{"id":48297705,"url":"https://github.com/revoltsecurities/nuclei-sdk","last_synced_at":"2026-04-07T01:00:32.944Z","repository":{"id":348492079,"uuid":"1197370398","full_name":"RevoltSecurities/nuclei-sdk","owner":"RevoltSecurities","description":null,"archived":false,"fork":false,"pushed_at":"2026-04-01T10:37:51.000Z","size":196,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-04-06T00:08:02.956Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/RevoltSecurities.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-03-31T14:27:22.000Z","updated_at":"2026-04-01T10:37:55.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/RevoltSecurities/nuclei-sdk","commit_stats":null,"previous_names":["revoltsecurities/nuclei-sdk"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/RevoltSecurities/nuclei-sdk","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RevoltSecurities%2Fnuclei-sdk","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RevoltSecurities%2Fnuclei-sdk/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RevoltSecurities%2Fnuclei-sdk/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RevoltSecurities%2Fnuclei-sdk/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/RevoltSecurities","download_url":"https://codeload.github.com/RevoltSecurities/nuclei-sdk/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RevoltSecurities%2Fnuclei-sdk/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31495466,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-06T17:22:55.647Z","status":"ssl_error","status_checked_at":"2026-04-06T17:22:54.741Z","response_time":112,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-04-04T23:38:46.648Z","updated_at":"2026-04-07T01:00:32.914Z","avatar_url":"https://github.com/RevoltSecurities.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# nuclei-sdk\n\n[![Go Reference](https://pkg.go.dev/badge/github.com/RevoltSecurities/nuclei-sdk.svg)](https://pkg.go.dev/github.com/RevoltSecurities/nuclei-sdk)\n[![Release](https://img.shields.io/github/v/release/RevoltSecurities/nuclei-sdk)](https://github.com/RevoltSecurities/nuclei-sdk/releases)\n[![PyPI](https://img.shields.io/pypi/v/nuclei-sdk)](https://pypi.org/project/nuclei-sdk/)\n[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)\n\n**The missing SDK for Nuclei.** Build production security tools in Go or Python — scanners, platforms, CI gates, monitoring systems — powered by the world's most popular template-based vulnerability scanner.\n\n---\n\n## The Problem\n\n[Nuclei](https://github.com/projectdiscovery/nuclei) has 60,000+ stars and is the industry standard for template-based vulnerability scanning. But integrating it into your own tools has always been painful:\n\n| Pain Point | What Happens |\n|---|---|\n| **Go-only** | Nuclei's `lib/` API requires Go. Python, TypeScript, Java teams have no clean path |\n| **Heavy per-scan overhead** | Each scan re-initializes templates, interactsh, rate limiters, protocol state. Running 100 scans means 100x the startup cost |\n| **No concurrent architecture** | No built-in way to run multiple scan types simultaneously with shared resources |\n| **No worker pool** | Building continuous scanning (from APIs, queues, feeds) means writing your own concurrency from scratch |\n| **No presets** | Every project reinvents \"API security scan\" or \"WordPress scan\" configuration from scratch |\n\n## The Solution\n\n**nuclei-sdk** is a multi-language SDK that wraps Nuclei into a clean, embeddable library designed for building production security tools.\n\n### What you get\n\n- **Go SDK** — native library with init-once/scan-many architecture. Heavy resources (templates, interactsh, rate limiter, parser) initialized once; each `Scan()` call creates only a lightweight executor (~5 fields)\n- **Python SDK** — fully async (`asyncio`) client. No Go toolchain required — the bridge binary auto-installs from GitHub Releases with SHA256 verification\n- **Any language next** — the bridge speaks JSON lines over stdin/stdout (like MCP stdio). TypeScript, Rust, Java, Ruby — if it can spawn a process and parse JSON, it can use Nuclei\n- **ScanEngine** — run 1000+ concurrent scans on a single engine. Each scan filters from pre-loaded templates or brings its own\n- **ScanPool** — bounded worker pool for continuous scanning from APIs, queues, webhooks, or vulnerability feeds\n- **RunParallel** — fire multiple scan types simultaneously (HTTP CVEs + DNS takeover + SSL audit) with labeled results\n- **4 preset scanners** — Web, API Security, WordPress, Network — ready to use, fully customizable\n- **82 configuration options** — proxy, auth, headers, concurrency, sandboxing, HTTP probing, and everything else Nuclei supports\n- **Runtime templates** — pass raw YAML bytes, file paths, URLs, or directories per-scan. No upfront template configuration needed\n\n### Who is this for?\n\n| You are... | You can build... |\n|---|---|\n| **Security engineer** | Custom scanners for your org's specific stack (WordPress fleet, API gateway, microservices) |\n| **Platform developer** | SaaS security products with Nuclei as the scanning engine behind your API |\n| **DevSecOps engineer** | CI/CD gates that block deploys on critical findings |\n| **Bug bounty hunter** | Automated recon pipelines that scan continuously and alert on new findings |\n| **SOC/Blue team** | Continuous vulnerability monitoring fed from your asset inventory |\n| **Researcher** | Rapid prototyping of detection logic with runtime template injection |\n\n---\n\n## Architecture\n\n```\n nuclei-sdk\n |\n +-------------+-------------+\n | |\n Go SDK Bridge Binary\n (native library) (JSON-line protocol)\n | |\n import \u0026 use stdin/stdout JSON\n directly in Go |\n +-------------+-------------+\n | | |\n Python TypeScript Any\n SDK (soon) Language\n```\n\n**How the bridge works:**\n\n```\nPython/Any Client nuclei-sdk-bridge (Go)\n | |\n | {\"cmd\":\"setup\",\"config\":{...}} |\n | ---------------------------------\u003e | Initialize engine\n | {\"type\":\"setup_complete\"} |\n | \u003c--------------------------------- |\n | |\n | {\"cmd\":\"scan\",\"options\":{...}} |\n | ---------------------------------\u003e | Run scan\n | {\"type\":\"result\",\"data\":{...}} |\n | \u003c--------------------------------- | Stream results\n | {\"type\":\"scan_complete\"} |\n | \u003c--------------------------------- |\n```\n\n**Engine resource model:**\n\n```\nGlobal Resources (initialized once in Setup):\n Template Store, Parser, Catalog, Output Writer,\n Interactsh Client, Rate Limiter, Browser, Host Error Cache\n\nPer-Scan Resources (created per Scan call, very lightweight):\n core.Engine (~5 fields), ExecutorOptions copy,\n SimpleInputProvider, Filtered template list\n```\n\nThis is what makes nuclei-sdk fast — you pay the initialization cost once, then run thousands of lightweight scans against it.\n\n---\n\n## Installation\n\n### Go\n\n```bash\ngo get github.com/RevoltSecurities/nuclei-sdk\n```\n\n### Python\n\n```bash\npip install nuclei-sdk\n```\n\nThe Go bridge binary is **auto-installed** from [GitHub Releases](https://github.com/RevoltSecurities/nuclei-sdk/releases) on first use. Supports Linux, macOS, and Windows on amd64/arm64. No Go toolchain required.\n\n---\n\n## Quick Start\n\n### Go — Simple Scan\n\n```go\npackage main\n\nimport (\n \"context\"\n \"fmt\"\n \"log\"\n\n nucleisdk \"github.com/RevoltSecurities/nuclei-sdk\"\n)\n\nfunc main() {\n scanner, err := nucleisdk.NewScanner(\n nucleisdk.WithTemplateDir(\"/path/to/nuclei-templates\"),\n nucleisdk.WithTargets(\"https://example.com\"),\n nucleisdk.WithSeverityFilter(\"high\", \"critical\"),\n nucleisdk.WithThreads(25),\n )\n if err != nil {\n log.Fatal(err)\n }\n defer scanner.Close()\n\n results, _ := scanner.Run(context.Background())\n for result := range results {\n fmt.Printf(\"[%s] %s - %s\\n\", result.Severity, result.TemplateID, result.MatchedURL)\n }\n}\n```\n\n### Python — Simple Scan\n\n```python\nimport asyncio\nfrom nucleisdk import ScanEngine\n\nasync def main():\n async with ScanEngine(\n template_dirs=[\"/path/to/nuclei-templates\"],\n rate_limit=100,\n no_interactsh=True,\n ) as engine:\n async for r in engine.scan(\n targets=[\"https://example.com\"],\n tags=[\"cve\", \"exposure\"],\n severities=[\"high\", \"critical\"],\n ):\n print(f\"[{r.severity}] {r.template_id} - {r.matched_url}\")\n\nasyncio.run(main())\n```\n\n---\n\n## Real-World Use Cases\n\n### 1. CI/CD Pipeline Gate\n\nBlock deploys when critical vulnerabilities are found:\n\n**Go:**\n```go\nengine.Setup()\nresults, _ := engine.Scan(ctx, \u0026nucleisdk.ScanOptions{\n Targets: []string{deployURL},\n Severities: []string{\"critical\", \"high\"},\n})\nfor r := range results {\n if r.IsCritical() {\n log.Fatalf(\"BLOCKED: %s on %s\", r.TemplateID, r.MatchedURL)\n }\n}\nfmt.Println(\"No critical findings — deploy approved\")\n```\n\n**Python:**\n```python\nasync with ScanEngine(rate_limit=100, no_interactsh=True) as engine:\n findings = await engine.scan_collect(\n targets=[deploy_url], severities=[\"critical\", \"high\"]\n )\n if any(r.is_critical() for r in findings):\n sys.exit(\"BLOCKED: Critical vulnerability found\")\n print(\"Deploy approved\")\n```\n\n### 2. Continuous Vulnerability Monitoring\n\nFeed targets from your asset inventory and scan continuously:\n\n**Go:**\n```go\npool := engine.NewScanPool(ctx, 20)\n\ngo func() {\n for r := range pool.Results() {\n saveToDatabase(r)\n if r.IsHighOrAbove() {\n sendSlackAlert(r)\n }\n }\n}()\n\n// Feed from asset inventory, CMDB, or discovery tool\nfor asset := range assetInventoryStream {\n pool.Submit(asset.ID, \u0026nucleisdk.ScanOptions{\n Targets: []string{asset.URL},\n Tags: []string{\"cve\", \"exposure\"},\n })\n}\npool.Close()\n```\n\n**Python:**\n```python\nasync with ScanEngine(rate_limit=100, no_interactsh=True) as engine:\n pool = await engine.scan_pool(workers=20, on_result=save_to_database)\n\n async for asset in asset_inventory_stream():\n await pool.submit(asset[\"id\"], targets=[asset[\"url\"]], tags=[\"cve\"])\n\n await pool.close()\n print(f\"Scanned {pool.stats.completed} assets\")\n```\n\n### 3. Multi-Protocol Parallel Scanning\n\nRun HTTP, DNS, and SSL scans simultaneously with labeled results:\n\n**Go:**\n```go\nresults, _ := engine.RunParallel(ctx,\n nucleisdk.ConcurrentScan{\n Label: \"http-cves\",\n Options: []nucleisdk.Option{\n nucleisdk.WithProtocolTypes(\"http\"),\n nucleisdk.WithTags(\"cve\", \"exposure\"),\n nucleisdk.WithSeverityFilter(\"high\", \"critical\"),\n nucleisdk.WithTargets(\"https://example.com\"),\n },\n },\n nucleisdk.ConcurrentScan{\n Label: \"dns-takeover\",\n Options: []nucleisdk.Option{\n nucleisdk.WithProtocolTypes(\"dns\"),\n nucleisdk.WithTags(\"dns\", \"takeover\"),\n nucleisdk.WithTargets(\"example.com\"),\n },\n },\n nucleisdk.ConcurrentScan{\n Label: \"ssl-audit\",\n Options: []nucleisdk.Option{\n nucleisdk.WithProtocolTypes(\"ssl\"),\n nucleisdk.WithTargets(\"example.com:443\"),\n },\n },\n)\n\nfor lr := range results {\n fmt.Printf(\"[%s] [%s] %s - %s\\n\", lr.Label, lr.Severity, lr.TemplateID, lr.Host)\n}\n```\n\n**Python:**\n```python\nasync with ScanEngine(rate_limit=100, no_interactsh=True) as engine:\n async for lr in engine.run_parallel(\n {\"label\": \"http-cves\", \"targets\": [\"https://example.com\"], \"tags\": [\"cve\"]},\n {\"label\": \"dns-takeover\", \"targets\": [\"example.com\"], \"tags\": [\"dns\", \"takeover\"]},\n {\"label\": \"ssl-audit\", \"targets\": [\"example.com:443\"], \"protocol_types\": \"ssl\"},\n ):\n print(f\"[{lr.label}] [{lr.result.severity}] {lr.result.template_id}\")\n```\n\n### 4. Runtime Template Injection\n\nSet up the engine once with no templates, then pass templates dynamically per-scan. Perfect for platforms where templates come from a database, API, or user upload:\n\n**Go:**\n```go\n// Engine with NO templates — a \"blank runner\"\nengine, _ := nucleisdk.NewScanEngine(\n nucleisdk.WithRateLimit(100),\n nucleisdk.WithSilent(),\n)\nengine.Setup()\ndefer engine.Close()\n\n// Each scan brings its own template\ntemplateYAML, _ := os.ReadFile(\"/path/to/CVE-2024-1234.yaml\")\nresults, _ := engine.Scan(ctx, \u0026nucleisdk.ScanOptions{\n Targets: []string{\"https://target.com\"},\n TemplateBytes: []nucleisdk.TemplateBytesEntry{\n nucleisdk.TemplateBytes(\"CVE-2024-1234\", templateYAML),\n },\n})\n```\n\n**Python:**\n```python\nasync with ScanEngine(rate_limit=100) as engine:\n template_yaml = Path(\"CVE-2024-1234.yaml\").read_bytes()\n async for r in engine.scan(\n targets=[\"https://target.com\"],\n template_bytes=[TemplateBytesEntry(\"CVE-2024-1234\", template_yaml)],\n ):\n print(f\"[{r.severity}] {r.template_id}\")\n```\n\n### 5. WordPress Fleet Scanner\n\nScan all your WordPress sites with optimized presets:\n\n**Go:**\n```go\nscanner, _ := nucleisdk.NewWordPressScanner(\n nucleisdk.WithTargets(wpSites...),\n nucleisdk.WithTemplateDir(\"/path/to/nuclei-templates\"),\n)\ndefer scanner.Close()\n\nresults, _ := scanner.Run(ctx)\nfor r := range results {\n fmt.Printf(\"[%s] %s — %s\\n\", r.Severity, r.TemplateID, r.Host)\n}\n```\n\n**Python:**\n```python\nfrom nucleisdk import ScanEngine, wordpress_scanner\n\nasync with ScanEngine(**wordpress_scanner().__dict__) as engine:\n async for r in engine.scan(targets=wp_sites):\n print(f\"[{r.severity}] {r.template_id} — {r.host}\")\n```\n\n### 6. API Security Assessment\n\nScan APIs with OpenAPI specs and authenticated requests:\n\n**Go:**\n```go\nscanner, _ := nucleisdk.NewAPISecurityScanner(\n nucleisdk.WithOpenAPISpec(\"/path/to/openapi.yaml\"),\n nucleisdk.WithAuth(nucleisdk.BearerToken(\"eyJ...\", \"api.example.com\")),\n nucleisdk.WithRateLimit(30),\n)\n```\n\n**Python:**\n```python\nfrom nucleisdk import ScanEngine, api_security_scanner, bearer_token\n\nasync with ScanEngine(\n **api_security_scanner().__dict__,\n auth=[bearer_token(\"eyJ...\", \"api.example.com\")],\n openapi_spec=\"/path/to/openapi.yaml\",\n) as engine:\n async for r in engine.scan(targets=[\"https://api.example.com\"]):\n print(f\"[{r.severity}] {r.template_id}\")\n```\n\n---\n\n## Preset Scanners\n\nPre-configured scanning profiles — use as-is or override any option:\n\n| Preset | Protocol | Tags | Defaults |\n|---|---|---|---|\n| `WebScanner` / `web_scanner()` | HTTP | all (excludes: dos, fuzz) | 50 threads, 150 req/s |\n| `APISecurityScanner` / `api_security_scanner()` | HTTP | api, graphql, swagger, rest | 25 threads, 50 req/s |\n| `WordPressScanner` / `wordpress_scanner()` | HTTP | wordpress, wp-plugin, wp-theme | 25 threads, 30 req/s |\n| `NetworkScanner` / `network_scanner()` | network, dns, ssl | network, dns, ssl, tls | 25 threads, 100 req/s |\n\n---\n\n## Template Loading — How It Works\n\nUnderstanding this is key to using ScanEngine effectively:\n\n```\nSetup() → Load \u0026 compile all templates → engine.allTemplates (in-memory)\n |\nScan(tags=[\"http\"]) → filter from allTemplates → [http templates only]\nScan(tags=[\"dns\"]) → filter from allTemplates → [dns templates only]\nScan(tags=[\"ssl\"]) → filter from allTemplates → [ssl templates only]\n```\n\n**Rule of thumb:**\n- **Single scan** — set tags at Setup for efficiency (loads only what you need)\n- **Multiple scans with different tags** — don't set tags at Setup, filter per-scan instead\n- **Runtime templates** (`TemplateBytes`, `TemplateFiles`, `TemplateDirs`) — bypass the global store entirely, always work regardless of Setup config\n\n| Setup Config | Per-Scan Filter | Result |\n|---|---|---|\n| No tags (all templates) | `Tags: [\"dns\"]` | DNS templates found |\n| `WithTags(\"http\")` | `Tags: [\"http\"]` | HTTP templates found |\n| `WithTags(\"http\")` | `Tags: [\"dns\"]` | **Zero results** — DNS never loaded |\n| Any config | `TemplateFiles: [...]` | Always works (direct mode) |\n| Any config | `TemplateBytes: [...]` | Always works (direct mode) |\n\n---\n\n## Authentication\n\n6 auth methods, usable in both Go and Python:\n\n**Go:**\n```go\nnucleisdk.WithAuth(nucleisdk.BasicAuth(\"user\", \"pass\", \"example.com\"))\nnucleisdk.WithAuth(nucleisdk.BearerToken(\"eyJ...\", \"api.example.com\"))\nnucleisdk.WithAuth(nucleisdk.APIKeyHeader(\"X-API-Key\", \"key123\", \"api.example.com\"))\nnucleisdk.WithAuth(nucleisdk.HeaderAuth(map[string]string{\"Auth\": \"custom\"}, \"example.com\"))\nnucleisdk.WithAuth(nucleisdk.CookieAuth(map[string]string{\"session\": \"abc\"}, \"example.com\"))\nnucleisdk.WithAuth(nucleisdk.QueryAuth(map[string]string{\"token\": \"xyz\"}, \"example.com\"))\n```\n\n**Python:**\n```python\nfrom nucleisdk import basic_auth, bearer_token, api_key_header, header_auth, cookie_auth, query_auth\n\nScanEngine(auth=[\n bearer_token(\"eyJ...\", \"api.example.com\"),\n basic_auth(\"user\", \"pass\", \"internal.example.com\"),\n])\n```\n\n---\n\n## Target Utilities\n\nLoad targets from files, CIDRs, or IP ranges:\n\n**Go:**\n```go\ntargets, _ := nucleisdk.TargetsFromFile(\"/path/to/targets.txt\")\ntargets, _ = nucleisdk.TargetsFromCIDR(\"192.168.1.0/24\")\ntargets, _ = nucleisdk.IPRange(\"10.0.0.1\", \"10.0.0.254\")\n```\n\n**Python:**\n```python\nfrom nucleisdk import targets_from_file, targets_from_cidr, ip_range\n\ntargets = targets_from_file(\"/path/to/targets.txt\")\ntargets = targets_from_cidr(\"192.168.1.0/24\") # 254 IPs\ntargets = ip_range(\"10.0.0.1\", \"10.0.0.254\")\n```\n\nOr pass a file path directly to any scan:\n```python\nasync for r in engine.scan(target_file=\"/path/to/targets.txt\", tags=[\"cve\"]):\n ...\n```\n\n---\n\n## Configuration Reference\n\n82 configuration options organized by category. Full reference in [Go SDK docs](docs/GOLANG-SDK.md) and [Python SDK docs](docs/PYTHON-SDK.md).\n\n**Highlights:**\n\n```go\n// Concurrency\nnucleisdk.WithThreads(50) // concurrent templates\nnucleisdk.WithHostConcurrency(25) // concurrent hosts per template\nnucleisdk.WithRateLimit(100) // max requests/second\nnucleisdk.WithPayloadConcurrency(10) // concurrent payloads per request\n\n// Network\nnucleisdk.WithProxy(\"http://127.0.0.1:8080\")\nnucleisdk.WithNetworkInterface(\"eth0\")\nnucleisdk.WithSourceIP(\"10.0.0.5\")\nnucleisdk.WithResolvers(\"8.8.8.8\", \"1.1.1.1\")\n\n// Headers \u0026 Variables\nnucleisdk.WithHeader(\"User-Agent\", \"CustomScanner/1.0\")\nnucleisdk.WithVar(\"api_key\", \"test-key\")\n\n// HTTP Probing (scan raw hosts/IPs)\nnucleisdk.WithHTTPProbe()\nnucleisdk.WithProbeConcurrency(50)\nnucleisdk.WithScanAllIPs()\n\n// Sandbox\nnucleisdk.WithSandboxOptions(allowLocalFile, restrictNetwork)\n\n// Features\nnucleisdk.WithDASTMode()\nnucleisdk.WithHeadless(nil)\nnucleisdk.WithCodeTemplates()\n```\n\n---\n\n## Extend to Any Language\n\nThe bridge binary speaks a simple JSON-line protocol over stdin/stdout. Building a client in your language takes ~200 lines:\n\n```\n$ echo '{\"cmd\":\"version\",\"id\":\"1\"}' | nuclei-sdk-bridge\n{\"id\":\"1\",\"type\":\"version\",\"data\":{\"version\":\"1.0.0\",...}}\n```\n\n**Commands:** `version`, `setup`, `scan`, `pool_create`, `pool_submit`, `pool_stats`, `pool_close`, `close`\n\nSee [Bridge Protocol Reference](docs/GOLANG-SDK.md#bridge-protocol) for the full spec. The Python SDK implementation ([python/nucleisdk/_bridge.py](python/nucleisdk/_bridge.py)) is a working reference client.\n\n---\n\n## Examples\n\n| Example | Description |\n|---------|-------------|\n| [basic](examples/basic/) | Simple one-shot scan with Scanner |\n| [reusable_engine](examples/reusable_engine/) | Sequential scans with shared ScanEngine |\n| [concurrent](examples/concurrent/) | Parallel multi-protocol scans with RunParallel |\n| [targeted_scan](examples/targeted_scan/) | Per-scan templates (bytes, files, dirs) |\n| [scan_pool](examples/scan_pool/) | Worker pool for continuous dynamic scanning |\n| [api_security](examples/api_security/) | API security scanning with OpenAPI spec |\n| [wordpress](examples/wordpress/) | WordPress-specific vulnerability scanning |\n| [raw_template](examples/raw_template/) | Scanning with raw YAML template bytes |\n| [custom_config](examples/custom_config/) | Advanced configuration options |\n\nPython examples in [python/examples/](python/examples/).\n\n---\n\n## Full Documentation\n\n| | |\n|---|---|\n| **Go SDK** | [docs/GOLANG-SDK.md](docs/GOLANG-SDK.md) — complete API reference, all 82 config options, all scan modes |\n| **Python SDK** | [docs/PYTHON-SDK.md](docs/PYTHON-SDK.md) — async API, presets, auth, targets, templates, pool, parallel |\n\n---\n\n## Release \u0026 Versioning\n\n| Component | Version | Install |\n|-----------|---------|---------|\n| Go SDK | `v1.0.0` | `go get github.com/RevoltSecurities/nuclei-sdk` |\n| Python SDK | `1.0.0` | `pip install nuclei-sdk` |\n| Bridge Binary | `1.0.0` | Auto-installed by Python SDK |\n\n### Compatibility \u0026 Auto-Install\n\n- The Python SDK auto-downloads the bridge binary on first use with SHA256 checksum verification.\n- The SDK enforces a minimum bridge version and will auto-update if the local bridge is incompatible.\n- You can pin or override the bridge binary path if you need a custom build or air-gapped deployment.\n- Python template parsing utilities (`validate_template`, `parse_template_info`) require PyYAML. \n Install with `pip install nuclei-sdk[templates]` or `pip install pyyaml`.\n\n### Release Workflow\n\n```bash\n# Go binary release (goreleaser → GitHub Releases)\ngit tag v1.0.0 \u0026\u0026 git push origin v1.0.0\n\n# Python package release (→ PyPI)\ngit tag py-v1.0.0 \u0026\u0026 git push origin py-v1.0.0\n```\n\nThe Python SDK auto-downloads the bridge binary on first use with SHA256 checksum verification. If versions are incompatible, it auto-updates.\n\n---\n\n## Credits\n\nMade with :heart: by [RevoltSecurities](https://github.com/RevoltSecurities)\n\n**Thanks**\n\nSpecial thanks to the ProjectDiscovery team for their open-source contributions. This project extends Nuclei for broader integration across the open-source community and aims to help scale vulnerability scanning in production environments.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frevoltsecurities%2Fnuclei-sdk","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frevoltsecurities%2Fnuclei-sdk","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frevoltsecurities%2Fnuclei-sdk/lists"}