Merge pull request #1644 from projectdiscovery/DhiyaneshGeek/master

Dhiyanesh geek/master

exposures/files/shellscripts.yaml

@@ -0,0 +1,49 @@
+id: shellscripts
+
+info:
+  name: Public shellscripts
+  author: panch0r3d
+  severity: low
+  tags: bash,exposure
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/.build.sh"
+      - "{{BaseURL}}/.jenkins.sh"
+      - "{{BaseURL}}/.travis.sh"
+      - "{{BaseURL}}/install.sh"
+      - "{{BaseURL}}/update.sh"
+      - "{{BaseURL}}/config.sh"
+      - "{{BaseURL}}/build.sh"
+      - "{{BaseURL}}/setup.sh"
+      - "{{BaseURL}}/run.sh"
+      - "{{BaseURL}}/backup.sh"
+      - "{{BaseURL}}/compile.sh"
+      - "{{BaseURL}}/env.sh"
+      - "{{BaseURL}}/init.sh"
+      - "{{BaseURL}}/startup.sh"
+      - "{{BaseURL}}/wp-setup.sh"
+      - "{{BaseURL}}/deploy.sh"
+      - "{{BaseURL}}/aws.sh"
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        words:
+          - "application/x-sh"
+          - "text/plain"
+          - "text/x-sh"
+        part: header
+        condition: or
+
+      - type: regex
+        regex:
+          - ".*?bin.*?sh"
+          - ".*?bin.*?bash"
+        part: body
+        condition: or

miscellaneous/apple-app-site-association.yaml

@@ -0,0 +1,36 @@
+id: apple-app-site-association
+
+info:
+  name: Apple app site association for harvesting end points
+  author: panch0r3d
+  severity: info
+  tags: misc
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/.well-known/apple-app-site-association"
+      - "{{BaseURL}}/well-known/apple-app-site-association"
+      - "{{BaseURL}}/apple-app-site-association"
+
+    redirects: true
+    max-redirects: 1
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - 'applinks'
+          - 'appID'
+          - 'paths'
+        part: body
+        condition: and
+
+      - type: word
+        words:
+          - 'application/json'
+        part: header
+
+      - type: status
+        status:
+          - 200

miscellaneous/email-extractor.yaml

@@ -0,0 +1,18 @@
+id: email-extractor
+
+info:
+  name: Email Extractor
+  author: panch0r3d
+  severity: info
+  tags: misc,email
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - "[a-zA-Z0-9-_.]{4,}@[A-Za-z0-9_-]+[.](com|org|net|io|gov|co|co.uk|com.mx|com.br|com.sv|co.cr|com.gt|com.hn|com.ni|com.au|com.cn)"

misconfiguration/artifactory-anonymous-deploy.yaml

@@ -0,0 +1,29 @@
+id: artifactory-anonymous-deploy
+
+info:
+  name: Artifactory anonymous deploy
+  reference: https://www.errno.fr/artifactory/Attacking_Artifactory.html
+  author: panch0r3d
+  severity: high
+  tags: artifactory
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/artifactory/ui/repodata?deploy=true"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - '"repoKey"'
+        part: body
+
+      - type: status
+        status:
+          - 200
+
+      - type: word
+        words:
+          - "application/json"
+        part: header

technologies/firebase-urls.yaml

@@ -0,0 +1,23 @@
+id: firebase-urls
+
+info:
+  name: Google Firebase DB URL Finder
+  description: Find firebaseio urls to check for security permissions
+  author: panch0r3d
+  severity: info
+  tags: tech,firebase,google
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    redirects: true
+    max-redirects: 1
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        regex:
+          - ".*?(f|F)(i|I)(r|R)(e|E)(b|B)(a|A)(s|S)(e|E)(i|I)(o|O)[.](c|C)(o|O)(m|M).*?"
+        part: body