Merge pull request #7344 from ErikOwen/patch/tag-standardization

Patch: Tag Standardization
2023-07-04 13:10:55 +05:30 · 2023-07-04 13:10:55 +05:30 · 50d86c25a1
parent 7313d259f0 e6a4779dc0
commit 50d86c25a1
228 changed files with 228 additions and 228 deletions
--- a/http/exposed-panels/arcgis/arcgis-rest-api.yaml
+++ b/http/exposed-panels/arcgis/arcgis-rest-api.yaml
@ -9,7 +9,7 @@ info:
    - https://enterprise.arcgis.com/en/
  classification:
    cwe-id: CWE-200
-  tags: api,arcgis,cms
+  tags: api,arcgis,cms,panel
  metadata:
    max-request: 1

--- a/http/exposed-panels/avtech-dvr-exposure.yaml
+++ b/http/exposed-panels/avtech-dvr-exposure.yaml
@ -7,7 +7,7 @@ info:
  description: AVTECH AVC798HA DVR is susceptible to information exposure. CGI scripts in the /cgi-bin/nobody directory can be accessed without authentication. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
  reference:
    - http://www.avtech.com.tw/
-  tags: dvr,exposure,avtech
+  tags: dvr,exposure,avtech,panel
  metadata:
    max-request: 1

--- a/http/exposed-panels/aws-ec2-autoscale.yaml
+++ b/http/exposed-panels/aws-ec2-autoscale.yaml
@ -10,7 +10,7 @@ info:
    max-request: 1
    verified: true
    shodan-query: html:"AWS EC2 Auto Scaling Lab"
-  tags: exposure,ec2,aws,amazon
+  tags: exposure,ec2,aws,amazon,panel

 http:
  - method: GET
--- a/http/exposed-panels/c2/brute-ratel-c4.yaml
+++ b/http/exposed-panels/c2/brute-ratel-c4.yaml
@ -12,7 +12,7 @@ info:
    max-request: 1
    shodan-query: http.html_hash:-1957161625
    verified: "true"
-  tags: c2,bruteratel,c4
+  tags: c2,bruteratel,c4,panel

 http:
  - method: GET
--- a/http/exposed-panels/c2/covenant-c2.yaml
+++ b/http/exposed-panels/c2/covenant-c2.yaml
@ -12,7 +12,7 @@ info:
    max-request: 1
    verified: true
    shodan-query: ssl:”Covenant” http.component:”Blazor”
-  tags: c2,ir,osint,covenant
+  tags: c2,ir,osint,covenant,panel

 http:
  - method: GET
--- a/http/exposed-panels/c2/deimos-c2.yaml
+++ b/http/exposed-panels/c2/deimos-c2.yaml
@ -12,7 +12,7 @@ info:
    max-request: 1
    verified: true
    shodan-query: http.html_hash:-14029177
-  tags: c2,ir,osint,deimosc2
+  tags: c2,ir,osint,deimosc2,panel

 http:
  - method: GET
--- a/http/exposed-panels/c2/empire-c2.yaml
+++ b/http/exposed-panels/c2/empire-c2.yaml
@ -13,7 +13,7 @@ info:
    censys-query: bc517bf173440dad15b99a051389fadc366d5df2 || dcb32e6256459d3660fdc90e4c79e95a921841cc
    max-request: 1
    verified: "true"
-  tags: c2,ir,osint,empire
+  tags: c2,ir,osint,empire,panel

 http:
  - method: GET
--- a/http/exposed-panels/c2/evilginx.yaml
+++ b/http/exposed-panels/c2/evilginx.yaml
@ -12,7 +12,7 @@ info:
    censys-query: b18d778b4e4b6bf1fd5b2d790c941270145a6a6d
    max-request: 1
    verified: "true"
-  tags: tech,evilginx,c2,phishing
+  tags: tech,evilginx,c2,phishing,panel

 http:
  - method: GET
--- a/http/exposed-panels/c2/mythic-c2.yaml
+++ b/http/exposed-panels/c2/mythic-c2.yaml
@ -13,7 +13,7 @@ info:
    max-request: 1
    verified: true
    shodan-query: 'ssl:Mythic port:7443'
-  tags: c2,ir,osint,mythic
+  tags: c2,ir,osint,mythic,panel

 http:
  - method: GET
--- a/http/exposed-panels/c2/nh-c2.yaml
+++ b/http/exposed-panels/c2/nh-c2.yaml
@ -10,7 +10,7 @@ info:
    censys-query: 10baf5fcdde4563d3e145a1f553ae433fb1c3572
    max-request: 1
    verified: "true"
-  tags: tech,nh,c2
+  tags: tech,nh,c2,panel

 http:
  - method: GET
--- a/http/exposed-panels/c2/viper-c2.yaml
+++ b/http/exposed-panels/c2/viper-c2.yaml
@ -13,7 +13,7 @@ info:
    max-request: 1
    shodan-query: http.html_hash:1015055567
    verified: "true"
-  tags: tech,viper,c2,malware,ir
+  tags: tech,viper,c2,malware,ir,panel

 http:
  - method: GET
--- a/http/exposed-panels/cacti-panel.yaml
+++ b/http/exposed-panels/cacti-panel.yaml
@ -11,7 +11,7 @@ info:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
-  tags: tech,cacti,login
+  tags: tech,cacti,login,panel
  metadata:
    max-request: 2

