Update compliance.yml
Parth Malhotra
GitHub
parent
702ebcf4bb
commit
e9f93a9806
|
|
@ -1,9 +1,36 @@
|
||||||
# This is a configuration file for the compliance template profile.
|
# Nuclei Configuration Profile for Compliance Detection
|
||||||
# Additional configuration profiles can be created for different types of nuclei scans.
|
#
|
||||||
# They should be placed under the 'config' directory at:
|
# This configuration file is specifically tailored for detecting compliance-related issues using Nuclei.
|
||||||
# https://github.com/projectdiscovery/nuclei-templates
|
#
|
||||||
# Here is an example of how to use a config profile:
|
# Purpose:
|
||||||
# nuclei -config config/compliance.yml -list target_list_to_scan.txt
|
# This profile is focused on identifying a wide range of security issues to ensure compliance with various security standards and best practices. It includes templates for detecting misconfigurations, vulnerabilities, exposures, and other security risks.
|
||||||
|
#
|
||||||
|
# Included Templates:
|
||||||
|
# This configuration references specific templates tagged with various security-related tags to cover comprehensive compliance scanning:
|
||||||
|
# - misconfig: Templates for detecting misconfigurations.
|
||||||
|
# - cve: Templates for detecting Common Vulnerabilities and Exposures.
|
||||||
|
# - exposure: Templates for detecting sensitive information exposures.
|
||||||
|
# - default-login: Templates for detecting default login credentials.
|
||||||
|
# - xss: Templates for detecting Cross-Site Scripting vulnerabilities.
|
||||||
|
# - lfi: Templates for detecting Local File Inclusion vulnerabilities.
|
||||||
|
# - edb: Templates for vulnerabilities listed in the Exploit Database.
|
||||||
|
# - rce: Templates for detecting Remote Code Execution vulnerabilities.
|
||||||
|
# - sqli: Templates for detecting SQL Injection vulnerabilities.
|
||||||
|
# - unauth: Templates for detecting unauthorized access vulnerabilities.
|
||||||
|
# - ssrf: Templates for detecting Server-Side Request Forgery vulnerabilities.
|
||||||
|
# - redirect: Templates for detecting open redirection vulnerabilities.
|
||||||
|
# - disclosure: Templates for detecting sensitive information disclosure.
|
||||||
|
# - takeover: Templates for detecting subdomain takeover vulnerabilities.
|
||||||
|
# - traversal: Templates for detecting directory traversal vulnerabilities.
|
||||||
|
# - generic: Templates for detecting generic security issues.
|
||||||
|
# - deserialization: Templates for detecting deserialization vulnerabilities.
|
||||||
|
# - ssl: Templates for detecting SSL/TLS related issues.
|
||||||
|
# - keys: Templates for detecting exposed keys.
|
||||||
|
# - token: Templates for detecting exposed tokens.
|
||||||
|
#
|
||||||
|
# Running this profile
|
||||||
|
# You can run this profile using the following command:
|
||||||
|
# nuclei -profile compliance -u https://example.com
|
||||||
|
|
||||||
tags:
|
tags:
|
||||||
- misconfig
|
- misconfig
|
||||||
|
|
@ -26,4 +53,4 @@ tags:
|
||||||
- deserialization
|
- deserialization
|
||||||
- ssl
|
- ssl
|
||||||
- keys
|
- keys
|
||||||
- token
|
- token
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue