daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

lowercase names

patch-1
thesubtlety 2022-12-22 09:02:20 -07:00
parent 3096ef92b3
commit a03a2d72e8
1 changed files with 48 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

91
dns/saas-service-detection.yaml
View File

@ -1,10 +1,15 @@
id: saas-service-detection
info:
name: dns saas service detection
name: DNS SaaS Service Detection
description: A CNAME DNS record was discovered matching a specified service provider
author: noah @thesubtlety
severity: info
tags: dns
tags: dns,service
reference:
- https://ns1.com/resources/cname
- https://www.theregister.com/2021/02/24/dns_cname_tracking/
- https://www.ionos.com/digitalguide/hosting/technical-matters/cname-record/
dns:
- name: "{{FQDN}}"
@ -23,13 +28,13 @@ dns:
matchers:
- type: word
name: O365
name: o365
words:
- outlook.com
- office.com
- type: word
name: Azure
name: azure
words:
- "azure-api.net"
- "azure.com"
@ -69,7 +74,7 @@ dns:
- "wixdns.net"
- type: word
name: Akamai CDN
name: akamai-cdn
condition: or
words:
- akadns.net
@ -94,7 +99,7 @@ dns:
- edgesuite.net
- type: word
name: Cloudflare CDN
name: cloudflare-cdn
words:
- cloudflare.net
- cloudflare-dm-cmpimg.com
@ -115,54 +120,54 @@ dns:
- sn-cloudflare.com
- type: word
name: Amazon CloudFront
name: amazon-cloudfront
words:
- cloudfront.net
- type: word
name: Salesforce
name: salesforce
words:
- salesforce.com
- siteforce.com
- force.com
- type: word
name: Amazon AWS
name: amazon-aws
words:
- amazonaws.com
- elasticbeanstalk.com
- awsglobalaccelerator.com
- type: word
name: Fastly CDN
name: fastly-cdn
words:
- fastly.net
- type: word
name: Netlify
name: netlify
words:
- netlify.app
- netlify.com
- netlifyglobalcdn.com
- type: word
name: Vercel
name: vercel
words:
- vercel.app
- type: word
name: Sendgrid
name: sendgrid
words:
- sendgrid.net
- sendgrid.com
- type: word
name: Qualtrics
name: qualtrics
words:
- qualtrics.com
- type: word
name: Heroku
name: heroku
words:
- herokuapp.com
- herokucdn.com
@ -171,45 +176,45 @@ dns:
- herokuspace.com
- type: word
name: Gitlab
name: gitlab
words:
- gitlab.com
- gitlab.io
- type: word
name: Perforce Akana
name: perforce-akana
words:
- akana.com
- apiportal.akana.com
- type: word
name: Skilljar
name: skilljar
words:
- skilljarapp.com
- type: word
name: Datagrail
name: datagrail
words:
- datagrail.io
- type: word
name: Platform.sh
name: platform.sh
words:
- platform.sh
- type: word
name: Folloze
name: folloze
words:
- folloze.com
- type: word
name: Pendo/Receptive
name: pendo-receptive
words:
- receptive.io
- pendo.io
- type: word
name: Discourse
name: discourse
words:
- bydiscourse.com
- discourse-cdn.com
@ -218,7 +223,7 @@ dns:
- hosted-by-discourse.com
- type: word
name: Adobe Marketo
name: adobe-marketo
words:
- marketo.com
- marketo.co.uk
@ -227,39 +232,39 @@ dns:
- mktoweb.com
- type: regex
name: Adobe Marketo
name: adobe-marketo
regex:
- 'mkto-.{5,8}\.com'
- type: word
name: Adobe Marketo
name: adobe-marketo
words:
- marketo.com
- type: word
name: Rock Content
name: rock-content
words:
- postclickmarketing.com
- rockcontent.com
- rockstage.io
- type: word
name: Rocketlane
name: rocketlane
words:
- rocketlane.com
- type: word
name: Webflow
name: webflow
words:
- proxy-ssl.webflow.com
- type: word
name: Stacker HQ
name: stacker-hq
words:
- stacker.app
- type: word
name: HubSpot
name: hubspot
words:
- hs-analytics.net
- hs-banner.com
@ -284,13 +289,13 @@ dns:
- usemessages.com
- type: word
name: Gitbook
name: gitbook
words:
- gitbook.com
- gitbook.io
- type: word
name: Google Firebase
name: google-firebase
words:
- fcm.googleapis.com
- firebase.com
@ -310,7 +315,7 @@ dns:
- firebaseremoteconfig.googleapis.com
- type: word
name: Zendesk
name: zendesk
words:
- zdassets.com
- zdorigin.com
@ -318,7 +323,7 @@ dns:
- zopim.com
- type: word
name: Imperva
name: imperva
words:
- incapdns.net
- incapsula.com
@ -333,14 +338,14 @@ dns:
- proofpoint.com
- type: word
name: Q4 Investor Relations
name: q4-investor-relations
words:
- q4inc.com
- q4ir.com
- q4web.com
- type: word
name: Google Hosted
name: google-hosted
words:
- appspot.com
- cloudfunctions.net
@ -353,34 +358,34 @@ dns:
- run.app
- type: word
name: WP Engine
name: wp-engine
words:
- wpengine.com
- type: word
name: GitHub
name: github
words:
- github.com
- github.io
- githubusercontent.com
- type: word
name: Ghost
name: ghost
words:
- ghost.io
- type: word
name: Digital Oceang
name: digital-ocean
words:
- ondigitalocean.app
- type: word
name: Type Dream
name: typedream
words:
- ontypedream.com
- type: word
name: Oracle Eloqua Marketing
name: oracle-eloqua-marketing
words:
- hs.eloqua.com