more tag supports

2021-04-03 13:38:45 +05:30 · 2021-04-03 13:38:45 +05:30 · 3ef39c173e
parent a1f2ecbc06
commit 3ef39c173e
66 changed files with 70 additions and 69 deletions
--- a/exposures/apis/openapi.yaml
+++ b/exposures/apis/openapi.yaml
@ -4,7 +4,7 @@ info:
  name: OpenAPI
  author: pdteam
  severity: info
-  tags: api
+  tags: exposures,api

 requests:
  - method: GET
--- a/exposures/apis/swagger-api.yaml
+++ b/exposures/apis/swagger-api.yaml
@ -4,7 +4,7 @@ info:
  name: Public Swagger API
  author: pdteam
  severity: info
-  tags: api,swagger
+  tags: exposures,api,swagger

 requests:
  - method: GET
--- a/exposures/apis/wadl-api.yaml
+++ b/exposures/apis/wadl-api.yaml
@ -4,7 +4,7 @@ info:
  name: wadl file disclosure
  author: 0xrudra & manuelbua
  severity: info
-  tags: api
+  tags: exposures,api
  reference: |
   - https://github.com/dwisiswant0/wadl-dumper
   - https://www.nopsec.com/leveraging-exposed-wadl-xml-in-burp-suite/
--- a/exposures/apis/wsdl-api.yaml
+++ b/exposures/apis/wsdl-api.yaml
@ -4,7 +4,7 @@ info:
  name: wsdl-detect
  author: jarijaas
  severity: info
-  tags: api
+  tags: exposures,api
  description: Detects web services that have WSDL (https://www.w3.org/TR/wsdl/)

 requests:
--- a/exposures/backups/settings-php-files.yaml
+++ b/exposures/backups/settings-php-files.yaml
@ -4,7 +4,7 @@ info:
  name: settings.php information disclosure
  author: sheikhrishad
  severity: medium
-  tags: backup
+  tags: exposures,backup

 requests:
  - method: GET
--- a/exposures/backups/sql-dump.yaml
+++ b/exposures/backups/sql-dump.yaml
@ -4,7 +4,7 @@ info:
  name: MySQL Dump Files
  author: geeknik & @dwisiswant0
  severity: medium
-  tags: backup
+  tags: exposures,backup

 requests:
  - method: GET
--- a/exposures/backups/zip-backup-files.yaml
+++ b/exposures/backups/zip-backup-files.yaml
@ -4,7 +4,7 @@ info:
  name: Compressed Web File
  author: Toufik Airane & @dwisiswant0
  severity: medium
-  tags: backup
+  tags: exposures,backup

 requests:
  - method: GET
--- a/exposures/configs/airflow-configuration-exposure.yaml
+++ b/exposures/configs/airflow-configuration-exposure.yaml
@ -4,7 +4,7 @@ info:
  name: Apache Airflow Configuration Exposure
  author: pd-team
  severity: medium
-  tags: config
+  tags: exposures,config

 requests:
  - method: GET
--- a/exposures/configs/alibaba-canal-info-leak.yaml
+++ b/exposures/configs/alibaba-canal-info-leak.yaml
@ -4,7 +4,7 @@ info:
  name: Alibaba Canal Info Leak
  author: pikpikcu
  severity: info
-  tags: config
+  tags: config,exposures

  # https://github.com/alibaba/canal/issues/632
  # https://netty.io/wiki/reference-counted-objects.html
--- a/exposures/configs/amazon-docker-config-disclosure.yaml
+++ b/exposures/configs/amazon-docker-config-disclosure.yaml
@ -4,7 +4,7 @@ info:
  name: Dockerrun AWS Configuration Exposure
  author: pd-team
  severity: medium
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/ansible-config-disclosure.yaml
+++ b/exposures/configs/ansible-config-disclosure.yaml
@ -4,7 +4,7 @@ info:
  name: Ansible Configuration Exposure
  author: pd-team
  severity: medium
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/awstats-config.yaml
+++ b/exposures/configs/awstats-config.yaml
@ -4,7 +4,7 @@ info:
  name: AWStats config
  author: sheikhrishad
  severity: info
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/awstats-script.yaml
+++ b/exposures/configs/awstats-script.yaml
@ -4,7 +4,7 @@ info:
  name: AWStats script
  author: sheikhrishad
  severity: info
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/circleci-config.yaml
+++ b/exposures/configs/circleci-config.yaml
@ -5,7 +5,7 @@ info:
  author: geeknik
  severity: low
  reference: https://circleci.com/docs/2.0/sample-config/
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/circleci-ssh-config.yaml
+++ b/exposures/configs/circleci-ssh-config.yaml
@ -4,7 +4,7 @@ info:
  name: circleci ssh-config exposure
  author: geeknik
  severity: low
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/composer-config.yaml
+++ b/exposures/configs/composer-config.yaml
@ -4,7 +4,7 @@ info:
  name: composer-config-file
  author: Mahendra Purbia (Mah3Sec_)
  severity: info
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/docker-compose-config.yml
+++ b/exposures/configs/docker-compose-config.yml
@ -4,7 +4,7 @@ info:
  name: docker-compose.yml exposure
  author: meme-lord & blckraven & geeknik
  severity: medium
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/eea-disclosure.yaml
+++ b/exposures/configs/eea-disclosure.yaml
@ -5,7 +5,7 @@ info:
  author: pikpikcu
  severity: high
  reference: https://www.cnvd.org.cn/flaw/show/CNVD-2021-10543
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/exposed-bitkeeper.yaml
+++ b/exposures/configs/exposed-bitkeeper.yaml
@ -5,7 +5,7 @@ info:
  author: daffainfo
  severity: low
  reference: https://www.bitkeeper.org/man/config-etc.html
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/exposed-bzr.yaml
+++ b/exposures/configs/exposed-bzr.yaml
@ -5,7 +5,7 @@ info:
  author: daffainfo
  severity: low
  reference: http://doc.bazaar.canonical.com/beta/en/user-reference/configuration-help.html
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/exposed-darcs.yaml
+++ b/exposures/configs/exposed-darcs.yaml
@ -5,7 +5,7 @@ info:
  author: daffainfo
  severity: low
  reference: http://darcs.net/Using/Configuration#sources
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/exposed-hg.yaml
+++ b/exposures/configs/exposed-hg.yaml
@ -4,7 +4,7 @@ info:
  name: Exposed HG Directory
  author: daffainfo
  severity: low
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/exposed-svn.yaml
+++ b/exposures/configs/exposed-svn.yaml
@ -4,7 +4,7 @@ info:
  name: Exposed SVN Directory
  author: udit_thakkur & dwisiswant0
  severity: medium
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/ftp-credentials-exposure.yaml
+++ b/exposures/configs/ftp-credentials-exposure.yaml
@ -4,7 +4,7 @@ info:
  name: FTP credentials exposure
  author: pikpikcu
  severity: medium
-  tags: config,ftp
+  tags: config,ftp,exposures

 requests:
  - method: GET
--- a/exposures/configs/git-config-nginxoffbyslash.yaml
+++ b/exposures/configs/git-config-nginxoffbyslash.yaml
@ -4,7 +4,7 @@ info:
  author: organiccrap
  severity: medium
  description: Nginx off-by-slash vulnerability exposes Git configuration.
-  tags: config
+  tags: config,exposures
  reference: https://twitter.com/Random_Robbie/status/1262676628167110656

 requests:
--- a/exposures/configs/git-config.yaml
+++ b/exposures/configs/git-config.yaml
@ -5,7 +5,7 @@ info:
  author: pd-team & pikpikcu
  severity: medium
  description: Searches for the pattern /.git/config on passed URLs.
-  tags: config,git
+  tags: config,git,exposures

 requests:
  - raw:
--- a/exposures/configs/gmail-api-client-secrets.yaml
+++ b/exposures/configs/gmail-api-client-secrets.yaml
@ -5,7 +5,7 @@ info:
  author: geeknik
  severity: info
  description: https://developers.google.com/gmail/api/auth/web-server
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/golang-metrics.yaml
+++ b/exposures/configs/golang-metrics.yaml
@ -5,7 +5,7 @@ info:
  author: dhiyaneshDK
  severity: low
  reference: https://hackerone.com/reports/1026196
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/honeywell-scada-config.yaml
+++ b/exposures/configs/honeywell-scada-config.yaml
@ -5,7 +5,7 @@ info:
  author: alperenkesk
  severity: low
  reference: https://www.exploit-db.com/exploits/44734
-  tags: scada,config
+  tags: scada,config,exposures

 requests:
  - method: GET
--- a/exposures/configs/htpasswd-detection.yaml
+++ b/exposures/configs/htpasswd-detection.yaml
@ -4,7 +4,7 @@ info:
  name: Detect exposed .htpasswd files
  author: geeknik
  severity: info
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/joomla-config-file.yaml
+++ b/exposures/configs/joomla-config-file.yaml
@ -5,7 +5,7 @@ info:
  author: oppsec
  severity: low
  description: configuration.php-dist is a file created by Joomla to save Joomla settings.
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/laravel-env.yaml
+++ b/exposures/configs/laravel-env.yaml
@ -4,7 +4,7 @@ info:
  name: Laravel .env file
  author: pxmme1337 & dwisiswant0 & geeknik & emenalf
  severity: medium
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/lvmeng-uts-disclosure.yaml
+++ b/exposures/configs/lvmeng-uts-disclosure.yaml
@ -4,7 +4,7 @@ info:
  name: Lvmeng UTS Disclosure
  author: pikpikcu
  severity: high
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/magento-config.yaml
+++ b/exposures/configs/magento-config.yaml
@ -3,7 +3,7 @@ info:
  name: Magento Config Disclosure
  author: geeknik
  severity: medium
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/netrc.yaml
+++ b/exposures/configs/netrc.yaml
@ -6,7 +6,7 @@ info:
  description: The .netrc file contains login and initialization information used by the auto-login process.
  reference: https://www.gnu.org/software/inetutils/manual/html_node/The-_002enetrc-file.html
  severity: high
-  tags: netrc,config
+  tags: netrc,config,exposures

 requests:
  - method: GET
--- a/exposures/configs/opcache-status-exposure.yaml
+++ b/exposures/configs/opcache-status-exposure.yaml
@ -4,7 +4,7 @@ info:
  name: OPcache Status Exposure
  author: pd-team
  severity: low
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/owncloud-config.yaml
+++ b/exposures/configs/owncloud-config.yaml
@ -4,7 +4,7 @@ info:
  name: owncloud config Disclosure
  author: Mahendra Purbia (Mah3Sec_)
  severity: info
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/package-json.yaml
+++ b/exposures/configs/package-json.yaml
@ -5,7 +5,7 @@ info:
  author: geeknik & afaq
  severity: info
  description: All npm packages contain a file, usually in the project root, called package.json - this file holds various metadata relevant to the project.
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/perl-status.yaml
+++ b/exposures/configs/perl-status.yaml
@ -4,7 +4,7 @@ info:
  name: Apache mod_perl Status Page Exposure
  author: pd-team
  severity: medium
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/phpinfo.yaml
+++ b/exposures/configs/phpinfo.yaml
@ -4,7 +4,7 @@ info:
  name: phpinfo Disclosure
  author: pd-team & daffainfo & meme-lord
  severity: low
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/rails-database-config.yaml
+++ b/exposures/configs/rails-database-config.yaml
@ -4,7 +4,7 @@ info:
  name: Ruby-on-Rails Database Configuration Exposure
  author: pd-team
  severity: low
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/redmine-db-config.yaml
+++ b/exposures/configs/redmine-db-config.yaml
@ -4,7 +4,7 @@ info:
  author: geeknik
  description: Redmine is a flexible project management web application written using Ruby on Rails framework - https://redmine.org/projects/redmine
  severity: medium
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
@ -16,9 +16,10 @@ requests:
      - type: word
        part: body
        words:
-          - adapter
-          - database
-          - host
+          - 'adapter:'
+          - 'database:'
+          - 'host:'
+          - 'production:'
        condition: and

      - type: status
--- a/exposures/configs/ruijie-information-disclosure.yaml
+++ b/exposures/configs/ruijie-information-disclosure.yaml
@ -5,7 +5,7 @@ info:
  author: pikpikcu
  severity: high
  reference: https://www.cnblogs.com/cHr1s/p/14499858.html
-  tags: ruijie,config
+  tags: ruijie,config,exposures

 requests:
  - method: GET
--- a/exposures/configs/server-private-keys.yaml
+++ b/exposures/configs/server-private-keys.yaml
@ -4,7 +4,7 @@ info:
  name: Detect Private SSH and TLS Keys
  author: geeknik
  severity: high
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/sftp-credentials-exposure.yaml
+++ b/exposures/configs/sftp-credentials-exposure.yaml
@ -4,7 +4,7 @@ info:
  name: SFTP credentials exposure
  author: sheikhrishad
  severity: medium
-  tags: config,ftp
+  tags: config,ftp,exposures

 requests:
  - method: GET
--- a/exposures/configs/syfmony-profiler.yaml
+++ b/exposures/configs/syfmony-profiler.yaml
@ -4,7 +4,7 @@ info:
  name: SymfonyProfiler information leakage
  author: wabafet
  severity: medium
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/symfony-database-config.yaml
+++ b/exposures/configs/symfony-database-config.yaml
@ -4,7 +4,7 @@ info:
  name: Symfony Database Configuration Exposure
  author: pd-team
  severity: high
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/symfony-profiler.yaml
+++ b/exposures/configs/symfony-profiler.yaml
@ -4,7 +4,7 @@ info:
  name: Symfony Profiler
  author: pd-team
  severity: high
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/web-config.yaml
+++ b/exposures/configs/web-config.yaml
@ -3,7 +3,7 @@ info:
  name: Web Config file
  author: Yash Anand @yashanand155
  severity: info
-  tags: config
+  tags: config,exposures

 requests:
  - method: GET
--- a/exposures/configs/xprober-service.yaml
+++ b/exposures/configs/xprober-service.yaml
@ -4,7 +4,7 @@ info:
  name: X Prober server information leakage
  author: pdteam
  severity: low
-  tags: config
+  tags: config,exposures
  reference: https://twitter.com/bugbounty_tips/status/1339984643517423616

 requests:
--- a/exposures/files/bower-json.yaml
+++ b/exposures/files/bower-json.yaml
@ -5,7 +5,7 @@ info:
  author: oppsec
  severity: info
  description: Bower is a package manager which stores packages informations in bower.json file
-  tags: file
+  tags: file,exposures

 requests:
  - method: GET
--- a/exposures/files/domcfg-page.yaml
+++ b/exposures/files/domcfg-page.yaml
@ -4,7 +4,7 @@ info:
  author: gevakun
  severity: low
  reference: https://twitter.com/Wh11teW0lf/status/1295594085445709824
-  tags: file
+  tags: file,exposures

 requests:
  - method: GET
--- a/exposures/files/drupal-install.yaml
+++ b/exposures/files/drupal-install.yaml
@ -4,7 +4,7 @@ info:
  name: Drupal Install
  author: NkxxkN
  severity: low
-  tags: file
+  tags: file,exposures

 requests:
  - method: GET
--- a/exposures/files/ds_store.yaml
+++ b/exposures/files/ds_store.yaml
@ -4,7 +4,7 @@ info:
  name: Directory Listing via DS_Store
  author: 0w4ys
  severity: info
-  tags: file
+  tags: file,exposures

 requests:
  - method: GET
--- a/exposures/files/exposed-alps-spring.yaml
+++ b/exposures/files/exposed-alps-spring.yaml
@ -4,7 +4,7 @@ info:
  name: Exposed Spring Data REST Application-Level Profile Semantics (ALPS)
  author: dwisiswant0
  severity: medium
-  tags: file
+  tags: file,exposures
  reference: https://niemand.com.ar/2021/01/08/exploiting-application-level-profile-semantics-apls-from-spring-data-rest/

 requests:
--- a/exposures/files/filezilla.yaml
+++ b/exposures/files/filezilla.yaml
@ -4,7 +4,7 @@ info:
  name: Filezilla
  author: amsda
  severity: medium
-  tags: file
+  tags: file,exposures

 requests:
  - method: GET
--- a/exposures/files/keycloak-json.yaml
+++ b/exposures/files/keycloak-json.yaml
@ -3,7 +3,7 @@ info:
  name: Keycloak Json File
  author: oppsec
  severity: info
-  tags: file
+  tags: file,exposures

 requests:
  - method: GET
--- a/exposures/files/lazy-file.yaml
+++ b/exposures/files/lazy-file.yaml
@ -4,7 +4,7 @@ info:
  name: Lazy File Manager
  author: amsda
  severity: medium
-  tags: file
+  tags: file,exposures

 requests:
  - method: GET
--- a/exposures/files/yarn-lock.yaml
+++ b/exposures/files/yarn-lock.yaml
@ -5,7 +5,7 @@ info:
  author: oppsec
  severity: info
  description: yarn.lock is a file which store all exactly versions of each dependency were installed.
-  tags: file
+  tags: file,exposures

 requests:
  - method: GET
--- a/exposures/logs/elmah-log-file.yaml
+++ b/exposures/logs/elmah-log-file.yaml
@ -4,7 +4,7 @@ info:
  name: elmah.axd Disclosure
  author: shine
  severity: medium
-  tags: log
+  tags: log,exposures

 requests:
  - method: GET
--- a/exposures/logs/error-logs.yaml
+++ b/exposures/logs/error-logs.yaml
@ -3,7 +3,7 @@ info:
  name: common error log files
  author: geeknik & daffainfo
  severity: low
-  tags: log
+  tags: log,exposures

 requests:
  - method: GET
--- a/exposures/logs/laravel-log-file.yaml
+++ b/exposures/logs/laravel-log-file.yaml
@ -4,7 +4,7 @@ info:
  name: Laravel log file publicly accessible
  author: sheikhrishad
  severity: low
-  tags: laravel,log
+  tags: laravel,log,exposures

 requests:
  - method: GET
--- a/exposures/logs/npm-log-file.yaml
+++ b/exposures/logs/npm-log-file.yaml
@ -4,7 +4,7 @@ info:
  name: Publicly accessible NPM Log file
  author: sheikhrishad
  severity: low
-  tags: npm,log
+  tags: npm,log,exposures

 requests:
  - method: GET
--- a/exposures/logs/rails-debug-mode.yaml
+++ b/exposures/logs/rails-debug-mode.yaml
@ -4,7 +4,7 @@ info:
  name: Rails Debug Mode Enabled
  author: pd-team
  severity: medium
-  tags: log,rails
+  tags: log,rails,exposures

 requests:
  - method: GET
--- a/exposures/logs/struts-debug-mode.yaml
+++ b/exposures/logs/struts-debug-mode.yaml
@ -4,7 +4,7 @@ info:
  name: Apache Struts setup in Debug-Mode
  author: pd-team
  severity: low
-  tags: log,struts,apache
+  tags: log,struts,apache,exposures

 requests:
  - method: GET
--- a/exposures/logs/trace-axd-detect.yaml
+++ b/exposures/logs/trace-axd-detect.yaml
@ -5,7 +5,7 @@ info:
  author: dhiyaneshDK
  severity: low
  reference: https://www.rapid7.com/db/vulnerabilities/spider-asp-dot-net-trace-axd/
-  tags: log,asp
+  tags: log,asp,exposures

 requests:
  - method: GET