Merge pull request #600 from geeknik/patch-13

Update basic-xss-prober.yaml
2020-11-02 20:58:27 +05:30 · 2020-11-02 20:58:27 +05:30 · 449786eb6b
parent b239b4ff56 a32e2e7540
commit 449786eb6b
1 changed files with 9 additions and 1 deletions
--- a/generic-detections/basic-xss-prober.yaml
+++ b/generic-detections/basic-xss-prober.yaml
@ -2,7 +2,7 @@ id: basic-xss-prober

 info:
  name: Basic XSS Prober
-  author: nadino
+  author: nadino & geeknik
  severity: low

  # Basic XSS prober
@ -12,7 +12,15 @@ requests:
  - method: GET
    path:
      - "{{BaseURL}}/%61%27%22%3e%3c%69%6e%6a%65%63%74%61%62%6c%65%3e"
+    matchers-condition: and
    matchers:
      - type: word
        words:
          - "\"><injectable>"
+        part: body
+
+      - type: word
+        words:
+          - "application/json"
+        part: header
+        negative: true