Writing Nuclei Templates & Semgrep Rules

You found the bug once, by hand — now make it run forever. Turn one-off findings into reusable detection: the anatomy of a Nuclei template (info, matchers, extractors, the DSL, chained requests), writing one end-to-end for a real exposure, then validating it against known-vulnerable and known-safe hosts to kill false positives. Then cross to the source side — custom Semgrep pattern rules and taint mode (source to sanitiser to sink) — and gate both in CI so the whole team runs them.