javascript, token spray, headless, file tagging improvements and consistency

2023-12-12 16:25:50 -07:00 · 2023-12-12 16:25:50 -07:00 · 8b10d8c44a
parent 0f1b89d3f5
commit 8b10d8c44a
111 changed files with 141 additions and 37 deletions
--- a/dns/elasticbeanstalk-takeover.yaml
+++ b/dns/elasticbeanstalk-takeover.yaml
@ -24,7 +24,7 @@ info:
      For example:
      CNAME - 2rs3c.eu-west-1.elasticbeanstalk.com
      Command - aws elasticbeanstalk check-dns-availability --region eu-west-1 --cname-prefix 2rs3c
-  tags: dns,takeover,aws
+  tags: dns,takeover,aws,elasticbeanstalk
 dns:
  - name: "{{FQDN}}"
--- a/file/android/adb-backup-enabled.yaml
+++ b/file/android/adb-backup-enabled.yaml
@ -10,7 +10,8 @@ info:
    - https://adb-backup.com/
  classification:
    cwe-id: CWE-200
-  tags: android,file
+  tags: android,file,adb
 file:
  - extensions:
      - all
--- a/file/android/biometric-detect.yaml
+++ b/file/android/biometric-detect.yaml
@ -9,7 +9,8 @@ info:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0
    cwe-id: CWE-200
-  tags: android,file
+  tags: android,file,biometric
 file:
  - extensions:
      - all
--- a/file/android/certificate-validation.yaml
+++ b/file/android/certificate-validation.yaml
@ -10,6 +10,7 @@ info:
    cvss-score: 5.3
    cwe-id: CWE-200
  tags: android,file
 file:
  - extensions:
      - all
--- a/file/android/content-scheme.yaml
+++ b/file/android/content-scheme.yaml
@ -10,6 +10,7 @@ info:
    cvss-score: 0
    cwe-id: CWE-200
  tags: android,file
 file:
  - extensions:
      - xml
--- a/file/android/debug-enabled.yaml
+++ b/file/android/debug-enabled.yaml
@ -6,6 +6,7 @@ info:
  severity: low
  description: Android debug enabling was detected.
  tags: android,file
 file:
  - extensions:
      - all
--- a/file/android/deep-link-detect.yaml
+++ b/file/android/deep-link-detect.yaml
@ -16,6 +16,7 @@ info:
  metadata:
    verified: true
  tags: android,file,deeplink
 file:
  - extensions:
      - xml
--- a/file/android/dynamic-broadcast-receiver.yaml
+++ b/file/android/dynamic-broadcast-receiver.yaml
@ -10,6 +10,7 @@ info:
    cvss-score: 0
    cwe-id: CWE-200
  tags: android,file
 file:
  - extensions:
      - all
--- a/file/android/file-scheme.yaml
+++ b/file/android/file-scheme.yaml
@ -10,6 +10,7 @@ info:
    cvss-score: 0
    cwe-id: CWE-200
  tags: android,file
 file:
  - extensions:
      - xml
--- a/file/android/google-storage-bucket.yaml
+++ b/file/android/google-storage-bucket.yaml
@ -8,6 +8,7 @@ info:
    verified: "true"
    github-query: "/[a-z0-9.-]+\\.appspot\\.com/"
  tags: file,android,google
 file:
  - extensions:
      - all
--- a/file/android/provider-path.yaml
+++ b/file/android/provider-path.yaml
@ -10,6 +10,7 @@ info:
    cvss-score: 5.3
    cwe-id: CWE-200
  tags: android,file
 file:
  - extensions:
      - all
--- a/file/android/webview-addjavascript-interface.yaml
+++ b/file/android/webview-addjavascript-interface.yaml
@ -9,7 +9,8 @@ info:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cwe-id: CWE-200
-  tags: android,file
+  tags: android,file,webview
 file:
  - extensions:
      - all
--- a/file/android/webview-javascript.yaml
+++ b/file/android/webview-javascript.yaml
@ -9,7 +9,8 @@ info:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0
    cwe-id: CWE-200
-  tags: android,file,javascript
+  tags: android,file,js,webview
 file:
  - extensions:
      - all
--- a/file/android/webview-load-url.yaml
+++ b/file/android/webview-load-url.yaml
@ -9,7 +9,8 @@ info:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0
    cwe-id: CWE-200
-  tags: android,file
+  tags: android,file,webview
 file:
  - extensions:
      - all
--- a/file/android/webview-universal-access.yaml
+++ b/file/android/webview-universal-access.yaml
@ -9,7 +9,8 @@ info:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cwe-id: CWE-200
-  tags: android,file
+  tags: android,file,webview
 file:
  - extensions:
      - all
--- a/file/audit/cisco/configure-aaa-service.yaml
+++ b/file/audit/cisco/configure-aaa-service.yaml
@ -13,6 +13,7 @@ info:
    cvss-score: 0
    cwe-id: CWE-200
  tags: cisco,config-audit,cisco-switch,file,router
 file:
  - extensions:
      - conf
--- a/file/audit/cisco/configure-service-timestamps-debug.yaml
+++ b/file/audit/cisco/configure-service-timestamps-debug.yaml
@ -13,6 +13,7 @@ info:
    cvss-score: 0
    cwe-id: CWE-200
  tags: cisco,config-audit,cisco-switch,file,router
 file:
  - extensions:
      - conf
--- a/file/audit/cisco/configure-service-timestamps-logmessages.yaml
+++ b/file/audit/cisco/configure-service-timestamps-logmessages.yaml
@ -13,6 +13,7 @@ info:
    cvss-score: 0
    cwe-id: CWE-200
  tags: cisco,config-audit,cisco-switch,file,router
 file:
  - extensions:
      - conf
--- a/file/audit/cisco/disable-ip-source-route.yaml
+++ b/file/audit/cisco/disable-ip-source-route.yaml
@ -14,6 +14,7 @@ info:
    cvss-score: 0
    cwe-id: CWE-200
  tags: cisco,config-audit,cisco-switch,file,router
 file:
  - extensions:
      - conf
--- a/file/audit/cisco/disable-pad-service.yaml
+++ b/file/audit/cisco/disable-pad-service.yaml
@ -13,6 +13,7 @@ info:
    cvss-score: 0
    cwe-id: CWE-200
  tags: cisco,config-audit,cisco-switch,file,router
 file:
  - extensions:
      - conf
--- a/file/audit/cisco/enable-secret-for-password-user-and-.yaml
+++ b/file/audit/cisco/enable-secret-for-password-user-and-.yaml
@ -9,6 +9,7 @@ info:
  reference:
    - https://www.cisco.com/E-Learning/bulk/public/tac/cim/cib/using_cisco_ios_software/cmdrefs/service_timestamps.htm
  tags: cisco,config-audit,cisco-switch,file,router
 file:
  - extensions:
      - conf
--- a/file/audit/cisco/logging-enable.yaml
+++ b/file/audit/cisco/logging-enable.yaml
@ -13,6 +13,7 @@ info:
    cvss-score: 0
    cwe-id: CWE-200
  tags: cisco,config-audit,cisco-switch,file
 file:
  - extensions:
      - conf
--- a/file/audit/cisco/set-and-secure-passwords.yaml
+++ b/file/audit/cisco/set-and-secure-passwords.yaml
@ -13,6 +13,7 @@ info:
    cvss-score: 0
    cwe-id: CWE-200
  tags: cisco,config-audit,cisco-switch,file
 file:
  - extensions:
      - conf
--- a/file/audit/fortigate/auto-usb-install.yaml
+++ b/file/audit/fortigate/auto-usb-install.yaml
@ -11,6 +11,7 @@ info:
    cvss-score: 0
    cwe-id: CWE-200
  tags: audit,config,file,firewall,fortigate
 file:
  - extensions:
      - conf
--- a/file/audit/fortigate/heuristic-scan.yaml
+++ b/file/audit/fortigate/heuristic-scan.yaml
@ -12,6 +12,7 @@ info:
    cvss-score: 0
    cwe-id: CWE-200
  tags: audit,config,file,firewall,fortigate
 file:
  - extensions:
      - conf
--- a/file/audit/fortigate/inactivity-timeout.yaml
+++ b/file/audit/fortigate/inactivity-timeout.yaml
@ -11,6 +11,7 @@ info:
    cvss-score: 0
    cwe-id: CWE-200
  tags: audit,config,file,firewall,fortigate
 file:
  - extensions:
      - conf
--- a/file/audit/fortigate/maintainer-account.yaml
+++ b/file/audit/fortigate/maintainer-account.yaml
@ -11,6 +11,7 @@ info:
    cvss-score: 0
    cwe-id: CWE-200
  tags: audit,config,file,firewall,fortigate
 file:
  - extensions:
      - conf
--- a/file/audit/fortigate/password-policy.yaml
+++ b/file/audit/fortigate/password-policy.yaml
@ -11,6 +11,7 @@ info:
    cvss-score: 0
    cwe-id: CWE-200
  tags: fortigate,config,audit,file,firewall
 file:
  - extensions:
      - conf
--- a/file/audit/fortigate/remote-auth-timeout.yaml
+++ b/file/audit/fortigate/remote-auth-timeout.yaml
@ -12,6 +12,7 @@ info:
    cvss-score: 0
    cwe-id: CWE-200
  tags: audit,config,file,firewall,fortigate
 file:
  - extensions:
      - conf
--- a/file/audit/fortigate/scp-admin.yaml
+++ b/file/audit/fortigate/scp-admin.yaml
@ -11,6 +11,7 @@ info:
    cvss-score: 0
    cwe-id: CWE-200
  tags: audit,config,file,firewall,fortigate
 file:
  - extensions:
      - conf
--- a/file/audit/fortigate/strong-ciphers.yaml
+++ b/file/audit/fortigate/strong-ciphers.yaml
@ -7,6 +7,7 @@ info:
  description: Weak Ciphers can be broken by an attacker in a local network and can perform attacks like Blowfish.
  reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
  tags: audit,config,file,firewall,fortigate
 file:
  - extensions:
      - conf
--- a/file/audit/pfsense/configure-dns-server.yaml
+++ b/file/audit/pfsense/configure-dns-server.yaml
@ -15,6 +15,7 @@ info:
  metadata:
    verified: true
  tags: firewall,config,audit,pfsense,file
 file:
  - extensions:
      - xml
--- a/file/audit/pfsense/configure-session-timeout.yaml
+++ b/file/audit/pfsense/configure-session-timeout.yaml
@ -1,7 +1,7 @@
 id: configure-session-timeout
 info:
-  name: PfSence Configure Sessions Timeout Not Set - Detect
+  name: PfSense Configure Sessions Timeout Not Set - Detect
  author: pussycat0x
  severity: info
  description: |
@ -15,6 +15,7 @@ info:
  metadata:
    verified: true
  tags: firewall,config,audit,pfsense,file
 file:
  - extensions:
      - xml
--- a/file/audit/pfsense/enable-https-protocol.yaml
+++ b/file/audit/pfsense/enable-https-protocol.yaml
@ -1,11 +1,11 @@
 id: enable-https-protocol
 info:
-  name: Pfsence Web Admin Management Portal HTTPS Not Set   - Detect
+  name: Pfsense Web Admin Management Portal HTTPS Not Set   - Detect
  author: pussycat0x
  severity: info
  description: |
-    PfSence Web Admin Management Portal is recommended to be accessible using only HTTPS protocol. HTTP transmits all data, including passwords, in clear text over the network and provides no assurance of the identity of the hosts involved, making it possible for an attacker to obtain sensitive information, modify data, and/or execute unauthorized operations.
+    PfSense Web Admin Management Portal is recommended to be accessible using only HTTPS protocol. HTTP transmits all data, including passwords, in clear text over the network and provides no assurance of the identity of the hosts involved, making it possible for an attacker to obtain sensitive information, modify data, and/or execute unauthorized operations.
  reference: |
    https://docs.netgate.com/pfsense/en/latest/config/advanced-admin.html
  classification:
@ -15,6 +15,7 @@ info:
  metadata:
    verified: true
  tags: firewall,config,audit,pfsense,file
 file:
  - extensions:
      - xml
--- a/file/audit/pfsense/known-default-account.yaml
+++ b/file/audit/pfsense/known-default-account.yaml
@ -1,11 +1,11 @@
 id: known-default-account
 info:
-  name: PfSence Known Default Account - Detect
+  name: PfSense Known Default Account - Detect
  author: pussycat0x
  severity: info
  description: |
-    PfSence configured known default accounts are recommended to be deleted. In order to attempt access to known devices' platforms, an attacker can use the available database of the known default accounts for each platform or operating system. Known default accounts are often, but not limited to, 'admin'.
+    PfSense configured known default accounts are recommended to be deleted. In order to attempt access to known devices' platforms, an attacker can use the available database of the known default accounts for each platform or operating system. Known default accounts are often, but not limited to, 'admin'.
  reference: |
    - https://docs.netgate.com/pfsense/en/latest/usermanager/defaults.html
  classification:
@ -13,6 +13,7 @@ info:
    cvss-score: 0
    cwe-id: CWE-200
  tags: audit,config,file,firewall,pfsense
 file:
  - extensions:
      - xml
--- a/file/audit/pfsense/password-protected-consolemenu.yaml
+++ b/file/audit/pfsense/password-protected-consolemenu.yaml
@ -1,11 +1,11 @@
 id: password-protected-consolemenu
 info:
-  name: PfSence Consolemenu Password Protection Not Implememnted - Detect
+  name: PfSense Consolemenu Password Protection Not Implememnted - Detect
  author: pussycat0x
  severity: info
  description: |
-    PfSence password protection via the Console Menu is recommended to be configured. An unattended computer with an open Console Menu session can allow an unauthorized user access to the firewall management.
+    PfSense password protection via the Console Menu is recommended to be configured. An unattended computer with an open Console Menu session can allow an unauthorized user access to the firewall management.
  reference: |
    https://docs.netgate.com/pfsense/en/latest/config/advanced-admin.html
  classification:
@ -15,6 +15,7 @@ info:
  metadata:
    verified: true
  tags: firewall,config,audit,pfsense,file
 file:
  - extensions:
      - xml
--- a/file/audit/pfsense/set-hostname.yaml
+++ b/file/audit/pfsense/set-hostname.yaml
@ -1,11 +1,11 @@
 id: set-hostname
 info:
-  name: PfSence Hostname Not Set - Detect
+  name: PfSense Hostname Not Set - Detect
  author: pussycat0x
  severity: info
  description: |
-    PfSence Hostname should be set so that other devices on the network can correctly identify it. The hostname is a unique identifier for the device.
+    PfSense Hostname should be set so that other devices on the network can correctly identify it. The hostname is a unique identifier for the device.
  reference: |
    https://docs.netgate.com/pfsense/en/latest/config/general.html
  classification:
@ -13,6 +13,7 @@ info:
    cvss-score: 0
    cwe-id: CWE-200
  tags: firewall,config,audit,pfsense,file
 file:
  - extensions:
      - xml
--- a/file/bash/bash-scanner.yaml
+++ b/file/bash/bash-scanner.yaml
@ -9,6 +9,7 @@ info:
    - https://www.tecmint.com/10-most-dangerous-commands-you-should-never-execute-on-linux/
    - https://phoenixnap.com/kb/dangerous-linux-terminal-commands
  tags: bash,file,shell,sh
 file:
  - extensions:
      - sh
--- a/file/electron/electron-version-detect.yaml
+++ b/file/electron/electron-version-detect.yaml
@ -11,6 +11,7 @@ info:
    cvss-score: 0
    cwe-id: CWE-200
  tags: electron,file
 file:
  - extensions:
      - json
--- a/file/electron/node-integration-enabled.yaml
+++ b/file/electron/node-integration-enabled.yaml
@ -10,6 +10,7 @@ info:
    - https://blog.yeswehack.com/yeswerhackers/exploitation/pentesting-electron-applications/
    - https://book.hacktricks.xyz/pentesting/pentesting-web/xss-to-rce-electron-desktop-apps
  tags: electron,file,nodejs
 file:
  - extensions:
      - all
--- a/file/js/js-analyse.yaml
+++ b/file/js/js-analyse.yaml
@ -8,7 +8,8 @@ info:
    This process involves extracting tokens, endpoints, URIs, and variable names from the JS file and analyzing them for any potential weaknesses that could be exploited. By extracting and analyzing these elements, potential security threats can be identified, allowing for proactive measures to be taken to mitigate any risks associated with the application. This process can be used as part of a comprehensive bug-hunting strategy to ensure the security of an application.
  metadata:
    verified: true
-  tags: file,js-analyse,js,javascript
+  tags: file,js-analyse,js
 file:
  - extensions:
      - js
--- a/file/keys/adobe/adobe-client.yaml
+++ b/file/keys/adobe/adobe-client.yaml
@ -10,6 +10,7 @@ info:
  metadata:
    verified: true
  tags: adobe,file,token
 file:
  - extensions:
      - all
--- a/file/keys/adobe/adobe-secret.yaml
+++ b/file/keys/adobe/adobe-secret.yaml
@ -12,6 +12,7 @@ info:
  metadata:
    verified: true
  tags: adobe,oauth,file,token
 file:
  - extensions:
      - all
--- a/file/keys/age/age-identity-secret-key.yaml
+++ b/file/keys/age/age-identity-secret-key.yaml
@ -11,6 +11,7 @@ info:
  metadata:
    verified: true
  tags: age-encryption,file,token
 file:
  - extensions:
      - all
--- a/file/keys/age/age-recipient-public-key.yaml
+++ b/file/keys/age/age-recipient-public-key.yaml
@ -11,6 +11,7 @@ info:
  metadata:
    verified: true
  tags: age-encryption,file,token
 file:
  - extensions:
      - all
--- a/file/keys/alibaba/alibaba-key-id.yaml
+++ b/file/keys/alibaba/alibaba-key-id.yaml
@ -10,6 +10,7 @@ info:
  metadata:
    verified: true
  tags: alibaba,access,file,keys
 file:
  - extensions:
      - all
--- a/file/keys/alibaba/alibaba-secret-id.yaml
+++ b/file/keys/alibaba/alibaba-secret-id.yaml
@ -10,6 +10,7 @@ info:
  metadata:
    verified: true
  tags: alibaba,secret,file,keys
 file:
  - extensions:
      - all
--- a/file/keys/amazon/amazon-account-id.yaml
+++ b/file/keys/amazon/amazon-account-id.yaml
@ -14,6 +14,7 @@ info:
  metadata:
    verified: true
  tags: aws,amazon,token,file
 file:
  - extensions:
      - all
--- a/file/keys/amazon/amazon-mws-auth-token.yaml
+++ b/file/keys/amazon/amazon-mws-auth-token.yaml
@ -9,7 +9,8 @@ info:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cwe-id: CWE-200
-  tags: token,file,amazon,auth
+  tags: token,file,amazon,auth,mws
 file:
  - extensions:
      - all
--- a/file/keys/amazon/amazon-session-token.yaml
+++ b/file/keys/amazon/amazon-session-token.yaml
@ -14,6 +14,7 @@ info:
  metadata:
    verified: true
  tags: aws,amazon,token,file,session
 file:
  - extensions:
      - all
--- a/file/keys/amazon/amazon-sns-token.yaml
+++ b/file/keys/amazon/amazon-sns-token.yaml
@ -9,7 +9,8 @@ info:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0
    cwe-id: CWE-200
-  tags: file,token,amazon,aws
+  tags: file,token,amazon,aws,sns
 file:
  - extensions:
      - all
--- a/file/keys/amazon/aws-access-id.yaml
+++ b/file/keys/amazon/aws-access-id.yaml
@ -9,7 +9,8 @@ info:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0
    cwe-id: CWE-200
-  tags: token,file
+  tags: token,file,aws,amazon
 file:
  - extensions:
      - all
--- a/file/keys/amazon/aws-cognito.yaml
+++ b/file/keys/amazon/aws-cognito.yaml
@ -9,7 +9,8 @@ info:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0
    cwe-id: CWE-200
-  tags: token,file
+  tags: token,file,aws,amazon
 file:
  - extensions:
      - all
--- a/file/keys/asana/asana-clientid.yaml
+++ b/file/keys/asana/asana-clientid.yaml
@ -10,6 +10,7 @@ info:
  metadata:
    verified: true
  tags: asana,client,file,keys
 file:
  - extensions:
      - all
--- a/file/keys/asana/asana-clientsecret.yaml
+++ b/file/keys/asana/asana-clientsecret.yaml
@ -10,6 +10,7 @@ info:
  metadata:
    verified: true
  tags: asana,client,file,keys,secret
 file:
  - extensions:
      - all
--- a/file/keys/atlassian/atlassian-api-token.yaml
+++ b/file/keys/atlassian/atlassian-api-token.yaml
@ -10,6 +10,7 @@ info:
  metadata:
    verified: true
  tags: atlassian,file,token,api
 file:
  - extensions:
      - all
--- a/file/keys/azure/azure-connection-string.yaml
+++ b/file/keys/azure/azure-connection-string.yaml
@ -11,6 +11,7 @@ info:
  metadata:
    verified: true
  tags: azure,file,token
 file:
  - extensions:
      - all
--- a/file/keys/bitbucket/bitbucket-client-id.yaml
+++ b/file/keys/bitbucket/bitbucket-client-id.yaml
@ -10,6 +10,7 @@ info:
  metadata:
    verified: true
  tags: bitbucket,file,token
 file:
  - extensions:
      - all
--- a/file/keys/bitbucket/bitbucket-client-secret.yaml
