daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Linting refactor to make yamllint happy

patch-1
Ice3man543 2020-05-25 17:22:12 +05:30
parent 10145eae51
commit 1758728197
7 changed files with 116 additions and 116 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
.github/workflows/syntax-checking.yml vendored
View File

@ -1,19 +1,21 @@
name: syntax-checking
on:
"on":
push:
branches: [ master ]
branches:
- master
pull_request:
branches: [ master ]
branches:
- master
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: 'Yamllint'
uses: karancode/yamllint-github-action@master
with:
yamllint_config_filepath: .yamllint
yamllint_strict: false
yamllint_comment: true
- uses: actions/checkout@v2
- name: Yamllint
uses: karancode/yamllint-github-action@master
with:
yamllint_config_filepath: .yamllint
yamllint_strict: false
yamllint_comment: true

28
basic-detections/general-tokens.yaml
View File

@ -1,7 +1,5 @@
id: general-tokens
#this will create a huge load of false positive
info:
name: General Tokens
author: nadino
@ -10,23 +8,23 @@ info:
requests:
- method: GET
path:
- "{{BaseURL}}"
- '{{BaseURL}}'
matchers:
- type: dsl
dsl:
- 'regex("TOKEN[\\-|_|A-Z0-9]*(\''|\")?(:|=)(\''|\")?[\\-|_|A-Z0-9]{10}",replace(toupper(body)," ",""))' #any TOKEN word
- 'regex("API[\\-|_|A-Z0-9]*(\''|\")?(:|=)(\''|\")?[\\-|_|A-Z0-9]{10}",replace(toupper(body)," ",""))' #any API word
- 'regex("KEY[\\-|_|A-Z0-9]*(\''|\")?(:|=)(\''|\")?[\\-|_|A-Z0-9]{10}",replace(toupper(body)," ",""))' #any KEY word
- 'regex("SECRET[\\-|_|A-Z0-9]*(\''|\")?(:|=)(\''|\")?[\\-|_|A-Z0-9]{10}",replace(toupper(body)," ",""))' #any SECRET word
- 'regex("AUTHORIZATION[\\-|_|A-Z0-9]*(\''|\")?(:|=)(\''|\")?[\\-|_|A-Z0-9]{10}",replace(toupper(body)," ",""))' #any AUTHORIZATION word
- 'regex("PASSWORD[\\-|_|A-Z0-9]*(\''|\")?(:|=)(\''|\")?[\\-|_|A-Z0-9]{10}",replace(toupper(body)," ",""))' #any PASSWORD word
