daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

updated domain

patch-5
Prince Chaddha 2024-07-14 13:36:22 +05:30
parent 7cc2da843f
commit 64cbf97e14
2 changed files with 94 additions and 94 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
dast/vulnerabilities/redirect/open-redirect.yaml
View File

@ -16,7 +16,7 @@ http:
payloads:
redirect:
- "example.com"
- "oast.me"
fuzzing:
- part: query
@ -174,7 +174,7 @@ http:
- type: regex
part: header
regex:
- '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/idfD2e/1
- '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)oast\.me\/?(\/|[^.].*)?$' # https://regex101.com/r/idfD2e/1
- type: status
status:

184
http/vulnerabilities/generic/open-redirect-generic.yaml
View File

@ -20,99 +20,99 @@ http:
payloads:
redirect:
- '%0a/example.com/'
- '%0d/example.com/'
- '%00/example.com/'
- '%09/example.com/'
- '%5C%5Cexample.com/%252e%252e%252f'
- '%5Cexample.com'
- '%5cexample.com/%2f%2e%2e'
- '%5c{{RootURL}}example.com/%2f%2e%2e'
- '../example.com'
- '.example.com'
- '/%5cexample.com'
- '////\;@example.com'
- '////example.com'
- '///example.com'
- '///example.com/%2f%2e%2e'
- '///example.com@//'
- '///{{RootURL}}example.com/%2f%2e%2e'
- '//;@example.com'
- '//\/example.com/'
- '//\@example.com'
- '//\example.com'
- '//\texample.com/'
- '//example.com/%2F..'
- '//example.com//'
- '%0a/oast.me/'
- '%0d/oast.me/'
- '%00/oast.me/'
- '%09/oast.me/'
- '%5C%5Coast.me/%252e%252e%252f'
- '%5Coast.me'
- '%5coast.me/%2f%2e%2e'
- '%5c{{RootURL}}oast.me/%2f%2e%2e'
- '../oast.me'
- '.oast.me'
- '/%5coast.me'
- '////\;@oast.me'
- '////oast.me'
- '///oast.me'
- '///oast.me/%2f%2e%2e'
- '///oast.me@//'
- '///{{RootURL}}oast.me/%2f%2e%2e'
- '//;@oast.me'
- '//\/oast.me/'
- '//\@oast.me'
- '//\oast.me'
- '//\toast.me/'
- '//oast.me/%2F..'
- '//oast.me//'
- '//%69%6e%74%65%72%61%63%74%2e%73%68'
- '//example.com@//'
- '//example.com\texample.com/'
- '//https://example.com//'
- '/<>//example.com'
- '/\/\/example.com/'
- '/\/example.com'
- '/\example.com'
- '/example.com'
- '/example.com/%2F..'
- '/example.com/'
- '/example.com/..;/css'
- '/https:example.com'
- '/{{RootURL}}example.com/'
- '/〱example.com'
- '/〵example.com'
- '/ゝexample.com'
- '/ーexample.com'
- '/ーexample.com'
- '<>//example.com'
- '@example.com'
- '@https://example.com'
- '\/\/example.com/'
- '//oast.me@//'
- '//oast.me\toast.me/'
- '//https://oast.me//'
- '/<>//oast.me'
- '/\/\/oast.me/'
- '/\/oast.me'
- '/\oast.me'
- '/oast.me'
- '/oast.me/%2F..'
- '/oast.me/'
- '/oast.me/..;/css'
- '/https:oast.me'
- '/{{RootURL}}oast.me/'
- '/〱oast.me'
- '/〵oast.me'
- '/ゝoast.me'
- '/ーoast.me'
- '/ーoast.me'
- '<>//oast.me'
- '@oast.me'
- '@https://oast.me'
- '\/\/oast.me/'
- 'example%E3%80%82com'
- 'example.com'
- 'example.com/'
- 'example.com//'
- 'example.com;@'
- 'https%3a%2f%2fexample.com%2f'
- 'https:%0a%0dexample.com'
- 'https://%0a%0dexample.com'
- 'https://%09/example.com'
- 'https://%2f%2f.example.com/'
- 'https://%3F.example.com/'
- 'https://%5c%5c.example.com/'
- 'https://%5cexample.com@'
- 'https://%23.example.com/'
- 'https://.example.com'
- 'https://////example.com'
- 'https:///example.com'
- 'https:///example.com/%2e%2e'
- 'https:///example.com/%2f%2e%2e'
- 'https:///example.com@example.com/%2e%2e'
- 'https:///example.com@example.com/%2f%2e%2e'
- 'https://:80#@example.com/'
- 'https://:80?@example.com/'
- 'https://:@\@example.com'
- 'https://:@example.com\@example.com'
- 'https://;@example.com'
- 'https://\texample.com/'
- 'https://example.com/example.com'
- 'https://example.com/https://example.com/'
- 'https://www.\.example.com'
- 'https:/\/\example.com'
- 'https:/\example.com'
- 'https:/example.com'
- 'https:example.com'
- '{{RootURL}}example.com'
- '〱example.com'
- '〵example.com'
- 'ゝexample.com'
- 'ーexample.com'
- 'ーexample.com'
- 'redirect/example.com'
- 'cgi-bin/redirect.cgi?example.com'
- 'out?example.com'
- 'login?to=http://example.com'
- '1/_https@example.com'
- 'redirect?targeturl=https://example.com'
- 'oast.me'
- 'oast.me/'
- 'oast.me//'
- 'oast.me;@'
- 'https%3a%2f%2foast.me%2f'
- 'https:%0a%0doast.me'
- 'https://%0a%0doast.me'
- 'https://%09/oast.me'
- 'https://%2f%2f.oast.me/'
- 'https://%3F.oast.me/'
- 'https://%5c%5c.oast.me/'
- 'https://%5coast.me@'
- 'https://%23.oast.me/'
- 'https://.oast.me'
- 'https://////oast.me'
- 'https:///oast.me'
- 'https:///oast.me/%2e%2e'
- 'https:///oast.me/%2f%2e%2e'
- 'https:///oast.me@oast.me/%2e%2e'
- 'https:///oast.me@oast.me/%2f%2e%2e'
- 'https://:80#@oast.me/'
- 'https://:80?@oast.me/'
- 'https://:@\@oast.me'
- 'https://:@oast.me\@oast.me'
- 'https://;@oast.me'
- 'https://\toast.me/'
- 'https://oast.me/oast.me'
- 'https://oast.me/https://oast.me/'
- 'https://www.\.oast.me'
- 'https:/\/\oast.me'
- 'https:/\oast.me'
- 'https:/oast.me'
- 'https:oast.me'
- '{{RootURL}}oast.me'
- '〱oast.me'
- '〵oast.me'
- 'ゝoast.me'
- 'ーoast.me'
- 'ーoast.me'
- 'redirect/oast.me'
- 'cgi-bin/redirect.cgi?oast.me'
- 'out?oast.me'
- 'login?to=http://oast.me'
- '1/_https@oast.me'
- 'redirect?targeturl=https://oast.me'
stop-at-first-match: true
@ -121,7 +121,7 @@ http:
- type: regex
part: header
regex:
- '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
- '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)oast\.me\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
- type: status
status: