From 20faf73e4936c31ee6622dfca5656549234f7c2f Mon Sep 17 00:00:00 2001 From: Keith Chason Date: Mon, 11 Sep 2023 11:06:11 -0400 Subject: [PATCH] Documentation updates for running (#4138) --- docs/getting-started/running.mdx | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/docs/getting-started/running.mdx b/docs/getting-started/running.mdx index 3f68b74322..81f1356314 100644 --- a/docs/getting-started/running.mdx +++ b/docs/getting-started/running.mdx @@ -406,7 +406,7 @@ Feel free to play with these flags to tune your nuclei scan speed and accuracy. Many BugBounty platform/programs requires you to identify the HTTP traffic you make, this can be achieved by setting custom header using config file at `$HOME/.config/nuclei/config.yaml` or CLI flag `-H / header` -Setting custom header using config file88 +Setting custom header using config file ```yaml # Headers to include with each request. @@ -498,7 +498,7 @@ nuclei -l urls.txt -include-tags iot,misc,fuzz ### Scan on internet database -Nuclei supports integration with [uncover module](https://github.com/projectdiscovery/uncover)that supports services like Shodan, Censys, Hunter, Zoomeye, many more to execute Nuclei on these databases. +Nuclei supports integration with [uncover module](https://github.com/projectdiscovery/uncover) that supports services like Shodan, Censys, Hunter, Zoomeye, many more to execute Nuclei on these databases. Here are uncover options to use - @@ -584,8 +584,8 @@ For enterprises dealing with large-scale scanning, optimizing Nuclei can be a bu User should select **Scan Strategy** based on number of targets and Each strategy has its own pros & cons. -- When targets < 1000 . `template-spray` should be used . this strategy is slightly faster than `host-spray` but uses more RAM and doesnot optimally reuse connections. -- When targets > 1000 . `host-spray` should be used . this strategy uses less RAM than `template-spray` and reuses HTTP connections along with some minor improvements and these are crucial when mass scanning. +- When targets < 1000, `template-spray` should be used. This strategy is slightly faster than `host-spray` but uses more RAM and does not optimally reuse connections. +- When targets > 1000, `host-spray` should be used. This strategy uses less RAM than `template-spray` and reuses HTTP connections along with some minor improvements and these are crucial when mass scanning. ### Concurrency & Bulk-Size @@ -607,7 +607,7 @@ This option should only be enabled if targets > 10k . This skips any type of sor ## Nuclei **Config** -> Since release of [v.2.3.2](https://blog.projectdiscovery.io/nuclei-v2-3-0-release/) nuclei uses [goflags](https://github.com/projectdiscovery/goflags) for clean CLI experience and long/short formatted flags. +> Since release of [v2.3.2](https://blog.projectdiscovery.io/nuclei-v2-3-0-release/) nuclei uses [goflags](https://github.com/projectdiscovery/goflags) for clean CLI experience and long/short formatted flags. > > [goflags](https://github.com/projectdiscovery/goflags) comes with auto-generated config file support that coverts all available CLI flags into config file, basically you can define all CLI flags into config file to avoid repetitive CLI flags that loads as default for every scan of nuclei. > @@ -810,18 +810,18 @@ Nuclei supports SARIF export of valid findings with `-se, -sarif-export` flag. T nuclei -l urls.txt -t cves/ -sarif-export report.sarif ``` -It is also possible to visualize Nuclei results using **sarif** file. +It is also possible to visualize Nuclei results using **SARIF** files. -1. By Uploading SARIF File to [SARIF Viewer](https://microsoft.github.io/sarif-web-component/) +1. By uploading a SARIF file to [SARIF Viewer](https://microsoft.github.io/sarif-web-component/) -2. By Uploading SARIF File to Github Actions +2. By uploading a SARIF file to []Github Actions](https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github) -more info [here](https://github.com/projectdiscovery/nuclei/pull/2925). +More info on the SARIF output is documented [here](https://github.com/projectdiscovery/nuclei/pull/2925). These are **not official** viewers of Nuclei and `Nuclei` has no liability towards any of these options to visualize **Nuclei** results. These are just - some publicly available options to visualize SARIF File. + some publicly available options to visualize SARIF files. ## Scan **Metrics**