commit
2d3ed8daff
|
@ -0,0 +1,19 @@
|
|||
id: herokuapp-detect
|
||||
|
||||
info:
|
||||
name: Detect websites using Herokuapp endpoints
|
||||
author: alifathi-h1
|
||||
severity: info
|
||||
tags: heroku,tech
|
||||
description: Detected endpoints might be vulnerable to subdomain takeover or disclose sensitive info
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
- "{{BaseURL}}"
|
||||
|
||||
extractors:
|
||||
- type: regex
|
||||
part: body
|
||||
regex:
|
||||
- "[a-z0-9.-]+\\.herokuapp\\.com"
|
Loading…
Reference in New Issue