We’re thrilled to unveil our latest milestones: over 9,000 stars and 900 unique contributors on the templates project, along with a staggering 20,000 stars on the Nuclei repository. This phenomenal growth is a testament to our community’s unwavering dedication to security and their shared passion for safeguarding the digital world. As part of the next phase in the evolution of the Nuclei Templates repository as the central, open source way for security research and engineers to communicate about vulnerabilities, we’re excited to announce our Community Leaderboard and Template Rewards programs.

This program is in addition to (and compliments) our recently announced ProjectDiscovery Pioneers program! Template contributions and PRs are created by our amazing community and we’d love to celebrate and showcase your work.

In the Nuclei templates repository, we consistently add trending CVEs and vulnerabilities to empower companies, pentesters, and startups to safeguard their assets using our suite of open-source tools. Because of our amazing community, we often see PRs for CVE added within hours of the public POC release. This quick update pace is crucial for researchers and companies using our repository to stay ahead of threats, ensuring the latest vulnerabilities are tracked and checked.

Our community extends beyond GitHub. On our Discord server, we have over 8,000+ members who help each other with queries, collaborate on projects, and share new ideas about internet security

To encourage more collaboration and express our appreciation, we send stickers to all first-time contributors. It’s a small token of our gratitude for your willingness to jump in and make a difference.

Launching the Nuclei Templates Leaderboard

We are excited to launch the Nuclei Templates Leaderboard within our ProjectDiscovery Cloud platform. This leaderboard is our way of recognizing all the contributors who are making a significant impact on internet security.

Also, if you’re looking for a Hacktoberfest project to contribute to - Nuclei templates might be right up your alley!

Why a Leaderboard?

By contributing to the Nuclei Templates repository, you not only gain valuable experience but also increase your recognition within the community. This visibility can boost your career prospects and open up new opportunities in the cybersecurity field

What Does the Leaderboard Showcase?

• Total Number of Templates

• Top Categories of Templates

• Total Contributors

• Total Critical Templates

Below, you’ll find a list of our top contributors, the categories they have primarily contributed to, the total number of templates they’ve submitted, and their total points.

How We Calculate Points

We have a point system to quantify contributions:

Note: This point system is new and subject to change. We welcome your feedback to improve it.

Connect with Contributors

Next to each contributor’s name, you’ll find social links. Feel free to connect with them and send a personal thank-you message if their contributions have helped you in any way.

How to Add Your Social Links

If you’re a contributor and want to add your social profiles, you can do so by raising a Pull Request updating the contributors.json file in the repository from the same GitHub account you use to contribute.

The leaderboard will be helpful in sending swag and invites to our events, based on all-time, quarterly, and yearly points.

Introducing the Template Contribution Rewards

We’re launching the Template Contribution Reward Program, where we’ll list GitHub issues with a 💎 Bounty label for the community to pick up and write templates for specific vulnerabilities and CVEs.

How It Works

• Find an Issue: Look for issues labeled with 💎 Bounty on our GitHub repository.

• Start Working: Comment /attempt #1337 (replace #1337 with the issue number) to declare that you’re working on it.
• Submit Your Template: Once your template is ready, raise a PR and include /claim #1337 in the PR body to claim the bounty. Make sure to read our Contribution Guide before submitting the template.
• Collaborate and Split Rewards: If you’re collaborating with other community members, you can split the reward by commenting:

/claim #1337
/split @jsmith
/split @jdoe

Each collaborator should be mentioned with their GitHub username.

Rules and Guidelines

• Acceptance Criteria: Contributors must follow the dos and best practices outlined in our contribution guide. The template must include a complete POC and should not rely solely on version-based detection. Contributors are required to provide debug data along with the template to help the triage team with validation. Rewards will only be given once the template is fully validated by the team. Templates that are incomplete or invalid will not be accepted.
• Maximum Attempts: You can attempt up to 3 issues at once.
• Reward Increments: We start with a base reward. If the CVE remains open for 2 weeks, the reward increases.
• Issue Expiry: If the task isn’t completed within 2 months, the issue will be closed.

Focus Areas

We’ll create issues based on CVEs that should be prioritized from well-known products. This focus ensures that we’re addressing vulnerabilities that could have a significant impact.

Join Us in Making the Internet Safer

We hope that initiatives like these will encourage more community members to contribute to open-source projects. Your contributions make a real difference, and together, we can continue to make the internet a safer place for everyone.

Thank you for being a part of this journey. We can’t wait to see what we’ll accomplish together next!

You can also join our Discord server. It's a great place to connect with fellow contributors and stay updated with the latest developments. Thank you, once again!

By leveraging Nuclei and actively engaging with the open-source community, or by becoming a part of the ProjectDiscovery Cloud Platform, companies can enhance their security measures, proactively address emerging threats, and establish a more secure digital landscape. Security represents a shared endeavor, and by collaborating, we can consistently adapt and confront the ever-evolving challenges posed by cyber threats.