Course 3 - Mastering Nuclei for Bug Bounty | Episode 3: Scanning Lists, Metrics, Template Writing, and Proxying

In this lesson, you’ll learn about:Feeding targets to Nuclei: enumerating subdomains (e.g., Subfinder), validating live hosts with HTTPX, and supplying host lists to Nuclei via STDIN or the -l flag; importance of prepending http:// / https:// when needed.Tool maintenance: updating Nuclei from the terminal using nuclei -update to get the latest templates and fixes.Real-time monitoring: enabling -metrics to view live scan stats (duration, errors, matches, total requests) in your browser (e.g., localhost:9092/metrics).Custom template authoring — structure & blocks: building id and info blocks (name, author, severity, tags, description, references) and crafting requests with dynamic path variables (base-url, root-url, hostname, host, port) for flexible templates.Request methods & dynamics: using various HTTP methods (GET, POST, etc.) and leveraging dynamic variables to make templates reusable across many hosts.Using a proxy with Nuclei: configuring a proxy (e.g., Burp Suite) so Nuclei’s requests can be intercepted, examined, and modified for deeper testing.Operational tips: validate custom templates locally with -debug before wide runs, keep Nuclei updated, monitor metrics during large scans, and always respect scope and rate limits to avoid harming targets.You can listen and download our episodes for free on more than 10 different platforms:https://linktr.ee/cybercode_academy