daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

more tags update

patch-1
sandeep 2021-04-02 18:40:33 +05:30
parent 1712727d95
commit 8601b2167d
30 changed files with 38 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
exposed-tokens/aws/amazon-mws-auth-token-value.yaml
View File

@ -4,6 +4,7 @@ info:
author: puzzlepeaches
name: "Amazon MWS Auth Token"
severity: medium
tags: token,aws
requests:
- method: GET

1
exposed-tokens/aws/aws-access-key-value.yaml
View File

@ -4,6 +4,7 @@ info:
name: AWS Access Key ID Value
author: Swissky
severity: info
tags: token,aws
requests:
- method: GET

1
exposed-tokens/generic/credentials-disclosure.yaml
View File

@ -15,6 +15,7 @@ info:
author: Sy3Omda
severity: info
description: Look for multiple keys/tokens/passwords in the page response.
tags: token
requests:
- method: GET

6
exposed-tokens/generic/general-tokens.yaml
View File

@ -4,11 +4,7 @@ info:
name: Generic Tokens
author: nadino
severity: info
# Notes:-
# This template requires manual inspection once found valid match.
# Generic token could be anything matching below regex.
# Impact of leaked token depends on validation of leaked token.
tags: token
requests:
- method: GET

6
exposed-tokens/generic/http-username-password.yaml
View File

@ -1,14 +1,10 @@
id: http-username-password
# Extract something like https://username:password@vulnerable.com
info:
name: Http usernamme password
author: nadino
severity: info
# Notes:-
# This template requires manual inspection once found valid match.
tags: token
requests:
- method: GET

5
exposed-tokens/google/fcm-server-key.yaml
View File

@ -4,9 +4,8 @@ info:
name: FCM Server Key
author: Abss (@absshax)
severity: high
# Reference:- https://abss.me/posts/fcm-takeover
# FCM Project Credentials
tags: token,google
reference: https://abss.me/posts/fcm-takeover
requests:
- method: GET

3
exposed-tokens/google/google-api-key.yaml
View File

@ -3,7 +3,8 @@ id: google-api-key
info:
name: Google API Key
author: Swissky
severity: low
severity: info
tags: token,google
requests:
- method: GET

1
exposed-tokens/mailchimp/mailchimp-api-key.yaml
View File

@ -4,6 +4,7 @@ info:
name: Mailchimp API Value
author: puzzlepeaches
severity: medium
tags: token,mailchimp
requests:
- method: GET

1
exposed-tokens/slack/slack-access-token.yaml
View File

@ -7,6 +7,7 @@ info:
name: Slack access token
author: nadino
severity: medium
tags: token,slack
requests:
- method: GET

7
exposures/apis/wadl-api.yaml
View File

@ -5,10 +5,9 @@ info:
author: 0xrudra & manuelbua
severity: info
tags: api
# References:
# - https://github.com/dwisiswant0/wadl-dumper
# - https://www.nopsec.com/leveraging-exposed-wadl-xml-in-burp-suite/
reference: |
- https://github.com/dwisiswant0/wadl-dumper
- https://www.nopsec.com/leveraging-exposed-wadl-xml-in-burp-suite/
requests:
- method: GET

4
exposures/apis/wsdl-api.yaml
View File

@ -5,9 +5,7 @@ info:
author: jarijaas
severity: info
tags: api
# This detects web services that have WSDL (https://www.w3.org/TR/wsdl/)
# For instance, SOAP services, such as: https://docs.microsoft.com/en-us/xamarin/xamarin-forms/data-cloud/web-services/asmx
description: Detects web services that have WSDL (https://www.w3.org/TR/wsdl/)
requests:
- method: GET

1
exposures/files/golang-metrics.yaml → exposures/configs/golang-metrics.yaml
View File

@ -5,6 +5,7 @@ info:
author: dhiyaneshDK
severity: low
reference: https://hackerone.com/reports/1026196
tags: config
requests:
- method: GET

2
exposures/files/server-private-keys.yaml → exposures/configs/server-private-keys.yaml
View File

@ -4,6 +4,8 @@ info:
name: Detect Private SSH and TLS Keys
author: geeknik
severity: high
tags: config
requests:
- method: GET
path:

4
exposures/files/xprober-service.yaml → exposures/configs/xprober-service.yaml
View File

@ -4,8 +4,8 @@ info:
name: X Prober server information leakage
author: pdteam
severity: low
# Source:- https://twitter.com/bugbounty_tips/status/1339984643517423616
tags: config
reference: https://twitter.com/bugbounty_tips/status/1339984643517423616
requests:
- method: GET

1
exposures/files/bower-json.yaml
View File

@ -5,6 +5,7 @@ info:
author: oppsec
severity: info
description: Bower is a package manager which stores packages informations in bower.json file
tags: file
requests:
- method: GET

1
exposures/files/domcfg-page.yaml
View File

@ -4,6 +4,7 @@ info:
author: gevakun
severity: low
reference: https://twitter.com/Wh11teW0lf/status/1295594085445709824
tags: file
requests:
- method: GET

1
exposures/files/drupal-install.yaml
View File

@ -4,6 +4,7 @@ info:
name: Drupal Install
author: NkxxkN
severity: low
tags: file
requests:
- method: GET

1
exposures/files/ds_store.yaml
View File

@ -4,6 +4,7 @@ info:
name: Directory Listing via DS_Store
author: 0w4ys
severity: info
tags: file
requests:
- method: GET

4
exposures/files/exposed-alps-spring.yaml
View File

@ -4,8 +4,8 @@ info:
name: Exposed Spring Data REST Application-Level Profile Semantics (ALPS)
author: dwisiswant0
severity: medium
# https://niemand.com.ar/2021/01/08/exploiting-application-level-profile-semantics-apls-from-spring-data-rest/
tags: file
reference: https://niemand.com.ar/2021/01/08/exploiting-application-level-profile-semantics-apls-from-spring-data-rest/
requests:
- method: GET

2
exposures/files/filezilla.yaml
View File

@ -4,6 +4,8 @@ info:
name: Filezilla
author: amsda
severity: medium
tags: file
requests:
- method: GET
path:

1
exposures/files/keycloak-json.yaml
View File

@ -3,6 +3,7 @@ info:
name: Keycloak Json File
author: oppsec
severity: info
tags: file
requests:
- method: GET

1
exposures/files/lazy-file.yaml
View File

@ -4,6 +4,7 @@ info:
name: Lazy File Manager
author: amsda
severity: medium
tags: file
requests:
- method: GET

1
exposures/files/yarn-lock.yaml
View File

@ -5,6 +5,7 @@ info:
author: oppsec
severity: info
description: yarn.lock is a file which store all exactly versions of each dependency were installed.
tags: file
requests:
- method: GET

2
exposures/logs/elmah-log-file.yaml
View File

@ -4,7 +4,7 @@ info:
name: elmah.axd Disclosure
author: shine
severity: medium
tags: logs
tags: log
requests:
- method: GET

2
exposures/logs/error-logs.yaml
View File

@ -3,7 +3,7 @@ info:
name: common error log files
author: geeknik & daffainfo
severity: low
tags: logs
tags: log
requests:
- method: GET

2
exposures/logs/laravel-log-file.yaml
View File

@ -4,7 +4,7 @@ info:
name: Laravel log file publicly accessible
author: sheikhrishad
severity: low
tags: laravel,logs
tags: laravel,log
requests:
- method: GET

2
exposures/logs/npm-log-file.yaml
View File

@ -4,7 +4,7 @@ info:
name: Publicly accessible NPM Log file
author: sheikhrishad
severity: low
tags: npm,logs
tags: npm,log
requests:
- method: GET

2
exposures/logs/rails-debug-mode.yaml
View File

@ -4,7 +4,7 @@ info:
name: Rails Debug Mode Enabled
author: pd-team
severity: medium
tags: logs,rails
tags: log,rails
requests:
- method: GET

2
exposures/logs/struts-debug-mode.yaml
View File

@ -4,7 +4,7 @@ info:
name: Apache Struts setup in Debug-Mode
author: pd-team
severity: low
tags: logs,struts,apache
tags: log,struts,apache
requests:
- method: GET

2
exposures/logs/trace-axd-detect.yaml
View File

@ -5,7 +5,7 @@ info:
author: dhiyaneshDK
severity: low
reference: https://www.rapid7.com/db/vulnerabilities/spider-asp-dot-net-trace-axd/
tags: logs,asp
tags: log,asp
requests:
- method: GET