nuclearpond v0.2.2 releases: run Nuclei in the cloud

by do son · Published · Updated

Nuclear Pond

Nuclear Pond is used to leverage Nuclei in the cloud with unremarkable speed and flexibility, and perform internet-wide scans for far less than a cup of coffee.

It leverages AWS Lambda as a backend to invoke Nuclei scans in parallel, the choice of storing json findings in s3 to query with AWS Athena and is easily one of the cheapest ways you can execute scans in the cloud.

Features

  • Output results to your terminal, as json, or to an S3 data lake
  • Specify threads and parallel invocations in any desired number of batches
  • Specify any Nuclei arguments just like you would locally
  • Specify a single host or from a file

Infrastructure

The backend infrastructure, all within terraform module. I would strongly recommend reading the readme associated to it as it will have some important notes.

  • Lambda function
  • S3 bucket
    • Stores nuclei binary
    • Stores configuration files
    • Stores findings
  • Glue Database and Table
    • Allows you to query the findings in S3
    • Partitioned by the hour
    • Partition projection
  • IAM Role for Lambda Function

Changelog v0.2.2

  • Nuclei failures, exit code status 1, will still output cmd output for debugging
  • Massively improved private nuclei templates through github terraform provider on release tags
  • Added full support for nuclei configuration files

Install & Use

Copyright (c) 2023, Jonathan Walker

Tags: nuclearpondNucleiNuclei cloud