ProjectDiscovery Reviews & Product Details

The interface is very clear and easy to use. Our desired use case could be implemented very easily, and we were able to quickly work with support to develop solutions that work for us. Customer support is top-notch; you get immediate responses, and they take care of users' problems and concerns right away. The regular port scans help us keep an eye on our attack surface without having to write many scripts ourselves. The integration of GitHub in conjunction with our own templates completes the platform and offers us very high added value. In our internal External Attack Surface Management, Project Discovery is therefore indispensable. Review collected by and hosted on G2.com.

When first getting started, you have to search a bit for the countless functions and features, but you quickly get the hang of it! Review collected by and hosted on G2.com.

The combination of speed, scalability, and the ongoing intelligence driven by its active community makes this solution a great addition to existing tooling. We were able to gain coverage across our complex cloud environment and conduct scans in a fraction of the time it used to take, and the constantly updated Nuclei templates provide invaluable, real-time insights into emerging threats. The ability to quickly create custom templates and proactively identify our exposure, has been a differentiator and the overall onboarding and ease of implementation was incredibly simple, both for blind asset discovery and cloud integrations. The support team is on top of all requests and receptive of enhancement requests. Review collected by and hosted on G2.com.

Some organizations with highly complex and deeply integrated security ecosystems might find the current platform to be somewhat less feature-rich compared to more mature, all-encompassing enterprise solutions. More extensive workflow automation capabilities could further enhance its overall utility within larger, more established security operations centers. However, their focus on core functionality is also what contributes to its speed and efficiency, and I anticipate that they will continue to expand the feature set over time based on user feedback and market demands. Review collected by and hosted on G2.com.

ProjectDiscovery's open-source tool suite has completely revolutionized my security workflow. Whether you're a penetration tester, bug bounty hunter, or red teamer, these tools are battle-tested, fast, and developer-friendly.

🔍 Nuclei is the crown jewel. Its templating engine is blazing fast, supports parallel scanning, and allows for custom YAML-based templates, making it easy to scale your recon and vulnerability discovery across thousands of assets in seconds. The community around it is vibrant, and the shared templates library on GitHub is a goldmine of continuously updated detection capabilities.

📡 Subfinder is incredibly accurate and lightning quick for passive subdomain enumeration. It integrates seamlessly with multiple sources and provides a solid foundation for mapping an organization's external attack surface.

🕵️ httpx is my go-to for validating and probing large volumes of targets. Whether I'm checking for HTTP response behavior, status codes, or CDN/waf fingerprints—httpx delivers consistently with great customization.

🔐 Naabu for port scanning is lean yet powerful. It's great for quick visibility into exposed services, and when paired with Nuclei, forms an unbeatable combo for surface mapping and vulnerability discovery.

💡 What sets ProjectDiscovery apart is their modular, CLI-first philosophy, clean Go codebases, and ease of integration into CI/CD pipelines. They’re perfect for automating security at scale. Review collected by and hosted on G2.com.

While the CLI-first design is a strength, there's still a lot of scope to enhance the user experience with a more intuitive and unified UI. Review collected by and hosted on G2.com.

The ProjectDiscovery Cloud Platform brings a modern take on vulnerability management. Built upon their solid open source foundation (Nuclei, Cloudlist, httpx and friends), the platform was extremely easy to plug in to our existing infrastructure for asset discovery and for us to start seeing value immediately. All of the expected integrations (Slack, Jira, webhook etc.) are available and work well. Whilst the plethora of community Nuclei templates gives extensive vulnerability scanning coverage, we also run some of our own for bespoke use-cases (and there's even some AI assistance to help with that). With all of this in mind, the core capability of vulnerability management works very well, with zero/low false positives, and quick detection of anything that needs to be mitigated or remediated. The team at ProjectDiscovery are excellent - they're quick to provide support if needed and it's clear that they genuinely care about building a produce that revolutionises the way vulnerability management works. Review collected by and hosted on G2.com.

No downsides to report. The ProjectDiscovery Cloud Platform delivers exactly what we need. Review collected by and hosted on G2.com.