Create threatq-login.yaml and apollo-server-detect.yaml (#3637)

* Add threatq-login.yaml file

Add threatq-login.yaml file

* Delete threatq-login.yaml in root folder

Delete threatq-login.yaml in root folder

* Added threatq-login.yaml in exposed-panels folder

Added threatq-login.yaml in exposed-panels folder

* Add apollo-server-detect.yaml

Add apollo-server-detect.yaml

* misc updates

* Add apollo server detect

Add apollo server detect

* lint fix

* Fixed [trailing-spaces] trailing spaces

Fixed [trailing-spaces] trailing spaces

Co-authored-by: sandeep <sandeep@projectdiscovery.io>

exposed-panels/threatq-login.yaml

@@ -0,0 +1,33 @@
+id: threatq-login
+
+info:
+  name: ThreatQ login panel
+  author: idealphase
+  severity: info
+  description: ThreatQ serves as an open and extensible threat intelligence platform that allows you to automate the intelligence lifecycle, quickly understand threats, make better decisions and accelerate detection and response
+  reference: https://www.threatq.com/threat-intelligence-platform/
+  tags: panel,threatq
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/login'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '<title ng-bind="PageTitle.getTitle()">ThreatQ</title>'
+          - '<script src="/assets/js/threatq.min.js'
+        condition: or
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - '<script src="/assets/js/threatq.min.js\?(.*)'

technologies/apollo-server-detect.yaml

@@ -0,0 +1,36 @@
+id: apollo-server-detect
+
+info:
+  name: Apollo Server GraphQL introspection detection
+  author: idealphase
+  severity: info
+  description: Apollo Server is a community-maintained open-source GraphQL server. It works with many Node.js HTTP server frameworks, or can run on its own with a built-in Express server. Apollo Server works with any GraphQL schema built with GraphQL.js--or define a schema's type definitions using schema definition language (SDL).
+  reference: https://github.com/apollographql/apollo-server
+  tags: apollo,tect,graphql
+
+requests:
+  - method: POST
+    path:
+      - "{{BaseURL}}/graphql"
+
+    headers:
+      Content-Type: application/json
+
+    body: |
+      {"query":"query IntrospectionQuery{__schema{queryType{name}mutationType{name}subscriptionType{name}types{...FullType}directives{name description locations args{...InputValue}}}}fragment FullType on __Type{kind name description fields(includeDeprecated:true){name description args{...InputValue}type{...TypeRef}isDeprecated deprecationReason}inputFields{...InputValue}interfaces{...TypeRef}enumValues(includeDeprecated:true){name description isDeprecated deprecationReason}possibleTypes{...TypeRef}}fragment InputValue on __InputValue{name description type{...TypeRef}defaultValue}fragment TypeRef on __Type{kind name ofType{kind name ofType{kind name ofType{kind name ofType{kind name ofType{kind name ofType{kind name ofType{kind name}}}}}}}}"}
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: header
+        words:
+          - "Content-Type: application/json"
+
+      - type: word
+        part: body
+        words:
+          - "GraphQL introspection is not allowed by Apollo Server"
+
+      - type: status
+        status:
+          - 400

technologies/tech-detect.yaml

@@ -3117,6 +3117,12 @@ requests:
 
       - type: word
         name: thinkphp
+        part: header
         words:
           - "ThinkPHP"
-        part: header
+
+      - type: word
+        name: apollo
+        part: body
+        words:
+          - "initApollo)(i.ApolloTargetServer.Self)"