nuclei-templates/ssl/revoked-ssl-certificate.yaml

23 lines
941 B
YAML
Raw Normal View History

2023-03-09 06:02:21 +00:00
id: revoked-ssl-certificate
info:
name: Revoked SSL Certificate - Detect
author: pussycat0x
2023-03-16 14:40:33 +00:00
severity: low
2023-03-09 06:02:21 +00:00
description: |
2023-10-14 11:27:55 +00:00
Certificate revocation is the act of invalidating a TLS/SSL before its scheduled expiration date. A certificate should be revoked immediately when its private key shows signs of being compromised. It should also be revoked when the domain for which it was issued is no longer operational.
2023-03-09 06:02:21 +00:00
reference: |
- https://www.invicti.com/web-vulnerability-scanner/vulnerabilities/revoked-ssl-certificate/
- https://www.tenable.com/plugins/nnm/5837
metadata:
max-request: 1
2023-10-14 11:27:55 +00:00
tags: ssl,revoked
2023-03-09 06:02:21 +00:00
ssl:
- address: "{{Host}}:{{Port}}"
matchers:
- type: dsl
dsl:
2023-03-16 14:40:33 +00:00
- "revoked == true"
# digest: 4a0a00473045022100c3150442c588cf728f7781ca38d70344f293b2de0132ce4e75506429ca23fd4a02204f6612f153a82e33ca049b17bf1be6836347e2baa267d86dda4768e9168b5201:922c64590222798bb761d5b6d8e72950