Merge branch 'main' into patch-11

2024-03-12 10:54:39 +05:30 · 2024-03-12 10:54:39 +05:30 · cf1b4888fe
parent e21be5d50a a297d1ccab
commit cf1b4888fe
8 changed files with 99 additions and 311 deletions
--- a/.github/workflows/templates-sync.yml
+++ b/.github/workflows/templates-sync.yml
@ -3,132 +3,6 @@ on:
  push:
    paths:
    - '.new-additions'
-    - 'http/cves/2023/CVE-2023-43187.yaml'
-    - 'http/cves/2023/CVE-2023-5089.yaml'
-    - 'http/exposed-panels/atlassian-bamboo-panel.yaml'
-    - 'http/exposed-panels/cleanweb-panel.yaml'
-    - 'http/exposed-panels/eset-protect-panel.yaml'
-    - 'http/exposed-panels/graylog-panel.yaml'
-    - 'http/exposed-panels/lockself-panel.yaml'
-    - 'http/exposed-panels/moodle-workplace-panel.yaml'
-    - 'http/exposed-panels/nexus-panel.yaml'
-    - 'http/exposed-panels/pahtool-panel.yaml'
-    - 'http/osint/phishing/1password-phish.yaml'
-    - 'http/osint/phishing/adobe-phish.yaml'
-    - 'http/osint/phishing/aliexpress-phish.yaml'
-    - 'http/osint/phishing/amazon-phish.yaml'
-    - 'http/osint/phishing/amazon-web-services-phish.yaml'
-    - 'http/osint/phishing/american-express-phish.yaml'
-    - 'http/osint/phishing/anydesk-phish.yaml'
-    - 'http/osint/phishing/avast-phish.yaml'
-    - 'http/osint/phishing/avg-phish.yaml'
-    - 'http/osint/phishing/bank-of-america-phish.yaml'
-    - 'http/osint/phishing/battlenet-phish.yaml'
-    - 'http/osint/phishing/bestbuy-phish.yaml'
-    - 'http/osint/phishing/bitdefender-phish.yaml'
-    - 'http/osint/phishing/bitwarden-phish.yaml'
-    - 'http/osint/phishing/blender-phish.yaml'
-    - 'http/osint/phishing/booking-phish.yaml'
-    - 'http/osint/phishing/box-storage-phish.yaml'
-    - 'http/osint/phishing/brave-phish.yaml'
-    - 'http/osint/phishing/brighthr-phish.yaml'
-    - 'http/osint/phishing/ccleaner-phish.yaml'
-    - 'http/osint/phishing/chase-phish.yaml'
-    - 'http/osint/phishing/chrome-phish.yaml'
-    - 'http/osint/phishing/costa-phish.yaml'
-    - 'http/osint/phishing/dashlane-phish.yaml'
-    - 'http/osint/phishing/deezer-phish.yaml'
-    - 'http/osint/phishing/deliveroo-phish.yaml'
-    - 'http/osint/phishing/digital-ocean-phish.yaml'
-    - 'http/osint/phishing/discord-phish.yaml'
-    - 'http/osint/phishing/disneyplus-phish.yaml'
-    - 'http/osint/phishing/dropbox-phish.yaml'
-    - 'http/osint/phishing/duckduckgo-phish.yaml'
-    - 'http/osint/phishing/ebay-phish.yaml'
-    - 'http/osint/phishing/edge-phish.yaml'
-    - 'http/osint/phishing/ee-mobile-phish.yaml'
-    - 'http/osint/phishing/eset-phish.yaml'
-    - 'http/osint/phishing/evernote-phish.yaml'
-    - 'http/osint/phishing/facebook-phish.yaml'
-    - 'http/osint/phishing/figma-phish.yaml'
-    - 'http/osint/phishing/filezilla-phish.yaml'
-    - 'http/osint/phishing/firefox-phish.yaml'
-    - 'http/osint/phishing/gimp-phish.yaml'
-    - 'http/osint/phishing/github-phish.yaml'
-    - 'http/osint/phishing/google-phish.yaml'
-    - 'http/osint/phishing/icloud-phish.yaml'
-    - 'http/osint/phishing/instagram-phish.yaml'
-    - 'http/osint/phishing/kaspersky-phish.yaml'
-    - 'http/osint/phishing/kayak-phish.yaml'
-    - 'http/osint/phishing/keepass-phish.yaml'
-    - 'http/osint/phishing/keepersecurity-phish.yaml'
-    - 'http/osint/phishing/keybase-phish.yaml'
-    - 'http/osint/phishing/lastpass-phish.yaml'
-    - 'http/osint/phishing/libre-office-phish.yaml'
-    - 'http/osint/phishing/linkedin-phish.yaml'
-    - 'http/osint/phishing/malwarebytes-phish.yaml'
-    - 'http/osint/phishing/mcafee-phish.yaml'
-    - 'http/osint/phishing/mega-phish.yaml'
-    - 'http/osint/phishing/messenger-phish.yaml'
-    - 'http/osint/phishing/microcenter-phish.yaml'
-    - 'http/osint/phishing/microsoft-phish.yaml'
-    - 'http/osint/phishing/microsoft-teams-phish.yaml'
-    - 'http/osint/phishing/netflix-phish.yaml'
-    - 'http/osint/phishing/nordpass-phish.yaml'
-    - 'http/osint/phishing/norton-phish.yaml'
-    - 'http/osint/phishing/notion-phish.yaml'
-    - 'http/osint/phishing/o2-mobile-phish.yaml'
-    - 'http/osint/phishing/openai-phish.yaml'
-    - 'http/osint/phishing/opera-phish.yaml'
-    - 'http/osint/phishing/paramountplus-phish.yaml'
-    - 'http/osint/phishing/paypal-phish.yaml'
-    - 'http/osint/phishing/pcloud-phish.yaml'
-    - 'http/osint/phishing/pintrest-phish.yaml'
-    - 'http/osint/phishing/plusnet-phish.yaml'
-    - 'http/osint/phishing/proton-phish.yaml'
-    - 'http/osint/phishing/putty-phish.yaml'
-    - 'http/osint/phishing/python-phish.yaml'
-    - 'http/osint/phishing/quora-phish.yaml'
-    - 'http/osint/phishing/reddit-phish.yaml'
-    - 'http/osint/phishing/roblox-phish.yaml'
-    - 'http/osint/phishing/roboform-phish.yaml'
-    - 'http/osint/phishing/royal-mail-phish.yaml'
-    - 'http/osint/phishing/samsung-phish.yaml'
-    - 'http/osint/phishing/signal-phish.yaml'
-    - 'http/osint/phishing/sky-phish.yaml'
-    - 'http/osint/phishing/skype-phish.yaml'
-    - 'http/osint/phishing/skyscanner-phish.yaml'
-    - 'http/osint/phishing/slack-phish.yaml'
-    - 'http/osint/phishing/sophos-phish.yaml'
-    - 'http/osint/phishing/spotify-phish.yaml'
-    - 'http/osint/phishing/steam-phish.yaml'
-    - 'http/osint/phishing/sync-storage-phish.yaml'
-    - 'http/osint/phishing/target-phish.yaml'
-    - 'http/osint/phishing/teamviewer-phish.yaml'
-    - 'http/osint/phishing/telegram-phish.yaml'
-    - 'http/osint/phishing/three-mobile-phish.yaml'
-    - 'http/osint/phishing/thunderbird-phish.yaml'
-    - 'http/osint/phishing/ticketmaster-phish.yaml'
-    - 'http/osint/phishing/tiktok-phish.yaml'
-    - 'http/osint/phishing/trading212-phish.yaml'
-    - 'http/osint/phishing/trend-micro-phish.yaml'
-    - 'http/osint/phishing/trip-phish.yaml'
-    - 'http/osint/phishing/twitch-phish.yaml'
-    - 'http/osint/phishing/uber-phish.yaml'
-    - 'http/osint/phishing/visual-studio-code-phish.yaml'
-    - 'http/osint/phishing/vlc-player-phish.yaml'
-    - 'http/osint/phishing/vodafone-phish.yaml'
-    - 'http/osint/phishing/vultr-phish.yaml'
-    - 'http/osint/phishing/walmart-phish.yaml'
-    - 'http/osint/phishing/wetransfer-phish.yaml'
-    - 'http/osint/phishing/whatsapp-phish.yaml'
-    - 'http/osint/phishing/wikipedia-phish.yaml'
-    - 'http/osint/phishing/winscp-phish.yaml'
-    - 'http/osint/phishing/yahoo-phish.yaml'
-    - 'http/osint/phishing/zoom-phish.yaml'
-    - 'http/technologies/admiralcloud-detect.yaml'
-    - 'http/technologies/hcpanywhere-detect.yaml'
-    - 'http/vulnerabilities/chanjet-tplus/chanjet-tplus-unauth-passreset.yaml'
  workflow_dispatch:
 jobs:
  triggerRemoteWorkflow:
--- a/.new-additions
+++ b/.new-additions
@ -1,126 +0,0 @@
-http/cves/2023/CVE-2023-43187.yaml
-http/cves/2023/CVE-2023-5089.yaml
-http/exposed-panels/atlassian-bamboo-panel.yaml
-http/exposed-panels/cleanweb-panel.yaml
-http/exposed-panels/eset-protect-panel.yaml
-http/exposed-panels/graylog-panel.yaml
-http/exposed-panels/lockself-panel.yaml
-http/exposed-panels/moodle-workplace-panel.yaml