+++ b/file/keys/bitbucket/bitbucket-client-secret.yaml
@ -10,6 +10,7 @@ info:
  metadata:
    verified: true
  tags: bitbucket,file,token
 file:
  - extensions:
      - all
--- a/file/keys/bittrex/bittrex-access-key.yaml
+++ b/file/keys/bittrex/bittrex-access-key.yaml
@ -10,6 +10,7 @@ info:
  metadata:
    verified: true
  tags: bittrex,file,token
 file:
  - extensions:
      - all
--- a/file/keys/bittrex/bittrex-secret-key.yaml
+++ b/file/keys/bittrex/bittrex-secret-key.yaml
@ -10,6 +10,7 @@ info:
  metadata:
    verified: true
  tags: bittrex,file,token
 file:
  - extensions:
      - all
--- a/file/keys/confluent/confluent-access-token.yaml
+++ b/file/keys/confluent/confluent-access-token.yaml
@ -10,6 +10,7 @@ info:
  metadata:
    verified: true
  tags: confluent,file,token
 file:
  - extensions:
      - all
--- a/file/keys/confluent/confluent-secret-token.yaml
+++ b/file/keys/confluent/confluent-secret-token.yaml
@ -10,6 +10,7 @@ info:
  metadata:
    verified: true
  tags: confluent,file,token
 file:
  - extensions:
      - all
--- a/file/keys/digitalocean/digitalocean-access-token.yaml
+++ b/file/keys/digitalocean/digitalocean-access-token.yaml
@ -10,6 +10,7 @@ info:
  metadata:
    verified: true
  tags: digitalocean,file,token
 file:
  - extensions:
      - all
--- a/file/keys/digitalocean/digitalocean-personal-access.yaml
+++ b/file/keys/digitalocean/digitalocean-personal-access.yaml
@ -10,6 +10,7 @@ info:
  metadata:
    verified: true
  tags: digitalocean,file,token
 file:
  - extensions:
      - all
--- a/file/keys/digitalocean/digitalocean-refresh-token.yaml
+++ b/file/keys/digitalocean/digitalocean-refresh-token.yaml
@ -10,6 +10,7 @@ info:
  metadata:
    verified: true
  tags: digitalocean,file,token
 file:
  - extensions:
      - all
--- a/file/keys/discord/discord-api-token.yaml
+++ b/file/keys/discord/discord-api-token.yaml
@ -10,6 +10,7 @@ info:
  metadata:
    verified: true
  tags: discord,file,token
 file:
  - extensions:
      - all
--- a/file/keys/discord/discord-cilent-secret.yaml
+++ b/file/keys/discord/discord-cilent-secret.yaml
@ -10,6 +10,7 @@ info:
  metadata:
    verified: true
  tags: discord,file,token
 file:
  - extensions:
      - all
--- a/file/keys/discord/discord-client-id.yaml
+++ b/file/keys/discord/discord-client-id.yaml
@ -10,6 +10,7 @@ info:
  metadata:
    verified: true
  tags: discord,file,token
 file:
  - extensions:
      - all
--- a/file/keys/dropbox/dropbox-api-token.yaml
+++ b/file/keys/dropbox/dropbox-api-token.yaml
@ -10,6 +10,7 @@ info:
  metadata:
    verified: true
  tags: dropbox,file,token
 file:
  - extensions:
      - all
--- a/file/keys/dropbox/dropbox-longlived-token.yaml
+++ b/file/keys/dropbox/dropbox-longlived-token.yaml
@ -10,6 +10,7 @@ info:
  metadata:
    verified: true
  tags: dropbox,file,token
 file:
  - extensions:
      - all
--- a/file/keys/dropbox/dropbox-shortlived-token.yaml
+++ b/file/keys/dropbox/dropbox-shortlived-token.yaml
@ -10,6 +10,7 @@ info:
  metadata:
    verified: true
  tags: dropbox,file,token
 file:
  - extensions:
      - all
--- a/file/keys/easypost/easypost-api-token.yaml
+++ b/file/keys/easypost/easypost-api-token.yaml
@ -10,6 +10,7 @@ info:
  metadata:
    verified: true
  tags: easypost,file,token
 file:
  - extensions:
      - all
--- a/file/keys/easypost/easypost-test-token.yaml
+++ b/file/keys/easypost/easypost-test-token.yaml
@ -10,6 +10,7 @@ info:
  metadata:
    verified: true
  tags: easypost,file,token
 file:
  - extensions:
      - all
--- a/file/keys/facebook/facebook-api-token.yaml
+++ b/file/keys/facebook/facebook-api-token.yaml
@ -10,6 +10,7 @@ info:
  metadata:
    verified: true
  tags: facebook,file,token
 file:
  - extensions:
      - all
--- a/file/keys/facebook/facebook-client-id.yaml
+++ b/file/keys/facebook/facebook-client-id.yaml
@ -10,6 +10,7 @@ info:
    cvss-score: 0
    cwe-id: CWE-200
  tags: token,file,facebook
 file:
  - extensions:
      - all
--- a/file/keys/facebook/facebook-secret.yaml
+++ b/file/keys/facebook/facebook-secret.yaml
@ -6,6 +6,7 @@ info:
  severity: low
  description: Facebook secret key token was detected.
  tags: token,file,facebook
 file:
  - extensions:
      - all
--- a/file/keys/facebook/fb-access-token.yaml
+++ b/file/keys/facebook/fb-access-token.yaml
@ -10,6 +10,7 @@ info:
  metadata:
    verified: true
  tags: facebook,token,file
 file:
  - extensions:
      - all
--- a/headless/cves/2018/CVE-2018-25031.yaml
+++ b/headless/cves/2018/CVE-2018-25031.yaml
@ -29,7 +29,7 @@ info:
    product: swagger_ui
    shodan-query: http.component:"Swagger"
    fofa-query: icon_hash="-1180440057"
-  tags: cve,cve2018,headless,swagger-ui,xss
+  tags: cve,cve2018,headless,swagger,xss
 headless:
  - steps:
--- a/headless/dvwa-headless-automatic-login.yaml
+++ b/headless/dvwa-headless-automatic-login.yaml
@ -5,6 +5,7 @@ info:
  author: pdteam
  severity: high
  tags: headless,dvwa
 headless:
  - steps:
      - args:
--- a/headless/extract-urls.yaml
+++ b/headless/extract-urls.yaml
@ -5,6 +5,7 @@ info:
  author: dwisiswant0
  severity: info
  tags: headless,extractor
 headless:
  - steps:
      - args:
--- a/headless/headless-open-redirect.yaml
+++ b/headless/headless-open-redirect.yaml
@ -11,6 +11,7 @@ info:
    cvss-score: 6.1
    cwe-id: CWE-601
  tags: redirect,generic,headless
 headless:
  - steps:
      - args:
--- a/headless/prototype-pollution-check.yaml
+++ b/headless/prototype-pollution-check.yaml
@ -7,6 +7,7 @@ info:
  metadata:
    max-request: 4
  tags: headless
 headless:
  - steps:
      - args:
--- a/headless/screenshot.yaml
+++ b/headless/screenshot.yaml
@ -6,9 +6,11 @@ info:
  severity: info
  description: Takes a screenshot of the specified URLS.
  tags: headless,screenshot
 variables:
  filename: '{{replace(BaseURL,"/","_")}}'
  dir: "screenshots"
 headless:
  - steps:
      - action: setheader
--- a/headless/technologies/js-libraries-detect.yaml
+++ b/headless/technologies/js-libraries-detect.yaml
@ -8,6 +8,7 @@ info:
  metadata:
    max-request: 1
  tags: headless,tech,js
 headless:
  - steps:
      - action: navigate
--- a/headless/technologies/sap-spartacus.yaml
+++ b/headless/technologies/sap-spartacus.yaml
@ -10,6 +10,7 @@ info:
  metadata:
    verified: true
  tags: tech,sap,hybris,angular,spartacus,headless
 headless:
  - steps:
      - action: navigate
--- a/http/token-spray/api-fortitoken-cloud.yaml
+++ b/http/token-spray/api-fortitoken-cloud.yaml
@ -8,7 +8,7 @@ info:
    - https://docs.fortinet.com/document/fortitoken-cloud/latest/rest-api/456035/overview
  metadata:
    max-request: 1
-  tags: token-spray,fortinet
+  tags: token-spray,fortinet,fortitoken
 self-contained: true
--- a/http/token-spray/api-front.yaml
+++ b/http/token-spray/api-front.yaml
@ -1,7 +1,7 @@
 id: api-front
 info:
-  name: LaunchDarkly REST API
+  name: Frontapp API
  author: Luqmaan Hadia [Luqiih](https://github.com/Luqiih)
  severity: info
  reference:
--- a/http/token-spray/api-instagram.yaml
+++ b/http/token-spray/api-instagram.yaml
@ -8,7 +8,7 @@ info:
    - https://developers.facebook.com/docs/instagram-api/getting-started
  metadata:
    max-request: 1
-  tags: token-spray,instagram,graph
+  tags: token-spray,instagram,graph,facebook
 self-contained: true
--- a/http/token-spray/google-safebrowsing.yaml
+++ b/http/token-spray/google-safebrowsing.yaml
@ -10,7 +10,7 @@ info:
    - https://github.com/daffainfo/all-about-apikey/tree/main/google-safe-browsing
  metadata:
    max-request: 1
-  tags: token-spray,google,books
+  tags: token-spray,google,safebrowsing
 self-contained: true
--- a/javascript/cves/2016/CVE-2016-8706.yaml
+++ b/javascript/cves/2016/CVE-2016-8706.yaml
@ -26,6 +26,7 @@ info:
    product: memcached
    verfied: true
  tags: cve,cve2016,rce,js,memcached
 javascript:
  - code: |
      let packet = bytes.NewBuffer();
--- a/javascript/cves/2023/CVE-2023-34039.yaml
+++ b/javascript/cves/2023/CVE-2023-34039.yaml
@ -29,9 +29,11 @@ info:
    verified: true
    vendor: vmware
    product: aria_operations_for_networks
-  tags: packetstorm,cve,cve2019,vmware,aria,rce,fuzz
+  tags: js,packetstorm,cve,cve2019,vmware,aria,rce,fuzz,vrealize
 variables:
  keysDir: "helpers/payloads/cve-2023-34039-keys" # load all private keys from this directory
 javascript:
  # init field can be used to make any preperations before the actual exploit
  # here we are reading all private keys from helpers folder and storing them in a list
--- a/javascript/cves/2023/CVE-2023-46604.yaml
+++ b/javascript/cves/2023/CVE-2023-46604.yaml
@ -27,7 +27,7 @@ info:
    vendor: apache
    product: activemq
    shodan-query: product:"ActiveMQ OpenWire Transport"
-  tags: cve,cve2023,network,rce,apache,activemq,deserialization,kev
+  tags: cve,cve2023,network,rce,apache,activemq,deserialization,js,kev
 variables:
  prefix: "1f00000000000000000001010042"
--- a/javascript/default-logins/mssql-default-logins.yaml
+++ b/javascript/default-logins/mssql-default-logins.yaml
@ -10,6 +10,7 @@ info:
    max-request: 7
    shodan-query: port:1433
  tags: js,mssql,default-login,network
 javascript:
  - pre-condition: |
      var m = require("nuclei/mssql");
--- a/javascript/default-logins/postgres-default-logins.yaml
+++ b/javascript/default-logins/postgres-default-logins.yaml
@ -9,7 +9,8 @@ info:
  metadata:
    max-request: 9
    shodan-query: port:5432
-  tags: js,postgres,default-login,network
+  tags: js,postgresql,default-login,network
 javascript:
  - pre-condition: |
      var m = require("nuclei/postgres");
--- a/javascript/default-logins/redis-default-logins.yaml
+++ b/javascript/default-logins/redis-default-logins.yaml
@ -10,6 +10,7 @@ info:
    max-request: 6
    shodan-query: product:"redis"
  tags: js,redis,default-login,network
 javascript:
  - pre-condition: |
      isPortOpen(Host,Port)
--- a/javascript/default-logins/ssh-default-logins.yaml
+++ b/javascript/default-logins/ssh-default-logins.yaml
@ -8,6 +8,7 @@ info:
    max-request: 223
    shodan-query: port:1433
  tags: js,ssh,default-login,network,fuzz
 javascript:
  - pre-condition: |
      var m = require("nuclei/ssh");
--- a/javascript/detection/mssql-detect.yaml
+++ b/javascript/detection/mssql-detect.yaml
@ -8,6 +8,7 @@ info:
    max-request: 1
    shodan-query: port:1433
  tags: js,mssql,detect,network
 javascript:
  - code: |
      var m = require("nuclei/mssql");
--- a/javascript/detection/oracle-tns-listener.yaml
+++ b/javascript/detection/oracle-tns-listener.yaml
@ -13,6 +13,7 @@ info:
    max-request: 1
    shodan-query: product:"Oracle TNS Listener"
  tags: js,oracle,tns,network
 javascript:
  - code: |
      var m = require("nuclei/oracle");
--- a/javascript/detection/ssh-auth-methods.yaml
+++ b/javascript/detection/ssh-auth-methods.yaml
@ -12,6 +12,7 @@ info:
    max-request: 1
    shodan-query: product:"OpenSSH"
  tags: ssh,js,enum,network
 javascript:
  - code: |
      var m = require("nuclei/ssh");
--- a/Show More
+++ b/Show More