removed deprecated header syntax with latest one

patch-1
sandeep 2023-06-20 02:40:30 +05:30
parent e008ea232b
commit c90fa30096
104 changed files with 144 additions and 144 deletions

View File

@ -31,7 +31,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- 'contains(tolower(all_headers), "text/html")' - 'contains(tolower(header), "text/html")'
- 'contains(set_cookie, "_icl_current_admin_language")' - 'contains(set_cookie, "_icl_current_admin_language")'
- 'contains(body, "\"><script>alert(0);</script>")' - 'contains(body, "\"><script>alert(0);</script>")'
condition: and condition: and

View File

@ -48,7 +48,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- 'status_code_3 == 200' - 'status_code_3 == 200'
- 'contains(all_headers_3, "text/html")' - 'contains(header_3, "text/html")'
- "contains(body_3, '><script>alert(document.domain)</script></a>')" - "contains(body_3, '><script>alert(document.domain)</script></a>')"
condition: and condition: and

View File

@ -48,7 +48,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- 'status_code_3 == 200' - 'status_code_3 == 200'
- 'contains(all_headers_3, "text/html")' - 'contains(header_3, "text/html")'
- 'contains(body_3, "><script>alert(document.domain)</script></a>")' - 'contains(body_3, "><script>alert(document.domain)</script></a>")'
condition: and condition: and

View File

@ -48,7 +48,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- 'status_code_3 == 200' - 'status_code_3 == 200'
- 'contains(all_headers_3, "text/html")' - 'contains(header_3, "text/html")'
- 'contains(body_3, "><script>alert(document.domain)</script></a>")' - 'contains(body_3, "><script>alert(document.domain)</script></a>")'
condition: and condition: and

View File

@ -48,7 +48,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- 'status_code_3 == 200' - 'status_code_3 == 200'
- 'contains(all_headers_3, "text/html")' - 'contains(header_3, "text/html")'
- 'contains(body_3, "><script>alert(document.domain)</script></a>")' - 'contains(body_3, "><script>alert(document.domain)</script></a>")'
condition: and condition: and

View File

@ -48,7 +48,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- 'status_code_3 == 200' - 'status_code_3 == 200'
- 'contains(all_headers_3, "text/html")' - 'contains(header_3, "text/html")'
- 'contains(body_3, "><script>alert(document.domain)</script></a>")' - 'contains(body_3, "><script>alert(document.domain)</script></a>")'
condition: and condition: and

View File

@ -48,7 +48,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- 'status_code_3 == 200' - 'status_code_3 == 200'
- 'contains(all_headers_3, "text/html")' - 'contains(header_3, "text/html")'
- 'contains(body_3, "><script>alert(document.domain)</script></a>")' - 'contains(body_3, "><script>alert(document.domain)</script></a>")'
condition: and condition: and

View File

@ -48,6 +48,6 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- "contains(tolower(all_headers_2), 'text/html')" - "contains(tolower(header_2), 'text/html')"
# Enhanced by mp on 2022/08/11 # Enhanced by mp on 2022/08/11

View File

@ -41,7 +41,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- 'contains(all_headers, "text/html")' - 'contains(header, "text/html")'
- 'status_code_3 == 200' - 'status_code_3 == 200'
- 'contains(body_1, "<title>Citrix SD-WAN</title>")' - 'contains(body_1, "<title>Citrix SD-WAN</title>")'
condition: and condition: and

View File

@ -42,7 +42,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- 'status_code_2 == 200' - 'status_code_2 == 200'
- 'contains(all_headers_2, "text/html")' - 'contains(header_2, "text/html")'
- 'contains(body_2, "value=\"\"onfocus=\"alert(document.domain)\"autofocus=")' - 'contains(body_2, "value=\"\"onfocus=\"alert(document.domain)\"autofocus=")'
- 'contains(body_2, "DomainMOD")' - 'contains(body_2, "DomainMOD")'
condition: and condition: and

View File

@ -64,7 +64,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- 'contains(body_4, "operator":"BashOperator")' - 'contains(body_4, "operator":"BashOperator")'
- 'contains(all_headers_4, "application/json")' - 'contains(header_4, "application/json")'
condition: and condition: and
# Enhanced by mp on 2022/07/13 # Enhanced by mp on 2022/07/13

View File

@ -46,7 +46,7 @@ http:
- 'contains(body,"password")' - 'contains(body,"password")'
- 'contains(body,"password_reset_hash")' - 'contains(body,"password_reset_hash")'
- 'status_code==200' - 'status_code==200'
- 'contains(all_headers,"text/html")' - 'contains(header,"text/html")'
condition: and condition: and
# Enhanced by md on 2023/04/04 # Enhanced by md on 2023/04/04

View File

@ -44,7 +44,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- 'status_code_2 == 200' - 'status_code_2 == 200'
- 'contains(all_headers_2, "text/html")' - 'contains(header_2, "text/html")'
- 'contains(body_2, "value=\"\"/><script>alert(document.domain)</script>")' - 'contains(body_2, "value=\"\"/><script>alert(document.domain)</script>")'
- 'contains(body_2, "DomainMOD")' - 'contains(body_2, "DomainMOD")'
condition: and condition: and

View File

@ -53,7 +53,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- 'contains(all_headers_4, "text/html")' - 'contains(header_4, "text/html")'
- 'status_code_4 == 200' - 'status_code_4 == 200'
- 'contains(body_4, "><script>alert(document.domain)</script>") && contains(body_4, "Monstra")' - 'contains(body_4, "><script>alert(document.domain)</script>") && contains(body_4, "Monstra")'
condition: and condition: and

View File

@ -52,7 +52,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- "contains(all_headers_4, 'text/html')" - "contains(header_4, 'text/html')"
- "status_code_4 == 200" - "status_code_4 == 200"
- "contains(body_4, 'wpCentral Connection Key')" - "contains(body_4, 'wpCentral Connection Key')"
- contains(body_4, "pagenow = \'dashboard\'") - contains(body_4, "pagenow = \'dashboard\'")

View File

@ -61,7 +61,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- contains(all_headers_3, "text/html") - contains(header_3, "text/html")
- status_code_3 == 200 - status_code_3 == 200
- contains(body_3, 'CVE-2021-24145') - contains(body_3, 'CVE-2021-24145')
condition: and condition: and

View File

@ -66,7 +66,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- contains(all_headers_4, "text/html") - contains(header_4, "text/html")
- status_code_4 == 200 - status_code_4 == 200
- contains(body_3, '{\"success\":1}') - contains(body_3, '{\"success\":1}')
- contains(body_4, 'CVE-2021-24155') - contains(body_4, 'CVE-2021-24155')

View File

@ -43,7 +43,7 @@ http:
dsl: dsl:
- 'status_code_1 == 302' - 'status_code_1 == 302'
- 'status_code_2 == 302' - 'status_code_2 == 302'
- "contains(all_headers_2, 'Location: https://interact.sh?client_id=1')" - "contains(header_2, 'Location: https://interact.sh?client_id=1')"
condition: and condition: and
# Enhanced by md on 2022/10/14 # Enhanced by md on 2022/10/14

View File

@ -88,7 +88,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- contains(all_headers_4, "text/html") - contains(header_4, "text/html")
- status_code_4 == 200 - status_code_4 == 200
- contains(body_4, "CVE-2021-24347") - contains(body_4, "CVE-2021-24347")
condition: and condition: and

View File

@ -43,7 +43,7 @@ http:
dsl: dsl:
- status_code_2 == 200 - status_code_2 == 200
- contains(body_2, '><script>alert(document.domain)</script>&action=view') - contains(body_2, '><script>alert(document.domain)</script>&action=view')
- contains(all_headers_2, "text/html") - contains(header_2, "text/html")
condition: and condition: and
# Enhanced by md on 2023/03/28 # Enhanced by md on 2023/03/28

View File

@ -42,7 +42,7 @@ http:
dsl: dsl:
- status_code_2 == 200 - status_code_2 == 200
- contains(body_2, 'extensions/\'-alert(document.domain)-\'') && contains(body_2, 'w3-total-cache') - contains(body_2, 'extensions/\'-alert(document.domain)-\'') && contains(body_2, 'w3-total-cache')
- contains(all_headers_2, "text/html") - contains(header_2, "text/html")
condition: and condition: and
# Enhanced by md on 2023/03/28 # Enhanced by md on 2023/03/28

View File

@ -40,7 +40,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- contains(all_headers_2, "text/html") - contains(header_2, "text/html")
- status_code_2 == 200 - status_code_2 == 200
- contains(body_2, 'accesskey=X onclick=alert(1) test=') - contains(body_2, 'accesskey=X onclick=alert(1) test=')
- contains(body_2, 'woocommerce_persian_translate') - contains(body_2, 'woocommerce_persian_translate')

View File

@ -38,7 +38,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- 'status_code_2 == 200 && status_code_3 == 200' - 'status_code_2 == 200 && status_code_3 == 200'
- 'contains(all_headers_3, "text/html")' - 'contains(header_3, "text/html")'
- 'contains(body_3, "<img src onerror=alert(document.domain)>")' - 'contains(body_3, "<img src onerror=alert(document.domain)>")'
- 'contains(body_3, "Affiliates Manager Click Tracking")' - 'contains(body_3, "Affiliates Manager Click Tracking")'
condition: and condition: and

View File

@ -38,7 +38,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- duration_1>=6 - duration_1>=6
- contains(all_headers_1, "application/json") - contains(header_1, "application/json")
- status_code == 200 - status_code == 200
- contains(body_2, 'other_discount_code_') - contains(body_2, 'other_discount_code_')
condition: and condition: and

View File

@ -45,7 +45,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- "contains(all_headers_3, 'text/html')" - "contains(header_3, 'text/html')"
- "status_code_3 == 200" - "status_code_3 == 200"
- 'contains(body_3, "iframe src=\"javascript:alert(document.domain)") && contains(body_3, "SSH Terminal")' - 'contains(body_3, "iframe src=\"javascript:alert(document.domain)") && contains(body_3, "SSH Terminal")'
condition: and condition: and

View File

@ -53,7 +53,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- 'status_code_4 == 200' - 'status_code_4 == 200'
- 'contains(all_headers_4, "text/html")' - 'contains(header_4, "text/html")'
- 'contains(body_4, "Go to <script>alert(document.domain)</script>")' - 'contains(body_4, "Go to <script>alert(document.domain)</script>")'
condition: and condition: and

View File

@ -38,7 +38,7 @@ http:
- "status_code_1 == 200" - "status_code_1 == 200"
- "status_code_2 == 404" - "status_code_2 == 404"
- 'contains(body_1, "prestashop")' - 'contains(body_1, "prestashop")'
- "contains(tolower(all_headers_2), 'index.php?controller=404')" - "contains(tolower(header_2), 'index.php?controller=404')"
- "len(body_2) == 0" - "len(body_2) == 0"
condition: and condition: and

View File

@ -52,7 +52,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- contains(all_headers_4, "text/html") - contains(header_4, "text/html")
- status_code_4 == 200 - status_code_4 == 200
- contains(body_4, 'blockcountry_blockmessage\">test</textarea><script>alert(document.domain)</script>') - contains(body_4, 'blockcountry_blockmessage\">test</textarea><script>alert(document.domain)</script>')
- contains(body_4, '<h3>Block type</h3>') - contains(body_4, '<h3>Block type</h3>')

View File

@ -41,6 +41,6 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- "!contains(tolower(all_headers), 'x-xss-protection')" - "!contains(tolower(header), 'x-xss-protection')"
# Enhanced by mp on 2022/08/28 # Enhanced by mp on 2022/08/28

View File

@ -67,7 +67,7 @@ http:
dsl: dsl:
- 'contains(body_1, "Sign In")' - 'contains(body_1, "Sign In")'
- 'status_code_2 == 302' - 'status_code_2 == 302'
- 'contains(all_headers_2, "session=.")' - 'contains(header_2, "session=.")'
condition: and condition: and
- type: word - type: word

View File

@ -65,7 +65,7 @@ http:
dsl: dsl:
- "contains(body_4, '<p><script>alert(document.cookie)</script></p>')" - "contains(body_4, '<p><script>alert(document.cookie)</script></p>')"
- "contains(body_4, 'FlatPress')" - "contains(body_4, 'FlatPress')"
- "contains(all_headers_4, 'text/html')" - "contains(header_4, 'text/html')"
- "status_code_4 == 200" - "status_code_4 == 200"
condition: and condition: and

View File

@ -41,7 +41,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- 'contains(all_headers_1, "text/html")' - 'contains(header_1, "text/html")'
- 'status_code_1 == 200' - 'status_code_1 == 200'
- 'contains(body_1, "{\"status\":\"success\"}")' - 'contains(body_1, "{\"status\":\"success\"}")'
- 'contains(body_2, "Welcome to Simple Client")' - 'contains(body_2, "Welcome to Simple Client")'

View File

@ -50,7 +50,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- "contains(all_headers_3, 'text/html')" - "contains(header_3, 'text/html')"
- "status_code_3 == 200" - "status_code_3 == 200"
- 'contains(body_3, "Administrator\"><script>alert(document.domain)</script> Admin")' - 'contains(body_3, "Administrator\"><script>alert(document.domain)</script> Admin")'
condition: and condition: and

View File

@ -51,7 +51,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- "contains(all_headers_3, 'text/html')" - "contains(header_3, 'text/html')"
- "status_code_3 == 200" - "status_code_3 == 200"
- 'contains(body_3, "<td>\"><script>alert(document.domain)</script></td>")' - 'contains(body_3, "<td>\"><script>alert(document.domain)</script></td>")'
condition: and condition: and

View File

@ -51,7 +51,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- "contains(all_headers_3, 'text/html')" - "contains(header_3, 'text/html')"
- "status_code_3 == 200" - "status_code_3 == 200"
- 'contains(body_3, "<td>\"><script>alert(document.domain)</script></td>")' - 'contains(body_3, "<td>\"><script>alert(document.domain)</script></td>")'
condition: and condition: and

View File

@ -50,7 +50,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- "contains(all_headers_3, 'text/html')" - "contains(header_3, 'text/html')"
- "status_code_3 == 200" - "status_code_3 == 200"
- 'contains(body_3, "<td>\"><script>alert(document.domain)</script></td>")' - 'contains(body_3, "<td>\"><script>alert(document.domain)</script></td>")'
condition: and condition: and

View File

@ -51,7 +51,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- "contains(all_headers_3, 'text/html')" - "contains(header_3, 'text/html')"
- "status_code_3 == 200" - "status_code_3 == 200"
- 'contains(body_3, "<script>alert(document.domain)</script> Test</td>")' - 'contains(body_3, "<script>alert(document.domain)</script> Test</td>")'
condition: and condition: and

View File

@ -41,7 +41,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- 'status_code_2 == 200' - 'status_code_2 == 200'
- 'contains(all_headers_2, "text/html")' - 'contains(header_2, "text/html")'
- 'contains(body_2, "onanimationstart=alert(document.domain)")' - 'contains(body_2, "onanimationstart=alert(document.domain)")'
- 'contains(body_2, "newstatpress_page")' - 'contains(body_2, "newstatpress_page")'
condition: and condition: and

View File

@ -40,7 +40,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- "contains(all_headers_2, 'text/html')" - "contains(header_2, 'text/html')"
- "status_code_2 == 200" - "status_code_2 == 200"
- "contains(body_2, '<body onload=alert(document.domain)>') && contains(body_2, '/wp-content/plugins/')" - "contains(body_2, '<body onload=alert(document.domain)>') && contains(body_2, '/wp-content/plugins/')"
condition: and condition: and

View File

@ -54,7 +54,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- contains(body_4, 'placeholder=\"Developer IPs\" ></textarea><svg/onload=alert(document.domain)>') - contains(body_4, 'placeholder=\"Developer IPs\" ></textarea><svg/onload=alert(document.domain)>')
- contains(all_headers_4, "text/html") - contains(header_4, "text/html")
- status_code_4 == 200 - status_code_4 == 200
condition: and condition: and

View File

@ -46,7 +46,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- 'status_code_2 == 200' - 'status_code_2 == 200'
- 'contains(all_headers_2, "text/html")' - 'contains(header_2, "text/html")'
condition: and condition: and
# Enhanced by md on 2022/09/08 # Enhanced by md on 2022/09/08

View File

@ -48,7 +48,7 @@ http:
- contains(body_2,'QueryException') - contains(body_2,'QueryException')
- contains(body_2,'SQLSTATE') - contains(body_2,'SQLSTATE')
- contains(body_2,'runQueryCallback') - contains(body_2,'runQueryCallback')
- 'contains(all_headers_2,"text/html")' - 'contains(header_2,"text/html")'
- 'status_code_2==500' - 'status_code_2==500'
condition: and condition: and

View File

@ -53,7 +53,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- 'contains(body_3,"<img src=x onerror=alert(document.domain)></td>")' - 'contains(body_3,"<img src=x onerror=alert(document.domain)></td>")'
- 'contains(all_headers_3,"text/html")' - 'contains(header_3,"text/html")'
- 'status_code_2 == 200 && status_code_3 == 200' - 'status_code_2 == 200 && status_code_3 == 200'
condition: and condition: and

View File

@ -48,7 +48,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- 'contains(all_headers, "application/json")' - 'contains(header, "application/json")'
- "status_code == 200" - "status_code == 200"
- "contains(body_1, 'users_can_register')" - "contains(body_1, 'users_can_register')"
- "contains(body_2, 'default_role')" - "contains(body_2, 'default_role')"

View File

@ -55,7 +55,7 @@ http:
dsl: dsl:
- 'contains(body_2,"true")' - 'contains(body_2,"true")'
- contains(body_3,'\"><img src=\"x\" onerror=\"alert(document.domain);\">\" placeholder=\"Use default') - contains(body_3,'\"><img src=\"x\" onerror=\"alert(document.domain);\">\" placeholder=\"Use default')
- 'contains(all_headers_3,"text/html")' - 'contains(header_3,"text/html")'
- 'status_code_3==200' - 'status_code_3==200'
condition: and condition: and

View File

@ -53,7 +53,7 @@ http:
dsl: dsl:
- contains(body_3,'\"first_name\":\"{{payload}}\"') - contains(body_3,'\"first_name\":\"{{payload}}\"')
- 'status_code_3==200' - 'status_code_3==200'
- 'contains(all_headers_3,"application/json")' - 'contains(header_3,"application/json")'
condition: and condition: and
extractors: extractors:

View File

@ -43,7 +43,7 @@ http:
dsl: dsl:
- "contains(body_2, '<script>alert(document.domain)</script>')" - "contains(body_2, '<script>alert(document.domain)</script>')"
- "contains(body_2, 'advanced-booking-calendar')" - "contains(body_2, 'advanced-booking-calendar')"
- "contains(all_headers_2, 'text/html')" - "contains(header_2, 'text/html')"
- "status_code_2 == 200" - "status_code_2 == 200"
condition: and condition: and

View File

@ -39,7 +39,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- 'contains(all_headers_2, "text/html")' - 'contains(header_2, "text/html")'
- 'status_code_2 == 200' - 'status_code_2 == 200'
- contains(body_2, 'colspan=\"2\"><script>alert(document.domain)</script></th>') - contains(body_2, 'colspan=\"2\"><script>alert(document.domain)</script></th>')
condition: and condition: and

View File

@ -63,7 +63,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- contains(all_headers_3, "text/html") - contains(header_3, "text/html")
- status_code_3 == 200 - status_code_3 == 200
- contains(body_1, 'success\":true') - contains(body_1, 'success\":true')
- contains(body_3, 'e0d7fcf2c9f63143b6278a3e40f6bea9') - contains(body_3, 'e0d7fcf2c9f63143b6278a3e40f6bea9')

View File

@ -44,8 +44,8 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- 'contains(all_headers, "text/xml")' - 'contains(header, "text/xml")'
- 'contains(all_headers, "application/xml")' - 'contains(header, "application/xml")'
condition: or condition: or
- type: status - type: status

View File

@ -34,7 +34,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- 'status_code_2 == 200' - 'status_code_2 == 200'
- 'contains(all_headers_2, "text/html")' - 'contains(header_2, "text/html")'
- 'contains(body_2, "script%3Ealert%28document.domain%29%3C%2Fscript%3")' - 'contains(body_2, "script%3Ealert%28document.domain%29%3C%2Fscript%3")'
- 'contains(body_2, "Unyson")' - 'contains(body_2, "Unyson")'
condition: and condition: and

View File

@ -51,7 +51,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- "contains(tolower(body), 'administration')" # confirms 1st path - "contains(tolower(body), 'administration')" # confirms 1st path
- "contains(tolower(all_headers), 'content-type: image/png')" # confirms 2nd path - "contains(tolower(header), 'content-type: image/png')" # confirms 2nd path
condition: or condition: or
- type: word - type: word

View File

@ -42,6 +42,6 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- "contains(tolower(all_headers), 'location: zabbix.php?action=dashboard.view')" - "contains(tolower(header), 'location: zabbix.php?action=dashboard.view')"
# Enhanced by mp on 2022/03/08 # Enhanced by mp on 2022/03/08

View File

@ -45,7 +45,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- contains(all_headers_3, "text/html") - contains(header_3, "text/html")
- status_code_3 == 200 - status_code_3 == 200
- contains(body_3, '{\"new_value\":[\"XSSPAYLOAD<svg onload=alert(document.domain)>') - contains(body_3, '{\"new_value\":[\"XSSPAYLOAD<svg onload=alert(document.domain)>')
condition: and condition: and

View File

@ -35,7 +35,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- 'contains(to_lower(all_headers_1), "x-cmd-response:")' - 'contains(to_lower(header_1), "x-cmd-response:")'
- type: dsl - type: dsl
dsl: dsl:

View File

@ -48,7 +48,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- 'contains(all_headers_3, "text/html")' - 'contains(header_3, "text/html")'
- 'status_code_3 == 200' - 'status_code_3 == 200'
- contains(body_3, 'admin-name\">nuclei<script>alert(document.domain);</script>') - contains(body_3, 'admin-name\">nuclei<script>alert(document.domain);</script>')
condition: and condition: and

