‹ Reports
The Dispatch

OSS Report: projectdiscovery/nuclei-templates

Nuclei Templates Project Sees Steady Contributions with Focus on Emerging Vulnerabilities

The Nuclei Templates repository, a community-driven project for enhancing security vulnerability detection, continues to receive active contributions, particularly in updating and adding templates for new vulnerabilities.

The project aims to provide a comprehensive collection of templates for the Nuclei engine, facilitating automated security scanning across various applications.

Recent Activity

Recent pull requests (PRs) demonstrate a robust effort to keep the repository current with the latest security threats. Notable PRs include updates for newly discovered vulnerabilities such as CVE-2024-24919 (#10787) and the addition of templates for emerging technologies like torchserve (#10770). The renaming of files for organizational clarity (#10785) also highlights ongoing improvements in repository management.

Development Team Activity

  1. Ritik Chaddha (ritikchaddha)

    • Created CVE templates: CVE-2024-8522, CVE-2024-40711.
    • Merged PRs related to CVEs.
    • Collaborated with Dhiyaneshwaran on updates.

  2. Dhiyaneshwaran (DhiyaneshGeek)

    • Contributed to CVE templates: CVE-2024-8503.
    • Merged PRs and updated templates.
    • Worked closely with Ritik Chaddha.

  3. Halil (Kazgangap)

    • Updated existing CVEs and fixed template errors.

  4. Deleted User (ghost)

    • Engaged in maintenance tasks like signing templates and updating metadata.

  5. Dominique Righettod (righettod)

    • Made minor updates and refactorings.

  6. Prince Chaddha (princechaddha)

    • Merged PRs and made minor updates.

  7. Daffainfo (daffainfo)

    • Renamed templates.

Of Note

Quantified Reports

Quantify Issues



Recent GitHub Issues Activity

Timespan Opened Closed Comments Labeled Milestones
7 Days 13 2 5 0 1
30 Days 26 25 26 0 1
90 Days 80 61 126 0 1
1 Year 251 200 460 2 1
All Time 1504 1421 - - -

Like all software activity quantification, these numbers are imperfect but sometimes useful. Comments, Labels, and Milestones refer to those issues opened in the timespan in question.

Quantify commits



Quantified Commit Activity Over 30 Days

Developer Avatar Branches PRs Commits Files Changes
Deleted user 3 0/0/0 150 802 33553
Dhiyaneshwaran 7 57/52/0 39 33 1026
Ritik Chaddha 7 29/26/0 32 29 657
Halil 1 28/27/0 10 8 417
Prince Chaddha 1 4/4/0 2 196 246
Dominique RIGHETTO 1 8/7/1 3 3 88
Muhammad Daffa 1 2/2/0 1 1 2
None (gy741) 0 1/1/0 0 0 0
None (h41th) 0 1/0/0 0 0 0
None (kazet) 0 1/0/1 0 0 0
sullo (sullo) 0 1/1/0 0 0 0
HAHWUL (hahwul) 0 1/1/0 0 0 0
Icaro Torres (icarot) 0 1/1/0 0 0 0
我会啊D,明小子,御剑 (pwnhxl) 0 1/0/1 0 0 0
Pugalarasan (0xPugal) 0 1/1/0 0 0 0
AmirMohammad Safari (Osb0rn3) 0 1/0/0 0 0 0
Ayoub Elaich (Sicks3c) 0 2/0/2 0 0 0
George (gmeghab) 0 1/1/0 0 0 0
None (nil0x42) 0 1/1/0 0 0 0
JeonSungHyun (nukunga) 0 1/0/0 0 0 0
None (pdteamx) 0 11/3/9 0 0 0
Rishi (rxerium) 0 2/2/0 0 0 0
Thabiso Chwene (Thabisocn) 0 1/1/0 0 0 0
Sandeep Singh (ehsandeep) 0 0/1/0 0 0 0
chuu (iuliu8899) 0 1/1/0 0 0 0
None (mastercho) 0 1/0/0 0 0 0
Ice3man (Ice3man543) 0 1/1/0 0 0 0
Vikas Gupta (iamxhunt3r) 0 1/1/0 0 0 0
mailler (mailler0xa) 0 1/1/0 0 0 0
None (pussycat0x) 0 3/1/0 0 0 0
Soltanali (soltanali0) 0 1/0/0 0 0 0
Dwi Siswanto (dwisiswant0) 0 4/4/0 0 0 0
Fazle Arefin (fazlearefin) 0 1/1/0 0 0 0
None (r3naissance) 0 1/1/0 0 0 0
Mohammad D. (userdehghani) 0 1/0/0 0 0 0
None (flyingllama87) 0 5/1/4 0 0 0
Parth Malhotra (parthmalhotra) 0 1/1/0 0 0 0
Patrik Fehrenbach (PatrikFehrenbach) 0 1/1/0 0 0 0
Bruno Teixeira (BrunoTeixeira1996) 0 1/1/0 0 0 0

PRs: created by that dev and opened/merged/closed-unmerged during the period

Detailed Reports

Report On: Fetch issues



Recent Activity Analysis

The recent activity in the projectdiscovery/nuclei-templates repository shows a significant influx of issues, with 83 open issues currently. Many of these issues are related to new vulnerabilities and template updates, reflecting an active engagement from contributors. Notably, several issues highlight critical vulnerabilities (e.g., CVE-2024-37032, CVE-2024-37085) that require immediate attention, while others address false positives and template inaccuracies.

A recurring theme is the identification of false positives across various templates, particularly those related to subdomain takeovers and specific vulnerability checks. This suggests a need for more stringent matcher criteria to reduce erroneous detections. Additionally, there are multiple requests for new templates targeting emerging vulnerabilities, indicating a proactive approach to security by the community.

Issue Details

Here are some of the most recently created and updated issues:

  1. Issue #10776

    • Title: Invalid reference link in worksite-takeover-workflow.yaml
    • Priority: Bug
    • Status: Open
    • Created: 2 days ago

  2. Issue #10760

    • Title: VICIdial Unauthenticated SQLi to RCE Exploit
    • Priority: New Template
    • Status: Open
    • Created: 3 days ago

  3. Issue #10759

    • Title: Ivanti EPM AgentPortal RCE Vulnerability
    • Priority: New Template
    • Status: Open
    • Created: 3 days ago

  4. Issue #10758

    • Title: Ivanti Cloud Service Appliance Command Injection Vulnerability
    • Priority: New Template
    • Status: Open
    • Created: 3 days ago
    • Edited: 2 days ago

  5. Issue #10747

    • Title: Exploits for CNEXT
    • Priority: New Template
    • Status: Open
    • Created: 7 days ago

  6. Issue #10463

    • Title: False negative in wordpress detection
    • Priority: False Negative
    • Status: Done
    • Created: 46 days ago
    • Edited: 7 days ago

  7. Issue #10669

    • Title: Template for CVE-2024-43360 - Zoneminder time based SQLi
    • Priority: Nuclei Template
    • Status: Open
    • Created: 16 days ago

  8. Issue #10659

    • Title: [Bug] Added more matcher, request, etc to fix https://github.com/projectdiscovery/nuclei/issues/5546 #10590
    • Priority: False Positive
    • Status: Closed
    • Created: 17 days ago

Analysis of Themes and Commonalities

  1. False Positives: A significant number of issues revolve around false positives generated by existing templates, indicating a potential need for refining matcher conditions to ensure accuracy.

  2. Emerging Vulnerabilities: The creation of new templates for recent vulnerabilities (CVE-2024 series) shows the community's responsiveness to current threats.

  3. Template Maintenance: Several issues highlight the need for ongoing maintenance and updates to existing templates to align with changes in vulnerability landscapes and application behaviors.

  4. Community Engagement: The active participation in discussions regarding template accuracy and effectiveness reflects a collaborative effort to enhance the overall quality of the repository.

This analysis underscores the importance of continuous improvement in template accuracy and responsiveness to emerging threats within the cybersecurity landscape.

Report On: Fetch pull requests



Overview

The analysis of the pull requests (PRs) from the Nuclei Templates repository reveals a dynamic and active community contributing to the enhancement of security vulnerability detection through automated templates. The PRs range from adding new templates for recently discovered vulnerabilities to refactoring existing ones for better performance and accuracy.

Summary of Pull Requests

  1. PR #10787: Update to CVE-2024-24919 with added description, references, and classification.
  2. PR #10785: Renaming of CVE-2024-45507.yaml to include the year in the path for better organization.
  3. PR #10777: Addition of CVE-2023-6275, contributing to the growing list of recognized vulnerabilities.
  4. PR #10773: Creation of CVE-2022-24637.yaml, expanding the coverage of historical vulnerabilities.
  5. PR #10772: Introduction of CVE-2024-28397.yaml, indicating active monitoring and updating of vulnerability databases.
  6. PR #10771: Addition of CVE-2024-45507.yaml, showcasing responsiveness to newly discovered vulnerabilities.
  7. PR #10770: Creation of torchserve-detect.yaml, indicating expansion into new technologies or frameworks.
  8. PR #10769: Addition of CVE-2023-43654.yaml, further updating the repository with recent vulnerabilities.
  9. PR #10768: Creation of open-web-analytics-panel.yaml, demonstrating the project's commitment to covering a wide range of applications and technologies.
  10. PR #10767: Addition of open-web-analytics-installer.yaml, indicating thoroughness in covering both installation and operational aspects of software.

Analysis of Pull Requests

The PRs reflect a robust effort by contributors to keep the Nuclei Templates repository up-to-date with the latest security vulnerabilities across various software and platforms. The inclusion of both newly discovered vulnerabilities (e.g., CVE-2024 series) and historical ones (e.g., CVE-2022 series) suggests a comprehensive approach to vulnerability management.

Key Themes:

  1. Active Contribution: The frequency and variety of PRs indicate an active community contributing to the project, enhancing its utility and effectiveness in vulnerability detection.

  2. Comprehensive Coverage: The addition of templates for different technologies (e.g., torchserve) and specific applications (e.g., open-web-analytics) shows a broad scope in terms of coverage, making Nuclei a versatile tool for security professionals.

  3. Responsive Updates: The quick turnaround in adding templates for newly discovered vulnerabilities reflects the project's responsiveness to emerging security threats.

  4. Organizational Improvements: Efforts like renaming files for better organization (as seen in PR #10785) highlight an ongoing commitment to maintaining a well-organized repository that is easy to navigate and use.

  5. Community Engagement: The diverse contributors and their active engagement through PRs suggest a healthy community ecosystem around the project, fostering collaboration and knowledge sharing.

Notable Anomalies:

  • The repository's ability to quickly adapt to new vulnerabilities while also refining existing templates for accuracy and efficiency is commendable.
  • The inclusion of detailed commit messages and validation efforts by contributors indicates a high level of diligence and professionalism within the community.

Overall, the analysis underscores the importance of community-driven efforts in enhancing cybersecurity tools like Nuclei, ensuring they remain effective against evolving threats.

Report On: Fetch commits



Repo Commits Analysis

Development Team and Recent Activity

Team Members:

  1. Ritik Chaddha (ritikchaddha)

    • Recent Activity:
    • Created multiple CVE templates including CVE-2024-8522, CVE-2024-40711, and CVE-2024-5276.
    • Merged several pull requests related to CVEs and vulnerabilities.
    • Collaborated with Dhiyaneshwaran on various updates and fixes.
    • Active in signing templates and generating checksums.

  2. Dhiyaneshwaran (DhiyaneshGeek)

    • Recent Activity:
    • Contributed extensively to CVE templates, including CVE-2024-8503 and CVE-2024-45622.
    • Merged numerous pull requests and made updates to existing templates.
    • Worked alongside Ritik Chaddha on multiple projects, indicating strong collaboration.

  3. Halil (Kazgangap)

    • Recent Activity:
    • Focused on updating existing CVEs and fixing errors in templates.
    • Collaborated with Ritik Chaddha on various updates.

  4. Deleted User (ghost)

    • Recent Activity:
    • Engaged in routine maintenance tasks such as signing templates, generating checksums, and updating metadata.
    • Contributed significantly to the overall commit count but lacks identifiable contributions due to anonymity.

  5. Dominique Righettod (righettod)

    • Recent Activity:
    • Made minor updates and refactorings to existing templates.

  6. Prince Chaddha (princechaddha)

    • Recent Activity:
    • Involved in merging pull requests and making minor updates.

  7. Daffainfo (daffainfo)

    • Recent Activity:
    • Contributed a single commit related to template renaming.

Patterns and Themes:

  • High Collaboration: Ritik Chaddha and Dhiyaneshwaran frequently collaborated on multiple pull requests, indicating a strong team dynamic.
  • Focus on Security Vulnerabilities: The majority of recent commits involve creating or updating CVE-related templates, reflecting the project's focus on security vulnerabilities.
  • Routine Maintenance: The ghost user’s contributions highlight ongoing maintenance activities essential for the repository's health.
  • Active Development: The team shows consistent activity with a high number of commits across various branches, suggesting a robust development cycle.

Conclusions:

The development team is actively engaged in enhancing the Nuclei Templates repository with a strong emphasis on security vulnerabilities. Collaboration among team members is evident, particularly between Ritik Chaddha and Dhiyaneshwaran. Routine maintenance tasks are being handled effectively by the ghost user, ensuring the repository remains up-to-date and functional. Overall, the team's commitment to security and collaborative development is commendable.