--- a/http/exposed-panels/checkmk/checkmk-login.yaml
+++ b/http/exposed-panels/checkmk/checkmk-login.yaml
@ -9,7 +9,7 @@ info:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
-  tags: login,tech,synology,rackstation
+  tags: login,tech,synology,rackstation,panel
  metadata:
    max-request: 1

--- a/http/exposed-panels/crontab-ui.yaml
+++ b/http/exposed-panels/crontab-ui.yaml
@ -10,7 +10,7 @@ info:
    max-request: 1
    verified: true
    shodan-query: html:"Crontab UI"
-  tags: exposure,crontab,ui
+  tags: exposure,crontab,ui,panel

 http:
  - method: GET
--- a/http/exposed-panels/edgeos-login.yaml
+++ b/http/exposed-panels/edgeos-login.yaml
@ -9,7 +9,7 @@ info:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
-  tags: login,tech,edgeos,edgemax
+  tags: login,tech,edgeos,edgemax,panel
  metadata:
    max-request: 1

--- a/http/exposed-panels/eos-http-browser.yaml
+++ b/http/exposed-panels/eos-http-browser.yaml
@ -10,7 +10,7 @@ info:
    max-request: 2
    verified: true
    shodan-query: title:"EOS HTTP Browser"
-  tags: exposure,eos,httpbrowser
+  tags: exposure,eos,httpbrowser,panel

 http:
  - method: GET
--- a/http/exposed-panels/gnu-mailman.yaml
+++ b/http/exposed-panels/gnu-mailman.yaml
@ -14,7 +14,7 @@ info:
    max-request: 2
    verified: true
    shodan-query: title:"Mailing Lists"
-  tags: exposure,mailman
+  tags: exposure,mailman,panel

 http:
  - method: GET
--- a/http/exposed-panels/hashicorp-consul-agent.yaml
+++ b/http/exposed-panels/hashicorp-consul-agent.yaml
@ -9,7 +9,7 @@ info:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
-  tags: tech,consul,api
+  tags: tech,consul,api,panel
  metadata:
    max-request: 1

--- a/http/exposed-panels/konga-panel.yaml
+++ b/http/exposed-panels/konga-panel.yaml
@ -11,7 +11,7 @@ info:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
-  tags: tech,konga,oss
+  tags: tech,konga,oss,panel
  metadata:
    max-request: 1

--- a/http/exposed-panels/kubernetes-enterprise-manager.yaml
+++ b/http/exposed-panels/kubernetes-enterprise-manager.yaml
@ -12,7 +12,7 @@ info:
  metadata:
    max-request: 1
    fofa-query: app="Kubernetes-Enterprise-Manager"
-  tags: tech,kubernetes
+  tags: tech,kubernetes,panel

 http:
  - method: GET
--- a/http/exposed-panels/kubernetes-mirantis.yaml
+++ b/http/exposed-panels/kubernetes-mirantis.yaml
@ -14,7 +14,7 @@ info:
    verified: true
    shodan-query: http.html:"Mirantis Kubernetes Engine"
    fofa-query: app="Mirantis-Kubernetes-Engine"
-  tags: tech,kubernetes,devops,kube,k8s
+  tags: tech,kubernetes,devops,kube,k8s,panel

 http:
  - method: GET
--- a/http/exposed-panels/kubeview-dashboard.yaml
+++ b/http/exposed-panels/kubeview-dashboard.yaml
@ -14,7 +14,7 @@ info:
    max-request: 1
    verified: true
    shodan-query: http.favicon.hash:-379154636
-  tags: exposure,k8s,kubernetes,kubeview,dashboard
+  tags: exposure,k8s,kubernetes,kubeview,dashboard,panel

 http:
  - method: GET
--- a/http/exposed-panels/magento-downloader-panel.yaml
+++ b/http/exposed-panels/magento-downloader-panel.yaml
@ -13,7 +13,7 @@ info:
    max-request: 1
    verified: true
    shodan-query: http.component:"Magento"
-  tags: magento,exposure
+  tags: magento,exposure,panel

 http:
  - method: GET
--- a/http/exposed-panels/mautic-crm-panel.yaml
+++ b/http/exposed-panels/mautic-crm-panel.yaml
@ -11,7 +11,7 @@ info:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
-  tags: tech,mautic,crm
+  tags: tech,mautic,crm,panel
  metadata:
    max-request: 1

--- a/http/exposed-panels/neo4j-browser.yaml
+++ b/http/exposed-panels/neo4j-browser.yaml
@ -12,7 +12,7 @@ info:
  metadata:
    max-request: 1
    shodan-query: http.title:"Neo4j Browser"
-  tags: neo4j,exposure,unauth
+  tags: neo4j,exposure,unauth,panel

 http:
  - method: GET
--- a/http/exposed-panels/openwrt-login.yaml
+++ b/http/exposed-panels/openwrt-login.yaml
@ -10,7 +10,7 @@ info:
  metadata:
    max-request: 2
    shodan-query: http.title:"OpenWrt - LuCI"
-  tags: openwrt,router
+  tags: openwrt,router,panel

 http:
  - method: GET
--- a/http/exposed-panels/pdi-device-page.yaml
+++ b/http/exposed-panels/pdi-device-page.yaml
@ -10,7 +10,7 @@ info:
    max-request: 1
    verified: true
    shodan-query: html:"PDI Intellifuel"
-  tags: exposure,pdi,intellifuel
+  tags: exposure,pdi,intellifuel,panel

 http:
  - method: GET
--- a/http/exposed-panels/pulse-secure-version.yaml
+++ b/http/exposed-panels/pulse-secure-version.yaml
@ -4,7 +4,7 @@ info:
  name: Pulse Secure Version
  author: dadevel
  severity: info
-  tags: pulse
+  tags: pulse,panel
  metadata:
    max-request: 2

--- a/http/exposed-panels/roxy-fileman.yaml
+++ b/http/exposed-panels/roxy-fileman.yaml
@ -13,7 +13,7 @@ info:
    max-request: 4
    verified: true
    google-query: intitle:"Roxy file manager"
-  tags: tech,fileupload,roxy,fileman
+  tags: tech,fileupload,roxy,fileman,panel

 http:
  - method: GET
--- a/http/exposed-panels/synology-rackstation-login.yaml
+++ b/http/exposed-panels/synology-rackstation-login.yaml
@ -4,7 +4,7 @@ info:
  name: Synology RackStation Login Detect
  author: princechaddha
  severity: info
-  tags: login,tech,synology,rackstation
+  tags: login,tech,synology,rackstation,panel
  metadata:
    max-request: 1

--- a/http/exposed-panels/tomcat/tomcat-exposed-docs.yaml
+++ b/http/exposed-panels/tomcat/tomcat-exposed-docs.yaml
@ -7,7 +7,7 @@ info:
  metadata:
    max-request: 1
    shodan-query: title:"Apache Tomcat"
-  tags: version,tomcat,docs
+  tags: version,tomcat,docs,panel

 http:
  - method: GET
--- a/http/exposed-panels/tup-openframe.yaml
+++ b/http/exposed-panels/tup-openframe.yaml
@ -10,7 +10,7 @@ info:
    max-request: 1
    verified: true
    shodan-query: http.favicon.hash:824580113
-  tags: exposure,login,tup,openframe
+  tags: exposure,login,tup,openframe,panel

 http:
  - method: GET
--- a/http/exposed-panels/zyxel/zyxel-vmg1312b10d-login.yaml
+++ b/http/exposed-panels/zyxel/zyxel-vmg1312b10d-login.yaml
@ -8,7 +8,7 @@ info:
    max-request: 1
    verified: true
    shodan-query: http.html:"VMG1312-B10D"
-  tags: tech,zyxel,modem,router
+  tags: tech,zyxel,modem,router,panel

 http:
  - method: GET
--- a/http/exposed-panels/zyxel/zyxel-vsg1432b101-login.yaml
+++ b/http/exposed-panels/zyxel/zyxel-vsg1432b101-login.yaml
@ -8,7 +8,7 @@ info:
    max-request: 1
    verified: true
    shodan-query: http.html:"VSG1432-B101"
-  tags: tech,zyxel,modem,router
+  tags: tech,zyxel,modem,router,panel

 http:
  - method: GET
--- a/http/exposures/apis/strapi-page.yaml
+++ b/http/exposures/apis/strapi-page.yaml
@ -13,7 +13,7 @@ info:
  metadata:
    max-request: 1
    shodan-query: http.title:"Welcome to your Strapi app"
-  tags: api,strapi
+  tags: api,strapi,exposure

 http:
  - method: GET
--- a/http/exposures/configs/azure-domain-tenant.yaml
+++ b/http/exposures/configs/azure-domain-tenant.yaml
@ -11,7 +11,7 @@ info:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
-  tags: azure,microsoft,cloud
+  tags: azure,microsoft,cloud,exposure
  metadata:
    max-request: 1

--- a/http/exposures/configs/esmtprc-config.yaml
+++ b/http/exposures/configs/esmtprc-config.yaml
@ -7,7 +7,7 @@ info:
  description: eSMTP configuration was discovered.
  reference:
    - https://linux.die.net/man/5/esmtprc
-  tags: esmtp,config
+  tags: esmtp,config,exposure
  metadata:
    max-request: 1

--- a/http/exposures/configs/jkstatus-manager.yaml
+++ b/http/exposures/configs/jkstatus-manager.yaml
@ -10,7 +10,7 @@ info:
    max-request: 8
    verified: true
    shodan-query: html:"JK Status Manager"
-  tags: config,jk,status
+  tags: config,jk,status,exposure

 http:
  - method: GET
--- a/http/exposures/configs/keycloak-openid-config.yaml
+++ b/http/exposures/configs/keycloak-openid-config.yaml
@ -11,7 +11,7 @@ info:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
-  tags: keycloak,config
+  tags: keycloak,config,exposure
  metadata:
    max-request: 2

--- a/http/exposures/configs/robomongo-credential.yaml
+++ b/http/exposures/configs/robomongo-credential.yaml
@ -10,7 +10,7 @@ info:
    cwe-id: CWE-200
  description: A MongoDB credentials file used by RoboMongo was detected.
  reference: https://robomongo.org/
-  tags: mongodb,robomongo,disclosure,config
+  tags: mongodb,robomongo,disclosure,config,exposure
  metadata:
    max-request: 2

--- a/http/exposures/configs/wpconfig-aws-keys.yaml
+++ b/http/exposures/configs/wpconfig-aws-keys.yaml
@ -4,7 +4,7 @@ info:
  name: AWS S3 keys Leak
  author: r12w4n
  severity: high
-  tags: aws,s3,wordpress,disclosure
+  tags: aws,s3,wordpress,disclosure,exposure
  metadata:
    max-request: 2

--- a/http/exposures/files/gradle-libs.yaml
+++ b/http/exposures/files/gradle-libs.yaml
@ -8,7 +8,7 @@ info:
    max-request: 2
    verified: true
    github-query: filename:libs.versions.toml
-  tags: file,gradle
+  tags: file,gradle,exposure

 http:
  - method: GET
--- a/http/exposures/files/jetbrains-webservers.yaml
+++ b/http/exposures/files/jetbrains-webservers.yaml
@ -16,7 +16,7 @@ info:
    max-request: 3
    verified: true
    google-query: intitle:"index of" "WebServers.xml"
-  tags: jetbrains,config,edb,files
+  tags: jetbrains,config,edb,files,exposure

 http:
  - method: GET
--- a/http/exposures/files/redmine-settings.yaml
+++ b/http/exposures/files/redmine-settings.yaml
@ -9,7 +9,7 @@ info:
    max-request: 3
    verified: true
    google-query: intitle:"index of" "settings.yml"
-  tags: misconfig,redmine,devops,files
+  tags: misconfig,redmine,devops,files,exposure

 http:
  - method: GET
--- a/http/exposures/files/secrets-file.yaml
+++ b/http/exposures/files/secrets-file.yaml
@ -9,7 +9,7 @@ info:
    max-request: 4
    verified: true
    google-query: intitle:"index of" "secrets.yml"
-  tags: misconfig,cloud,devops,files
+  tags: cloud,devops,files,exposure,misconfig

 http:
  - method: GET
--- a/http/exposures/files/sensitive-storage-exposure.yaml
+++ b/http/exposures/files/sensitive-storage-exposure.yaml
@ -11,7 +11,7 @@ info:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cwe-id: CWE-200
-  tags: expose,listing,config,logs,storage,edb,files
+  tags: expose,listing,config,logs,storage,edb,files,exposure
  metadata:
    max-request: 6

--- a/http/exposures/logs/access-log.yaml
+++ b/http/exposures/logs/access-log.yaml
@ -4,7 +4,7 @@ info:
  name: Publicly accessible access-log file
  author: sheikhrishad
  severity: low
-  tags: logs
+  tags: logs,exposure
  metadata:
    max-request: 4

--- a/http/exposures/logs/clockwork-php-page.yaml
+++ b/http/exposures/logs/clockwork-php-page.yaml
@ -6,7 +6,7 @@ info:
  severity: high
  reference:
    - https://twitter.com/damian_89_/status/1250721398747791360
-  tags: tech,clockwork
+  tags: tech,clockwork,exposure
  metadata:
    max-request: 1

--- a/http/exposures/logs/laravel-telescope.yaml
+++ b/http/exposures/logs/laravel-telescope.yaml
@ -8,7 +8,7 @@ info:
    and more.
  reference:
    - https://laravel.com/docs/8.x/telescope
-  tags: laravel,disclosure,logs
+  tags: laravel,disclosure,logs,exposure
  metadata:
    max-request: 1

--- a/http/iot/routeros-login.yaml
+++ b/http/iot/routeros-login.yaml
@ -12,7 +12,7 @@ info:
  metadata:
    max-request: 1
    shodan-query: http.title:"RouterOS router configuration page"
-  tags: panel,router,routeros
+  tags: panel,router,routeros,iot

 http:
  - method: GET
--- a/http/miscellaneous/aws-ecs-container-agent-tasks.yaml
+++ b/http/miscellaneous/aws-ecs-container-agent-tasks.yaml
@ -7,7 +7,7 @@ info:
  description: Aws container metadata content
  reference:
    - https://docs.aws.amazon.com/en_us/elasticbeanstalk/latest/dg/create_deploy_docker_ecstutorial.html#create_deploy_docker_ecstutorial_connect_inspect
-  tags: aws,docker,ec2
+  tags: aws,docker,ec2,misc
  metadata:
    max-request: 2

