From 9c0e218365e09c277fc874068d2b4131e657ccca Mon Sep 17 00:00:00 2001
From: Ali Fathi Ali Sawehli <55149010+alifathi-h1@users.noreply.github.com>
Date: Sun, 11 Jul 2021 00:31:09 +0800
Subject: [PATCH] Added Herokuapp Detection

---
 technologies/herokuapp-detect.yaml | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 technologies/herokuapp-detect.yaml

diff --git a/technologies/herokuapp-detect.yaml b/technologies/herokuapp-detect.yaml
new file mode 100644
index 0000000000..edebaee70a
--- /dev/null
+++ b/technologies/herokuapp-detect.yaml
@@ -0,0 +1,19 @@
+id: herokuapp-detect 
+
+info:
+  name: Detect websites using Herokuapp endpoints   
+  author: alifathi-h1
+  severity: info
+  tags: heroku,tech
+  description: Detected endpoints might be vulnerable to subdomain takeover or disclose sensitive info
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - "[a-z0-9.-]+\\.herokuapp\\.com"