From 7c735c7db214013d30618e4abd4c16b427804035 Mon Sep 17 00:00:00 2001
From: pussycat0x <65701233+pussycat0x@users.noreply.github.com>
Date: Mon, 31 Oct 2022 00:27:20 +0530
Subject: [PATCH] Riak Detection

---
 network/detection/riak-detect.yaml | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 network/detection/riak-detect.yaml

diff --git a/network/detection/riak-detect.yaml b/network/detection/riak-detect.yaml
new file mode 100644
index 0000000000..955fdefdf4
--- /dev/null
+++ b/network/detection/riak-detect.yaml
@@ -0,0 +1,30 @@
+id: riak-detect
+
+info:
+  name: Riak Detection
+  author: pussycat0x
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: title:product:"Riak"
+  description: Riak is a distributed NoSQL key-value data store that offers high availability, fault tolerance, operational simplicity, and scalability.
+  tags: network,oss
+
+network:
+  - inputs:
+      - data: 0000000107
+        type: hex
+
+    host:
+      - "{{Hostname}}"
+      - "{{Host}}:8087"
+    read-size: 2048
+
+    matchers:
+     - type: word
+       words:
+         - "riak"
+    extractors:
+      - type: regex
+        regex:
+          - "riak@([0-9.]+)..([0-9.]+([a-z]+[0-9]))"
\ No newline at end of file