From 3eee418ab55b6b5321dd87e512b0930640933c53 Mon Sep 17 00:00:00 2001 From: daffainfo Date: Fri, 29 Oct 2021 18:24:17 +0700 Subject: [PATCH 01/12] Add 10 token-spray templates --- token-spray/api-abuseipdb.yaml | 27 +++++++++++++++++++++++++++ token-spray/api-alienvault.yaml | 22 ++++++++++++++++++++++ token-spray/api-aniapi.yaml | 22 ++++++++++++++++++++++ token-spray/api-dribbble.yaml | 20 ++++++++++++++++++++ token-spray/api-europeana.yaml | 20 ++++++++++++++++++++ token-spray/api-iucn.yaml | 21 +++++++++++++++++++++ token-spray/api-myanimelist.yaml | 22 ++++++++++++++++++++++ token-spray/api-rijksmuseum.yaml | 20 ++++++++++++++++++++ token-spray/api-urlscan.yaml | 23 +++++++++++++++++++++++ token-spray/api-virustotal.yaml | 25 +++++++++++++++++++++++++ 10 files changed, 222 insertions(+) create mode 100644 token-spray/api-abuseipdb.yaml create mode 100644 token-spray/api-alienvault.yaml create mode 100644 token-spray/api-aniapi.yaml create mode 100644 token-spray/api-dribbble.yaml create mode 100644 token-spray/api-europeana.yaml create mode 100644 token-spray/api-iucn.yaml create mode 100644 token-spray/api-myanimelist.yaml create mode 100644 token-spray/api-rijksmuseum.yaml create mode 100644 token-spray/api-urlscan.yaml create mode 100644 token-spray/api-virustotal.yaml diff --git a/token-spray/api-abuseipdb.yaml b/token-spray/api-abuseipdb.yaml new file mode 100644 index 0000000000..42fffb3d24 --- /dev/null +++ b/token-spray/api-abuseipdb.yaml @@ -0,0 +1,27 @@ +id: api-abuseipdb + +info: + name: AbuseIPDB API Test + author: daffainfo + reference: https://docs.abuseipdb.com/ + severity: info + tags: token-spray,abuseipdb + +self-contained: true +requests: + - raw: + - | + POST /api/v2/report HTTP/1.1 + Host: api.abuseipdb.com + Key: {{token}} + Accept: application/json + Content-Type: application/x-www-form-urlencoded + Content-Length: 16 + + ip=127.0.0.1&categories=18,22&comment=SSH%20login%20attempts%20with%20user%20root. + + matchers: + - type: status + negative: true + status: + - 401 diff --git a/token-spray/api-alienvault.yaml b/token-spray/api-alienvault.yaml new file mode 100644 index 0000000000..a6ba0b4e34 --- /dev/null +++ b/token-spray/api-alienvault.yaml @@ -0,0 +1,22 @@ +id: api-alienvault + +info: + name: AlienVault Open Threat Exchange (OTX) API Test + author: daffainfo + reference: https://otx.alienvault.com/api + severity: info + tags: token-spray,alienvault + +self-contained: true +requests: + - raw: + - | + GET /api/v1/pulses/subscribed?page=1 HTTP/1.1 + Host: otx.alienvault.com + X-OTX-API-KEY: {{token}} + + matchers: + - type: status + negative: true + status: + - 403 diff --git a/token-spray/api-aniapi.yaml b/token-spray/api-aniapi.yaml new file mode 100644 index 0000000000..0585acbdf4 --- /dev/null +++ b/token-spray/api-aniapi.yaml @@ -0,0 +1,22 @@ +id: api-aniapi + +info: + name: AniAPI API Test + author: daffainfo + reference: https://aniapi.com/docs/authentication + severity: info + tags: token-spray,aniapi + +self-contained: true +requests: + - method: GET + path: + - "https://api.aniapi.com/v1/auth/me" + headers: + Authorization: Bearer {{token}} + + matchers: + - type: status + negative: true + status: + - 401 diff --git a/token-spray/api-dribbble.yaml b/token-spray/api-dribbble.yaml new file mode 100644 index 0000000000..1de5e8ff1c --- /dev/null +++ b/token-spray/api-dribbble.yaml @@ -0,0 +1,20 @@ +id: api-dribbble + +info: + name: Dribbble API Test + author: daffainfo + reference: https://developer.dribbble.com/v2/ + severity: info + tags: token-spray,dribbble + +self-contained: true +requests: + - method: GET + path: + - "https://api.dribbble.com/v2/user?access_token={{token}}" + + matchers: + - type: status + negative: true + status: + - 401 diff --git a/token-spray/api-europeana.yaml b/token-spray/api-europeana.yaml new file mode 100644 index 0000000000..3ec7e7be6e --- /dev/null +++ b/token-spray/api-europeana.yaml @@ -0,0 +1,20 @@ +id: api-europeana + +info: + name: Europeana API Test + author: daffainfo + reference: https://pro.europeana.eu/page/search + severity: info + tags: token-spray,europeana + +self-contained: true +requests: + - method: GET + path: + - "https://api.europeana.eu/record/v2/search.json?wskey={{token}}&query=*&rows=0&profile=facets" + + matchers: + - type: status + negative: true + status: + - 401 diff --git a/token-spray/api-iucn.yaml b/token-spray/api-iucn.yaml new file mode 100644 index 0000000000..5c8273e3c9 --- /dev/null +++ b/token-spray/api-iucn.yaml @@ -0,0 +1,21 @@ +id: api-iucn + +info: + name: IUCN API Test + author: daffainfo + reference: http://apiv3.iucnredlist.org/api/v3/docs + severity: info + tags: token-spray,iucn + +self-contained: true +requests: + - method: GET + path: + - "http://apiv3.iucnredlist.org/api/v3/country/list?token={{token}}" + + matchers: + - type: word + part: body + words: + - "Token not valid!" + negative: true diff --git a/token-spray/api-myanimelist.yaml b/token-spray/api-myanimelist.yaml new file mode 100644 index 0000000000..369fb7912f --- /dev/null +++ b/token-spray/api-myanimelist.yaml @@ -0,0 +1,22 @@ +id: api-myanimelist + +info: + name: MyAnimeList API Test + author: daffainfo + reference: https://myanimelist.net/apiconfig/references/api/v2 + severity: info + tags: token-spray,myanimelist + +self-contained: true +requests: + - method: GET + path: + - "https://api.myanimelist.net/v2/anime?q=one&limit=4" + headers: + Authorization: Bearer {{token}} + + matchers: + - type: status + negative: true + status: + - 401 diff --git a/token-spray/api-rijksmuseum.yaml b/token-spray/api-rijksmuseum.yaml new file mode 100644 index 0000000000..2687ae3662 --- /dev/null +++ b/token-spray/api-rijksmuseum.yaml @@ -0,0 +1,20 @@ +id: api-rijksmuseum + +info: + name: Rijksmuseum API Test + author: daffainfo + reference: https://data.rijksmuseum.nl/user-generated-content/api/ + severity: info + tags: token-spray,rijksmuseum + +self-contained: true +requests: + - method: GET + path: + - "https://www.rijksmuseum.nl/api/nl/usersets?key={{token}}&format=json&page=2" + + matchers: + - type: status + negative: true + status: + - 403 diff --git a/token-spray/api-urlscan.yaml b/token-spray/api-urlscan.yaml new file mode 100644 index 0000000000..06c1807fbd --- /dev/null +++ b/token-spray/api-urlscan.yaml @@ -0,0 +1,23 @@ +id: api-urlscan + +info: + name: URLScan API Test + author: daffainfo + reference: https://urlscan.io/docs/api/ + severity: info + tags: token-spray,urlscan + +self-contained: true +requests: + - raw: + - | + GET /user/quotas/ HTTP/1.1 + Host: urlscan.io + Content-Type: application/json + API-Key: {{token}} + + matchers: + - type: status + negative: true + status: + - 401 diff --git a/token-spray/api-virustotal.yaml b/token-spray/api-virustotal.yaml new file mode 100644 index 0000000000..dbd7de539c --- /dev/null +++ b/token-spray/api-virustotal.yaml @@ -0,0 +1,25 @@ +id: api-virustotal + +info: + name: VirusTotal API Test + author: daffainfo + reference: https://developers.virustotal.com/reference#getting-started + severity: info + tags: token-spray,virustotal + +self-contained: true +requests: + - raw: + - | + POST /vtapi/v2/url/scan HTTP/1.1 + Host: www.virustotal.com + Content-Type: application/x-www-form-urlencoded + Content-Length: 86 + + apikey={{token}}&url=google.com + + matchers: + - type: status + negative: true + status: + - 403 From ab2d7dc20bcbb25637160b5691e7e91195180ec4 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 29 Oct 2021 18:58:12 +0530 Subject: [PATCH 02/12] Update api-virustotal.yaml --- token-spray/api-virustotal.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/token-spray/api-virustotal.yaml b/token-spray/api-virustotal.yaml index dbd7de539c..b57c6231db 100644 --- a/token-spray/api-virustotal.yaml +++ b/token-spray/api-virustotal.yaml @@ -3,8 +3,8 @@ id: api-virustotal info: name: VirusTotal API Test author: daffainfo - reference: https://developers.virustotal.com/reference#getting-started severity: info + reference: https://developers.virustotal.com/reference#getting-started tags: token-spray,virustotal self-contained: true From f7a25e19e7f1727d0db4533da458cd2ef3b3c690 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 29 Oct 2021 22:33:59 +0530 Subject: [PATCH 03/12] Update api-abuseipdb.yaml --- token-spray/api-abuseipdb.yaml | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/token-spray/api-abuseipdb.yaml b/token-spray/api-abuseipdb.yaml index 42fffb3d24..9cf4dddf31 100644 --- a/token-spray/api-abuseipdb.yaml +++ b/token-spray/api-abuseipdb.yaml @@ -3,15 +3,15 @@ id: api-abuseipdb info: name: AbuseIPDB API Test author: daffainfo - reference: https://docs.abuseipdb.com/ severity: info + reference: https://docs.abuseipdb.com/ tags: token-spray,abuseipdb self-contained: true requests: - raw: - | - POST /api/v2/report HTTP/1.1 + POST https://api.abuseipdb.com/api/v2/report HTTP/1.1 Host: api.abuseipdb.com Key: {{token}} Accept: application/json @@ -21,7 +21,9 @@ requests: ip=127.0.0.1&categories=18,22&comment=SSH%20login%20attempts%20with%20user%20root. matchers: - - type: status - negative: true - status: - - 401 + - type: word + part: body + words: + - 'data":' + - 'ipAddress":' + condition: and From 25ab9d8d85334f7e4fc638dc5f7be314f1cdcc7f Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 29 Oct 2021 22:36:39 +0530 Subject: [PATCH 04/12] Update api-alienvault.yaml --- token-spray/api-alienvault.yaml | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/token-spray/api-alienvault.yaml b/token-spray/api-alienvault.yaml index a6ba0b4e34..a51c6edc4c 100644 --- a/token-spray/api-alienvault.yaml +++ b/token-spray/api-alienvault.yaml @@ -3,20 +3,22 @@ id: api-alienvault info: name: AlienVault Open Threat Exchange (OTX) API Test author: daffainfo - reference: https://otx.alienvault.com/api severity: info + reference: https://otx.alienvault.com/api tags: token-spray,alienvault self-contained: true requests: - raw: - | - GET /api/v1/pulses/subscribed?page=1 HTTP/1.1 + GET https://otx.alienvault.com/api/v1/pulses/subscribed?page=1 HTTP/1.1 Host: otx.alienvault.com X-OTX-API-KEY: {{token}} matchers: - - type: status - negative: true - status: - - 403 + - type: word + part: body + words: + - '"$schema":' + - '"properties":' + condition: and From ec96f559b534883530730613e3536654c843895b Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 29 Oct 2021 22:48:54 +0530 Subject: [PATCH 05/12] Update api-aniapi.yaml --- token-spray/api-aniapi.yaml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/token-spray/api-aniapi.yaml b/token-spray/api-aniapi.yaml index 0585acbdf4..3b5f81a6e5 100644 --- a/token-spray/api-aniapi.yaml +++ b/token-spray/api-aniapi.yaml @@ -3,8 +3,8 @@ id: api-aniapi info: name: AniAPI API Test author: daffainfo - reference: https://aniapi.com/docs/authentication severity: info + reference: https://aniapi.com/docs/authentication tags: token-spray,aniapi self-contained: true @@ -16,7 +16,9 @@ requests: Authorization: Bearer {{token}} matchers: - - type: status - negative: true - status: - - 401 + - type: word + part: body + words: + - '"username":' + - '"data":' + condition: and From e47c2e8951c6b7d3566b34f669bac067015d9263 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 29 Oct 2021 22:50:22 +0530 Subject: [PATCH 06/12] Update api-dribbble.yaml --- token-spray/api-dribbble.yaml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/token-spray/api-dribbble.yaml b/token-spray/api-dribbble.yaml index 1de5e8ff1c..147b3c2b72 100644 --- a/token-spray/api-dribbble.yaml +++ b/token-spray/api-dribbble.yaml @@ -3,8 +3,8 @@ id: api-dribbble info: name: Dribbble API Test author: daffainfo - reference: https://developer.dribbble.com/v2/ severity: info + reference: https://developer.dribbble.com/v2/ tags: token-spray,dribbble self-contained: true @@ -15,6 +15,5 @@ requests: matchers: - type: status - negative: true status: - - 401 + - 200 From 50793e70c1566334e3fdfa9b76686a4a88d18fed Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 29 Oct 2021 22:51:53 +0530 Subject: [PATCH 07/12] Update api-europeana.yaml --- token-spray/api-europeana.yaml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/token-spray/api-europeana.yaml b/token-spray/api-europeana.yaml index 3ec7e7be6e..69c55b1560 100644 --- a/token-spray/api-europeana.yaml +++ b/token-spray/api-europeana.yaml @@ -3,8 +3,8 @@ id: api-europeana info: name: Europeana API Test author: daffainfo - reference: https://pro.europeana.eu/page/search severity: info + reference: https://pro.europeana.eu/page/search tags: token-spray,europeana self-contained: true @@ -15,6 +15,5 @@ requests: matchers: - type: status - negative: true status: - - 401 + - 200 From bb84057623e50f1060c4ff67cc9e9c60b7fdf322 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 29 Oct 2021 22:55:59 +0530 Subject: [PATCH 08/12] Update api-iucn.yaml --- token-spray/api-iucn.yaml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/token-spray/api-iucn.yaml b/token-spray/api-iucn.yaml index 5c8273e3c9..878b4839ed 100644 --- a/token-spray/api-iucn.yaml +++ b/token-spray/api-iucn.yaml @@ -3,8 +3,8 @@ id: api-iucn info: name: IUCN API Test author: daffainfo - reference: http://apiv3.iucnredlist.org/api/v3/docs severity: info + reference: http://apiv3.iucnredlist.org/api/v3/docs tags: token-spray,iucn self-contained: true @@ -17,5 +17,7 @@ requests: - type: word part: body words: - - "Token not valid!" - negative: true + - 'taxonid' + - 'scientific_name' + - 'subspecies' + condition: and From 61b0cecb32cd1573c24c73676e03c3d6e86b8d92 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 29 Oct 2021 22:58:18 +0530 Subject: [PATCH 09/12] Update api-myanimelist.yaml --- token-spray/api-myanimelist.yaml | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/token-spray/api-myanimelist.yaml b/token-spray/api-myanimelist.yaml index 369fb7912f..498cffa893 100644 --- a/token-spray/api-myanimelist.yaml +++ b/token-spray/api-myanimelist.yaml @@ -3,8 +3,8 @@ id: api-myanimelist info: name: MyAnimeList API Test author: daffainfo - reference: https://myanimelist.net/apiconfig/references/api/v2 severity: info + reference: https://myanimelist.net/apiconfig/references/api/v2 tags: token-spray,myanimelist self-contained: true @@ -16,7 +16,10 @@ requests: Authorization: Bearer {{token}} matchers: - - type: status - negative: true - status: - - 401 + - type: word + part: body + words: + - '"data":' + - '"paging":' + - '"next":' + condition: and From 998ca11493e3025f24e2116b8f4a18ebc4641562 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 29 Oct 2021 23:00:29 +0530 Subject: [PATCH 10/12] Update api-rijksmuseum.yaml --- token-spray/api-rijksmuseum.yaml | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/token-spray/api-rijksmuseum.yaml b/token-spray/api-rijksmuseum.yaml index 2687ae3662..20da90151a 100644 --- a/token-spray/api-rijksmuseum.yaml +++ b/token-spray/api-rijksmuseum.yaml @@ -3,8 +3,8 @@ id: api-rijksmuseum info: name: Rijksmuseum API Test author: daffainfo - reference: https://data.rijksmuseum.nl/user-generated-content/api/ severity: info + reference: https://data.rijksmuseum.nl/user-generated-content/api/ tags: token-spray,rijksmuseum self-contained: true @@ -14,7 +14,10 @@ requests: - "https://www.rijksmuseum.nl/api/nl/usersets?key={{token}}&format=json&page=2" matchers: - - type: status - negative: true - status: - - 403 + - type: word + part: body + words: + - '"count":' + - '"userSets":' + - '"user":' + condition: and From 423b12a7ad919c1eb84b535dfded5c05020de81f Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 29 Oct 2021 23:07:20 +0530 Subject: [PATCH 11/12] Update api-urlscan.yaml --- token-spray/api-urlscan.yaml | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/token-spray/api-urlscan.yaml b/token-spray/api-urlscan.yaml index 06c1807fbd..4baa2bec8b 100644 --- a/token-spray/api-urlscan.yaml +++ b/token-spray/api-urlscan.yaml @@ -3,21 +3,24 @@ id: api-urlscan info: name: URLScan API Test author: daffainfo - reference: https://urlscan.io/docs/api/ severity: info + reference: https://urlscan.io/docs/api/ tags: token-spray,urlscan self-contained: true requests: - raw: - | - GET /user/quotas/ HTTP/1.1 + GET https://urlscan.io/user/quotas/ HTTP/1.1 Host: urlscan.io Content-Type: application/json API-Key: {{token}} matchers: - - type: status - negative: true - status: - - 401 + - type: word + part: body + words: + - 'X-Rate-Limit-Scope:' + - 'X-Rate-Limit-Limit:' + - 'X-Rate-Limit-Remaining:' + condition: and From 99d42448d3bca3e15e7db6e9f8653586656eee48 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 29 Oct 2021 23:16:10 +0530 Subject: [PATCH 12/12] Update api-virustotal.yaml --- token-spray/api-virustotal.yaml | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/token-spray/api-virustotal.yaml b/token-spray/api-virustotal.yaml index b57c6231db..b546d99833 100644 --- a/token-spray/api-virustotal.yaml +++ b/token-spray/api-virustotal.yaml @@ -11,7 +11,7 @@ self-contained: true requests: - raw: - | - POST /vtapi/v2/url/scan HTTP/1.1 + POST https://www.virustotal.com/vtapi/v2/url/scan HTTP/1.1 Host: www.virustotal.com Content-Type: application/x-www-form-urlencoded Content-Length: 86 @@ -19,7 +19,10 @@ requests: apikey={{token}}&url=google.com matchers: - - type: status - negative: true - status: - - 403 + - type: word + part: body + words: + - "'verbose_msg':" + - "'scan_date':" + - "'permalink':" + condition: and