nuclei-templates/http/exposed-panels/security-onion-panel.yaml

id: security-onion-panel

info:
  name: Security Onion Panel - Detect
  author: rxerium
  severity: info
  description: |
    Security Onion is a free and open source Linux distribution for intrusion detection, security monitoring, and log management. It includes CyberChef, NetworkMiner, and many other security tools.
  reference:
    - https://securityonionsolutions.com/
    - https://github.com/Security-Onion-Solutions/securityonion
  metadata:
    verified: true
    shodan-query: title:"Security Onion"
  tags: panel,security,onion,detect

http:
  - method: GET
    path:
      - "{{BaseURL}}"
      - "{{BaseURL}}/login/"

    stop-at-first-match: true
    matchers-condition: and
    matchers:
      - type: word
        words:
          - '<title>Security Onion'
          - 'Login to Security Onion'
          - 'Security Onion Solutions'
        condition: or

      - type: status
        status:
          - 200
# digest: 4a0a0047304502204e65eea2b93985c156d5da1cafdfafd139e1d3b7b8a1e7ff20261c2bdff53f350221009ee3dc09418861c87972bdedebceaefcaa4902ce12e1aeb817054eb11d90789d:922c64590222798bb761d5b6d8e72950
security-onion-panel 2023-10-27 16:09:45 +00:00			`id: security-onion-panel`
matcher & info update 2023-10-29 11:07:27 +00:00
security-onion-panel 2023-10-27 16:09:45 +00:00			`info:`
matcher & info update 2023-10-29 11:07:27 +00:00			`name: Security Onion Panel - Detect`
security-onion-panel 2023-10-27 16:09:45 +00:00			`author: rxerium`
			`severity: info`
			`description: \|`
security-onion-panel 2023-10-27 18:13:58 +00:00			`Security Onion is a free and open source Linux distribution for intrusion detection, security monitoring, and log management. It includes CyberChef, NetworkMiner, and many other security tools.`
security-onion-panel 2023-10-27 16:09:45 +00:00			`reference:`
security-onion-panel 2023-10-27 18:13:58 +00:00			`- https://securityonionsolutions.com/`
			`- https://github.com/Security-Onion-Solutions/securityonion`
matcher & info update 2023-10-29 11:07:27 +00:00			`metadata:`
			`verified: true`
			`shodan-query: title:"Security Onion"`
			`tags: panel,security,onion,detect`
security-onion-panel 2023-10-27 16:09:45 +00:00
			`http:`
			`- method: GET`
			`path:`
matcher & info update 2023-10-29 11:07:27 +00:00			`- "{{BaseURL}}"`
security-onion-panel 2023-10-27 16:09:45 +00:00			`- "{{BaseURL}}/login/"`

matcher & info update 2023-10-29 11:07:27 +00:00			`stop-at-first-match: true`
			`matchers-condition: and`
security-onion-panel 2023-10-27 18:13:58 +00:00			`matchers:`
security-onion-panel 2023-10-27 16:09:45 +00:00			`- type: word`
			`words:`
matcher & info update 2023-10-29 11:07:27 +00:00			`- '<title>Security Onion'`
security-onion-panel 2023-10-27 16:09:45 +00:00			`- 'Login to Security Onion'`
matcher & info update 2023-10-29 11:07:27 +00:00			`- 'Security Onion Solutions'`
			`condition: or`
security-onion-panel 2023-10-27 16:09:45 +00:00
			`- type: status`
			`status:`
matcher & info update 2023-10-29 11:07:27 +00:00			`- 200`
Auto Template Signing [Sun Oct 29 15:12:11 UTC 2023] :robot: 2023-10-29 15:12:12 +00:00			`# digest: 4a0a0047304502204e65eea2b93985c156d5da1cafdfafd139e1d3b7b8a1e7ff20261c2bdff53f350221009ee3dc09418861c87972bdedebceaefcaa4902ce12e1aeb817054eb11d90789d:922c64590222798bb761d5b6d8e72950`