From 776d529cc8d342c588f4db974651c777a283dbab Mon Sep 17 00:00:00 2001 From: liquidsec Date: Fri, 17 Jan 2025 12:17:22 -0500 Subject: [PATCH 1/7] adding nuclei presets --- bbot/presets/nuclei/nuclei-budget.yml | 17 +++++++++++++++++ bbot/presets/nuclei/nuclei-intense.yml | 16 ++++++++++++++++ bbot/presets/nuclei/nuclei-max.yml | 19 +++++++++++++++++++ bbot/presets/nuclei/nuclei-polite.yml | 17 +++++++++++++++++ bbot/presets/nuclei/nuclei-precision-max.yml | 20 ++++++++++++++++++++ bbot/presets/nuclei/nuclei-technology.yml | 16 ++++++++++++++++ bbot/presets/nuclei/nuclei.yml | 15 +++++++++++++++ 7 files changed, 120 insertions(+) create mode 100644 bbot/presets/nuclei/nuclei-budget.yml create mode 100644 bbot/presets/nuclei/nuclei-intense.yml create mode 100644 bbot/presets/nuclei/nuclei-max.yml create mode 100644 bbot/presets/nuclei/nuclei-polite.yml create mode 100644 bbot/presets/nuclei/nuclei-precision-max.yml create mode 100644 bbot/presets/nuclei/nuclei-technology.yml create mode 100644 bbot/presets/nuclei/nuclei.yml diff --git a/bbot/presets/nuclei/nuclei-budget.yml b/bbot/presets/nuclei/nuclei-budget.yml new file mode 100644 index 0000000000..10e25c25b0 --- /dev/null +++ b/bbot/presets/nuclei/nuclei-budget.yml @@ -0,0 +1,17 @@ +description: Run nuclei scans against all discovered targets, using budget mode to look for low hanging fruit with greatly reduced footprint + +modules: + - httpx + - nuclei + - portfilter + +config: + modules: + nuclei: + mode: budget + budget: 10 + directory_only: True # Do not run nuclei on individual non-directory URLs + web: + # For the standard nuclei preset, explicitly disable the spider + spider_distance: 0 + spider_depth: 0 diff --git a/bbot/presets/nuclei/nuclei-intense.yml b/bbot/presets/nuclei/nuclei-intense.yml new file mode 100644 index 0000000000..0860b4484c --- /dev/null +++ b/bbot/presets/nuclei/nuclei-intense.yml @@ -0,0 +1,16 @@ +description: Run nuclei scans against all discovered targets, allowing for minimal spidering, with additional discovery modules. + +modules: + - httpx + - nuclei + - robots + - portfilter + - wayback + +config: + modules: + nuclei: + directory_only: True # Do not run nuclei on individual non-directory URLs + web: + spider_distance: 1 + spider_depth: 3 diff --git a/bbot/presets/nuclei/nuclei-max.yml b/bbot/presets/nuclei/nuclei-max.yml new file mode 100644 index 0000000000..fa45645df2 --- /dev/null +++ b/bbot/presets/nuclei/nuclei-max.yml @@ -0,0 +1,19 @@ +description: Run nuclei scans against all discovered targets, allowing for spidering, with additional discovery modules, and run against ALL URLs + +include: + - dirbust-light + +modules: + - httpx + - nuclei + - robots + - portfilter + - wayback + +config: + modules: + nuclei: + directory_only: False # This will run nuclei on ALL discovered URLs! Be careful! + web: + spider_distance: 2 + spider_depth: 4 diff --git a/bbot/presets/nuclei/nuclei-polite.yml b/bbot/presets/nuclei/nuclei-polite.yml new file mode 100644 index 0000000000..5e7d54a0fa --- /dev/null +++ b/bbot/presets/nuclei/nuclei-polite.yml @@ -0,0 +1,17 @@ +description: Run nuclei scans against all discovered targets, going extra slow to be kind to the target servers + +modules: + - httpx + - nuclei + - portfilter + +config: + modules: + nuclei: + ratelimit: 10 + concurrency: 5 + directory_only: True # Do not run nuclei on individual non-directory URLs + web: + # For the standard nuclei preset, explicitly disable the spider + spider_distance: 0 + spider_depth: 0 diff --git a/bbot/presets/nuclei/nuclei-precision-max.yml b/bbot/presets/nuclei/nuclei-precision-max.yml new file mode 100644 index 0000000000..3f35e0b7f0 --- /dev/null +++ b/bbot/presets/nuclei/nuclei-precision-max.yml @@ -0,0 +1,20 @@ +description: Run nuclei scans against all discovered targets, allowing for spidering, with additional discovery modules, and run against ALL URLs + +include: + - dirbust-light + +modules: + - httpx + - nuclei + - robots + - portfilter + - wayback + +config: + modules: + nuclei: + mode: technology + directory_only: False # This will run nuclei on ALL discovered URLs! Be careful! + web: + spider_distance: 2 + spider_depth: 4 diff --git a/bbot/presets/nuclei/nuclei-technology.yml b/bbot/presets/nuclei/nuclei-technology.yml new file mode 100644 index 0000000000..7d71a448c4 --- /dev/null +++ b/bbot/presets/nuclei/nuclei-technology.yml @@ -0,0 +1,16 @@ +description: Run nuclei scans against all discovered targets, running templates which match discovered technologies + +modules: + - httpx + - nuclei + - portfilter + +config: + modules: + nuclei: + mode: technology + directory_only: True # Do not run nuclei on individual non-directory URLs + web: + # For the standard nuclei preset, explicitly disable the spider + spider_distance: 0 + spider_depth: 0 diff --git a/bbot/presets/nuclei/nuclei.yml b/bbot/presets/nuclei/nuclei.yml new file mode 100644 index 0000000000..0f4d5cbd96 --- /dev/null +++ b/bbot/presets/nuclei/nuclei.yml @@ -0,0 +1,15 @@ +description: Run nuclei scans against all discovered targets + +modules: + - httpx + - nuclei + - portfilter + +config: + modules: + nuclei: + directory_only: True # Do not run nuclei on individual non-directory URLs + web: + # For the standard nuclei preset, explicitly disable the spider + spider_distance: 0 + spider_depth: 0 From fe8d33a6d965fbc81912d7d5c873d1f49ecdca3b Mon Sep 17 00:00:00 2001 From: liquidsec Date: Fri, 17 Jan 2025 12:20:50 -0500 Subject: [PATCH 2/7] update language --- bbot/presets/nuclei/nuclei-precision-max.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bbot/presets/nuclei/nuclei-precision-max.yml b/bbot/presets/nuclei/nuclei-precision-max.yml index 3f35e0b7f0..b2cf2392f2 100644 --- a/bbot/presets/nuclei/nuclei-precision-max.yml +++ b/bbot/presets/nuclei/nuclei-precision-max.yml @@ -1,4 +1,4 @@ -description: Run nuclei scans against all discovered targets, allowing for spidering, with additional discovery modules, and run against ALL URLs +description: Run nuclei scans against all discovered targets, allowing for spidering, with additional discovery modules, and run against ALL URLs, but limited by technology detection include: - dirbust-light From cf909d2ad1c443180fba1c716a8474e4e1e266e9 Mon Sep 17 00:00:00 2001 From: liquidsec Date: Fri, 17 Jan 2025 12:45:17 -0500 Subject: [PATCH 3/7] updating presets --- bbot/presets/nuclei/nuclei-budget.yml | 2 +- bbot/presets/nuclei/nuclei-max.yml | 2 ++ bbot/presets/nuclei/nuclei-precision-max.yml | 2 ++ 3 files changed, 5 insertions(+), 1 deletion(-) diff --git a/bbot/presets/nuclei/nuclei-budget.yml b/bbot/presets/nuclei/nuclei-budget.yml index 10e25c25b0..2f2f0b16a9 100644 --- a/bbot/presets/nuclei/nuclei-budget.yml +++ b/bbot/presets/nuclei/nuclei-budget.yml @@ -1,4 +1,4 @@ -description: Run nuclei scans against all discovered targets, using budget mode to look for low hanging fruit with greatly reduced footprint +description: Run nuclei scans against all discovered targets, using budget mode to look for low hanging fruit with greatly reduced number of requests modules: - httpx diff --git a/bbot/presets/nuclei/nuclei-max.yml b/bbot/presets/nuclei/nuclei-max.yml index fa45645df2..0c6841ba42 100644 --- a/bbot/presets/nuclei/nuclei-max.yml +++ b/bbot/presets/nuclei/nuclei-max.yml @@ -14,6 +14,8 @@ config: modules: nuclei: directory_only: False # This will run nuclei on ALL discovered