daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added Razorpay-client-id, Zapier webhook, mapbox, fcm api keys

patch-1
Devang Solanki 2023-02-12 18:42:05 +05:30
parent 9fc1d1cac2
commit 7634ef7153
7 changed files with 115 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
exposures/tokens/firebase/fcm-api-key.yaml Normal file
View File

@ -0,0 +1,18 @@
id: fcm-api-key
info:
name: Firebase Cloud Messaging Token
author: Devang-Solanki
severity: medium
tags: token,file,fcm,firebase,google
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '[A-Za-z0-9-_]+:APA91b[A-Za-z0-9-_#]+'

17
exposures/tokens/mapbox/mapbox-token.yaml Normal file
View File

@ -0,0 +1,17 @@
id: mapbox-token
info:
name: Mapbox Token
author: Devang-Solanki
severity: medium
tags: token,file,mapbox
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- 'sk\.eyJ1Ijoi\w+\.[\w-]*'

17
exposures/tokens/razorpay/razorpay-client-id.yaml Normal file
View File

@ -0,0 +1,17 @@
id: razorpay-client-id
info:
name: Razorpay Clienr ID Disclosure
author: Devang-Solanki
severity: info
tags: exposure,token,razorpay
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- "rzp_(live|test)_.{14}"

16
file/keys/fcm-api-key.yaml Normal file
View File

@ -0,0 +1,16 @@
id: fcm-api-key
info:
name: Firebase Cloud Messaging Token
author: Devang-Solanki
severity: medium
tags: token,file,fcm,firebase,google
file:
- extensions:
- all
extractors:
- type: regex
regex:
- '[A-Za-z0-9-_]+:APA91b[A-Za-z0-9-_#]+'

16
file/keys/mapbox-token.yaml Normal file
View File

@ -0,0 +1,16 @@
id: mapbox-token
info:
name: Mapbox Token
author: Devang-Solanki
severity: medium
tags: token,file,mapbox
file:
- extensions:
- all
extractors:
- type: regex
regex:
- 'sk\.eyJ1Ijoi\w+\.[\w-]*'

15
file/keys/razorpay-client-id.yaml Normal file
View File

@ -0,0 +1,15 @@
id: razorpay-client-id
info:
name: Razorpay client-id
author: Devang-Solanki
severity: high
tags: token,file,razorpay
file:
- extensions:
- all
extractors:
- type: regex
regex:
- "rzp_(live|test)_.{14}"

16
file/keys/zapier-webhook.yaml Normal file
View File

@ -0,0 +1,16 @@
id: zapier-webhook
info:
name: Zapier Webhook
author: Devang-Solanki
severity: high
tags: token,file,zapier
file:
- extensions:
- all
extractors:
- type: regex
regex:
- 'https://(?:www.)?hooks\.zapier\.com/hooks/catch/[A-Za-z0-9]+/[A-Za-z0-9]+/'