39 lines
995 B
YAML
39 lines
995 B
YAML
|
id: detect-all-takeovers
|
||
|
|
|
||
|
|
info:
|
||
|
|
name: Subdomain takeover finder
|
||
|
|
author: pxmme1337
|
||
|
|
severity: high
|
||
|
|
|
||
|
|
# update this list with new takeovers matchers
|
||
|
|
# do not delete other template files for takeover
|
||
|
|
|
||
|
|
requests:
|
||
|
|
- method: GET
|
||
|
|
path:
|
||
|
|
- "{{BaseURL}}/"
|
||
|
|
matchers-condition: or
|
||
|
|
matchers:
|
||
|
|
- type: word
|
||
|
|
name: pantheon.io
|
||
|
|
words:
|
||
|
|
- "The gods are wise, but do not know of the site which you seek."
|
||
|
|
- type: word
|
||
|
|
name: aws-s3-bucket
|
||
|
|
words:
|
||
|
|
- "The specified bucket does not exist"
|
||
|
|
- type: word
|
||
|
|
name: anima
|
||
|
|
words:
|
||
|
|
- "If this is your website and you've just created it, try refreshing in a minute"
|
||
|
|
- type: word
|
||
|
|
name: ghost
|
||
|
|
words:
|
||
|
|
- "The thing you were looking for is no longer here, or never was"
|
||
|
|
- type: regex
|
||
|
|
name: worksites
|
||
|
|
regex:
|
||
|
|
- "(?:Company Not Found|you’re looking for doesn’t exist)"
|
||
|
|
part: body
|
||
|
|
|