Skip to main content

Map CVE IDs to your local nuclei-templates and emit runnable, rate-limited nuclei commands.

Project description

nuclei-index

Map CVE IDs → your local nuclei-templates and get back a runnable, rate-limited nuclei command.

Vulnerability intel tells you what is exploitable on a target. nuclei-index hands you the firing pin: the exact nuclei invocation to verify it. It indexes a local nuclei-templates checkout by CVE, caches the result, and bridges "CVE-X applies" → "run this".

  • Zero dependencies. Pure standard-library Python (≥3.9). No YAML parser, no network calls.
  • Fast. Builds an on-disk index once and reuses it until your templates change.
  • Scriptable. Clean importable API + --json output to wire into other tooling.

Install

# from GitHub:
pip install git+https://github.com/sonnycroco/nuclei-index

# or from a local clone:
git clone https://github.com/sonnycroco/nuclei-index
pip install ./nuclei-index

You also need a local nuclei-templates checkout. If you run nuclei, you already have one:

nuclei -update-templates

nuclei-index looks for templates in (first match wins):

  1. $NUCLEI_TEMPLATES
  2. ~/nuclei-templates
  3. ~/.local/nuclei-templates
  4. ~/.config/nuclei/templates

Usage

# Look up a CVE and get the command(s) to run
$ nuclei-index --cve CVE-2021-44228 --host https://target.example

[CVE-2021-44228] 2 template(s):
  - CVE-2021-44228  (critical)  Apache Log4j RCE (Log4Shell)
    /home/you/nuclei-templates/http/cves/2021/CVE-2021-44228.yaml
  - ...

  Run (rate-limited, authorized hosts only):
    nuclei -id CVE-2021-44228 -u https://target.example -rl 20 -timeout 10

# Emit `nuclei -t <path>` form (faster — skips loading the whole template set)
$ nuclei-index --cve CVE-2021-44228 --host https://target.example --by-path

# Machine-readable
$ nuclei-index --cve CVE-2021-44228 --json
{"cve": "CVE-2021-44228", "templates": [...], "commands": [...]}

# Index stats / force a rebuild
$ nuclei-index --stats
$ nuclei-index --rebuild

The index is cached at $XDG_CACHE_HOME/nuclei-index/ (default ~/.cache/nuclei-index/) and refreshed automatically when CVE templates are added or removed under any cves/ directory. The freshness check is a cheap signal over those directories — their modification times and year-subdir listings — so a clean run never has to re-scan every template to confirm the cache is current. It can't see two things on its own: an edit made in place to an existing template (filename and directory unchanged), or a CVE template dropped outside a cves/ directory. Run --rebuild to force a full re-scan in those cases.

As a library

import nuclei_index as ni

ni.templates_for_cve("CVE-2021-44228")
# [{'cve': 'CVE-2021-44228', 'id': 'CVE-2021-44228',
#   'path': 'http/cves/2021/CVE-2021-44228.yaml',
#   'name': 'Apache Log4j RCE', 'severity': 'critical',
#   'suspicious': False}, ...]

ni.runnable_cmd("CVE-2021-44228", "https://target.example", rate=20)
# 'nuclei -id CVE-2021-44228 -u https://target.example -rl 20 -timeout 10'

ni.runnable_cmds("CVE-2021-44228", "https://target.example")  # every match

Templates for a CVE are returned highest-severity first; runnable_cmd picks that top one, runnable_cmds returns all of them.

Responsible use

This tool only constructs commands — it never scans anything itself. The emitted nuclei commands are rate-limited by default. Only run them against hosts you are authorized to test.

Development

pip install -e ".[dev]"
pytest

The test suite builds a throwaway fake templates tree — it needs neither a real nuclei install nor your templates.

License

Apache-2.0.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

nuclei_index-0.1.0.tar.gz (14.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

nuclei_index-0.1.0-py3-none-any.whl (12.2 kB view details)

Uploaded Python 3

File details

Details for the file nuclei_index-0.1.0.tar.gz.

File metadata

  • Download URL: nuclei_index-0.1.0.tar.gz
  • Upload date:
  • Size: 14.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for nuclei_index-0.1.0.tar.gz
Algorithm Hash digest
SHA256 b0796f55604b3d3669744aeb9bad68161fcd7e6d3201016a3900db5d79114205
MD5 5b1b8dfeea52235aa9336863f343cf87
BLAKE2b-256 bfaffcf875ef4cbc9632a40739dea196ca24d7fbedd741f59594bd829dc59a2a

See more details on using hashes here.

Provenance

The following attestation bundles were made for nuclei_index-0.1.0.tar.gz:

Publisher: publish.yml on sonnycroco/nuclei-index

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file nuclei_index-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: nuclei_index-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 12.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for nuclei_index-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 71891a5e1a31a2785d124432be7f1598c157c6e43b4ecae2a4e6489c5c562e28
MD5 4559382ac0aae7e2c163aac868f4e8ed
BLAKE2b-256 d5f16319fac07ddc7cba1ae58c120b1ec0a62e1e1eb9aa842e458b6081c911da

See more details on using hashes here.

Provenance

The following attestation bundles were made for nuclei_index-0.1.0-py3-none-any.whl:

Publisher: publish.yml on sonnycroco/nuclei-index

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page