daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update magento-admin-panel.yaml

patch-1
Prince Chaddha 2022-06-16 10:43:09 +05:30 committed by GitHub
parent 014f405147
commit 41b2c1d359
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
exposed-panels/magento-admin-panel.yaml
View File

@ -4,7 +4,8 @@ info:
name: Exposed Magento Admin Panel
author: TechbrunchFR,ritikchaddha
severity: info
description: As a security best practice, Magento recommends that you use a unique, custom Admin URL instead of the default admin or a common term such as backend. Although it will not directly protect your site
description: |
As a security best practice, Magento recommends that you use a unique, custom Admin URL instead of the default admin or a common term such as backend. Although it will not directly protect your site
from a determined bad actor, it can reduce exposure to scripts that try to gain unauthorized access.
reference:
- https://docs.magento.com/user-guide/stores/store-urls-custom-admin.html
@ -18,13 +19,14 @@ requests:
path:
- '{{BaseURL}}/admin'
redirects: true
max-redirects: 2
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
part: body
words:
- "Magento Admin Page</title>"
- "Magento"
- "Admin Panel"
condition: and