naftiko: 1.0.0-alpha2 info: label: PDCP API description: For more details, checkout https://docs.projectdiscovery.io/api-reference/editor/scan tags: - Nuclei - API created: '2026-05-06' modified: '2026-05-06' capability: consumes: - type: http namespace: nuclei baseUri: https://api.projectdiscovery.io description: PDCP API HTTP API. authentication: type: apikey in: header name: X-API-Key value: '{{NUCLEI_TOKEN}}' resources: - name: v2-template-search path: /v2/template/search operations: - name: get-v2-template-search method: GET description: Search Templates inputParameters: - name: scope in: query type: string description: Scope of templates to search (public or private) - name: limit in: query type: integer description: Maximum number of results to return - name: offset in: query type: integer description: Number of results to skip for pagination - name: fields in: query type: string description: Specific fields to return in the response - name: sort_asc in: query type: string description: Field to sort results in ascending order - name: sort_desc in: query type: string description: Field to sort results in descending order - name: q in: query type: string description: Search query string - name: highlight in: query type: boolean description: Whether to highlight search matches in results - name: facet_size in: query type: integer description: Number of facets to return in the response - name: X-Team-Id in: header type: string outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v2-template-user-upload path: /v2/template/user/upload operations: - name: post-v2-template-user-upload method: POST description: Upload Templates outputRawFormat: json outputParameters: - name: result type: object value: $. - name: patch-v2-template-user-upload method: PATCH description: Bulk Update User Template outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-scans path: /v1/scans operations: - name: get-v1-scans method: GET description: Get Scan List inputParameters: - name: offset in: query type: integer description: number of scan-status results to skip - name: limit in: query type: integer description: number of scan-status results to fetch - name: search in: query type: string description: search term for running scans - name: status in: query type: string description: filter by status (failed, finished, queued, running, starting, uploaded, scheduled) - name: sort_asc in: query type: string description: comma separated ascending sorting e.g sort_asc=created_at,severity - name: sort_desc in: query type: string description: comma separated descending sorting e.g sort_desc=created_at,severity - name: is_internal in: query type: boolean description: filter by internal scans - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: post-v1-scans method: POST description: Create Scan inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: delete-v1-scans method: DELETE description: Delete Scan in bulk inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-scans-scan-id path: /v1/scans/{scan_id} operations: - name: get-v1-scans-scan-id method: GET description: Get Scan inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: delete-v1-scans-scan-id method: DELETE description: Delete Scan inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: patch-v1-scans-scan-id method: PATCH description: Update Scan inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-scans-import path: /v1/scans/import operations: - name: post-v1-scans-import method: POST description: Import OSS Scan inputParameters: - name: name in: query type: string - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-admin-user-search path: /v1/admin/user/search operations: - name: get-v1-admin-user-search method: GET description: Search user by name or email inputParameters: - name: q in: query type: string description: name or email filter - name: plan in: query type: string description: plan filter - name: offset in: query type: integer description: offset for pagination - name: limit in: query type: integer description: limit for pagination - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-admin-user-billing-assets path: /v1/admin/user/billing_assets operations: - name: get-v1-admin-user-billing-assets method: GET description: Get billing assets for a user inputParameters: - name: email in: query type: string required: true description: email of the user outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-admin-user-audit-logs path: /v1/admin/user/audit_logs operations: - name: get-v1-admin-user-audit-logs method: GET description: Get audit logs for a user inputParameters: - name: email in: query type: string description: email of the user - name: user_id in: query type: integer description: user id of the user - name: offset in: query type: integer description: offset for pagination - name: path_name in: query type: string description: path name filter - name: status_code in: query type: string description: status code filter comma separated e.g status_code=200,404 - name: status_code_not in: query type: string description: status code not filter comma separated e.g status_code_not=200,404 - name: limit in: query type: integer description: limit for pagination outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-admin-team-change-owner path: /v1/admin/team/change_owner operations: - name: post-v1-admin-team-change-owner method: POST description: change owner for a team (New owner will take control of the existing owner's subscription) outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-admin-scan-token path: /v1/admin/scan/token operations: - name: post-v1-admin-scan-token method: POST description: Set Scan token for user inputParameters: - name: method in: query type: string required: true description: '''create'' or ''update'' mode' - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: patch-v1-admin-scan-token method: PATCH description: Update Scan token for user inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: get-v1-admin-scan-token method: GET description: Get Token Usage (admin) inputParameters: - name: user_id in: query type: integer required: true description: user id to get scan token usage for - name: email in: query type: string description: email to get scan token usage for - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-scans-scan-id-stop path: /v1/scans/{scan_id}/stop operations: - name: post-v1-scans-scan-id-stop method: POST description: Stop Scan inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-scans-scan-id-rescan path: /v1/scans/{scan_id}/rescan operations: - name: post-v1-scans-scan-id-rescan method: POST description: Rescan scan inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-scans-vuln-vuln-id path: /v1/scans/vuln/{vuln_id} operations: - name: get-v1-scans-vuln-vulnid method: GET description: Get Scan Vulnerability inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-scans-result-scanid path: /v1/scans/result/{scanId} operations: - name: get-v1-scans-result-scanid method: GET description: Get Scan Results inputParameters: - name: severity in: query type: string description: comma separated severity e.g. severity=info,high - name: search in: query type: string description: search term - name: limit in: query type: integer description: number of results - name: offset in: query type: integer description: number of results to skip - name: templates in: query type: string description: comma separated templates e.g. templates=tech-detect,azure-takeover - name: hosts in: query type: string description: comma separated host e.g. hosts=https://example.com,https://x.com - name: domain in: query type: string description: comma separated domain names e.g-> domain=domain1.com,domain2.com - name: port in: query type: string description: comma separated ports e.g. ports=80,443 - name: time in: query type: string description: filter by time ( last_day, last_week, last_month ) - name: vuln_status in: query type: string description: comma separated vuln_status e.g vuln_status=open,fixed - name: sort_asc in: query type: string description: comma separated ascending sorting e.g sort_asc=created_at,severity - name: sort_desc in: query type: string description: comma separated descending sorting e.g sort_desc=created_at,severity - name: asset_metadata in: query type: boolean description: Asset details for the vulnerability - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-scans-vuln-vuln-id-changelogs path: /v1/scans/vuln/{vuln_id}/changelogs operations: - name: get-v1-scans-vuln-vuln-id-changelogs method: GET description: Get Vulnerability Changelogs inputParameters: - name: time in: query type: string description: time filter to select - name: event_type in: query type: string description: comma separated event_type e.g. event_type=vul_status,vul_status_change - name: sort_asc in: query type: string description: comma separated ascending sorting e.g sort_asc=created_at,severity - name: sort_desc in: query type: string description: comma separated descending sorting e.g sort_desc=created_at,severity - name: limit in: query type: integer description: number of results to get - name: offset in: query type: integer description: number of results to skip - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-scans-vuln-changelogs path: /v1/scans/vuln/changelogs operations: - name: get-v1-scans-vuln-changelogs method: GET description: Get all Vulnerability Changelogs inputParameters: - name: time in: query type: string description: time filter to select - name: event_type in: query type: string description: comma separated event_type e.g. event_type=vul_status,vul_status_change - name: sort_asc in: query type: string description: comma separated ascending sorting e.g sort_asc=created_at,severity - name: sort_desc in: query type: string description: comma separated descending sorting e.g sort_desc=created_at,severity - name: limit in: query type: integer description: number of results to get - name: offset in: query type: integer description: number of results to skip - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-scans-results path: /v1/scans/results operations: - name: get-v1-results method: GET description: Get All Results inputParameters: - name: offset in: query type: integer description: number of results to skip - name: limit in: query type: integer description: number of results to get - name: severity in: query type: string description: string separated by comma e.g. info,high - name: search in: query type: string description: search term - name: host in: query type: string description: comma separated host e.g. hosts=https://example.com,https://x.com - name: domain in: query type: string description: comma separated domain names e.g-> domain=domain1.com,domain2.com - name: port in: query type: string description: comma separated ports e.g. ports=80,443 - name: templates in: query type: string description: comma separated templates e.g. templates=tech-detect,azure-takeover - name: time in: query type: string description: filter by time ( last_day, last_week, last_month ) - name: vuln_status in: query type: string description: comma separated vuln_status e.g vuln_status=open,fixed - name: tags in: query type: string description: comma separated tags e.g tags=xss,cve - name: sort_asc in: query type: string description: comma separated ascending sorting e.g sort_asc=created_at,severity - name: sort_desc in: query type: string description: comma separated descending sorting e.g sort_desc=created_at,severity - name: is_ticket in: query type: boolean description: Return the records that have issue trackers - name: labels in: query type: string description: filter by comma separated labels e.g labels=p1,p2 - name: category in: query type: string description: filter by comma separated categories e.g category=cve,xss - name: is_regression in: query type: boolean description: filter by is_regression - name: is_internal in: query type: boolean description: filter by is_internal (internal vs external hosts) - name: asset_metadata in: query type: boolean description: Asset details for the vulnerability - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-scans-stats path: /v1/scans/stats operations: - name: get-v1-scans-stats method: GET description: Get All Scan Stats inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-scans-vuln-id-retest path: /v1/scans/{vuln_id}/retest operations: - name: post-v1-scans-vuln-id-retest method: POST description: Retest vulnerability inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-scans-results-filters path: /v1/scans/results/filters operations: - name: get-v1-scans-results-filters method: GET description: Get Scans Result Filters inputParameters: - name: offset in: query type: integer description: The number of items to skip before starting to collect the result set - name: limit in: query type: integer description: The numbers of items to return - name: scan_id in: query type: string description: specific scan_id results filters - name: severity in: query type: string description: comma separated severity e.g. severities=info,high - name: templates in: query type: string description: comma separated templates e.g. templates=tech-detect,azure-takeover - name: host in: query type: string description: comma separated host e.g. hosts=https://example.com,https://x.com - name: domain in: query type: string description: comma separated domain names e.g-> domain=domain1.com,domain2.com - name: port in: query type: string description: comma separated ports e.g. ports=80,443 - name: search in: query type: string description: search term - name: type in: query type: string required: true description: type of filter - name: time in: query type: string description: filter by time ( last_day, last_week, last_month ) - name: vuln_status in: query type: string description: comma separated vuln_status e.g vuln_status=open,fixed - name: sort_asc in: query type: string description: comma separated ascending sorting e.g sort_asc=created_at,severity - name: sort_desc in: query type: string description: comma separated descending sorting e.g sort_desc=created_at,severity - name: tags in: query type: string description: comma separated tags e.g tags=xss,cve - name: not_hosts in: query type: string description: comma separated hosts that should not be returned e.g. not_hosts=https://example.com,https://x.com - name: not_severity in: query type: string description: comma separated severity that should not be returned e.g. not_severity=info,high - name: not_templates in: query type: string description: comma separated templates that should not be returned e.g. not_templates=tech-detect,azure-takeover - name: labels in: query type: string description: filter by comma separated labels e.g labels=p1,p2 - name: category in: query type: string description: filter by comma separated categories e.g category=cve,xss - name: is_regression in: query type: boolean description: filter by is_regression - name: is_internal in: query type: boolean description: filter by is_internal (internal vs external hosts) - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' - name: start_date in: query type: string description: time filter start date - name: end_date in: query type: string description: time filter end date outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-scans-results-stats path: /v1/scans/results/stats operations: - name: get-v1-scans-results-stats method: GET description: Get Results Stats inputParameters: - name: offset in: query type: integer description: The number of items to skip before starting to collect the result set - name: limit in: query type: integer description: The numbers of items to return - name: host in: query type: string description: comma separated host e.g. hosts=https://example.com,https://x.com - name: domain in: query type: string description: comma separated domain names e.g-> domain=domain1.com,domain2.com - name: port in: query type: string description: comma separated ports e.g. ports=80,443 - name: templates in: query type: string description: comma separated templates e.g. templates=tech-detect,azure-takeover - name: severity in: query type: string description: comma separated severity e.g. severities=info,high - name: search in: query type: string description: search term - name: scan_id in: query type: string description: specific scan_id results filters - name: time in: query type: string description: filter by time ( last_day, last_week, last_month ) - name: vuln_status in: query type: string description: comma separated vuln_status e.g vuln_status=open,fixed - name: tags in: query type: string description: comma separated tags e.g tags=xss,cve - name: not_hosts in: query type: string description: comma separated hosts that should not be returned