Skip to content
This repository has been archived by the owner on Nov 6, 2023. It is now read-only.

JupiterOne-Archives/j1nuclei

BranchesTags

Repository files navigation


About

J1Nuclei is a CLI tool demonstrating how JupiterOne platform can automate and learn from other tools. It automates everyday security tasks of scanning endpoints for vulnerabilities. Once scans are complete, the tool returns findings to our JupiterOne knowledge graph. Results can be reviewed, prioritized, and measured using Jupiterone console and insight dashboards.

Quickstart

The tool can be installed by simply cloning the repository and starting the module.

  1. Get Started - If you're not already using JupiterOne, it's free (no credit card).
  2. Install nuclei
    pip install nuclei
  3. Install j1nuclei
    • PIP pip install j1nuclei
    • From source git clone git@github.com:JupiterOne/j1nuclei.git
  4. Get JupiterOne API token
    Follow instructions from Create User and Account API Keys kb article.

4. Export your api key to the environment variable ``J1_API_TOKEN``
``export J1_API_TOKEN=""`` 5. Launch j1nuclei from console or terminal

Exploring Findings

Findings are mapped back into our graph using the following schema

1. JupiterOne Query Language (J1QL)

More information about J1QL is available from Introduction to JupiterOne Query Language The J1QL and knowledge graph can answer many questions, here's a few from the data set produced by J1Nuclei

How many nuclei issues do I have?

FIND nuclei_finding as f
RETURN count(f) as value

How many my critical assets in production are affected?

FIND *
WITH tag.Production = true AND classification = 'critical' AS asset
THAT HAS >> nuclei_finding
RETURN COUNT(asset)

How many endpoints are affected?

FIND UNIQUE * as asset
THAT HAS >> nuclei_finding
RETURN count(asset) as value

Criticality of the issues?

FIND nuclei_finding as f
WHERE f._type = 'nuclei_finding'
RETURN f.severity as x, count(f) as y

What are my issues (graph view)?

FIND *
THAT HAS >> nuclei_finding
THAT IS >> nuclei_vulnerability
RETURN TREE

2. Insight Dashboard

You can also create dashboards using our console Insights. For starters, you can use the one we provided as part of this tool nuclei_portal_schema.json. Steps to create, edit, and upload your own dashboard are available from Getting started with insights-dashboards. We also shared many dashboards in our open-source repository from https://github.com/JupiterOne/insights-dashboards.

Customizing target discovery

Because getting a comprehensive view may require several queries, j1nuclei use a JSON file target_query.json to define all queries to run. The file is populated with common queries by default and is extensible with any J1QL queries. For more information on our J1QL language is available from our support site and other questions implementation is available from JupiterOne Questions library.

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

14 stars

Watchers

7 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages