From bd09944ca250c56c3e9ce3648a4434442b498f3c Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sat, 7 Sep 2024 22:40:49 +0700 Subject: [PATCH] added azure scan profile --- ...storage-private-endpoint-unconfigured.yaml | 2 +- profiles/azure-cloud-config.yml | 20 +++++++++++++++++++ 2 files changed, 21 insertions(+), 1 deletion(-) create mode 100644 profiles/azure-cloud-config.yml diff --git a/cloud/azure/storageaccounts/azure-storage-private-endpoint-unconfigured.yaml b/cloud/azure/storageaccounts/azure-storage-private-endpoint-unconfigured.yaml index 61f33b3277..bfb8ae6b78 100644 --- a/cloud/azure/storageaccounts/azure-storage-private-endpoint-unconfigured.yaml +++ b/cloud/azure/storageaccounts/azure-storage-private-endpoint-unconfigured.yaml @@ -4,7 +4,7 @@ info: author: princechaddha severity: high description: | - Ensure that private endpoints are configured for Microsoft Azure Storage accounts in order to allow clients and services to securely access data located over a network via an encrypted Private Link connection. + Ensure that private endpoints are configured for Microsoft Azure Storage accounts in order to allow clients and services to securely access data located over a network via an encrypted Private Link connection. impact: | Not using private endpoints for Azure Storage accounts can expose sensitive data to potential breaches by allowing data transmission over less secure networks. remediation: | diff --git a/profiles/azure-cloud-config.yml b/profiles/azure-cloud-config.yml new file mode 100644 index 0000000000..ae8125105a --- /dev/null +++ b/profiles/azure-cloud-config.yml @@ -0,0 +1,20 @@ +# Nuclei Configuration Profile for Scanning Azure ACLs +# +# This configuration file is specifically tailored for detecting issues in Azure Access Control Lists (ACLs) using Nuclei. +# +# Purpose: +# This profile is focused on identifying misconfigurations and vulnerabilities in Azure ACLs. Proper configuration of ACLs is crucial for securing Azure resources and ensuring that only authorized entities have access. +# +# Included Templates: +# This configuration references specific templates tagged with 'azure-cloud-config' to cover comprehensive scanning of Azure ACLs. +# +# Running this profile +# You can run this profile using the following command: +# nuclei -profile azure-cloud-config +code: true # enable code templates + +tags: + - azure-cloud-config # filter templates with "azure-cloud-config" tags + +var: + - region=us-east-1 # template input for "region" variable