Learn how to fuzz with nuclei
Welcome to the companion website for "Fuzzing Frontiers: Exploring Unknown Unknown Vulnerabilities," where you'll find additional resources, templates, and in-depth guides to enhance your security testing toolkit.
http:
...
payloads:
injection: # Variable name for payload
- "'"
...
fuzzing:
- part: query # One of query, path, header, cookie, body
type: postfix # Type of rule (prefix, postfix, replace, infix,replace-regex)
mode: single # mutation mode (single, multiple) (ex: replace all existing kv pairs at once or one by one)
# replace-regex: # (optional) regex to be used in replace-regex type
# keys-regex: # (optional) limit this rule to specific keys of the request part using regex
# keys: # (optional) limit this rule to specific keys of request part
# values: # (optional) limit this rule to specific values of the request part using regex
fuzz:
- "{{injection}}" # The payload to be injected
Dive deeper
Learn More
Use the resources below to learn more about fuzzing with nuclei!
Fuzzing for Unknown Vulnerabilities with Nuclei v3.2
Read the blog post introducing the 3.2 version of Nuclei, which introduced advanced fuzzing capabilities.
Documentation
Read the official documentation for Nuclei to learn more about the tool and its fuzzing capabilities.
Example Templates
See the DAST
folder of the Nuclei template repository for example templates to get started with fuzzing.
Join our Discord
Join the Project Discovery Discord server to chat with other security researchers and ask questions about fuzzing.