--- a/http/miscellaneous/exposed-file-upload-form.yaml
+++ b/http/miscellaneous/exposed-file-upload-form.yaml
@ -8,7 +8,7 @@ info:
    max-request: 1
    verified: true
    shodan-query: http.html:"multipart/form-data" html:"file"
-  tags: exposure,upload,form
+  tags: exposure,upload,form,misc

 http:
  - method: GET
--- a/http/miscellaneous/microsoft-azure-error.yaml
+++ b/http/miscellaneous/microsoft-azure-error.yaml
@ -7,7 +7,7 @@ info:
  metadata:
    max-request: 1
    shodan-query: title:"Microsoft Azure Web App - Error 404"
-  tags: error,azure,microsoft
+  tags: error,azure,microsoft,misc

 http:
  - method: GET
--- a/http/miscellaneous/netflix-conductor-version.yaml
+++ b/http/miscellaneous/netflix-conductor-version.yaml
@ -11,7 +11,7 @@ info:
  metadata:
    max-request: 2
    shodan-query: http.title:"Conductor UI", http.title:"Workflow UI"
-  tags: tech,netflix,conductor,api
+  tags: tech,netflix,conductor,api,misc

 http:
  - method: GET
--- a/http/misconfiguration/adobe/adobe-connect-username-exposure.yaml
+++ b/http/misconfiguration/adobe/adobe-connect-username-exposure.yaml
@ -6,7 +6,7 @@ info:
  severity: low
  reference:
    - https://packetstormsecurity.com/files/161345/Adobe-Connect-10-Username-Disclosure.html
-  tags: adobe,disclosure,packetstorm
+  tags: adobe,disclosure,packetstorm,misconfig
  metadata:
    max-request: 1

--- a/http/misconfiguration/adobe/adobe-connect-version.yaml
+++ b/http/misconfiguration/adobe/adobe-connect-version.yaml
@ -4,7 +4,7 @@ info:
  name: Adobe Connect Central Version
  author: dhiyaneshDk
  severity: info
-  tags: adobe
+  tags: adobe,misconfig
  metadata:
    max-request: 1

--- a/http/misconfiguration/aem/aem-bg-servlet.yaml
+++ b/http/misconfiguration/aem/aem-bg-servlet.yaml
@ -9,7 +9,7 @@ info:
  metadata:
    max-request: 1
    shodan-query: http.component:"Adobe Experience Manager"
-  tags: aem
+  tags: aem,misconfig

 http:
  - method: GET
--- a/http/misconfiguration/aem/aem-cached-pages.yaml
+++ b/http/misconfiguration/aem/aem-cached-pages.yaml
@ -9,7 +9,7 @@ info:
  metadata:
    max-request: 1
    shodan-query: http.component:"Adobe Experience Manager"
-  tags: aem
+  tags: aem,misconfig

 http:
  - method: GET
--- a/http/misconfiguration/aem/aem-childrenlist-xss.yaml
+++ b/http/misconfiguration/aem/aem-childrenlist-xss.yaml
@ -16,7 +16,7 @@ info:
    shodan-query:
      - http.title:"AEM Sign In"
      - http.component:"Adobe Experience Manager"
-  tags: xss,aem,adobe
+  tags: xss,aem,adobe,misconfig

 http:
  - method: GET
--- a/http/misconfiguration/aem/aem-crx-bypass.yaml
+++ b/http/misconfiguration/aem/aem-crx-bypass.yaml
@ -11,7 +11,7 @@ info:
  metadata:
    max-request: 2
    shodan-query: http.component:"Adobe Experience Manager"
-  tags: aem,adobe
+  tags: aem,adobe,misconfig

 http:
  - raw:
--- a/http/misconfiguration/aem/aem-crx-namespace.yaml
+++ b/http/misconfiguration/aem/aem-crx-namespace.yaml
@ -11,7 +11,7 @@ info:
    shodan-query:
      - http.title:"AEM Sign In"
      - http.component:"Adobe Experience Manager"
-  tags: exposure,aem,adobe
+  tags: exposure,aem,adobe,misconfig

 http:
  - method: GET
--- a/http/misconfiguration/aem/aem-default-get-servlet.yaml
+++ b/http/misconfiguration/aem/aem-default-get-servlet.yaml
@ -11,7 +11,7 @@ info:
  metadata:
    max-request: 64
    shodan-query: http.component:"Adobe Experience Manager"
-  tags: aem,adobe
+  tags: aem,adobe,misconfig

 http:
  - method: GET
--- a/http/misconfiguration/aem/aem-gql-servlet.yaml
+++ b/http/misconfiguration/aem/aem-gql-servlet.yaml
@ -9,7 +9,7 @@ info:
  metadata:
    max-request: 29
    shodan-query: http.component:"Adobe Experience Manager"
-  tags: aem
+  tags: aem,misconfig