-http/exposed-panels/nexus-panel.yaml
-http/exposed-panels/pahtool-panel.yaml
-http/osint/phishing/1password-phish.yaml
-http/osint/phishing/adobe-phish.yaml
-http/osint/phishing/aliexpress-phish.yaml
-http/osint/phishing/amazon-phish.yaml
-http/osint/phishing/amazon-web-services-phish.yaml
-http/osint/phishing/american-express-phish.yaml
-http/osint/phishing/anydesk-phish.yaml
-http/osint/phishing/avast-phish.yaml
-http/osint/phishing/avg-phish.yaml
-http/osint/phishing/bank-of-america-phish.yaml
-http/osint/phishing/battlenet-phish.yaml
-http/osint/phishing/bestbuy-phish.yaml
-http/osint/phishing/bitdefender-phish.yaml
-http/osint/phishing/bitwarden-phish.yaml
-http/osint/phishing/blender-phish.yaml
-http/osint/phishing/booking-phish.yaml
-http/osint/phishing/box-storage-phish.yaml
-http/osint/phishing/brave-phish.yaml
-http/osint/phishing/brighthr-phish.yaml
-http/osint/phishing/ccleaner-phish.yaml
-http/osint/phishing/chase-phish.yaml
-http/osint/phishing/chrome-phish.yaml
-http/osint/phishing/costa-phish.yaml
-http/osint/phishing/dashlane-phish.yaml
-http/osint/phishing/deezer-phish.yaml
-http/osint/phishing/deliveroo-phish.yaml
-http/osint/phishing/digital-ocean-phish.yaml
-http/osint/phishing/discord-phish.yaml
-http/osint/phishing/disneyplus-phish.yaml
-http/osint/phishing/dropbox-phish.yaml
-http/osint/phishing/duckduckgo-phish.yaml
-http/osint/phishing/ebay-phish.yaml
-http/osint/phishing/edge-phish.yaml
-http/osint/phishing/ee-mobile-phish.yaml
-http/osint/phishing/eset-phish.yaml
-http/osint/phishing/evernote-phish.yaml
-http/osint/phishing/facebook-phish.yaml
-http/osint/phishing/figma-phish.yaml
-http/osint/phishing/filezilla-phish.yaml
-http/osint/phishing/firefox-phish.yaml
-http/osint/phishing/gimp-phish.yaml
-http/osint/phishing/github-phish.yaml
-http/osint/phishing/google-phish.yaml
-http/osint/phishing/icloud-phish.yaml
-http/osint/phishing/instagram-phish.yaml
-http/osint/phishing/kaspersky-phish.yaml
-http/osint/phishing/kayak-phish.yaml
-http/osint/phishing/keepass-phish.yaml
-http/osint/phishing/keepersecurity-phish.yaml
-http/osint/phishing/keybase-phish.yaml
-http/osint/phishing/lastpass-phish.yaml
-http/osint/phishing/libre-office-phish.yaml
-http/osint/phishing/linkedin-phish.yaml
-http/osint/phishing/malwarebytes-phish.yaml
-http/osint/phishing/mcafee-phish.yaml
-http/osint/phishing/mega-phish.yaml
-http/osint/phishing/messenger-phish.yaml
-http/osint/phishing/microcenter-phish.yaml
-http/osint/phishing/microsoft-phish.yaml
-http/osint/phishing/microsoft-teams-phish.yaml
-http/osint/phishing/netflix-phish.yaml
-http/osint/phishing/nordpass-phish.yaml
-http/osint/phishing/norton-phish.yaml
-http/osint/phishing/notion-phish.yaml
-http/osint/phishing/o2-mobile-phish.yaml
-http/osint/phishing/openai-phish.yaml
-http/osint/phishing/opera-phish.yaml
-http/osint/phishing/paramountplus-phish.yaml
-http/osint/phishing/paypal-phish.yaml
-http/osint/phishing/pcloud-phish.yaml
-http/osint/phishing/pintrest-phish.yaml
-http/osint/phishing/plusnet-phish.yaml
-http/osint/phishing/proton-phish.yaml
-http/osint/phishing/putty-phish.yaml
-http/osint/phishing/python-phish.yaml
-http/osint/phishing/quora-phish.yaml
-http/osint/phishing/reddit-phish.yaml
-http/osint/phishing/roblox-phish.yaml
-http/osint/phishing/roboform-phish.yaml
-http/osint/phishing/royal-mail-phish.yaml
-http/osint/phishing/samsung-phish.yaml
-http/osint/phishing/signal-phish.yaml
-http/osint/phishing/sky-phish.yaml
