daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Miscellaneous template updates

patch-1
sandeep 2022-01-28 15:54:49 +05:30
parent cb2f2a8721
commit 614fc901d1
15 changed files with 33 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.nuclei-ignore
View File

@ -10,7 +10,6 @@
tags:
- "fuzz"
- "dos"
- "misc"
# files is a list of files to ignore template execution
# unless asked for by the user.

4
miscellaneous/addeventlistener-detect.yaml
View File

@ -4,7 +4,7 @@ info:
name: AddEventlistener detection
author: yavolo
severity: info
tags: xss
tags: xss,misc
reference: https://portswigger.net/web-security/dom-based/controlling-the-web-message-source
requests:
@ -14,6 +14,6 @@ requests:
matchers:
- type: word
part: body
words:
- 'window.addEventListener('
part: body

6
miscellaneous/apple-app-site-association.yaml
View File

@ -4,7 +4,7 @@ info:
name: Apple app site association for harvesting end points
author: panch0r3d
severity: info
tags: misc
tags: misc,apple
requests:
- method: GET
@ -17,17 +17,17 @@ requests:
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'applinks'
- 'appID'
- 'paths'
part: body
condition: and
- type: word
part: header
words:
- 'application/json'
part: header
- type: status
status:

2
miscellaneous/dir-listing.yaml
View File

@ -11,6 +11,7 @@ requests:
- method: GET
path:
- "{{BaseURL}}"
matchers:
- type: word
words:
@ -18,3 +19,4 @@ requests:
- "Index of /"
- "[To Parent Directory]"
- "Directory: /"
condition: or

20
miscellaneous/display-via-header.yaml
View File

@ -1,20 +0,0 @@
id: display-via-header
info:
name: Display Via Header
author: geeknik
reference: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Via
severity: info
tags: misc,generic
requests:
- method: GET
path:
- "{{BaseURL}}"
redirects: true
extractors:
- type: regex
part: header
regex:
- "Via:.*"

4
miscellaneous/joomla-htaccess.yaml
View File

@ -16,14 +16,14 @@ requests:
matchers:
- type: word
words:
- "# @package Joomla"
- "Joomla"
- "Open Source Matters. All rights reserved"
condition: and
- type: word
part: header
words:
- "text/plain"
part: header
- type: status
status:

2
miscellaneous/joomla-manifest-file.yaml
View File

@ -21,9 +21,9 @@ requests:
condition: and
- type: word
part: header
words:
- "application/xml"
part: header
- type: status
status:

2
miscellaneous/moodle-changelog.yaml
View File

@ -22,9 +22,9 @@ requests:
condition: and
- type: word
part: header
words:
- "text/plain"
part: header
- type: status
status:

2
miscellaneous/ntlm-directories.yaml
View File

@ -14,7 +14,7 @@ requests:
Host: {{Hostname}}
Authorization: NTLM TlRMTVNTUAABAAAAB4IIAAAAAAAAAAAAAAAAAAAAAAA=
threads: 50
threads: 10
payloads:
path:
- /

4
miscellaneous/old-copyright.yaml
View File

@ -16,9 +16,9 @@ requests:
matchers-condition: and
matchers:
- type: word
part: body
words:
- '2022'
part: body
negative: true
- type: regex
@ -28,10 +28,10 @@ requests:
- '© [1-9]\d*'
- '© [1-9]\d*'
- '© [1-9]\d*'
extractors:
- type: regex
part: body
name: copyright_year
regex:
- 'Copyright [1-9]\d*'
- '© [1-9]\d*'

4
miscellaneous/detect-options-method.yaml → miscellaneous/options-method.yaml
View File

@ -1,7 +1,7 @@
id: detect-options-method
id: options-method
info:
name: Detect enabled OPTIONS methods
name: Allowed Options Method
author: pdteam
severity: info
tags: misc,generic

3
miscellaneous/robots.txt.yaml → miscellaneous/robots-txt.yaml
View File

@ -9,6 +9,7 @@ requests:
- method: GET
path:
- "{{BaseURL}}/robots.txt"
matchers-condition: and
redirects: true
matchers:
@ -17,9 +18,9 @@ requests:
- "Disallow:"
- type: word
part: header
words:
- text/plain
part: header
- type: dsl
dsl:

18
miscellaneous/security.txt.yaml → miscellaneous/security-txt.yaml
View File

@ -10,20 +10,28 @@ info:
requests:
- method: GET
path:
- "{{BaseURL}}/.well-known/security.txt"
- "{{BaseURL}}/security.txt"
- "{{RootURL}}/.well-known/security.txt"
- "{{RootURL}}/security.txt"
stop-at-first-match: true
redirects: true
max-redirects: 3
max-redirects: 2
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
words:
- "Contact:"
condition: and
- type: dsl
dsl:
- "len(body) <= 1024 && len(body) > 0"
condition: and
extractors:
- type: regex
group: 1
regex:
- '(?mi)Contact:(.*)'

25
miscellaneous/tabnabbing-check.yaml
View File

@ -1,25 +0,0 @@
id: tabnabbing-check
info:
name: Reverse Tabnabbing
author: bolli95
severity: info
tags: misc
reference:
- https://owasp.org/www-community/attacks/Reverse_Tabnabbing
- https://www.youtube.com/watch?v=TMKZCHYmtD4
- https://hackerone.com/reports/211065
requests:
- method: GET
path:
- "{{BaseURL}}"
matchers-condition: and
matchers:
- type: dsl
dsl:
- 'regex("<a[A-z0-9\/\"\&\=\%\#\.\:\_\@\\\$ ]*target\=\"_blank\"[A-z0-9\/\"\&\%\=\#\.\:\_\@\\\$ ]*>", replace_regex(replace_regex(body, "<a[A-z0-9\/\"\&\=\%\#\.\:\_\@\\\$ ]*target\=\"_blank\"[A-z0-9\/\"\&\%\=\#\.\:\_\@\\\$ ]*(rel=\"noopener noreferrer\"|rel=\"noreferrer noopener\"|rel=\"noreferrer\"|rel=\"noopener\")[A-z0-9\/\"\&\%\=\#\.\:\_\@\\\$ ]*>", ""), "<a[A-z0-9\/\"\&\=\%\#\.\:\_\@\\\$ ]*(rel=\"noopener noreferrer\"|rel=\"noreferrer noopener\"|rel=\"noreferrer\"|rel=\"noopener\")[A-z0-9\/\"\&\%\=\#\.\:\_\@\\\$ ]*target\=\"_blank\"[A-z0-9\/\"\&\%\=\#\.\:\_\@\\\$ ]*>", "")) || regex("window\.open\\([^,]+\\)", body)'
- type: dsl
dsl:
- "!contains(tolower(all_headers), 'referrer-policy: no-referrer')"

4
miscellaneous/trace-method.yaml
View File

@ -15,9 +15,9 @@ requests:
matchers:
- type: word
name: trace-request
part: body
words:
- "TRACE / HTTP"
part: body
- method: OPTIONS
path:
@ -26,6 +26,6 @@ requests:
matchers:
- type: regex
name: options-request
part: header
regex:
- "(?i)Allow: [A-Z,]*TRACE"
part: header