 http:
  - method: GET
--- a/http/misconfiguration/aem/aem-groovyconsole.yaml
+++ b/http/misconfiguration/aem/aem-groovyconsole.yaml
@ -11,7 +11,7 @@ info:
  metadata:
    max-request: 2
    shodan-query: http.component:"Adobe Experience Manager"
-  tags: aem,adobe,hackerone
+  tags: aem,adobe,hackerone,misconfig

 http:
  - method: GET
--- a/http/misconfiguration/aem/aem-hash-querybuilder.yaml
+++ b/http/misconfiguration/aem/aem-hash-querybuilder.yaml
@ -9,7 +9,7 @@ info:
  metadata:
    max-request: 1
    shodan-query: http.component:"Adobe Experience Manager"
-  tags: aem
+  tags: aem,misconfig

 http:
  - raw:
--- a/http/misconfiguration/aem/aem-jcr-querybuilder.yaml
+++ b/http/misconfiguration/aem/aem-jcr-querybuilder.yaml
@ -7,7 +7,7 @@ info:
  metadata:
    max-request: 1
    shodan-query: http.component:"Adobe Experience Manager"
-  tags: aem
+  tags: aem,misconfig

 http:
  - raw:
--- a/http/misconfiguration/aem/aem-login-status.yaml
+++ b/http/misconfiguration/aem/aem-login-status.yaml
@ -11,7 +11,7 @@ info:
  metadata:
    max-request: 3
    shodan-query: http.component:"Adobe Experience Manager"
-  tags: aem,adobe
+  tags: aem,adobe,misconfig

 http:
  - method: GET
--- a/http/misconfiguration/aem/aem-merge-metadata-servlet.yaml
+++ b/http/misconfiguration/aem/aem-merge-metadata-servlet.yaml
@ -9,7 +9,7 @@ info:
  metadata:
    max-request: 1
    shodan-query: http.component:"Adobe Experience Manager"
-  tags: aem
+  tags: aem,misconfig

 http:
  - method: GET
--- a/http/misconfiguration/aem/aem-querybuilder-feed-servlet.yaml
+++ b/http/misconfiguration/aem/aem-querybuilder-feed-servlet.yaml
@ -9,7 +9,7 @@ info:
  metadata:
    max-request: 1
    shodan-query: http.component:"Adobe Experience Manager"
-  tags: aem
+  tags: aem,misconfig

 http:
  - method: GET
--- a/http/misconfiguration/aem/aem-querybuilder-internal-path-read.yaml
+++ b/http/misconfiguration/aem/aem-querybuilder-internal-path-read.yaml
@ -9,7 +9,7 @@ info:
  metadata:
    max-request: 4
    shodan-query: http.component:"Adobe Experience Manager"
-  tags: aem
+  tags: aem,misconfig

 http:
  - method: GET
--- a/http/misconfiguration/aem/aem-querybuilder-json-servlet.yaml
+++ b/http/misconfiguration/aem/aem-querybuilder-json-servlet.yaml
@ -11,7 +11,7 @@ info:
  metadata:
    max-request: 8
    shodan-query: http.component:"Adobe Experience Manager"
-  tags: aem,adobe
+  tags: aem,adobe,misconfig

 http:
  - method: GET
--- a/http/misconfiguration/aem/aem-setpreferences-xss.yaml
+++ b/http/misconfiguration/aem/aem-setpreferences-xss.yaml
@ -16,7 +16,7 @@ info:
  metadata:
    max-request: 2
    shodan-query: http.component:"Adobe Experience Manager"
-  tags: aem,xss
+  tags: aem,xss,misconfig

 http:
  - method: GET
--- a/http/misconfiguration/aem/aem-userinfo-servlet.yaml
+++ b/http/misconfiguration/aem/aem-userinfo-servlet.yaml
@ -8,7 +8,7 @@ info:
  metadata:
    max-request: 1
    shodan-query: http.component:"Adobe Experience Manager"
-  tags: aem,bruteforce
+  tags: aem,bruteforce,misconfig

 http:
  - method: GET
--- a/http/misconfiguration/aem/aem-wcm-suggestions-servlet.yaml
+++ b/http/misconfiguration/aem/aem-wcm-suggestions-servlet.yaml
@ -9,7 +9,7 @@ info:
  metadata:
    max-request: 1
    shodan-query: http.component:"Adobe Experience Manager"
-  tags: aem
+  tags: aem,misconfig

 http:
  - method: GET
--- a/http/misconfiguration/aem/aem-xss-childlist-selector.yaml
+++ b/http/misconfiguration/aem/aem-xss-childlist-selector.yaml
@ -18,7 +18,7 @@ info:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
    cvss-score: 7.2
    cwe-id: CWE-79
-  tags: xss,aem,adobe
+  tags: xss,aem,adobe,misconfig