e.g. not_hosts=https://example.com,https://x.com - name: not_severity in: query type: string description: comma separated severity that should not be returned e.g. not_severity=info,high - name: not_templates in: query type: string description: comma separated templates that should not be returned e.g. not_templates=tech-detect,azure-takeover - name: labels in: query type: string description: filter by comma separated labels e.g labels=p1,p2 - name: category in: query type: string description: filter by comma separated categories e.g category=cve,xss - name: is_regression in: query type: boolean description: filter by is_regression - name: is_internal in: query type: boolean description: filter by is_internal (internal vs external hosts) - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' - name: start_date in: query type: string description: time filter start date - name: end_date in: query type: string description: time filter end date outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-scans-schedule path: /v1/scans/schedule operations: - name: get-v1-scans-schedule method: GET description: Get Scan Schedules inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: post-v1-scans-schedule method: POST description: Set Scan Schedule inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: delete-v1-scans-schedule method: DELETE description: Delete Scan Schedule inputParameters: - name: scan_id in: query type: string required: true description: scan_id of schedule to be deleted - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-retest path: /v1/retest operations: - name: get-v1-retest method: GET description: Get All Retest inputParameters: - name: offset in: query type: integer required: true description: number of results to skip - name: limit in: query type: integer required: true description: number of results - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: post-v1-retest method: POST description: Create Retest inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-retest-vuln-id path: /v1/retest/{vuln_id} operations: - name: get-v1-retest-vuln-id method: GET description: Get Retest Vulnerability inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-assets path: /v1/assets operations: - name: get-v1-assets method: GET description: Get Asset List inputParameters: - name: offset in: query type: integer description: number of assets to skip - name: limit in: query type: integer description: number of assets to fetch - name: search in: query type: string description: search term for asset list - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: post-v1-assets method: POST description: Upload Asset inputParameters: - name: name in: query type: string description: name of asset - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' - name: Content-Type in: header type: string description: set the content type header outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-assets-asset-id path: /v1/assets/{asset_Id} operations: - name: get-v1-assets-assetid method: GET description: Get Asset Metadata inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: delete-v1-assets-asset-id method: DELETE description: Delete Asset inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: patch-v1-assets-asset-id method: PATCH description: Update Asset Metadata inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-assets-asset-id-contents path: /v1/assets/{asset_id}/contents operations: - name: get-v1-assets-id-contents method: GET description: Get Asset Content inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: patch-v1-assets-asset-id-contents method: PATCH description: Update Asset Content inputParameters: - name: update_type in: query type: string description: use append or replace - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' - name: Content-Type in: header type: string description: set the content type header outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-user-notification-preference path: /v1/user/notification_preference operations: - name: get-v1-user-notification-preference method: GET description: Get User Notification Preferences outputRawFormat: json outputParameters: - name: result type: object value: $. - name: patch-v1-user-notification-preference method: PATCH description: Update User Notification Preferences outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-user-feedback path: /v1/user/feedback operations: - name: post-v1-user-feedback method: POST description: Create Feedback inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-user-delete-code path: /v1/user/delete/code operations: - name: post-v1-user-delete-code method: POST description: Email user deletion verification code inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-user path: /v1/user operations: - name: get-v1-user method: GET description: Get User Profile inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: delete-v1-user method: DELETE description: Delete user from system along with all data inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-user-apikey path: /v1/user/apikey operations: - name: get-v1-user-apikey method: GET description: Get API Key outputRawFormat: json outputParameters: - name: result type: object value: $. - name: post-v1-user-apikey method: POST description: Create API Key outputRawFormat: json outputParameters: - name: result type: object value: $. - name: delete-v1-user-apikey method: DELETE description: Delete API Key outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-user-onboarding-status path: /v1/user/onboarding_status operations: - name: get-v1-user-setup-stats method: GET description: Get User Setup Statistics outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-user-billing-assets path: /v1/user/billing_assets operations: - name: get-v1-user-billing-assets method: GET description: Get Billing Assets details outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-user-promo-code path: /v1/user/promo_code operations: - name: get-v1-user-promocode method: GET description: Get Promocode Details inputParameters: - name: promo_code in: query type: string required: true description: Promocode to get details for outputRawFormat: json outputParameters: - name: result type: object value: $. - name: post-v1-user-promocode method: POST description: Apply Promocode outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-user-apikey-rotate path: /v1/user/apikey/rotate operations: - name: post-v1-user-apikey-rotate method: POST description: Rotate API Key outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-user-domain-verification-request path: /v1/user/domain-verification/request operations: - name: post-v1-user-domain-verification-request method: POST description: Request Domain Verification inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: delete-v1-user-domain-verification-request method: DELETE description: Request Domain Delete inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-user-domain-verification-confirm path: /v1/user/domain-verification/confirm operations: - name: post-v1-user-domain-verification-confirm method: POST description: Confirm Domain Verification inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-user-domain-verification-status path: /v1/user/domain-verification/status operations: - name: get-v1-user-domain-verification-status method: GET description: Get Domain Verification Status inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' outputRawFormat: json outputParameters: - name: result type: object value: $. - name: v1-template-public path: /v1/template/public operations: - name: get-v1-template-public method: GET description: Get Public Template List inputParameters: - name: X-Team-Id in: header type: string description: 'Retrieve the Team ID from: https://cloud.projectdiscovery.io/settings/team' - name: offset in: query type: integer description: Pagination offset (no. of results to skip) - name: limit in: query type: integer description: Pagination limit (max no. of results in response) - name: fields in: query type: string description: template data fields outputRawFormat: json outputParameters: - name: result type: object value: $. exposes: - type: rest port: 8080 namespace: nuclei-rest description: REST adapter for PDCP API. resources: - path: /v2/template/search name: get-v2-template-search operations: - method: GET name: get-v2-template-search description: Search Templates call: nuclei.get-v2-template-search outputParameters: - type: object mapping: $. - path: /v2/template/user/upload name: post-v2-template-user-upload operations: - method: POST name: post-v2-template-user-upload description: Upload Templates call: nuclei.post-v2-template-user-upload outputParameters: - type: object mapping: $. - path: /v2/template/user/upload name: patch-v2-template-user-upload operations: - method: PATCH name: patch-v2-template-user-upload description: Bulk Update User Template call: nuclei.patch-v2-template-user-upload outputParameters: - type: object mapping: $. - path: /v1/scans name: get-v1-scans operations: - method: GET name: get-v1-scans description: Get Scan List call: nuclei.get-v1-scans outputParameters: - type: object mapping: $. - path: /v1/scans name: post-v1-scans operations: - method: POST name: post-v1-scans description: Create Scan call: nuclei.post-v1-scans outputParameters: - type: object mapping: $. - path: /v1/scans name: delete-v1-scans operations: - method: DELETE name: delete-v1-scans description: Delete Scan in bulk call: nuclei.delete-v1-scans outputParameters: - type: object mapping: $. - path: /v1/scans/{scan_id} name: get-v1-scans-scan-id operations: - method: GET name: get-v1-scans-scan-id description: Get Scan call: nuclei.get-v1-scans-scan-id outputParameters: - type: object mapping: $. - path: /v1/scans/{scan_id} name: delete-v1-scans-scan-id operations: - method: DELETE name: delete-v1-scans-scan-id description: Delete Scan call: nuclei.delete-v1-scans-scan-id outputParameters: - type: object mapping: $. - path: /v1/scans/{scan_id} name: patch-v1-scans-scan-id operations: - method: PATCH name: patch-v1-scans-scan-id description: Update Scan call: nuclei.patch-v1-scans-scan-id outputParameters: - type: object mapping: $. - path: /v1/scans/import name: post-v1-scans-import operations: - method: POST name: post-v1-scans-import description: Import OSS Scan call: nuclei.post-v1-scans-import outputParameters: - type: object mapping: $. - path: /v1/admin/user/search name: get-v1-admin-user-search operations: - method: GET name: get-v1-admin-user-search description: Search user by name or email call: nuclei.get-v1-admin-user-search outputParameters: - type: object mapping: $. - path: /v1/admin/user/billing_assets name: get-v1-admin-user-billing-assets operations: - method: GET name: get-v1-admin-user-billing-assets description: Get billing assets for a user call: nuclei.get-v1-admin-user-billing-assets outputParameters: - type: object mapping: $. - path: /v1/admin/user/audit_logs name: get-v1-admin-user-audit-logs operations: - method: GET name: get-v1-admin-user-audit-logs description: Get audit logs for a user call: nuclei.get-v1-admin-user-audit-logs outputParameters: - type: object mapping: $. - path: /v1/admin/team/change_owner name: post-v1-admin-team-change-owner operations: - method: POST name: post-v1-admin-team-change-owner description: change owner for a team (New owner will take control of the existing owner's subscription) call: nuclei.post-v1-admin-team-change-owner outputParameters: - type: object mapping: $. - path: /v1/admin/scan/token name: post-v1-admin-scan-token operations: - method: POST name: post-v1-admin-scan-token description: Set Scan token for user call: nuclei.post-v1-admin-scan-token outputParameters: - type: object mapping: $. - path: /v1/admin/scan/token name: patch-v1-admin-scan-token operations: - method: PATCH name: patch-v1-admin-scan-token description: Update Scan token for user call: nuclei.patch-v1-admin-scan-token outputParameters: - type: object mapping: $. - path: /v1/admin/scan/token name: get-v1-admin-scan-token operations: - method: GET name: get-v1-admin-scan-token description: Get Token Usage (admin) call: nuclei.get-v1-admin-scan-token outputParameters: - type: object mapping: $. - path: /v1/scans/{scan_id}/stop name: post-v1-scans-scan-id-stop operations: - method: POST name: post-v1-scans-scan-id-stop description: Stop Scan call: nuclei.post-v1-scans-scan-id-stop outputParameters: - type: object mapping: $. - path: /v1/scans/{scan_id}/rescan name: post-v1-scans-scan-id-rescan operations: - method: POST name: post-v1-scans-scan-id-rescan description: Rescan scan call: nuclei.post-v1-scans-scan-id-rescan outputParameters: - type: object mapping: $. - path: /v1/scans/vuln/{vuln_id} name: get-v1-scans-vuln-vulnid operations: - method: GET name: get-v1-scans-vuln-vulnid description: Get Scan Vulnerability call: nuclei.get-v1-scans-vuln-vulnid outputParameters: - type: object mapping: $. - path: /v1/scans/result/{scanId} name: get-v1-scans-result-scanid operations: - method: GET name: get-v1-scans-result-scanid description: Get Scan Results call: nuclei.get-v1-scans-result-scanid outputParameters: - type: object mapping: $. - path: /v1/scans/vuln/{vuln_id}/changelogs name: get-v1-scans-vuln-vuln-id-changelogs operations: - method: GET name: get-v1-scans-vuln-vuln-id-changelogs description: Get Vulnerability Changelogs call: nuclei.get-v1-scans-vuln-vuln-id-changelogs outputParameters: - type: object mapping: $. - path: /v1/scans/vuln/changelogs name: get-v1-scans-vuln-changelogs operations: - method: GET name: get-v1-scans-vuln-changelogs description: Get all Vulnerability Changelogs call: nuclei.get-v1-scans-vuln-changelogs outputParameters: - type: object mapping: $. - path: /v1/scans/results name: get-v1-results operations: - method: GET name: get-v1-results description: Get All Results call: nuclei.get-v1-results outputParameters: - type: object mapping: $. - path: /v1/scans/stats name: get-v1-scans-stats operations: - method: GET name: get-v1-scans-stats description: Get All Scan Stats call: nuclei.get-v1-scans-stats outputParameters: - type: object mapping: $. - path: /v1/scans/{vuln_id}/retest name: post-v1-scans-vuln-id-retest operations: - method: POST name: post-v1-scans-vuln-id-retest description: Retest vulnerability call: nuclei.post-v1-scans-vuln-id-retest outputParameters: - type: object mapping: $. - path: /v1/scans/results/filters name: get-v1-scans-results-filters operations: - method: GET name: get-v1-scans-results-filters description: Get Scans Result Filters call: nuclei.get-v1-scans-results-filters outputParameters: - type: object mapping: $. - path: /v1/scans/results/stats name: get-v1-scans-results-stats operations: - method: GET name: get-v1-scans-results-stats description: Get Results Stats call: nuclei.get-v1-scans-results-stats outputParameters: - type: object mapping: $. - path: /v1/scans/schedule name: get-v1-scans-schedule operations: - method: GET name: get-v1-scans-schedule description: Get Scan Schedules call: nuclei.get-v1-scans-schedule outputParameters: - type: object mapping: $. - path: /v1/scans/schedule name: post-v1-scans-schedule operations: - method: POST name: post-v1-scans-schedule description: Set Scan Schedule call: nuclei.post-v1-scans-schedule outputParameters: - type: object mapping: $. - path: /v1/scans/schedule name: delete-v1-scans-schedule operations: - method: DELETE name: delete-v1-scans-schedule description: Delete Scan Schedule call: nuclei.delete-v1-scans-schedule outputParameters: - type: object mapping: $. - path: /v1/retest name: get-v1-retest operations: - method: GET name: get-v1-retest description: Get All Retest call: nuclei.get-v1-retest outputParameters: - type: object mapping: $. - path: /v1/retest name: post-v1-retest operations: - method: POST name: post-v1-retest description: Create Retest call: nuclei.post-v1-retest outputParameters: - type: object mapping: $. - path: /v1/retest/{vuln_id} name: get-v1-retest-vuln-id operations: - method: GET name: get-v1-retest-vuln-id description: Get Retest Vulnerability call: nuclei.get-v1-retest-vuln-id outputParameters: - type: object mapping: $. - path: /v1/assets name: get-v1-assets operations: - method: GET name: get-v1-assets description: Get Asset List call: nuclei.get-v1-assets outputParameters: - type: object mapping: $. - path: /v1/assets name: post-v1-assets operations: - method: POST name: post-v1-assets description: Upload Asset call: nuclei.post-v1-assets outputParameters: - type: object mapping: $. - path: /v1/assets/{asset_Id} name: get-v1-assets-assetid operations: - method: GET name: get-v1-assets-assetid description: Get Asset Metadata call: nuclei.get-v1-assets-assetid outputParameters: - type: object mapping: $. - path: /v1/assets/{asset_Id} name: delete-v1-assets-asset-id operations: - method: DELETE name: delete-v1-assets-asset-id description: Delete Asset call: nuclei.delete-v1-assets-asset-id outputParameters: - type: object mapping: $. - path: /v1/assets/{asset_Id} name: patch-v1-assets-asset-id operations: - method: PATCH name: patch-v1-assets-asset-id description: Update Asset Metadata call: nuclei.patch-v1-assets-asset-id outputParameters: - type: object mapping: $. - path: /v1/assets/{asset_id}/contents name: get-v1-assets-id-contents operations: - method: GET name: get-v1-assets-id-contents description: Get Asset Content call: nuclei.get-v1-assets-id-contents outputParameters: - type: object mapping: $. - path: /v1/assets/{asset_id}/contents name: patch-v1-assets-asset-id-contents operations: - method: PATCH name: patch-v1-assets-asset-id-contents description: Update Asset Content call: nuclei.patch-v1-assets-asset-id-contents outputParameters: - type: object mapping: $. - path: /v1/user/notification_preference name: get-v1-user-notification-preference operations: - method: GET name: get-v1-user-notification-preference description: Get User Notification Preferences call: nuclei.get-v1-user-notification-preference outputParameters: - type: object mapping: $. - path: /v1/user/notification_preference name: patch-v1-user-notification-preference operations: - method: PATCH name: patch-v1-user-notification-preference description: Update User Notification Preferences call: nuclei.patch-v1-user-notification-preference outputParameters: - type: object mapping: $. - path: /v1/user/feedback name: post-v1-user-feedback operations: - method: POST name: post-v1-user-feedback description: Create Feedback call: nuclei.post-v1-user-feedback outputParameters: - type: object mapping: $. - path: /v1/user/delete/code name: post-v1-user-delete-code operations: - method: POST name: post-v1-user-delete-code description: Email user deletion verification code call: nuclei.post-v1-user-delete-code outputParameters: - type: object mapping: $. - path: /v1/user name: get-v1-user operations: - method: GET name: get-v1-user description: Get User Profile call: nuclei.get-v1-user outputParameters: - type: object mapping: $. - path: /v1/user name: delete-v1-user operations: - method: DELETE name: delete-v1-user description: Delete user from system along with all data call: nuclei.delete-v1-user outputParameters: - type: object mapping: $. - path: /v1/user/apikey name: get-v1-user-apikey operations: - method: GET name: get-v1-user-apikey description: Get API Key call: nuclei.get-v1-user-apikey outputParameters: - type: object mapping: $. - path: /v1/user/apikey name: post-v1-user-apikey operations: - method: POST name: post-v1-user-apikey description: Create API Key call: nuclei.post-v1-user-apikey outputParameters: - type: object mapping: $. - path: /v1/user/apikey name: delete-v1-user-apikey operations: - method: DELETE name: delete-v1-user-apikey description: Delete API Key call: nuclei.delete-v1-user-apikey outputParameters: - type: object mapping: $. - path: /v1/user/onboarding_status name: get-v1-user-setup-stats operations: - method: GET name: get-v1-user-setup-stats description: Get User Setup Statistics call: nuclei.get-v1-user-setup-stats outputParameters: - type: object mapping: $. - path: /v1/user/billing_assets name: get-v1-user-billing-assets operations: - method: GET name: get-v1-user-billing-assets description: Get Billing Assets details call: nuclei.get-v1-user-billing-assets outputParameters: - type: object mapping: $. - path: /v1/user/promo_code name: get-v1-user-promocode operations: - method: GET name: get-v1-user-promocode description: Get Promocode Details call: nuclei.get-v1-user-promocode outputParameters: - type: object mapping: $. - path: /v1/user/promo_code name: post-v1-user-promocode operations: - method: POST name: post-v1-user-promocode description: Apply Promocode call: nuclei.post-v1-user-promocode outputParameters: - type: object mapping: $. - path: /v1/user/apikey/rotate name: post-v1-user-apikey-rotate operations: - method: POST name: post-v1-user-apikey-rotate description: Rotate API Key call: nuclei.post-v1-user-apikey-rotate outputParameters: - type: object mapping: $. - path: /v1/user/domain-verification/request name: post-v1-user-domain-verification-request operations: - method: POST name: post-v1-user-domain-verification-request description: Request Domain Verification call: nuclei.post-v1-user-domain-verification-request outputParameters: - type: object mapping: $. - path: /v1/user/domain-verification/request name: delete-v1-user-domain-verification-request operations: - method: DELETE name: delete-v1-user-domain-verification-request description: Request Domain Delete call: nuclei.delete-v1-user-domain-verification-request outputParameters: - type: object mapping: $. - path: /v1/user/domain-verification/confirm name: post-v1-user-domain-verification-confirm operations: - method: POST name: post-v1-user-domain-verification-confirm description: Confirm Domain Verification call: nuclei.post-v1-user-domain-verification-confirm outputParameters: - type: object mapping: $. - path: /v1/user/domain-verification/status name: get-v1-user-domain-verification-status operations: - method: GET name: get-v1-user-domain-verification-status description: Get Domain Verification Status call: nuclei.get-v1-user-domain-verification-status outputParameters: - type: object mapping: $. - path: /v1/template/public name: get-v1-template-public operations: - method: GET name: get-v1-template-public description: Get Public Template List call: nuclei.get-v1-template-public outputParameters: - type: object mapping: $. - type: mcp port: 9090 namespace: nuclei-mcp transport: http description: MCP adapter for PDCP API for AI agent use. tools: - name: get-v2-template-search description: Search Templates hints: readOnly: true destructive: false idempotent: true call: nuclei.get-v2-template-search with: scope: tools.scope limit: tools.limit offset: tools.offset fields: tools.fields sort_asc: tools.sort_asc sort_desc: tools.sort_desc q: tools.q highlight: tools.highlight facet_size: tools.facet_size inputParameters: - name: scope type: string description: Scope of templates to search (public or private) - name: limit type: integer description: Maximum number of results to return - name: offset type: integer description: Number of results to skip for pagination - name: fields type: string description: Specific fields to return in the response - name: sort_asc type: string description: Field to sort results in ascending order - name: sort_desc type: string description: Field to sort results in descending order - name: q type: string description: Search query string - name: highlight type: boolean description: Whether to highlight search matches in results - name: facet_size type: integer description: Number of facets to return in the response outputParameters: - type: object mapping: $. - name: post-v2-template-user-upload description: Upload Templates hints: readOnly: false destructive: false idempotent: false call: nuclei.post-v2-template-user-upload outputParameters: - type: object mapping: $. - name: patch-v2-template-user-upload description: Bulk Update User Template hints: readOnly: false destructive: false idempotent: false call: nuclei.patch-v2-template-user-upload outputParameters: - type: object mapping: $. - name: get-v1-scans description: Get Scan List hints: readOnly: true destructive: false idempotent: true call: nuclei.get-v1-scans with: offset: tools.offset limit: tools.limit search: tools.search status: tools.status sort_asc: tools.sort_asc sort_desc: tools.sort_desc is_internal: tools.is_internal inputParameters: - name: offset type: integer description: number of scan-status results to skip - name: limit type: integer description: number of scan-status results to fetch - name: search type: string description: search term for running scans - name: status type: string description: filter by status (failed, finished, queued, running, starting, uploaded, scheduled) - name: sort_asc type: string description: comma separated ascending sorting e.g sort_asc=created_at,severity - name: sort_desc type: string description: comma separated descending sorting e.g sort_desc=created_at,severity - name: is_internal type: boolean description: filter by internal scans outputParameters: - type: object mapping: $. - name: post-v1-scans description: Create Scan hints: readOnly: false destructive: false idempotent: false call: nuclei.post-v1-scans outputParameters: - type: object mapping: $. - name: delete-v1-scans description: Delete Scan in bulk hints: readOnly: false destructive: true idempotent: true call: nuclei.delete-v1-scans outputParameters: - type: object mapping: $. - name: get-v1-scans-scan-id description: Get Scan hints: readOnly: true destructive: false idempotent: true call: nuclei.get-v1-scans-scan-id outputParameters: - type: object mapping: $. - name: delete-v1-scans-scan-id description: Delete Scan hints: readOnly: false destructive: true idempotent: true call: nuclei.delete-v1-scans-scan-id outputParameters: - type: object mapping: $. - name: patch-v1-scans-scan-id description: Update Scan hints: readOnly: false destructive: false idempotent: false call: nuclei.patch-v1-scans-scan-id outputParameters: - type: object mapping: $. - name: post-v1-scans-import description: Import OSS Scan hints: readOnly: false destructive: false idempotent: false call: nuclei.post-v1-scans-import with: name: tools.name inputParameters: - name: name type: string description: name outputParameters: - type: object mapping: $. - name: get-v1-admin-user-search description: Search user by name or email hints: readOnly: true destructive: false idempotent: true call: nuclei.get-v1-admin-user-search with: q: tools.q plan: tools.plan offset: tools.offset limit: tools.limit inputParameters: - name: q type: string description: name or email filter - name: plan type: string description: plan filter - name: offset type: integer description: offset for pagination - name: limit type: integer description: limit for pagination outputParameters: - type: object mapping: $. - name: get-v1-admin-user-billing-assets description: Get billing assets for a user hints: readOnly: true destructive: false idempotent: true call: nuclei.get-v1-admin-user-billing-assets with: email: tools.email inputParameters: - name: email type: string description: email of the user required: true outputParameters: - type: object mapping: $. - name: get-v1-admin-user-audit-logs description: Get audit logs for a user hints: readOnly: true destructive: false idempotent: true call: nuclei.get-v1-admin-user-audit-logs with: email: tools.email user_id: tools.user_id offset: tools.offset path_name: tools.path_name status_code: tools.status_code status_code_not: tools.status_code_not limit: tools.limit inputParameters: - name: email type: string description: email of the user - name: user_id type: integer description: user id of the user - name: offset type: integer description: offset for pagination - name: path_name type: string description: path name filter - name: status_code type: string description: status code filter comma separated e.g status_code=200,404 - name: status_code_not type: string description: status code not filter comma separated e.g status_code_not=200,404 - name: limit type: integer description: limit for pagination outputParameters: - type: object mapping: $. - name: post-v1-admin-team-change-owner description: change owner for a team (New owner will take control of the existing owner's subscription) hints: readOnly: false destructive: false idempotent: false call: nuclei.post-v1-admin-team-change-owner outputParameters: - type: object mapping: $. - name: post-v1-admin-scan-token description: Set Scan token for user hints: readOnly: false destructive: false idempotent: false call: nuclei.post-v1-admin-scan-token with: method: tools.method inputParameters: - name: method type: string description: '''create'' or ''update'' mode' required: true outputParameters: - type: object mapping: $. - name: patch-v1-admin-scan-token description: Update Scan token for user hints: readOnly: false destructive: false idempotent: false call: nuclei.patch-v1-admin-scan-token outputParameters: - type: object mapping: $. - name: get-v1-admin-scan-token description: Get Token Usage (admin) hints: readOnly: true destructive: false idempotent: true call: nuclei.get-v1-admin-scan-token with: user_id: tools.user_id email: tools.email inputParameters: - name: user_id type: integer description: user id to get scan token usage for required: true - name: email type: string description: email to get scan token usage for outputParameters: - type: object mapping: $. - name: post-v1-scans-scan-id-stop description: Stop Scan hints: readOnly: false destructive: false idempotent: false call: nuclei.post-v1-scans-scan-id-stop outputParameters: - type: object mapping: $. - name: post-v1-scans-scan-id-rescan description: Rescan scan hints: readOnly: false destructive: false idempotent: false call: nuclei.post-v1-scans-scan-id-rescan outputParameters: - type: object mapping: $. - name: get-v1-scans-vuln-vulnid description: Get Scan Vulnerability hints: readOnly: true destructive: false idempotent: true call: nuclei.get-v1-scans-vuln-vulnid outputParameters: - type: object mapping: $. - name: get-v1-scans-result-scanid description: Get Scan Results hints: readOnly: true destructive: false idempotent: true call: nuclei.get-v1-scans-result-scanid with: severity: tools.severity search: tools.search limit: tools.limit offset: tools.offset templates: tools.templates hosts: tools.hosts domain: tools.domain port: tools.port time: tools.time vuln_status: tools.vuln_status sort_asc: tools.sort_asc sort_desc: tools.sort_desc asset_metadata: tools.asset_metadata inputParameters: - name: severity type: string description: comma separated severity e.g. severity=info,high - name: search type: string description: search term - name: limit type: integer description: number of results - name: offset type: integer description: number of results to skip - name: templates type: string description: comma separated templates e.g. templates=tech-detect,azure-takeover - name: hosts type: string description: comma separated host e.g. hosts=https://example.com,https://x.com - name: domain type: string description: comma separated domain names e.g-> domain=domain1.com,domain2.com - name: port type: string description: comma separated ports e.g. ports=80,443 - name: time type: string description: filter by time ( last_day, last_week, last_month ) - name: vuln_status type: string description: comma separated vuln_status e.g vuln_status=open,fixed - name: sort_asc type: string description: comma separated ascending sorting e.g sort_asc=created_at,severity - name: sort_desc type: string description: comma separated descending sorting e.g sort_desc=created_at,severity - name: asset_metadata type: boolean description: Asset details for the vulnerability outputParameters: - type: object mapping: $. - name: get-v1-scans-vuln-vuln-id-changelogs description: Get Vulnerability Changelogs hints: readOnly: true destructive: false idempotent: true call: nuclei.get-v1-scans-vuln-vuln-id-changelogs with: time: tools.time event_type: tools.event_type sort_asc: tools.sort_asc sort_desc: tools.sort_desc limit: tools.limit offset: tools.offset inputParameters: - name: time type: string description: time filter to select - name: event_type type: string description: comma separated event_type e.g. event_type=vul_status,vul_status_change - name: sort_asc type: string description: comma separated ascending sorting e.g sort_asc=created_at,severity - name: sort_desc type: string description: comma separated descending sorting e.g sort_desc=created_at,severity - name: limit type: integer description: number of results to get - name: offset type: integer description: number of results to skip outputParameters: - type: object mapping: $. - name: get-v1-scans-vuln-changelogs description: Get all Vulnerability Changelogs hints: readOnly: true destructive: false idempotent: true call: nuclei.get-v1-scans-vuln-changelogs with: time: tools.time event_type: tools.event_type sort_asc: tools.sort_asc sort_desc: tools.sort_desc limit: tools.limit offset: tools.offset inputParameters: - name: time type: string description: time filter to select - name: event_type type: string description: comma separated event_type e.g. event_type=vul_status,vul_status_change - name: sort_asc type: string description: comma separated ascending sorting e.g sort_asc=created_at,severity - name: sort_desc type: string description: comma separated descending sorting e.g sort_desc=created_at,severity - name: limit type: integer description: number of results to get - name: offset type: integer description: number of results to skip outputParameters: - type: object mapping: $. - name: get-v1-results description: Get All Results hints: readOnly: true destructive: false idempotent: true call: nuclei.get-v1-results with: offset: tools.offset limit: tools.limit severity: tools.severity search: tools.search host: tools.host domain: tools.domain port: tools.port templates: tools.templates time: tools.time vuln_status: tools.vuln_status tags: tools.tags sort_asc: tools.sort_asc sort_desc: tools.sort_desc is_ticket: tools.is_ticket labels: tools.labels category: tools.category is_regression: tools.is_regression is_internal: tools.is_internal asset_metadata: tools.asset_metadata inputParameters: - name: offset type: integer description: number of results to skip - name: limit type: integer description: number of results to get - name: severity type: string description: string separated by comma e.g. info,high - name: search type: string description: search term - name: host type: string description: comma separated host e.g. hosts=https://example.com,https://x.com - name: domain type: string description: comma separated domain names e.g-> domain=domain1.com,domain2.com - name: port type: string description: comma separated ports e.g. ports=80,443 - name: templates type: string description: comma separated templates e.g. templates=tech-detect,azure-takeover - name: time type: string description: filter by time ( last_day, last_week, last_month ) - name: vuln_status type: string description: comma separated vuln_status e.g vuln_status=open,fixed - name: tags type: string description: comma separated tags e.g tags=xss,cve - name: sort_asc type: string description: comma separated ascending sorting e.g sort_asc=created_at,severity - name: sort_desc type: string description: comma separated descending sorting e.g sort_desc=created_at,severity - name: is_ticket type: boolean description: Return the records that have issue trackers - name: labels type: string description: filter by comma separated labels e.g labels=p1,p2 - name: category type: string description: filter by comma separated categories e.g category=cve,xss - name: is_regression type: boolean description: filter by is_regression - name: is_internal type: boolean description: filter by is_internal (internal vs external hosts) - name: asset_metadata type: boolean description: Asset details for the vulnerability outputParameters: - type: object mapping: $. - name: get-v1-scans-stats description: Get All Scan Stats hints: readOnly: true destructive: false idempotent: true call: nuclei.get-v1-scans-stats outputParameters: - type: object mapping: $. - name: post-v1-scans-vuln-id-retest description: Retest vulnerability hints: readOnly: false destructive: false idempotent: false call: nuclei.post-v1-scans-vuln-id-retest outputParameters: - type: object mapping: $. - name: get-v1-scans-results-filters description: Get Scans Result Filters hints: readOnly: true destructive: false idempotent: true call: nuclei.get-v1-scans-results-filters with: offset: tools.offset limit: tools.limit scan_id: tools.scan_id severity: tools.severity templates: tools.templates host: tools.host domain: tools.domain port: tools.port search: tools.search type: tools.type time: tools.time vuln_status: tools.vuln_status sort_asc: tools.sort_asc sort_desc: tools.sort_desc tags: tools.tags not_hosts: tools.not_hosts not_severity: tools.not_severity not_templates: tools.not_templates labels: tools.labels category: tools.category is_regression: tools.is_regression is_internal: tools.is_internal start_date: tools.start_date end_date: tools.end_date inputParameters: - name: offset type: integer description: The number of items to skip before starting to collect the result set - name: limit type: integer description: The numbers of items to return - name: scan_id type: string description: specific scan_id results filters - name: severity type: string description: comma separated severity e.g. severities=info,high - name: templates type: string description: comma separated templates e.g. templates=tech-detect,azure-takeover - name: host type: string description: comma separated host e.g. hosts=https://example.com,https://x.com - name: domain type: string description: comma separated domain names e.g-> domain=domain1.com,domain2.com - name: port type: string description: comma separated ports e.g. ports=80,443 - name: search type: string description: search term - name: type type: string description: type of filter required: true - name: time type: string description: filter by time ( last_day, last_week, last_month ) - name: vuln_status type: string description: comma separated vuln_status e.g vuln_status=open,fixed - name: sort_asc type: string description: comma separated ascending sorting e.g sort_asc=created_at,severity - name: sort_desc type: string description: comma separated descending sorting e.g sort_desc=created_at,severity - name: tags type: string description: comma separated tags e.g tags=xss,cve - name: not_hosts type: string description: comma separated hosts that should not be returned e.g. not_hosts=https://example.com,https://x.com - name: not_severity type: string description: comma separated severity that should not be returned e.g. not_severity=info,high - name: not_templates type: string description: comma separated templates that should not be returned e.g. not_templates=tech-detect,azure-takeover - name: labels type: string description: filter by comma separated labels e.g labels=p1,p2 - name: category type: string description: filter by comma separated categories e.g category=cve,xss - name: is_regression type: boolean description: filter by is_regression - name: is_internal type: boolean description: filter by is_internal (internal vs external hosts) - name: start_date type: string description: time filter start date - name: end_date type: string description: time filter end date outputParameters: - type: object mapping: $. - name: get-v1-scans-results-stats description: Get Results Stats hints: readOnly: true destructive: false idempotent: true call: nuclei.get-v1-scans-results-stats with: offset: tools.offset limit: tools.limit host: tools.host domain: tools.domain port: tools.port templates: tools.templates severity: tools.severity search: tools.search scan_id: tools.scan_id time: tools.time vuln_status: tools.vuln_status tags: tools.tags not_hosts: tools.not_hosts not_severity: tools.not_severity not_templates: tools.not_templates labels: tools.labels category: tools.category is_regression: tools.is_regression is_internal: tools.is_internal start_date: tools.start_date end_date: tools.end_date inputParameters: - name: offset type: integer description: The number of items to skip before starting to collect the result set - name: limit type: integer description: The numbers of items to return - name: host type: string description: comma separated host e.g. hosts=https://example.com,https://x.com - name: domain type: string description: comma separated domain names e.g-> domain=domain1.com,domain2.com - name: port type: string description: comma separated ports e.g. ports=80,443 - name: templates type: string description: comma separated templates e.g. templates=tech-detect,azure-takeover - name: severity type: string description: comma separated severity e.g. severities=info,high - name: search type: string description: search term - name: scan_id type: string description: specific scan_id results filters - name: time type: string description: filter by time ( last_day, last_week, last_month ) - name: vuln_status type: string description: comma separated vuln_status e.g vuln_status=open,fixed - name: tags type: string description: comma separated tags e.g tags=xss,cve - name: not_hosts type: string description: comma separated hosts that should not be returned e.g. not_hosts=https://example.com,https://x.com - name: not_severity type: string description: comma separated severity that should not be returned e.g. not_severity=info,high - name: not_templates type: string description: comma separated templates that should not be returned e.g. not_templates=tech-detect,azure-takeover - name: labels type: string description: filter by comma separated labels e.g labels=p1,p2 - name: category type: string description: filter by comma separated categories e.g category=cve,xss - name: is_regression type: boolean description: filter by is_regression - name: is_internal type: boolean description: filter by is_internal (internal vs external hosts) - name: start_date type: string description: time filter start date - name: end_date type: string description: time filter end date outputParameters: - type: object mapping: $. - name: get-v1-scans-schedule description: Get Scan Schedules hints: readOnly: true destructive: false idempotent: true call: nuclei.get-v1-scans-schedule outputParameters: - type: object mapping: $. - name: post-v1-scans-schedule description: Set Scan Schedule hints: readOnly: false destructive: false idempotent: false call: nuclei.post-v1-scans-schedule outputParameters: - type: object mapping: $. - name: delete-v1-scans-schedule description: Delete Scan Schedule hints: readOnly: false destructive: true idempotent: true call: nuclei.delete-v1-scans-schedule with: scan_id: tools.scan_id inputParameters: - name: scan_id type: string description: scan_id of schedule to be deleted required: true outputParameters: - type: object mapping: $. - name: get-v1-retest description: Get All Retest hints: readOnly: true destructive: false idempotent: true call: nuclei.get-v1-retest with: offset: tools.offset limit: tools.limit inputParameters: - name: offset type: integer description: number of results to skip required: true - name: limit type: integer description: number of results required: true outputParameters: - type: object mapping: $. - name: post-v1-retest description: Create Retest hints: readOnly: false destructive: false idempotent: false call: nuclei.post-v1-retest outputParameters: - type: object mapping: $. - name: get-v1-retest-vuln-id description: Get Retest Vulnerability hints: readOnly: true destructive: false idempotent: true call: nuclei.get-v1-retest-vuln-id outputParameters: - type: object mapping: $. - name: get-v1-assets description: Get Asset List hints: readOnly: true destructive: false idempotent: true call: nuclei.get-v1-assets with: offset: tools.offset limit: tools.limit search: tools.search inputParameters: - name: offset type: integer description: number of assets to skip - name: limit type: integer description: number of assets to fetch - name: search type: string description: search term for asset list outputParameters: - type: object mapping: $. - name: post-v1-assets description: Upload Asset hints: readOnly: false destructive: false idempotent: false call: nuclei.post-v1-assets with: name: tools.name inputParameters: - name: name type: string description: name of asset outputParameters: - type: object mapping: $. - name: get-v1-assets-assetid description: Get Asset Metadata hints: readOnly: true destructive: false idempotent: true call: nuclei.get-v1-assets-assetid outputParameters: - type: object mapping: $. - name: delete-v1-assets-asset-id description: Delete Asset hints: readOnly: false destructive: true idempotent: true call: nuclei.delete-v1-assets-asset-id outputParameters: - type: object mapping: $. - name: patch-v1-assets-asset-id description: Update Asset Metadata hints: readOnly: false destructive: false idempotent: false call: nuclei.patch-v1-assets-asset-id outputParameters: - type: object mapping: $. - name: get-v1-assets-id-contents description: Get Asset Content hints: readOnly: true destructive: false idempotent: true call: nuclei.get-v1-assets-id-contents outputParameters: - type: object mapping: $. - name: patch-v1-assets-asset-id-contents description: Update Asset Content hints: readOnly: false destructive: false idempotent: false call: nuclei.patch-v1-assets-asset-id-contents with: update_type: tools.update_type inputParameters: - name: update_type type: string description: use append or replace outputParameters: - type: object mapping: $. - name: get-v1-user-notification-preference description: Get User Notification Preferences hints: readOnly: true destructive: false idempotent: true call: nuclei.get-v1-user-notification-preference outputParameters: - type: object mapping: $. - name: patch-v1-user-notification-preference description: Update User Notification Preferences hints: readOnly: false destructive: false idempotent: false call: nuclei.patch-v1-user-notification-preference outputParameters: - type: object mapping: $. - name: post-v1-user-feedback description: Create Feedback hints: readOnly: false destructive: false idempotent: false call: nuclei.post-v1-user-feedback outputParameters: - type: object mapping: $. - name: post-v1-user-delete-code description: Email user deletion verification code hints: readOnly: false destructive: false idempotent: false call: nuclei.post-v1-user-delete-code outputParameters: - type: object mapping: $. - name: get-v1-user description: Get User Profile hints: readOnly: true destructive: false idempotent: true call: nuclei.get-v1-user outputParameters: - type: object mapping: $. - name: delete-v1-user description: Delete user from system along with all data hints: readOnly: false destructive: true idempotent: true call: nuclei.delete-v1-user outputParameters: - type: object mapping: $. - name: get-v1-user-apikey description: Get API Key hints: readOnly: true destructive: false idempotent: true call: nuclei.get-v1-user-apikey outputParameters: - type: object mapping: $. - name: post-v1-user-apikey description: Create API Key hints: readOnly: false destructive: false idempotent: false call: nuclei.post-v1-user-apikey outputParameters: - type: object mapping: $. - name: delete-v1-user-apikey description: Delete API Key hints: readOnly: false destructive: true idempotent: true call: nuclei.delete-v1-user-apikey outputParameters: - type: object mapping: $. - name: get-v1-user-setup-stats description: Get User Setup Statistics hints: readOnly: true destructive: false idempotent: true call: nuclei.get-v1-user-setup-stats outputParameters: - type: object mapping: $. - name: get-v1-user-billing-assets description: Get Billing Assets details hints: readOnly: true destructive: false idempotent: true call: nuclei.get-v1-user-billing-assets outputParameters: - type: object mapping: $. - name: get-v1-user-promocode description: Get Promocode Details hints: readOnly: true destructive: false idempotent: true call: nuclei.get-v1-user-promocode with: promo_code: tools.promo_code inputParameters: - name: promo_code type: string description: Promocode to get details for required: true outputParameters: - type: object mapping: $. - name: post-v1-user-promocode description: Apply Promocode hints: readOnly: false destructive: false idempotent: false call: nuclei.post-v1-user-promocode outputParameters: - type: object mapping: $. - name: post-v1-user-apikey-rotate description: Rotate API Key hints: readOnly: false destructive: false idempotent: false call: nuclei.post-v1-user-apikey-rotate outputParameters: - type: object mapping: $. - name: post-v1-user-domain-verification-request description: Request Domain Verification hints: readOnly: false destructive: false idempotent: false call: nuclei.post-v1-user-domain-verification-request outputParameters: - type: object mapping: $. - name: delete-v1-user-domain-verification-request description: Request Domain Delete hints: readOnly: false destructive: true idempotent: true call: nuclei.delete-v1-user-domain-verification-request outputParameters: - type: object mapping: $. - name: post-v1-user-domain-verification-confirm description: Confirm Domain Verification hints: readOnly: false destructive: false idempotent: false call: nuclei.post-v1-user-domain-verification-confirm outputParameters: - type: object mapping: $. - name: get-v1-user-domain-verification-status description: Get Domain Verification Status hints: readOnly: true destructive: false idempotent: true call: nuclei.get-v1-user-domain-verification-status outputParameters: - type: object mapping: $. - name: get-v1-template-public description: Get Public Template List hints: readOnly: true destructive: false idempotent: true call: nuclei.get-v1-template-public with: offset: tools.offset limit: tools.limit fields: tools.fields inputParameters: - name: offset type: integer description: Pagination offset (no. of results to skip) - name: limit type: integer description: Pagination limit (max no. of results in response) - name: fields type: string description: template data fields outputParameters: - type: object mapping: $. binds: - namespace: env keys: NUCLEI_TOKEN: NUCLEI_TOKEN