├── LICENSE
├── NucProbe.sh
├── README.md
└── TemplateFetcher.sh
/LICENSE:
--------------------------------------------------------------------------------
1 | MIT License
2 |
3 | Copyright (c) 2023 Behzad Derakhshan Nia
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining a copy
6 | of this software and associated documentation files (the "Software"), to deal
7 | in the Software without restriction, including without limitation the rights
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 |
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 |
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 |
--------------------------------------------------------------------------------
/NucProbe.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | nuclei_templates="/root/nuclei-templates"
4 | output_dir="./output"
5 | previous_output="$output_dir/previous_output.txt"
6 | #diff_output="$output_dir/diff_output.txt"
7 | log_file="$output_dir/scan_log.txt"
8 | update_log="$output_dir/update_log.txt"
9 | targets_file="targets.txt"
10 | templates_version_file="$output_dir/templates_version.txt"
11 | DIRECTORY="./templates"
12 |
13 | # Function to log messages
14 | log() {
15 | echo "$(date +'%Y-%m-%d %H:%M:%S') - $1" >> "$log_file"
16 | }
17 |
18 | # Function to send notifications
19 | send_notification() {
20 | echo -e "$1" | notify -silent -id nucprobe -bulk
21 | }
22 |
23 | # Function to update Nuclei engine
24 | update_engine() {
25 | log "Checking for Nuclei engine update..."
26 | current_version=$(nuclei -version | awk '{print $3}')
27 | latest_version=$(curl -s https://api.github.com/repos/projectdiscovery/nuclei/releases/latest | grep tag_name | awk '{print $2}' | tr -d '",')
28 | if [[ "$current_version" == "$latest_version" ]]; then
29 | log "Nuclei engine is already up to date."
30 | send_notification "Nuclei engine is already up to date."
31 | return 0
32 | else
33 | log "Nuclei engine update found. Updating to version $latest_version..."
34 | update_output=$(nuclei -update 2>&1)
35 | if [[ $update_output =~ "nuclei is already updated to latest version" ]]; then
36 | log "Nuclei engine is already up to date."
37 | send_notification "Nuclei engine is already up to date."
38 | return 0
39 | else
40 | log "Nuclei engine update completed."
41 | send_notification "Nuclei engine update completed,Starting nuclei scanning with new engine."
42 | return 1
43 | fi
44 | fi
45 | }
46 |
47 | update_templates() {
48 | log "Checking for Nuclei templates update..."
49 | current_templates_version=$(nuclei -templates-version 2>&1)
50 | stored_templates_version=$(cat "$templates_version_file" 2>/dev/null)
51 |
52 | if [[ -z "$stored_templates_version" ]]; then
53 | log "No stored templates version found. Updating templates..."
54 | send_notification "No stored templates version found. Updating templates..."
55 | nuclei -update-templates >> "$update_log" 2>&1
56 | log "Nuclei templates update completed."
57 | send_notification "Nuclei templates update completed,Starting nuclei scanning with new templates."
58 | echo "$current_templates_version" > "$templates_version_file" # Update the stored templates version
59 | return 1
60 | elif [[ "$current_templates_version" != "$stored_templates_version" ]]; then
61 | log "Nuclei templates update found. Updating..."
62 | send_notification "Nuclei templates update found. Updating..."
63 | nuclei -update-templates >> "$update_log" 2>&1
64 | log "Nuclei templates update completed."
65 | send_notification "Nuclei templates update completed,Starting nuclei scanning with new templates."
66 | echo "$current_templates_version" > "$templates_version_file" # Update the stored templates version
67 | return 1
68 | else
69 | log "Nuclei templates are already up to date."
70 | send_notification "Nuclei templates are already up to date."
71 | if [[ -z "$stored_templates_version" ]]; then
72 | echo "$current_templates_version" > "$templates_version_file" # Update the stored templates version
73 | fi
74 | return 0
75 | fi
76 | }
77 |
78 |
79 | # Function to perform Nuclei scan
80 | perform_scan() {
81 | local current_output="$1"
82 | log "Running Nuclei scan on targets..."
83 | nuclei -t "$nuclei_templates" -l "$targets_file" -o "$current_output" -severity low,medium,high,critical,unknown >> "$log_file" 2>&1
84 | if [[ $? -eq 0 ]]; then
85 | log "Nuclei scan completed. Output saved to $current_output"
86 | else
87 | log "Nuclei scan failed. Check $log_file for details."
88 | fi
89 | }
90 |
91 |
92 | # Function to compare current and previous outputs
93 | compare_outputs() {
94 | local current_output="$1"
95 | if [[ -f "$previous_output" && -f "$current_output" ]]; then
96 | added_output=$(cat "$current_output" | anew "$previous_output")
97 | if [[ -z "$added_output" ]]; then
98 | log "No new items found in the current output."
99 | send_notification "No new items found in the current output."
100 | else
101 | log "New items found in the current output and updated in $previous_output"
102 |
103 | summary=$(echo "$added_output" | awk '{print "- Added:", $0}')
104 | send_notification "New items added:\n\`\`\`$summary\`\`\`"
105 |
106 | fi
107 | fi
108 | }
109 | TemplateFetcher() {
110 | local core_output=$(./TemplateFetcher.sh)
111 |
112 | if [[ "$core_output" == "No new files detected" ]]; then
113 | # No new files found, send message on Discord
114 | send_notification "No new templates found in the repository."
115 | else
116 | # New files found, run Nuclei scan against new templates
117 | # Send notification and Discord message
118 | send_notification "New templates detected. Starting nuclei scanning with new templates."
119 |
120 | # Find the last timestamped directory
121 | LAST_DIR=$(ls -td "$DIRECTORY"/*/ | head -n 1)
122 |
123 | # Check if any timestamped directory exists
124 | if [ -n "$LAST_DIR" ]; then
125 | LAST_TIMESTAMP=$(basename "$LAST_DIR")
126 | echo "Last timestamped directory: $LAST_TIMESTAMP"
127 |
128 | # Run Nuclei scan and capture the output
129 | scan_output=$(nuclei -t "$DIRECTORY/$LAST_TIMESTAMP" -l "$targets_file" -o "$current_output" -severity low,medium,high,critical,unknown 2>&1)
130 |
131 | if [ -z "$scan_output" ]; then
132 | # Scan output is empty, send message indicating no findings
133 | send_notification "Nuclei scan completed. No findings were detected."
134 | else
135 | # Scan output is not empty, send the output as a notification
136 | send_notification "Nuclei scan completed with findings:\n\`\`\`$scan_output\`\`\`"
137 |
138 | fi
139 | else
140 | echo "No timestamped directories found"
141 | fi
142 | fi
143 | }
144 |
145 | TemplateFetcher
146 |
147 | # Create output directory if it doesn't exist
148 | mkdir -p "$output_dir"
149 |
150 | # Check if previous output file exists
151 | if [[ ! -f "$previous_output" ]]; then
152 | # Scenario 1: Previous output not found
153 | current_templates_version=$(nuclei -templates-version 2>&1)
154 | stored_templates_version=$(cat "$templates_version_file" 2>/dev/null)
155 | echo "$current_templates_version" > "$templates_version_file"
156 | perform_scan "$previous_output"
157 |
158 | else
159 | # Check for Nuclei engine update
160 | update_engine_status=0
161 | if ! update_engine; then
162 | update_engine_status=1
163 | fi
164 |
165 | # Check for Nuclei templates update
166 | update_templates_status=0
167 | if ! update_templates; then
168 | update_templates_status=1
169 | fi
170 |
171 | # If either the engine or templates need updating, perform scan
172 | if [[ $update_engine_status -eq 1 || $update_templates_status -eq 1 ]]; then
173 | # Run Nuclei scan and save the output
174 | current_output="$output_dir/output_$(date +'%Y%m%d%H%M%S').txt"
175 | perform_scan "$current_output"
176 |
177 | # Compare the current output with the previous output
178 | compare_outputs "$current_output"
179 | else
180 | log "No updates found. Skipping Nuclei scan."
181 | fi
182 | fi
183 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | 
5 |
6 | Automate Nuclei scans and streamline bug hunting workflows
7 |
8 |
9 | 
10 | 
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 | # NucProbe - Automating Nuclei Scans for Bug Hunters
19 |
20 | NucProbe is a Bash script designed for bug hunters, offering a streamlined and efficient approach to conducting comprehensive security assessments using the Nuclei scanner. With its automated features, NucProbe empowers bug hunters to stay ahead of the game and maximize their productivity. Let's explore why NucProbe is an invaluable tool for bug hunters:
21 |
22 | Read more about NucProbe in my Medium article: [Automating Nuclei Scans for Bug Hunters with NucProbe](https://medium.com/@ReverseTEN/nucprobe-automating-nuclei-scans-for-bug-hunters-29f378897f61)
23 |
24 |
25 |
26 |
27 | ## Why Use NucProbe?
28 |
29 | 1. **Saves Time and Effort**: NucProbe automates several crucial tasks, such as updating the Nuclei engine and managing Nuclei templates. Bug hunters can focus on analyzing scan results and identifying vulnerabilities rather than spending time on manual updates.
30 |
31 | 2. **Keeps Templates Up to Date**: NucProbe ensures that you always have the latest version of Nuclei templates. It automatically fetches and updates templates from the official [projectdiscovery/nuclei-templates](https://github.com/projectdiscovery/nuclei-templates) repository and ***downloading the latest templates from the commits*** ensuring you have access to the most up-to-date detection capabilities.
32 |
33 | 3. **Effortless Scanning**: Conducting Nuclei scans becomes a breeze with NucProbe. Simply list your target URLs or IP addresses in the `targets.txt` file, and NucProbe will handle the scanning process, saving the output for analysis.
34 |
35 | 4. **Output Comparison**: NucProbe provides a convenient way to compare the current scan output with the previous one. This feature helps bug hunters quickly identify any new findings or changes, ensuring that no potential vulnerabilities go unnoticed.
36 |
37 | 5. **Customizable Notifications**: NucProbe allows you to set up custom notifications based on your preferred method. you can easily integrate it using the `send_notification` function, keeping you informed about scan results, updates, and new findings.
38 |
39 | ## Features
40 |
41 | NucProbe offers a range of powerful features tailored to bug hunters' needs:
42 |
43 |
44 | - **TemplateFetcher**: NucProbe's TemplateFetcher is a powerful feature that simplifies bug hunting by automatically downloading the latest templates from the commits in the official projectdiscovery/nuclei-templates repository. By fetching templates directly from commits, TemplateFetcher ensures bug hunters stay up to date with the most recent and effective templates, enabling them to efficiently identify emerging threats and vulnerabilities through Nuclei scans.
45 |
46 | - **Nuclei Engine Management**: Automatically checks for updates to the Nuclei engine and performs the update if necessary. This ensures you are always using the latest version with improved performance and bug fixes.
47 |
48 | - **Nuclei Templates Management**: Fetches the latest Nuclei templates from the official repository and keeps them up to date. You can leverage the continually evolving detection capabilities provided by the Nuclei community.
49 |
50 | - **Efficient Scanning**: Conducts comprehensive Nuclei scans on specified targets, saving the output in an organized manner for further analysis and action. This allows you to focus on reviewing the results and identifying potential vulnerabilities.
51 |
52 | - **Output Comparison**: NucProbe streamlines bug hunting by automatically comparing the latest scan output with the previous one. This powerful feature enables bug hunters to effortlessly identify new items, receive timely notifications for discovered vulnerabilities or changes, and stay ahead of the game. With comprehensive output comparison and real-time notifications, NucProbe ensures thorough analysis, maximizing the effectiveness of bug hunting efforts.
53 |
54 |
55 |
56 | ## Workflow :
57 |
58 | This workflow provides a more detailed overview of the steps involved in NucProbe's operation, including setting up directories, updating the Nuclei engine, fetching templates, executing scans, and sending notifications.
59 |
60 |
61 | ```mathematica
62 | ├── 1. Start
63 | │
64 | ├── 2. Clone NucProbe repository
65 | │
66 | ├── 3. Download YAML files
67 | │ │
68 | │ ├── For each commit in the repository
69 | │ │ │
70 | │ │ ├── Get commit details
71 | │ │ │
72 | │ │ ├── Extract YAML file URL and filename
73 | │ │ │
74 | │ │ └── Download YAML file
75 | │ │
76 | │ └── Update list of downloaded files
77 | │
78 | ├── 4. Check for new files
79 | │ │
80 | │ └── If new files were downloaded
81 | │ │
82 | │ ├── 5. Set up directories
83 | │ │ │
84 | │ │ ├── Create output directory if it doesn't exist
85 | │ │ │
86 | │ │ └── Set paths for template and scan output directories
87 | │ │
88 | │ ├── 6. Update Nuclei engine
89 | │ │ │
90 | │ │ └── Download latest Nuclei engine binary
91 | │ │ │
92 | │ │ └── Start new scan with updated engine
93 | │ │
94 | │ ├── 7. Fetch latest templates
95 | │ │ │
96 | │ │ ├── Get list of available templates
97 | │ │ │
98 | │ │ ├── Download new/updated templates
99 | │ │ │
100 | │ │ └── Merge templates with existing ones
101 | │ │ │
102 | │ │ └── Start new scan with updated templates
103 | │ │
104 | │ ├── 8. Execute Nuclei scans
105 | │ │ │
106 | │ │ ├── Read target URLs/IPs from targets.txt file
107 | │ │ │
108 | │ │ ├── For each target
109 | │ │ │ │
110 | │ │ │ ├── Run Nuclei scan with specified templates
111 | │ │ │ │
112 | │ │ │ └── Save scan output to scan output directory
113 | │ │ │ │
114 | │ │ │ └── Compare output with previous scan
115 | │ │ │
116 | │ │ └── Send notification for new findings
117 | │ │
118 | │ └── 9. Send notification
119 | │ │
120 | │ └── Notify user about new files, engine updates, and scan completion
121 | │
122 | └── 10. End
123 |
124 |
125 |
126 | ```
127 |
128 |
129 |
130 |
131 |
132 | ## Get Started with NucProbe
133 |
134 | To start utilizing the power of NucProbe, follow these simple steps:
135 |
136 | 1. **Clone the NucProbe repository**:
137 |
138 | ```bash
139 | git clone https://github.com/ReverseTEN/nucprobe.git
140 | cd nucprobe
141 | chmod +x NucProbe.sh TemplateFetcher.sh
142 |
143 | ```
144 |
145 | 2. **Requirements:**
146 |
147 | Before running the script, ensure that the following packages are installed:
148 |
149 | - [nuclei](https://github.com/projectdiscovery/nuclei) : Fast and customizable vulnerability scanner based on simple YAML based DSL.
150 | - [anew](https://github.com/tomnomnom/anew) : a tool that filters out elements from a list that already exist in another list.
151 | - [notify](https://github.com/projectdiscovery/notify) : notify is a lightweight and user-friendly tool that makes it easy to send notifications to messaging platforms like Slack, Discord, and Telegram.
152 |
153 |
154 | 3. **Configure the Directories**:
155 |
156 | Set Up GitHub Access Token:
157 |
158 | Obtain a GitHub access token to access the Nuclei templates repository. Replace `` in the script with your actual token.
159 |
160 | Configure Notification Settings:
161 |
162 | Customize the `send_notification` function according to your preferred notification method.
163 |
164 | Provide Target URLs/IPs:
165 |
166 | List the target URLs or IP addresses you want to scan in the `targets.txt` file. Ensure each target is on a new line.
167 |
168 |
169 | Run NucProbe:
170 |
171 | To automate the NucProbe script and schedule it to run at a custom interval, you can easily set up a cron job.
172 |
173 | ```bash
174 |
175 | */ * * * * /path/to/NucProbe.sh
176 |
177 | ```
178 |
179 | NucProbe will automatically handle the Nuclei engine updates, template fetching, and scanning process. Sit back and let it do the heavy lifting for you!
180 |
181 |
182 |
183 | ## Contributing :
184 |
185 | Contributions to NucProbe are highly welcome! If you encounter any issues, have suggestions, or want to contribute improvements to the tool, please feel free to open an issue or submit a pull request. Your contributions will enhance NucProbe's functionality and benefit the bug hunting community.
186 |
187 | ## License :
188 |
189 | NucProbe is released under the MIT License. Feel free to use, modify, and distribute the script as per the license terms.
190 |
191 | ## Disclaimer:
192 |
193 | Please note that the use of NucProbe or any other security assessment tool should comply with the applicable laws and regulations. Usage of this script for any unauthorized or malicious activities is strictly prohibited.
194 |
--------------------------------------------------------------------------------
/TemplateFetcher.sh:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | # Replace with your actual GitHub token
4 | TOKEN=""
5 | REPO="projectdiscovery/nuclei-templates"
6 | OUTPUT_DIR="./templates"
7 | PREVIOUS_FILE_LIST="./previous_files.txt"
8 |
9 | # Create the output directory if it doesn't exist
10 | mkdir -p "$OUTPUT_DIR"
11 |
12 | # Function to send a notification
13 | send_notification() {
14 | # Add your notification logic here (e.g., sending an email, using a messaging service, etc.)
15 | echo "$1"
16 | }
17 |
18 | # Function to download a YAML file given the URL and desired filename
19 | download_yaml() {
20 | local YAML_URL=$1
21 | local FILE_NAME=$2
22 | local OUTPUT_DIR=$3
23 |
24 | # Download the YAML file and save it to the output directory
25 | OUTPUT_FILE="$OUTPUT_DIR/$FILE_NAME"
26 | wget -q --header="Authorization: token $TOKEN" "$YAML_URL" -O "$OUTPUT_FILE"
27 | }
28 |
29 | # Check if the previous file list exists
30 | if [ -f "$PREVIOUS_FILE_LIST" ]; then
31 | # Read the previous file list into an array
32 | mapfile -t PREVIOUS_FILES < "$PREVIOUS_FILE_LIST"
33 | else
34 | # Create an empty array if the previous file list doesn't exist
35 | PREVIOUS_FILES=()
36 | fi
37 |
38 | # Get the list of commit hashes from the GitHub API
39 | COMMITS=$(curl -s -H "Authorization: token $TOKEN" "https://api.github.com/repos/$REPO/commits" | grep '"sha":' | awk -F'"' '{print $4}')
40 |
41 | # Array to store the newly downloaded files
42 | NEW_FILES=()
43 |
44 | # Iterate over the commit hashes and download YAML files in parallel
45 | for COMMIT in $COMMITS; do
46 | # Get the commit details from the GitHub API
47 | COMMIT_DETAILS=$(curl -s -H "Authorization: token $TOKEN" "https://api.github.com/repos/$REPO/commits/$COMMIT")
48 |
49 | # Extract the YAML file URL and filename from the commit details
50 | YAML_URL=$(echo "$COMMIT_DETAILS" | grep -oP '(?<="raw_url": ")[^"]+')
51 | FILE_NAME=$(echo "$COMMIT_DETAILS" | grep -oP '(?<="filename": ")[^"]+' | sed 's#.*/##')
52 |
53 | # Check if the file has the .yaml extension and has not already been downloaded
54 | if [[ $FILE_NAME == *.yaml && ! " ${PREVIOUS_FILES[@]} " =~ " $FILE_NAME " ]]; then
55 | # Download the YAML file
56 | download_yaml "$YAML_URL" "$FILE_NAME" "$OUTPUT_DIR"
57 | NEW_FILES+=("$FILE_NAME")
58 | PREVIOUS_FILES+=("$FILE_NAME")
59 | fi
60 | done
61 |
62 | # Save the updated list of downloaded files for future comparison
63 | printf "%s\n" "${PREVIOUS_FILES[@]}" > "$PREVIOUS_FILE_LIST"
64 |
65 | # Check if new files were downloaded
66 | if [ ${#NEW_FILES[@]} -gt 0 ]; then
67 | # Create a new directory with a timestamped name
68 | TIMESTAMP=$(date +"%Y%m%d%H%M%S")
69 | NEW_DIR="$OUTPUT_DIR/$TIMESTAMP"
70 |
71 | # Move the downloaded files to the new directory
72 | mkdir -p "$NEW_DIR"
73 | for FILE in "${NEW_FILES[@]}"; do
74 | mv "$OUTPUT_DIR/$FILE" "$NEW_DIR/$FILE"
75 | done
76 |
77 | send_notification "New files detected: ${NEW_FILES[*]}. Saved in directory: $NEW_DIR"
78 | else
79 | send_notification "No new files detected"
80 | fi
81 |
--------------------------------------------------------------------------------