From 4e0cb9380054bb47e7aa45daf7435ba3786fd753 Mon Sep 17 00:00:00 2001
From: sandeep <8293321+ehsandeep@users.noreply.github.com>
Date: Mon, 28 Jun 2021 17:34:13 +0530
Subject: [PATCH 1/5] Adding livezilla-login-panel

---
 exposed-panels/livezilla-login-panel.yaml | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 exposed-panels/livezilla-login-panel.yaml

diff --git a/exposed-panels/livezilla-login-panel.yaml b/exposed-panels/livezilla-login-panel.yaml
new file mode 100644
index 0000000000..751d564c77
--- /dev/null
+++ b/exposed-panels/livezilla-login-panel.yaml
@@ -0,0 +1,22 @@
+id: livezilla-login-panel
+
+info:
+  name: Livezilla login detect
+  author: __Fazal
+  severity: info
+  tags: panel,livezilla
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/mobile/index.php'
+                 
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        words:
+          - 'LiveZilla'
\ No newline at end of file

From 2c88238e41a747b98510640e2b7fdba57e51e36a Mon Sep 17 00:00:00 2001
From: sandeep <8293321+ehsandeep@users.noreply.github.com>
Date: Mon, 28 Jun 2021 17:37:58 +0530
Subject: [PATCH 2/5] Added sitecore-login-panel

---
 exposed-panels/sitecore-login-panel.yaml | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100644 exposed-panels/sitecore-login-panel.yaml

diff --git a/exposed-panels/sitecore-login-panel.yaml b/exposed-panels/sitecore-login-panel.yaml
new file mode 100644
index 0000000000..c950960da9
--- /dev/null
+++ b/exposed-panels/sitecore-login-panel.yaml
@@ -0,0 +1,24 @@
+id: sitecore-login-panel
+
+info:
+  name: Sitecore Login Panel
+  author: b4uh0lz
+  severity: info
+  tags: panel,sitecore
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/sitecore/admin/login.aspx"
+
+    redirects: true
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        words:
+          - "Sitecore Login"
+        part: body
\ No newline at end of file

From 87b93c6d9fa2b6fdb06c61c4384f65fea1500e3b Mon Sep 17 00:00:00 2001
From: sandeep <8293321+ehsandeep@users.noreply.github.com>
Date: Mon, 28 Jun 2021 17:38:21 +0530
Subject: [PATCH 3/5] Update sitecore-login-panel.yaml

---
 exposed-panels/sitecore-login-panel.yaml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/exposed-panels/sitecore-login-panel.yaml b/exposed-panels/sitecore-login-panel.yaml
index c950960da9..ebb1fe6566 100644
--- a/exposed-panels/sitecore-login-panel.yaml
+++ b/exposed-panels/sitecore-login-panel.yaml
@@ -10,8 +10,7 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/sitecore/admin/login.aspx"
-
-    redirects: true
+  
     matchers-condition: and
     matchers:
       - type: status

From 287efe295ce88e7563b28055b44308a6aaf4144e Mon Sep 17 00:00:00 2001
From: sandeep <8293321+ehsandeep@users.noreply.github.com>
Date: Mon, 28 Jun 2021 17:44:46 +0530
Subject: [PATCH 4/5] Added  addeventlistener-detect

---
 miscellaneous/addeventlistener-detect.yaml | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 miscellaneous/addeventlistener-detect.yaml

diff --git a/miscellaneous/addeventlistener-detect.yaml b/miscellaneous/addeventlistener-detect.yaml
new file mode 100644
index 0000000000..0b4b57ca9d
--- /dev/null
+++ b/miscellaneous/addeventlistener-detect.yaml
@@ -0,0 +1,19 @@
+id: addeventlistener-detect
+
+info:
+  name: AddEventlistener detection
+  author: yavolo
+  severity: info
+  tags: xss
+  reference: https://portswigger.net/web-security/dom-based/controlling-the-web-message-source
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers:
+      - type: word
+        words:
+          - 'window.addEventListener('
+        part: body
\ No newline at end of file

From d43fb47b33121cf5d2762b5d7bf723cf8cdee81c Mon Sep 17 00:00:00 2001
From: sandeep <8293321+ehsandeep@users.noreply.github.com>
Date: Mon, 28 Jun 2021 17:46:50 +0530
Subject: [PATCH 5/5] spaces

---
 exposed-panels/livezilla-login-panel.yaml | 2 +-
 exposed-panels/sitecore-login-panel.yaml  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/exposed-panels/livezilla-login-panel.yaml b/exposed-panels/livezilla-login-panel.yaml
index 751d564c77..4f5e04c1cd 100644
--- a/exposed-panels/livezilla-login-panel.yaml
+++ b/exposed-panels/livezilla-login-panel.yaml
@@ -10,7 +10,7 @@ requests:
   - method: GET
     path:
       - '{{BaseURL}}/mobile/index.php'
-                 
+
     matchers-condition: and
     matchers:
       - type: status
diff --git a/exposed-panels/sitecore-login-panel.yaml b/exposed-panels/sitecore-login-panel.yaml
index ebb1fe6566..64258de71b 100644
--- a/exposed-panels/sitecore-login-panel.yaml
+++ b/exposed-panels/sitecore-login-panel.yaml
@@ -10,7 +10,7 @@ requests:
   - method: GET
     path:
       - "{{BaseURL}}/sitecore/admin/login.aspx"
-  
+
     matchers-condition: and
     matchers:
       - type: status