Beyondtrust pam (#3954)

* Add files via upload

* Add files via upload

* Update and rename BeyondTrust-default-login.yaml to beyondtrust-panel.yaml

* lint fixes and updates

* removing duplicate template

* tags update

Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>

exposed-panels/beyondtrust-login-server.yaml

@@ -0,0 +1,31 @@
+id: beyondtrust-login-server
+
+info:
+  name: BeyondTrust PAM login Server
+  author: r3dg33k,nuk3s3c
+  severity: info
+  tags: beyondtrust,pam,panel
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/WebConsole/api/security/auth/loginServers'
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+
+      - type: regex
+        regex:
+          - '"DomainName":"(.*)"'
+          - '"domains":'
+        condition: and
+
+    extractors:
+      - type: json
+        part: body
+        json:
+          - ".domains[] | .DomainName"
+          - ".domains[] | .ldapservers"

exposed-panels/beyondtrust-panel.yaml

@@ -0,0 +1,21 @@
+id: beyondtrust-panel
+
+info:
+  name: BeyondTrust Login Panel
+  author: r3dg33k,nuk3s3c
+  severity: info
+  description: Detects default Login page for Beyond Trust PAM solution
+  metadata:
+    shodan-query: http.html:"BeyondInsight"
+  tags: beyondtrust,pam,panel
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/WebConsole/'
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<title>BeyondInsight</title>"