daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update bruteforce tags

patch-1
Ritik Chaddha 2024-02-28 10:41:31 +05:30
parent d2da0c6969
commit 779990ccaf
35 changed files with 35 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cloud/enum/azure-vm-cloud-enum.yaml
View File

@ -9,7 +9,7 @@ info:
metadata:
verified: true
max-request: 1
tags: cloud,cloud-enum,azure,brute-force,enum
tags: cloud,cloud-enum,azure,bruteforce,enum
self-contained: true

2
http/cves/2017/CVE-2017-17562.yaml
View File

@ -28,7 +28,7 @@ info:
max-request: 65
vendor: embedthis
product: goahead
tags: cve,cve2017,rce,goahead,brute-force,kev,vulhub,embedthis
tags: cve,cve2017,rce,goahead,bruteforce,kev,vulhub,embedthis
http:
- raw:

2
http/cves/2019/CVE-2019-17382.yaml
View File

@ -27,7 +27,7 @@ info:
max-request: 100
vendor: zabbix
product: zabbix
tags: cve2019,cve,brute-force,auth-bypass,login,edb,zabbix
tags: cve2019,cve,bruteforce,auth-bypass,login,edb,zabbix
http:
- raw:

2
http/cves/2022/CVE-2022-2034.yaml
View File

@ -28,7 +28,7 @@ info:
vendor: automattic
product: sensei_lms
framework: wordpress
tags: cve,cve2022,wp,disclosure,wpscan,sensei-lms,brute-force,hackerone,wordpress,wp-plugin,automattic
tags: cve,cve2022,wp,disclosure,wpscan,sensei-lms,bruteforce,hackerone,wordpress,wp-plugin,automattic
http:
- method: GET

2
http/cves/2023/CVE-2023-24489.yaml
View File

@ -28,7 +28,7 @@ info:
vendor: citrix
product: sharefile_storage_zones_controller
shodan-query: title:"ShareFile Storage Server"
tags: cve2023,cve,sharefile,rce,intrusive,fileupload,brute-force,kev,citrix
tags: cve2023,cve,sharefile,rce,intrusive,fileupload,bruteforce,kev,citrix
variables:
fileName: '{{rand_base(8)}}'

2
http/default-logins/oracle/peoplesoft-default-login.yaml
View File

@ -16,7 +16,7 @@ info:
verified: true
max-request: 200
shodan-query: title:"Oracle PeopleSoft Sign-in"
tags: default-login,peoplesoft,oracle,brute-force
tags: default-login,peoplesoft,oracle,bruteforce
http:
- method: POST

2
http/exposed-panels/adminer-panel-detect.yaml
View File

@ -17,7 +17,7 @@ info:
# Is generally handy if you find SQL creds
metadata:
max-request: 741
tags: panel,brute-force,adminer,login,sqli
tags: panel,bruteforce,adminer,login,sqli
http:
- raw:

2
http/exposures/backups/php-backup-files.yaml
View File

@ -7,7 +7,7 @@ info:
description: PHP Source File is disclosed to external users.
metadata:
max-request: 1512
tags: exposure,backup,php,disclosure,brute-force
tags: exposure,backup,php,disclosure,bruteforce
http:
- method: GET

2
http/fuzzing/cache-poisoning-fuzz.yaml
View File

@ -9,7 +9,7 @@ info:
- https://portswigger.net/web-security/web-cache-poisoning
metadata:
max-request: 5834
tags: fuzzing,brute-force,cache
tags: fuzzing,bruteforce,cache
http:
- raw:

2
http/fuzzing/header-command-injection.yaml
View File

@ -11,7 +11,7 @@ info:
cwe-id: CWE-77
metadata:
max-request: 7650
tags: fuzzing,brute-force,rce
tags: fuzzing,bruteforce,rce
http:
- raw:

2
http/fuzzing/iis-shortname.yaml
View File

@ -15,7 +15,7 @@ info:
cwe-id: CWE-200
metadata:
max-request: 4
tags: brute,edb
tags: bruteforce,edb
http:
- raw:

