Share
## https://sploitus.com/exploit?id=A68AE6D0-0A36-5DBD-9A5D-96F12EAF0B1A
# Nuclei POCs

Nuclei POCs, updated daily

[Chinese](https://github.com/adysec/nuclei_poc/blob/main/README.md) | [English](https://github.com/adysec/nuclei_poc/blob/main/README_EN.md)

This project is a Python script used for batch cloning of GitHub projects, retrieving Nuclei POCs, and organizing them by category in folders. Additionally, GitHub Actions are used to automatically run the script daily. The code related to **format validation** has been updated. **When the `tmp/` directory does not exist in this project, all POC format checks will be completed**. After format verification and deduplication, there are now over 19w+ available POC scripts. *Note: POC scripts for the same CVE vulnerability may have different formats (language, references, etc.), resulting in duplicates. Currently, no technical solution can remove these duplicates. If you have a good solution, please submit an issue.*

## How to use

Clone the project and enter the directory:

```bash
git clone https://github.com/adysec/nuclei_poc
cd nuclei_poc
```

Use nuclei to call the poc scan command for the site:

```bash
./nuclei -t poc/ -u http://example.com
# Scan only certain POCs
./nuclei -t poc/web/ -u http://example.com
./nuclei -t poc/wordpress/ -u http://example.com
```

### Configuration

Configure the monitored GitHub projects in the `repo.csv` file. ### GitHub Actions

Set up GitHub Actions in the GitHub repository to automatically run the script daily. *Note: The `Workflow permissions` should be set to `Read and Write` permissions.*

## File structure

- `1-clone_repos.py`: Batch clones of monitored GitHub projects.
- `2-delete_duplicated.py`: Deletes duplicate POC scripts.
- `3-move_file.py`: Archives POC scripts into the `tmp` directory.
- `4-download_nuclei.py`: Downloads nuclei to verify POC validity.
- `5-check_poc.sh`: Verifies POC validity and moves them to the `poc` directory.
- `6-get_count.py`: Gets the number of archived POCs.
- `7-get_pocname.py`: Reads and writes the POC list to `poc.txt`.
- `check_poc.sh`: Verifies POC validity and packages them into `poc.zip` files.
- `repo.csv`: List of Nuclei POC repositories.
- `poc.txt`: List of archived POCs.
- `poc/`: Folder for categorized Nuclei POCs.
- ~~`clone-templates/`: Temporary folder for cloning GitHub projects.~~
- ~~`tmp/`: Temporary folder for deduplicating and categorizing Nuclei POC scripts.~~

## Thanks

Many people provided support and assistance during the development of this project. Special thanks go to the following individuals and projects:

### Projects

Thanks to [ProjectDiscovery](https://github.com/projectdiscovery/nuclei) for providing Nuclei tools and support from the open-source community. ### People

Thanks to [TajangSec](https://github.com/TajangSec) for their suggestions on optimizing and improving some of the code.