-http/osint/phishing/skype-phish.yaml
-http/osint/phishing/skyscanner-phish.yaml
-http/osint/phishing/slack-phish.yaml
-http/osint/phishing/sophos-phish.yaml
-http/osint/phishing/spotify-phish.yaml
-http/osint/phishing/steam-phish.yaml
-http/osint/phishing/sync-storage-phish.yaml
-http/osint/phishing/target-phish.yaml
-http/osint/phishing/teamviewer-phish.yaml
-http/osint/phishing/telegram-phish.yaml
-http/osint/phishing/three-mobile-phish.yaml
-http/osint/phishing/thunderbird-phish.yaml
-http/osint/phishing/ticketmaster-phish.yaml
-http/osint/phishing/tiktok-phish.yaml
-http/osint/phishing/trading212-phish.yaml
-http/osint/phishing/trend-micro-phish.yaml
-http/osint/phishing/trip-phish.yaml
-http/osint/phishing/twitch-phish.yaml
-http/osint/phishing/uber-phish.yaml
-http/osint/phishing/visual-studio-code-phish.yaml
-http/osint/phishing/vlc-player-phish.yaml
-http/osint/phishing/vodafone-phish.yaml
-http/osint/phishing/vultr-phish.yaml
-http/osint/phishing/walmart-phish.yaml
-http/osint/phishing/wetransfer-phish.yaml
-http/osint/phishing/whatsapp-phish.yaml
-http/osint/phishing/wikipedia-phish.yaml
-http/osint/phishing/winscp-phish.yaml
-http/osint/phishing/yahoo-phish.yaml
-http/osint/phishing/zoom-phish.yaml
-http/technologies/admiralcloud-detect.yaml
-http/technologies/hcpanywhere-detect.yaml
-http/vulnerabilities/chanjet-tplus/chanjet-tplus-unauth-passreset.yaml
--- a/http/cves/2021/CVE-2021-40438.yaml
+++ b/http/cves/2021/CVE-2021-40438.yaml
@ -1,7 +1,7 @@
 id: CVE-2021-40438

 info:
-  name: Apache <= 2.4.48 - Mod_Proxy SSRF
+  name: Apache <= 2.4.48 Mod_Proxy - Server-Side Request Forgery
  author: pdteam
  severity: critical
  description: Apache 2.4.48 and below contain an issue where uri-path can cause mod_proxy to forward the request to an origin server chosen by the remote user.
@ -21,7 +21,8 @@ info:
    epss-percentile: 0.99749
    cpe: cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
  metadata:
-    max-request: 2
+    max-request: 1
+    verified: true
    vendor: apache
    product: http_server
  tags: cve2021,cve,ssrf,apache,mod-proxy,kev
@ -29,15 +30,15 @@ info:
 http:
  - method: GET
    path:
-      - '{{BaseURL}}/?unix:{{repeat("A", 7701)}}|http://{{randbase(5)}}.com/'
-      - '{{BaseURL}}/?unix:{{repeat("A", 7701)}}|http://oast.pro/'
+      - '{{BaseURL}}/?unix:{{repeat("A", 7701)}}|http://{{interactsh-url}}/'

    host-redirects: true
    max-redirects: 2
+
    matchers:
      - type: dsl
        dsl:
-          - "!contains(body_1, '<h1> Interactsh Server </h1>')"
-          - "contains(body_2, '<h1> Interactsh Server </h1>')"
+          - 'contains_all(header, "X-Interactsh-Version", "Server: oast")'
+          - "!contains(body, '<h1> Interactsh Server </h1>')"
        condition: and
-# digest: 4a0a00473045022054595b49ba72d99512a0d6ea2cb09a8a9b17077a63d51b94d79025a970c5e470022100b3a313e154e44c770642e0e8874fb62257de71ab53059714c607ec9d2c13a4ed:922c64590222798bb761d5b6d8e72950
+# digest: 490a00463044022006019f94aefd8ab11c70d394878799e9711fdf01b85a053e610d26458528c526022051505822e5fc71199ac5b0c5d98893e1834e939bb1b46a0063ad171a68f2ec0c:922c64590222798bb761d5b6d8e72950
--- a/http/osint/README.md
+++ b/http/osint/README.md
@ -1,47 +1,16 @@
 ## Description

-OSINT templates are available for conducting user enumeration across many websites. By utilizing the flag to input a user, Nuclei can verify the user's existence across all websites listed in the templates and report any instances of success.
+Nuclei-templates provide a comprehensive suite of security checks, including OSINT templates in this directory for user-enumeration and phishing templates for the identification and analysis of phishing sites. 
+
+The **User Enumeration templates** are tailored for user enumeration across various websites, allowing Nuclei to verify user existence. They expect input such as username, email, or phone number through the `V`/`var` flag.
+
+The **Phishing templates** are crafted for detecting and analyzing phishing sites. These templates are essential for OSINT analysts, threat researchers, and security professionals to uncover and study phishing campaigns. 

 ## Usage

-The templates within the `osint` directory are **self-contained** and do NOT require URLs as input because the OSINT templates have pre-defined static URLs. Each template in this directory expects the user(name), email, or phone number or list of it to be supplied as input using the `V`/`var` flag through the Nuclei engine.
-
-```bash
-# Running OSINT templates against a single user to test
-nuclei -tags osint -var user=elon
-```
-
-**OSINT** templates can be also ran against list of usernames as well.
+These templates are specifically added to help OSINT analysts, threat researchers therefore, we have added them to the OSINT scan profile [here](https://github.com/projectdiscovery/nuclei-templates/blob/main/config/osint.yml). 
+Users can execute the OSINT scan configuration profile with the following command:

 ```console
-$ cat user_names.txt
-
-user_1
-user_2
-user_3
-user_4
-user_5
+nuclei -u <host> -config ~/nuclei-templates/config/osint.yml
 ```
-
-```bash
-# Running OSINT templates against a list of users to test
-nuclei -tags osint -var user=user_names.txt
-```
-
-### Categories
-
-The OSINT templates are classified into categories such as `archived`, `art`, `blog`, `business`, `coding`, `dating`, `finance`, `gaming`, `health`, `hobby`, `images`, `misc`, `music`, `news`, `political`, `search`, `shopping`, `social`, `tech`, `video`, `porn`.
-
-To execute OSINT templates within a particular category, you can apply a filter using the `tags` flag and set the prefix value to `osint-`.
-
-```bash
-# Running OSINT templates against the social category
-nuclei -t osint/ -tags osint-social -var user=some-user
-
-# Running OSINT templates against the multiple categories
-nuclei -t osint/ -tags osint-social,osint-finance -var user=some-user
-```
-
-## Acknowledgment
-
-These OSINT templates were inspired by the [WebBreacher/WhatsMyName](https://github.com/WebBreacher/WhatsMyName) repository.
--- a/http/osint/phishing/README.md
+++ b/http/osint/phishing/README.md
@ -0,0 +1,21 @@
+## Description
+
+This directory contains a collection of templates designed for the identification and analysis of phishing sites. These templates are specifically created to help OSINT analysts, threat researchers, and security professionals in discovering and studying phishing campaigns. 
+
+## Usage
+
+The phishing templates are designed for targeted use and are not included in Nuclei's default scans. To incorporate these templates into your scan, you can specify them using the `-itags` flags as follows:
+
+```console
+nuclei -u <host> -tags phishing -itags phishing
+```
+
+For users interested in comprehensive Open Source Intelligence (OSINT) gathering, these phishing templates have been integrated into the OSINT scan profile. This enables a more detailed and focused analysis as part of broader security research efforts or investigative journalism. 
+To execute the OSINT scan configuration profile, which includes phishing checks among other templates, use the following command:
+
+```console
+# Execute the OSINT scan configuration profile
+nuclei -u <host> -config ~/nuclei-templates/config/osint.yml
+```
+
+The integration of phishing templates into the OSINT scan profile allows for a more nuanced and in-depth approach to security research, aiding in the detection of emerging threats and the analysis of ongoing phishing campaigns.
--- a/http/osint/user-enumeration/README.md
+++ b/http/osint/user-enumeration/README.md
@ -0,0 +1,47 @@
+## Description
+
+OSINT templates are available for conducting user enumeration across many websites. By utilizing the flag to input a user, Nuclei can verify the user's existence across all websites listed in the templates and report any instances of success.
+
+## Usage
+
+The templates within the `u` directory are **self-contained** and do NOT require URLs as input because the OSINT templates have pre-defined static URLs. Each template in this directory expects the user(name), email, or phone number or list of it to be supplied as input using the `V`/`var` flag through the Nuclei engine.
