Automic VaultAutomic Vault

brew

Install nuclei with Homebrew, apk, dnf, MacPorts, Nix, scoop

HTTP/DNS scanner configurable via YAML templates. Version 3.11.0 via Homebrew; verified 2026-07-06.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install nuclei

local Homebrew formula metadata

MacPortsverified · 94%
sudo port install nuclei

MacPorts ports tree · security/nuclei/Portfile · source: api.github.com

Linux

Alpine Linux apkverified · 92%
sudo apk add nuclei

Alpine Linux edge package indexes · nuclei · source: dl-cdn.alpinelinux.org

Fedora dnfverified · 92%
sudo dnf install nuclei

Fedora Rawhide package metadata · nuclei · source: dl.fedoraproject.org

Nixverified · 92%
nix profile install nixpkgs#nuclei

nixpkgs package indexes · pkgs/by-name/nu/nuclei/package.nix · source: api.github.com

Windows

Scoopverified · 92%
scoop install main/nuclei

Scoop official bucket manifest trees · bucket/nuclei.json · source: api.github.com

overview

Package summary

HTTP/DNS scanner configurable via YAML templates

Commands and aliases

  • nuclei

history

Project history and usage

Nuclei is ProjectDiscovery's Go-based, template-driven vulnerability scanner. Its core package identity is the split between a fast scanning engine and a community-maintained YAML template ecosystem.

Project history

The nuclei repository was created on 2020-04-03, and the companion nuclei-templates repository followed on 2020-04-04. The README describes Nuclei as a modern high-performance scanner using simple YAML templates to model real vulnerability checks with low false positives.

ProjectDiscovery's documentation and README emphasize extensibility: templates can cover HTTP, DNS, TCP, SSL, WHOIS, JavaScript, code, file, headless, and other protocol modes, with bulk scanning, template filtering, workflows, output formats, and CI/CD integration.

Adoption history

Nuclei's adoption is inseparable from nuclei-templates. The template repository describes itself as a community-curated list for the nuclei engine; on 2026-07-01 its README statistics listed 11,997 files, 873 directories, thousands of CVE/vulnerability/discovery tags, and KEV-oriented coverage.

The upstream README says Nuclei is used and contributed to by Fortune 500 enterprises, government agencies, and universities. It is common in bug bounty, attack-surface management, pentest regression, and DevSecOps workflows because checks can be shared as small YAML files rather than compiled scanner plugins.

How it is used

Typical package use starts with `nuclei -u target` or `nuclei -l targets.txt`, then narrows by template path, tags, severity, protocol type, or template ID. Users update templates, run new templates only, export JSONL or reports, write custom templates, and chain Nuclei after discovery tools that produce host or URL lists.

Security teams use it as a repeatable regression scanner: turn a finding into a template, commit the template, rerun it across staging or production, and keep checking that the vulnerability does not reappear.

Why package nerds care

Nuclei matters because it made the packageable unit of vulnerability knowledge a readable YAML template. That lowered the cost of sharing checks across bug bounty hunters, consultancies, and internal security teams.

Timeline

  • 2020-04-03: nuclei GitHub repository created.
  • 2020-04-04: nuclei-templates GitHub repository created.
  • 2026-07-01: point-in-time template README statistics listed 11,997 files and 873 directories.

Related projects

  • nuclei-templates
  • ProjectDiscovery httpx
  • ProjectDiscovery subfinder
  • ProjectDiscovery naabu
  • Interactsh

security posture

Risk level: blue

broad file, network, media, or database tool signal.

Risk classifier

blue risk · medium confidence · tool

Why

  • broad file, network, media, or database tool signal

Signals

  • text:http

Install behavior

  • No Homebrew post-install hook is recorded in formula metadata.
  • Homebrew bottle metadata is available for 6 platform targets.
  • Build metadata lists 1 build dependencies.

Recommended review

Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.

local files

Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.

Configuration files

Config paths the tool may read or write during local use.

Unix
~/.config/nuclei/config.yaml

Credential files

Credential-bearing paths to review before unattended agent runs.

Unix
~/.pdcp/credentials.yaml

executables

Installed executables

CommandKindExposureNote
nucleicliglobal executable

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version3.11.0
manager updated2026-07-06
local dataok
upstreamcurrent
latest detectedv3.11.0

https://github.com/projectdiscovery/nuclei

  • okNo freshness warnings were generated.

install metadata

Package metadata

Package keybrew:nuclei
Version3.11.0
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/nuclei
Homepagehttps://docs.projectdiscovery.io/tools/nuclei/overview
Repositoryhttps://github.com/projectdiscovery/nuclei
Upstream docshttps://docs.projectdiscovery.io/opensource/nuclei
LicenseMIT
Source archivehttps://github.com/projectdiscovery/nuclei/archive/refs/tags/v3.11.0.tar.gz
Last updated2026-07-06T10:13:48Z
Pulseupdated
Build dependenciesgo
Bottleavailable (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-installnot defined
Servicenone declared

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Namenuclei
Version Scheme0
Revision0
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

source database matches

Other package-manager records

Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.

Nix95%

nuclei

nix profile install nixpkgs#nuclei
  • normalized package name match
  • Matched by: Nuclei
nixpkgs package indexes · api.github.com · nixpkgs package indexes: pkgs/by-name/nu/nuclei/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
apk95%

nuclei 3.8.0-r1

Vulnerability scanner built on a simple YAML-based DSL

https://docs.projectdiscovery.io/tools/nuclei

sudo apk add nuclei
  • License: MIT
  • Architecture: x86_64
  • Source Package: nuclei
  • 1 provides
  • normalized package name match
  • Matched by: Nuclei
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: nuclei from https://dl-cdn.alpinelinux.org/alpine/edge/testing/x86_64/APKINDEX.tar.gz
apk95%

nuclei-doc 3.8.0-r1

Vulnerability scanner built on a simple YAML-based DSL (documentation)

https://docs.projectdiscovery.io/tools/nuclei

sudo apk add nuclei-doc
  • License: MIT
  • Architecture: x86_64
  • Source Package: nuclei
  • normalized package name match
  • Matched by: Nuclei
Alpine Linux edge package indexes · dl-cdn.alpinelinux.org · Alpine Linux edge package indexes: nuclei-doc from https://dl-cdn.alpinelinux.org/alpine/edge/testing/x86_64/APKINDEX.tar.gz
dnf95%

nuclei 3.8.0-1.fc45

Fast, customizable YAML-based vulnerability scanner

https://github.com/projectdiscovery/nuclei

sudo dnf install nuclei
  • License: 0BSD AND Apache-2.0 AND BSD-2-Clause AND BSD-2-Clause-Views AND BSD-3-Clause AND GPL-2.0-only AND ISC AND MIT AND MPL-2.0 AND Sleepycat AND Unlicense
  • Category: Unspecified
  • Architecture: x86_64
  • Source Package: nuclei
  • 3 dependencies
  • 2 provides
  • normalized package name match
  • Matched by: Nuclei
Fedora Rawhide package metadata · dl.fedoraproject.org · Fedora Rawhide package metadata: nuclei from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst
MacPorts95%

nuclei

sudo port install nuclei
  • normalized package name match
  • Matched by: Nuclei
MacPorts ports tree · api.github.com · MacPorts ports tree: security/nuclei/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1
Scoop95%

main/nuclei

scoop install main/nuclei
  • normalized package name match
  • Matched by: Nuclei
Scoop official bucket manifest trees · api.github.com · Scoop official bucket manifest trees: bucket/nuclei.json from https://api.github.com/repos/ScoopInstaller/Main/git/trees/master?recursive=1

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated configuration and credential file locations
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment