daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

templateman update

patch-1
sandeep 2023-10-14 16:57:55 +05:30
parent d63d0d6ca9
commit 161b90353a
6920 changed files with 20821 additions and 14572 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
dns/azure-takeover-detection.yaml
View File

@ -13,9 +13,9 @@ info:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
cvss-score: 7.2
cwe-id: CWE-404
tags: dns,takeover,azure
metadata:
max-request: 1
tags: dns,takeover,azure
dns:
- name: "{{FQDN}}"

5
dns/caa-fingerprint.yaml
View File

@ -9,14 +9,13 @@ info:
- https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record
classification:
cwe-id: CWE-200
tags: dns,caa
metadata:
max-request: 1
tags: dns,caa
dns:
- name: "{{FQDN}}"
type: CAA
matchers:
- type: regex
regex:
@ -28,4 +27,4 @@ dns:
regex:
- 'issue "(.*)"'
- 'issuewild "(.*)"'
- 'iodef "(.*)"'
- 'iodef "(.*)"'

4
dns/detect-dangling-cname.yaml
View File

@ -12,9 +12,9 @@ info:
- https://docs.microsoft.com/en-us/azure/security/fundamentals/subdomain-takeover
classification:
cwe-id: CWE-200
tags: dns,takeover
metadata:
max-request: 1
tags: dns,takeover
dns:
- name: "{{FQDN}}"
@ -33,4 +33,4 @@ dns:
extractors:
- type: dsl
dsl:
- cname
- cname

7
dns/dmarc-detect.yaml
View File

@ -11,16 +11,15 @@ info:
- https://dmarc.org/wiki/FAQ#Why_is_DMARC_important.3F
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
tags: dns,dmarc
metadata:
max-request: 1
tags: dns,dmarc
dns:
- name: "_dmarc.{{FQDN}}"
type: TXT
matchers:
- type: regex
part: answer
@ -31,4 +30,4 @@ dns:
- type: regex
group: 1
regex:
- "IN\tTXT\t(.+)"
- "IN\tTXT\t(.+)"

5
dns/dns-saas-service-detection.yaml
View File

@ -254,8 +254,7 @@ dns:
- type: word
part: answer
name: adobe-marketo
- 'mkto-.{5,8}\.com'
name: adobe-marketo - 'mkto-.{5,8}\.com'
- type: word
part: answer
@ -349,7 +348,7 @@ dns:
words:
- zdassets.com
- zdorigin.com
- zendesk.com
- "zendesk.com"
- zopim.com
- type: word

5
dns/dns-waf-detect.yaml
View File

@ -7,9 +7,9 @@ info:
description: A DNS WAF was detected.
classification:
cwe-id: CWE-200
tags: tech,waf,dns
metadata:
max-request: 2
tags: tech,waf,dns
dns:
- name: "{{FQDN}}"
@ -17,7 +17,6 @@ dns:
- name: "{{FQDN}}"
type: NS
matchers:
- type: word
part: answer
@ -192,4 +191,4 @@ dns:
part: answer
name: edns
words:
- ".iidns.com"
- ".iidns.com"

5
dns/dnssec-detection.yaml
View File

@ -10,16 +10,15 @@ info:
- https://www.cyberciti.biz/faq/unix-linux-test-and-validate-dnssec-using-dig-command-line/
classification:
cwe-id: CWE-200
tags: dns,dnssec
metadata:
max-request: 1
tags: dns,dnssec
dns:
- name: "{{FQDN}}"
type: DS
matchers:
- type: regex
part: answer
regex:
- "IN\tDS\\t(.+)$"
- "IN\tDS\\t(.+)$"

4
dns/ec2-detection.yaml
View File

@ -9,9 +9,9 @@ info:
- https://blog.melbadry9.xyz/dangling-dns/aws/ddns-ec2-current-state
classification:
cwe-id: CWE-200
tags: dns,ec2,aws
metadata:
max-request: 1
tags: dns,ec2,aws
dns:
- name: "{{FQDN}}"
@ -21,4 +21,4 @@ dns:
- type: regex
regex:
- "ec2-[-\\d]+\\.compute[-\\d]*\\.amazonaws\\.com"
- "ec2-[-\\d]+\\.[\\w\\d\\-]+\\.compute[-\\d]*\\.amazonaws\\.com"
- "ec2-[-\\d]+\\.[\\w\\d\\-]+\\.compute[-\\d]*\\.amazonaws\\.com"

3
dns/elasticbeanstalk-takeover.yaml
View File

@ -4,8 +4,7 @@ info:
name: ElasticBeanstalk Subdomain Takeover Detection
author: philippedelteil,rotemreiss,zy9ard3,joaonevess
severity: high
description: ElasticBeanstalk subdomain takeover detected. A subdomain takeover occurs when an attacker gains control over a subdomain of a target domain. Typically, this happens when the subdomain has a canonical
name (CNAME) in the Domain Name System (DNS), but no host is providing content for it.
description: ElasticBeanstalk subdomain takeover detected. A subdomain takeover occurs when an attacker gains control over a subdomain of a target domain. Typically, this happens when the subdomain has a canonical name (CNAME) in the Domain Name System (DNS), but no host is providing content for it.
reference:
- https://github.com/EdOverflow/can-i-take-over-xyz/issues/147
- https://twitter.com/payloadartist/status/1362035009863880711

5
dns/mx-fingerprint.yaml
View File

@ -10,14 +10,13 @@ info:
- https://mxtoolbox.com/
classification:
cwe-id: CWE-200
tags: dns,mx
metadata:
max-request: 1
tags: dns,mx
dns:
- name: "{{FQDN}}"
type: MX
matchers:
- type: regex
part: answer
@ -28,4 +27,4 @@ dns:
- type: regex
group: 1
regex:
- "IN\tMX\t(.+)"
- "IN\tMX\t(.+)"

4
dns/mx-service-detector.yaml
View File

@ -7,9 +7,9 @@ info:
description: An email service was detected. Check the email service or spam filter that is used for a domain.
classification:
cwe-id: CWE-200
tags: dns,service
metadata:
max-request: 1
tags: dns,service
dns:
- name: "{{FQDN}}"
@ -80,4 +80,4 @@ dns:
name: "Proofpoint US"
words:
- "mx1-us1.ppe-hosted.com"
- "mx2-us1.ppe-hosted.com"
- "mx2-us1.ppe-hosted.com"

5
dns/nameserver-fingerprint.yaml
View File

@ -7,14 +7,13 @@ info:
description: An NS record was detected. An NS record delegates a subdomain to a set of name servers.
classification:
cwe-id: CWE-200
tags: dns,ns
metadata:
max-request: 1
tags: dns,ns
dns:
- name: "{{FQDN}}"
type: NS
matchers:
- type: regex
part: answer
@ -25,4 +24,4 @@ dns:
- type: regex
group: 1
regex:
- "IN\tNS\t(.+)"
- "IN\tNS\t(.+)"

5
dns/ptr-fingerprint.yaml
View File

@ -7,14 +7,13 @@ info:
description: A PTR record was detected. A PTR record refers to the domain name.
classification:
cwe-id: CWE-200
tags: dns,ptr
metadata:
max-request: 1
tags: dns,ptr
dns:
- name: "{{FQDN}}"
type: PTR
matchers:
- type: regex
part: answer
@ -25,4 +24,4 @@ dns:
- type: regex
group: 1
regex:
- "IN\tPTR\t(.+)"
- "IN\tPTR\t(.+)"

8
dns/servfail-refused-hosts.yaml
View File

@ -4,20 +4,18 @@ info:
name: DNS Servfail Host Finder
author: pdteam
severity: info
description: A DNS ServFail error occurred. ServFail errors occur when there is an error communicating with a DNS server. This could have a number of causes, including an error on the DNS server itself, or a temporary
networking issue.
description: A DNS ServFail error occurred. ServFail errors occur when there is an error communicating with a DNS server. This could have a number of causes, including an error on the DNS server itself, or a temporary networking issue.
classification:
cwe-id: CWE-200
tags: dns,takeover
metadata:
max-request: 1
tags: dns,takeover
dns:
- name: "{{FQDN}}"
type: A
matchers:
- type: word
words:
- "SERVFAIL"
- "REFUSED"
- "REFUSED"

5
dns/spoofable-spf-records-ptr.yaml
View File

@ -9,17 +9,16 @@ info:
- https://www.digitalocean.com/community/tutorials/how-to-use-an-spf-record-to-prevent-spoofing-improve-e-mail-reliability
classification:
cwe-id: CWE-200
tags: dns,spf
metadata:
max-request: 1
tags: dns,spf
dns:
- name: "{{FQDN}}"
type: TXT
matchers:
- type: word
words:
- "v=spf1"
- " ptr "
condition: and
condition: and

5
dns/txt-fingerprint.yaml
View File

@ -9,14 +9,13 @@ info:
- https://www.netspi.com/blog/technical/network-penetration-testing/analyzing-dns-txt-records-to-fingerprint-service-providers/
classification:
cwe-id: CWE-200
tags: dns,txt
metadata:
max-request: 1
tags: dns,txt
dns:
- name: "{{FQDN}}"
type: TXT
matchers:
- type: regex
part: answer
@ -27,4 +26,4 @@ dns:
- type: regex
group: 1
regex:
- "IN\tTXT\t(.+)"
- "IN\tTXT\t(.+)"

5
dns/worksites-detection.yaml
View File

@ -9,15 +9,14 @@ info:
- https://blog.melbadry9.xyz/dangling-dns/xyz-services/ddns-worksites
classification:
cwe-id: CWE-200
tags: dns,service
metadata:
max-request: 1
tags: dns,service
dns:
- name: "{{FQDN}}"
type: A
matchers:
- type: word
words:
- "69.164.223.206"
- "69.164.223.206"

5
file/android/adb-backup-enabled.yaml
View File

@ -5,17 +5,16 @@ info:
author: gaurang
severity: low
description: ADB Backup is enabled, which allows the backup and restore of an app's private data.
remediation: Ensure proper access or disable completely.
reference:
- https://adb-backup.com/
classification:
cwe-id: CWE-200
remediation: Ensure proper access or disable completely.
tags: android,file
file:
- extensions:
- all
matchers:
- type: word
words:
- "android:allowBackup=\"true\""
- "android:allowBackup=\"true\""

4
file/android/biometric-detect.yaml
View File

@ -7,14 +7,12 @@ info:
description: Android Biometric/Fingerprint permission files were detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
tags: android,file
file:
- extensions:
- all
matchers:
- type: word
words:

2
file/android/certificate-validation.yaml
View File

@ -10,11 +10,9 @@ info:
cvss-score: 5.3
cwe-id: CWE-200
tags: android,file
file:
- extensions:
- all
matchers:
- type: word
words:

4
file/android/content-scheme.yaml
View File

@ -7,14 +7,12 @@ info:
description: Android content scheme enabling was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
tags: android,file
file:
- extensions:
- xml
matchers:
- type: word
words:

2
file/android/debug-enabled.yaml
View File

@ -6,11 +6,9 @@ info:
severity: low
description: Android debug enabling was detected.
tags: android,file
file:
- extensions:
- all
matchers:
- type: regex
regex:

3
file/android/deep-link-detect.yaml
View File

@ -11,12 +11,11 @@ info:
- https://medium.com/@muratcanbur/intro-to-deep-linking-on-android-1b9fe9e38abd
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
metadata:
verified: true
tags: android,file,deeplink
file:
- extensions:
- xml

4
file/android/dynamic-broadcast-receiver.yaml
View File

@ -7,14 +7,12 @@ info:
description: Android dynamic broadcast receiver register functionality was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
tags: android,file
file:
- extensions:
- all
matchers:
- type: word
words:

4
file/android/file-scheme.yaml
View File

@ -7,14 +7,12 @@ info:
description: Android file scheme enabling was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
tags: android,file
file:
- extensions:
- xml
matchers:
- type: word
words:

3
file/android/google-storage-bucket.yaml
View File

@ -5,10 +5,9 @@ info:
author: Thabisocn
severity: info
metadata:
github-query: "/[a-z0-9.-]+\\.appspot\\.com/"
verified: "true"
github-query: "/[a-z0-9.-]+\\.appspot\\.com/"
tags: file,android,google
file:
- extensions:
- all

2
file/android/provider-path.yaml
View File

@ -10,11 +10,9 @@ info:
cvss-score: 5.3
cwe-id: CWE-200
tags: android,file
file:
- extensions:
- all
matchers:
- type: regex
regex:

2
file/android/webview-addjavascript-interface.yaml
View File

@ -10,11 +10,9 @@ info:
cvss-score: 5.3
cwe-id: CWE-200
tags: android,file
file:
- extensions:
- all
matchers:
- type: word
words:

4
file/android/webview-javascript.yaml
View File

@ -7,14 +7,12 @@ info:
description: WebView Javascript enabling was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
tags: android,file,javascript
file:
- extensions:
- all
matchers:
- type: word
words:

4
file/android/webview-load-url.yaml
View File

@ -7,14 +7,12 @@ info:
description: WebView loadUrl usage was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
tags: android,file
file:
- extensions:
- all
matchers:
- type: word
words:

2
file/android/webview-universal-access.yaml
View File

@ -10,11 +10,9 @@ info:
cvss-score: 5.3
cwe-id: CWE-200
tags: android,file
file:
- extensions:
- all
matchers:
- type: word
words:

5
file/audit/cisco/configure-aaa-service.yaml
View File

@ -5,15 +5,14 @@ info:
author: pussycat0x
severity: info
description: |
Cisco authentication, authorization and accounting service configuration was detected.
Cisco authentication, authorization and accounting service configuration was detected.
reference:
- https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/a1/sec-a1-cr-book/sec-cr-a2.html#GUID-E05C2E00-C01E-4053-9D12-EC37C7E8EEC5
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
tags: cisco,config-audit,cisco-switch,file,router
file:
- extensions:
- conf

5
file/audit/cisco/configure-service-timestamps-debug.yaml
View File

@ -5,15 +5,14 @@ info:
author: pussycat0x
severity: info
description: |
The configuration for service timestamps on Cisco devices was not implemented for debugging purposes. It's important to note that timestamps can be added to either debugging or logging messages independently.
The configuration for service timestamps on Cisco devices was not implemented for debugging purposes. It's important to note that timestamps can be added to either debugging or logging messages independently.
reference:
- https://www.cisco.com/E-Learning/bulk/public/tac/cim/cib/using_cisco_ios_software/cmdrefs/service_timestamps.htm
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
tags: cisco,config-audit,cisco-switch,file,router
file:
- extensions:
- conf

5
file/audit/cisco/configure-service-timestamps-logmessages.yaml
View File

@ -5,15 +5,14 @@ info:
author: pussycat0x
severity: info
description: |
Cisco service timestamp configuration for log messages was not implemented.
Cisco service timestamp configuration for log messages was not implemented.
reference:
- https://www.cisco.com/E-Learning/bulk/public/tac/cim/cib/using_cisco_ios_software/cmdrefs/service_timestamps.htm
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
tags: cisco,config-audit,cisco-switch,file,router
file:
- extensions:
- conf

5
file/audit/cisco/disable-ip-source-route.yaml
View File

@ -5,16 +5,15 @@ info:
author: pussycat0x
severity: info
description: |
Cisco IP source-route functionality has been utilized in several attacks. An attacker can potentially obtain sensitive information, modify data, and/or execute unauthorized operations.
Cisco IP source-route functionality has been utilized in several attacks. An attacker can potentially obtain sensitive information, modify data, and/or execute unauthorized operations.
remediation: Disable IP source-route where appropriate.
reference:
- https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr/command/ipaddr-cr-book/ipaddr-i4.html#GUID-C7F971DD-358F-4B43-9F3E-244F5D4A3A93
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
tags: cisco,config-audit,cisco-switch,file,router
file:
- extensions:
- conf

5
file/audit/cisco/disable-pad-service.yaml
View File

@ -5,15 +5,14 @@ info:
author: pussycat0x
severity: info
description: |
Cisco PAD service has proven vulnerable to attackers. To reduce the risk of unauthorized access, organizations should implement a security policy restricting or disabling unnecessary access.
Cisco PAD service has proven vulnerable to attackers. To reduce the risk of unauthorized access, organizations should implement a security policy restricting or disabling unnecessary access.
reference:
- http://www.cisco.com/en/US/docs/ios-xml/ios/wan/command/wan-s1.html#GUID-C5497B77-3FD4-4D2F-AB08-1317D5F5473B
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
tags: cisco,config-audit,cisco-switch,file,router
file:
- extensions:
- conf

3
file/audit/cisco/enable-secret-for-password-user-and-.yaml
View File

@ -5,11 +5,10 @@ info:
author: pussycat0x
severity: info
description: |
To configure the system to time-stamp debugging or logging messages, use one of the service timestamps global configuration commands. Use the no form of this command to disable this service.
To configure the system to time-stamp debugging or logging messages, use one of the service timestamps global configuration commands. Use the no form of this command to disable this service.
reference:
- https://www.cisco.com/E-Learning/bulk/public/tac/cim/cib/using_cisco_ios_software/cmdrefs/service_timestamps.htm
tags: cisco,config-audit,cisco-switch,file,router
file:
- extensions:
- conf

5
file/audit/cisco/logging-enable.yaml
View File

@ -5,15 +5,14 @@ info:
author: pussycat0x
severity: info
description: |
Cisco logging 'logging enable' enable command enforces the monitoring of technology risks for organizations' network devices.
Cisco logging 'logging enable' enable command enforces the monitoring of technology risks for organizations' network devices.
reference:
- https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/config-mgmt/configuration/xe-16-6/config-mgmt-xe-16-6-book/cm-config-logger.pdf
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
tags: cisco,config-audit,cisco-switch,file
file:
- extensions:
- conf

5
file/audit/cisco/set-and-secure-passwords.yaml
View File

@ -5,15 +5,14 @@ info:
author: pussycat0x
severity: info
description: |
Cisco set and secure password functionality is recommended to control privilege level access. To set a local password to control access to various privilege levels, use the enable password command in global configuration mode. To remove the password requirement, use the no form of this command.
Cisco set and secure password functionality is recommended to control privilege level access. To set a local password to control access to various privilege levels, use the enable password command in global configuration mode. To remove the password requirement, use the no form of this command.
reference:
- https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/d1/sec-d1-cr-book/sec-cr-e1.html#wp3884449514
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
tags: cisco,config-audit,cisco-switch,file
file:
- extensions:
- conf

3
file/audit/fortigate/auto-usb-install.yaml
View File

@ -8,10 +8,9 @@ info:
reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
tags: audit,config,file,firewall,fortigate
file:
- extensions:
- conf

3
file/audit/fortigate/heuristic-scan.yaml
View File

@ -9,10 +9,9 @@ info:
reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
tags: audit,config,file,firewall,fortigate
file:
- extensions:
- conf

3
file/audit/fortigate/inactivity-timeout.yaml
View File

@ -8,10 +8,9 @@ info:
reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
tags: audit,config,file,firewall,fortigate
file:
- extensions:
- conf

3
file/audit/fortigate/maintainer-account.yaml
View File

@ -8,10 +8,9 @@ info:
reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
tags: audit,config,file,firewall,fortigate
file:
- extensions:
- conf

3
file/audit/fortigate/password-policy.yaml
View File

@ -8,10 +8,9 @@ info:
reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
tags: fortigate,config,audit,file,firewall
file:
- extensions:
- conf

3
file/audit/fortigate/remote-auth-timeout.yaml
View File

@ -9,10 +9,9 @@ info:
- https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
tags: audit,config,file,firewall,fortigate
file:
- extensions:
- conf

3
file/audit/fortigate/scp-admin.yaml
View File

@ -8,10 +8,9 @@ info:
reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
tags: audit,config,file,firewall,fortigate
file:
- extensions:
- conf

1
file/audit/fortigate/strong-ciphers.yaml
View File

@ -7,7 +7,6 @@ info:
description: Weak Ciphers can be broken by an attacker in a local network and can perform attacks like Blowfish.
reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
tags: audit,config,file,firewall,fortigate
file:
- extensions:
- conf

3
file/audit/pfsense/configure-dns-server.yaml
View File

@ -10,12 +10,11 @@ info:
https://docs.netgate.com/pfsense/en/latest/recipes/dns-over-tls.html
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
metadata:
verified: true
tags: firewall,config,audit,pfsense,file
file:
- extensions:
- xml

3
file/audit/pfsense/configure-session-timeout.yaml
View File

@ -10,12 +10,11 @@ info:
https://docs.netgate.com/pfsense/en/latest/config/advanced-admin.html
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
metadata:
verified: true
tags: firewall,config,audit,pfsense,file
file:
- extensions:
- xml

3
file/audit/pfsense/enable-https-protocol.yaml
View File

@ -10,12 +10,11 @@ info:
https://docs.netgate.com/pfsense/en/latest/config/advanced-admin.html
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
metadata:
verified: true
tags: firewall,config,audit,pfsense,file
file:
- extensions:
- xml

3
file/audit/pfsense/known-default-account.yaml
View File

@ -10,10 +10,9 @@ info:
- https://docs.netgate.com/pfsense/en/latest/usermanager/defaults.html
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
tags: audit,config,file,firewall,pfsense
file:
- extensions:
- xml

3
file/audit/pfsense/password-protected-consolemenu.yaml
View File

@ -10,12 +10,11 @@ info:
https://docs.netgate.com/pfsense/en/latest/config/advanced-admin.html
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
metadata:
verified: true
tags: firewall,config,audit,pfsense,file
file:
- extensions:
- xml

3
file/audit/pfsense/set-hostname.yaml
View File

@ -10,10 +10,9 @@ info:
https://docs.netgate.com/pfsense/en/latest/config/general.html
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
tags: firewall,config,audit,pfsense,file
file:
- extensions:
- xml

1
file/bash/bash-scanner.yaml
View File

@ -9,7 +9,6 @@ info:
- https://www.tecmint.com/10-most-dangerous-commands-you-should-never-execute-on-linux/
- https://phoenixnap.com/kb/dangerous-linux-terminal-commands
tags: bash,file,shell,sh
file:
- extensions:
- sh

3
file/electron/electron-version-detect.yaml
View File

@ -8,10 +8,9 @@ info:
- https://www.electronjs.org/blog/chromium-rce-vulnerability/
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
tags: electron,file
file:
- extensions:
- json

5
file/electron/node-integration-enabled.yaml
View File

@ -10,13 +10,10 @@ info:
- https://blog.yeswehack.com/yeswerhackers/exploitation/pentesting-electron-applications/
- https://book.hacktricks.xyz/pentesting/pentesting-web/xss-to-rce-electron-desktop-apps
tags: electron,file,nodejs
file:
- extensions:
- all
matchers:
- type: word
words:
- "nodeIntegration: true"
- "nodeIntegration: true"

1
file/js/js-analyse.yaml
View File

@ -9,7 +9,6 @@ info:
metadata:
verified: true
tags: file,js-analyse,js,javascript
file:
- extensions:
- js

3
file/keys/adafruit-key.yaml
View File

@ -10,7 +10,6 @@ info:
metadata:
verified: true
tags: adafruit,file,keys
file:
- extensions:
- all
@ -19,4 +18,4 @@ file:
- type: regex
part: body
regex:
- (?i)(?:adafruit)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
- (?i)(?:adafruit)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

3
file/keys/adobe/adobe-client.yaml
View File

@ -10,7 +10,6 @@ info:
metadata:
verified: true
tags: adobe,file,token
file:
- extensions:
- all
@ -19,4 +18,4 @@ file:
- type: regex
part: body
regex:
- (?i)(?:adobe)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
- (?i)(?:adobe)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

3
file/keys/adobe/adobe-secret.yaml
View File

@ -12,7 +12,6 @@ info:
metadata:
verified: true
tags: adobe,oauth,file,token
file:
- extensions:
- all
@ -21,4 +20,4 @@ file:
- type: regex
part: body
regex:
- '(?i)\b(p8e-[a-z0-9-]{32})(?:[^a-z0-9-]|$)'
- '(?i)\b(p8e-[a-z0-9-]{32})(?:[^a-z0-9-]|$)'

3
file/keys/age/age-identity-secret-key.yaml
View File

@ -11,7 +11,6 @@ info:
metadata:
verified: true
tags: age-encryption,file,token
file:
- extensions:
- all
@ -20,4 +19,4 @@ file:
- type: regex
part: body
regex:
- '\bAGE-SECRET-KEY-1[0-9A-Z]{58}\b'
- '\bAGE-SECRET-KEY-1[0-9A-Z]{58}\b'

3
file/keys/age/age-recipient-public-key.yaml
View File

@ -11,7 +11,6 @@ info:
metadata:
verified: true
tags: age-encryption,file,token
file:
- extensions:
- all
@ -20,4 +19,4 @@ file:
- type: regex
part: body
regex:
- '\bage1[0-9a-z]{58}\b'
- '\bage1[0-9a-z]{58}\b'

3
file/keys/airtable-key.yaml
View File

@ -10,7 +10,6 @@ info:
metadata:
verified: true
tags: airtable,file,token
file:
- extensions:
- all
@ -19,4 +18,4 @@ file:
- type: regex
part: body
regex:
- (?i)(?:airtable)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{17})(?:['|\"|\n|\r|\s|\x60|;]|$)
- (?i)(?:airtable)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{17})(?:['|\"|\n|\r|\s|\x60|;]|$)

3
file/keys/algolia-key.yaml
View File

@ -10,7 +10,6 @@ info:
metadata:
verified: true
tags: algolia,file,keys
file:
- extensions:
- all
@ -19,4 +18,4 @@ file:
- type: regex
part: body
regex:
- (?i)(?:algolia)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
- (?i)(?:algolia)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

3
file/keys/alibaba/alibaba-key-id.yaml
View File

@ -10,7 +10,6 @@ info:
metadata:
verified: true
tags: alibaba,access,file,keys
file:
- extensions:
- all
@ -19,4 +18,4 @@ file:
- type: regex
part: body
regex:
- (?i)\b((LTAI)(?i)[a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$)
- (?i)\b((LTAI)(?i)[a-z0-9]{20})(?:['|\"|\n|\r|\s|\x60|;]|$)

3
file/keys/alibaba/alibaba-secret-id.yaml
View File

@ -10,7 +10,6 @@ info:
metadata:
verified: true
tags: alibaba,secret,file,keys
file:
- extensions:
- all
@ -19,4 +18,4 @@ file:
- type: regex
part: body
regex:
- (?i)(?:alibaba)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{30})(?:['|\"|\n|\r|\s|\x60|;]|$)
- (?i)(?:alibaba)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{30})(?:['|\"|\n|\r|\s|\x60|;]|$)

3
file/keys/amazon/amazon-account-id.yaml
View File

@ -9,12 +9,11 @@ info:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/aws.yml
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
metadata:
verified: true
tags: aws,amazon,token,file
file:
- extensions:
- all

1
file/keys/amazon/amazon-mws-auth-token.yaml
View File

@ -10,7 +10,6 @@ info:
cvss-score: 5.3
cwe-id: CWE-200
tags: token,file,amazon,auth
file:
- extensions:
- all

3
file/keys/amazon/amazon-session-token.yaml
View File

@ -9,12 +9,11 @@ info:
- https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/aws.yml
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
metadata:
verified: true
tags: aws,amazon,token,file,session
file:
- extensions:
- all

3
file/keys/amazon/amazon-sns-token.yaml
View File

@ -7,10 +7,9 @@ info:
description: Amazon SNS token was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
tags: file,token,amazon,aws
file:
- extensions:
- all

3
file/keys/amazon/aws-access-id.yaml
View File

@ -7,10 +7,9 @@ info:
description: Amazon Web Services Access Key ID token was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
tags: token,file
file:
- extensions:
- all

3
file/keys/amazon/aws-cognito.yaml
View File

@ -7,10 +7,9 @@ info:
description: Amazon Web Services Cognito Pool ID token was detected.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
tags: token,file
file:
- extensions:
- all

3
file/keys/asana/asana-clientid.yaml
View File

@ -10,7 +10,6 @@ info:
metadata:
verified: true
tags: asana,client,file,keys
file:
- extensions:
- all
@ -19,4 +18,4 @@ file:
- type: regex
part: body
regex:
- (?i)(?:asana)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)
- (?i)(?:asana)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)

3
file/keys/asana/asana-clientsecret.yaml
View File

@ -10,7 +10,6 @@ info:
metadata:
verified: true
tags: asana,client,file,keys,secret
file:
- extensions:
- all
@ -19,4 +18,4 @@ file:
- type: regex
part: body
regex:
- (?i)(?:asana)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
- (?i)(?:asana)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

3
file/keys/atlassian/atlassian-api-token.yaml
View File

@ -10,7 +10,6 @@ info:
metadata:
verified: true
tags: atlassian,file,token,api
file:
- extensions:
- all
@ -19,4 +18,4 @@ file:
- type: regex
part: body
regex:
- (?i)(?:atlassian|confluence|jira)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$)
- (?i)(?:atlassian|confluence|jira)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$)

1
file/keys/azure/azure-connection-string.yaml
View File

@ -11,7 +11,6 @@ info:
metadata:
verified: true
tags: azure,file,token
file:
- extensions:
- all

3
file/keys/beamer-api-token.yaml
View File

@ -10,7 +10,6 @@ info:
metadata:
verified: true
tags: beamer,file,token
file:
- extensions:
- all
@ -19,4 +18,4 @@ file:
- type: regex
part: body
regex:
- (?i)(?:beamer)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(b_[a-z0-9=_\-]{44})(?:['|\"|\n|\r|\s|\x60|;]|$)
- (?i)(?:beamer)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}(b_[a-z0-9=_\-]{44})(?:['|\"|\n|\r|\s|\x60|;]|$)

3
file/keys/bitbucket/bitbucket-client-id.yaml
View File

@ -10,7 +10,6 @@ info:
metadata:
verified: true
tags: bitbucket,file,token
file:
- extensions:
- all
@ -19,4 +18,4 @@ file:
- type: regex
part: body
regex:
- (?i)(?:bitbucket)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
- (?i)(?:bitbucket)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

3
file/keys/bitbucket/bitbucket-client-secret.yaml
View File

@ -10,7 +10,6 @@ info:
metadata:
verified: true
tags: bitbucket,file,token
file:
- extensions:
- all
@ -19,4 +18,4 @@ file:
- type: regex
part: body
regex:
- (?i)(?:bitbucket)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)
- (?i)(?:bitbucket)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)

3
file/keys/bittrex/bittrex-access-key.yaml
View File

@ -10,7 +10,6 @@ info:
metadata:
verified: true
tags: bittrex,file,token
file:
- extensions:
- all
@ -19,4 +18,4 @@ file:
- type: regex
part: body
regex:
- (?i)(?:bittrex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
- (?i)(?:bittrex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

3
file/keys/bittrex/bittrex-secret-key.yaml
View File

@ -10,7 +10,6 @@ info:
metadata:
verified: true
tags: bittrex,file,token
file:
- extensions:
- all
@ -19,4 +18,4 @@ file:
- type: regex
part: body
regex:
- (?i)(?:bittrex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
- (?i)(?:bittrex)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

3
file/keys/branch-key.yaml
View File

@ -9,10 +9,9 @@ info:
- https://github.com/BranchMetrics/android-branch-deep-linking-attribution/issues/74
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
tags: token,file
file:
- extensions:
- all

3
file/keys/clojars-api-token.yaml
View File

@ -10,7 +10,6 @@ info:
metadata:
verified: true
tags: clojars,file,token
file:
- extensions:
- all
@ -19,4 +18,4 @@ file:
- type: regex
part: body
regex:
- (?i)(CLOJARS_)[a-z0-9]{60}
- (?i)(CLOJARS_)[a-z0-9]{60}

1
file/keys/cloudinary.yaml
View File

@ -10,7 +10,6 @@ info:
cvss-score: 7.5
cwe-id: CWE-200
tags: token,file,cloudinary
file:
- extensions:
- all

3
file/keys/code-climate-token.yaml
View File

@ -10,12 +10,11 @@ info:
- https://github.com/codeclimate/ruby-test-reporter/issues/34
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
metadata:
verified: true
tags: codeclimate,token,file
file:
- extensions:
- all

3
file/keys/codecov-access-token.yaml
View File

@ -10,7 +10,6 @@ info:
metadata:
verified: true
tags: codecov,file,token
file:
- extensions:
- all
@ -19,4 +18,4 @@ file:
- type: regex
part: body
regex:
- (?i)(?:codecov)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
- (?i)(?:codecov)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

3
file/keys/coinbase-access-token.yaml
View File

@ -10,7 +10,6 @@ info:
metadata:
verified: true
tags: coinbase,file,token
file:
- extensions:
- all
@ -19,4 +18,4 @@ file:
- type: regex
part: body
regex:
- (?i)(?:coinbase)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)
- (?i)(?:coinbase)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9_-]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)

3
file/keys/confluent/confluent-access-token.yaml
View File

@ -10,7 +10,6 @@ info:
metadata:
verified: true
tags: confluent,file,token
file:
- extensions:
- all
@ -19,4 +18,4 @@ file:
- type: regex
part: body
regex:
- (?i)(?:confluent)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)
- (?i)(?:confluent)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{16})(?:['|\"|\n|\r|\s|\x60|;]|$)

3
file/keys/confluent/confluent-secret-token.yaml
View File

@ -10,7 +10,6 @@ info:
metadata:
verified: true
tags: confluent,file,token
file:
- extensions:
- all
@ -19,4 +18,4 @@ file:
- type: regex
part: body
regex:
- (?i)(?:confluent)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)
- (?i)(?:confluent)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)

3
file/keys/contentful-api-token.yaml
View File

@ -10,7 +10,6 @@ info:
metadata:
verified: true
tags: contentful,file,token
file:
- extensions:
- all
@ -19,4 +18,4 @@ file:
- type: regex
part: body
regex:
- (?i)(?:contentful)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{43})(?:['|\"|\n|\r|\s|\x60|;]|$)
- (?i)(?:contentful)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{43})(?:['|\"|\n|\r|\s|\x60|;]|$)

3
file/keys/cratesio-api-key.yaml
View File

@ -11,12 +11,11 @@ info:
- https://github.com/rust-lang/crates.io/blob/master/src/util/token.rs
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cvss-score: 0
cwe-id: CWE-200
metadata:
verified: true
tags: crates,token,file
file:
- extensions:
- all

4125
file/keys/credential-exposure-file.yaml
View File

File diff suppressed because it is too large Load Diff

1
file/keys/credentials.yaml
View File

@ -10,7 +10,6 @@ info:
cvss-score: 7.5
cwe-id: CWE-200
tags: token,file,auth
file:
- extensions:
- all

3
file/keys/databricks-api-token.yaml
View File

@ -10,7 +10,6 @@ info:
metadata:
verified: true
tags: databricks,file,token
file:
- extensions:
- all
@ -19,4 +18,4 @@ file:
- type: regex
part: body
regex:
- (?i)\b(dapi[a-h0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
- (?i)\b(dapi[a-h0-9]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

3
file/keys/datadog-access-token.yaml
View File

@ -10,7 +10,6 @@ info:
metadata:
verified: true
tags: datadog,file,token
file:
- extensions:
- all
@ -19,4 +18,4 @@ file:
- type: regex
part: body
regex:
- (?i)(?:datadog)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)
- (?i)(?:datadog)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{40})(?:['|\"|\n|\r|\s|\x60|;]|$)

3
file/keys/digitalocean/digitalocean-access-token.yaml
View File

@ -10,7 +10,6 @@ info:
metadata:
verified: true
tags: digitalocean,file,token
file:
- extensions:
- all
@ -19,4 +18,4 @@ file:
- type: regex
part: body
regex:
- (?i)\b(doo_v1_[a-f0-9]{64})\b
- (?i)\b(doo_v1_[a-f0-9]{64})\b

3
file/keys/digitalocean/digitalocean-personal-access.yaml
View File

@ -10,7 +10,6 @@ info:
metadata:
verified: true
tags: digitalocean,file,token
file:
- extensions:
- all
@ -19,4 +18,4 @@ file:
- type: regex
part: body
regex:
- (?i)\b(dop_v1_[a-f0-9]{64})\b
- (?i)\b(dop_v1_[a-f0-9]{64})\b

3
file/keys/digitalocean/digitalocean-refresh-token.yaml
View File

@ -10,7 +10,6 @@ info:
metadata:
verified: true
tags: digitalocean,file,token
file:
- extensions:
- all
@ -19,4 +18,4 @@ file:
- type: regex
part: body
regex:
- (?i)\b(dor_v1_[a-f0-9]{64})\b
- (?i)\b(dor_v1_[a-f0-9]{64})\b

3
file/keys/discord/discord-api-token.yaml
View File

@ -10,7 +10,6 @@ info:
metadata:
verified: true
tags: discord,file,token
file:
- extensions:
- all
@ -19,4 +18,4 @@ file:
- type: regex
part: body
regex:
- (?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)
- (?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-f0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)

3
file/keys/discord/discord-cilent-secret.yaml
View File

@ -10,7 +10,6 @@ info:
metadata:
verified: true
tags: discord,file,token
file:
- extensions:
- all
@ -19,4 +18,4 @@ file:
- type: regex
part: body
regex:
- (?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)
- (?i)(?:discord)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:=|\|\|:|<=|=>|:)(?:'|\"|\s|=|\x60){0,5}([a-z0-9=_\-]{32})(?:['|\"|\n|\r|\s|\x60|;]|$)

Some files were not shown because too many files have changed in this diff Show More