2
http/fuzzing/linux-lfi-fuzzing.yaml
View File

@ -11,7 +11,7 @@ info:
cwe-id: CWE-200
metadata:
max-request: 22
tags: fuzzing,linux,lfi,brute-force
tags: fuzzing,linux,lfi,bruteforce
http:
- method: GET

2
http/fuzzing/mdb-database-file.yaml
View File

@ -13,7 +13,7 @@ info:
cwe-id: CWE-200
metadata:
max-request: 341
tags: brute,mdb,asp
tags: bruteforce,mdb,asp
http:
- raw:

2
http/fuzzing/prestashop-module-fuzz.yaml
View File

@ -6,7 +6,7 @@ info:
severity: info
metadata:
max-request: 639
tags: fuzzing,brute-force,prestashop
tags: fuzzing,bruteforce,prestashop
http:
- raw:

2
http/fuzzing/ssrf-via-proxy.yaml
View File

@ -10,7 +10,7 @@ info:
- https://twitter.com/ImoJOnDz/status/1649089777629827072
metadata:
max-request: 9
tags: ssrf,proxy,oast,brute-force
tags: ssrf,proxy,oast,bruteforce
http:
- payloads:

2
http/fuzzing/valid-gmail-check.yaml
View File

@ -8,7 +8,7 @@ info:
- https://github.com/dievus/geeMailUserFinder
metadata:
max-request: 1
tags: brute-force,gmail
tags: bruteforce,gmail
self-contained: true

2
http/fuzzing/waf-fuzz.yaml
View File

@ -11,7 +11,7 @@ info:
cwe-id: CWE-200
metadata:
max-request: 58
tags: fuzzing,waf,tech,brute-force
tags: fuzzing,waf,tech,bruteforce
http:
- raw:

2
http/fuzzing/wordpress-plugins-detect.yaml
View File

@ -6,7 +6,7 @@ info:
severity: info
metadata:
max-request: 98135
tags: fuzzing,brute-force,wordpress
tags: fuzzing,bruteforce,wordpress
http:
- raw:

2
http/fuzzing/wordpress-themes-detect.yaml
View File

@ -6,7 +6,7 @@ info:
severity: info
metadata:
max-request: 24434
tags: brute,wordpress,wp
tags: bruteforce,wordpress,wp
http:
- raw:

2
http/fuzzing/wordpress-weak-credentials.yaml
View File

@ -14,7 +14,7 @@ info:
cwe-id: CWE-1391
metadata:
max-request: 276
tags: wordpress,default-login,brute-force
tags: wordpress,default-login,bruteforce
http:
- raw:

2
http/fuzzing/xff-403-bypass.yaml
View File

@ -7,7 +7,7 @@ info:
description: Template to detect 403 forbidden endpoint bypass behind Nginx/Apache proxy & load balancers, based on X-Forwarded-For header.
metadata:
max-request: 3
tags: fuzzing,brute-force
tags: fuzzing,bruteforce
http:
- raw:

2
http/miscellaneous/defacement-detect.yaml
View File

@ -16,7 +16,7 @@ info:
metadata:
verified: true
max-request: 85
tags: misc,defacement,spam,hacktivism,brute-force
tags: misc,defacement,spam,hacktivism,bruteforce
http:
- method: GET

2
http/miscellaneous/ntlm-directories.yaml
View File

@ -8,7 +8,7 @@ info:
- https://medium.com/swlh/internal-information-disclosure-using-hidden-ntlm-authentication-18de17675666
metadata:
max-request: 47
tags: miscellaneous,misc,brute-force,windows
tags: miscellaneous,misc,bruteforce,windows
http:
- raw:

2
http/misconfiguration/aem/aem-userinfo-servlet.yaml
View File

@ -8,7 +8,7 @@ info:
metadata:
max-request: 1
shodan-query: http.component:"Adobe Experience Manager"
tags: aem,brute-force,misconfig
tags: aem,bruteforce,misconfig
http:
- method: GET

2
http/misconfiguration/gitlab/gitlab-user-enum.yaml
View File

@ -9,7 +9,7 @@ info:
metadata:
max-request: 100
shodan-query: http.title:"GitLab"
tags: gitlab,enum,misconfig,brute-force
tags: gitlab,enum,misconfig,bruteforce
http:
- raw:

2
http/misconfiguration/proxy/open-proxy-internal.yaml
View File

@ -16,7 +16,7 @@ info:
cwe-id: CWE-441
metadata:
max-request: 25
tags: exposure,config,proxy,misconfig,brute-force
tags: exposure,config,proxy,misconfig,bruteforce
http:
- raw:

2
http/misconfiguration/proxy/open-proxy-localhost.yaml
View File

@ -16,7 +16,7 @@ info:
cwe-id: CWE-441
metadata:
max-request: 6
tags: exposure,config,proxy,misconfig,brute-force
tags: exposure,config,proxy,misconfig,bruteforce
http:
- raw:

2
http/misconfiguration/proxy/open-proxy-portscan.yaml
View File

@ -16,7 +16,7 @@ info:
cwe-id: CWE-441
metadata:
max-request: 8
tags: exposure,config,proxy,misconfig,brute-force
tags: exposure,config,proxy,misconfig,bruteforce
http:
- raw:

2
http/technologies/graylog/graylog-api-exposure.yaml
View File

@ -13,7 +13,7 @@ info:
verified: true
max-request: 50
shodan-query: Graylog
tags: tech,graylog,api,swagger,brute-force
tags: tech,graylog,api,swagger,bruteforce
http:
- method: GET

2
http/vulnerabilities/tongda/tongda-auth-bypass.yaml
View File

@ -14,7 +14,7 @@ info:
shodan-query: title:"通达OA"
fofa-query: title="通达OA"
zoomeye-query: app:"通达OA"
tags: tongda,auth-bypass,brute-force
tags: tongda,auth-bypass,bruteforce
http:
- raw:

2
http/vulnerabilities/wordpress/wp-xmlrpc-brute-force.yaml
View File

@ -10,7 +10,7 @@ info:
- https://www.acunetix.com/vulnerabilities/web/wordpress-xml-rpc-authentication-brute-force/
metadata:
max-request: 276
tags: wordpress,php,xmlrpc,brute-force
tags: wordpress,php,xmlrpc,bruteforce
http:
- raw:

2
javascript/cves/2023/CVE-2023-34039.yaml
View File

@ -29,7 +29,7 @@ info:
verified: true
vendor: vmware
product: aria_operations_for_networks
tags: js,packetstorm,cve,cve2019,vmware,aria,rce,brute-force,vrealize
tags: js,packetstorm,cve,cve2019,vmware,aria,rce,bruteforce,vrealize
variables:
keysDir: "helpers/payloads/cve-2023-34039-keys" # load all private keys from this directory

2
javascript/default-logins/ssh-default-logins.yaml
View File

@ -7,7 +7,7 @@ info:
metadata:
max-request: 223
shodan-query: port:1433
tags: js,ssh,default-login,network,brute-force
tags: js,ssh,default-login,network,bruteforce
javascript:
- pre-condition: |

2
network/misconfig/mysql-native-password.yaml
View File

@ -12,7 +12,7 @@ info:
cwe-id: CWE-200
metadata:
max-request: 1
tags: network,mysql,brute-force,db,misconfig
tags: network,mysql,bruteforce,db,misconfig
tcp:
- host:

2
network/misconfig/tidb-native-password.yaml
View File

@ -11,7 +11,7 @@ info:
cwe-id: CWE-200
metadata:
max-request: 1
tags: network,tidb,brute-force,db,misconfig
tags: network,tidb,bruteforce,db,misconfig
tcp:
- host: