Update syntax
parent
cd21b2533e
commit
a9330e20c0
|
@ -12,5 +12,5 @@ requests:
|
|||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- "<title>SSL VPN Service</title>"
|
||||
- "<title>SSL VPN Service</title>"
|
||||
part: body
|
||||
|
|
|
@ -12,4 +12,4 @@ requests:
|
|||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- "<title>GlobalProtect Portal</TITLE>"
|
||||
- "<title>GlobalProtect Portal</TITLE>"
|
||||
|
|
|
@ -12,5 +12,5 @@ requests:
|
|||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- "<title>Grafana</title>"
|
||||
- "<title>Grafana</title>"
|
||||
part: body
|
||||
|
|
|
@ -12,5 +12,5 @@ requests:
|
|||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- "<title>People - [Jenkins]</title>"
|
||||
- "<title>People - [Jenkins]</title>"
|
||||
part: body
|
||||
|
|
|
@ -19,7 +19,6 @@ requests:
|
|||
- "{{BaseURL}}/typo3/phpmyadmin/"
|
||||
- "{{BaseURL}}/web/phpmyadmin/"
|
||||
- "{{BaseURL}}/xampp/phpmyadmin/"
|
||||
|
||||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
|
|
|
@ -13,5 +13,5 @@ requests:
|
|||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- "<title>SAP NetWeaver Portal</title>"
|
||||
- "<title>SAP NetWeaver Portal</title>"
|
||||
part: body
|
||||
|
|
|
@ -12,5 +12,5 @@ requests:
|
|||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- "<title>Sign In-SuperVPN</title>"
|
||||
- "<title>Sign In-SuperVPN</title>"
|
||||
part: body
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
path:
|
||||
- "{{BaseURL}}/swagger/index.html"
|
||||
- "{{BaseURL}}/swagger-ui.html"
|
||||
- "{{BaseURL}}/swagger/swagger-ui.html"
|
||||
|
@ -17,7 +17,7 @@ requests:
|
|||
- "{{BaseURL}}/swagger/v1/swagger.json"
|
||||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
words:
|
||||
- "\"swagger\":"
|
||||
- "Swagger UI"
|
||||
condition: or
|
||||
|
|
|
@ -12,5 +12,5 @@ requests:
|
|||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- 'allow-access-from domain="*"'
|
||||
- 'allow-access-from domain="*"'
|
||||
part: body
|
||||
|
|
|
@ -14,5 +14,5 @@ requests:
|
|||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- 'Access-Control-Allow-Origin: https://evil.com'
|
||||
- "Access-Control-Allow-Origin: https://evil.com"
|
||||
part: header
|
||||
|
|
|
@ -4,7 +4,8 @@ info:
|
|||
name: FrontPage configuration information discloure
|
||||
author: JTeles
|
||||
severity: low
|
||||
#Reference => https://docs.microsoft.com/en-us/archive/blogs/fabdulwahab/security-protecting-sharepoint-server-applications
|
||||
# reference: https://docs.microsoft.com/en-us/archive/blogs/fabdulwahab/security-protecting-sharepoint-server-applications
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
|
|
|
@ -4,7 +4,7 @@ info:
|
|||
name: Jira Service Desk Signup
|
||||
author: TechbrunchFR
|
||||
severity: medium
|
||||
|
||||
|
||||
requests:
|
||||
- method: POST
|
||||
path:
|
||||
|
@ -15,7 +15,7 @@ requests:
|
|||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- 'signup.validation.errors'
|
||||
- "signup.validation.errors"
|
||||
- type: status
|
||||
status:
|
||||
- 400
|
||||
|
|
|
@ -38,19 +38,19 @@ requests:
|
|||
- type: regex
|
||||
part: body
|
||||
regex:
|
||||
- 'method'
|
||||
- 'spring'
|
||||
- 'TYPE'
|
||||
- 'system'
|
||||
- 'database'
|
||||
- 'cron'
|
||||
- "method"
|
||||
- "spring"
|
||||
- "TYPE"
|
||||
- "system"
|
||||
- "database"
|
||||
- "cron"
|
||||
condition: or
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
- type: word
|
||||
words:
|
||||
- 'application/json'
|
||||
- 'hprof'
|
||||
- "application/json"
|
||||
- "hprof"
|
||||
condition: or
|
||||
part: header
|
||||
|
|
|
@ -8,8 +8,8 @@ info:
|
|||
# Update this list with new takeovers matchers
|
||||
# Do not delete other template files for takeover
|
||||
# https://github.com/EdOverflow/can-i-take-over-xyz
|
||||
# You need to claim the cname the subdomain to confirm the takeover.
|
||||
# Do not report this without claiming the cname.
|
||||
# You need to claim the CNAME the subdomain to confirm the takeover.
|
||||
# Do not report this without claiming the CNAME.
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
|
|
|
@ -12,5 +12,5 @@ requests:
|
|||
matchers:
|
||||
- type: regex
|
||||
regex:
|
||||
- "(?:Company Not Found|you’re looking for doesn’t exist)"
|
||||
- "(?:Company Not Found|you’re looking for doesn’t exist)"
|
||||
part: body
|
||||
|
|
Loading…
Reference in New Issue