- regex("TOKEN[\\-|_|A-Z0-9]*(\'|\")?(:|=)(\'|\")?[\\-|_|A-Z0-9]{10}",replace(toupper(body),"",""))
- regex("API[\\-|_|A-Z0-9]*(\'|\")?(:|=)(\'|\")?[\\-|_|A-Z0-9]{10}",replace(toupper(body),"",""))
- regex("KEY[\\-|_|A-Z0-9]*(\'|\")?(:|=)(\'|\")?[\\-|_|A-Z0-9]{10}",replace(toupper(body),"",""))
- regex("SECRET[\\-|_|A-Z0-9]*(\'|\")?(:|=)(\'|\")?[\\-|_|A-Z0-9]{10}",replace(toupper(body),"",""))
- regex("AUTHORIZATION[\\-|_|A-Z0-9]*(\'|\")?(:|=)(\'|\")?[\\-|_|A-Z0-9]{10}",replace(toupper(body),"",""))
- regex("PASSWORD[\\-|_|A-Z0-9]*(\'|\")?(:|=)(\'|\")?[\\-|_|A-Z0-9]{10}",replace(toupper(body),"",""))
extractors:
- type: regex
part: body
regex:
- "(T|t)(O|o)(K|k)(E|e)(N|n)[\\-|_|A-Za-z0-9]*(\''|\")?( )*(:|=)+( )*(\''|\")?[ 0-9A-Za-z\\-_]+(\''|\")?"
- "(A|a)(P|p)(Ii)[\\-|_|A-Za-z0-9]*(\''|\")?( )*(:|=)( )*(\''|\")?[ 0-9A-Za-z\\-_]+(\''|\")?"
- "(K|k)(E|e)(Y|y)[\\-|_|A-Za-z0-9]*(\''|\")?( )*(:|=)( )*(\''|\")?[ 0-9A-Za-z\\-_]+(\''|\")?"
- "(S|s)(E|e)(C|c)(R|r)(E|e)(T|t)[\\-|_|A-Za-z0-9]*(\''|\")?( )*(:|=)( )*(\''|\")?[ 0-9A-Za-z\\-_]+(\''|\")?"
- "(A|a)(U|u)(T|t)(H|h)(O|o)(R|r)(I|i)(Z|z)(A|a)(T|t)(I|i)(O|o)(N|n)[\\-|_|A-Za-z0-9]*(\''|\")?( )*(:|=)( )*(\''|\")?[ 0-9A-Za-z\\-_]+(\''|\")?"
- "(P|p)(A|a)(S|s)(S|s)(W|w)(O|o)(R|r)(D|d)[\\-|_|A-Za-z0-9]*(\''|\")?( )*(:|=)( )*(\''|\")?[ 0-9A-Za-z\\-_]+(\''|\")?"
- (T|t)(O|o)(K|k)(E|e)(N|n)[\-|_|A-Za-z0-9]*(\''|")?( )*(:|=)+()*(\''|")?[ 0-9A-Za-z\-_]+(\''|")?
- (A|a)(P|p)(Ii)[\-|_|A-Za-z0-9]*(\''|")?( )*(:|=)( )*(\''|")?[0-9A-Za-z\-_]+(\''|")?
- (K|k)(E|e)(Y|y)[\-|_|A-Za-z0-9]*(\''|")?( )*(:|=)( )*(\''|")?[0-9A-Za-z\-_]+(\''|")?
- (S|s)(E|e)(C|c)(R|r)(E|e)(T|t)[\-|_|A-Za-z0-9]*(\''|")?( )*(:|=)()*(\''|")?[ 0-9A-Za-z\-_]+(\''|")?
- (A|a)(U|u)(T|t)(H|h)(O|o)(R|r)(I|i)(Z|z)(A|a)(T|t)(I|i)(O|o)(N|n)[\-|_|A-Za-z0-9]*(\''|")?()*(:|=)( )*(\''|")?[ 0-9A-Za-z\-_]+(\''|")?
- (P|p)(A|a)(S|s)(S|s)(W|w)(O|o)(R|r)(D|d)[\-|_|A-Za-z0-9]*(\''|")?()*(:|=)( )*(\''|")?[ 0-9A-Za-z\-_]+(\''|")?

6
panels/webeditors.yaml
View File

@ -9,12 +9,12 @@ requests:
- method: GET
path:
- "{{BaseURL}}/fckeditor/_samples/default.html"
- "{{BaseURL}}/ckeditor/samples/"
- "{{BaseURL}}/ckeditor/samples/"
- "{{BaseURL}}/editor/ckeditor/samples/"
- "{{BaseURL}}/ckeditor/samples/sample_posteddata.php"
- "{{BaseURL}}/editor/ckeditor/samples/sample_posteddata.php"
- "{{BaseURL}}/editor/ckeditor/samples/sample_posteddata.php"
- "{{BaseURL}}/fck/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php"
- "{{BaseURL}}/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellcheckder.php"
- "{{BaseURL}}/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellcheckder.php"
- "{{BaseURL}}/ueditor/php/getRemoteImage.php"
matchers:
- type: word

2
security-misconfiguration/basic-cors.yaml
View File

@ -10,7 +10,7 @@ requests:
path:
- "{{BaseURL}}"
headers:
Origin: https://evil.com
Origin: "https://evil.com"
matchers:
- type: word
words:

168
subdomain-takeover/detect-all-takeovers.yaml
View File

@ -41,310 +41,310 @@ requests:
- type: regex
name: worksites
regex:
- "(?:Company Not Found|you’re looking for doesn’t exist)"
- "(?:Company Not Found|you’re looking for doesn’t exist)"
- type: word
name: landingi
words:
- It looks like you're lost
- The page you are looking for is not found
- It looks like you're lost
- The page you are looking for is not found
- type: word
name: helprace
words:
- Alias not configured!
- Admin of this Helprace account needs to set up domain alias
- "(see Step 2 here: Using your own domain with Helprace)."
- Alias not configured!
- Admin of this Helprace account needs to set up domain alias
- "(see Step 2 here: Using your own domain with Helprace)."
- type: word
name: canny
words:
- Company Not Found
- There is no such company. Did you enter the right URL?
- Company Not Found
- There is no such company. Did you enter the right URL?
- type: word
name: ngrok
words:
- ngrok.io not found
- Tunnel *.ngrok.io not found
- ngrok.io not found
- Tunnel *.ngrok.io not found
- type: word
name: tumblr
words:
- Whatever you were looking for doesn't currently exist at this address.
- There's nothing here.
- Whatever you were looking for doesn't currently exist at this address.
- There's nothing here.
- type: word
name: github
words:
- There isn't a GitHub Pages site here.
- For root URLs (like http://example.com/) you must provide an index.html file
- There isn't a GitHub Pages site here.
- For root URLs (like http://example.com/) you must provide an index.html file
- type: word
name: heroku
words:
- There's nothing here, yet.
- herokucdn.com/error-pages/no-such-app.html
- "<title>No such app</title>"
- There's nothing here, yet.
- herokucdn.com/error-pages/no-such-app.html
- "<title>No such app</title>"
- type: word
name: tictail
words:
- Building a brand of your own?
- 'to target URL: <a href="https://tictail.com'
- Start selling on Tictail.
- Building a brand of your own?
- 'to target URL: <a href="https://tictail.com'
- Start selling on Tictail.
- type: word
name: campaignmonitor
words:
- "<strong>Trying to access your account?</strong>"
- or <a href="mailto:help@createsend.com
- "<strong>Trying to access your account?</strong>"
- or <a href="mailto:help@createsend.com
- type: word
name: cargocollective
words:
- <div class="notfound">
- 404 Not Found<br>
- <div class="notfound">
- 404 Not Found<br>
- type: word
name: statuspage
words:
- Better Status Communication
- You are being <a href="https://www.statuspage.io">redirected
- Better Status Communication
- You are being <a href="https://www.statuspage.io">redirected
- type: word
name: bitbucket
words:
- The page you have requested does not exist
- Repository not found
- The page you have requested does not exist
- Repository not found
- type: word
name: smartling
words:
- Domain is not configured
- Domain is not configured
- type: word
name: acquia
words:
- If you are an Acquia Cloud customer and expect to see your site at this address
- The site you are looking for could not be found.
- If you are an Acquia Cloud customer and expect to see your site at this address
- The site you are looking for could not be found.
- type: word
name: uservoice
words:
- This UserVoice subdomain is currently available!
- This UserVoice subdomain is currently available!
- type: word
name: ghost
words:
- The thing you were looking for is no longer here
- The thing you were looking for is no longer here, or never was
- The thing you were looking for is no longer here
- The thing you were looking for is no longer here, or never was
- type: word
name: tilda
words:
- Domain has been assigned
- Domain has been assigned
- type: word
name: wordpress
words:
- Do you want to register
- Do you want to register
- type: word
name: teamwork
words:
- Oops - We didn't find your site.
- Oops - We didn't find your site.
- type: word
name: helpjuice
words:
- We could not find what you're looking for.
- We could not find what you're looking for.
- type: word
name: helpscout
words:
- 'No settings were found for this company:'
- "No settings were found for this company:"
- type: word
name: cargo
words:
- If you're moving your domain away from Cargo you must make this configuration
through your registrar's DNS control panel.
- If you're moving your domain away from Cargo you must make this configuration
through your registrar's DNS control panel.
- type: word
name: feedpress
words:
- The feed has not been found.
- The feed has not been found.
- type: word
name: surge
words:
- project not found
- project not found
- type: word
name: surveygizmo
words:
- data-html-name
- data-html-name
- type: word
name: mashery
words:
- Unrecognized domain <strong>
- Unrecognized domain <strong>
- type: word
name: intercom
words:
- This page is reserved for artistic dogs.
- <h1 class="headline">Uh oh. That page doesnt exist.</h1>
- This page is reserved for artistic dogs.
- <h1 class="headline">Uh oh. That page doesnt exist.</h1>
- type: word
name: webflow
words:
- <p class="description">The page you are looking for doesn't exist or has been
moved.</p>
- <p class="description">The page you are looking for doesn't exist or has been
moved.</p>
- type: word
name: thinkific
words:
- You may have mistyped the address or the page may have moved.
- You may have mistyped the address or the page may have moved.
- type: word
name: tave
words:
- "<h1>Error 404: Page Not Found</h1>"
- "<h1>Error 404: Page Not Found</h1>"
- type: word
name: wishpond
words:
- https://www.wishpond.com/404?campaign=true
- https://www.wishpond.com/404?campaign=true
- type: word
name: aftership
words:
- Oops.</h2><p class="text-muted text-tight">The page you're looking for doesn't
exist.
- Oops.</h2><p class="text-muted text-tight">The page you're looking for doesn't
exist.
- type: word
name: aha
words:
- There is no portal here ... sending you back to Aha!
- There is no portal here ... sending you back to Aha!
- type: word
name: brightcove
words:
- '<p class="bc-gallery-error-code">Error Code: 404</p>'
- '<p class="bc-gallery-error-code">Error Code: 404</p>'
- type: word
name: bigcartel
words:
- "<h1>Oops! We couldn&#8217;t find that page.</h1>"
- "<h1>Oops! We couldn&#8217;t find that page.</h1>"
- type: word
name: activecompaign
words:
- alt="LIGHTTPD - fly light."
- alt="LIGHTTPD - fly light."
- type: word
name: compaignmonitor
words:
- Double check the URL or <a href="mailto:help@createsend.com
- Double check the URL or <a href="mailto:help@createsend.com
- type: word
name: acquia
words:
- The site you are looking for could not be found.
- The site you are looking for could not be found.
- type: word
name: proposify
words:
- If you need immediate assistance, please contact <a href="mailto:support@proposify.biz
- If you need immediate assistance, please contact <a href="mailto:support@proposify.biz
- type: word
name: simplebooklet
words:
- We can't find this <a href="https://simplebooklet.com
- We can't find this <a href="https://simplebooklet.com
- type: word
name: getresponse
words:
- With GetResponse Landing Pages, lead generation has never been easier
- With GetResponse Landing Pages, lead generation has never been easier
- type: word
name: vend
words:
- Looks like you've traveled too far into cyberspace.
- Looks like you've traveled too far into cyberspace.
- type: word
name: jetbrains
words:
- is not a registered InCloud YouTrack.
- is not a registered InCloud YouTrack.
- type: word
name: readme
words:
- Project doesnt exist... yet!
- Project doesnt exist... yet!
- type: word
name: smugmug
words:
- '{"text":"Page Not Found"'
- '{"text":"Page Not Found"'
- type: word
name: airee
words:
- Ошибка 402. Сервис Айри.рф не оплачен
- Ошибка 402. Сервис Айри.рф не оплачен
- type: word
name: kinsta
words:
- No Site For Domain
- No Site For Domain
- type: word
name: launchrock
words:
- It looks like you may have taken a wrong turn somewhere. Don't worry...it happens
to all of us.
- It looks like you may have taken a wrong turn somewhere. Don't worry...it happens
to all of us.
- type: word
name: Strikingly
words:
- But if you're looking to build your own website
- you've come to the right place.
- But if you're looking to build your own website
- you've come to the right place.
- type: word
name: HatenaBlog
words:
- 404 Blog is not found
- Sorry, we can't find the page you're looking for.
- 404 Blog is not found
- Sorry, we can't find the page you're looking for.
- type: word
name: wufoo
words:
- Profile not found
- Hmmm....something is not right.
- Profile not found
- Hmmm....something is not right.
- type: word
name: hubspot
words:
- Domain not found
- does not exist in our system
- Domain not found
- does not exist in our system
- type: word
name: jazzhr
words:
- This account no longer active
- This account no longer active
- type: word
name: smartjob
words:
- Job Board Is Unavailable
- This job board website is either expired
- This job board website is either expired or its domain name is invalid.
- Job Board Is Unavailable
- This job board website is either expired
- This job board website is either expired or its domain name is invalid.
- type: regex
name: Uptimerobot
regex:
- "^page not found$"
- "^page not found$"
- type: word
name: agile

4
tokens/slack-access-token.yaml
View File

@ -1,7 +1,7 @@
id: slack-access-token
#xoxp-702234529XXX-688970480XXX-109182524XXXX-87fa5b4d2e62ac5c16fc6ea93bXXXXXX
#xoxb-702234529XXX-1076883857XXX-Ou9aRuvtFZ4DuTsepevXXXXX
# xoxp-702234529XXX-688970480XXX-109182524XXXX-87fa5b4d2e62ac5c16fc6ea93bXXXXXX
# xoxb-702234529XXX-1076883857XXX-Ou9aRuvtFZ4DuTsepevXXXXX
info:
name: Slack access token

2
vulnerabilities/cached-aem-pages.yaml
View File

@ -4,7 +4,7 @@ info:
name: Invalidate / Flush Cached Pages From AEM
author: hetroublemakr
severity: low
#reference: @AEMSecurity
# reference: @AEMSecurity
requests:
- method: GET