projectdiscovery

projectdiscovery/nuclei-templates

JavaScript MIT Security

Community curated list of templates for the nuclei engine to find security vulnerabilities.

12.6k stars
3.6k forks
active
GitHub +30 / week

12.6k

Stars

3.6k

Forks

136

Open issues

30

Contributors

v10.4.5 23 Jun 2026

AI Analysis

Nuclei Templates is a community-curated repository of security scanning templates for the Nuclei engine, a vulnerability detection tool used by security researchers and bug bounty hunters. It provides pre-built templates for identifying known vulnerabilities, CVEs, and security misconfigurations across web applications, cloud infrastructure, and network services. The project is purpose-built for security professionals who need rapid vulnerability assessment capabilities rather than general-pu...

Security Security Tool Discovery value: 3/10
Documentation 8/10
Activity 9/10
Community 9/10
Code quality 5/10

Inferred from signals mentioned in the README (tests, CI, type safety) — not a review of the actual code.

Overall score 8/10

AI's overall editorial judgment — not an average of the bars above, can weigh other factors too.

vulnerability-scanning security-templates cve-detection bug-bounty nuclei-engine
Actively maintained Community favorite Well documented Niche/specialized use case MIT licensed Production ready
Deep Analysis · Based on README and public signals
3w ago

12,000+ community-built templates powering nuclei's vulnerability scanning engine

nuclei-templates is the community-maintained content library for the nuclei scanner, providing YAML-based detection templates for security vulnerabilities across web apps, cloud infrastructure, network services, and more. It serves penetration testers, bug bounty hunters, red teams, and security engineers who use nuclei to automate vulnerability discovery at scale. With nearly 12,000 templates covering 3,587 CVEs and 1,496 actively exploited vulnerabilities (KEV), it is the primary reason nuclei has become a staple in offensive security workflows.

Origin

Created in April 2020 alongside the nuclei scanner by ProjectDiscovery. Grew from a small internal template set into a community-driven repository with hundreds of contributors, becoming the de facto template source for nuclei users within two years of launch.

Growth

Growth was driven primarily by the nuclei engine's rapid adoption in the bug bounty and penetration testing communities, where reusable, shareable templates provided immediate practical value. CISA KEV coverage and high-profile CVE templates attracted enterprise security teams. Community contribution culture — with clear templates for submissions — sustained momentum as the template count scaled to nearly 12,000.

In production

Nuclei itself has 29,000+ stars and is widely documented in use by bug bounty platforms (HackerOne, Bugcrowd workflows), enterprise security teams, and government agencies referencing CISA KEV coverage. The template repository's 3,530 forks and active Discord community provide indirect but credible evidence of broad real-world usage.

Code analysis
Architecture

Appears to be a flat-to-hierarchical collection of YAML template files organized by category (http, cloud, file, network, code, dast, dns, ssl, workflows). Based on README, templates are declarative definitions consumed by the nuclei engine rather than executable code. The repository itself is content, not a software application.

Tests

Not documented in README. ProjectDiscovery likely validates templates through their own CI pipeline, but no explicit test coverage metrics or framework is described in the README.

Maintenance

Exceptionally active as of June 21, 2026 — last push was the same day as the evaluation date (2026-06-21 05:03:44). With 873 directories and 11,997 files, the repository is continuously updated. This indicates daily or near-daily contributions from maintainers and community members.

Honest verdict

ADOPT IF: you are using nuclei for penetration testing, bug bounty hunting, or automated vulnerability scanning — the templates are a required component, not optional. AVOID IF: you need a standalone vulnerability scanner without building expertise in the nuclei ecosystem; the templates have no value outside of the nuclei engine. MONITOR IF: you are a defensive security team evaluating nuclei for continuous attack surface monitoring, as template quality and false positive rates vary across the community-contributed set.

Independent dimensions

Mainstream potential

7/10

Technical importance

8/10

Adoption evidence

8/10

Risks
  • Template quality is uneven across the community-contributed set — some templates may produce false positives or be poorly scoped, requiring user-side validation before use in sensitive environments.
  • The repository is tightly coupled to the nuclei engine; breaking changes in nuclei's template syntax can render older templates non-functional, creating maintenance debt across nearly 12,000 files.
  • Malicious or overly aggressive templates could be submitted by community contributors before maintainer review catches them, creating potential for unintended harm if templates are run without review.
  • Coverage depth is high for web/HTTP vectors but thinner for some cloud-native and emerging attack surfaces; users may find gaps in specialized domains.
  • Organizational dependency risk: ProjectDiscovery is a venture-backed company; changes in business model or priorities could affect the open contribution model or template update cadence.
Prediction

The template library will likely continue growing steadily as nuclei adoption expands into enterprise security toolchains and CI/CD pipelines, with KEV coverage becoming an increasingly cited metric for enterprise buyers.

0 found this helpful

Newsletter

Get analyses like this every Monday

Free weekly digest of the most interesting open-source discoveries.

Languages

JavaScript
100%

Information

Language
JavaScript
License
MIT
Last updated
8h ago
Created
76mo ago
Analyzed with
anthropic/claude-haiku-4-5

Stars over time

Loading…

Contributors over time

Top 100 contributors only — repos with more will plateau at 100.

Loading…

Similar repos

projectdiscovery

projectdiscovery/nuclei

Nuclei is a high-performance vulnerability scanner built in Go that uses...

29.6k Go Security
topscoder

topscoder/nuclei-wordfence-cve

A specialized security tool that provides 77,335 Nuclei vulnerability scanning...

1.3k Python Security
xm1k3

xm1k3/cent

Cent is a Go-based tool that aggregates Nuclei templates from multiple...

adysec

adysec/nuclei_poc

Nuclei POC is a centralized repository that aggregates, categorizes, and...

projectdiscovery

projectdiscovery/vulnx

vulnx is a modern CLI tool for searching, filtering, and analyzing...

2.6k Go Security
vs. alternatives
PayloadsAllTheThings

A reference payload collection for manual testing, not tied to an automated scanner. Complementary rather than competing — nuclei-templates is machine-executable, PayloadsAllTheThings is human-referenced.

Metasploit modules

Metasploit modules are exploitation-focused and require deeper interaction; nuclei-templates are detection/discovery focused and designed for high-speed, low-noise scanning at scale. Different operational phase.

Burp Suite BChecks

Burp's BCheck templates are a newer community format tied to a commercial tool. nuclei-templates has a larger existing library and wider community; BChecks are more tightly integrated with Burp's interactive proxy workflow.

OpenVAS/Greenbone NASL plugins

NASL plugins are mature and enterprise-oriented but harder to write and contribute to. nuclei templates use simpler YAML syntax, lowering the contribution barrier significantly.

reconftw

reconftw is a full recon automation framework that consumes nuclei-templates as a dependency rather than competing with it. They operate at different abstraction levels.