+
+```bash
+# Running OSINT templates against a single user to test
+nuclei -tags osint -var user=elon
+```
+
+**OSINT** templates can be also ran against list of usernames as well.
+
+```console
+$ cat user_names.txt
+
+user_1
+user_2
+user_3
+user_4
+user_5
+```
+
+```bash
+# Running OSINT templates against a list of users to test
+nuclei -tags osint -var user=user_names.txt
+```
+
+### Categories
+
+The OSINT templates are classified into categories such as `archived`, `art`, `blog`, `business`, `coding`, `dating`, `finance`, `gaming`, `health`, `hobby`, `images`, `misc`, `music`, `news`, `political`, `search`, `shopping`, `social`, `tech`, `video`, `porn`.
+
+To execute OSINT templates within a particular category, you can apply a filter using the `tags` flag and set the prefix value to `osint-`.
+
+```bash
+# Running OSINT templates against the social category
+nuclei -t osint/ -tags osint-social -var user=some-user
+
+# Running OSINT templates against the multiple categories
+nuclei -t osint/ -tags osint-social,osint-finance -var user=some-user
+```
+
+## Acknowledgment
+
+These OSINT templates were inspired by the [WebBreacher/WhatsMyName](https://github.com/WebBreacher/WhatsMyName) repository.
--- a/network/default-login/ldap-anonymous-login.yaml
+++ b/network/default-login/ldap-anonymous-login.yaml
@ -6,8 +6,8 @@ info:
  severity: medium
  description: The remote LDAP server allows anonymous access
  reference:
-    - https://www.tenable.com/plugins/nessus/10723
    - https://ldap.com/ldapv3-wire-protocol-reference-bind
+    - https://www.mowasay.com/2016/01/windows-how-do-i-disable-or-enable-anonymous-ldap-binds-to-windows-server-2008-r2-active-directory-ad/
  remediation: Configure the service to disallow NULL BINDs.
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
@ -31,4 +31,4 @@ tcp:
      - type: binary
        binary:
          - "300c02010161070a010004000400"
-# digest: 490a00463044022065fc3ae9655bd3fa9809177c5dc532f001ee07cb1803042704aeaafe3b25d23d02207980ab027262f50593e10342470ce0c7970eae6361ea8eb942ce1ed81793a9cf:922c64590222798bb761d5b6d8e72950
+# digest: 490a00463044022065fc3ae9655bd3fa9809177c5dc532f001ee07cb1803042704aeaafe3b25d23d02207980ab027262f50593e10342470ce0c7970eae6361ea8eb942ce1ed81793a9cf:922c64590222798bb761d5b6d8e72950
--- a/templates-checksum.txt
+++ b/templates-checksum.txt
@ -2,11 +2,11 @@ CODE_OF_CONDUCT.md:5c581b341cecd31ea4a275098ec84be9951f1593
 CONTRIBUTING.md:a280fa8badd8622a481e1bb7f492dd82ac05ea71
 LICENSE.md:48790f08ca6757688e2f5f3f4b017a073b3e20df
 PULL_REQUEST_TEMPLATE.md:c8aba78d67442f639483a10fa74681dea94faeb7
-README.md:306b9ac077125f906c7039f93d8e65d18239e097
+README.md:2fa2d5fc4fd78ee8f301250b469b893000f13e0d
 README_KR.md:174470dbc5c69e81f83ff816655a52cc8c5d7f26
-TEMPLATES-STATS.json:2cd169fe837a17dd06e3267a40a79273cadc3592
-TEMPLATES-STATS.md:b6ace1f2515d335bd5993d9925d9a5a196b3a032
-TOP-10.md:1cdee6ce91f828de5c05d58ac5fb3546569332f1
+TEMPLATES-STATS.json:cdeb387fcb0af7a73ae3645c34c7ba2e8445fa94
+TEMPLATES-STATS.md:5032eec54be42d33c417c9e9ec628ec04e618125
+TOP-10.md:06a54531fef2bfc5ec2fa38485a3e30c247a3132
 cloud/enum/aws-app-enum.yaml:26d0dcf57c7ba8003940ed1d53a62971564b2018
 cloud/enum/aws-s3-bucket-enum.yaml:0d101b898bbaebceea4020963d11829f8167029f
 cloud/enum/azure-db-enum.yaml:3d29a3c86288356d862922ef0527de99187bf734
@ -1471,7 +1471,7 @@ http/cves/2019/CVE-2019-16932.yaml:182fef4932dc7931c45cd3d7aebdaeef9ded81e8
 http/cves/2019/CVE-2019-16996.yaml:ad524a9c60b54d610e8c55acaa46e4958a9b8dce
 http/cves/2019/CVE-2019-16997.yaml:e103b4c103866170ecfaef2fcf0e2cf88609b940
 http/cves/2019/CVE-2019-17270.yaml:8f282f5849f13dda11bbb8837079bb223d9687fb
-http/cves/2019/CVE-2019-17382.yaml:0eb6ef98df75f2f358c2792353e2d1a643edd103
+http/cves/2019/CVE-2019-17382.yaml:8b758f47cbcdde1a0409b679b261ccf5fcbd7d50
 http/cves/2019/CVE-2019-17418.yaml:dbeea758a5b8de4c18d2d8790798711113d69195
 http/cves/2019/CVE-2019-17444.yaml:7b94376c34d962236141cba63543376257005654
 http/cves/2019/CVE-2019-17503.yaml:6701aacab1ee79d24acd3cbd1497fb50399ad671
@ -2146,7 +2146,7 @@ http/cves/2021/CVE-2021-39501.yaml:6588b6e6aca89c8ed1aab09bec39a0368a924357
 http/cves/2021/CVE-2021-40149.yaml:5b59ccd310b3978f78f57677d1846d2d2333e67c
 http/cves/2021/CVE-2021-40150.yaml:c1a08ac6f5dec1dd86448a20e2fdef4f7276013f
 http/cves/2021/CVE-2021-40323.yaml:f3f0c3eea48bcd931ae02d342124777ec76ee56c
-http/cves/2021/CVE-2021-40438.yaml:f1b6c45033ed7d755af7555aae255fb42124eff7
+http/cves/2021/CVE-2021-40438.yaml:65cd6125186d9686d40d43ebb7f99e818432ece2
 http/cves/2021/CVE-2021-40539.yaml:7985657b3ac67432a5b8679eadef1709d45bbc77
 http/cves/2021/CVE-2021-40542.yaml:4262ce96a0d10b4f084d0b8d8df3cdf75b1e6ad0
 http/cves/2021/CVE-2021-40651.yaml:c907b7e75f51f1502ad937e9409cbbace292de61
@ -2794,7 +2794,7 @@ http/cves/2023/CVE-2023-24278.yaml:e397c7d647c7517b78e44dbc79c8fcbc80480623
 http/cves/2023/CVE-2023-24322.yaml:c4b5cc0d4d70fa16682f706a954b95c84e0e7896
 http/cves/2023/CVE-2023-24367.yaml:dab63258fffca6b44d754ede551d56eea925a477
 http/cves/2023/CVE-2023-24488.yaml:8a381e70fd0643ed5d1371edb70b40e25e9b5ff8
-http/cves/2023/CVE-2023-24489.yaml:4892200d725b4838344307e55fde2850bac76d78
+http/cves/2023/CVE-2023-24489.yaml:c8aa249866735b4ad90a721d721d9e9426628ad8
 http/cves/2023/CVE-2023-24657.yaml:1efdbfecef2aacf600fb007989d4efc6aa9d7fbe
 http/cves/2023/CVE-2023-24733.yaml:f1b740ac9ba1fc859deb3c69798e1bc3d302ed4e
 http/cves/2023/CVE-2023-24735.yaml:e38322978b1598d32056adb11572c6c401107c40
@ -4797,7 +4797,7 @@ http/fuzzing/valid-gmail-check.yaml:5322234e7caccea4fe57c3ec8ea7e5b6b91317e6
 http/fuzzing/waf-fuzz.yaml:6b9237448f006d60291634510ac4d910fb73ca0c
 http/fuzzing/wordpress-plugins-detect.yaml:3bb133a2a5af6333133a4d1afc69b7253325e071
 http/fuzzing/wordpress-themes-detect.yaml:81452a0c2201364547a722b3268c3cc9be19fbad
-http/fuzzing/wordpress-weak-credentials.yaml:f74c682bdb6b26b4e3fded2dd9690d55caffd236
+http/fuzzing/wordpress-weak-credentials.yaml:3688f4121a6862a3ec2177a0c28c6f0aaea1cfe8
 http/fuzzing/xff-403-bypass.yaml:3988407398c98a0f521e0251aafe2738470ed895
 http/honeypot/citrix-honeypot-detect.yaml:a632cb08a12e2d3dfe69f8b4e8d0cbd4d44cbbc5
 http/honeypot/dionaea-http-honeypot-detect.yaml:7830d2af83e16b50c0a4b647defe89c9ac5efe25
@ -5425,8 +5425,9 @@ http/misconfiguration/zabbix-dashboards-access.yaml:950644d6c659b8980162a7d7f559
 http/misconfiguration/zabbix-error.yaml:4aa0e2012e44241021323c22c2aba892897a89f2
 http/misconfiguration/zenphoto-sensitive-info.yaml:95c90b5a9b97e4dde7ccf49ac27d729f1af3da67
 http/misconfiguration/zhiyuan-oa-unauthorized.yaml:7b268685c77e0df7704027eb95f11bcb088da548
-http/osint/README.md:12d6be40fa83f9f3e7b053642660b0be5bd40579
+http/osint/README.md:9f8df8bed73b0cc50adf4031b86580b2e85c57de
 http/osint/phishing/1password-phish.yaml:3bf62f4f44110b6b25fd27194c9e7ade40559113
+http/osint/phishing/README.md:be8fe8309c33c7ab35b75ddbb7f70a5d6edba4f1
 http/osint/phishing/adobe-phish.yaml:38ddccf6f911fa1821ffd27b4c192983405e18d7
 http/osint/phishing/aliexpress-phish.yaml:0a2cc35426eb14e37190005d0345a5e4308c7645
 http/osint/phishing/amazon-phish.yaml:2cd744e76dcaedda27fa5a870f24affeae42a249
@ -5546,6 +5547,7 @@ http/osint/user-enumeration/3dnews.yaml:dae8aaf33a7ba8a7eec7cfd532ecf23a04006f58
 http/osint/user-enumeration/3dtoday.yaml:32512e456d68cf0b33c88f49ff166d3fd54bc819
 http/osint/user-enumeration/7cup.yaml:25ebc88ae02490ec5905ca2d9f701b65ad2a0f12
 http/osint/user-enumeration/7dach.yaml:80af7ce4e05ef6aec353ec9548a0a4e366fb0215
+http/osint/user-enumeration/README.md:5916fef8725a860320182d035dd91dcd9c993553
 http/osint/user-enumeration/aaha-chat.yaml:3691bf832cdb9d36f74c2f177aeb579a63b6ce46
 http/osint/user-enumeration/aboutme.yaml:eebf2b4552fb68439515b63fc803b66344fc96eb
 http/osint/user-enumeration/acf.yaml:8c1a85133494d9520b6533f8d8b25c2ae586cd1a
@ -7984,7 +7986,7 @@ network/cves/2022/CVE-2022-31793.yaml:d53c4361e167a401f76f3069a2cd985a612c955c
 network/cves/2023/CVE-2023-33246.yaml:3db23ab1b222f81ce0a08b75c23bc5ecae85b9dd
 network/default-login/ftp-anonymous-login.yaml:da3402a791529b5521e14fceafe0f0084bb4c9d2
 network/default-login/ftp-weak-credentials.yaml:c0cf4a3227435e117de922b08ad77edebf6304a5
-network/default-login/ldap-anonymous-login.yaml:f75251d3c4314afca801d218fa7a5bc91ca60f8c
+network/default-login/ldap-anonymous-login.yaml:257f564e889574eb3e0e8cc460038e1f21c34329
 network/detection/activemq-openwire-transport-detect.yaml:da59945499ac1f46d9ac606f27d98dd8e1e493d9
 network/detection/apache-activemq-detect.yaml:afd8fba85587220ae91e9120c3f7455529be8b5e
 network/detection/aws-sftp-detect.yaml:4c67b37ede734d66486377b851223abb638d1f78
@ -8123,7 +8125,7 @@ ssl/tls-version.yaml:4e40f08efbb39172b9280ea9e26ca5f0a14a575a
 ssl/untrusted-root-certificate.yaml:a91d36990a1d052f5ee64d170ad8f084d38dab19
 ssl/weak-cipher-suites.yaml:62fe808d9dfafda67c410e6cb9445fdc70257e89
 ssl/wildcard-tls.yaml:d244f62c7bd22d3868fc6fc7cb9550af6b261210
-templates-checksum.txt:2e0bf026e8e2841c1eeaf1c21f7d35c0fb09dd1c
+templates-checksum.txt:02dfa0c3b5dc35bd1649dd97e286758daf9c3371
 wappalyzer-mapping.yml:7f03bd65baacac20c1dc6bbf35ff2407959574f1
 workflows/74cms-workflow.yaml:bb010e767ad32b906153e36ea618be545b4e22d0
 workflows/acrolinx-workflow.yaml:8434089bb55dec3d7b2ebc6a6f340e73382dd0c4