From ba9ac7d334785cb3e3bd35b21b6b654896cd7577 Mon Sep 17 00:00:00 2001
From: dr0pd34d <26057594+dr0pd34d@users.noreply.github.com>
Date: Sun, 29 May 2022 08:06:51 +0000
Subject: [PATCH] Extract available endpoints from springboot-actuator (#4497)

* Extract available endpoints from springboot-actuator

I updated the template "springboot-actuator.yaml" to contain a list of available endpoints in order to see and process endpoints and also recognize unusual non-standard endpoints that are exposed.

* Removed trailing spaces badly visible in web UI

* Added metadata

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
---
 technologies/springboot-actuator.yaml | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/technologies/springboot-actuator.yaml b/technologies/springboot-actuator.yaml
index 005aad947e..dc4c4e567b 100644
--- a/technologies/springboot-actuator.yaml
+++ b/technologies/springboot-actuator.yaml
@@ -2,8 +2,10 @@ id: springboot-actuator
 
 info:
   name: Detect Springboot Actuators
-  author: that_juan_,dwisiswant0,wdahlenb
+  author: that_juan_,dwisiswant0,wdahlenb,dr0pd34d
   severity: info
+  metadata:
+    shodan-query: http.favicon.hash:116323821
   tags: tech,springboot,actuator
 
 requests:
@@ -29,3 +31,9 @@ requests:
         name: "favicon"
         dsl:
           - "status_code==200 && (\"116323821\" == mmh3(base64_py(body)))"
+
+    extractors:
+      - type: json
+        name: available-endpoints
+        json:
+          - .[] | to_entries | .[].key