Merge pull request #4463 from 0ri2N/feat/token-spray-bundle

feat(token-spray): bundle for verification of tokens of various services
2022-05-23 15:06:02 +05:30 · 2022-05-23 15:06:02 +05:30 · 6fdcb886f5
parent 087db0a24e c149f87495
commit 6fdcb886f5
10 changed files with 273 additions and 0 deletions
--- a/token-spray/api-binaryedge.yaml
+++ b/token-spray/api-binaryedge.yaml
@ -0,0 +1,28 @@
+id: api-binaryedge
+
+info:
+  name: BinaryEdge API Test
+  author: 0ri2N
+  severity: info
+  description: |
+    BinaryEdge combines Machine Learning and Cybersecurity techniques in a custom built platform to scan, acquire and classify public Internet data. This platform scans the entire public Internet space and creates real-time threat intelligence streams and reports about your company.
+  reference:
+    - https://binaryedge.io
+    - https://docs.binaryedge.io
+  tags: dns,scan,recon,binaryedge,token-spray
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - https://api.binaryedge.io/v2/user/subscription
+    headers:
+      X-Key: "{{token}}"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"subscription"'
+          - '"requests_left"'
+        condition: and
--- a/token-spray/api-c99.yaml
+++ b/token-spray/api-c99.yaml
@ -0,0 +1,21 @@
+id: api-c99
+
+info:
+  name: C99 API Test
+  author: 0ri2N
+  severity: info
+  reference:
+    - https://api.c99.nl
+  tags: c99,api,dns,token-spray
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - https://api.c99.nl/ping?key={{token}}&host=1.1.1.1
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "PING 1.1.1.1"
--- a/token-spray/api-front.yaml
+++ b/token-spray/api-front.yaml
@ -0,0 +1,27 @@
+id: api-front
+
+info:
+  name: LaunchDarkly REST API
+  author: Luqmaan Hadia [Luqiih](https://github.com/Luqiih)
+  severity: info
+  reference:
+    - https://dev.frontapp.com/reference/introduction
+  tags: token-spray,front
+
+self-contained: true
+requests:
+  - raw:
+      - |
+        GET https://api2.frontapp.com/accounts HTTP/1.1
+        Host: api2.frontapp.com
+        Authorization: Bearer {{token}}
+        Accept: application/json
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "logo_url"
+          - "name"
+        condition: and
--- a/token-spray/api-fullhunt.yaml
+++ b/token-spray/api-fullhunt.yaml
@ -0,0 +1,29 @@
+id: api-fullhunt
+
+info:
+  name: FullHunt API Test
+  author: 0ri2N
+  severity: info
+  description: |
+    FullHunt holds one of the largest Databases for external attack surfaces of the entire Internet.
+  reference:
+    - https://fullhunt.io
+    - https://api-docs.fullhunt.io
+  tags: dns,scan,recon,fullhunt,database,token-spray
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - https://fullhunt.io/api/v1/domain/example.com/details
+    headers:
+      X-API-Key: "{{token}}"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"dns"'
+          - '"hosts"'
+          - '"domain"'
+        condition: and
--- a/token-spray/api-intelx.yaml
+++ b/token-spray/api-intelx.yaml
@ -0,0 +1,32 @@
+id: api-intelx
+
+info:
+  name: Intelligence X API Test
+  author: 0ri2N
+  severity: info
+  description: |
+    Intelligence X is a search engine and data archive. Search Tor, I2P, data leaks and the public web by email, domain, IP, CIDR, Bitcoin address and more.
+  reference:
+    - https://intelx.io
+    - https://github.com/IntelligenceX/SDK
+    - https://github.com/IntelligenceX/SDK/blob/master/Intelligence%20X%20API.pdf
+    - https://intelx.io/account?tab=developer
+  tags: dns,scan,recon,intelx,token-spray
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - https://2.intelx.io/authenticate/info
+    headers:
+      X-Key: "{{token}}"
+      User-Agent: Nuclei (+https://nuclei.projectdiscovery.io)
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'added'
+          - 'preview'
+          - 'buckets'
+        condition: and
--- a/token-spray/api-securitytrails.yaml
+++ b/token-spray/api-securitytrails.yaml
@ -0,0 +1,27 @@
+id: api-securitytrails
+
+info:
+  name: SecurityTrails API Test
+  author: 0ri2N
+  severity: info
+  reference:
+    - https://securitytrails.com
+    - https://docs.securitytrails.com
+    - https://securitytrails.com/corp/api
+  tags: dns,ssl,recon,securitytrails,token-spray
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - https://api.securitytrails.com/v1/ping
+    headers:
+      APIKey: "{{token}}"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"message"'
+          - '"endpoint"'
+        condition: and
--- a/token-spray/api-sentry.yaml
+++ b/token-spray/api-sentry.yaml
@ -0,0 +1,24 @@
+id: api-sentry
+
+info:
+  name: Sentry API Test
+  author: 0ri2N
+  severity: info
+  reference:
+    - https://sentry.io
+    - https://docs.sentry.io
+    - https://docs.sentry.io/api/auth
+  tags: sentry,tracing,tracking,monitoring,token-spray
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - "https://sentry.io/api/0/projects/"
+    headers:
+      Authorization: Bearer {{token}}
+
+    matchers:
+      - type: status
+        status:
+          - 200
--- a/token-spray/api-shodan.yaml
+++ b/token-spray/api-shodan.yaml
@ -0,0 +1,28 @@
+id: api-shodan
+
+info:
+  name: Shodan API Test
+  author: 0ri2N
+  severity: info
+  description: |
+    Shodan is a search engine that lets users search for various types of servers connected to the internet using a variety of filters.
+  reference:
+    - https://shodan.io
+    - https://developer.shodan.io
+    - https://developer.shodan.io/api
+  tags: dns,scan,recon,shodan,token-spray
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - https://api.shodan.io/api-info?key={{token}}
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"plan"'
+          - '"unlocked"'
+          - '"scan_credits"'
+        condition: and
--- a/token-spray/api-sslmate.yaml
+++ b/token-spray/api-sslmate.yaml
@ -0,0 +1,28 @@
+id: api-sslmate
+
+info:
+  name: SSLMate API Test
+  author: 0ri2N
+  severity: info
+  reference:
+    - https://sslmate.com
+    - https://sslmate.com/help/
+    - https://sslmate.com/help/reference/apiv2
+  tags: dns,ssl,recon,sslmate,token-spray
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - https://sslmate.com/api/v2/certs/example.com?expand=current.crt
+    headers:
+      Authorization: Bearer {{token}}
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"exists"'
+          - '"wildcard"'
+          - '"auto_renew"'
+        condition: and
--- a/token-spray/api-zoomeye.yaml
+++ b/token-spray/api-zoomeye.yaml
@ -0,0 +1,29 @@
+id: api-zoomeye
+
+info:
+  name: ZoomEye API Test
+  author: 0ri2N
+  severity: info
+  description: |
+    ZoomEyeis a Cyberspace Search Engine recording information of devices, websites, services and components etc.
+  reference:
+    - https://zoomeye.org
+    - https://zoomeye.org/doc
+  tags: dns,scan,recon,zoomeye,token-spray
+
+self-contained: true
+requests:
+  - method: GET
+    path:
+      - https://api.zoomeye.org/resources-info
+    headers:
+      API-KEY: "{{token}}"
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"plan"'
+          - '"stats"'
+          - '"user_info"'
+        condition: and