daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Untrusted Root Certificate - Detect

patch-1
pussycat0x 2023-03-19 00:47:33 +05:30 committed by GitHub
parent eaeb1621ec
commit 7144aa25a2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 20 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
ssl/untrusted-root-certificate.yaml Normal file
View File

@ -0,0 +1,20 @@
id: untrusted-root-certificate
info:
name: Untrusted Root Certificate - Detect
author: pussycat0x
severity: medium
description: |
A root certificate is a digital certificate issued by a trusted certificate authority that acts as a basis for other digital certificates. An untrusted root certificate is a certificate that is issued by an authority that is not trusted by the computer, and therefore cannot be used to authenticate websites or other digital certificates.
reference:
- https://www.sslmarket.com/ssl/trusted-and-untrusted-certificate
- https://www.invicti.com/web-vulnerability-scanner/vulnerabilities/ssl-untrusted-root-certificate/
tags: ssl,untrusted
ssl:
- address: "{{Host}}:{{Port}}"
matchers:
- type: dsl
dsl:
- "untrusted == true"