Merge pull request #9378 from projectdiscovery/fuzz-tags

reverted bruteforce tags to fuzz
2024-03-19 22:08:19 +05:30 · 2024-03-19 22:08:19 +05:30 · 48e8151038
parent 297e9dcf75 b9a4f8433e
commit 48e8151038
40 changed files with 41 additions and 41 deletions
--- a/.nuclei-ignore
+++ b/.nuclei-ignore
@ -16,7 +16,6 @@ tags:
  - "fuzz"
  - "dos"
  - "local"
  - "brute-force"
  - "bruteforce"
 # The following templates have been excluded because they have weak matchers and may generate FP results.
--- a/cloud/enum/azure-vm-cloud-enum.yaml
+++ b/cloud/enum/azure-vm-cloud-enum.yaml
@ -9,7 +9,7 @@ info:
  metadata:
    verified: true
    max-request: 1
-  tags: cloud,cloud-enum,azure,bruteforce,enum
+  tags: cloud,cloud-enum,azure,fuzz,enum
 self-contained: true
--- a/config/bugbounty.yml
+++ b/config/bugbounty.yml
@ -20,7 +20,7 @@ type:
 exclude-tags:
  - tech
  - dos
-  - brute-force
+  - fuzz
  - creds-stuffing
  - token-spray
  - osint
--- a/config/pentest.yml
+++ b/config/pentest.yml
@ -15,5 +15,5 @@ type:
 exclude-tags:
  - dos
-  - brute-force
+  - fuzz
  - osint
--- a/config/recommended.yml
+++ b/config/recommended.yml
@ -20,7 +20,7 @@ type:
 exclude-tags:
  - tech
  - dos
-  - brute-force
+  - fuzz
  - creds-stuffing
  - token-spray
  - osint
--- a/http/cves/2017/CVE-2017-17562.yaml
+++ b/http/cves/2017/CVE-2017-17562.yaml
@ -28,7 +28,7 @@ info:
    max-request: 65
    vendor: embedthis
    product: goahead
-  tags: cve,cve2017,rce,goahead,bruteforce,kev,vulhub,embedthis
+  tags: cve,cve2017,rce,goahead,fuzz,kev,vulhub,embedthis
 http:
  - raw:
--- a/http/cves/2019/CVE-2019-17382.yaml
+++ b/http/cves/2019/CVE-2019-17382.yaml
@ -27,7 +27,7 @@ info:
    max-request: 100
    vendor: zabbix
    product: zabbix
-  tags: cve2019,cve,bruteforce,auth-bypass,login,edb,zabbix
+  tags: cve2019,cve,fuzz,auth-bypass,login,edb,zabbix
 http:
  - raw:
--- a/http/cves/2022/CVE-2022-2034.yaml
+++ b/http/cves/2022/CVE-2022-2034.yaml
@ -28,7 +28,7 @@ info:
    vendor: automattic
    product: sensei_lms
    framework: wordpress
-  tags: cve,cve2022,wp,disclosure,wpscan,sensei-lms,bruteforce,hackerone,wordpress,wp-plugin,automattic
+  tags: cve,cve2022,wp,disclosure,wpscan,sensei-lms,fuzz,hackerone,wordpress,wp-plugin,automattic
 http:
  - method: GET
--- a/http/cves/2022/CVE-2022-2599.yaml
+++ b/http/cves/2022/CVE-2022-2599.yaml
@ -29,7 +29,7 @@ info:
    vendor: anti-malware_security_and_brute-force_firewall_project
    product: anti-malware_security_and_brute-force_firewall
    framework: wordpress
-  tags: cve,cve2022,wordpress,wp-plugin,xss,gotmls,authenticated,wpscan,anti-malware_security_and_brute-force_firewall_project
+  tags: cve,cve2022,wordpress,wp-plugin,xss,gotmls,authenticated,wpscan
 http:
  - raw:
--- a/http/cves/2023/CVE-2023-24489.yaml
+++ b/http/cves/2023/CVE-2023-24489.yaml
@ -28,7 +28,7 @@ info:
    vendor: citrix
    product: sharefile_storage_zones_controller
    shodan-query: title:"ShareFile Storage Server"
-  tags: cve2023,cve,sharefile,rce,intrusive,fileupload,bruteforce,kev,citrix
+  tags: cve2023,cve,sharefile,rce,intrusive,fileupload,fuzz,kev,citrix
 variables:
  fileName: '{{rand_base(8)}}'
--- a/http/default-logins/oracle/peoplesoft-default-login.yaml
+++ b/http/default-logins/oracle/peoplesoft-default-login.yaml
@ -16,7 +16,7 @@ info:
    verified: true
    max-request: 200
    shodan-query: title:"Oracle PeopleSoft Sign-in"
-  tags: default-login,peoplesoft,oracle,bruteforce
+  tags: default-login,peoplesoft,oracle,fuzz
 http:
  - method: POST
--- a/http/exposed-panels/adminer-panel-detect.yaml
+++ b/http/exposed-panels/adminer-panel-detect.yaml
@ -19,7 +19,7 @@ info:
    vendor: adminer
    product: adminer
    max-request: 741
-  tags: panel,bruteforce,adminer,login,sqli
+  tags: panel,fuzz,adminer,login,sqli
 http:
  - raw:
--- a/http/exposures/backups/php-backup-files.yaml
+++ b/http/exposures/backups/php-backup-files.yaml
@ -7,7 +7,7 @@ info:
  description: PHP Source File is disclosed to external users.
  metadata:
    max-request: 1512
-  tags: exposure,backup,php,disclosure,bruteforce
+  tags: exposure,backup,php,disclosure,fuzz
 http:
  - method: GET
--- a/http/fuzzing/cache-poisoning-fuzz.yaml
+++ b/http/fuzzing/cache-poisoning-fuzz.yaml
@ -9,7 +9,7 @@ info:
    - https://portswigger.net/web-security/web-cache-poisoning
  metadata:
    max-request: 5834
-  tags: fuzzing,bruteforce,cache
+  tags: fuzz,cache
 http:
  - raw:
--- a/http/fuzzing/header-command-injection.yaml
+++ b/http/fuzzing/header-command-injection.yaml
@ -11,7 +11,7 @@ info:
    cwe-id: CWE-77
  metadata:
    max-request: 7650
-  tags: fuzzing,bruteforce,rce
+  tags: fuzz,rce
 http:
  - raw:
--- a/http/fuzzing/iis-shortname.yaml
+++ b/http/fuzzing/iis-shortname.yaml
@ -15,7 +15,7 @@ info:
    cwe-id: CWE-200
  metadata:
    max-request: 4
-  tags: bruteforce,edb
+  tags: iis,edb
 http:
  - raw:
--- a/http/fuzzing/linux-lfi-fuzzing.yaml
+++ b/http/fuzzing/linux-lfi-fuzzing.yaml
@ -11,7 +11,7 @@ info:
    cwe-id: CWE-200
  metadata:
    max-request: 22
-  tags: fuzzing,linux,lfi,bruteforce
+  tags: linux,lfi,fuzzing
 http:
  - method: GET
--- a/http/fuzzing/mdb-database-file.yaml
+++ b/http/fuzzing/mdb-database-file.yaml
@ -13,7 +13,7 @@ info:
    cwe-id: CWE-200
  metadata:
    max-request: 341
-  tags: bruteforce,mdb,asp
+  tags: fuzz,mdb,asp
 http:
  - raw:
--- a/http/fuzzing/prestashop-module-fuzz.yaml
+++ b/http/fuzzing/prestashop-module-fuzz.yaml
@ -6,7 +6,7 @@ info:
  severity: info
  metadata:
    max-request: 639
-  tags: fuzzing,bruteforce,prestashop
+  tags: fuzz,prestashop
 http:
  - raw:
--- a/http/fuzzing/ssrf-via-proxy.yaml
+++ b/http/fuzzing/ssrf-via-proxy.yaml
@ -10,7 +10,7 @@ info:
    - https://twitter.com/ImoJOnDz/status/1649089777629827072
  metadata:
    max-request: 9
-  tags: ssrf,proxy,oast,bruteforce
+  tags: ssrf,proxy,oast,fuzz
 http:
  - payloads:
--- a/http/fuzzing/valid-gmail-check.yaml
+++ b/http/fuzzing/valid-gmail-check.yaml
@ -8,7 +8,7 @@ info:
    - https://github.com/dievus/geeMailUserFinder
  metadata:
    max-request: 1
-  tags: bruteforce,gmail
+  tags: fuzzing,gmail
 self-contained: true
--- a/http/fuzzing/waf-fuzz.yaml
+++ b/http/fuzzing/waf-fuzz.yaml
@ -11,7 +11,7 @@ info:
    cwe-id: CWE-200
  metadata:
    max-request: 58
-  tags: fuzzing,waf,tech,bruteforce
+  tags: waf,tech,fuzz
 http:
  - raw:
--- a/http/fuzzing/wordpress-plugins-detect.yaml
+++ b/http/fuzzing/wordpress-plugins-detect.yaml
@ -5,8 +5,8 @@ info:
  author: 0xcrypto
  severity: info
  metadata:
-    max-request: 100563
+    max-request: 98135
-  tags: fuzzing,bruteforce,wordpress
+  tags: fuzz,wordpress
 http:
  - raw:
--- a/http/fuzzing/wordpress-themes-detect.yaml
+++ b/http/fuzzing/wordpress-themes-detect.yaml
@ -6,7 +6,7 @@ info:
  severity: info
  metadata:
    max-request: 24434
-  tags: bruteforce,wordpress,wp
+  tags: fuzz,wordpress
 http:
  - raw:
--- a/http/fuzzing/wordpress-weak-credentials.yaml
+++ b/http/fuzzing/wordpress-weak-credentials.yaml
@ -14,7 +14,7 @@ info:
    cwe-id: CWE-1391
  metadata:
    max-request: 276
-  tags: wordpress,default-login,bruteforce
+  tags: wordpress,default-login,fuzz
 http:
  - raw:
--- a/http/fuzzing/xff-403-bypass.yaml
+++ b/http/fuzzing/xff-403-bypass.yaml
@ -7,7 +7,7 @@ info:
  description: Template to detect 403 forbidden endpoint bypass behind Nginx/Apache proxy & load balancers, based on X-Forwarded-For header.
  metadata:
    max-request: 3
-  tags: fuzzing,bruteforce
+  tags: fuzzing
 http:
  - raw:
--- a/http/miscellaneous/defacement-detect.yaml
+++ b/http/miscellaneous/defacement-detect.yaml
@ -16,7 +16,7 @@ info:
  metadata:
    verified: true
    max-request: 85
-  tags: misc,defacement,spam,hacktivism,bruteforce
+  tags: misc,defacement,spam,hacktivism,fuzz
 http:
  - method: GET
--- a/http/miscellaneous/ntlm-directories.yaml
+++ b/http/miscellaneous/ntlm-directories.yaml
@ -8,7 +8,7 @@ info:
    - https://medium.com/swlh/internal-information-disclosure-using-hidden-ntlm-authentication-18de17675666
  metadata:
    max-request: 47
-  tags: miscellaneous,misc,bruteforce,windows
+  tags: miscellaneous,misc,fuzz,windows
 http:
  - raw:
--- a/http/misconfiguration/aem/aem-userinfo-servlet.yaml
+++ b/http/misconfiguration/aem/aem-userinfo-servlet.yaml
@ -8,7 +8,7 @@ info:
  metadata:
    max-request: 1
    shodan-query: http.component:"Adobe Experience Manager"
-  tags: aem,bruteforce,misconfig
+  tags: aem,misconfig
 http:
  - method: GET
--- a/http/misconfiguration/gitlab/gitlab-user-enum.yaml
+++ b/http/misconfiguration/gitlab/gitlab-user-enum.yaml
@ -9,7 +9,7 @@ info:
  metadata:
    max-request: 100
    shodan-query: http.title:"GitLab"
-  tags: gitlab,enum,misconfig,bruteforce
+  tags: gitlab,enum,misconfig,fuzz
 http:
  - raw:
--- a/http/misconfiguration/proxy/open-proxy-internal.yaml
+++ b/http/misconfiguration/proxy/open-proxy-internal.yaml
@ -16,7 +16,7 @@ info:
    cwe-id: CWE-441
  metadata:
    max-request: 25
-  tags: exposure,config,proxy,misconfig,bruteforce
+  tags: exposure,config,proxy,misconfig,fuzz
 http:
  - raw:
--- a/http/misconfiguration/proxy/open-proxy-localhost.yaml
+++ b/http/misconfiguration/proxy/open-proxy-localhost.yaml
@ -16,7 +16,7 @@ info:
    cwe-id: CWE-441
  metadata:
    max-request: 6
-  tags: exposure,config,proxy,misconfig,bruteforce
+  tags: exposure,config,proxy,misconfig,fuzz
 http:
  - raw:
--- a/http/misconfiguration/proxy/open-proxy-portscan.yaml
+++ b/http/misconfiguration/proxy/open-proxy-portscan.yaml
@ -16,7 +16,7 @@ info:
    cwe-id: CWE-441
  metadata:
    max-request: 8
-  tags: exposure,config,proxy,misconfig,bruteforce
+  tags: exposure,config,proxy,misconfig,fuzz
 http:
  - raw:
--- a/http/technologies/graylog/graylog-api-exposure.yaml
+++ b/http/technologies/graylog/graylog-api-exposure.yaml
@ -13,7 +13,7 @@ info:
    verified: true
    max-request: 50
    shodan-query: Graylog
-  tags: tech,graylog,api,swagger,bruteforce
+  tags: tech,graylog,api,swagger,fuzz
 http:
  - method: GET
--- a/http/vulnerabilities/tongda/tongda-auth-bypass.yaml
+++ b/http/vulnerabilities/tongda/tongda-auth-bypass.yaml
@ -14,7 +14,7 @@ info:
    shodan-query: title:"通达OA"
    fofa-query: title="通达OA"
    zoomeye-query: app:"通达OA"
-  tags: tongda,auth-bypass,bruteforce
+  tags: tongda,auth-bypass,fuzz
 http:
  - raw:
--- a/http/vulnerabilities/wordpress/wp-xmlrpc-brute-force.yaml
+++ b/http/vulnerabilities/wordpress/wp-xmlrpc-brute-force.yaml
@ -10,7 +10,7 @@ info:
    - https://www.acunetix.com/vulnerabilities/web/wordpress-xml-rpc-authentication-brute-force/
  metadata:
    max-request: 276
-  tags: wordpress,php,xmlrpc,bruteforce
+  tags: wordpress,php,xmlrpc,fuzz
 http:
  - raw:
--- a/javascript/cves/2023/CVE-2023-34039.yaml
+++ b/javascript/cves/2023/CVE-2023-34039.yaml
@ -29,7 +29,8 @@ info:
    verified: true
    vendor: vmware
    product: aria_operations_for_networks
-  tags: js,packetstorm,cve,cve2019,vmware,aria,rce,bruteforce,vrealize
+  tags: js,packetstorm,cve,cve2019,vmware,aria,rce,fuzz,vrealize
 variables:
  keysDir: "helpers/payloads/cve-2023-34039-keys" # load all private keys from this directory
--- a/javascript/default-logins/ssh-default-logins.yaml
+++ b/javascript/default-logins/ssh-default-logins.yaml
@ -7,7 +7,7 @@ info:
  metadata:
    max-request: 223
    shodan-query: port:1433
-  tags: js,ssh,default-login,network,bruteforce
+  tags: js,ssh,default-login,network,fuzz
 javascript:
  - pre-condition: |
--- a/network/misconfig/mysql-native-password.yaml
+++ b/network/misconfig/mysql-native-password.yaml
@ -12,7 +12,7 @@ info:
    cwe-id: CWE-200
  metadata:
    max-request: 1
-  tags: network,mysql,bruteforce,db,misconfig
+  tags: network,mysql,db,misconfig
 tcp:
  - host:
--- a/network/misconfig/tidb-native-password.yaml
+++ b/network/misconfig/tidb-native-password.yaml
@ -11,7 +11,7 @@ info:
    cwe-id: CWE-200
  metadata:
    max-request: 1
-  tags: network,tidb,bruteforce,db,misconfig
+  tags: network,tidb,db,misconfig
 tcp:
  - host: