PDCP Scanning Overview
Learn more about PDCP scanning features and capabilities
Key Features
Scans are at the heart of the ProjectDiscovery Cloud Platform (PDCP). Upload Assets to your environment, select the templates you want to use, and configure a scan to check for exploitable vulnerabilities.
Features include:
- Connecting existing Nuclei scans
- Creating new scans
- Viewing active vulnerabilities
- Scheduling scans
- Exporting scan details
- Determining active CVEs
- Rescanning
Getting Started
Before you get started with scanning you will need two things:
- To add your Assets
- To select the templates you want to use
Assets
Assets can be uploaded individually or through a .TXT file, or added through Asset Discovery. Refer to our Assets documentation for details on adding Assets if you have not.
Templates
PDCP includes our large community-curated library of public templates. You can use all of those templates, our subset of recommended templates, a specific selection of templates, or you can create or add your own custom templates.
- Check out the main Nuclei templates section to learn more about templates or,
- Review the Templates & Editor section for more information on using templates and the editor within PDCP
Creating Scans
Scans can be connected through an existing Nuclei setup, or directly created through PDCP. Select the assets you want to scan, choose your templates, and select your scan options as desired to create a scan.
- Check out Getting Started with PDCP Free for details on connecting an existing Nuclei scan to PDCP to explore some of the features mentioned here.
Reviewing Scan Results (Vulnerabilities)
Find a scan
Existing scans are located in the main Scans section of your PDCP environment. You can scroll through the list or use search to locate a specific scan. You can also filter based on the scan status to narrow the scope of displayed scans.
Scan details (Viewing)
Selecting an individual scan opens a scan detail page that includes:
- Summary information (Total vulnerabilities, Active CVEs, Total assets)
- Filtering options for the displayed vulnerabilities (Status, Severity, Host information, templates)
- All vulnerabilities identified by the scan with corresponding severities
Scan details (Actions)
The scan detail page also includes capabilities for:
- Rescanning
- Exporting
- Retesting individual vulnerabilities
- Status management for vulnerabilities (open, closed, mark as a false positive)
Vulnerability details
Selecting an individual vulnerability shows details including:
- The location (URL) where the vulnerability was identified
- The template used to identify the vulnerability
- Vulnerability details including status, timestamp, IP address