URLs! Be careful! + wayback: + urls: true web: spider_distance: 2 spider_depth: 4 diff --git a/bbot/presets/nuclei/nuclei-precision-max.yml b/bbot/presets/nuclei/nuclei-precision-max.yml index b2cf2392f2..222fa7197d 100644 --- a/bbot/presets/nuclei/nuclei-precision-max.yml +++ b/bbot/presets/nuclei/nuclei-precision-max.yml @@ -15,6 +15,8 @@ config: nuclei: mode: technology directory_only: False # This will run nuclei on ALL discovered URLs! Be careful! + wayback: + urls: true web: spider_distance: 2 spider_depth: 4 From 71b94d70fe904455fb2e1d8f65916d3972394aa6 Mon Sep 17 00:00:00 2001 From: liquidsec Date: Tue, 21 Jan 2025 16:02:43 -0500 Subject: [PATCH 4/7] minimizing number of presets --- bbot/presets/nuclei/nuclei-budget.yml | 6 +----- bbot/presets/nuclei/nuclei-intense.yml | 12 +++++++++-- bbot/presets/nuclei/nuclei-max.yml | 21 ------------------- bbot/presets/nuclei/nuclei-polite.yml | 17 --------------- bbot/presets/nuclei/nuclei-precision-max.yml | 22 -------------------- bbot/presets/nuclei/nuclei-technology.yml | 11 +++++----- bbot/presets/nuclei/nuclei.yml | 21 +++++++++++++++---- 7 files changed, 34 insertions(+), 76 deletions(-) delete mode 100644 bbot/presets/nuclei/nuclei-max.yml delete mode 100644 bbot/presets/nuclei/nuclei-polite.yml delete mode 100644 bbot/presets/nuclei/nuclei-precision-max.yml diff --git a/bbot/presets/nuclei/nuclei-budget.yml b/bbot/presets/nuclei/nuclei-budget.yml index 2f2f0b16a9..7e8e6dfc79 100644 --- a/bbot/presets/nuclei/nuclei-budget.yml +++ b/bbot/presets/nuclei/nuclei-budget.yml @@ -10,8 +10,4 @@ config: nuclei: mode: budget budget: 10 - directory_only: True # Do not run nuclei on individual non-directory URLs - web: - # For the standard nuclei preset, explicitly disable the spider - spider_distance: 0 - spider_depth: 0 + directory_only: true # Do not run nuclei on individual non-directory URLs diff --git a/bbot/presets/nuclei/nuclei-intense.yml b/bbot/presets/nuclei/nuclei-intense.yml index 0860b4484c..274d60053c 100644 --- a/bbot/presets/nuclei/nuclei-intense.yml +++ b/bbot/presets/nuclei/nuclei-intense.yml @@ -1,4 +1,4 @@ -description: Run nuclei scans against all discovered targets, allowing for minimal spidering, with additional discovery modules. +description: Run nuclei scans against all discovered targets, allowing for spidering, against ALL URLs, and with additional discovery modules. modules: - httpx @@ -10,7 +10,15 @@ modules: config: modules: nuclei: - directory_only: True # Do not run nuclei on individual non-directory URLs + directory_only: False # Will run nuclei on ALL discovered URLs - Be careful! + wayback: + urls: true web: spider_distance: 1 spider_depth: 3 + + +# Example for also running a dirbust + +#include: +# - dirbust-light diff --git a/bbot/presets/nuclei/nuclei-max.yml b/bbot/presets/nuclei/nuclei-max.yml deleted file mode 100644 index 0c6841ba42..0000000000 --- a/bbot/presets/nuclei/nuclei-max.yml +++ /dev/null @@ -1,21 +0,0 @@ -description: Run nuclei scans against all discovered targets, allowing for spidering, with additional discovery modules, and run against ALL URLs - -include: - - dirbust-light - -modules: - - httpx - - nuclei - - robots - - portfilter - - wayback - -config: - modules: - nuclei: - directory_only: False # This will run nuclei on ALL discovered URLs! Be careful! - wayback: - urls: true - web: - spider_distance: 2 - spider_depth: 4 diff --git a/bbot/presets/nuclei/nuclei-polite.yml b/bbot/presets/nuclei/nuclei-polite.yml deleted file mode 100644 index 5e7d54a0fa..0000000000 --- a/bbot/presets/nuclei/nuclei-polite.yml +++ /dev/null @@ -1,17 +0,0 @@ -description: Run nuclei scans against all discovered targets, going extra slow to be kind to the target servers - -modules: - - httpx - - nuclei - - portfilter - -config: - modules: - nuclei: - ratelimit: 10 - concurrency: 5 - directory_only: True # Do not run nuclei on individual non-directory URLs - web: - # For the standard nuclei preset, explicitly disable the spider - spider_distance: 0 - spider_depth: 0 diff --git a/bbot/presets/nuclei/nuclei-precision-max.yml b/bbot/presets/nuclei/nuclei-precision-max.yml deleted file mode 100644 index 222fa7197d..0000000000 --- a/bbot/presets/nuclei/nuclei-precision-max.yml +++ /dev/null @@ -1,22 +0,0 @@ -description: Run nuclei scans against all discovered targets, allowing for spidering, with additional discovery modules, and run against ALL URLs, but limited by technology detection - -include: - - dirbust-light - -modules: - - httpx - - nuclei - - robots - - portfilter - - wayback - -config: - modules: - nuclei: - mode: technology - directory_only: False # This will run nuclei on ALL discovered URLs! Be careful! - wayback: - urls: true - web: - spider_distance: 2 - spider_depth: 4 diff --git a/bbot/presets/nuclei/nuclei-technology.yml b/bbot/presets/nuclei/nuclei-technology.yml index 7d71a448c4..cd3d02668d 100644 --- a/bbot/presets/nuclei/nuclei-technology.yml +++ b/bbot/presets/nuclei/nuclei-technology.yml @@ -9,8 +9,9 @@ config: modules: nuclei: mode: technology - directory_only: True # Do not run nuclei on individual non-directory URLs - web: - # For the standard nuclei preset, explicitly disable the spider - spider_distance: 0 - spider_depth: 0 + directory_only: True # Do not run nuclei on individual non-directory URLs. This is less unsafe to disable with technology mode. + +# Example for also running a dirbust + +#include: +# - dirbust-light diff --git a/bbot/presets/nuclei/nuclei.yml b/bbot/presets/nuclei/nuclei.yml index 0f4d5cbd96..0c460e2370 100644 --- a/bbot/presets/nuclei/nuclei.yml +++ b/bbot/presets/nuclei/nuclei.yml @@ -9,7 +9,20 @@ config: modules: nuclei: directory_only: True # Do not run nuclei on individual non-directory URLs - web: - # For the standard nuclei preset, explicitly disable the spider - spider_distance: 0 - spider_depth: 0 + + +# Additional Examples: + +# Slowing Down Scan: + +#config: +# modules: +# nuclei: +# ratelimit: 10 +# concurrency: 5 + + + + + + From f36633f955203fba006efb46f933dfc13a5b828e Mon Sep 17 00:00:00 2001 From: liquidsec Date: Tue, 21 Jan 2025 16:08:42 -0500 Subject: [PATCH 5/7] adding urlscan --- bbot/presets/nuclei/nuclei-intense.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/bbot/presets/nuclei/nuclei-intense.yml b/bbot/presets/nuclei/nuclei-intense.yml index 274d60053c..380bc85ed6 100644 --- a/bbot/presets/nuclei/nuclei-intense.yml +++ b/bbot/presets/nuclei/nuclei-intense.yml @@ -4,6 +4,7 @@ modules: - httpx - nuclei - robots + - urlscan - portfilter - wayback From 87115cf935a45194922f3a88894e5ce420cbfdb0 Mon Sep 17 00:00:00 2001 From: liquidsec Date: Thu, 23 Jan 2025 14:19:45 -0500 Subject: [PATCH 6/7] adding spider warning to nuclei presets --- bbot/presets/nuclei/nuclei-budget.yml | 6 ++++++ bbot/presets/nuclei/nuclei-intense.yml | 13 +++++-------- bbot/presets/nuclei/nuclei-technology.yml | 6 ++++++ bbot/presets/nuclei/nuclei.yml | 12 +++++++++--- 4 files changed, 26 insertions(+), 11 deletions(-) diff --git a/bbot/presets/nuclei/nuclei-budget.yml b/bbot/presets/nuclei/nuclei-budget.yml index 7e8e6dfc79..d4ac5c8163 100644 --- a/bbot/presets/nuclei/nuclei-budget.yml +++ b/bbot/presets/nuclei/nuclei-budget.yml @@ -11,3 +11,9 @@ config: mode: budget budget: 10 directory_only: true # Do not run nuclei on individual non-directory URLs + +conditions: + - | + {% if config.web.spider_distance != 0 %} + {{ warn("Running nuclei with spider enabled is generally not recommended. Consider removing 'spider' preset.") }} + {% endif %} diff --git a/bbot/presets/nuclei/nuclei-intense.yml b/bbot/presets/nuclei/nuclei-intense.yml index 380bc85ed6..4119c52fef 100644 --- a/bbot/presets/nuclei/nuclei-intense.yml +++ b/bbot/presets/nuclei/nuclei-intense.yml @@ -14,12 +14,9 @@ config: directory_only: False # Will run nuclei on ALL discovered URLs - Be careful! wayback: urls: true - web: - spider_distance: 1 - spider_depth: 3 - -# Example for also running a dirbust - -#include: -# - dirbust-light +conditions: + - | + {% if config.web.spider_distance == 0 and config.modules.nuclei.directory_only == False %} + {{ warn("The 'nuclei-intense' preset turns the 'directory_only' limitation off on the nuclei module. To make the best use of this, you may want to enable spidering with 'spider' or 'spider-intense' preset.") }} + {% endif %} diff --git a/bbot/presets/nuclei/nuclei-technology.yml b/bbot/presets/nuclei/nuclei-technology.yml index cd3d02668d..048219e9c3 100644 --- a/bbot/presets/nuclei/nuclei-technology.yml +++ b/bbot/presets/nuclei/nuclei-technology.yml @@ -15,3 +15,9 @@ config: #include: # - dirbust-light + +conditions: + - | + {% if config.web.spider_distance != 0 %} + {{ warn("Running nuclei with spider enabled is generally not recommended. Consider removing 'spider' preset.") }} + {% endif %} diff --git a/bbot/presets/nuclei/nuclei.yml b/bbot/presets/nuclei/nuclei.yml index 0c460e2370..d0d77978eb 100644 --- a/bbot/presets/nuclei/nuclei.yml +++ b/bbot/presets/nuclei/nuclei.yml @@ -11,9 +11,17 @@ config: directory_only: True # Do not run nuclei on individual non-directory URLs +conditions: + - | + {% if config.web.spider_distance != 0 %} + {{ warn("Running nuclei with spider enabled is generally not recommended. Consider removing 'spider' preset.") }} + {% endif %} + + + # Additional Examples: -# Slowing Down Scan: +# Slowing Down Scan #config: # modules: @@ -24,5 +32,3 @@ config: - - From b3a04419e9af935db664061ebb7619d35fb9ce84 Mon Sep 17 00:00:00 2001 From: liquidsec Date: Thu, 23 Jan 2025 14:22:18 -0500 Subject: [PATCH 7/7] more preset tweaks --- bbot/presets/nuclei/nuclei-intense.yml | 6 ++++++ bbot/presets/nuclei/nuclei-technology.yml | 10 +++++----- 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/bbot/presets/nuclei/nuclei-intense.yml b/bbot/presets/nuclei/nuclei-intense.yml index 4119c52fef..27f833c387 100644 --- a/bbot/presets/nuclei/nuclei-intense.yml +++ b/bbot/presets/nuclei/nuclei-intense.yml @@ -20,3 +20,9 @@ conditions: {% if config.web.spider_distance == 0 and config.modules.nuclei.directory_only == False %} {{ warn("The 'nuclei-intense' preset turns the 'directory_only' limitation off on the nuclei module. To make the best use of this, you may want to enable spidering with 'spider' or 'spider-intense' preset.") }} {% endif %} + + +# Example for also running a dirbust + +#include: +# - dirbust-light \ No newline at end of file diff --git a/bbot/presets/nuclei/nuclei-technology.yml b/bbot/presets/nuclei/nuclei-technology.yml index 048219e9c3..c2c4c8cf7a 100644 --- a/bbot/presets/nuclei/nuclei-technology.yml +++ b/bbot/presets/nuclei/nuclei-technology.yml @@ -11,13 +11,13 @@ config: mode: technology directory_only: True # Do not run nuclei on individual non-directory URLs. This is less unsafe to disable with technology mode. -# Example for also running a dirbust - -#include: -# - dirbust-light - conditions: - | {% if config.web.spider_distance != 0 %} {{ warn("Running nuclei with spider enabled is generally not recommended. Consider removing 'spider' preset.") }} {% endif %} + +# Example for also running a dirbust + +#include: +# - dirbust-light