Adding Discord Alerts to Nuclei
June 20, 2025
Automating Your Nuclei Recon Pipeline
🛡️ Important: Nuclei should only be used for ethical purposes, such as authorized security testing, bug bounty programs, or educational research. Never run recon tools like Nuclei against systems you don’t own or have explicit permission to test. This guide assumes you’re using Nuclei responsibly and legally.
Now that you’ve learned how to run scans, rotate IPs, and trigger Discord alerts — let’s automate the whole recon flow. This script ties everything together into a repeatable, single-command bug bounty recon pipeline using subfinder, httpx, nuclei, NordVPN, and Discord alerts.
What This Script Does
- Enumerates subdomains using
subfinder - Probes for live hosts using
httpx - Rotates your NordVPN IP between each target
- Runs Nuclei with tuned templates and filters
- Sends results to Discord if any vulnerabilities are found
Full Bash Script
Save this as nuclei-recon.sh and make it executable with chmod +x nuclei-recon.sh.
#!/bin/bash# SetupDATE=$(date +"%Y-%m-%d_%H-%M-%S")BASE_OUTDIR="nuclei_run_$DATE"mkdir -p "$BASE_OUTDIR"DISCORD_WEBHOOK="https://discord.com/api/webhooks/XXX/YYY" # replace thiswhile read -r DOMAIN; doCLEAN=$(echo "$DOMAIN" | sed 's/*\.//g')OUTDIR="$BASE_OUTDIR/$CLEAN"mkdir -p "$OUTDIR"echo "[*] Rotating VPN..."nordvpn disconnectsleep 2nordvpn connectsleep 6curl -s ifconfig.me > "$OUTDIR/ip.txt"echo "[*] Subdomain scan on $CLEAN"subfinder -d "$CLEAN" -silent > "$OUTDIR/subs.txt"echo "[*] Probing live hosts"httpx -l "$OUTDIR/subs.txt" -silent -timeout 5 -threads 100 >"$OUTDIR/live.txt"echo "[*] Running nuclei scan"nuclei -l "$OUTDIR/live.txt" \-t cves/,exposed-panels/,misconfiguration/,files/ \-tags rce,xss,unauth,exposure \-severity high,critical \-rate-limit 25 -retries 3 -timeout 10 \-o "$OUTDIR/findings.json" -v -debugif [[ -s "$OUTDIR/findings.json" ]]; thenCOUNT=$(jq length "$OUTDIR/findings.json")FIRST=$(jq -r '.[0] | "\(.info.severity | ascii_upcase) - \(.templateID) on \(.matched)"' "$OUTDIR/findings.json")curl -s -H "Content-Type: application/json" \-X POST -d "{\"username\": \"Nuclei Bot\",\"content\": \"🚨 **$COUNT finding(s)** for \`$CLEAN\`\nFirst hit: $FIRST\nIP: \`$(cat $OUTDIR/ip.txt)\`\nFile: $OUTDIR/findings.json\"}" "$DISCORD_WEBHOOK"elseecho "[*] No findings for $CLEAN"fidone < h1_scopes.txtecho "[✔] Recon complete. All results in $BASE_OUTDIR"
Usage
Create a file called h1_scopes.txt with a list of wildcard domains (e.g. *.example.com), then run:
./nuclei-recon.shMake It Your Own
You can expand this script with:
- Slack or email alerts
- JS-based Nuclei scans using
-headless - Scheduled runs with
cro
Ready for a reliable, high-performance VPS at an unbeatable price? We host our own Kali labs on Hostinger: 4 vCPU, NVMe storage, 16 GB RAM and 16 TB bandwidth, backed by 24/7 support and a 30-day money-back guarantee. You’ll save up to 20% when you lock in a 24-month plan. Grab a Hostinger VPS using this referral link and support our content.
👉 Claim your Hostinger VPS (from only US$ 9.99/mo)
