daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

General tokens 

General tokens
patch-1
Nadino92 2020-05-07 12:14:17 +02:00 committed by GitHub
parent fba4aba846
commit 2fb9a3e57c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 29 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
tokens/general-tokens.yaml Normal file
View File

@ -0,0 +1,29 @@
id: general-tokens
#this will create a huge load of false positive
info:
name: General Tokens
author: nadino
severity: medium
requests:
- method: GET
path:
- "{{BaseURL}}"
matchers:
- type: dsl
dsl:
- 'regex("TOKEN(\")?(:|=)+(\")?",replace(toupper(body)," ",""))' #any TOKEN word
- 'regex("API(\\-|_| )+([A-Z]{3})+(\")?(:|=)+(\")?",replace(toupper(body)," ",""))' #API_XXX...
- 'regex("([A-Z]{3})+(\\-|_| )+API(\")?(:|=)+(\")?",replace(toupper(body)," ",""))' #XXX_API
- 'regex("([A-Z]{3})+(\\-|_| )+KEY(\")?(:|=)+(\")?",replace(toupper(body)," ",""))' #XXX_KEY
- 'regex("KEY(\\-|_| )+([A-Z]{3})+(\")?(:|=)+(\")?",replace(toupper(body)," ",""))' #KEY_XXX
- 'regex("SECRET(\")?(:|=)+(\")?",replace(toupper(body)," ",""))' #any SECRET word
- 'regex("AUTHORIZATION(\")?(:|=)+(\")?",replace(toupper(body)," ",""))' #any AUTHORIZATION word
- 'regex("PASSWORD(\")?(:|=)+(\")?",replace(toupper(body)," ",""))' #any PASSWORD word
extractors:
- type: regex
part: body
regex:
- "TOKEN(\")?(:|=)+(\")?"