daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #7067 from sduc/patch-6 

file tag consistency
patch-1
Ritik Chaddha 2023-04-15 22:03:12 +05:30 committed by GitHub
parent efb56ea919 470b64bfdb
commit e3cc751d5c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
16 changed files with 29 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
file/audit/cisco/configure-aaa-service.yaml
View File

@ -8,7 +8,7 @@ info:
Authentication, authorization and accounting (AAA) services provide an authoritative source for managing and monitoring access for devices.
reference:
- https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/a1/sec-a1-cr-book/sec-cr-a2.html#GUID-E05C2E00-C01E-4053-9D12-EC37C7E8EEC5
tags: cisco,config-audit,cisco-switch,router
tags: cisco,config-audit,cisco-switch,file,router
file:
- extensions:
@ -23,4 +23,4 @@ file:
- type: word
words:
- "configure terminal"
- "configure terminal"

4
file/audit/cisco/configure-service-timestamps-debug.yaml
View File

@ -8,7 +8,7 @@ info:
To configure the system to time-stamp debugging or logging messages, use one of the service timestamps global configuration commands. Use the no form of this command to disable this service.
reference:
- https://www.cisco.com/E-Learning/bulk/public/tac/cim/cib/using_cisco_ios_software/cmdrefs/service_timestamps.htm
tags: cisco,config-audit,cisco-switch,router
tags: cisco,config-audit,cisco-switch,file,router
file:
- extensions:
@ -23,4 +23,4 @@ file:
- type: word
words:
- "configure terminal"
- "configure terminal"

4
file/audit/cisco/configure-service-timestamps-logmessages.yaml
View File

@ -8,7 +8,7 @@ info:
To configure the system to time-stamp debugging or logging messages, use one of the service timestamps global configuration commands. Use the no form of this command to disable this service.
reference:
- https://www.cisco.com/E-Learning/bulk/public/tac/cim/cib/using_cisco_ios_software/cmdrefs/service_timestamps.htm
tags: cisco,config-audit,cisco-switch,router
tags: cisco,config-audit,cisco-switch,file,router
file:
- extensions:
@ -23,4 +23,4 @@ file:
- type: word
words:
- "configure terminal"
- "configure terminal"

4
file/audit/cisco/disable-ip-source-route.yaml
View File

@ -8,7 +8,7 @@ info:
Organizations should plan and implement network policies to ensure unnecessary services are explicitly disabled. The 'ip source-route' feature has been used in several attacks and should be disabled.
reference:
- https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr/command/ipaddr-cr-book/ipaddr-i4.html#GUID-C7F971DD-358F-4B43-9F3E-244F5D4A3A93
tags: cisco,config-audit,cisco-switch,router
tags: cisco,config-audit,cisco-switch,file,router
file:
- extensions:
@ -23,4 +23,4 @@ file:
- type: word
words:
- "configure terminal"
- "configure terminal"

4
file/audit/cisco/disable-pad-service.yaml
View File

@ -8,7 +8,7 @@ info:
To reduce the risk of unauthorized access, organizations should implement a security policy restricting unnecessary services such as the 'PAD' service.
reference:
- http://www.cisco.com/en/US/docs/ios-xml/ios/wan/command/wan-s1.html#GUID-C5497B77-3FD4-4D2F-AB08-1317D5F5473B
tags: cisco,config-audit,cisco-switch,router
tags: cisco,config-audit,cisco-switch,file,router
file:
- extensions:
@ -23,4 +23,4 @@ file:
- type: word
words:
- "configure terminal"
- "configure terminal"

4
file/audit/cisco/enable-secret-for-password-user-and-.yaml
View File

@ -8,7 +8,7 @@ info:
To configure the system to time-stamp debugging or logging messages, use one of the service timestamps global configuration commands. Use the no form of this command to disable this service.
reference:
- https://www.cisco.com/E-Learning/bulk/public/tac/cim/cib/using_cisco_ios_software/cmdrefs/service_timestamps.htm
tags: cisco,config-audit,cisco-switch,router
tags: cisco,config-audit,cisco-switch,file,router
file:
- extensions:
@ -23,4 +23,4 @@ file:
- type: word
words:
- "configure terminal"
- "configure terminal"

4
file/audit/cisco/logging-enable.yaml
View File

@ -8,7 +8,7 @@ info:
Enabling the Cisco IOS 'logging enable' command enforces the monitoring of technology risks for the organizations' network devices.
reference:
- https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/config-mgmt/configuration/xe-16-6/config-mgmt-xe-16-6-book/cm-config-logger.pdf
tags: cisco,config-audit,cisco-switch
tags: cisco,config-audit,cisco-switch,file
file:
- extensions:
@ -23,4 +23,4 @@ file:
- type: word
words:
- "configure terminal"
- "configure terminal"

2
file/audit/fortigate/auto-usb-install.yaml
View File

@ -6,7 +6,7 @@ info:
severity: info
description: If USB installation is not disabled, an attacker with physical access to a FortiGate could load a new configuration or firmware using the USB port.
reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
tags: fortigate,config,audit,firewall
tags: audit,config,file,firewall,fortigate
file:
- extensions:

4
file/audit/fortigate/heuristic-scan.yaml
View File

@ -6,7 +6,7 @@ info:
severity: info
description: Heuristic scanning is a technique used to identify previously unknown viruses. A value of block enables heuristic AV scanning of binary files and blocks any detected. A replacement message will be forwarded to the recipient. Blocked files are quarantined if quarantine is enabled.
reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
tags: fortigate,config,audit,firewall
tags: audit,config,file,firewall,fortigate
file:
- extensions:
@ -25,4 +25,4 @@ file:
- "config system"
- "config router"
- "config firewall"
condition: or
condition: or

4
file/audit/fortigate/inactivity-timeout.yaml
View File

@ -6,7 +6,7 @@ info:
severity: info
description: Lack of Inactivity Timeout gives the unauthorized user to act within that threshold if the administrator is away from the computer.
reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
tags: fortigate,config,audit,firewall
tags: audit,config,file,firewall,fortigate
file:
- extensions:
@ -24,4 +24,4 @@ file:
- "config system"
- "config router"
- "config firewall"
condition: or
condition: or

4
file/audit/fortigate/maintainer-account.yaml
View File

@ -6,7 +6,7 @@ info:
severity: info
description: If the FortiGate is compromised and Password is not recoverable. A maintainer account can be used by an administrator with physical access to log into CLI..
reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate
tags: fortigate,config,audit,firewall
tags: audit,config,file,firewall,fortigate
file:
- extensions:
@ -24,4 +24,4 @@ file:
- "config system"
- "config router"
- "config firewall"
condition: or
condition: or

4
file/audit/fortigate/remote-auth-timeout.yaml
View File

@ -6,7 +6,7 @@ info:
severity: info
description: Lack of Inactivity Timeout gives the unauthorized user to act within that threshold if the administrator is away from the computer.
reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate
tags: fortigate,config,audit,firewall
tags: audit,config,file,firewall,fortigate
file:
- extensions:
@ -24,4 +24,4 @@ file:
- "config system"
- "config router"
- "config firewall"
condition: or
condition: or

4
file/audit/fortigate/scp-admin.yaml
View File

@ -6,7 +6,7 @@ info:
severity: info
description: Disable SCP by default. Enabling SCP allows downloading the configuration file from the FortiGate as an alternative method of backing up the configuration file.
reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate
tags: fortigate,config,audit,firewall
tags: audit,config,file,firewall,fortigate
file:
- extensions:
@ -24,4 +24,4 @@ file:
- "config system"
- "config router"
- "config firewall"
condition: or
condition: or

4
file/audit/fortigate/strong-ciphers.yaml
View File

@ -6,7 +6,7 @@ info:
severity: info
description: Weak Ciphers can be broken by an attacker in a local network and can perform attacks like Blowfish.
reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
tags: fortigate,config,audit,firewall
tags: audit,config,file,firewall,fortigate
file:
- extensions:
@ -24,4 +24,4 @@ file:
- "config system"
- "config router"
- "config firewall"
condition: or
condition: or

2
file/audit/pfsense/known-default-account.yaml
View File

@ -11,7 +11,7 @@ info:
- https://docs.netgate.com/pfsense/en/latest/usermanager/defaults.html
remediation: |
Deletes the known default accounts configured.
tags: firewall,config,audit,pfsense
tags: audit,config,file,firewall,pfsense
file:
- extensions:

2
file/bash/bash-scanner.yaml
View File

@ -8,7 +8,7 @@ info:
reference:
- https://www.tecmint.com/10-most-dangerous-commands-you-should-never-execute-on-linux/
- https://phoenixnap.com/kb/dangerous-linux-terminal-commands
tags: bash,shell,sh
tags: bash,file,shell,sh
file:
- extensions: