使用Nuclei和Project Discovery的漏洞赏金项目自动CVE扫描
高级
这是一个SecOps领域的自动化工作流,包含 32 个节点。主要使用 If, Set, Ssh, Gmail, Filter 等节点。 使用Nuclei和Project Discovery的漏洞赏金项目自动CVE扫描
前置要求
- •Google 账号和 Gmail API 凭证
- •可能需要目标 API 的认证凭证
使用的节点 (32)
分类
工作流预览
可视化展示节点连接关系,支持缩放和平移
导出工作流
复制以下 JSON 配置到 n8n 导入,即可使用此工作流
{
"meta": {
"instanceId": "00c335a93aa05eca5da0069acae2222c0e96c59e0b1d12f51148e42c90931a8c",
"templateCredsSetupCompleted": true
},
"nodes": [
{
"id": "4e4487e4-6e43-4115-9c74-28b7d60c60f1",
"name": "计划触发器",
"type": "n8n-nodes-base.scheduleTrigger",
"position": [
-2960,
64
],
"parameters": {
"rule": {
"interval": [
{}
]
}
},
"typeVersion": 1.2
},
{
"id": "92209b78-9e1d-4b7f-957d-063f43d3977e",
"name": "获取所有漏洞赏金域名",
"type": "n8n-nodes-base.httpRequest",
"position": [
-2768,
64
],
"parameters": {
"url": "https://raw.githubusercontent.com/arkadiyt/bounty-targets-data/refs/heads/main/data/domains.txt",
"options": {}
},
"typeVersion": 4.2
},
{
"id": "7c0f9b01-e947-476d-b628-97b86789fead",
"name": "创建 domains.txt",
"type": "n8n-nodes-base.convertToFile",
"position": [
-2576,
64
],
"parameters": {
"options": {
"fileName": "domains.txt"
},
"operation": "toText",
"sourceProperty": "data"
},
"typeVersion": 1.1
},
{
"id": "4a90e70b-c48d-413a-a122-c56cbff7fb94",
"name": "上传 domains.txt",
"type": "n8n-nodes-base.ssh",
"position": [
-2400,
64
],
"parameters": {
"path": "/tmp/nuclei",
"options": {},
"resource": "file"
},
"credentials": {
"sshPassword": {
"id": "iiVQp2EHCU1J02I8",
"name": "SSH Password account"
}
},
"typeVersion": 1
},
{
"id": "988543c5-94e0-44f8-ab9f-8d3ebfd55026",
"name": "循环遍历 CVE",
"type": "n8n-nodes-base.splitInBatches",
"position": [
-1808,
64
],
"parameters": {
"options": {}
},
"typeVersion": 3
},
{
"id": "4a279535-cdc3-4971-b3f1-669dab7c1807",
"name": "拆分 CVE",
"type": "n8n-nodes-base.splitOut",
"position": [
-2016,
64
],
"parameters": {
"options": {},
"fieldToSplitOut": "results"
},
"typeVersion": 1
},
{
"id": "c327f6d6-7a46-4452-8533-1bc5efbdd413",
"name": "获取最新 CVE (PROJECT DISCOVERY)",
"type": "n8n-nodes-base.httpRequest",
"position": [
-2208,
64
],
"parameters": {
"url": "https://api.projectdiscovery.io/v2/template/search",
"options": {
"response": {
"response": {}
},
"allowUnauthorizedCerts": false
},
"sendQuery": true,
"queryParameters": {
"parameters": [
{
"name": "scope",
"value": "public"
},
{
"name": "facet_size",
"value": "40"
},
{
"name": "offset",
"value": "0"
},
{
"name": "limit",
"value": "40"
}
]
}
},
"typeVersion": 4.2
},
{
"id": "394d12ed-f7fa-4fa4-9153-792362557fd0",
"name": "模板存在过滤器",
"type": "n8n-nodes-base.filter",
"position": [
-1456,
48
],
"parameters": {
"options": {},
"conditions": {
"options": {
"version": 2,
"leftValue": "",
"caseSensitive": true,
"typeValidation": "strict"
},
"combinator": "and",
"conditions": [
{
"id": "f5ec37ec-884b-4f2b-a862-8f635c3f4787",
"operator": {
"type": "string",
"operation": "exists",
"singleValue": true
},
"leftValue": "={{ $json.Template }}",
"rightValue": ""
}
]
}
},
"typeVersion": 2.2
},
{
"id": "ded932c1-4860-4e1a-8097-d20e344d452c",
"name": "日期过滤器",
"type": "n8n-nodes-base.if",
"position": [
-1632,
160
],
"parameters": {
"options": {},
"conditions": {
"options": {
"version": 2,
"leftValue": "",
"caseSensitive": true,
"typeValidation": "strict"
},
"combinator": "and",
"conditions": [
{
"id": "b8383900-9ea9-433a-99eb-186bace80963",
"operator": {
"type": "dateTime",
"operation": "afterOrEquals"
},
"leftValue": "={{ $json.created_at.match(/^\\d{4}-\\d{2}-\\d{2}/)[0] }}",
"rightValue": "={{ new Date(new Date($('Schedule Trigger').item.json.timestamp).setDate(new Date($('Schedule Trigger').item.json.timestamp).getDate() - 1)).toISOString().slice(0,10) }}"
}
]
}
},
"typeVersion": 2.2
},
{
"id": "683c4a53-bcc1-4120-ae08-7d85d75d8ad1",
"name": "设置变量",
"type": "n8n-nodes-base.set",
"position": [
-1456,
176
],
"parameters": {
"options": {},
"assignments": {
"assignments": [
{
"id": "2dbb3955-d2ac-436d-afbd-115a1b9ca77d",
"name": "CVE",
"type": "string",
"value": "={{ $json.classification[\"cve-id\"][0] }}"
},
{
"id": "6fb84c49-bc10-49cc-9fd1-bdaaa43ee26f",
"name": "CVSS-Score",
"type": "string",
"value": "={{ $json.classification[\"cvss-score\"] }}"
},
{
"id": "77c7d2d4-f191-426e-b421-746046007736",
"name": "Template",
"type": "string",
"value": "={{ $json.raw }}"
},
{
"id": "43e39cd1-426f-4d8d-855d-b2b5094b2c3d",
"name": "References",
"type": "string",
"value": "={{ $json.references }}"
}
]
}
},
"typeVersion": 3.4
},
{
"id": "7ce8eaf8-781d-4a57-8130-bee18c2cbbc7",
"name": "设置空变量",
"type": "n8n-nodes-base.set",
"position": [
-1456,
304
],
"parameters": {
"options": {}
},
"typeVersion": 3.4
},
{
"id": "6971ed83-ae0b-4b0a-b507-4272811706df",
"name": "循环遍历模板",
"type": "n8n-nodes-base.splitInBatches",
"position": [
-1264,
48
],
"parameters": {
"options": {}
},
"typeVersion": 3
},
{
"id": "8e5d9676-868b-4509-99ad-842ac105083a",
"name": "创建模板",
"type": "n8n-nodes-base.convertToFile",
"position": [
-976,
176
],
"parameters": {
"options": {
"fileName": "={{ $json.CVE }}.txt"
},
"operation": "toText",
"sourceProperty": "Template"
},
"typeVersion": 1.1
},
{
"id": "8aa01e8f-c4ae-4670-94e7-e680aecdec31",
"name": "上传模板",
"type": "n8n-nodes-base.ssh",
"position": [
-768,
176
],
"parameters": {
"path": "/tmp/nuclei-templates",
"options": {},
"resource": "file"
},
"credentials": {
"sshPassword": {
"id": "iiVQp2EHCU1J02I8",
"name": "SSH Password account"
}
},
"typeVersion": 1
},
{
"id": "50e4400a-ab7b-479b-b5d1-6887b20dc4f0",
"name": "将模板转换为 .yaml",
"type": "n8n-nodes-base.ssh",
"position": [
-768,
304
],
"parameters": {
"cwd": "=/",
"command": "=mv /tmp/nuclei-templates/{{ $('Loop Over Templates').item.json.CVE }}.txt /tmp/nuclei-templates/{{ $('Loop Over Templates').item.json.CVE }}.yaml"
},
"credentials": {
"sshPassword": {
"id": "iiVQp2EHCU1J02I8",
"name": "SSH Password account"
}
},
"typeVersion": 1
},
{
"id": "dcbe9551-2a4e-4886-ac28-1d33c46fb6d1",
"name": "执行 Nuclei",
"type": "n8n-nodes-base.ssh",
"position": [
-768,
32
],
"parameters": {
"command": "=nuclei -l /tmp/nuclei/domains.txt -t /tmp/nuclei-templates -ss host-spray -c 10 -bs 50 -rl 100 -timeout 10 -retries 1 -silent -etags info,low"
},
"credentials": {
"sshPassword": {
"id": "iiVQp2EHCU1J02I8",
"name": "SSH Password account"
}
},
"typeVersion": 1
},
{
"id": "01f22d27-44e2-4485-814e-947521b1c941",
"name": "移除模板",
"type": "n8n-nodes-base.ssh",
"position": [
-560,
32
],
"parameters": {
"command": "rm /tmp/nuclei-templates/*"
},
"credentials": {
"sshPassword": {
"id": "iiVQp2EHCU1J02I8",
"name": "SSH Password account"
}
},
"typeVersion": 1
},
{
"id": "bc950e9f-e3b5-40da-848d-70c6632c2736",
"name": "设置结果变量",
"type": "n8n-nodes-base.set",
"position": [
-368,
32
],
"parameters": {
"options": {},
"assignments": {
"assignments": [
{
"id": "d81d0c46-ef3f-4f6d-b888-753aa5bf5cee",
"name": "Nuclei Results",
"type": "string",
"value": "={{ $('Execute Nuclei').item.json.stdout }}"
}
]
}
},
"typeVersion": 3.4
},
{
"id": "7f6b1ae1-a704-424e-9772-b2aecacc138b",
"name": "检查结果",
"type": "n8n-nodes-base.if",
"position": [
-192,
32
],
"parameters": {
"options": {},
"conditions": {
"options": {
"version": 2,
"leftValue": "",
"caseSensitive": true,
"typeValidation": "strict"
},
"combinator": "and",
"conditions": [
{
"id": "031ad40a-049e-4439-867f-9a753d298de7",
"operator": {
"type": "string",
"operation": "notEmpty",
"singleValue": true
},
"leftValue": "={{ $json[\"Nuclei Results\"] }}",
"rightValue": ""
}
]
}
},
"typeVersion": 2.2
},
{
"id": "bf01310b-f018-47de-ae60-b4e050c36b4a",
"name": "发送消息",
"type": "n8n-nodes-base.gmail",
"position": [
0,
16
],
"webhookId": "b77ff6a1-c0de-407c-ac25-9871d0d8bc18",
"parameters": {
"sendTo": "pyus3r@gmail.com",
"message": "={{ $json[\"Nuclei Results\"] }}",
"options": {},
"subject": "=CVE Hunter"
},
"credentials": {
"gmailOAuth2": {
"id": "DQJIew3Dn0F9iG3O",
"name": "Gmail account"
}
},
"typeVersion": 2.1
},
{
"id": "61d4021c-f16b-4c23-b799-e2a65e24500c",
"name": "移除项目",
"type": "n8n-nodes-base.summarize",
"position": [
-976,
32
],
"parameters": {
"options": {},
"fieldsToSummarize": {
"values": [
{
"field": "code",
"aggregation": "append"
}
]
}
},
"typeVersion": 1.1
},
{
"id": "b92df5a1-5d5f-4bd9-8c91-3e96660986c6",
"name": "便签",
"type": "n8n-nodes-base.stickyNote",
"position": [
-3024,
-512
],
"parameters": {
"color": 7,
"width": 3232,
"height": 1104,
"content": ""
},
"typeVersion": 1
},
{
"id": "c9f2beaa-b483-4643-882e-120708f10d37",
"name": "便签1",
"type": "n8n-nodes-base.stickyNote",
"position": [
-2992,
-176
],
"parameters": {
"color": 4,