 http:
  - method: GET
--- a/http/misconfiguration/airflow/airflow-debug.yaml
+++ b/http/misconfiguration/airflow/airflow-debug.yaml
@ -8,7 +8,7 @@ info:
    max-request: 1
    verified: true
    shodan-query: title:"Airflow - DAGs"
-  tags: apache,airflow,fpd
+  tags: apache,airflow,fpd,misconfig

 http:
  - method: GET
--- a/http/misconfiguration/airflow/unauthenticated-airflow.yaml
+++ b/http/misconfiguration/airflow/unauthenticated-airflow.yaml
@ -7,7 +7,7 @@ info:
  metadata:
    max-request: 2
    shodan-query: title:"Airflow - DAGs"
-  tags: apache,airflow,unauth
+  tags: apache,airflow,unauth,misconfig

 http:
  - method: GET
--- a/http/misconfiguration/akamai/akamai-arl-xss.yaml
+++ b/http/misconfiguration/akamai/akamai-arl-xss.yaml
@ -15,7 +15,7 @@ info:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
    cvss-score: 7.2
    cwe-id: CWE-79
-  tags: akamai,xss
+  tags: akamai,xss,misconfig
  metadata:
    max-request: 1

--- a/http/misconfiguration/akamai/akamai-s3-cache-poisoning.yaml
+++ b/http/misconfiguration/akamai/akamai-s3-cache-poisoning.yaml
@ -15,7 +15,7 @@ info:
  metadata:
    max-request: 204
    verified: true
-  tags: cache,poisoning,generic,xss,akamai,s3
+  tags: cache,poisoning,generic,xss,akamai,s3,misconfig

 variables:
  rand: "{{rand_base(5)}}"
--- a/http/misconfiguration/alibaba-mongoshake-unauth.yaml
+++ b/http/misconfiguration/alibaba-mongoshake-unauth.yaml
@ -4,7 +4,7 @@ info:
  name: Alibaba Mongoshake Unauth
  author: pikpikcu
  severity: info
-  tags: mongoshake,unauth,alibaba
+  tags: mongoshake,unauth,alibaba,misconfig
  metadata:
    max-request: 1

--- a/http/misconfiguration/android-debug-database-exposed.yaml
+++ b/http/misconfiguration/android-debug-database-exposed.yaml
@ -7,7 +7,7 @@ info:
  metadata:
    max-request: 1
    shodan-query: http.title:"Android Debug Database"
-  tags: unauth,android
+  tags: unauth,android,misconfig

 http:
  - method: GET
--- a/http/misconfiguration/apache/tomcat-pathnormalization.yaml
+++ b/http/misconfiguration/apache/tomcat-pathnormalization.yaml
@ -10,7 +10,7 @@ info:
    cvss-score: 0.0
    cwe-id: CWE-200
  reference: https://i.blackhat.com/us-18/Wed-August-8/us-18-Orange-Tsai-Breaking-Parser-Logic-Take-Your-Path-Normalization-Off-And-Pop-0days-Out-2.pdf
-  tags: panel,tomcat,apache
+  tags: panel,tomcat,apache,misconfig
  metadata:
    max-request: 6

--- a/http/misconfiguration/apc-info.yaml
+++ b/http/misconfiguration/apc-info.yaml
@ -4,7 +4,7 @@ info:
  name: APCu service information leakage
  author: koti2
  severity: low
-  tags: config,service,apcu
+  tags: config,service,apcu,misconfig
  metadata:
    max-request: 2

--- a/http/misconfiguration/artifactory-anonymous-deploy.yaml
+++ b/http/misconfiguration/artifactory-anonymous-deploy.yaml
@ -6,7 +6,7 @@ info:
  severity: high
  reference:
    - https://www.errno.fr/artifactory/Attacking_Artifactory.html
-  tags: artifactory
+  tags: artifactory,misconfig
  metadata:
    max-request: 1

--- a/http/misconfiguration/aspx-debug-mode.yaml
+++ b/http/misconfiguration/aspx-debug-mode.yaml
@ -6,7 +6,7 @@ info:
  severity: info
  reference:
    - https://portswigger.net/kb/issues/00100800_asp-net-debugging-enabled
-  tags: debug
+  tags: debug,misconfig
  metadata:
    max-request: 1

--- a/http/misconfiguration/aws-redirect.yaml
+++ b/http/misconfiguration/aws-redirect.yaml
@ -6,7 +6,7 @@ info:
  severity: info
  reference:
    - https://link.medium.com/fgXKJHR9P7
-  tags: aws,takeover
+  tags: aws,takeover,misconfig
  metadata:
    max-request: 1

--- a/http/misconfiguration/blackbox-exporter-metrics.yaml
+++ b/http/misconfiguration/blackbox-exporter-metrics.yaml
@ -8,7 +8,7 @@ info:
    max-request: 1
    verified: true
    shodan-query: title:"Blackbox Exporter"
-  tags: blackbox,exposure,debug
+  tags: blackbox,exposure,debug,misconfig

 http:
  - method: GET
--- a/http/misconfiguration/browserless-debugger.yaml
+++ b/http/misconfiguration/browserless-debugger.yaml
@ -10,7 +10,7 @@ info:
  metadata:
    max-request: 1
    shodan-query: http.title:"browserless debugger"
-  tags: browserless,unauth,debug
+  tags: browserless,unauth,debug,misconfig

 http:
  - method: GET
--- a/http/misconfiguration/cgi-test-page.yaml
+++ b/http/misconfiguration/cgi-test-page.yaml
@ -4,7 +4,7 @@ info:
  name: CGI Test page
  author: YASH ANAND @yashanand155
  severity: info
-  tags: cgi
+  tags: cgi,misconfig
  metadata:
    max-request: 1

--- a/http/misconfiguration/clockwork-dashboard-exposure.yaml
+++ b/http/misconfiguration/clockwork-dashboard-exposure.yaml
@ -6,7 +6,7 @@ info:
  severity: high
  reference:
    - https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/clockwork-dashboard-exposure.json
-  tags: exposure,unauth
+  tags: exposure,unauth,misconfig
  metadata:
    max-request: 1

--- a/http/misconfiguration/cluster-panel.yaml
+++ b/http/misconfiguration/cluster-panel.yaml
@ -8,7 +8,7 @@ info:
    max-request: 1
    verified: true
    shodan-query: http.title:"Cluster Overview - Trino"
-  tags: cluster,unauth,trino
+  tags: cluster,unauth,trino,misconfig

 http:
  - method: POST
--- a/http/misconfiguration/collectd-exporter-metrics.yaml
+++ b/http/misconfiguration/collectd-exporter-metrics.yaml
@ -8,7 +8,7 @@ info:
    max-request: 1
    verified: true
    shodan-query: title:"Collectd Exporter"
-  tags: collectd,exposure,debug
+  tags: collectd,exposure,debug,misconfig

 http:
  - method: GET
--- a/http/misconfiguration/command-api-explorer.yaml
+++ b/http/misconfiguration/command-api-explorer.yaml
@ -13,7 +13,7 @@ info:
    max-request: 1
    verified: true
    shodan-query: http.html:"Command API Explorer"
-  tags: panel
+  tags: panel,misconfig

 http:
  - method: GET
--- a/http/misconfiguration/cx-cloud-upload-detect.yaml
+++ b/http/misconfiguration/cx-cloud-upload-detect.yaml
@ -9,7 +9,7 @@ info:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
-  tags: fileupload
+  tags: fileupload,misconfig
  metadata:
    max-request: 1

--- a/http/misconfiguration/d-link-arbitary-fileread.yaml
+++ b/http/misconfiguration/d-link-arbitary-fileread.yaml
@ -11,7 +11,7 @@ info:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
    cvss-score: 8.3
    cwe-id: CWE-522
-  tags: dlink,lfi
+  tags: dlink,lfi,misconfig
  metadata:
    max-request: 1

--- a/http/misconfiguration/debug/bottle-debug.yaml
+++ b/http/misconfiguration/debug/bottle-debug.yaml
@ -10,7 +10,7 @@ info:
    max-request: 1
    verified: true
    shodan-query: html:"Sorry, the requested URL"
-  tags: bottle,exposure,debug
+  tags: bottle,exposure,debug,misconfig

 http:
  - method: GET
--- a/http/misconfiguration/debug/flask-werkzeug-debug.yaml
+++ b/http/misconfiguration/debug/flask-werkzeug-debug.yaml
@ -8,7 +8,7 @@ info:
    max-request: 1
    verified: true
    shodan-query: html:"Werkzeug powered traceback interpreter"
-  tags: werkzeug,exposure,debug
+  tags: werkzeug,exposure,debug,misconfig

 http:
  - method: GET
--- a/http/misconfiguration/deos-openview-admin.yaml
+++ b/http/misconfiguration/deos-openview-admin.yaml
@ -10,7 +10,7 @@ info:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
    cvss-score: 8.6
    cwe-id: CWE-284
-  tags: openview,disclosure,panel
+  tags: openview,disclosure,panel,misconfig
  metadata:
    max-request: 1

--- a/http/misconfiguration/dgraph-dashboard-exposure.yaml
+++ b/http/misconfiguration/dgraph-dashboard-exposure.yaml
@ -12,7 +12,7 @@ info:
  metadata:
    max-request: 1
    shodan-query: http.title:"Dgraph Ratel Dashboard"
-  tags: exposure,unauth,panel
+  tags: exposure,unauth,panel,misconfig

 http:
  - method: GET
--- a/http/misconfiguration/django-debug-detect.yaml
+++ b/http/misconfiguration/django-debug-detect.yaml
@ -4,7 +4,7 @@ info:
  name: Django Debug Method Enabled
  author: dhiyaneshDK,hackergautam
  severity: medium
-  tags: django,debug
+  tags: django,debug,misconfig
  metadata:
    max-request: 1

--- a/Show More
+++ b/Show More