Update Nuclei Detection Templates for National Vulnerability Database Correlation (#7490)

* Update Confluence Version

* Added Application Category

* Updated Grafana Template

* Updated WordPress Template

* Update grafana-detect.yaml

* Update jenkins-detect.yaml

* Update Jira Detection Template

* Update Tomcat Template

* Update Atlassian Crowd Template

* misc update

* workflow fix

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>

http/exposed-panels/atlassian-crowd-panel.yaml

@@ -2,7 +2,7 @@ id: atlassian-crowd-panel
 
 info:
   name: Atlassian Crowd Login Panel
-  author: organiccrap
+  author: organiccrap,AdamCrosser
   severity: info
   description: An Atlassian Crowd login panel was discovered.
   reference:
@@ -12,6 +12,9 @@ info:
   tags: panel,atlassian
   metadata:
     max-request: 1
+    vendor: atlassian
+    product: crowd
+    category: sso
 
 http:
   - method: GET
@@ -24,4 +27,10 @@ http:
           - <title>Atlassian Crowd - Login</title>
         part: body
 
-# Enhanced by mp on 2022/03/20
+    extractors:
+      - type: regex
+        name: version
+        group: 1
+        regex:
+          - 'value="Version:&nbsp;([\d.]+)'
+        part: body

http/exposed-panels/grafana-detect.yaml

@@ -2,7 +2,7 @@ id: grafana-detect
 
 info:
   name: Grafana Login Panel - Detect
-  author: organiccrap
+  author: organiccrap,AdamCrosser
   severity: info
   description: Grafana login panel was detected.
   classification:
@@ -12,22 +12,30 @@ info:
   metadata:
     max-request: 1
     shodan-query: title:"Grafana"
-  tags: panel,grafana
+    vendor: grafana
+    product: grafana
+    category: devops
+  tags: panel,grafana,detect
 
 http:
   - method: GET
     path:
       - "{{BaseURL}}/login"
+
     matchers:
       - type: word
+        part: body
         words:
           - "<title>Grafana</title>"
-        part: body
+
     extractors:
       - type: regex
+        name: version
         part: body
         group: 1
         regex:
           - '\"version\"\:\"([0-9.]+)\"}'
 
-# Enhanced by md on 2022/11/16
+      - type: kval
+        kval:
+          - version

http/technologies/apache/tomcat-detect.yaml

@@ -2,12 +2,14 @@ id: tomcat-detect
 
 info:
   name: Tomcat Detection
-  author: philippedelteil,dhiyaneshDk
+  author: philippedelteil,dhiyaneshDk,AdamCrosser
   severity: info
   description: If an Tomcat instance is deployed on the target URL, when we send a request for a non existent resource we receive a Tomcat error page with version.
   metadata:
     max-request: 3
     shodan-query: title:"Apache Tomcat"
+    vendor: apache
+    product: tomcat
   tags: tech,tomcat,apache
 
 http:
@@ -33,6 +35,7 @@ http:
 
     extractors:
       - type: regex
+        name: version
         group: 1
         regex:
           - '(?i)Apache Tomcat.*([0-9]\.[0-9]+\.[0-9]+)'

http/technologies/jenkins-detect.yaml

@@ -2,7 +2,7 @@ id: jenkins-detect
 
 info:
   name: Jenkins Detection
-  author: philippdelteil,daffainfo,c-sh0
+  author: philippdelteil,daffainfo,c-sh0,AdamCrosser
   severity: info
   reference:
     - https://www.jenkins.io/doc/book/using/remote-access-api/#RemoteaccessAPI-DetectingJenkinsversion
@@ -11,7 +11,10 @@ info:
   metadata:
     max-request: 2
     shodan-query: http.favicon.hash:81586312
-  tags: tech,jenkins
+    vendor: jenkins
+    product: jenkins
+    category: devops
+  tags: tech,jenkins,detect
 
 http:
   - method: GET
@@ -36,5 +39,10 @@ http:
 
     extractors:
       - type: kval
+        name: version
         kval:
           - x_jenkins
+
+      - type: kval
+        kval:
+          - version

http/technologies/jira-detect.yaml

@@ -1,17 +1,20 @@
 id: jira-detect
 
 info:
-  name: Jira Login Panel - Detect
+  name: Jira Detect
-  author: pdteam,philippedelteil
+  author: pdteam,philippedelteil,AdamCrosser
   severity: info
   description: Jira login panel was detected.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
     cvss-score: 0.0
     cwe-id: CWE-200
-  tags: panel,jira
+  tags: tech,panel,jira,atlassian
   metadata:
     max-request: 3
+    vendor: atlassian
+    product: jira
+    category: productivity
 
 http:
   - method: GET
@@ -34,5 +37,3 @@ http:
         group: 1
         regex:
           - 'title="JiraVersion" value="([0-9.]+)'
-
-# Enhanced by md on 2022/11/21

http/technologies/wordpress-detect.yaml

@@ -2,12 +2,15 @@ id: wordpress-detect
 
 info:
   name: WordPress Detect
-  author: pdteam,daffainfo,ricardomaia,topscoder
+  author: pdteam,daffainfo,ricardomaia,topscoder,AdamCrosser
   severity: info
   metadata:
     max-request: 4
     verified: true
     shodan-query: http.component:"WordPress"
+    vendor: wordpress
+    product: wordpress
+    category: cms
   tags: tech,wordpress,cms,wp
 
 http:

workflows/jira-workflow.yaml

@@ -6,6 +6,6 @@ info:
   description: A simple workflow that runs all Jira related nuclei templates on a given target.
 
 workflows:
-  - template: http/exposed-panels/jira-detect.yaml
+  - template: http/technologies/jira-detect.yaml
     subtemplates:
       - tags: jira