"width": 720,
"height": 736,
"content": "## 步骤 1 - 获取所有漏洞赏金项目域名"
},
"typeVersion": 1
},
{
"id": "7b03b271-d5e0-493d-a4a0-839184bd78a9",
"name": "便签2",
"type": "n8n-nodes-base.stickyNote",
"position": [
-2272,
-176
],
"parameters": {
"color": 5,
"width": 960,
"height": 736,
"content": "## 步骤 2 - 获取新的 CVE 模板"
},
"typeVersion": 1
},
{
"id": "d0dcba98-60e0-43a8-a3bc-9cff15a64125",
"name": "便签3",
"type": "n8n-nodes-base.stickyNote",
"position": [
-1312,
-176
],
"parameters": {
"color": 5,
"width": 896,
"height": 736,
"content": "## 步骤 3 - 创建并执行模板"
},
"typeVersion": 1
},
{
"id": "8ca8d864-bde4-4c64-8e32-cfbf7f995a14",
"name": "便签4",
"type": "n8n-nodes-base.stickyNote",
"position": [
-416,
-176
],
"parameters": {
"color": 3,
"width": 592,
"height": 736,
"content": "## 步骤 4 - 通过 Gmail 发送结果"
},
"typeVersion": 1
},
{
"id": "3dfceb2f-bd32-40b8-9521-1beba8d75a58",
"name": "便签8",
"type": "n8n-nodes-base.stickyNote",
"position": [
-3648,
-512
],
"parameters": {
"width": 624,
"height": 1104,
"content": "# 设置"
},
"typeVersion": 1
},
{
"id": "17a5ebd6-d0a3-4f3f-88ed-65e5841a7038",
"name": "便签9",
"type": "n8n-nodes-base.stickyNote",
"position": [
-1088,
-448
],
"parameters": {
"color": 7,
"width": 720,
"height": 192,
"content": "# 📬 需要帮助或想要定制?"
},
"typeVersion": 1
},
{
"id": "f9e0f384-8dcf-4225-ab88-677fe44f9cd1",
"name": "便签13",
"type": "n8n-nodes-base.stickyNote",
"position": [
-2512,
-448
],
"parameters": {
"color": 7,
"width": 720,
"height": 192,
"content": "# 工作流目标"
},
"typeVersion": 1
},
{
"id": "23380fed-ecc8-407e-88ec-85b8ac6727e6",
"name": "便签10",
"type": "n8n-nodes-base.stickyNote",
"position": [
-1664,
-400
],
"parameters": {
"color": 4,
"width": 150,
"height": 80,
"content": "## 输入"
},
"typeVersion": 1
},
{
"id": "ce26775a-83cf-49db-85c6-c6fbf163c320",
"name": "便签11",
"type": "n8n-nodes-base.stickyNote",
"position": [
-1520,
-400
],
"parameters": {
"color": 5,
"width": 150,
"height": 80,
"content": "## 核心"
},
"typeVersion": 1
},
{
"id": "363a6f51-ba61-437c-a3de-5fbee5df0f96",
"name": "便签12",
"type": "n8n-nodes-base.stickyNote",
"position": [
-1376,
-400
],
"parameters": {
"color": 3,
"width": 150,
"height": 80,
"content": "## 输出"
},
"typeVersion": 1
}
],
"pinData": {},
"connections": {
"Split CVEs": {
"main": [
[
{
"node": "Loop Over CVEs",
"type": "main",
"index": 0
}
]
]
},
"Date Filter": {
"main": [
[
{
"node": "Set Variables",
"type": "main",
"index": 0
}
],
[
{
"node": "Set Null Variable",
"type": "main",
"index": 0
}
]
]
},
"Remove Items": {
"main": [
[
{
"node": "Execute Nuclei",
"type": "main",
"index": 0
}
]
]
},
"Check Results": {
"main": [
[
{
"node": "Send a message",
"type": "main",
"index": 0
}
]
]
},
"Set Variables": {
"main": [
[
{
"node": "Loop Over CVEs",
"type": "main",
"index": 0
}
]
]
},
"Execute Nuclei": {
"main": [
[
{
"node": "Remove Templates",
"type": "main",
"index": 0
}
]
]
},
"Loop Over CVEs": {
"main": [
[
{
"node": "Template Exists Filter",
"type": "main",
"index": 0
}
],
[
{
"node": "Date Filter",
"type": "main",
"index": 0
}
]
]
},
"Create Template": {
"main": [
[
{
"node": "Upload Template",
"type": "main",
"index": 0
}
]
]
},
"Upload Template": {
"main": [
[
{
"node": "Convert Template to .yaml",
"type": "main",
"index": 0
}
]
]
},
"Remove Templates": {
"main": [
[
{
"node": "Set Results Variable",
"type": "main",
"index": 0
}
]
]
},
"Schedule Trigger": {
"main": [
[
{
"node": "Get All Bug Bounty Domains",
"type": "main",
"index": 0
}
]
]
},
"Set Null Variable": {
"main": [
[
{
"node": "Loop Over CVEs",
"type": "main",
"index": 0
}
]
]
},
"Create domains.txt": {
"main": [
[
{
"node": "Upload domains.txt",
"type": "main",
"index": 0
}
]
]
},
"Upload domains.txt": {
"main": [
[
{
"node": "GET Last CVEs (PROJECT DISCOVERY)",
"type": "main",
"index": 0
}
]
]
},
"Loop Over Templates": {
"main": [
[
{
"node": "Remove Items",
"type": "main",
"index": 0
}
],
[
{
"node": "Create Template",
"type": "main",
"index": 0
}
]
]
},
"Set Results Variable": {
"main": [
[
{
"node": "Check Results",
"type": "main",
"index": 0
}
]
]
},
"Template Exists Filter": {
"main": [
[
{
"node": "Loop Over Templates",
"type": "main",
"index": 0
}
]
]
},
"Convert Template to .yaml": {
"main": [
[
{
"node": "Loop Over Templates",
"type": "main",
"index": 0
}
]
]
},
"Get All Bug Bounty Domains": {
"main": [
[
{
"node": "Create domains.txt",
"type": "main",
"index": 0
}
]
]
},
"GET Last CVEs (PROJECT DISCOVERY)": {
"main": [
[
{
"node": "Split CVEs",
"type": "main",
"index": 0
}
]
]
}
}
}常见问题
如何使用这个工作流?
复制上方的 JSON 配置代码,在您的 n8n 实例中创建新工作流并选择「从 JSON 导入」,粘贴配置后根据需要修改凭证设置即可。
这个工作流适合什么场景?
高级 - 安全运维
需要付费吗?
本工作流完全免费,您可以直接导入使用。但请注意,工作流中使用的第三方服务(如 OpenAI API)可能需要您自行付费。
相关工作流推荐
使用Subfinder、HTTPX和GPT-4-Mini进行子域名枚举的安全侦察
使用Subfinder、HTTPX和GPT-4-Mini进行子域名枚举的安全侦察
Set
Ssh
Code
+11
48 节点Javier Rieiro
安全运维
在可视化参考库中探索n8n节点
在可视化参考库中探索n8n节点
If
Ftp
Set
+93
113 节点I versus AI
其他
[模板] AI宠物店 v8
🐶 AI宠物店助手 - 集成GPT-4o、Google日历和WhatsApp/Instagram/Facebook
If
N8n
Set
+38
244 节点Amanda Benks
销售
AI 代理餐厅 [模板]
🤖 WhatsApp、Instagram 和 Messenger 的 AI 餐厅助手
If
N8n
Set
+37
239 节点Amanda Benks
其他
潜在客户开发与邮件工作流
使用Google Maps、SendGrid和AI自动化B2B潜在客户开发与邮件营销
If
Set
Code
+21
141 节点Ezema Kingsley Chibuzo
潜在客户开发
WordPress博客自动化专业版(深度研究)v2.1市场
使用GPT-4o、Perplexity AI和多语言支持自动化SEO优化的博客创建
If
Set
Xml
+27
125 节点Daniel Ng
内容创作
工作流信息
难度等级
高级
节点数量32
分类1
节点类型12
作者
Javier Rieiro
@pyus3rMy name is Javier Rieiro. I’m a hacker documenting my journey by creating and curating the best content about bug bounty and offensive cybersecurity through videos and live streams. On this channel, you’ll find practical explanations of real techniques, along with the tools and n8n workflows I use every day to automate my bug bounty work.
外部链接
在 n8n.io 查看 →
分享此工作流