Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place

Overview

cent

Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place

Install

go get -u github.com/xm1k3/cent

Supported commands

Command Description
update Update your repository

Root flags

Flags:
      --config string   config file (default is $HOME/.cent.yaml)
  -C, --console         Print console output
  -h, --help            help for cent
  -k, --keepfolders     Keep folders (by default it only saves yaml files)
  -n, --name string     Name of the main folder
  -p, --path string     Path to save the templates

Update flags

Flags:
  -d, --directories   Remove unnecessary folders from updated $HOME/.cent.yaml
  -f, --files         Remove unnecessary files from updated $HOME/.cent.yaml
  -h, --help          help for update

Usage

cent -h
cent update -h

Example

▶ cent -p {YOUR PATH} -n community-nuclei-templates -k
▶ cent update -p {YOUR PATH} -d -f

Config

You need to configure cent parameters in $HOME/.cent.yaml

# Directories to exclude
exclude-dirs:
  - .git

# Files to exclude
exclude-files:
  - README.md
  - .gitignore
  - .pre-commit-config.yaml
  - LICENCE

# Add github urls
community-templates:
  - https://github.com/geeknik/the-nuclei-templates.git
  - https://github.com/pikpikcu/nuclei-templates.git
  - https://github.com/panch0r3d/nuclei-templates.git
  - https://github.com/ARPSyndicate/kenzer-templates.git
  - https://github.com/medbsq/ncl.git
  - https://github.com/foulenzer/foulenzer-templates.git
  - https://github.com/im403/nuclei-temp
  - https://github.com/System00-Security/backflow
  - https://github.com/geeknik/nuclei-templates-1
  - https://github.com/esetal/nuclei-bb-templates
  - https://github.com/notnotnotveg/nuclei-custom-templates
  - https://github.com/clarkvoss/Nuclei-Templates

Want to help?

"Buy Me A Coffee"

Credits

Comments
  • Duplicates Issue

    Duplicates Issue

    Hello!

    I installed the tool and also downloaded the templates but there are some duplicates, can you also add a way to remove duplicate templates after it is downloaded?? Because after every update I cannot remove the duplicate templates...

    And I edited the github urls in the .cent.yaml but the tool then also downloads the templates from removed urls.

    enhancement 
    opened by SAGEof6iixPATHS 11
  • how can I update all repositories daily?

    how can I update all repositories daily?

    Hello How can I update all repositories daily? I want to update all repositories that are included in .cent.yaml file. for example, if any repo added a new template to their git repo. I will download it tomorrow into my cent-nuclei-template folder. Thanks

    opened by Rahimianes 6
  • ERROR!! go/pkg/mod/github.com/xm1k3/cent@v0.0.0-20210805070318-b4084525c87e/pkg/jobs/jobs.go:7:2: package io/fs is not in GOROOT (/usr/lib/go-1.15/src/io/fs)

    ERROR!! go/pkg/mod/github.com/xm1k3/[email protected]/pkg/jobs/jobs.go:7:2: package io/fs is not in GOROOT (/usr/lib/go-1.15/src/io/fs)

    hello there,

    when i run this command GO111MODULE=on go get -u github.com/xm1k3/cent for install cent in my kali linux that time i got this error package io/fs is not in GOROOT here is the full detail GO111MODULE=on go get -u github.com/xm1k3/cent

    go: github.com/xm1k3/cent upgrade => v0.0.0-20210805070318-b4084525c87e go: golang.org/x/text upgrade => v0.3.6 go: github.com/mattn/go-colorable upgrade => v0.1.8 go: github.com/mattn/go-isatty upgrade => v0.0.13 go: golang.org/x/sys upgrade => v0.0.0-20210630005230-0f9fa26af87c go: gopkg.in/yaml.v2 upgrade => v2.4.0 go: github.com/fatih/color upgrade => v1.12.0 go: github.com/mitchellh/mapstructure upgrade => v1.4.1 go: github.com/mitchellh/go-homedir upgrade => v1.1.0 go: github.com/spf13/cast upgrade => v1.4.0 go/pkg/mod/github.com/xm1k3/[email protected]/pkg/jobs/jobs.go:7:2: package io/fs is not in GOROOT (/usr/lib/go-1.15/src/io/fs)

    here i attached screen shot 1

    some details about kali linux

    1. i run kali linux in vmware workstation14.1.3 build-9474260 with latest update of kali linux

    2)go version go1.15.9 linux/amd64

    3)cat /etc/*release PRETTY_NAME="Kali GNU/Linux Rolling" NAME="Kali GNU/Linux" ID=kali VERSION="2021.2" VERSION_ID="2021.2" VERSION_CODENAME="kali-rolling" ID_LIKE=debian ANSI_COLOR="1;31" HOME_URL="https://www.kali.org/" SUPPORT_URL="https://forums.kali.org/" BUG_REPORT_URL="https://bugs.kali.org/"

    so how can i solve this issue ? please guide me . Thanks

    wontfix 
    opened by d4715 4
  • Issue with moving files

    Issue with moving files

    When the app tries to move files it encounters an error with a space in the folder name:

    Error running shell command:  cp /tmp/cent1652100082/repo23/Template -3/detect-tracer-sc-web.yaml /root/nuclei-templates/Template -3/detect-tracer-sc-web.yaml   =>  exit status 1
    cp: invalid option -- '3'
    

    Folders with spaces are from this repo: https://github.com/NitinYadav00/My-Nuclei-Templates

    Also, this repo does not exist anymore

    https://github.com/joanbono/nuclei-templates https://github.com/xm1k3/cent/blob/main/.cent.yaml#L32

    opened by arnoldasr 2
  • How to find the last version of yaml

    How to find the last version of yaml

    Sorry, it is not a real issue.

    Some yaml files are present in several repo. Can you tell me how to find the most recent version of yaml file ?

    I use MD5 checksum of each file to remove same yaml files but after that, in some case, there are file have the same name/id but have different MD5 checksum and I don't know hox to select the more recent file. Use date of creation of file can be use but very sure, size of file ? peraphs, or ...

    Tell me if you have an idea, please ?

    Thank you for the very good tool !

    wontfix 
    opened by neoxeo 2
  • Update the installation command.

    Update the installation command.

    'go get' is no longer supported outside a module. So I change installation command to "GO111MODULE=on go install -v github.com/xm1k3/[email protected]" in README.md.

    opened by ramsayotaku 1
  • feature-request : ignore list for scanning

    feature-request : ignore list for scanning

    Hello Thanks for your awesome tool. I want to have a feature that can create ignore list to prevent scanning for an old CVE like CVE-2018-15473 and others. Thanks

    question wontfix 
    opened by Rahimianes 1
  • Installation Error

    Installation Error

    Below is the error I get while installing the tool

    ../go/pkg/mod/github.com/xm1k3/[email protected]/pkg/jobs/jobs.go:7:2: package io/fs is not in GOROOT (/usr/lib/go-1.15/src/io/fs)

    duplicate 
    opened by vipercyper04 1
  • Need A Help From You!!!

    Need A Help From You!!!

    Hello Brother,

    i hope you are doing well. i need your help regarding all repo of nuclei-templates. official nuclei link is this https://github.com/projectdiscovery/nuclei-templates we can add this link in cent tool's config file so we will get all details via cent tool with remove duplicates content. also you know they update their repo (nuclei-templates) regularly with adding some new stuffs . so my question is how can i getther all repo of nuclei-templates via cent tool . latest version v8.4.9 to first release version v1.1.0 i want these all repo so please guide me Thanks.

    wontfix 
    opened by d4715 1
  • Fix deduplication stability

    Fix deduplication stability

    Since the map-s in Go are unordered, this leads to the fact that duplicates can overwrite each other with each update. Here is an example of running one of the updates:

    Removed files:
            detect-drone.yaml
            flywheel_takeover.yaml
            sqli.yaml
            unauthenticated-jenkin-dashboard.yaml
    
    Added files:
            detect-drone-config.yaml
            flywheel-takeover.yaml
            sql-injection.yaml
            unaunthenticated-jenkin.yaml
    
    opened by zerodivisi0n 1
  • added threading to clones

    added threading to clones

    Dramatically increased the speed that the repositories are cloned by adding concurrency. You can set the number of workers by using the -t flag, the default is 10.

    opened by hakluke 1
  • Extending

    Extending

    You can extend using https://github.com/kankburhan/gampung.

    Also, I found many additional yaml files in https://github.com/adampielak/nuclei-templates

    opened by joostgrunwald 0
  • error

    error

    when running : >nuclei -l urls.txt -t cent-nuclei-templates -tags cve

    [←[31mWRN←[0m] Found 602 templates with syntax error (use -validate flag for further examination) [←[31mWRN←[0m] Found 4 templates with runtime error (use -validate flag for further examination)

    opened by sedorf 0
  • WRN

    WRN

    when i run nuclei -t /root/cent-nuclei-templates -u https://testphp.vulnweb.com -v

    most of tamplets be like this: [WRN] [api-apigee-edge] Could not make http request for https://apimonitoring.enterprise.apigee.com/alerts: unresolv [WRN] Syntax warnings for template /root/Recon/cent-nuclei-templates/CVE-2020-16139.yaml: yaml: unmarshal errors: line 4: field risk not found in type model.Info line 6: field params not found in type templates.Alias line 10: field endpoint not found in type yaml.MapItem line 14: field url not found in type http.Request line 17: cannot unmarshal !!seq into map[string]string line 18: field detections not found in type http.Request line 22: field references not found in type templates.Alias [WRN] Could not load template /root/Recon/cent-nuclei-templates/CVE-2017-10075.yaml: mandatory 'name' field is missing, mandatory 'author' field is missing, mandatory 'id' field is missing

    What can i do?

    question 
    opened by Shahad7278 1
Releases(v1.0)
Owner
Full-Stack developer Free time Bug Bounty Hunter
null
SingularityCE is the Community Edition of Singularity, an open source container platform designed to be simple, fast, and secure.

SingularityCE Guidelines for Contributing Pull Request Template Project License Documentation Support Citation SingularityCE is the Community Edition

Sylabs Inc. 398 Jan 5, 2023
The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

Axiom is a dynamic infrastructure framework to efficiently work with multi-cloud environments, build and deploy repeatable infrastructure focussed on

pry0cc 3.1k Dec 30, 2022
Naabu - a port scanning tool written in Go that allows you to enumerate valid ports for hosts in a fast and reliable manner

Naabu is a port scanning tool written in Go that allows you to enumerate valid ports for hosts in a fast and reliable manner. It is a really simple tool that does fast SYN/CONNECT scans on the host/list of hosts and lists all ports that return a reply.

null 0 Jan 2, 2022
High-Performance Shortlink ( Short URL ) app creator in Golang. For privacy reasons, you may prefer to host your own short URL app and this is the one to use.

About The Project Shortlink App in Golang Multiple Node based Architecture to create and scale at ease Highly performant key-value storage system Cent

null 131 Jan 3, 2023
Allows you to replace a secret in a file using secrets manager

secrets inserter Allows you to replace a secret in a file using secrets manager. ::SECRET:secret-name:SECRET:: will be replaced with your secret-name

null 0 Dec 12, 2021
Secretsmanager - Secrets management that allows you to store your secrets encrypted in git

I created secretsmanager to store some secrets within a repository. The secrets are encrypted at rest, with readable keys and editable JSON, so you can rename a key or delete it by hand. The cli tool handles the bare minumum of requirements.

Tit Petric 20 May 6, 2022
Tool to check whether one of your applications is affected by a vulnerability in log4j: CVE-2021-44228

log4shell.tools log4shell.tools is a tool allows you to run a test to check whether one of your applications is affected by a vulnerability in log4j:

Alexander Bakker 66 Nov 2, 2022
A fast tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin (CVE-2021-26855).

proxylogscan This tool to mass scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and imperson

dw1 145 Dec 26, 2022
A CLI tool that can be used to disrupt wireless connectivity in your area by jamming all the wireless devices connected to multiple access points.

sig-716i A CLI tool written in Go that can be used to disrupt wireless connectivity in the area accessible to your wireless interface. This tool scans

Narasimha Prasanna HN 73 Oct 14, 2022
PHP functions implementation to Golang. This package is for the Go beginners who have developed PHP code before. You can use PHP like functions in your app, module etc. when you add this module to your project.

PHP Functions for Golang - phpfuncs PHP functions implementation to Golang. This package is for the Go beginners who have developed PHP code before. Y

Serkan Algur 52 Dec 30, 2022
Pokes users on Slack about outstanding risks found by Crowdstrike Spotlight or vmware Workspace ONE so they can secure their own endpoint.

?? security-slacker Pokes users on Slack about outstanding risks found by Crowdstrike Spotlight or vmware Workspace ONE so they can secure their own e

Niels Hofmans 21 Nov 29, 2022
Curl & exec binary file in one step. Also a kind of stealth dropper.

curlNexec ?? Certainly useful , mainly for fun, rougly inspired by 0x00 article Short story curlNexec enable us to execute a remote binary on a local

Ariary 124 Jan 2, 2023
One Time Passwords (OTPs) are an mechanism to improve security over passwords alone.

otp: One Time Password utilities Go / Golang Why One Time Passwords? One Time Passwords (OTPs) are an mechanism to improve security over passwords alo

Paul Querna 1.6k Jan 7, 2023
Custom GPG pinentry program for macOS that allows using Touch ID for fetching the password from the macOS keychain.

pinentry-touchid Custom GPG pinentry program for macOS that allows using Touch ID for fetching the password from the macOS keychain. Macbook Pro devic

Jorge Luis Betancourt 308 Jan 1, 2023
evilginx2 is a man-in-the-middle attack framework used for phishing login credentials along with session cookies, which in turn allows to bypass 2-factor authentication protection.

evilginx2 is a man-in-the-middle attack framework used for phishing login credentials along with session cookies, which in turn allows to bypass 2-fac

null 0 Nov 4, 2021
PoC for CVE-2015-1635 / MS15-034 - HTTP.sys Allows Remote Code Execution / Check & DOS

CVE-2015-1635 PoC for CVE-2015-1635 / MS15-034 - HTTP.sys Allows Remote Code Execution / Check & DOS ./MS15-034 <URL> <RESOURCE> <FLAG [0 or 18]> Note

Nikola Kipariz Stamov 0 Nov 3, 2021
A RSA signing server model, allows to create valid signed certificates that cant be modified

Omega Description a RSA signing server model, allows to create valid signed certificates that cant be modified Requirements MySQL Server GoLang 1.17 I

null 0 Nov 15, 2021
🗺 Allows quick generation of basic network plans based on nmap and scan6 output.

NPlan Transforms nmap XML into intermediate JSON and generates a basic network plan in the DrawIO XML format. Installation Just run go install github.

Richard Keil 4 Mar 10, 2022
crowdsec 5.9k Jan 5, 2023