Listen to this Post
In the world of cybersecurity, staying ahead of vulnerabilities is crucial. One powerful tool for this is Nuclei, a fast and customizable vulnerability scanner. This article will guide you on how to create new Nuclei templates for exploitable CVEs using CVEmap, a tool that helps identify CVEs with public proofs of concept, marked as exploitable by CISA, and are remotely exploitable.
You Should Know:
1. Installing CVEmap:
To get started, you need to install CVEmap. You can do this using the following command:
go install github.com/0xricksanchez/cvemap@latest
2. Running CVEmap with Specific Flags:
CVEmap allows you to filter CVEs based on specific criteria. Here’s how you can use it:
cvemap -k -t=false -poc -re
– `-k` or -kev: Filters CVEs marked as exploitable by CISA.
– `-t=false` or -template=false: Filters CVEs that do not have public Nuclei templates.
– -poc: Filters CVEs that have a publicly available proof of concept.
– `-re` or -remote: Filters CVEs that are remotely exploitable.
3. Creating a Nuclei Template:
Once you have identified a CVE, you can create a Nuclei template. Here’s a basic example of a Nuclei template for a CVE:
id: CVE-2023-12345
info:
name: Example CVE Template
author: YourName
severity: high
description: |
This is a template for CVE-2023-12345, which is a remotely exploitable vulnerability.
requests:
- method: GET
path:
- "{{BaseURL}}/vulnerable-endpoint"
matchers:
- type: word
words:
- "vulnerable string"
4. Testing the Template:
After creating the template, you can test it using Nuclei:
nuclei -t cve-template.yaml -u https://target.com
5. Automating the Process:
You can automate the process of finding CVEs and creating templates using a simple bash script:
#!/bin/bash cvemap -k -t=false -poc -re | while read -r cve; do echo "Creating template for $cve" <h1>Add your template creation logic here</h1> done
What Undercode Say:
Creating Nuclei templates for exploitable CVEs is a powerful way to enhance your cybersecurity toolkit. By using CVEmap, you can efficiently identify CVEs that are both exploitable and lack existing templates. This not only helps in staying ahead of potential threats but also contributes to the broader cybersecurity community by sharing these templates.
Expected Output:
- CVEmap Installation: Successful installation of CVEmap using the `go install` command.
- CVE Filtering: A list of CVEs that meet the specified criteria (exploitable, no existing Nuclei templates, public POC, and remotely exploitable).
- Nuclei Template Creation: A YAML file that defines the Nuclei template for a specific CVE.
- Template Testing: Successful execution of the Nuclei template against a target URL.
- Automation Script: A bash script that automates the process of finding CVEs and creating templates.
By following these steps, you can effectively create and utilize Nuclei templates to identify and mitigate vulnerabilities in your systems.
References:
Reported By: Deepak Saini – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅



