daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #9996 from KristinnVikar/main 

Remove Dell matcher from sonicwall WAF detect (False Positives)
patch-4
Dhiyaneshwaran 2024-06-19 01:22:50 +08:00 committed by GitHub
parent 3ab3350221 738122868b
commit c01fba542d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 2 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
http/technologies/waf-detect.yaml
View File

@ -74,9 +74,9 @@ http:
- type: regex
name: teros
regex:
- '(?i)st8(id|.wa|.wf)?.?(\d+|\w+)?'
- '(?i)st8(id|.wa|.wf)?.?(\d+|\w+)?='
condition: or
part: response
part: header
- type: regex
name: stricthttp
@ -156,14 +156,6 @@ http:
condition: or
part: response
- type: regex
name: ats
regex:
- '(?i)(\()?apachetrafficserver((\/)?\d+(.\d+(.\d+)?)?)'
- '(?i)ats((\/)?(\d+(.\d+(.\d+)?)?))?'
condition: or
part: response
- type: regex
name: malcare
regex:
@ -580,7 +572,6 @@ http:
regex:
- '(?i)This.request.is.blocked.by.the.SonicWALL'
- '(?i)Dell.SonicWALL'
- '(?i)\bDell\b'
- '(?i)Web.Site.Blocked.+\bnsa.banner'
- '(?i)SonicWALL'
- '(?i).>policy.this.site.is.blocked<.'