2020-11-21 17:57:19 +00:00
|
|
|
id: springboot-workflow
|
2020-07-05 08:30:28 +00:00
|
|
|
|
|
|
|
|
info:
|
2020-11-21 17:57:19 +00:00
|
|
|
name: Springboot Security Checks
|
2020-07-05 08:30:28 +00:00
|
|
|
author: dwisiswant0
|
2020-11-21 17:57:19 +00:00
|
|
|
description: A simple workflow that runs all springboot related nuclei templates on a given target.
|
2021-02-12 05:53:01 +00:00
|
|
|
tags: workflow
|
2020-07-05 08:30:28 +00:00
|
|
|
|
2020-11-21 17:57:19 +00:00
|
|
|
# Supported on Nuclei v2.2.0 (https://github.com/projectdiscovery/nuclei/releases/tag/v2.2.0)
|
|
|
|
|
# Old workflows still remains valid, and will be working with all nuclei versions.
|
2020-07-05 08:30:28 +00:00
|
|
|
|
2020-11-21 17:57:19 +00:00
|
|
|
workflows:
|
|
|
|
|
|
2021-01-28 18:40:02 +00:00
|
|
|
- template: technologies/detect-springboot-actuator.yaml
|
2020-11-21 17:57:19 +00:00
|
|
|
subtemplates:
|
2021-02-01 08:20:15 +00:00
|
|
|
- template: misconfiguration/springboot/springboot-configprops.yaml
|
|
|
|
|
- template: misconfiguration/springboot/springboot-env.yaml
|
|
|
|
|
- template: misconfiguration/springboot/springboot-heapdump.yaml
|
|
|
|
|
- template: misconfiguration/springboot/springboot-loggers.yaml
|
|
|
|
|
- template: misconfiguration/springboot/springboot-mappings.yaml
|
|
|
|
|
- template: misconfiguration/springboot/springboot-trace.yaml
|
|
|
|
|
- template: vulnerabilities/springboot/springboot-actuators-jolokia-xxe.yaml
|
|
|
|
|
- template: vulnerabilities/springboot/springboot-h2-db-rce.yaml
|
2021-01-28 18:45:13 +00:00
|
|
|
- template: cves/2018/CVE-2018-1271.yaml
|
|
|
|
|
- template: cves/2018/CVE-2018-1271.yaml
|
|
|
|
|
- template: cves/2020/CVE-2020-5410.yaml
|
