‹ Reports
The Dispatch

OSS Report: projectdiscovery/nuclei-templates

Nuclei Templates Repository Sees Surge in New Vulnerability Templates Amidst Community Collaboration

The Nuclei Templates project, a key resource for security vulnerability detection, has experienced a notable increase in contributions with a focus on adding templates for new and historical CVEs, highlighting the community's commitment to maintaining an up-to-date repository for security professionals.

Recent Activity

Recent pull requests (PRs) and issues indicate a strong emphasis on expanding the repository's coverage of vulnerabilities. PRs such as #10578 and #10577 demonstrate ongoing efforts to document both recent and older vulnerabilities, ensuring comprehensive coverage. Additionally, PRs like #10574 and #10569 show an expansion into configuration checks and specific application vulnerabilities, diversifying the repository's offerings.

Development Team Activity

Of Note

  1. High Volume of Commits: The repository has an exceptionally high number of commits relative to its age, indicating active development.
  2. Focus on Reducing False Positives: Many contributions aim to improve template accuracy by reducing false positives, enhancing reliability.
  3. Diverse Template Categories: Contributions span multiple categories, including cloud configurations and web vulnerabilities, demonstrating versatility.
  4. Automation Role: GitHub Actions play a significant role in routine maintenance, allowing developers to focus on critical tasks.
  5. Community Engagement: Active discussions and feedback from maintainers foster a collaborative environment crucial for sustained project growth.

The Nuclei Templates project continues to thrive with active community involvement and a clear focus on expanding its library of vulnerability detection templates, ensuring it remains a valuable asset for security professionals.

Quantified Reports

Quantify commits



Quantified Commit Activity Over 30 Days

Developer Avatar Branches PRs Commits Files Changes
GitHub Action 3 0/0/0 34 267 4883
Deleted user 1 0/0/0 70 248 3705
Prince Chaddha 2 3/3/0 8 55 2961
Dhiyaneshwaran 3 25/25/0 32 33 577
Ritik Chaddha 3 14/12/0 17 17 346
ctflearner 1 6/2/2 12 6 344
pussycat0x 3 11/11/0 13 10 158
Parshva 1 2/2/0 3 2 90
Sandeep Singh 1 1/0/0 2 2 90
Muhammad Daffa 1 5/4/0 3 3 34
Dominique RIGHETTO 1 5/5/0 1 1 34
[PDBot] 3 0/0/0 19 2 28
Dwi Siswanto 1 6/6/0 7 4 15
Krzysztof Zając 1 6/2/1 2 1 10
Rishi 1 15/11/0 1 1 5
None (FR19) 0 1/0/0 0 0 0
None (eeche) 0 2/0/0 0 0 0
Mathieu Geli (gelim) 0 1/1/0 0 0 0
None (Co5mos) 0 2/2/0 0 0 0
Icaro Torres (icarot) 0 2/2/0 0 0 0
None (nechyo) 0 2/0/1 0 0 0
None (nodauf) 0 1/0/0 0 0 0
我会啊D,明小子,御剑 (pwnhxl) 0 2/0/0 0 0 0
4shen0ne (zrquan) 0 1/0/1 0 0 0
Noel Varghese (NoelV11) 0 1/1/0 0 0 0
r00t (adeljck) 0 8/4/3 0 0 0
None (aredspy) 0 1/0/0 0 0 0
J4vaovo (j4vaovo) 0 1/1/0 0 0 0
Mohammed Adnan Jakati (jackhax) 0 1/0/0 0 0 0
johnk3r (johnk3r) 0 1/1/0 0 0 0
None (nukunga) 0 1/0/0 0 0 0
None (pdteamx) 0 13/7/2 0 0 0
Chris (samatbh) 0 1/0/0 0 0 0
SuMinSim (sim4110) 0 1/0/0 0 0 0
Jinwoo,Ha (woo4826) 0 1/0/0 0 0 0
YJ Choi (yjeongc) 0 1/0/0 0 0 0
Ian Shaneyfelt (ShaneIan) 0 1/0/0 0 0 0
SungU Kang (ingbunga) 0 1/0/0 0 0 0
Jiyun Kim (jyjyjy25) 0 1/0/0 0 0 0
Philippe Delteil (pdelteil) 0 2/1/0 0 0 0
AmirHossein Raeisi (Ahsraeisi) 0 5/5/0 0 0 0
Halil (Kazgangap) 0 14/11/0 0 0 0
Ikko Eltociear Ashimine (eltociear) 0 1/1/0 0 0 0
DongyoungKim (kairos-hk) 0 4/0/0 0 0 0
lanyi (lanyi1998) 0 1/1/0 0 0 0
shlee__ (oIfloraIo) 0 1/0/0 0 0 0
soonghee2 (soonghee2) 0 2/0/1 0 0 0
Asteria (asteria121) 0 1/0/0 0 0 0
Brian Walker (bobAKAbill) 0 1/0/0 0 0 0
Taeyang Kim (chae1xx1os) 0 1/0/0 0 0 0
박철준 (cheoljun99) 0 1/0/0 0 0 0
None (non-things) 0 1/0/0 0 0 0
None (nqdung2002) 0 1/0/0 0 0 0
None (divatchyano) 0 1/1/0 0 0 0
Ryan Randell (rrandellusa) 0 1/0/0 0 0 0
None (sagarwal395) 0 1/0/0 0 0 0
Ethan Carter (thefoggiest) 0 2/0/0 0 0 0
Yejune Ko (KoYejune0302) 0 2/0/0 0 0 0
None (cl4irv0yance) 0 1/0/0 0 0 0
Aman Rawat (theamanrawat) 0 1/0/0 0 0 0
None (tomorrow9913) 0 1/0/0 0 0 0
None (LovelySpartan) 0 1/0/0 0 0 0
Garrett Rappaport (syntacticNaCl) 0 1/0/0 0 0 0
Tarun Koyalwar (tarunKoyalwar) 0 1/1/0 0 0 0
None (willmccardell) 0 1/0/0 0 0 0
None (persona-twotwo) 0 1/0/0 0 0 0
None (CodeStuffBreakThings) 0 1/0/0 0 0 0

