Workflow and tags update
sandeep
parent
450254cd3d
commit
3203754361
|
|
@ -5,6 +5,7 @@ info:
|
|||
author: that_juan_ & dwisiswant0 & wdahlenb
|
||||
severity: low
|
||||
description: Sensitive environment variables may not be masked
|
||||
tags: springboot,disclosure
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ info:
|
|||
author: that_juan_ & dwisiswant0 & wdahlenb
|
||||
severity: low
|
||||
description: Sensitive environment variables may not be masked
|
||||
tags: springboot,disclosure
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ info:
|
|||
author: that_juan_ & dwisiswant0 & wdahlenb
|
||||
severity: critical
|
||||
description: Environment variables and HTTP requests can be found in the HPROF
|
||||
tags: springboot,disclosure
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ info:
|
|||
author: that_juan_ & dwisiswant0 & wdahlenb
|
||||
severity: low
|
||||
description: View recent HTTP requests and responses
|
||||
tags: springboot,disclosure
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
|
|
|
|||
|
|
@ -4,6 +4,7 @@ info:
|
|||
name: Detect Springboot Loggers
|
||||
author: that_juan_ & dwisiswant0 & wdahlenb
|
||||
severity: low
|
||||
tags: springboot,disclosure
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ info:
|
|||
author: that_juan_ & dwisiswant0 & wdahlenb
|
||||
severity: low
|
||||
description: Additional routes may be displayed
|
||||
tags: springboot,disclosure
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
|
|
|
|||
|
|
@ -5,11 +5,13 @@ info:
|
|||
author: that_juan_ & dwisiswant0 & wdahlenb
|
||||
severity: low
|
||||
description: View recent HTTP requests and responses
|
||||
tags: springboot,disclosure
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
- "{{BaseURL}}/trace"
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
|
|
|
|||
|
|
@ -13,12 +13,13 @@ workflows:
|
|||
|
||||
- template: technologies/detect-springboot-actuator.yaml
|
||||
subtemplates:
|
||||
- template: misconfiguration/springboot/springboot-configprops.yaml
|
||||
- template: misconfiguration/springboot/springboot-env.yaml
|
||||
- template: misconfiguration/springboot/springboot-heapdump.yaml
|
||||
- template: misconfiguration/springboot/springboot-loggers.yaml
|
||||
- template: misconfiguration/springboot/springboot-mappings.yaml
|
||||
- template: misconfiguration/springboot/springboot-trace.yaml
|
||||
- template: misconfiguration/springboot-configprops.yaml
|
||||
- template: misconfiguration/springboot-env.yaml
|
||||
- template: misconfiguration/springboot-heapdump.yaml
|
||||
- template: misconfiguration/springboot-httptrace.yaml
|
||||
- template: misconfiguration/springboot-loggers.yaml
|
||||
- template: misconfiguration/springboot-mappings.yaml
|
||||
- template: misconfiguration/springboot-trace.yaml
|
||||
- template: vulnerabilities/springboot/springboot-actuators-jolokia-xxe.yaml
|
||||
- template: vulnerabilities/springboot/springboot-h2-db-rce.yaml
|
||||
- template: cves/2018/CVE-2018-1271.yaml
|
||||
|
|
|
|||
Loading…
Reference in New Issue