View File

@ -38,7 +38,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- 'status_code_2 == 200' - 'status_code_2 == 200'
- 'contains(all_headers_2, "text/html")' - 'contains(header_2, "text/html")'
- 'contains(body_2, "ee-simple-file-list")' - 'contains(body_2, "ee-simple-file-list")'
- 'contains(body_2, "onanimationstart=alert(document.domain)//")' - 'contains(body_2, "onanimationstart=alert(document.domain)//")'
condition: and condition: and

View File

@ -34,7 +34,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- duration>=7 - duration>=7
- contains(all_headers, "text/html") - contains(header, "text/html")
- status_code == 200 - status_code == 200
- contains(body, '{\"CardNo\":false') - contains(body, '{\"CardNo\":false')
condition: and condition: and

View File

@ -34,7 +34,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- 'contains(all_headers, "text/html")' - 'contains(header, "text/html")'
- 'status_code == 200' - 'status_code == 200'
- contains(body,'<script>alert(document.domain)</script><\"?cmd=') - contains(body,'<script>alert(document.domain)</script><\"?cmd=')
condition: and condition: and

View File

@ -52,7 +52,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- "contains(all_headers_4, 'text/html')" - "contains(header_4, 'text/html')"
- "status_code_4 == 200" - "status_code_4 == 200"
- 'contains(body_4, "value=\"\" autofocus onfocus=alert(document.domain)>")' - 'contains(body_4, "value=\"\" autofocus onfocus=alert(document.domain)>")'
- "contains(body_4, 'The amount of automatically')" - "contains(body_4, 'The amount of automatically')"

View File

@ -40,7 +40,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- 'contains(all_headers_2, "text/html")' - 'contains(header_2, "text/html")'
- 'status_code_2 == 200' - 'status_code_2 == 200'
- 'contains(body_2, "Extension Options")' - 'contains(body_2, "Extension Options")'
- 'contains(body_2, "<script>alert(document.domain)</script>&tab")' - 'contains(body_2, "<script>alert(document.domain)</script>&tab")'

View File

@ -41,7 +41,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- 'status_code_2 == 200' - 'status_code_2 == 200'
- 'contains(all_headers_2, "text/html")' - 'contains(header_2, "text/html")'
- 'contains(body_2, "><script>alert(document.domain)</script>")' - 'contains(body_2, "><script>alert(document.domain)</script>")'
- 'contains(body_2, "ere_property_gallery")' - 'contains(body_2, "ere_property_gallery")'
condition: and condition: and

View File

@ -77,7 +77,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- contains(all_headers_3, "text/html") - contains(header_3, "text/html")
- status_code_3 == 200 - status_code_3 == 200
- contains(body_3, 'e1bb1e04b786e90b07ebc4f7a2bff37d') - contains(body_3, 'e1bb1e04b786e90b07ebc4f7a2bff37d')
condition: and condition: and

View File

@ -53,7 +53,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- "status_code_5 == 200" - "status_code_5 == 200"
- "contains(all_headers_5, 'text/html')" - "contains(header_5, 'text/html')"
- 'contains(body_5, "<img src=\"x\" onerror=\"alert(document.domain)\" />")' - 'contains(body_5, "<img src=\"x\" onerror=\"alert(document.domain)\" />")'
- "contains(body_5, 'Backdrop CMS')" - "contains(body_5, 'Backdrop CMS')"
condition: and condition: and

View File

@ -41,7 +41,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- 'status_code_2 == 200' - 'status_code_2 == 200'
- 'contains(all_headers_2, "text/html")' - 'contains(header_2, "text/html")'
- 'contains(body_2, "<script>alert(`document.domain`)</script>")' - 'contains(body_2, "<script>alert(`document.domain`)</script>")'
- 'contains(body_2, "Post Status Notifier Lite")' - 'contains(body_2, "Post Status Notifier Lite")'
condition: and condition: and

View File

@ -42,7 +42,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- 'status_code_2 == 200' - 'status_code_2 == 200'
- 'contains(all_headers_2, "text/html")' - 'contains(header_2, "text/html")'
- 'contains(body_2, "/onmouseover=alert(document.domain)//")' - 'contains(body_2, "/onmouseover=alert(document.domain)//")'
- 'contains(body_2, "Watu Quizzes")' - 'contains(body_2, "Watu Quizzes")'
condition: and condition: and

View File

@ -42,7 +42,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- 'status_code_2 == 200' - 'status_code_2 == 200'
- 'contains(all_headers_2, "text/html")' - 'contains(header_2, "text/html")'
- 'contains(body_2, "/ onmouseover=alert(document.domain);//")' - 'contains(body_2, "/ onmouseover=alert(document.domain);//")'
- 'contains(body_2, "GN Publisher")' - 'contains(body_2, "GN Publisher")'
condition: and condition: and

View File

@ -29,6 +29,6 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- "status_code_1 == 200" - "status_code_1 == 200"
- "!regex('X-Frame-Options', all_headers)" - "!regex('X-Frame-Options', header)"
- "contains(body, 'BUM</b>Sys</a>')" - "contains(body, 'BUM</b>Sys</a>')"
condition: and condition: and

View File

@ -54,7 +54,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- 'contains(body_1, "Sign In - Airflow")' - 'contains(body_1, "Sign In - Airflow")'
- 'contains(all_headers_2, "session=.")' - 'contains(header_2, "session=.")'
- 'status_code_2 == 302' - 'status_code_2 == 302'
condition: and condition: and

View File

@ -52,7 +52,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- "status_code_1 == 302 && status_code_2 == 200" - "status_code_1 == 302 && status_code_2 == 200"
- "contains(tolower(all_headers_2), 'application/json')" - "contains(tolower(header_2), 'application/json')"
condition: and condition: and
# Enhanced by mp on 2022/03/22 # Enhanced by mp on 2022/03/22

View File

@ -60,8 +60,8 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- contains(tolower(body_1), 'welcome to hue') - contains(tolower(body_1), 'welcome to hue')
- contains(tolower(all_headers_2), 'csrftoken=') - contains(tolower(header_2), 'csrftoken=')
- contains(tolower(all_headers_2), 'sessionid=') - contains(tolower(header_2), 'sessionid=')
condition: and condition: and
- type: status - type: status

View File

@ -39,9 +39,9 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- contains(tolower(all_headers), 'text/html') - contains(tolower(header), 'text/html')
- contains(tolower(all_headers), 'phpsessid') - contains(tolower(header), 'phpsessid')
- contains(tolower(all_headers), 'showcameraid') - contains(tolower(header), 'showcameraid')
condition: and condition: and

View File

@ -48,9 +48,9 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- "!contains(tolower(all_headers), 'location: /login')" - "!contains(tolower(header), 'location: /login')"
- "contains(tolower(all_headers), 'location: /')" - "contains(tolower(header), 'location: /')"
- "contains(tolower(all_headers), 'gophish')" - "contains(tolower(header), 'gophish')"
- "status_code==302" - "status_code==302"
condition: and condition: and

View File

@ -38,8 +38,8 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- contains(tolower(all_headers), 'jupyterhub-session-id=') - contains(tolower(header), 'jupyterhub-session-id=')
- contains(tolower(all_headers), 'jupyterhub-hub-login=') - contains(tolower(header), 'jupyterhub-hub-login=')
condition: and condition: and
- type: status - type: status

View File

@ -36,8 +36,8 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- contains(tolower(all_headers), 'mantis_secure_session') - contains(tolower(header), 'mantis_secure_session')
- contains(tolower(all_headers), 'mantis_string_cookie') - contains(tolower(header), 'mantis_string_cookie')
condition: and condition: and
- type: status - type: status

View File

@ -46,7 +46,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- 'contains(all_headers_1, "/user/main/")' - 'contains(header_1, "/user/main/")'
- 'status_code_1 == 302' - 'status_code_1 == 302'
- 'status_code_2 == 200' - 'status_code_2 == 200'
- contains(body_2, "var loguser = \'ns25000") - contains(body_2, "var loguser = \'ns25000")

View File

@ -71,9 +71,9 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- contains(all_headers_2, "phpMyAdmin=") && contains(all_headers_2, "pmaUser-1=") - contains(header_2, "phpMyAdmin=") && contains(header_2, "pmaUser-1=")
- status_code_2 == 302 - status_code_2 == 302
- contains(all_headers_2, 'index.php?collation_connection=utf8mb4_unicode_ci') || contains(all_headers_2, '/index.php?route=/&route=%2F') - contains(header_2, 'index.php?collation_connection=utf8mb4_unicode_ci') || contains(header_2, '/index.php?route=/&route=%2F')
condition: and condition: and
# Enhanced by md on 2023/01/09 # Enhanced by md on 2023/01/09

View File

@ -43,7 +43,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- contains(tolower(all_headers), 'sdbsessionid') - contains(tolower(header), 'sdbsessionid')
- type: word - type: word
part: body part: body

View File

@ -43,14 +43,14 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- 'status_code_2 == 302' - 'status_code_2 == 302'
- "contains(tolower(all_headers_2), 'jsessionid')" - "contains(tolower(header_2), 'jsessionid')"
- "contains(tolower(all_headers_2), 'location: /versa/index.html')" - "contains(tolower(header_2), 'location: /versa/index.html')"
condition: and condition: and
- type: dsl - type: dsl
dsl: dsl:
- "contains(tolower(all_headers_2), '/login?error=true')" - "contains(tolower(header_2), '/login?error=true')"
- "contains(tolower(all_headers_2), '/login?tokenmissingerror=true')" - "contains(tolower(header_2), '/login?tokenmissingerror=true')"
negative: true negative: true
# Enhanced by mp on 2022/04/06 # Enhanced by mp on 2022/04/06

View File

@ -39,6 +39,6 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- "contains(tolower(all_headers), 'ms_session_id')" - "contains(tolower(header), 'ms_session_id')"
# Enhanced by md on 2022/11/28 # Enhanced by md on 2022/11/28

View File

@ -28,7 +28,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- "contains(tolower(all_headers), '/certsrv')" - "contains(tolower(header), '/certsrv')"
extractors: extractors:
- type: kval - type: kval

View File

@ -26,11 +26,11 @@ http:
- type: dsl - type: dsl
name: composer.lock name: composer.lock
dsl: dsl:
- "contains(body, 'packages') && contains(tolower(all_headers), 'application/octet-stream') && status_code == 200" - "contains(body, 'packages') && contains(tolower(header), 'application/octet-stream') && status_code == 200"
- type: dsl - type: dsl
name: composer.json name: composer.json
dsl: dsl:
- "contains(body, 'require') && contains(tolower(all_headers), 'application/json') && status_code == 200" - "contains(body, 'require') && contains(tolower(header), 'application/json') && status_code == 200"
# Enhanced by mp on 2023/02/05 # Enhanced by mp on 2023/02/05

View File

@ -28,7 +28,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- "contains(tolower(all_headers), 'content-type: application/javascript')" - "contains(tolower(header), 'content-type: application/javascript')"
- type: word - type: word
part: body part: body

View File

@ -34,7 +34,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- "contains(tolower(all_headers), 'application/yaml')" - "contains(tolower(header), 'application/yaml')"
- type: status - type: status
status: status:

View File

@ -72,7 +72,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- "contains(tolower(all_headers), 'www-authenticate: ntlm')" - "contains(tolower(header), 'www-authenticate: ntlm')"
- type: status - type: status
status: status:

View File

@ -22,76 +22,76 @@ http:
- type: dsl - type: dsl
name: strict-transport-security name: strict-transport-security
dsl: dsl:
- "!regex('(?i)strict-transport-security', all_headers)" - "!regex('(?i)strict-transport-security', header)"
- "status_code != 301 && status_code != 302" - "status_code != 301 && status_code != 302"
condition: and condition: and
- type: dsl - type: dsl
name: content-security-policy name: content-security-policy
dsl: dsl:
- "!regex('(?i)content-security-policy', all_headers)" - "!regex('(?i)content-security-policy', header)"
- "status_code != 301 && status_code != 302" - "status_code != 301 && status_code != 302"
condition: and condition: and
- type: dsl - type: dsl
name: permissions-policy name: permissions-policy
dsl: dsl:
- "!regex('(?i)permissions-policy', all_headers)" - "!regex('(?i)permissions-policy', header)"
- "status_code != 301 && status_code != 302" - "status_code != 301 && status_code != 302"
condition: and condition: and
- type: dsl - type: dsl
name: x-frame-options name: x-frame-options
dsl: dsl:
- "!regex('(?i)x-frame-options', all_headers)" - "!regex('(?i)x-frame-options', header)"
- "status_code != 301 && status_code != 302" - "status_code != 301 && status_code != 302"
condition: and condition: and
- type: dsl - type: dsl
name: x-content-type-options name: x-content-type-options
dsl: dsl:
- "!regex('(?i)x-content-type-options', all_headers)" - "!regex('(?i)x-content-type-options', header)"
- "status_code != 301 && status_code != 302" - "status_code != 301 && status_code != 302"
condition: and condition: and
- type: dsl - type: dsl
name: x-permitted-cross-domain-policies name: x-permitted-cross-domain-policies
dsl: dsl:
- "!regex('(?i)x-permitted-cross-domain-policies', all_headers)" - "!regex('(?i)x-permitted-cross-domain-policies', header)"
- "status_code != 301 && status_code != 302" - "status_code != 301 && status_code != 302"
condition: and condition: and
- type: dsl - type: dsl
name: referrer-policy name: referrer-policy
dsl: dsl:
- "!regex('(?i)referrer-policy', all_headers)" - "!regex('(?i)referrer-policy', header)"
- "status_code != 301 && status_code != 302" - "status_code != 301 && status_code != 302"
condition: and condition: and
- type: dsl - type: dsl
name: clear-site-data name: clear-site-data
dsl: dsl:
- "!regex('(?i)clear-site-data', all_headers)" - "!regex('(?i)clear-site-data', header)"
- "status_code != 301 && status_code != 302" - "status_code != 301 && status_code != 302"
condition: and condition: and
- type: dsl - type: dsl
name: cross-origin-embedder-policy name: cross-origin-embedder-policy
dsl: dsl:
- "!regex('(?i)cross-origin-embedder-policy', all_headers)" - "!regex('(?i)cross-origin-embedder-policy', header)"
- "status_code != 301 && status_code != 302" - "status_code != 301 && status_code != 302"
condition: and condition: and
- type: dsl - type: dsl
name: cross-origin-opener-policy name: cross-origin-opener-policy
dsl: dsl:
- "!regex('(?i)cross-origin-opener-policy', all_headers)" - "!regex('(?i)cross-origin-opener-policy', header)"
- "status_code != 301 && status_code != 302" - "status_code != 301 && status_code != 302"
condition: and condition: and
- type: dsl - type: dsl
name: cross-origin-resource-policy name: cross-origin-resource-policy
dsl: dsl:
- "!regex('(?i)cross-origin-resource-policy', all_headers)" - "!regex('(?i)cross-origin-resource-policy', header)"
- "status_code != 301 && status_code != 302" - "status_code != 301 && status_code != 302"
condition: and condition: and

View File

@ -27,7 +27,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- contains(tolower(all_headers), 'x-guploader-uploadid') - contains(tolower(header), 'x-guploader-uploadid')
negative: true negative: true
- type: word - type: word

View File

@ -22,7 +22,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- 'contains(tolower(all_headers), "tomcat")' - 'contains(tolower(header), "tomcat")'
- type: dsl - type: dsl
dsl: dsl:

View File

@ -17,13 +17,13 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- contains(tolower(all_headers), 'x-amz-bucket') - contains(tolower(header), 'x-amz-bucket')
- contains(tolower(all_headers), 'x-amz-request') - contains(tolower(header), 'x-amz-request')
- contains(tolower(all_headers), 'x-amz-id') - contains(tolower(header), 'x-amz-id')
- contains(tolower(all_headers), 'amazons3') - contains(tolower(header), 'amazons3')
condition: or condition: or
- type: dsl - type: dsl
dsl: dsl:
- contains(tolower(all_headers), 'x-guploader-uploadid') - contains(tolower(header), 'x-guploader-uploadid')
negative: true negative: true

View File

@ -18,7 +18,7 @@ http:
- type: dsl - type: dsl
condition: or condition: or
dsl: dsl:
- "contains(tolower(all_headers), 'x-cache: hit from cloudfront')" - "contains(tolower(header), 'x-cache: hit from cloudfront')"
- "contains(tolower(all_headers), 'x-cache: refreshhit from cloudfront')" - "contains(tolower(header), 'x-cache: refreshhit from cloudfront')"
- "contains(tolower(all_headers), 'x-cache: miss from cloudfront')" - "contains(tolower(header), 'x-cache: miss from cloudfront')"
- "contains(tolower(all_headers), 'x-cache: error from cloudfront')" - "contains(tolower(header), 'x-cache: error from cloudfront')"

View File

@ -27,4 +27,4 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- 'contains(all_headers, "X-Vcap-Request-Id:") || contains(all_headers, "X-Cf-Routererror:")' - 'contains(header, "X-Vcap-Request-Id:") || contains(header, "X-Cf-Routererror:")'

View File

@ -16,11 +16,11 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- contains(tolower(all_headers), 'x-goog-component-count') - contains(tolower(header), 'x-goog-component-count')
- contains(tolower(all_headers), 'x-goog-expiration') - contains(tolower(header), 'x-goog-expiration')
- contains(tolower(all_headers), 'x-goog-generation') - contains(tolower(header), 'x-goog-generation')
- contains(tolower(all_headers), 'x-goog-metageneration') - contains(tolower(header), 'x-goog-metageneration')
- contains(tolower(all_headers), 'x-goog-stored-content-encoding') - contains(tolower(header), 'x-goog-stored-content-encoding')
- contains(tolower(all_headers), 'x-goog-stored-content-length') - contains(tolower(header), 'x-goog-stored-content-length')
- contains(tolower(all_headers), 'x-guploader-uploadid') - contains(tolower(header), 'x-guploader-uploadid')
condition: or condition: or

View File

@ -26,7 +26,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- 'contains(tolower(all_headers), "x-magento")' - 'contains(tolower(header), "x-magento")'
- 'status_code == 200' - 'status_code == 200'
condition: and condition: and

View File

@ -28,7 +28,7 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- 'status_code == 200' - 'status_code == 200'
- 'contains(all_headers, "application/json")' - 'contains(header, "application/json")'
- 'contains(body, "OpenEthereum")' - 'contains(body, "OpenEthereum")'
condition: and condition: and

View File

@ -23,4 +23,4 @@ http:
- type: dsl - type: dsl
dsl: dsl:
- "contains(tolower(all_headers), 'x-spinnaker-priority')" - "contains(tolower(header), 'x-spinnaker-priority')"

View File

@ -39,6 +39,6 @@ http:
- type: dsl - type: dsl
name: arbitrary-origin name: arbitrary-origin
dsl: dsl:
- "contains(tolower(all_headers), 'access-control-allow-origin: {{cors_origin}}')" - "contains(tolower(header), 'access-control-allow-origin: {{cors_origin}}')"
- "contains(tolower(all_headers), 'access-control-allow-credentials: true')" - "contains(tolower(header), 'access-control-allow-credentials: true')"
condition: and condition: and

View File

@ -26,14 +26,14 @@ http:
- 'contains(body, "searchCriteria")' - 'contains(body, "searchCriteria")'
- 'contains(body, "parameters")' - 'contains(body, "parameters")'
- 'contains(body, "message")' - 'contains(body, "message")'
- 'contains(tolower(all_headers), "application/json")' - 'contains(tolower(header), "application/json")'
condition: and condition: and
- type: dsl - type: dsl
dsl: dsl:
- 'contains(body, "secure_base_link_url")' - 'contains(body, "secure_base_link_url")'
- 'contains(body, "timezone")' - 'contains(body, "timezone")'
- 'contains(tolower(all_headers), "application/json")' - 'contains(tolower(header), "application/json")'
- 'status_code == 200' - 'status_code == 200'
condition: and condition: and
@ -41,6 +41,6 @@ http:
dsl: dsl:
- 'contains(body, "name")' - 'contains(body, "name")'
- 'contains(body, "website_id")' - 'contains(body, "website_id")'
- 'contains(tolower(all_headers), "application/json")' - 'contains(tolower(header), "application/json")'
- 'status_code == 200' - 'status_code == 200'
condition: and condition: and

View File

@ -26,7 +26,7 @@ http:
- 'contains(body, "Magento")' - 'contains(body, "Magento")'
- 'contains(body, "replace xmlns:xsi=")' - 'contains(body, "replace xmlns:xsi=")'
- 'contains(body, "<field path=")' - 'contains(body, "<field path=")'
- 'contains(tolower(all_headers), "application/xml") || contains(tolower(all_headers), "application/octet-stream")' - 'contains(tolower(header), "application/xml") || contains(tolower(header), "application/octet-stream")'
- 'status_code == 200' - 'status_code == 200'
condition: and condition: and
@ -36,6 +36,6 @@ http:
- 'contains(body, "config xmlns:xsi")' - 'contains(body, "config xmlns:xsi")'
- 'contains(body, "<application>")' - 'contains(body, "<application>")'
- 'contains(body, "<install>")' - 'contains(body, "<install>")'
- 'contains(tolower(all_headers), "application/xml") || contains(tolower(all_headers), "application/octet-stream")' - 'contains(tolower(header), "application/xml") || contains(tolower(header), "application/octet-stream")'
- 'status_code == 200' - 'status_code == 200'
condition: and condition: and

View File

@ -40,7 +40,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- 'contains(all_headers_2, "text/html")' - 'contains(header_2, "text/html")'
- "status_code_2 == 200" - "status_code_2 == 200"
- contains(body_2, 'Result against \"<script>alert(document.domain)</script>\" keyword') - contains(body_2, 'Result against \"<script>alert(document.domain)</script>\" keyword')
condition: and condition: and

View File

@ -40,7 +40,7 @@ http:
matchers: matchers:
- type: dsl - type: dsl
dsl: dsl:
- 'contains(all_headers_2, "text/html")' - 'contains(header_2, "text/html")'
- "status_code_2 == 200" - "status_code_2 == 200"
- contains(body_2, 'Result against \"<script>alert(document.domain)</script>\" keyword') - contains(body_2, 'Result against \"<script>alert(document.domain)</script>\" keyword')
condition: and condition: and

Some files were not shown because too many files have changed in this diff Show More