Extract available endpoints from springboot-actuator (#4497)

* Extract available endpoints from springboot-actuator I updated the template "springboot-actuator.yaml" to contain a list of available endpoints in order to see and process endpoints and also recognize unusual non-standard endpoints that are exposed. * Removed trailing spaces badly visible in web UI * Added metadata Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-05-29 08:06:51 +00:00 · 2022-05-29 08:06:51 +00:00 · ba9ac7d334
parent 1205640037
commit ba9ac7d334
1 changed files with 9 additions and 1 deletions
--- a/technologies/springboot-actuator.yaml
+++ b/technologies/springboot-actuator.yaml
@ -2,8 +2,10 @@ id: springboot-actuator

 info:
  name: Detect Springboot Actuators
-  author: that_juan_,dwisiswant0,wdahlenb
+  author: that_juan_,dwisiswant0,wdahlenb,dr0pd34d
  severity: info
+  metadata:
+    shodan-query: http.favicon.hash:116323821
  tags: tech,springboot,actuator

 requests:
@ -29,3 +31,9 @@ requests:
        name: "favicon"
        dsl:
          - "status_code==200 && (\"116323821\" == mmh3(base64_py(body)))"
+
+    extractors:
+      - type: json
+        name: available-endpoints
+        json:
+          - .[] | to_entries | .[].key