nuclei-templates/http/osint/phishing/american-express-phish.yaml

35 lines
924 B
YAML
Raw Normal View History

2024-02-27 19:37:59 +00:00
id: american-express-phish
info:
name: american-express phishing Detection
author: rxerium
severity: info
description: |
An american express phishing website was detected
reference:
- https://www.americanexpress.com
metadata:
max-request: 1
2024-03-08 07:16:17 +00:00
tags: phishing,american-express,osint
2024-02-27 19:37:59 +00:00
http:
- method: GET
path:
- "{{BaseURL}}"
host-redirects: true
max-redirects: 2
matchers-condition: and
matchers:
- type: word
words:
- 'Credit Cards, Rewards, Travel and Business Services | American Express'
- type: status
status:
- 200
- type: dsl
dsl:
- '!contains(host,"americanexpress.com")'
# digest: 4b0a004830460221008c8d1c3be6f37e1385e101596ba91a58f923f212eda46de83e604e5340f22987022100d932cc4a6b80a47a5f2b2e77456b94c19787e84dbf99fa125da714e29465c5a7:922c64590222798bb761d5b6d8e72950