Map CVE IDs to your local nuclei-templates and emit runnable, rate-limited nuclei commands.
Project description
nuclei-index
Map CVE IDs → your local nuclei-templates and get back a runnable, rate-limited nuclei command.
Vulnerability intel tells you what is exploitable on a target. nuclei-index hands you the firing pin: the exact nuclei invocation to verify it. It indexes a local nuclei-templates checkout by CVE, caches the result, and bridges "CVE-X applies" → "run this".
- Zero dependencies. Pure standard-library Python (≥3.9). No YAML parser, no network calls.
- Fast. Builds an on-disk index once and reuses it until your templates change.
- Scriptable. Clean importable API +
--jsonoutput to wire into other tooling.
Install
# from GitHub:
pip install git+https://github.com/sonnycroco/nuclei-index
# or from a local clone:
git clone https://github.com/sonnycroco/nuclei-index
pip install ./nuclei-index
You also need a local nuclei-templates checkout. If you run nuclei, you already have one:
nuclei -update-templates
nuclei-index looks for templates in (first match wins):
$NUCLEI_TEMPLATES~/nuclei-templates~/.local/nuclei-templates~/.config/nuclei/templates
Usage
# Look up a CVE and get the command(s) to run
$ nuclei-index --cve CVE-2021-44228 --host https://target.example
[CVE-2021-44228] 2 template(s):
- CVE-2021-44228 (critical) Apache Log4j RCE (Log4Shell)
/home/you/nuclei-templates/http/cves/2021/CVE-2021-44228.yaml
- ...
Run (rate-limited, authorized hosts only):
nuclei -id CVE-2021-44228 -u https://target.example -rl 20 -timeout 10
# Emit `nuclei -t <path>` form (faster — skips loading the whole template set)
$ nuclei-index --cve CVE-2021-44228 --host https://target.example --by-path
# Machine-readable
$ nuclei-index --cve CVE-2021-44228 --json
{"cve": "CVE-2021-44228", "templates": [...], "commands": [...]}
# Index stats / force a rebuild
$ nuclei-index --stats
$ nuclei-index --rebuild
The index is cached at $XDG_CACHE_HOME/nuclei-index/ (default ~/.cache/nuclei-index/) and refreshed automatically when CVE templates are added or removed under any cves/ directory. The freshness check is a cheap signal over those directories — their modification times and year-subdir listings — so a clean run never has to re-scan every template to confirm the cache is current. It can't see two things on its own: an edit made in place to an existing template (filename and directory unchanged), or a CVE template dropped outside a cves/ directory. Run --rebuild to force a full re-scan in those cases.
As a library
import nuclei_index as ni
ni.templates_for_cve("CVE-2021-44228")
# [{'cve': 'CVE-2021-44228', 'id': 'CVE-2021-44228',
# 'path': 'http/cves/2021/CVE-2021-44228.yaml',
# 'name': 'Apache Log4j RCE', 'severity': 'critical',
# 'suspicious': False}, ...]
ni.runnable_cmd("CVE-2021-44228", "https://target.example", rate=20)
# 'nuclei -id CVE-2021-44228 -u https://target.example -rl 20 -timeout 10'
ni.runnable_cmds("CVE-2021-44228", "https://target.example") # every match
Templates for a CVE are returned highest-severity first; runnable_cmd picks that top one, runnable_cmds returns all of them.
Responsible use
This tool only constructs commands — it never scans anything itself. The emitted nuclei commands are rate-limited by default. Only run them against hosts you are authorized to test.
Development
pip install -e ".[dev]"
pytest
The test suite builds a throwaway fake templates tree — it needs neither a real nuclei install nor your templates.
License
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file nuclei_index-0.1.0.tar.gz.
File metadata
- Download URL: nuclei_index-0.1.0.tar.gz
- Upload date:
- Size: 14.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
b0796f55604b3d3669744aeb9bad68161fcd7e6d3201016a3900db5d79114205
|
|
| MD5 |
5b1b8dfeea52235aa9336863f343cf87
|
|
| BLAKE2b-256 |
bfaffcf875ef4cbc9632a40739dea196ca24d7fbedd741f59594bd829dc59a2a
|
Provenance
The following attestation bundles were made for nuclei_index-0.1.0.tar.gz:
Publisher:
publish.yml on sonnycroco/nuclei-index
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
nuclei_index-0.1.0.tar.gz -
Subject digest:
b0796f55604b3d3669744aeb9bad68161fcd7e6d3201016a3900db5d79114205 - Sigstore transparency entry: 2013651943
- Sigstore integration time:
-
Permalink:
sonnycroco/nuclei-index@084f3587d390e9cd1a5a8404a3215653c49fcacd -
Branch / Tag:
refs/tags/v0.1.0 - Owner: https://github.com/sonnycroco
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@084f3587d390e9cd1a5a8404a3215653c49fcacd -
Trigger Event:
release
-
Statement type:
File details
Details for the file nuclei_index-0.1.0-py3-none-any.whl.
File metadata
- Download URL: nuclei_index-0.1.0-py3-none-any.whl
- Upload date:
- Size: 12.2 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
71891a5e1a31a2785d124432be7f1598c157c6e43b4ecae2a4e6489c5c562e28
|
|
| MD5 |
4559382ac0aae7e2c163aac868f4e8ed
|
|
| BLAKE2b-256 |
d5f16319fac07ddc7cba1ae58c120b1ec0a62e1e1eb9aa842e458b6081c911da
|
Provenance
The following attestation bundles were made for nuclei_index-0.1.0-py3-none-any.whl:
Publisher:
publish.yml on sonnycroco/nuclei-index
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
nuclei_index-0.1.0-py3-none-any.whl -
Subject digest:
71891a5e1a31a2785d124432be7f1598c157c6e43b4ecae2a4e6489c5c562e28 - Sigstore transparency entry: 2013652227
- Sigstore integration time:
-
Permalink:
sonnycroco/nuclei-index@084f3587d390e9cd1a5a8404a3215653c49fcacd -
Branch / Tag:
refs/tags/v0.1.0 - Owner: https://github.com/sonnycroco
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@084f3587d390e9cd1a5a8404a3215653c49fcacd -
Trigger Event:
release
-
Statement type: