daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

added dns based azure takeovers

patch-1
bauthard 2020-04-29 10:23:17 +00:00
parent d10b042a93
commit 15979b9b92
2 changed files with 44 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
dns/azure-cnames-finder.yaml
View File

@ -16,14 +16,12 @@ dns:
matchers:
- type: word
words:
- "NXDOMAIN"
- "azure-api.net"
- "azure-mobile.net"
- "azurecontainer.io"
- "azurecr.io"
- "azuredatalakestore.net"
- "azureedge.net"
- "azureedge.net "
- "azurefd.net"
- "azurehdinsight.net"
- "azurewebsites.net"
@ -31,9 +29,7 @@ dns:
- "blob.core.windows.net"
- "cloudapp.azure.com"
- "cloudapp.net"
- "cloudapp.net "
- "database.windows.net"
- "elasticbeanstalk.com"
- "redis.cache.windows.net"
- "search.windows.net"
- "servicebus.windows.net"

44
dns/azure-takeover-detection.yaml Normal file
View File

@ -0,0 +1,44 @@
id: azure-takeover-detection
info:
name: Azure takeover detection
author: "pdnuclei - projectdiscovery.io"
severity: high
# Update the list with more cnames related to azure
# You need to claim the cname in Azure portal (https://portal.azure.com) to confirm the takeover.
# Do not report this without claiming the cname.
dns:
- name: "{{FQDN}}"
type: A
class: inet
recursion: true
retries: 3
matchers-condition: and
matchers:
- type: word
words:
- "azure-api.net"
- "azure-mobile.net"
- "azurecontainer.io"
- "azurecr.io"
- "azuredatalakestore.net"
- "azureedge.net"
- "azurefd.net"
- "azurehdinsight.net"
- "azurewebsites.net"
- "azurewebsites.windows.net"
- "blob.core.windows.net"
- "cloudapp.azure.com"
- "cloudapp.net"
- "database.windows.net"
- "redis.cache.windows.net"
- "search.windows.net"
- "servicebus.windows.net"
- "trafficmanager.net"
- "visualstudio.com"
- type: word
words:
- "NXDOMAIN"