Create strapi-admin-installer.yaml

http/misconfiguration/installer/strapi-admin-installer.yaml

@@ -0,0 +1,31 @@
+id: strapi-admin-installer
+
+info:
+  name: Strapi Admin - Installer
+  author: dhiyaneshDk
+  severity: critical
+  description: |
+    Strapi Admin Registration enabled was detected.
+  metadata:
+    verified: true
+    max-request: 1
+    shodan-query: html:"Welcome to your Strapi app" html:"create an administrator"
+  tags: misconfig,exposure,strapi,install
+
+http:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "Welcome to your Strapi app"
+          - "Click to create the first administration"
+        condition: and
+
+      - type: status
+        status:
+          - 200