PRs: created by that dev and opened/merged/closed-unmerged during the period

Quantify Issues



Recent GitHub Issues Activity

Timespan Opened Closed Comments Labeled Milestones
7 Days 9 5 5 0 1
30 Days 32 15 21 0 1
90 Days 74 54 88 0 1
1 Year 253 200 427 2 1
All Time 1478 1396 - - -

Like all software activity quantification, these numbers are imperfect but sometimes useful. Comments, Labels, and Milestones refer to those issues opened in the timespan in question.

Detailed Reports

Report On: Fetch issues



Recent Activity Analysis

The GitHub repository for Nuclei Templates has seen significant activity, with 82 open issues currently. Recent submissions include a variety of templates addressing vulnerabilities such as CVE-2023-43494 and CVE-2024-5421, alongside discussions about false positives and template improvements. Notably, there are multiple reports of false positives related to existing templates, indicating potential issues with matcher logic or template specificity.

A common theme among recent issues is the identification of vulnerabilities that have become obsolete due to changes in the underlying platforms (e.g., GitHub Pages and Shopify), leading to calls for template removals or updates. Additionally, there are ongoing discussions regarding the accuracy of matchers, particularly in relation to HTTP status codes and response content.

Issue Details

Here are some of the most recently created and updated issues:

  1. Issue #10552: Github Pages Subdomain Takeover No Longer Detected

    • Priority: High
    • Status: Open
    • Created: 5 days ago
    • Updated: N/A
    • Description: The issue highlights that the detection method for GitHub Pages takeover needs updating due to changes in GitHub's 404 page content.

  2. Issue #10550: Added CVE-2023-43494 Template

    • Priority: Medium
    • Status: Open
    • Created: 5 days ago
    • Updated: N/A
    • Description: A new template for Jenkins vulnerability CVE-2023-43494 has been added.

  3. Issue #10548: [nuclei-template]

    • Priority: Medium
    • Status: Open
    • Created: 5 days ago
    • Updated: N/A
    • Description: This issue discusses a template related to Spring Boot actuators and their potential security misconfigurations.

  4. Issue #10537: CVE-2024-5421

    • Priority: High
    • Status: Open
    • Created: 6 days ago
    • Updated: N/A
    • Description: A new template addressing an authenticated file disclosure vulnerability in SEH UTN Server Pro/ProMAX has been proposed.

