commit
82c0bd449a
|
@ -1,7 +1,7 @@
|
|||
id: wordpress-login
|
||||
|
||||
info:
|
||||
name: WordPress login
|
||||
name: WordPress Login Panel
|
||||
author: its0x08
|
||||
severity: info
|
||||
tags: panel,wordpress
|
||||
|
@ -10,6 +10,7 @@ requests:
|
|||
- method: GET
|
||||
path:
|
||||
- "{{BaseURL}}/wp-login.php"
|
||||
|
||||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
|
@ -17,4 +18,5 @@ requests:
|
|||
- "Log In</title>"
|
||||
- '/wp-login.php?action=lostpassword">Lost your password?</a>'
|
||||
- '<form name="loginform" id="loginform" action="{{BaseURL}}/wp-login.php" method="post">'
|
||||
- 'input type="password"'
|
||||
condition: or
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
id: htpasswd
|
||||
id: htpasswd-detection
|
||||
|
||||
info:
|
||||
name: Detect exposed .htpasswd files
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
id: karma-conf-js
|
||||
id: karma-config-js
|
||||
|
||||
info:
|
||||
name: Karma Configuration File Exposure
|
||||
|
|
|
@ -4,6 +4,9 @@ info:
|
|||
name: Pantheon upstream.yml Disclosure
|
||||
author: DhiyaneshDK
|
||||
severity: low
|
||||
description: Public Pantheon YAML Configuration Files might include sensitive info
|
||||
reference:
|
||||
- https://pantheon.io/docs/pantheon-yml
|
||||
metadata:
|
||||
verified: true
|
||||
google-query: intitle:"index of" "pantheon.upstream.yml"
|
||||
|
|
|
@ -5,7 +5,7 @@ info:
|
|||
author: pdteam
|
||||
severity: high
|
||||
reference:
|
||||
- https://github.com/EdOverflow/can-i-take-over-xyz
|
||||
- https://github.com/EdOverflow/can-i-take-over-xyz/issues/170
|
||||
tags: takeover
|
||||
|
||||
requests:
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
id: fortiner-workflow
|
||||
id: fortinet-workflow
|
||||
|
||||
info:
|
||||
name: Fortinet Security Checks
|
||||
|
|
Loading…
Reference in New Issue