update zip-backup-files (#6816)

exposures/backups/zip-backup-files.yaml

@@ -2,7 +2,7 @@ id: zip-backup-files
 
 info:
   name: Compressed Backup File - Detect
-  author: toufik-airane,dwisiswant0,ffffffff0x
+  author: toufik-airane,dwisiswant0,ffffffff0x,pwnhxl
   severity: medium
   description: Multiple compressed backup files were detected.
   classification:
@@ -14,13 +14,36 @@ info:
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}/{{FQDN}}.{{EXT}}"  # www.example.com
-      - "{{BaseURL}}/{{RDN}}.{{EXT}}"   # example.com
-      - "{{BaseURL}}/{{DN}}.{{EXT}}"    # example
-      - "{{BaseURL}}/{{SD}}.{{EXT}}"    # www
+      - "{{BaseURL}}/{{FILENAME}}.{{EXT}}"
 
-    attack: pitchfork
+    attack: clusterbomb
     payloads:
+      FILENAME:
+        - "{{FQDN}}"  # www.example.com
+        - "{{RDN}}"   # example.com
+        - "{{DN}}"    # example
+        - "{{SD}}"    # www
+        - "{{date_time('%Y')}}"   #2023
+        - "ROOT"   #tomcat
+        - "wwwroot"
+        - "htdocs"
+        - "www"
+        - "html"
+        - "web"
+        - "webapps"
+        - "public"
+        - "public_html"
+        - "uploads"
+        - "website"
+        - "api"
+        - "test"
+        - "app"
+        - "backup"
+        - "bin"
+        - "bak"
+        - "old"
+        - "Release"
+
       EXT:
         - "7z"
         - "bz2"
@@ -46,6 +69,7 @@ requests:
         - "sql.zip"
         - "sql.z"
         - "sql.tar.z"
+        - "war"
 
     max-size: 500  # Size in bytes - Max Size to read from server response
     matchers-condition: and