,再给最小化起手步骤;适合在 Web 安全测试、工具链使用、漏洞验证时不知道先用哪个 Strix skill 的场景;触发名:strix-beginner-hub
Strix 功能级授权缺陷测试手册,覆盖操作级权限失效、管理功能越权与 API 操作绕过;触发名:strix-broken-function-level-authorization
Strix 业务逻辑漏洞测试手册,覆盖流程绕过、状态操控与领域约束破坏;触发名:strix-business-logic
| name | Strix•Nuclei 用法 |
| description | Strix Nuclei 命令手册,覆盖模板选择、高吞吐执行与自动化边界控制;触发名:strix-nuclei |
Official docs:
Canonical syntax:
nuclei [flags]
High-signal flags:
-u, -target <url> single target-l, -list <file> targets file-im, -input-mode <mode> list/burp/jsonl/yaml/openapi/swagger-t, -templates <path|tag> explicit template path(s)-tags <tag1,tag2> run by tag-s, -severity <critical,high,...> severity filter-as, -automatic-scan tech-mapped automatic scan-ni, -no-interactsh disable OAST/interactsh requests-rl, -rate-limit <n> global request rate cap-c, -concurrency <n> template concurrency-bs, -bulk-size <n> hosts in parallel per template-timeout <seconds> request timeout-retries <n> retries-stats periodic scan stats output-silent findings-only output-j, -jsonl JSONL output-o <file> output fileAgent-safe baseline for automation:
nuclei -l targets.txt -as -s critical,high -rl 50 -c 20 -bs 20 -timeout 10 -retries 1 -silent -j -o nuclei.jsonl
Common patterns:
nuclei -u https://target.tld -s critical,high -silent -o nuclei_high.txtnuclei -l targets.txt -as -rl 50 -c 20 -bs 20 -timeout 10 -retries 1 -j -o nuclei.jsonlnuclei -l targets.txt -tags cve,misconfig -s critical,high,medium -silentnuclei -l targets.txt -t http/cves/ -t dns/ -rl 30 -c 10 -bs 10 -j -o nuclei_templates.jsonlnuclei -l targets.txt -as -s critical,high -ni -stats -rl 30 -c 10 -bs 10 -timeout 10 -retries 1 -j -o nuclei_no_oast.jsonlCritical correctness rules:
-as, -t, or -tags); avoid unscoped broad runs.-rl, -c, and -bs explicit for predictable resource use.-ni when outbound interactsh/OAST traffic is not expected or not allowed.-j -o <file>) for automation.Usage rules:
-retries 1) unless transport instability is proven.-h/--help for routine operation unless absolutely necessary.Failure recovery:
-c/-bs before lowering -rl.-as vs explicit -t/-tags).If uncertain, query web_search with:
site:docs.projectdiscovery.io nuclei <flag> running