daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into smb-js

patch-1
Ritik Chaddha 2023-11-02 12:51:06 +05:30 committed by GitHub
parent d9021ee637 16bd292dbc
commit 0e7df13ff9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7231 changed files with 33602 additions and 21085 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/template-checksum.yml vendored
View File

@ -20,11 +20,11 @@ jobs:
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version: 1.20.x
go-version: 1.21.x
- name: install checksum generator
run: |
go install -v github.com/projectdiscovery/nuclei/v2/cmd/generate-checksum@dev
go install -v github.com/projectdiscovery/nuclei/v3/cmd/generate-checksum@dev
- name: generate checksum
id: checksum

2
.github/workflows/template-db-indexer.yml vendored
View File

@ -16,7 +16,7 @@ jobs:
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version: 1.20.x
go-version: 1.21.x
- name: Installing Indexer
run: |

2
.github/workflows/template-validate.yml vendored
View File

@ -26,4 +26,4 @@ jobs:
run: |
cp -r ${{ github.workspace }} $HOME
nuclei -duc -validate -allow-local-file-access
nuclei -duc -validate -w ./workflows -allow-local-file-access
nuclei -duc -validate -w ./workflows -allow-local-file-access

2
.github/workflows/templateman.yml vendored
View File

@ -20,7 +20,7 @@ jobs:
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version: 1.20.x
go-version: 1.21.x
- name: Install TemplateMan CLI Client
run: |

3
.github/workflows/wordpress-plugins-update.yml vendored
View File

@ -3,6 +3,9 @@ name: ✨ WordPress Plugins - Update
on:
schedule:
- cron: "0 4 * * *" # every day at 4am UTC
push:
branches:
- main
workflow_dispatch:
jobs:

16
.new-additions
View File

@ -0,0 +1,16 @@
http/cves/2023/CVE-2023-20198.yaml
http/cves/2023/CVE-2023-4169.yaml
http/cves/2023/CVE-2023-4415.yaml
http/default-logins/goip-default-login.yaml
http/exposed-panels/cisco/cisco-ios-xe-panel.yaml
http/exposed-panels/kiteworks-pcn-panel.yaml
http/exposed-panels/overseerr-panel.yaml
http/exposed-panels/plausible-panel.yaml
http/exposed-panels/truenas-scale-panel.yaml
http/misconfiguration/installer/cube-105-install.yaml
http/misconfiguration/installer/orangescrum-install.yaml
http/misconfiguration/installer/tautulli-install.yaml
http/misconfiguration/installer/webcalendar-install.yaml
http/misconfiguration/installer/webtrees-install.yaml
http/technologies/wordpress/plugins/metform.yaml
http/vulnerabilities/other/podcast-generator-ssrf.yaml

22
README.md
View File

@ -42,18 +42,18 @@ An overview of the nuclei template project, including statistics on unique tags,
| TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT |
|-----------|-------|--------------|-------|----------------------|-------|----------|-------|------|-------|
| cve | 2190 | dhiyaneshdk | 1086 | http | 6694 | info | 3251 | file | 310 |
| panel | 1001 | dwisiswant0 | 798 | file | 310 | high | 1412 | dns | 17 |
| wordpress | 893 | daffainfo | 787 | workflows | 191 | medium | 1383 | | |
| exposure | 820 | pikpikcu | 353 | network | 119 | critical | 865 | | |
| xss | 810 | pussycat0x | 293 | ssl | 27 | low | 234 | | |
| wp-plugin | 777 | pdteam | 284 | dns | 17 | unknown | 31 | | |
| osint | 675 | ritikchaddha | 273 | headless | 9 | | | | |
| tech | 633 | ricardomaia | 226 | TEMPLATES-STATS.json | 1 | | | | |
| lfi | 612 | geeknik | 221 | cves.json | 1 | | | | |
| edb | 598 | theamanrawat | 220 | contributors.json | 1 | | | | |
| cve | 2239 | dhiyaneshdk | 1088 | http | 6768 | info | 3275 | file | 310 |
| panel | 1018 | dwisiswant0 | 798 | file | 310 | medium | 1413 | dns | 17 |
| wordpress | 923 | daffainfo | 787 | workflows | 191 | high | 1412 | | |
| xss | 837 | pikpikcu | 353 | network | 119 | critical | 888 | | |
| exposure | 820 | pussycat0x | 298 | ssl | 27 | low | 234 | | |
| wp-plugin | 807 | pdteam | 283 | dns | 17 | unknown | 31 | | |
| osint | 675 | ritikchaddha | 275 | headless | 10 | | | | |
| tech | 637 | ricardomaia | 226 | javascript | 2 | | | | |
| lfi | 614 | geeknik | 221 | TEMPLATES-STATS.json | 1 | | | | |
| edb | 598 | theamanrawat | 221 | contributors.json | 1 | | | | |
**508 directories, 7613 files**.
**511 directories, 7690 files**.
</td>
</tr>

2
TEMPLATES-STATS.json
View File

File diff suppressed because one or more lines are too long

7787
TEMPLATES-STATS.md
View File

File diff suppressed because it is too large Load Diff

20
TOP-10.md
View File

@ -1,12 +1,12 @@
| TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT |
|-----------|-------|--------------|-------|----------------------|-------|----------|-------|------|-------|
| cve | 2190 | dhiyaneshdk | 1086 | http | 6694 | info | 3251 | file | 310 |
| panel | 1001 | dwisiswant0 | 798 | file | 310 | high | 1412 | dns | 17 |
| wordpress | 893 | daffainfo | 787 | workflows | 191 | medium | 1383 | | |
| exposure | 820 | pikpikcu | 353 | network | 119 | critical | 865 | | |
| xss | 810 | pussycat0x | 293 | ssl | 27 | low | 234 | | |
| wp-plugin | 777 | pdteam | 284 | dns | 17 | unknown | 31 | | |
| osint | 675 | ritikchaddha | 273 | headless | 9 | | | | |
| tech | 633 | ricardomaia | 226 | TEMPLATES-STATS.json | 1 | | | | |
| lfi | 612 | geeknik | 221 | cves.json | 1 | | | | |
| edb | 598 | theamanrawat | 220 | contributors.json | 1 | | | | |
| cve | 2239 | dhiyaneshdk | 1088 | http | 6768 | info | 3275 | file | 310 |
| panel | 1018 | dwisiswant0 | 798 | file | 310 | medium | 1413 | dns | 17 |
| wordpress | 923 | daffainfo | 787 | workflows | 191 | high | 1412 | | |
| xss | 837 | pikpikcu | 353 | network | 119 | critical | 888 | | |
| exposure | 820 | pussycat0x | 298 | ssl | 27 | low | 234 | | |
| wp-plugin | 807 | pdteam | 283 | dns | 17 | unknown | 31 | | |
| osint | 675 | ritikchaddha | 275 | headless | 10 | | | | |
| tech | 637 | ricardomaia | 226 | javascript | 2 | | | | |
| lfi | 614 | geeknik | 221 | TEMPLATES-STATS.json | 1 | | | | |
| edb | 598 | theamanrawat | 221 | contributors.json | 1 | | | | |

36
cves.json
View File

@ -414,7 +414,35 @@
{"ID":"CVE-2017-17731","Info":{"Name":"DedeCMS 5.7 - SQL Injection","Severity":"critical","Description":"DedeCMS through 5.7 has SQL Injection via the $_FILES superglobal to plus/recommend.php.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2017/CVE-2017-17731.yaml"}
{"ID":"CVE-2017-17736","Info":{"Name":"Kentico - Installer Privilege Escalation","Severity":"critical","Description":"Kentico 9.0 before 9.0.51 and 10.0 before 10.0.48 are susceptible to a privilege escalation attack. An attacker can obtain Global Administrator access by visiting CMSInstall/install.aspx and then navigating to the CMS Administration Dashboard.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2017/CVE-2017-17736.yaml"}
{"ID":"CVE-2017-18024","Info":{"Name":"AvantFAX 3.3.3 - Cross-Site Scripting","Severity":"medium","Description":"AvantFAX 3.3.3 contains a cross-site scripting vulnerability via an arbitrary parameter name submitted to the default URL, as demonstrated by a parameter whose name contains a SCRIPT element and whose value is 1.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18024.yaml"}
{"ID":"CVE-2017-18487","Info":{"Name":"AdPush \u003c 1.44 - Cross-Site Scripting","Severity":"medium","Description":"The adsense-plugin (aka Google AdSense) plugin before 1.44 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18487.yaml"}
{"ID":"CVE-2017-18490","Info":{"Name":"Contact Form Multi by BestWebSoft \u003c 1.2.1 - Cross-Site Scripting","Severity":"medium","Description":"The contact-form-multi plugin before 1.2.1 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18490.yaml"}
{"ID":"CVE-2017-18491","Info":{"Name":"Contact Form by BestWebSoft \u003c 4.0.6 - Cross-Site Scripting","Severity":"medium","Description":"The contact-form-plugin plugin before 4.0.6 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18491.yaml"}
{"ID":"CVE-2017-18492","Info":{"Name":"Contact Form to DB by BestWebSoft \u003c 1.5.7 - Cross-Site Scripting","Severity":"medium","Description":"The contact-form-to-db plugin before 1.5.7 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18492.yaml"}
{"ID":"CVE-2017-18493","Info":{"Name":"Custom Admin Page by BestWebSoft \u003c 0.1.2 - Cross-Site Scripting","Severity":"medium","Description":"The custom-admin-page plugin before 0.1.2 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18493.yaml"}
{"ID":"CVE-2017-18494","Info":{"Name":"Custom Search by BestWebSoft \u003c 1.36 - Cross-Site Scripting","Severity":"medium","Description":"The custom-search-plugin plugin before 1.36 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18494.yaml"}
{"ID":"CVE-2017-18496","Info":{"Name":"Htaccess by BestWebSoft \u003c 1.7.6 - Cross-Site Scripting","Severity":"medium","Description":"The htaccess plugin before 1.7.6 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18496.yaml"}
{"ID":"CVE-2017-18500","Info":{"Name":"Social Buttons Pack by BestWebSof \u003c 1.1.1 - Cross-Site Scripting","Severity":"medium","Description":"The social-buttons-pack plugin before 1.1.1 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18500.yaml"}
{"ID":"CVE-2017-18501","Info":{"Name":"Social Login by BestWebSoft \u003c 0.2 - Cross-Site Scripting","Severity":"medium","Description":"The social-login-bws plugin before 0.2 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18501.yaml"}
{"ID":"CVE-2017-18502","Info":{"Name":"Subscriber by BestWebSoft \u003c 1.3.5 - Cross-Site Scripting","Severity":"medium","Description":"The subscriber plugin before 1.3.5 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18502.yaml"}
{"ID":"CVE-2017-18505","Info":{"Name":"BestWebSoft's Twitter \u003c 2.55 - Cross-Site Scripting","Severity":"medium","Description":"The twitter-plugin plugin before 2.55 for WordPress has XSS.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18505.yaml"}
{"ID":"CVE-2017-18516","Info":{"Name":"LinkedIn by BestWebSoft \u003c 1.0.5 - Cross-Site Scripting","Severity":"medium","Description":"The bws-linkedin plugin before 1.0.5 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18516.yaml"}
{"ID":"CVE-2017-18517","Info":{"Name":"Pinterest by BestWebSoft \u003c 1.0.5 - Cross-Site Scripting","Severity":"medium","Description":"The bws-pinterest plugin before 1.0.5 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18517.yaml"}
{"ID":"CVE-2017-18518","Info":{"Name":"SMTP by BestWebSoft \u003c 1.1.0 - Cross-Site Scripting","Severity":"medium","Description":"The bws-smtp plugin before 1.1.0 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18518.yaml"}
{"ID":"CVE-2017-18527","Info":{"Name":"Pagination by BestWebSoft \u003c 1.0.7 - Cross-Site Scripting","Severity":"medium","Description":"The pagination plugin before 1.0.7 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18527.yaml"}
{"ID":"CVE-2017-18528","Info":{"Name":"PDF \u0026 Print by BestWebSoft \u003c 1.9.4 - Cross-Site Scripting","Severity":"medium","Description":"The pdf-print plugin before 1.9.4 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18528.yaml"}
{"ID":"CVE-2017-18529","Info":{"Name":"PromoBar by BestWebSoft \u003c 1.1.1 - Cross-Site Scripting","Severity":"medium","Description":"The promobar plugin before 1.1.1 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18529.yaml"}
{"ID":"CVE-2017-18530","Info":{"Name":"Rating by BestWebSoft \u003c 0.2 - Cross-Site Scripting","Severity":"medium","Description":"The rating-bws plugin before 0.2 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18530.yaml"}
{"ID":"CVE-2017-18532","Info":{"Name":"Realty by BestWebSoft \u003c 1.1.0 - Cross-Site Scripting","Severity":"medium","Description":"The realty plugin before 1.1.0 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18532.yaml"}
{"ID":"CVE-2017-18536","Info":{"Name":"WordPress Stop User Enumeration \u003c=1.3.7 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Stop User Enumeration 1.3.7 and earlier are vulnerable to unauthenticated reflected cross-site scripting.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18536.yaml"}
{"ID":"CVE-2017-18537","Info":{"Name":"Visitors Online by BestWebSoft \u003c 1.0.0 - Cross-Site Scripting","Severity":"medium","Description":"The visitors-online plugin before 1.0.0 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18537.yaml"}
{"ID":"CVE-2017-18542","Info":{"Name":"Zendesk Help Center by BestWebSoft \u003c 1.0.5 - Cross-Site Scripting","Severity":"medium","Description":"The zendesk-help-center plugin before 1.0.5 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18542.yaml"}
{"ID":"CVE-2017-18556","Info":{"Name":"Google Analytics by BestWebSoft \u003c 1.7.1 - Cross-Site Scripting","Severity":"medium","Description":"The bws-google-analytics plugin before 1.7.1 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18556.yaml"}
{"ID":"CVE-2017-18557","Info":{"Name":"Google Maps by BestWebSoft \u003c 1.3.6 - Cross-Site Scripting","Severity":"medium","Description":"The bws-google-maps plugin before 1.3.6 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18557.yaml"}
{"ID":"CVE-2017-18558","Info":{"Name":"Testimonials by BestWebSoft \u003c 0.1.9 - Cross-Site Scripting","Severity":"medium","Description":"The bws-testimonials plugin before 0.1.9 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18558.yaml"}
{"ID":"CVE-2017-18562","Info":{"Name":"Error Log Viewer by BestWebSoft \u003c 1.0.6 - Cross-Site Scripting","Severity":"medium","Description":"The error-log-viewer plugin before 1.0.6 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18562.yaml"}
{"ID":"CVE-2017-18564","Info":{"Name":"Sender by BestWebSoft \u003c 1.2.1 - Cross-Site Scripting","Severity":"medium","Description":"The sender plugin before 1.2.1 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18564.yaml"}
{"ID":"CVE-2017-18565","Info":{"Name":"Updater by BestWebSoft \u003c 1.35 - Cross-Site Scripting","Severity":"medium","Description":"The updater plugin before 1.35 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18565.yaml"}
{"ID":"CVE-2017-18566","Info":{"Name":"User Role by BestWebSoft \u003c 1.5.6 - Cross-Site Scripting","Severity":"medium","Description":"The user-role plugin before 1.5.6 for WordPress has multiple XSS issues.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18566.yaml"}
{"ID":"CVE-2017-18598","Info":{"Name":"WordPress Qards - Cross-Site Scripting","Severity":"medium","Description":"WordPress Qards through 2017-10-11 contains a cross-site scripting vulnerability via a remote document specified in the URL parameter to html2canvasproxy.php.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2017/CVE-2017-18598.yaml"}
{"ID":"CVE-2017-18638","Info":{"Name":"Graphite \u003c=1.1.5 - Server-Side Request Forgery","Severity":"high","Description":"Graphite's send_email in graphite-web/webapp/graphite/composer/views.py in versions up to 1.1.5 is vulnerable to server-side request forgery (SSR)F. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server request any resource. The response to this SSRF request is encoded into an image file and then sent to an email address that can be supplied by the attacker. Thus, an attacker can exfiltrate any information.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2017/CVE-2017-18638.yaml"}
{"ID":"CVE-2017-3506","Info":{"Name":"Oracle Fusion Middleware Weblogic Server - Remote OS Command Execution","Severity":"high","Description":"The Oracle WebLogic Server component of Oracle Fusion Middleware (Web Services) versions 10.3.6.0, 12.1.3.0, 12.2.1.0, 12.2.1.1 and 12.2.1.2 is susceptible to a difficult to exploit vulnerability that could allow unauthenticated attackers with network access via HTTP to compromise Oracle WebLogic Server.","Classification":{"CVSSScore":"7.4"}},"file_path":"http/cves/2017/CVE-2017-3506.yaml"}
@ -1777,6 +1805,7 @@
{"ID":"CVE-2022-35914","Info":{"Name":"GLPI \u003c=10.0.2 - Remote Command Execution","Severity":"critical","Description":"GLPI through 10.0.2 is susceptible to remote command execution injection in /vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-35914.yaml"}
{"ID":"CVE-2022-36446","Info":{"Name":"Webmin \u003c1.997 - Authenticated Remote Code Execution","Severity":"critical","Description":"Webmin before 1.997 is susceptible to authenticated remote code execution via software/apt-lib.pl, which lacks HTML escaping for a UI command. An attacker can perform command injection attacks and thereby execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-36446.yaml"}
{"ID":"CVE-2022-36537","Info":{"Name":"ZK Framework - Information Disclosure","Severity":"high","Description":"ZK Framework 9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 is susceptible to information disclosure. An attacker can access sensitive information via a crafted POST request to the component AuUploader and thereby possibly obtain additional sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2022/CVE-2022-36537.yaml"}
{"ID":"CVE-2022-36553","Info":{"Name":"Hytec Inter HWL-2511-SS - Remote Command Execution","Severity":"critical","Description":"Hytec Inter HWL-2511-SS v1.05 and below was discovered to contain a command injection vulnerability via the component /www/cgi-bin/popen.cgi.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-36553.yaml"}
{"ID":"CVE-2022-36642","Info":{"Name":"Omnia MPX 1.5.0+r1 - Local File Inclusion","Severity":"critical","Description":"Telos Alliance Omnia MPX Node through 1.5.0+r1 is vulnerable to local file inclusion via logs/downloadMainLog. By retrieving userDB.json allows an attacker to retrieve cleartext credentials and escalate privileges via the control panel.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-36642.yaml"}
{"ID":"CVE-2022-36804","Info":{"Name":"Atlassian Bitbucket - Remote Command Injection","Severity":"high","Description":"Atlassian Bitbucket Server and Data Center is susceptible to remote command injection. Multiple API endpoints can allow an attacker with read permissions to a public or private Bitbucket repository to execute arbitrary code by sending a malicious HTTP request, thus making it possible to obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials. Affected versions are 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18.0 before version 7.21.4, from version 8.0.0 before version 8.0.3, from version 8.1.0 before version 8.1.3, and from version 8.2.0 before version 8.2.2, and from version 8.3.0 before 8.3.1.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2022/CVE-2022-36804.yaml"}
{"ID":"CVE-2022-36883","Info":{"Name":"Jenkins Git \u003c=4.11.3 - Missing Authorization","Severity":"high","Description":"Jenkins Git plugin through 4.11.3 contains a missing authorization check. An attacker can trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit. This can make it possible to obtain sensitive information, modify data, and/or execute unauthorized operations.","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2022/CVE-2022-36883.yaml"}
@ -1942,6 +1971,7 @@
{"ID":"CVE-2023-1890","Info":{"Name":"Tablesome \u003c 1.0.9 - Cross-Site Scripting","Severity":"medium","Description":"Tablesome before 1.0.9 is susceptible to cross-site scripting via the tab parameter due to insufficient input sanitization and output escaping. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-1890.yaml"}
{"ID":"CVE-2023-20073","Info":{"Name":"Cisco VPN Routers - Unauthenticated Arbitrary File Upload","Severity":"critical","Description":"A vulnerability in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to insufficient authorization enforcement mechanisms in the context of file uploads. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to upload arbitrary files to the affected device.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-20073.yaml"}
{"ID":"CVE-2023-2009","Info":{"Name":"Pretty Url \u003c= 1.5.4 - Cross-Site Scripting","Severity":"medium","Description":"Plugin does not sanitize and escape the URL field in the plugin settings, which could allow high-privilege users to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).\n","Classification":{"CVSSScore":"4.8"}},"file_path":"http/cves/2023/CVE-2023-2009.yaml"}
{"ID":"CVE-2023-20198","Info":{"Name":"Cisco IOS XE - Authentication Bypass","Severity":"critical","Description":"Cisco is aware of active exploitation of a previously unknown vulnerability in the web UI feature of Cisco IOS XE Software when exposed to the internet or to untrusted networks. This vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access. The attacker can then use that account to gain control of the affected system.\nFor steps to close the attack vector for this vulnerability, see the Recommendations section of this advisory.\nCisco will provide updates on the status of this investigation and when a software patch is available.\n","Classification":{"CVSSScore":"10"}},"file_path":"http/cves/2023/CVE-2023-20198.yaml"}
{"ID":"CVE-2023-2023","Info":{"Name":"Custom 404 Pro \u003c 3.7.3 - Cross-Site Scripting","Severity":"medium","Description":"Custom 404 Pro before 3.7.3 is susceptible to cross-site scripting via the search parameter due to insufficient input sanitization and output escaping. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-2023.yaml"}
{"ID":"CVE-2023-20864","Info":{"Name":"VMware Aria Operations for Logs - Unauthenticated Remote Code Execution","Severity":"critical","Description":"VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-20864.yaml"}
{"ID":"CVE-2023-20887","Info":{"Name":"VMware VRealize Network Insight - Remote Code Execution","Severity":"critical","Description":"VMWare Aria Operations for Networks (vRealize Network Insight) is vulnerable to command injection when accepting user input through the Apache Thrift RPC interface. This vulnerability allows a remote unauthenticated attacker to execute arbitrary commands on the underlying operating system as the root user. The RPC interface is protected by a reverse proxy which can be bypassed. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8. A malicious actor can get remote code execution in the context of 'root' on the appliance. VMWare 6.x version are\n vulnerable.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-20887.yaml"}
@ -2096,6 +2126,7 @@
{"ID":"CVE-2023-37580","Info":{"Name":"Zimbra Collaboration Suite (ZCS) v.8.8.15 - Cross-Site Scripting","Severity":"medium","Description":"Zimbra Collaboration (ZCS) 8 before 8.8.15 Patch 41 allows XSS in the Zimbra Classic Web Client.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-37580.yaml"}
{"ID":"CVE-2023-37629","Info":{"Name":"Online Piggery Management System v1.0 - Unauthenticated File Upload","Severity":"critical","Description":"Online Piggery Management System 1.0 is vulnerable to File Upload. An unauthenticated user can upload a php file by sending a POST request to add-pig.php.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-37629.yaml"}
{"ID":"CVE-2023-3765","Info":{"Name":"MLflow Absolute Path Traversal","Severity":"critical","Description":"Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0.\n","Classification":{"CVSSScore":"10"}},"file_path":"http/cves/2023/CVE-2023-3765.yaml"}
{"ID":"CVE-2023-37679","Info":{"Name":"NextGen Mirth Connect - Remote Code Execution","Severity":"critical","Description":"Mirth Connect, by NextGen HealthCare, is an open source data integration platform widely used by healthcare companies. Versions prior to 4.4.1 are vulnerable to an unauthenticated remote code execution vulnerability\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-37679.yaml"}
{"ID":"CVE-2023-37728","Info":{"Name":"IceWarp Webmail Server v10.2.1 - Cross Site Scripting","Severity":"medium","Description":"Icewarp Icearp v10.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability via the color parameter.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-37728.yaml"}
{"ID":"CVE-2023-37979","Info":{"Name":"Ninja Forms \u003c 3.6.26 - Cross-Site Scripting","Severity":"medium","Description":"The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-37979.yaml"}
{"ID":"CVE-2023-38035","Info":{"Name":"Ivanti Sentry - Authentication Bypass","Severity":"critical","Description":"A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and below, which may allow an attacker to bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-38035.yaml"}
@ -2138,17 +2169,22 @@
{"ID":"CVE-2023-41538","Info":{"Name":"PHPJabbers PHP Forum Script 3.0 - Cross-Site Scripting","Severity":"medium","Description":"PhpJabbers PHP Forum Script 3.0 is vulnerable to Cross Site Scripting (XSS) via the keyword parameter.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-41538.yaml"}
{"ID":"CVE-2023-41642","Info":{"Name":"RealGimm by GruppoSCAI v1.1.37p38 - Cross-Site Scripting","Severity":"medium","Description":"Multiple reflected cross-site scripting (XSS) vulnerabilities in the ErroreNonGestito.aspx component of GruppoSCAI RealGimm 1.1.37p38 allow attackers to execute arbitrary Javascript in the context of a victim user's browser via a crafted payload injected into the VIEWSTATE parameter.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-41642.yaml"}
{"ID":"CVE-2023-4168","Info":{"Name":"Adlisting Classified Ads 2.14.0 - Information Disclosure","Severity":"high","Description":"Information disclosure issue in the redirect responses, When accessing any page on the website, Sensitive data, such as API keys, server keys, and app IDs, is being exposed in the body of these redirects.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-4168.yaml"}
{"ID":"CVE-2023-4169","Info":{"Name":"Ruijie RG-EW1200G Router - Password Reset","Severity":"high","Description":"A vulnerability was found in Ruijie RG-EW1200G 1.0(1)B1P5. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /api/sys/set_passwd of the component Administrator Password Handler. The manipulation leads to improper access controls. The attack can be launched remotely.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-4169.yaml"}
{"ID":"CVE-2023-4173","Info":{"Name":"mooSocial 3.1.8 - Reflected XSS","Severity":"medium","Description":"A vulnerability, which was classified as problematic, was found in mooSocial mooStore 3.1.6. Affected is an unknown function of the file /search/index.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-4173.yaml"}
{"ID":"CVE-2023-4174","Info":{"Name":"mooSocial 3.1.6 - Reflected Cross Site Scripting","Severity":"medium","Description":"A vulnerability has been found in mooSocial mooStore 3.1.6 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. The attack can be launched remotely.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-4174.yaml"}
{"ID":"CVE-2023-41892","Info":{"Name":"CraftCMS \u003c 4.4.15 - Unauthenticated Remote Code Execution","Severity":"critical","Description":"Craft CMS is a platform for creating digital experiences. This is a high-impact, low-complexity attack vector leading to Remote Code Execution (RCE). Users running Craft installations before 4.4.15 are encouraged to update to at least that version to mitigate the issue. This issue has been fixed in Craft CMS 4.4.15.","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-41892.yaml"}
{"ID":"CVE-2023-42442","Info":{"Name":"JumpServer \u003e 3.6.4 - Information Disclosure","Severity":"medium","Description":"JumpServer is an open source bastion host and a professional operation and maintenance security audit system. Starting in version 3.0.0 and prior to versions 3.5.5 and 3.6.4, session replays can download without authentication. Session replays stored in S3, OSS, or other cloud storage are not affected. The api `/api/v1/terminal/sessions/` permission control is broken and can be accessed anonymously. SessionViewSet permission classes set to `[RBACPermission | IsSessionAssignee]`, relation is or, so any permission matched will be allowed. Versions 3.5.5 and 3.6.4 have a fix. After upgrading, visit the api `$HOST/api/v1/terminal/sessions/?limit=1`. The expected http response code is 401 (`not_authenticated`).\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2023/CVE-2023-42442.yaml"}
{"ID":"CVE-2023-42793","Info":{"Name":"JetBrains TeamCity \u003c 2023.05.4 - Remote Code Execution","Severity":"critical","Description":"In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-42793.yaml"}
{"ID":"CVE-2023-43261","Info":{"Name":"Milesight Routers - Information Disclosure","Severity":"high","Description":"A critical security vulnerability has been identified in Milesight Industrial Cellular Routers, compromising the security of sensitive credentials and permitting unauthorized access. This vulnerability stems from a misconfiguration that results in directory listing being enabled on the router systems, rendering log files publicly accessible. These log files, while containing sensitive information such as admin and other user passwords (encrypted as a security measure), can be exploited by attackers via the router's web interface. The presence of a hardcoded AES secret key and initialization vector (IV) in the JavaScript code further exacerbates the situation, facilitating the decryption of these passwords. This chain of vulnerabilities allows malicious actors to gain unauthorized access to the router.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-43261.yaml"}
{"ID":"CVE-2023-4415","Info":{"Name":"Ruijie RG-EW1200G Router Background - Login Bypass","Severity":"high","Description":"A vulnerability was found in Ruijie RG-EW1200G 07161417 r483. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/sys/login. The manipulation leads to improper authentication. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-237518 is the identifier assigned to this vulnerability.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2023/CVE-2023-4415.yaml"}
{"ID":"CVE-2023-4451","Info":{"Name":"Cockpit - Cross-Site Scripting","Severity":"medium","Description":"Cross-site Scripting (XSS) - Reflected in GitHub repository cockpit-hq/cockpit prior to 2.6.4.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-4451.yaml"}
{"ID":"CVE-2023-4547","Info":{"Name":"SPA-Cart eCommerce CMS 1.9.0.3 - Cross-Site Scripting","Severity":"medium","Description":"A vulnerability was found in SPA-Cart eCommerce CMS 1.9.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /search. The manipulation of the argument filter[brandid]/filter[price] leads to cross site scripting. The attack may be launched remotely. VDB-238058 is the identifier assigned to this vulnerability.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-4547.yaml"}
{"ID":"CVE-2023-4568","Info":{"Name":"PaperCut NG Unauthenticated XMLRPC Functionality","Severity":"medium","Description":"PaperCut NG allows for unauthenticated XMLRPC commands to be run by default. Versions 22.0.12 and below are confirmed to be affected, but later versions may also be affected due to lack of a vendor supplied patch.\n","Classification":{"CVSSScore":"6.5"}},"file_path":"http/cves/2023/CVE-2023-4568.yaml"}
{"ID":"CVE-2023-45852","Info":{"Name":"Viessmann Vitogate 300 - Remote Code Execution","Severity":"critical","Description":"In Vitogate 300 2.1.3.0, /cgi-bin/vitogate.cgi allows an unauthenticated attacker to bypass authentication and execute arbitrary commands via shell metacharacters in the ipaddr params JSON data for the put method.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-45852.yaml"}
{"ID":"CVE-2023-4634","Info":{"Name":"Media Library Assistant \u003c 3.09 - Remote Code Execution/Local File Inclusion","Severity":"critical","Description":"A vulnerability in the Wordpress Media-Library-Assistant plugins in version \u003c 3.09 is vulnerable to a local file inclusion which leading to RCE on default Imagegick installation/configuration.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-4634.yaml"}
{"ID":"CVE-2023-46747","Info":{"Name":"F5 BIG-IP - Unauthenticated RCE via AJP Smuggling","Severity":"critical","Description":"CVE-2023-46747 is a critical severity authentication bypass vulnerability in F5 BIG-IP that could allow an unauthenticated attacker to achieve remote code execution (RCE). The vulnerability impacts the BIG-IP Configuration utility, also known as the TMUI, wherein arbitrary requests can bypass authentication. The vulnerability received a CVSSv3 score of 9.8.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-46747.yaml"}
{"ID":"CVE-2023-4714","Info":{"Name":"PlayTube 3.0.1 - Information Disclosure","Severity":"high","Description":"A vulnerability was found in PlayTube 3.0.1 and classified as problematic. This issue affects some unknown processing of the component Redirect Handler. The manipulation leads to information disclosure. The attack may be initiated remotely.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-4714.yaml"}
{"ID":"CVE-2023-4966","Info":{"Name":"Citrix Bleed - Leaking Session Tokens","Severity":"high","Description":"Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-4966.yaml"}
{"ID":"CVE-2023-4974","Info":{"Name":"Academy LMS 6.2 - SQL Injection","Severity":"critical","Description":"A vulnerability was found in Academy LMS 6.2. It has been rated as critical. Affected by this issue is some unknown functionality of the file /academy/tutor/filter of the component GET Parameter Handler. The manipulation of the argument price_min/price_max leads to sql injection. The attack may be launched remotely. VDB-239750 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-4974.yaml"}
{"ID":"CVE-2023-5074","Info":{"Name":"D-Link D-View 8 v2.0.1.28 - Authentication Bypass","Severity":"critical","Description":"Use of a static key to protect a JWT token used in user authentication can allow an for an authentication bypass in D-Link D-View 8 v2.0.1.28\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-5074.yaml"}
{"ID":"CVE-2023-5244","Info":{"Name":"Microweber \u003c V.2.0 - Cross-Site Scripting","Severity":"medium","Description":"Reflected Cross-Site Scripting Vulnerability in types GET parameter on the /editor_tools/rte_image_editor endpoint.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-5244.yaml"}

2
cves.json-checksum.txt
View File

@ -1 +1 @@
1eb20822f4fe29cd3cb2f22d1af4953f
16fc811297044b5d3f7904cafbfd9424

3
dns/azure-takeover-detection.yaml
View File

@ -53,4 +53,5 @@ dns:
- type: dsl
dsl:
- cname
# digest: 4a0a00473045022043d1113417de308936591aa35f8175c25ad9d5b66b6d076fe0ba324450b1799e022100add5bb113b494d920eb39a99c107f2e7dff1979d482302e2580ff07e5857d9ff:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022043d1113417de308936591aa35f8175c25ad9d5b66b6d076fe0ba324450b1799e022100add5bb113b494d920eb39a99c107f2e7dff1979d482302e2580ff07e5857d9ff:922c64590222798bb761d5b6d8e72950

5
dns/caa-fingerprint.yaml
View File

@ -19,7 +19,7 @@ dns:
matchers:
- type: regex
regex:
- "IN\tCAA\\t(.+)$"
- "IN\\s+CAA\\s+(.+)"
extractors:
- type: regex
@ -28,4 +28,5 @@ dns:
- 'issue "(.*)"'
- 'issuewild "(.*)"'
- 'iodef "(.*)"'
# digest: 4a0a00473045022100ffd3189ffd53732db9f0027f4d2435adad24715cec685d4ece25c2eef614809a0220411506102311eeab96fe021444ea53d9cf2fd324049c678b4add33b6a1e457b0:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022023198a26073ed129fe588c545c89a003975219e7da0033744c267d99093324370221008a42dc42e882b45ff2f7ef81ffd916e41dab50a710deb2d0c7268bf9dec11e8f:922c64590222798bb761d5b6d8e72950

3
dns/detect-dangling-cname.yaml
View File

@ -34,4 +34,5 @@ dns:
- type: dsl
dsl:
- cname
# digest: 4a0a00473045022100ec9f942301604384f1ef3a2f9987cd29d437e35e882b86ed15127558bfe7ff7302203de45942e5824f5074f3d30b9d3323394b8fbd95c30e519c99901086ad64eecc:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100ec9f942301604384f1ef3a2f9987cd29d437e35e882b86ed15127558bfe7ff7302203de45942e5824f5074f3d30b9d3323394b8fbd95c30e519c99901086ad64eecc:922c64590222798bb761d5b6d8e72950

3
dns/dmarc-detect.yaml
View File

@ -31,4 +31,5 @@ dns:
group: 1
regex:
- "IN\tTXT\t(.+)"
# digest: 4a0a0047304502204076c7a56a64102033ddcbffe604e0099b21d4e3fc93681f25db84b6c9ea0d49022100cc84a29967d71f3d07b107990f34ec5d804757336391661727adf79dc07eef3d:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502204076c7a56a64102033ddcbffe604e0099b21d4e3fc93681f25db84b6c9ea0d49022100cc84a29967d71f3d07b107990f34ec5d804757336391661727adf79dc07eef3d:922c64590222798bb761d5b6d8e72950

3
dns/dns-saas-service-detection.yaml
View File

@ -433,4 +433,5 @@ dns:
regex:
- "IN\tCNAME\\t(.+)$"
- "IN\\s*CNAME\\t(.+)$"
# digest: 4a0a004730450221008eca40fb73f32c811d6d1d7283bbf220eb09a81bbaa047e4204406dd1c4da012022033a3e578c9ee7d903cff9bc617af38353d49ba0cb65955487aca3e841cdbfc56:922c64590222798bb761d5b6d8e72950
# digest: 4a0a004730450221008eca40fb73f32c811d6d1d7283bbf220eb09a81bbaa047e4204406dd1c4da012022033a3e578c9ee7d903cff9bc617af38353d49ba0cb65955487aca3e841cdbfc56:922c64590222798bb761d5b6d8e72950

3
dns/dns-waf-detect.yaml
View File

@ -192,4 +192,5 @@ dns:
name: edns
words:
- ".iidns.com"
# digest: 4a0a0047304502200a845666375d02a84b9b0a1b56465d375357774b8c0c3a044dccf1e02fbf6267022100bf5e4f34f8e41d1cf13880ed6760c273df09e408a6d0c53c335dceeadac76182:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502200a845666375d02a84b9b0a1b56465d375357774b8c0c3a044dccf1e02fbf6267022100bf5e4f34f8e41d1cf13880ed6760c273df09e408a6d0c53c335dceeadac76182:922c64590222798bb761d5b6d8e72950

3
dns/dnssec-detection.yaml
View File

@ -22,4 +22,5 @@ dns:
part: answer
regex:
- "IN\tDS\\t(.+)$"
# digest: 4b0a00483046022100dd7c45e1b16ab7caba75d6b28a27e3678896daad8cc2413e3f9120efa8be540202210095b8145af0ff47b2c140dc6f9f643f058bb31768759be99af4098f2cbd0d1997:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100dd7c45e1b16ab7caba75d6b28a27e3678896daad8cc2413e3f9120efa8be540202210095b8145af0ff47b2c140dc6f9f643f058bb31768759be99af4098f2cbd0d1997:922c64590222798bb761d5b6d8e72950

3
dns/ec2-detection.yaml
View File

@ -22,4 +22,5 @@ dns:
regex:
- "ec2-[-\\d]+\\.compute[-\\d]*\\.amazonaws\\.com"
- "ec2-[-\\d]+\\.[\\w\\d\\-]+\\.compute[-\\d]*\\.amazonaws\\.com"
# digest: 4a0a00473045022100995379438eef7d1b9435317e2326c27b32ff7c257437185c9bf505dc30d972e002202882175b25ec22258156a75b31ed020bfcdc29ababcd9e052ce591ab2acb3ff8:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100995379438eef7d1b9435317e2326c27b32ff7c257437185c9bf505dc30d972e002202882175b25ec22258156a75b31ed020bfcdc29ababcd9e052ce591ab2acb3ff8:922c64590222798bb761d5b6d8e72950

5
dns/elasticbeanstalk-takeover.yaml
View File

@ -34,7 +34,7 @@ dns:
matchers:
- type: regex
regex:
- CNAME\t.*\.(us|af|ap|ca|eu|me|sa|il)\-(north|east|west|south|northeast|southeast|central)\-[1-9]+\.elasticbeanstalk\.com
- CNAME\t[a-z0-9_-]*\.(us|af|ap|ca|eu|me|sa|il)\-(north|east|west|south|northeast|southeast|central)\-[1-9]+\.elasticbeanstalk\.com
- type: word
words:
@ -44,4 +44,5 @@ dns:
- type: dsl
dsl:
- cname
# digest: 4a0a00473045022012f08819e11892c111bb05687d15d7778724b0c8a0dc3b273942a808abb8db5d022100975f67abe8561aaf4ce70dae68f9e690a349735e2182fbf3cf0d1576d0e12d87:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100b17bf9a80ae6819d64cc1a58b2cf349b843548dcbfd9d9455230cace98f79b04022100cec30c98b7df5b5d7d359146fb95c16c511856e3d7648b50b0a3e671e4b81b01:922c64590222798bb761d5b6d8e72950

3
dns/mx-fingerprint.yaml
View File

@ -28,4 +28,5 @@ dns:
group: 1
regex:
- "IN\tMX\t(.+)"
# digest: 4a0a0047304502205efe2d8fc4f39144631e42eaf8d4e45773974e43ff3d2db923203db6e044be4d022100c3fb0ba12d80ceff4ea27c45f1a3380ff6727b8a747803d3899a255fb2672f0f:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502205efe2d8fc4f39144631e42eaf8d4e45773974e43ff3d2db923203db6e044be4d022100c3fb0ba12d80ceff4ea27c45f1a3380ff6727b8a747803d3899a255fb2672f0f:922c64590222798bb761d5b6d8e72950

3
dns/mx-service-detector.yaml
View File

@ -81,4 +81,5 @@ dns:
words:
- "mx1-us1.ppe-hosted.com"
- "mx2-us1.ppe-hosted.com"
# digest: 4b0a0048304602210099a2fc7473ed27cd6def422387ade50932830f42a13a93928782b060f911f4bf0221009505a43f95011404d692365315d646406918c54d2829546a2312d4d67440ac0e:922c64590222798bb761d5b6d8e72950
# digest: 4b0a0048304602210099a2fc7473ed27cd6def422387ade50932830f42a13a93928782b060f911f4bf0221009505a43f95011404d692365315d646406918c54d2829546a2312d4d67440ac0e:922c64590222798bb761d5b6d8e72950

3
dns/nameserver-fingerprint.yaml
View File

@ -25,4 +25,5 @@ dns:
group: 1
regex:
- "IN\tNS\t(.+)"
# digest: 4a0a0047304502201ea440eb1f3de07432e12f94f89b2db94a960b7e41bf0a985db8454471217852022100ea06c3b9f829f1e4cbdd3e2ce32b039e0cf6150525202a42361133fb321794fc:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502201ea440eb1f3de07432e12f94f89b2db94a960b7e41bf0a985db8454471217852022100ea06c3b9f829f1e4cbdd3e2ce32b039e0cf6150525202a42361133fb321794fc:922c64590222798bb761d5b6d8e72950

3
dns/ptr-fingerprint.yaml
View File

@ -25,4 +25,5 @@ dns:
group: 1
regex:
- "IN\tPTR\t(.+)"
# digest: 490a00463044022028a8f25e5f2d2d00e9aa403a801265be54f6889185388c416baef105d9b58193022011b971c138e5bf8e83bd52bc68b65f3c7ac9c81a43320629549465a1bc8be1d3:922c64590222798bb761d5b6d8e72950
# digest: 490a00463044022028a8f25e5f2d2d00e9aa403a801265be54f6889185388c416baef105d9b58193022011b971c138e5bf8e83bd52bc68b65f3c7ac9c81a43320629549465a1bc8be1d3:922c64590222798bb761d5b6d8e72950

3
dns/servfail-refused-hosts.yaml
View File

@ -19,4 +19,5 @@ dns:
words:
- "SERVFAIL"
- "REFUSED"
# digest: 4a0a0047304502201e4ab6d52233b5600ef7e9f54060934699002359838bd2802d602b642154ea1402210094809cea67fc9ad6c8a472142c8b3afb960c5e5cb3dfdd6708cb84f411a1790f:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502201e4ab6d52233b5600ef7e9f54060934699002359838bd2802d602b642154ea1402210094809cea67fc9ad6c8a472142c8b3afb960c5e5cb3dfdd6708cb84f411a1790f:922c64590222798bb761d5b6d8e72950

3
dns/spoofable-spf-records-ptr.yaml
View File

@ -22,4 +22,5 @@ dns:
- "v=spf1"
- " ptr "
condition: and
# digest: 4a0a00473045022100dcb965b47233e3942f4879e832d145cc6ade3ddc990891e0ff365e8209a6aa8302201ecdb55e85d79a9c4e2d585fd8ce7b83e7549fb3bc257be05038e166b73ec1a6:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100dcb965b47233e3942f4879e832d145cc6ade3ddc990891e0ff365e8209a6aa8302201ecdb55e85d79a9c4e2d585fd8ce7b83e7549fb3bc257be05038e166b73ec1a6:922c64590222798bb761d5b6d8e72950

3
dns/txt-fingerprint.yaml
View File

@ -27,4 +27,5 @@ dns:
group: 1
regex:
- "IN\tTXT\t(.+)"
# digest: 4b0a00483046022100e4559c121d9f67b4f8ae256bc1310808d8b5223de95617f4043356431e9d65e50221008b74ba8f34d3497f956434868c133d05dfe8408acdcfa3480f7cd64284dee17a:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100e4559c121d9f67b4f8ae256bc1310808d8b5223de95617f4043356431e9d65e50221008b74ba8f34d3497f956434868c133d05dfe8408acdcfa3480f7cd64284dee17a:922c64590222798bb761d5b6d8e72950

3
dns/worksites-detection.yaml
View File

@ -20,4 +20,5 @@ dns:
- type: word
words:
- "69.164.223.206"
# digest: 4a0a0047304502205f67d327d32f1d0c1060ed655d0fa32415cd9c82a90d37b6edd56c72c001e3d9022100a3955a69d030743492077d921ae562a00dce69a8def4abad33b18f0a982a8a0e:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502205f67d327d32f1d0c1060ed655d0fa32415cd9c82a90d37b6edd56c72c001e3d9022100a3955a69d030743492077d921ae562a00dce69a8def4abad33b18f0a982a8a0e:922c64590222798bb761d5b6d8e72950

3
file/android/adb-backup-enabled.yaml
View File

@ -18,4 +18,5 @@ file:
- type: word
words:
- "android:allowBackup=\"true\""
# digest: 490a00463044022079148ddcb17d63e510878ffcf923d2c9074822a68a15975e82dfacf0b823b75b02201099b266190b9e360ff401f621c9b6e6362c5bdcc37de07adc1c01c379307ad0:922c64590222798bb761d5b6d8e72950
# digest: 490a00463044022079148ddcb17d63e510878ffcf923d2c9074822a68a15975e82dfacf0b823b75b02201099b266190b9e360ff401f621c9b6e6362c5bdcc37de07adc1c01c379307ad0:922c64590222798bb761d5b6d8e72950

2
file/android/biometric-detect.yaml
View File

@ -20,4 +20,4 @@ file:
- "android.permission.USE_BIOMETRIC"
# Enhanced by md on 2023/05/02
# digest: 4b0a00483046022100f43f7c82a443df1bdd1728b98b23a3d63aaa901d0338bf24a418fa62aa5b99c3022100d42fbf9d55efd87f006503421e1589c32046deb9fe240809156c321d870cfec9:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100f43f7c82a443df1bdd1728b98b23a3d63aaa901d0338bf24a418fa62aa5b99c3022100d42fbf9d55efd87f006503421e1589c32046deb9fe240809156c321d870cfec9:922c64590222798bb761d5b6d8e72950

2
file/android/certificate-validation.yaml
View File

@ -19,4 +19,4 @@ file:
- "Landroid/webkit/SslErrorHandler;->proceed()V"
# Enhanced by md on 2023/05/02
# digest: 4a0a00473045022100aef4ef4ea43eae93cb0373d207d40684412a63044e33386a05852840b2ee110702203dce816c57358a4a1b8ddf362be46263693e4295e9bcff78bfd6d7f2e32f6cd3:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100aef4ef4ea43eae93cb0373d207d40684412a63044e33386a05852840b2ee110702203dce816c57358a4a1b8ddf362be46263693e4295e9bcff78bfd6d7f2e32f6cd3:922c64590222798bb761d5b6d8e72950

2
file/android/content-scheme.yaml
View File

@ -19,4 +19,4 @@ file:
- "android:scheme=\"content\""
# Enhanced by md on 2023/05/03
# digest: 4a0a0047304502201ca83928239ca3b0a3219fa4f2907f800eb31702bca0f70be096d4c26d041343022100a07bae71e1117a4eee7953c74184cb2bc2ee89e96b8c9af492bd20f66e6e9a6c:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502201ca83928239ca3b0a3219fa4f2907f800eb31702bca0f70be096d4c26d041343022100a07bae71e1117a4eee7953c74184cb2bc2ee89e96b8c9af492bd20f66e6e9a6c:922c64590222798bb761d5b6d8e72950

3
file/android/debug-enabled.yaml
View File

@ -13,4 +13,5 @@ file:
- type: regex
regex:
- "android:debuggable=\"true\""
# digest: 4a0a0047304502203616fe532eee00daa7402f8e6595e34c0ce7bc19cc6777f164d069adb081267e022100cf17913c42a3a234371ca0236fbd066317c53d36b3c6ceabffb130eeffadbcf8:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502203616fe532eee00daa7402f8e6595e34c0ce7bc19cc6777f164d069adb081267e022100cf17913c42a3a234371ca0236fbd066317c53d36b3c6ceabffb130eeffadbcf8:922c64590222798bb761d5b6d8e72950

2
file/android/deep-link-detect.yaml
View File

@ -30,4 +30,4 @@ file:
condition: and
# Enhanced by md on 2023/05/02
# digest: 490a0046304402207edbcd24d76af152b6368274009d835e0462d0256c4e99c2819ca0f9e691ec34022078cfca39b64958091ac474623fb5bdc89f79e3e0e716ecc706b092fd003b9987:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402207edbcd24d76af152b6368274009d835e0462d0256c4e99c2819ca0f9e691ec34022078cfca39b64958091ac474623fb5bdc89f79e3e0e716ecc706b092fd003b9987:922c64590222798bb761d5b6d8e72950

2
file/android/dynamic-broadcast-receiver.yaml
View File

@ -19,4 +19,4 @@ file:
- ";->registerReceiver(Landroid/content/BroadcastReceiver;Landroid/content/IntentFilter;)"
# Enhanced by md on 2023/05/02
# digest: 490a0046304402200a21274be70d274c77c63cf66b98e1d17b14fcbfff10995feefc37a44c7cbc6a022076339e3fbebc6122b4991b64b1c1208697e31560886e2d86f5a0ac665c582758:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402200a21274be70d274c77c63cf66b98e1d17b14fcbfff10995feefc37a44c7cbc6a022076339e3fbebc6122b4991b64b1c1208697e31560886e2d86f5a0ac665c582758:922c64590222798bb761d5b6d8e72950

2
file/android/file-scheme.yaml
View File

@ -19,4 +19,4 @@ file:
- "android:scheme=\"file\""
# Enhanced by md on 2023/05/03
# digest: 4a0a00473045022100e1b3965f57f869c3babac5d0d8eaab8473fbd547ede00744e8e2dc2bb683f10c02200491a767c6fda145c2b792a960fdfac4f541c9ae9db0256dcffc1b858d9ddd13:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100e1b3965f57f869c3babac5d0d8eaab8473fbd547ede00744e8e2dc2bb683f10c02200491a767c6fda145c2b792a960fdfac4f541c9ae9db0256dcffc1b858d9ddd13:922c64590222798bb761d5b6d8e72950

3
file/android/google-storage-bucket.yaml
View File

@ -16,4 +16,5 @@ file:
- type: regex
regex:
- "[a-z0-9.-]+\\.appspot\\.com"
# digest: 4b0a00483046022100f5b1873c8bca743330c13ec8aa0470d0456310ee42d1afcf58efba79f1a645720221008f58f9cff9e8ccfea0b4a3d8e6ed14c9d20c5ddb8d6106f113a6ff0d28f29b62:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100f5b1873c8bca743330c13ec8aa0470d0456310ee42d1afcf58efba79f1a645720221008f58f9cff9e8ccfea0b4a3d8e6ed14c9d20c5ddb8d6106f113a6ff0d28f29b62:922c64590222798bb761d5b6d8e72950

2
file/android/provider-path.yaml
View File

@ -20,4 +20,4 @@ file:
- "root-path name=\"[0-9A-Za-z\\-_]{1,10}\" path=\"\""
# Enhanced by md on 2023/05/02
# digest: 4b0a00483046022100c7a1b1c2556047998abaef0b98976b35c8058ceaa66838bf8711c30ef2cf36980221009595cab483ee1f8c602d9d2c936db350b1d8622fb32470d74e62e88c43c72452:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100c7a1b1c2556047998abaef0b98976b35c8058ceaa66838bf8711c30ef2cf36980221009595cab483ee1f8c602d9d2c936db350b1d8622fb32470d74e62e88c43c72452:922c64590222798bb761d5b6d8e72950

2
file/android/webview-addjavascript-interface.yaml
View File

@ -19,4 +19,4 @@ file:
- ";->addJavascriptInterface(Ljava/lang/Object;Ljava/lang/String;)V"
# Enhanced by md on 2023/05/02
# digest: 490a0046304402203981bdb59f2dcb96fc32d914a6ad857c3ab9cc7a7e13721fbb70d5e02d56479602203f304de4f54bc79bb48097452fe53cf82aed0a50741027791fecdc92909a32a0:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402203981bdb59f2dcb96fc32d914a6ad857c3ab9cc7a7e13721fbb70d5e02d56479602203f304de4f54bc79bb48097452fe53cf82aed0a50741027791fecdc92909a32a0:922c64590222798bb761d5b6d8e72950

2
file/android/webview-javascript.yaml
View File

@ -19,4 +19,4 @@ file:
- "Landroid/webkit/WebSettings;->setJavaScriptEnabled(Z)V"
# Enhanced by md on 2023/05/03
# digest: 490a0046304402202cb44b3b176f00694b16cac7a61f5db343e65232d7dbb0e4c3f19815322ffa30022041f4229478a122c2b2f3b7878815a3391f9725e527b8eb7c18488d0c958b3324:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402202cb44b3b176f00694b16cac7a61f5db343e65232d7dbb0e4c3f19815322ffa30022041f4229478a122c2b2f3b7878815a3391f9725e527b8eb7c18488d0c958b3324:922c64590222798bb761d5b6d8e72950

2
file/android/webview-load-url.yaml
View File

@ -19,4 +19,4 @@ file:
- "Landroid/webkit/WebView;->loadUrl(Ljava/lang/String;)V"
# Enhanced by md on 2023/05/02
# digest: 4a0a0047304502203e6573c6bd46a8ffccb46b934de85f8489aa4206ace3c395eb97ded8a483ca6d022100dc2c1947834d8746ee19b34dc7ca18c67691235cb4d04c3530b52d9a072cdf22:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502203e6573c6bd46a8ffccb46b934de85f8489aa4206ace3c395eb97ded8a483ca6d022100dc2c1947834d8746ee19b34dc7ca18c67691235cb4d04c3530b52d9a072cdf22:922c64590222798bb761d5b6d8e72950

2
file/android/webview-universal-access.yaml
View File

@ -19,4 +19,4 @@ file:
- "Landroid/webkit/WebSettings;->setAllowUniversalAccessFromFileURLs(Z)V"
# Enhanced by md on 2023/05/03
# digest: 4a0a00473045022100a47e2082fc66a04948c89867eea66d41624cf5a26a7e0e6faebecd5e18281a74022025ef3b1093b7cfa7eeb45aea5a30518577674355526f2621c96bde80d175642a:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100a47e2082fc66a04948c89867eea66d41624cf5a26a7e0e6faebecd5e18281a74022025ef3b1093b7cfa7eeb45aea5a30518577674355526f2621c96bde80d175642a:922c64590222798bb761d5b6d8e72950

2
file/audit/cisco/configure-aaa-service.yaml
View File

@ -29,4 +29,4 @@ file:
- "configure terminal"
# Enhanced by md on 2023/05/02
# digest: 4a0a00473045022079df055c2e5696994818ce4c85c08341ceb33ee8812c8f7c489991bbb85c13e5022100889d8d69f0812d3402167ff57e13d702a8fde570d27ec634e6ec90edc647b81e:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022079df055c2e5696994818ce4c85c08341ceb33ee8812c8f7c489991bbb85c13e5022100889d8d69f0812d3402167ff57e13d702a8fde570d27ec634e6ec90edc647b81e:922c64590222798bb761d5b6d8e72950

2
file/audit/cisco/configure-service-timestamps-debug.yaml
View File

@ -29,4 +29,4 @@ file:
- "configure terminal"
# Enhanced by md on 2023/05/02
# digest: 4a0a00473045022100bc3785d0a7b24f396ab4fed4a8d9f901369fe263a0749c872fcaf5385e07db80022003bd8f4e1e5c637b8226641ce70b584a59608f1311c98f43fa7b74f0605ffe75:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100bc3785d0a7b24f396ab4fed4a8d9f901369fe263a0749c872fcaf5385e07db80022003bd8f4e1e5c637b8226641ce70b584a59608f1311c98f43fa7b74f0605ffe75:922c64590222798bb761d5b6d8e72950

2
file/audit/cisco/configure-service-timestamps-logmessages.yaml
View File

@ -29,4 +29,4 @@ file:
- "configure terminal"
# Enhanced by md on 2023/05/02
# digest: 4a0a00473045022100eec5568ee37b9570d34f5a84ef8cb6c87e0d4c328c563a315bae6485d81f34c602205dd2190d468102b996589f3d15fca169cf6805a71b5cd76c30f5db5d02189b25:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100eec5568ee37b9570d34f5a84ef8cb6c87e0d4c328c563a315bae6485d81f34c602205dd2190d468102b996589f3d15fca169cf6805a71b5cd76c30f5db5d02189b25:922c64590222798bb761d5b6d8e72950

3
file/audit/cisco/disable-ip-source-route.yaml
View File

@ -28,4 +28,5 @@ file:
- type: word
words:
- "configure terminal"
# digest: 4a0a00473045022074c0a1cf8e4aa1aae86601df3d56f2d8a24cbdfd644ff047cfb34ed4c79397080221009b5f95e3a473009298bb7cf875d282617fb93ad30dafc9c3f2efcba049e672ea:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022074c0a1cf8e4aa1aae86601df3d56f2d8a24cbdfd644ff047cfb34ed4c79397080221009b5f95e3a473009298bb7cf875d282617fb93ad30dafc9c3f2efcba049e672ea:922c64590222798bb761d5b6d8e72950

3
file/audit/cisco/disable-pad-service.yaml
View File

@ -27,4 +27,5 @@ file:
- type: word
words:
- "configure terminal"
# digest: 4a0a00473045022100c59ff03045b104e65dc2f92569ebc4ed981b39844b3e1fc03d48b1ed82e1e0a3022056fd96605d454caebc29595bf2d7771efe3b438061f4c50245a3897f7176ddcd:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100c59ff03045b104e65dc2f92569ebc4ed981b39844b3e1fc03d48b1ed82e1e0a3022056fd96605d454caebc29595bf2d7771efe3b438061f4c50245a3897f7176ddcd:922c64590222798bb761d5b6d8e72950

3
file/audit/cisco/enable-secret-for-password-user-and-.yaml
View File

@ -23,4 +23,5 @@ file:
- type: word
words:
- "configure terminal"
# digest: 4a0a0047304502204f6beffea112852a6e7dbf11a7fd8fe97da58385e475b5d3485a12678568107f022100afe3edd05b216cb7a94d9080430e939c95b36d13f0195516681a1e2b31874aec:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502204f6beffea112852a6e7dbf11a7fd8fe97da58385e475b5d3485a12678568107f022100afe3edd05b216cb7a94d9080430e939c95b36d13f0195516681a1e2b31874aec:922c64590222798bb761d5b6d8e72950

2
file/audit/cisco/logging-enable.yaml
View File

@ -29,4 +29,4 @@ file:
- "configure terminal"
# Enhanced by md on 2023/05/03
# digest: 4a0a0047304502202a8c038850f96007448de5721920df67d783f04b494c7cad889ff010905c651a0221008d64ff006c97de269f9503222257a6d9bf550a462eddb4112d600a65513b1321:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502202a8c038850f96007448de5721920df67d783f04b494c7cad889ff010905c651a0221008d64ff006c97de269f9503222257a6d9bf550a462eddb4112d600a65513b1321:922c64590222798bb761d5b6d8e72950

2
file/audit/cisco/set-and-secure-passwords.yaml
View File

@ -29,4 +29,4 @@ file:
- "configure terminal"
# Enhanced by md on 2023/05/03
# digest: 490a0046304402207029e29a2d75aea030e8818991a5da7ab7c47204f24a1c238ddcfd78138d8c2e022013f3a96886a9daa37c9df80d46fe6ec3f59a1cce3423fae634016908b8e5ee2c:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402207029e29a2d75aea030e8818991a5da7ab7c47204f24a1c238ddcfd78138d8c2e022013f3a96886a9daa37c9df80d46fe6ec3f59a1cce3423fae634016908b8e5ee2c:922c64590222798bb761d5b6d8e72950

2
file/audit/fortigate/auto-usb-install.yaml
View File

@ -31,4 +31,4 @@ file:
condition: or
# Enhanced by md on 2023/05/03
# digest: 4b0a00483046022100ccc576bcc6257505a68ceaefbbe56b0c66e38c49ec5b93942176d669e5e01959022100fab05994e7edde53474a33d7e43c9513f59ff7a55d485122457864b2390aeb5e:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100ccc576bcc6257505a68ceaefbbe56b0c66e38c49ec5b93942176d669e5e01959022100fab05994e7edde53474a33d7e43c9513f59ff7a55d485122457864b2390aeb5e:922c64590222798bb761d5b6d8e72950

2
file/audit/fortigate/heuristic-scan.yaml
View File

@ -32,4 +32,4 @@ file:
condition: or
# Enhanced by md on 2023/05/03
# digest: 4a0a00473045022100fa37189cba4ed2ec0013bb0b51b8a53f8d0cbc15e173827ddb5936e9d9bf7f1e02206dfeeaf7dffec71e85545522022158bb29aa157802a79a06a040ed4c112abbb5:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100fa37189cba4ed2ec0013bb0b51b8a53f8d0cbc15e173827ddb5936e9d9bf7f1e02206dfeeaf7dffec71e85545522022158bb29aa157802a79a06a040ed4c112abbb5:922c64590222798bb761d5b6d8e72950

2
file/audit/fortigate/inactivity-timeout.yaml
View File

@ -30,4 +30,4 @@ file:
condition: or
# Enhanced by md on 2023/05/03
# digest: 4a0a00473045022100cea6b95920897938fc382b500396ac8f32ff99b0eec0ecaf088fb5cb0449776802202a68db332abee65d2afb58c2fa4c6934543e89992df389a9f324ad70d6a67c9b:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100cea6b95920897938fc382b500396ac8f32ff99b0eec0ecaf088fb5cb0449776802202a68db332abee65d2afb58c2fa4c6934543e89992df389a9f324ad70d6a67c9b:922c64590222798bb761d5b6d8e72950

3
file/audit/fortigate/maintainer-account.yaml
View File

@ -28,4 +28,5 @@ file:
- "config router"
- "config firewall"
condition: or
# digest: 4a0a0047304502210095dfe6f50e1344c29cb73fdf72e79eec9b146ee421cafb0ec09d8b252f26cd18022019682a67d6b6265c8c4ca6ba95d900ce429ad5bbb188af95953698ab445dad8b:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502210095dfe6f50e1344c29cb73fdf72e79eec9b146ee421cafb0ec09d8b252f26cd18022019682a67d6b6265c8c4ca6ba95d900ce429ad5bbb188af95953698ab445dad8b:922c64590222798bb761d5b6d8e72950

3
file/audit/fortigate/password-policy.yaml
View File

@ -28,4 +28,5 @@ file:
- "config router"
- "config firewall"
condition: or
# digest: 4a0a00473045022100973422e6e42cfee55eeb7bcb78a54ebc4382c2e74d87bd231fcdd44e89c42b5d02207cf72f8c099025aa5c7aad767d31a2847cf74fbbe73c43194502bf807d9c81b7:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100973422e6e42cfee55eeb7bcb78a54ebc4382c2e74d87bd231fcdd44e89c42b5d02207cf72f8c099025aa5c7aad767d31a2847cf74fbbe73c43194502bf807d9c81b7:922c64590222798bb761d5b6d8e72950

3
file/audit/fortigate/remote-auth-timeout.yaml
View File

@ -29,4 +29,5 @@ file:
- "config router"
- "config firewall"
condition: or
# digest: 4a0a004730450220460b3387929bbf2d35f5e220f1501f7e95aee4169633d49cab715e89830e44b102210090004afc4f71c06bfc0c3b2762dd2f6094c2abbe7cef201ebd30f98b7c38e3a5:922c64590222798bb761d5b6d8e72950
# digest: 4a0a004730450220460b3387929bbf2d35f5e220f1501f7e95aee4169633d49cab715e89830e44b102210090004afc4f71c06bfc0c3b2762dd2f6094c2abbe7cef201ebd30f98b7c38e3a5:922c64590222798bb761d5b6d8e72950

3
file/audit/fortigate/scp-admin.yaml
View File

@ -28,4 +28,5 @@ file:
- "config router"
- "config firewall"
condition: or
# digest: 4a0a00473045022017907ef84d543d31938a81f98b74c0e2cbb8046446564d60d93ab016b211ccbe022100bf653ab2e2a8cd2b59fe160d7c5a605fdb079fff2eb049540f0c0e59d79272dd:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022017907ef84d543d31938a81f98b74c0e2cbb8046446564d60d93ab016b211ccbe022100bf653ab2e2a8cd2b59fe160d7c5a605fdb079fff2eb049540f0c0e59d79272dd:922c64590222798bb761d5b6d8e72950

3
file/audit/fortigate/strong-ciphers.yaml
View File

@ -24,4 +24,5 @@ file:
- "config router"
- "config firewall"
condition: or
# digest: 4a0a00473045022100c807aaceda1d677145cd86b23d68df8651d47461ff50883ab407b999b3ab89d8022066419939b0b5d9f1d44fecd6958ab45e46a3f1c931ef94f2f36ca71907d46974:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100c807aaceda1d677145cd86b23d68df8651d47461ff50883ab407b999b3ab89d8022066419939b0b5d9f1d44fecd6958ab45e46a3f1c931ef94f2f36ca71907d46974:922c64590222798bb761d5b6d8e72950

2
file/audit/pfsense/configure-dns-server.yaml
View File

@ -33,4 +33,4 @@ file:
condition: and
# Enhanced by md on 2023/05/04
# digest: 4a0a0047304502206e6b95e81bec7d3776c15a7d13ee6ceec276641f2cea2b0e3f27cfbff11ffb0b022100dc3dd5041f7ff2b046b72bb868c4e08c18766913069ee573ca4da3347a603e75:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502206e6b95e81bec7d3776c15a7d13ee6ceec276641f2cea2b0e3f27cfbff11ffb0b022100dc3dd5041f7ff2b046b72bb868c4e08c18766913069ee573ca4da3347a603e75:922c64590222798bb761d5b6d8e72950

2
file/audit/pfsense/configure-session-timeout.yaml
View File

@ -36,4 +36,4 @@ file:
condition: and
# Enhanced by md on 2023/05/04
# digest: 4a0a004730450220428bd620e5177de61a4b58993a27ef7ff13adb0f5fbbd6590d7801c1f719b1710221009a9c3c9efdc4581d55bbbdebf48baf7d32ebd75cfb3cd0f0e2326b91922aceed:922c64590222798bb761d5b6d8e72950
# digest: 4a0a004730450220428bd620e5177de61a4b58993a27ef7ff13adb0f5fbbd6590d7801c1f719b1710221009a9c3c9efdc4581d55bbbdebf48baf7d32ebd75cfb3cd0f0e2326b91922aceed:922c64590222798bb761d5b6d8e72950

2
file/audit/pfsense/enable-https-protocol.yaml
View File

@ -35,4 +35,4 @@ file:
condition: and
# Enhanced by md on 2023/05/04
# digest: 4a0a0047304502200b7f468fa03dc5a9da4434cc16c2158051689e6367855fc15e3bbebc5396ce03022100dfcf501466defaa4960609da00c79d3015a88752b60735097487324e61281425:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502200b7f468fa03dc5a9da4434cc16c2158051689e6367855fc15e3bbebc5396ce03022100dfcf501466defaa4960609da00c79d3015a88752b60735097487324e61281425:922c64590222798bb761d5b6d8e72950

2
file/audit/pfsense/known-default-account.yaml
View File

@ -27,4 +27,4 @@ file:
condition: and
# Enhanced by md on 2023/05/04
# digest: 490a004630440220021b724d5c938c772dce4f4fb69947f5b07bb278e82211289af983207ea2091902205e36a512ae90e197d329cfa247658297e6bf6ffdde97aa1f6c54900c057c1448:922c64590222798bb761d5b6d8e72950
# digest: 490a004630440220021b724d5c938c772dce4f4fb69947f5b07bb278e82211289af983207ea2091902205e36a512ae90e197d329cfa247658297e6bf6ffdde97aa1f6c54900c057c1448:922c64590222798bb761d5b6d8e72950

2
file/audit/pfsense/password-protected-consolemenu.yaml
View File

@ -36,4 +36,4 @@ file:
condition: and
# Enhanced by md on 2023/05/04
# digest: 490a00463044022012ee67126f50b5cf259b101b1f2b9ea34d9675f8d1741eb4edfb87b4abfeca6202207f3522cd9d8e35fe7d2dcccc815c28638b0799ceded0dbeea3572cb3f612e891:922c64590222798bb761d5b6d8e72950
# digest: 490a00463044022012ee67126f50b5cf259b101b1f2b9ea34d9675f8d1741eb4edfb87b4abfeca6202207f3522cd9d8e35fe7d2dcccc815c28638b0799ceded0dbeea3572cb3f612e891:922c64590222798bb761d5b6d8e72950

2
file/audit/pfsense/set-hostname.yaml
View File

@ -27,4 +27,4 @@ file:
condition: and
# Enhanced by md on 2023/05/04
# digest: 4a0a00473045022052d3112a4e98adccd6b8fccd98f95244557d07eb4caef53dc9f09b7f996d642e022100e56f7d85f2d9bcbb8a03fc01e20588b9d2cb93de814a82b1e77069c2b48be485:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022052d3112a4e98adccd6b8fccd98f95244557d07eb4caef53dc9f09b7f996d642e022100e56f7d85f2d9bcbb8a03fc01e20588b9d2cb93de814a82b1e77069c2b48be485:922c64590222798bb761d5b6d8e72950

3
file/bash/bash-scanner.yaml
View File

@ -44,4 +44,5 @@ file:
name: unknown filedownload
regex:
- '(wget|curl) (https?|ftp|file)://[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]\.[-A-Za-z0-9\+&@#/%?=~_|!:,.;]*[-A-Za-z0-9\+&@#/%=~_|]$'
# digest: 4a0a00473045022100db6e5f84fe8da8728aa4f05dd83a5d033d062fe552a148d3cf2fd599277d1eaf022040d4296bef6df6b57b8381af30fc75730d9bf8103ce7d37bdcfbe91317fc5344:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100db6e5f84fe8da8728aa4f05dd83a5d033d062fe552a148d3cf2fd599277d1eaf022040d4296bef6df6b57b8381af30fc75730d9bf8103ce7d37bdcfbe91317fc5344:922c64590222798bb761d5b6d8e72950

3
file/electron/electron-version-detect.yaml
View File

@ -19,4 +19,5 @@ file:
- type: regex
regex:
- '"electronVersion":"[^"]*"'
# digest: 4b0a00483046022100a04f77fdda5916ff33b294ee3addb5451db77585a39ae8673f4cdfed08974d7b022100d421b8bd0600e4310c8ef55ea0b2a18771258f3c6c6ab884e8d661a6965c3112:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100a04f77fdda5916ff33b294ee3addb5451db77585a39ae8673f4cdfed08974d7b022100d421b8bd0600e4310c8ef55ea0b2a18771258f3c6c6ab884e8d661a6965c3112:922c64590222798bb761d5b6d8e72950

3
file/electron/node-integration-enabled.yaml
View File

@ -17,4 +17,5 @@ file:
- type: word
words:
- "nodeIntegration: true"
# digest: 4a0a00473045022070caab60eefc323b37e341d70c757d85c7fedf66d0e35b51a425a8aa7ec6c847022100bca4045fc5d68b14d123532d732daa73ffbc5af0e124764325706d859da74e9f:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022070caab60eefc323b37e341d70c757d85c7fedf66d0e35b51a425a8aa7ec6c847022100bca4045fc5d68b14d123532d732daa73ffbc5af0e124764325706d859da74e9f:922c64590222798bb761d5b6d8e72950

3
file/js/js-analyse.yaml
View File

@ -30,4 +30,5 @@ file:
name: extracted-uri
regex:
- "(?i)([a-z]{0,10}):(//|/)[a-z0-9\\./?&-_=:]+"
# digest: 490a004630440220295fa966d911a692e343adc830f080654abda1d1b1f3e59a421a54a5e9d29fe802203b8bf407243a4e13d0567bf99a9c6b4f6bcb863600c1a6a54c53cc67bec50f51:922c64590222798bb761d5b6d8e72950
# digest: 490a004630440220295fa966d911a692e343adc830f080654abda1d1b1f3e59a421a54a5e9d29fe802203b8bf407243a4e13d0567bf99a9c6b4f6bcb863600c1a6a54c53cc67bec50f51:922c64590222798bb761d5b6d8e72950

3
file/keys/adafruit-key.yaml
View File

@ -19,4 +19,5 @@ file:
part: body
regex:
- (?i)(?:adafruit)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
# digest: 4a0a00473045022100e18e66c25918d1d8e980ab39a1d206e65dc34ef8b6ae0e043c87d34f0496d4260220651cd87fb75b897e27766f354e0711534ef67b6f368885d00fbf79ed44ed72a7:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100e18e66c25918d1d8e980ab39a1d206e65dc34ef8b6ae0e043c87d34f0496d4260220651cd87fb75b897e27766f354e0711534ef67b6f368885d00fbf79ed44ed72a7:922c64590222798bb761d5b6d8e72950

3
file/keys/adobe/adobe-client.yaml
View File

@ -19,4 +19,5 @@ file:
part: body
regex:
- (?i)(?:adobe)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
# digest: 4a0a00473045022100eff30b8e55f06b16c9d6319765c2ad58854c26856e355f039d1d5414b5d8258f02205c05e1a7b8edf37112c3c501eafc3207179c8e9afdda5f9c6ca93dc1dc7b9438:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100eff30b8e55f06b16c9d6319765c2ad58854c26856e355f039d1d5414b5d8258f02205c05e1a7b8edf37112c3c501eafc3207179c8e9afdda5f9c6ca93dc1dc7b9438:922c64590222798bb761d5b6d8e72950

3
file/keys/adobe/adobe-secret.yaml
View File

@ -21,4 +21,5 @@ file:
part: body
regex:
- '(?i)\b(p8e-[a-z0-9-]{32})(?:[^a-z0-9-]|$)'
# digest: 4b0a0048304602210086cdebe3a78bf4282ea6b7e8107b833e98c6242501edc53c34ffad1d06dd8d760221009a912c40a016bdff61787eeb9d6fc9386c840a2b69b4c96915612c00fce6b493:922c64590222798bb761d5b6d8e72950
# digest: 4b0a0048304602210086cdebe3a78bf4282ea6b7e8107b833e98c6242501edc53c34ffad1d06dd8d760221009a912c40a016bdff61787eeb9d6fc9386c840a2b69b4c96915612c00fce6b493:922c64590222798bb761d5b6d8e72950

3
file/keys/age/age-identity-secret-key.yaml
View File

@ -20,4 +20,5 @@ file:
part: body
regex:
- '\bAGE-SECRET-KEY-1[0-9A-Z]{58}\b'
# digest: 4a0a0047304502201a1f14a0a6f72bbd8e353c6db3647c596ccee294516249b42df3757df4fa56b7022100fe1dc8b4a2e83bd842dced9fff217732d392b28eb0dd027f7e6f75f5aff9d634:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502201a1f14a0a6f72bbd8e353c6db3647c596ccee294516249b42df3757df4fa56b7022100fe1dc8b4a2e83bd842dced9fff217732d392b28eb0dd027f7e6f75f5aff9d634:922c64590222798bb761d5b6d8e72950

3
file/keys/age/age-recipient-public-key.yaml
View File

@ -20,4 +20,5 @@ file:
part: body
regex:
- '\bage1[0-9a-z]{58}\b'
# digest: 4a0a004730450221009fb14853721aa355f4dff9b164fd098ba99f8c579e3ef82325210e6fbbb8918f02203f2a50f4e91298e867107a4af77f80f70cbc2a5c7cad4fa4133d2d7233d51dda:922c64590222798bb761d5b6d8e72950
# digest: 4a0a004730450221009fb14853721aa355f4dff9b164fd098ba99f8c579e3ef82325210e6fbbb8918f02203f2a50f4e91298e867107a4af77f80f70cbc2a5c7cad4fa4133d2d7233d51dda:922c64590222798bb761d5b6d8e72950

3
file/keys/airtable-key.yaml
View File

@ -19,4 +19,5 @@ file:
part: body
regex:
- (?i)(?:airtable)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{17})(?:['|\"|\n|\r|\s|\x60|;]|$)
# digest: 4b0a00483046022100f69a839cd0ef13a477e8e796614040b37eec85526932dca4bdf07ab3ff75f469022100ac62c27426f5f61546e702024dc2ab3293981cc05780460a2565bc9cb2c98ab8:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100f69a839cd0ef13a477e8e796614040b37eec85526932dca4bdf07ab3ff75f469022100ac62c27426f5f61546e702024dc2ab3293981cc05780460a2565bc9cb2c98ab8:922c64590222798bb761d5b6d8e72950

3
file/keys/algolia-key.yaml
View File

@ -19,4 +19,5 @@ file:
part: body
regex:
- (?i)(?:algolia)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
# digest: 4a0a0047304502200114ce7db1c3fde42b20020e1d0ccddb88507568c665f21e1cdc8a7b722defdb022100c707d824ef36106683f16cc962e32ac899c727c5b22db59a7af8a4ab957a27d6:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502200114ce7db1c3fde42b20020e1d0ccddb88507568c665f21e1cdc8a7b722defdb022100c707d824ef36106683f16cc962e32ac899c727c5b22db59a7af8a4ab957a27d6:922c64590222798bb761d5b6d8e72950

3
file/keys/alibaba/alibaba-key-id.yaml
View File

@ -19,4 +19,5 @@ file:
part: body
regex:
- (?i)\b((LTAI)(?i)[a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$)
# digest: 4a0a00473045022010d9489b8b59a742d40af13eab87d1a56acc81ae51021beacd81f2cb3c2020670221008cfa46cab56f8ffd121bb8dad1d515c8136517f1da385fe6d1c364fcb95ef9b2:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022010d9489b8b59a742d40af13eab87d1a56acc81ae51021beacd81f2cb3c2020670221008cfa46cab56f8ffd121bb8dad1d515c8136517f1da385fe6d1c364fcb95ef9b2:922c64590222798bb761d5b6d8e72950

3
file/keys/alibaba/alibaba-secret-id.yaml
View File

@ -19,4 +19,5 @@ file:
part: body
regex:
- (?i)(?:alibaba)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{30})(?:['|\"|\n|\r|\s|\x60|;]|$)
# digest: 490a00463044022035a425a3c37a997471e5a91829014ba9e0e5be1e272e0cecd67317fcd54f5ea202204eaf1dd7997603c327ade970d78398373e7aa475aed015b70c2c6f2ec012c25d:922c64590222798bb761d5b6d8e72950
# digest: 490a00463044022035a425a3c37a997471e5a91829014ba9e0e5be1e272e0cecd67317fcd54f5ea202204eaf1dd7997603c327ade970d78398373e7aa475aed015b70c2c6f2ec012c25d:922c64590222798bb761d5b6d8e72950

2
file/keys/amazon/amazon-account-id.yaml
View File

@ -25,4 +25,4 @@ file:
- '(?i)aws_?(?:account)_?(?:id)?["''`]?\s{0,30}(?::|=>|=)\s{0,30}["''`]?([0-9]{4}-?[0-9]{4}-?[0-9]{4})'
# Enhanced by md on 2023/05/04
# digest: 490a0046304402204cdf5ae5eafb194436533d3bd5d707d3ed6e82bde669a90a33d3d6e7f841a4f1022016cc2daac84b2c82e2566fd7f5c68b83f2f1cbf93a5a19d259ac963a0ac330d0:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402204cdf5ae5eafb194436533d3bd5d707d3ed6e82bde669a90a33d3d6e7f841a4f1022016cc2daac84b2c82e2566fd7f5c68b83f2f1cbf93a5a19d259ac963a0ac330d0:922c64590222798bb761d5b6d8e72950

2
file/keys/amazon/amazon-mws-auth-token.yaml
View File

@ -20,4 +20,4 @@ file:
- "amzn\\.mws\\.[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}"
# Enhanced by md on 2023/05/04
# digest: 4a0a00473045022100a22e9ab4357449ff0b0d0e1d56fd2a2a815900eb260c13cdc8ca5b4904508d76022030e701c98fff70a3c0e8174fe27c30c87c60b0a4acdc97555a71970ab6e5e83a:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100a22e9ab4357449ff0b0d0e1d56fd2a2a815900eb260c13cdc8ca5b4904508d76022030e701c98fff70a3c0e8174fe27c30c87c60b0a4acdc97555a71970ab6e5e83a:922c64590222798bb761d5b6d8e72950

2
file/keys/amazon/amazon-session-token.yaml
View File

@ -25,4 +25,4 @@ file:
- '(?i)(?:aws.?session|aws.?session.?token|aws.?token)["''`]?\s{0,30}(?::|=>|=)\s{0,30}["''`]?([a-z0-9/+=]{16,200})[^a-z0-9/+=]'
# Enhanced by md on 2023/05/04
# digest: 490a00463044022042bbced45aee0d6943da5aac1efe8367af4c8d494a624bf45d428530a6fcba6e02204537fb05ae1ae72607f23bf06b9c8e0d20b917ba425905e80ce47cc7835d0a70:922c64590222798bb761d5b6d8e72950
# digest: 490a00463044022042bbced45aee0d6943da5aac1efe8367af4c8d494a624bf45d428530a6fcba6e02204537fb05ae1ae72607f23bf06b9c8e0d20b917ba425905e80ce47cc7835d0a70:922c64590222798bb761d5b6d8e72950

2
file/keys/amazon/amazon-sns-token.yaml
View File

@ -21,4 +21,4 @@ file:
- 'arn:aws:sns:[a-z0-9\-]+:[0-9]+:[A-Za-z0-9\-_]+'
# Enhanced by md on 2023/05/04
# digest: 4a0a004730450220498ac9e1f8922b28f9d1bdf0b66f41b9d55ab995d2eae1c6b4fc40b0bd7b39e5022100dae071582233b67060a20eda722d8204d7fc923666496cb98c164f884e09d8d7:922c64590222798bb761d5b6d8e72950
# digest: 4a0a004730450220498ac9e1f8922b28f9d1bdf0b66f41b9d55ab995d2eae1c6b4fc40b0bd7b39e5022100dae071582233b67060a20eda722d8204d7fc923666496cb98c164f884e09d8d7:922c64590222798bb761d5b6d8e72950

2
file/keys/amazon/aws-access-id.yaml
View File

@ -20,4 +20,4 @@ file:
- "(A3T[A-Z0-9]|AKIA|AGPA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}"
# Enhanced by md on 2023/05/04
# digest: 4a0a00473045022001180031643147e369ad54d397f6e1ec99e061e1a771b8ec6b9f024bb97300a7022100b5b3b3027d3e8edea6822f05c18070f5cbd64b111c6ac7aa37e3603fcb4b08ea:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022001180031643147e369ad54d397f6e1ec99e061e1a771b8ec6b9f024bb97300a7022100b5b3b3027d3e8edea6822f05c18070f5cbd64b111c6ac7aa37e3603fcb4b08ea:922c64590222798bb761d5b6d8e72950

2
file/keys/amazon/aws-cognito.yaml
View File

@ -36,4 +36,4 @@ file:
- "sa-east-1:[0-9A-Za-z]{8}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{4}-[0-9A-Za-z]{12}"
# Enhanced by md on 2023/05/04
# digest: 4b0a00483046022100b065a7fffa3f1696948239b6546af3ff6d33ddd2ab72ce11e55831f029a152c5022100ce912a53c74a47179c62dbf4a78e93a8f5fdcbbbf497a94e6e4f4ef2e76efd91:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100b065a7fffa3f1696948239b6546af3ff6d33ddd2ab72ce11e55831f029a152c5022100ce912a53c74a47179c62dbf4a78e93a8f5fdcbbbf497a94e6e4f4ef2e76efd91:922c64590222798bb761d5b6d8e72950

3
file/keys/asana/asana-clientid.yaml
View File

@ -19,4 +19,5 @@ file:
part: body
regex:
- (?i)(?:asana)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)
# digest: 4b0a00483046022100b5bca9cba24b0a4f3098d7a320c20a2152d1a115ea4677c6ca9eb9db50503b29022100c3189ce143a347cdb085e6eefa198c7c990e16049efd071154f7012490783fac:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100b5bca9cba24b0a4f3098d7a320c20a2152d1a115ea4677c6ca9eb9db50503b29022100c3189ce143a347cdb085e6eefa198c7c990e16049efd071154f7012490783fac:922c64590222798bb761d5b6d8e72950

3
file/keys/asana/asana-clientsecret.yaml
View File

@ -19,4 +19,5 @@ file:
part: body
regex:
- (?i)(?:asana)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
# digest: 4a0a0047304502206b120f6ce1d96f67b8b676972a3f185e765c9b078a4023386c0aac41ca5f9ce6022100e263135d7df9faa92ca170f9da0cb5498ae505b0f70226672dcfed5dc23d13b5:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502206b120f6ce1d96f67b8b676972a3f185e765c9b078a4023386c0aac41ca5f9ce6022100e263135d7df9faa92ca170f9da0cb5498ae505b0f70226672dcfed5dc23d13b5:922c64590222798bb761d5b6d8e72950

3
file/keys/atlassian/atlassian-api-token.yaml
View File

@ -19,4 +19,5 @@ file:
part: body
regex:
- (?i)(?:atlassian|confluence|jira)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$)
# digest: 4b0a00483046022100f0bda35ab0c6f042d2fe14f13a5f210b1dc29f733309f6b8f4da56ce8fa8bfcb022100a0e0348deb81e70fd2cdb84edb4365eba4d60a08075348d8ada6a6e0c7e687b4:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100f0bda35ab0c6f042d2fe14f13a5f210b1dc29f733309f6b8f4da56ce8fa8bfcb022100a0e0348deb81e70fd2cdb84edb4365eba4d60a08075348d8ada6a6e0c7e687b4:922c64590222798bb761d5b6d8e72950

3
file/keys/azure/azure-connection-string.yaml
View File

@ -20,4 +20,5 @@ file:
part: body
regex:
- (?i)(?:AccountName|SharedAccessKeyName|SharedSecretIssuer)\s*=\s*([^;]{1,80})\s*;\s*.{0,10}\s*(?:AccountKey|SharedAccessKey|SharedSecretValue)\s*=\s*([^;]{1,100})(?:;|$)
# digest: 4b0a00483046022100e3adc030f2440f9928c46dd7ba3c430433c9b61b05b9c6fa51b61386028de5a502210084816e5118a166f01afc27f551f211c50e2200b9b7376bc224a4ba6a2f983750:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100e3adc030f2440f9928c46dd7ba3c430433c9b61b05b9c6fa51b61386028de5a502210084816e5118a166f01afc27f551f211c50e2200b9b7376bc224a4ba6a2f983750:922c64590222798bb761d5b6d8e72950

3
file/keys/beamer-api-token.yaml
View File

@ -19,4 +19,5 @@ file:
part: body
regex:
- (?i)(?:beamer)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(b_[a-z0-9=_\-]{44})(?:['|\"|\n|\r|\s|\x60|;]|$)
# digest: 4a0a00473045022100ea817ba9e3e2eb94ea5c101e7d41b53768607d2eac0eb3674360c0f7a3b1ff0f0220343c93b390729b5c35e68f3c11aa7cd1b653cf4dc248a3081bbee7ee2dfe8762:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100ea817ba9e3e2eb94ea5c101e7d41b53768607d2eac0eb3674360c0f7a3b1ff0f0220343c93b390729b5c35e68f3c11aa7cd1b653cf4dc248a3081bbee7ee2dfe8762:922c64590222798bb761d5b6d8e72950

3
file/keys/bitbucket/bitbucket-client-id.yaml
View File

@ -19,4 +19,5 @@ file:
part: body
regex:
- (?i)(?:bitbucket)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
# digest: 4a0a0047304502201d21d831f228092a48fbaca110d697441266b632058d244ce2f20498b0e6000c022100ee669aafd4ecd541fd947246bb16d689558c0957c790f0c5046431fea45b5535:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502201d21d831f228092a48fbaca110d697441266b632058d244ce2f20498b0e6000c022100ee669aafd4ecd541fd947246bb16d689558c0957c790f0c5046431fea45b5535:922c64590222798bb761d5b6d8e72950

3
file/keys/bitbucket/bitbucket-client-secret.yaml
View File

@ -19,4 +19,5 @@ file:
part: body
regex:
- (?i)(?:bitbucket)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)
# digest: 4a0a004730450220077c0a8011a358c155733dbfe67dfc5b4984e6e5ed7ac87be17c696422f33918022100fbb6ed954223d2567fb5c462f9902038f8fd1e2f0203cf2f277d5b75ab469740:922c64590222798bb761d5b6d8e72950
# digest: 4a0a004730450220077c0a8011a358c155733dbfe67dfc5b4984e6e5ed7ac87be17c696422f33918022100fbb6ed954223d2567fb5c462f9902038f8fd1e2f0203cf2f277d5b75ab469740:922c64590222798bb761d5b6d8e72950

3
file/keys/bittrex/bittrex-access-key.yaml
View File

@ -19,4 +19,5 @@ file:
part: body
regex:
- (?i)(?:bittrex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
# digest: 4a0a0047304502204d0670fdc66229097bc3957b07710ce86dccba983dfa36c3c980bc7fe748d229022100a77a41e67b147b7408dbc4d590e1701095a148ab10fbcc8d547d132c93a458c8:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502204d0670fdc66229097bc3957b07710ce86dccba983dfa36c3c980bc7fe748d229022100a77a41e67b147b7408dbc4d590e1701095a148ab10fbcc8d547d132c93a458c8:922c64590222798bb761d5b6d8e72950

3
file/keys/bittrex/bittrex-secret-key.yaml
View File

@ -19,4 +19,5 @@ file:
part: body
regex:
- (?i)(?:bittrex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
# digest: 4b0a00483046022100ebad288300a3b81794e829b7c3dad39ffda89ded326bd9238f601448199ebb49022100866ce04aabbf608302418d16d1ce75703e026a3e046b94f94e9dd1e3b9077ef1:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100ebad288300a3b81794e829b7c3dad39ffda89ded326bd9238f601448199ebb49022100866ce04aabbf608302418d16d1ce75703e026a3e046b94f94e9dd1e3b9077ef1:922c64590222798bb761d5b6d8e72950

2
file/keys/branch-key.yaml
View File

@ -22,4 +22,4 @@ file:
- "key_live_.{32}"
# Enhanced by md on 2023/05/04
# digest: 4a0a00473045022100f744edb25f959b276258779576a4f1fb240844fb339af77b5dbb8701453f3257022000c9a3d5ea7358604a0ef75214afb271b0a9932f53f7822a4285e8fcd67a609c:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100f744edb25f959b276258779576a4f1fb240844fb339af77b5dbb8701453f3257022000c9a3d5ea7358604a0ef75214afb271b0a9932f53f7822a4285e8fcd67a609c:922c64590222798bb761d5b6d8e72950

3
file/keys/clojars-api-token.yaml
View File

@ -19,4 +19,5 @@ file:
part: body
regex:
- (?i)(CLOJARS_)[a-z0-9]{60}
# digest: 490a0046304402204b427e6d5b0b85a2a01767e9477c9f51a650d3aa35b5659fcec845d320fb6e1f022035137915c28e8b67da2b8144515b3348bb78aa33e1dedc4bdd18ea338bf90f6d:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402204b427e6d5b0b85a2a01767e9477c9f51a650d3aa35b5659fcec845d320fb6e1f022035137915c28e8b67da2b8144515b3348bb78aa33e1dedc4bdd18ea338bf90f6d:922c64590222798bb761d5b6d8e72950

2
file/keys/cloudinary.yaml
View File

@ -20,4 +20,4 @@ file:
- "cloudinary://[0-9]{15}:[0-9A-Za-z\\-_]+@[0-9A-Za-z\\-_]+"
# Enhanced by md on 2023/05/04
# digest: 4a0a004730450220252e7780cc4b8371a27c407b24ddf19010972aa12aee03019f95364d69b55c8e022100f1fca5a7e8e7a1543c9b7a8788d4b740437f879d1d478fab3e6722c29b6dd242:922c64590222798bb761d5b6d8e72950
# digest: 4a0a004730450220252e7780cc4b8371a27c407b24ddf19010972aa12aee03019f95364d69b55c8e022100f1fca5a7e8e7a1543c9b7a8788d4b740437f879d1d478fab3e6722c29b6dd242:922c64590222798bb761d5b6d8e72950

2
file/keys/code-climate-token.yaml
View File

@ -26,4 +26,4 @@ file:
- '(?i)codeclima.{0,50}\b([a-f0-9]{64})\b'
# Enhanced by md on 2023/05/04
# digest: 490a0046304402207a635bcda050998673508eed67a6904113d5c4f53806c012840a48efa75c7aa402206da29de1cec316d7dde7ad0230d8ec023f80c50124120e96e44b1a3b91980aae:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402207a635bcda050998673508eed67a6904113d5c4f53806c012840a48efa75c7aa402206da29de1cec316d7dde7ad0230d8ec023f80c50124120e96e44b1a3b91980aae:922c64590222798bb761d5b6d8e72950

3
file/keys/codecov-access-token.yaml
View File

@ -19,4 +19,5 @@ file:
part: body
regex:
- (?i)(?:codecov)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
# digest: 4a0a0047304502205b6474a1d095e7ff69f48efef9185fe1643db0d86a145eb59faf6efbeddaf812022100bc41351f1182144ebc843b22bc0e6991c66beef1f44121e3ac9782267417eab6:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502205b6474a1d095e7ff69f48efef9185fe1643db0d86a145eb59faf6efbeddaf812022100bc41351f1182144ebc843b22bc0e6991c66beef1f44121e3ac9782267417eab6:922c64590222798bb761d5b6d8e72950

3
file/keys/coinbase-access-token.yaml
View File

@ -19,4 +19,5 @@ file:
part: body
regex:
- (?i)(?:coinbase)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)
# digest: 4a0a00473045022100de04c81768dc774c1439447e53863babe95b4b4da9b560e9a928ca1270d1ca4d02204ef63d2d69bdee98abc12524af4df155394e248d5c438f81bdf0233a4ae08820:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100de04c81768dc774c1439447e53863babe95b4b4da9b560e9a928ca1270d1ca4d02204ef63d2d69bdee98abc12524af4df155394e248d5c438f81bdf0233a4ae08820:922c64590222798bb761d5b6d8e72950

3
file/keys/confluent/confluent-access-token.yaml
View File

@ -19,4 +19,5 @@ file:
part: body
regex:
- (?i)(?:confluent)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)
# digest: 490a0046304402204842d991c39eecda77a96ba0a6063d18df92203f992cb18dc17835886787fd4e0220701a4b876eb4a3a74571e7bb840da9180e53f0dae10f1df68c2aecde452b1c5b:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402204842d991c39eecda77a96ba0a6063d18df92203f992cb18dc17835886787fd4e0220701a4b876eb4a3a74571e7bb840da9180e53f0dae10f1df68c2aecde452b1c5b:922c64590222798bb761d5b6d8e72950

Some files were not shown because too many files have changed in this diff Show More