  5. Issue #10514: Update GitHub Pages Takeover Detection Templates

    • Priority: High
    • Status: Open
    • Created: 10 days ago
    • Updated: N/A
    • Description: This issue requests updates to existing templates to reflect new policies by GitHub regarding domain verification.

  6. Issue #10495: CVE-2018-11784 FP

    • Priority: Medium
    • Status: Open
    • Created: 12 days ago
    • Updated: N/A
    • Description: Reports a false positive issue related to a specific CVE detection template.

  7. Issue #10471: Error

    • Priority: Low
    • Status: Open
    • Created: 13 days ago
    • Updated: N/A
    • Description: A user reports an error related to headless template execution.

  8. Issue #10446: CVE-2024-41955

    • Priority: Medium
    • Status: Open
    • Created: 19 days ago
    • Updated: 6 days ago
    • Description: Discusses a newly proposed template for an open redirect vulnerability in MobSF.

Important Observations

  • There is a notable trend of users reporting false positives across various templates, particularly those related to subdomain takeovers and outdated vulnerabilities.
  • Several issues indicate that existing templates need updates or removals due to changes in the platforms they target, such as GitHub and Shopify.
  • The community is actively engaged in discussions about improving matcher logic to reduce false positives and enhance detection accuracy.

This analysis reflects a dynamic environment where contributors are actively working on improving the quality and relevance of templates while addressing emerging vulnerabilities.

Report On: Fetch pull requests



Overview

The analysis of the pull requests (PRs) for the projectdiscovery/nuclei-templates repository reveals a total of 102 open PRs, with a significant focus on adding new templates for various CVEs and improving existing ones. The recent activity indicates a robust community engagement with a steady influx of contributions aimed at enhancing the repository's capabilities.

Summary of Pull Requests

  1. PR #10578: add CVE-2024-7928

    • State: Open
    • Created: 0 days ago
    • Significance: Adds a new template for CVE-2024-7928, demonstrating ongoing efforts to keep the repository updated with the latest vulnerabilities.

  2. PR #10577: Added CVE-2020-15906 Template

    • State: Open
    • Created: 0 days ago
    • Significance: Introduces another CVE template, reflecting the ongoing commitment to document vulnerabilities from past years.

  3. PR #10575: add cve-2023-40504

    • State: Open
    • Created: 1 day ago
    • Significance: Continues the trend of adding recent vulnerabilities, showcasing the repository's responsiveness to emerging threats.

  4. PR #10574: Create jackett-installer.yaml

    • State: Open
    • Created: 1 day ago
    • Significance: Adds a configuration template, indicating an expansion beyond just CVEs to include installation and configuration checks.

  5. PR #10570: Added template for CVE-2024-1728

    • State: Open
    • Created: 3 days ago
    • Significance: Another addition to the growing list of CVE templates, emphasizing the proactive approach in vulnerability management.

  6. PR #10569: Added template for jackett-exposed-ui

    • State: Open
    • Created: 3 days ago
    • Significance: Targets specific application vulnerabilities, diversifying the types of checks available in the repository.

  7. PR #10562: Malwared BYOB RCE

    • State: Open
    • Created: 3 days ago
    • Significance: Focuses on malware detection, indicating an expansion into broader security concerns beyond just CVEs.

  8. PR #10551: Added CVE-2023-43494 Template

    • State: Open
    • Created: 5 days ago
    • Significance: Addresses a specific vulnerability in Jenkins, showing attention to widely used software in enterprise environments.

  9. PR #10549: Adding CVE-2023-46818.yaml

    • State: Open
    • Created: 5 days ago
    • Significance: Continues to build on the repository's extensive library of templates for known vulnerabilities.

  10. PR #10546: CVE-2023-1315.yaml

    • State: Open
    • Created: 5 days ago
    • Significance: Adds yet another layer of security checks by documenting an XSS vulnerability.

Analysis of Pull Requests

The recent surge in pull requests reflects an active and engaged community dedicated to maintaining and expanding the nuclei-templates repository. The focus on adding templates for newly discovered vulnerabilities (CVEs) is evident, as seen in PRs like #10578, #10577, and #10575. This trend indicates that contributors are not only keeping pace with emerging threats but also ensuring that historical vulnerabilities are documented and addressed.

A notable aspect is the diversity of contributions; while many PRs are centered around CVEs, there are also contributions aimed at enhancing existing templates or addressing false positives (e.g., PRs #10559 and #10558). This indicates a commitment to improving the accuracy and reliability of security checks within the Nuclei framework.

The presence of comments from maintainers such as Georgina Reeder and Ritik Chaddha highlights a collaborative environment where contributors receive feedback and encouragement. This interaction fosters a sense of community and shared purpose among contributors, which is crucial for sustaining long-term engagement in open-source projects.

However, there are some anomalies worth noting. For instance, several older PRs remain open or have been marked as "waiting for more info," suggesting potential bottlenecks in the review process or a need for clearer guidelines on contributions. Additionally, some PRs have been marked as duplicates or are on hold due to unresolved issues (e.g., PRs #10488 and #10484), which could hinder progress if not addressed promptly.

Overall, the repository exhibits strong growth dynamics with frequent updates and community involvement. The emphasis on both new vulnerabilities and improvements to existing templates positions it as a valuable resource for security professionals seeking to enhance their vulnerability scanning capabilities using Nuclei. The active engagement from contributors ensures that the project remains relevant in an ever-evolving threat landscape.

Report On: Fetch commits



Repo Commits Analysis

Development Team and Recent Activity

Team Members and Recent Contributions

  1. Ritik Chaddha (ritikchaddha)

    • Recent Activity:
    • Merged multiple pull requests adding templates for various dashboard authentication vulnerabilities (sonarr, radarr, prowlarr, whisparr).
    • Updated existing templates to reduce false positives.
    • Created a new template for the KIALI login panel.
    • Collaboration: Worked closely with Dhiyaneshwaran on CVE-related templates.

  2. Prince Chaddha (princechaddha)

    • Recent Activity:
    • Updated scripts in the .github directory.
    • Contributed to the Azure templates by adding activity log templates and fixing lint errors.
    • Collaboration: Engaged in merging and updating workflows alongside Ritik.

  3. Dhiyaneshwaran (DhiyaneshGeek)

    • Recent Activity:
    • Contributed significantly with 32 commits, focusing on adding CVE templates and updating existing ones.
    • Collaborated on multiple pull requests related to CVEs and dashboard vulnerabilities.
    • Collaboration: Worked with Ritik on various vulnerability detection templates.

  4. Krzysztof Zając (kazet)

    • Recent Activity:
    • Made minor updates to existing templates, focusing on reducing false positives.
    • Collaboration: Primarily worked independently but contributed to template improvements.

  5. Dominique RIGHETTO (righettod)

    • Recent Activity:
    • Added detection templates for specific panels (e.g., KIALI).
    • Collaboration: Collaborated with Ritik on related pull requests.

  6. Sandeep Singh (ehsandeep)

    • Recent Activity:
    • Added metadata for a new vulnerability template and made updates to existing ones.
    • Collaboration: Engaged in collaborative efforts for template enhancements.

  7. Muhammad Daffa (daffainfo)

    • Recent Activity:
    • Focused on fixing false positives in existing templates.
    • Collaboration: Worked independently but contributed to community discussions.

  8. Parshva87 (Parshva)

    • Recent Activity:
    • Made minor updates to CVE-related templates.
    • Collaboration: Primarily focused on individual contributions.

  9. Ghost User (actions-user)

    • Recent Activity:
    • Automated updates for WordPress plugins through GitHub Actions.
    • Collaboration: No direct collaboration noted; automated processes run independently.

Patterns and Themes

  • The team is actively engaged in enhancing the repository's capabilities by adding new templates for vulnerability detection, particularly focusing on CVEs and specific application vulnerabilities.
  • Collaboration is evident among team members, especially between Ritik and Dhiyaneshwaran, who frequently work together on related pull requests.
  • Automation plays a significant role in maintaining the repository, as seen with the contributions from the GitHub Action user that handles routine updates.
  • The focus on reducing false positives indicates a commitment to improving the quality of the templates and ensuring their reliability in real-world applications.

Conclusions

The development team is highly active, with recent contributions reflecting a strong emphasis on both adding new features and refining existing ones. The collaborative environment fosters innovation while maintaining high standards for template accuracy and effectiveness. The use of automation tools further enhances productivity, allowing developers to focus more on critical tasks rather than routine maintenance.