nuclei-templates/http/osint/phishing/american-express-phish.yaml

35 lines
922 B
YAML
Raw Normal View History

2024-02-27 19:37:59 +00:00
id: american-express-phish
info:
name: american-express phishing Detection
author: rxerium
severity: info
description: |
An american express phishing website was detected
reference:
- https://www.americanexpress.com
metadata:
max-request: 1
2024-03-08 07:16:17 +00:00
tags: phishing,american-express,osint
2024-02-27 19:37:59 +00:00
http:
- method: GET
path:
- "{{BaseURL}}"
host-redirects: true
max-redirects: 2
matchers-condition: and
matchers:
- type: word
words:
- 'Credit Cards, Rewards, Travel and Business Services | American Express'
- type: status
status:
- 200
- type: dsl
dsl:
- '!contains(host,"americanexpress.com")'
# digest: 4a0a00473045022100c30c921811cbd04e1bfe9fbc7845a80f2cd00dca93fe06471ab76ce3e887e6d9022011cbe22a0467c39c096dba7f5ff30cd1cee14fcc25a1a06840cba3aed656b515:922c64590222798bb761d5b6d8e72950