moving apache templates to apache directory

misconfiguration/apache/apache-filename-enum.yaml

@@ -1,13 +1,14 @@
-id: apache-filename-brute-force
+id: apache-filename-enum
+
 info:
-  name: Apache Filename Brute Force
+  name: Apache Filename Enumeration
   author: geeknik
   description: If the client provides an invalid Accept header, the server will respond with a 406 Not Acceptable error containing a pseudo directory listing.
   reference:
     - https://hackerone.com/reports/210238
     - https://www.acunetix.com/vulnerabilities/web/apache-mod_negotiation-filename-bruteforcing/
   severity: low
-  tags: apache
+  tags: apache,misconfig
 
 requests:
   - method: GET

misconfiguration/apache/apache-hbase-unauth.yaml

@@ -4,7 +4,7 @@ info:
   name: Apache Hbase Unauth
   author: pikpikcu
   severity: medium
-  tags: apache,unauth
+  tags: apache,unauth,misconfig
 
 requests:
   - method: GET

misconfiguration/apache/apache-storm-unauth.yaml

@@ -4,7 +4,7 @@ info:
   name: Apache Storm Unauth
   author: pikpikcu
   severity: medium
-  tags: apache,unauth
+  tags: apache,unauth,misconfig
 
 requests:
   - method: GET
@@ -15,13 +15,15 @@ requests:
     matchers:
 
       - type: word
+        part: body
         words:
-          - '\"totalMem\":'
+          - '"totalMem":'
-          - '\"stormVersion\":'
+          - '"stormVersion":'
+
       - type: word
+        part: header
         words:
           - 'text/plain'
-        part: header
 
       - type: status
         status:

misconfiguration/apache/apache-tomcat-snoop.yaml

@@ -6,7 +6,7 @@ info:
   severity: low
   description: The following example scripts that come with Apache Tomcat v4.x - v7.x and can be used by attackers to gain information about the system. These scripts are also known to be vulnerable to cross site scripting (XSS) injection.
   reference: https://www.rapid7.com/db/vulnerabilities/apache-tomcat-example-leaks
-  tags: apache
+  tags: apache,misconfig
 
 requests:
   - method: GET