Merge branch 'main' into fuzzing-templates

2024-03-19 21:04:52 +05:30 · 2024-03-19 21:04:52 +05:30 · eddfdcedcd
parent 5e5e3cbcdc 297e9dcf75
commit eddfdcedcd
39 changed files with 937 additions and 43 deletions
--- a/.github/scripts/assign_tasks.py
+++ b/.github/scripts/assign_tasks.py
@ -8,7 +8,7 @@ password = sys.argv[3]
 repo_owner = "projectdiscovery"
 repo_name = "nuclei-templates"
 pr_user_list = ["DhiyaneshGeek", "pussycat0x", "ritikchaddha"]
-issue_user_list = ["princechaddha", "DhiyaneshGeek", "pussycat0x", "ritikchaddha"]
+issue_user_list = ["DhiyaneshGeek", "pussycat0x", "ritikchaddha", "princechaddha"]

 headers = {'Authorization': f'Bearer {password}',
        'Accept': 'application/vnd.github+json',
--- a/.github/workflows/templates-sync.yml
+++ b/.github/workflows/templates-sync.yml
@ -3,12 +3,40 @@ on:
  push:
    paths:
    - '.new-additions'
+    - 'file/keys/dependency/dependency-track.yaml'
+    - 'file/keys/docker/dockerhub-pat.yaml'
+    - 'file/keys/doppler/doppler-audit.yaml'
+    - 'file/keys/doppler/doppler-cli.yaml'
+    - 'file/keys/doppler/doppler-scim.yaml'
+    - 'file/keys/doppler/doppler-service-account.yaml'
+    - 'file/keys/doppler/doppler-service.yaml'
+    - 'file/keys/dropbox/dropbox-access.yaml'
+    - 'file/keys/huggingface/huggingface-user-access.yaml'
+    - 'file/keys/linkedin/linkedin-client.yaml'
+    - 'file/keys/linkedin/linkedin-secret.yaml'
+    - 'file/keys/newrelic/newrelic-api-service.yaml'
+    - 'file/keys/newrelic/newrelic-license-non.yaml'
+    - 'file/keys/newrelic/newrelic-license.yaml'
+    - 'file/keys/odbc/odbc-connection.yaml'
+    - 'file/keys/okta/okta-api.yaml'
+    - 'file/keys/particle/particle-access.yaml'
+    - 'file/keys/react/reactapp-password.yaml'
+    - 'file/keys/react/reactapp-username.yaml'
+    - 'file/keys/salesforce/salesforce-access.yaml'
+    - 'file/keys/thingsboard/thingsboard-access.yaml'
+    - 'file/keys/truenas/truenas-api.yaml'
+    - 'file/keys/twitter/twitter-client.yaml'
+    - 'file/keys/twitter/twitter-secret.yaml'
+    - 'file/keys/wireguard/wireguard-preshared.yaml'
+    - 'file/keys/wireguard/wireguard-private.yaml'
    - 'http/cves/2023/CVE-2023-49785.yaml'
-    - 'http/cves/2024/CVE-2023-5914.yaml'
+    - 'http/cves/2023/CVE-2023-5830.yaml'
+    - 'http/cves/2023/CVE-2023-5914.yaml'
    - 'http/cves/2024/CVE-2024-1698.yaml'
    - 'http/exposed-panels/bynder-panel.yaml'
+    - 'http/exposed-panels/cisco/cisco-expressway-panel.yaml'
    - 'http/exposed-panels/emqx-panel.yaml'
-    - 'http/exposed-panels/forticlientems-panel.yaml'
+    - 'http/exposed-panels/fortinet/forticlientems-panel.yaml'
    - 'http/exposed-panels/fortinet/fortiwlm-panel.yaml'
    - 'http/exposed-panels/neocase-hrportal-panel.yaml'
    - 'http/exposed-panels/osnexus-panel.yaml'
--- a/.new-additions
+++ b/.new-additions
@ -1,9 +1,37 @@
+file/keys/dependency/dependency-track.yaml
+file/keys/docker/dockerhub-pat.yaml
+file/keys/doppler/doppler-audit.yaml
+file/keys/doppler/doppler-cli.yaml
+file/keys/doppler/doppler-scim.yaml
+file/keys/doppler/doppler-service-account.yaml
+file/keys/doppler/doppler-service.yaml
+file/keys/dropbox/dropbox-access.yaml
+file/keys/huggingface/huggingface-user-access.yaml
+file/keys/linkedin/linkedin-client.yaml
+file/keys/linkedin/linkedin-secret.yaml
+file/keys/newrelic/newrelic-api-service.yaml
+file/keys/newrelic/newrelic-license-non.yaml
+file/keys/newrelic/newrelic-license.yaml
+file/keys/odbc/odbc-connection.yaml
+file/keys/okta/okta-api.yaml
+file/keys/particle/particle-access.yaml
+file/keys/react/reactapp-password.yaml
+file/keys/react/reactapp-username.yaml
+file/keys/salesforce/salesforce-access.yaml
+file/keys/thingsboard/thingsboard-access.yaml
+file/keys/truenas/truenas-api.yaml
+file/keys/twitter/twitter-client.yaml
+file/keys/twitter/twitter-secret.yaml
+file/keys/wireguard/wireguard-preshared.yaml
+file/keys/wireguard/wireguard-private.yaml
 http/cves/2023/CVE-2023-49785.yaml
-http/cves/2024/CVE-2023-5914.yaml
+http/cves/2023/CVE-2023-5830.yaml
+http/cves/2023/CVE-2023-5914.yaml
 http/cves/2024/CVE-2024-1698.yaml
 http/exposed-panels/bynder-panel.yaml
+http/exposed-panels/cisco/cisco-expressway-panel.yaml
 http/exposed-panels/emqx-panel.yaml
-http/exposed-panels/forticlientems-panel.yaml
+http/exposed-panels/fortinet/forticlientems-panel.yaml
 http/exposed-panels/fortinet/fortiwlm-panel.yaml
 http/exposed-panels/neocase-hrportal-panel.yaml
 http/exposed-panels/osnexus-panel.yaml
--- a/.nuclei-ignore
+++ b/.nuclei-ignore
@ -16,7 +16,6 @@ tags:
  - "dos"
  - "local"
  - "bruteforce"
-  - "phishing"

 # The following templates have been excluded because they have weak matchers and may generate FP results.
 # Please feel free to create PR if you can update the templates with strict matchers.
@ -33,4 +32,4 @@ files:
  - http/cves/2021/CVE-2021-28164.yaml
  - http/fuzzing/wordpress-themes-detect.yaml
  - http/fuzzing/mdb-database-file.yaml
-  - http/fuzzing/iis-shortname.yaml
+  - http/fuzzing/iis-shortname.yaml
--- a/contributors.json
+++ b/contributors.json
@ -1,4 +1,54 @@
 [
+    {
+        "author": "princechaddha",
+        "links": {
+            "github": "https://github.com/princechaddha",
+            "twitter": "https://twitter.com/princechaddha",
+            "linkedin": "https://www.linkedin.com/in/princechaddha/",
+            "website": "https://pwnmachine.me/",
+            "email": ""
+        }
+    },
+    {
+        "author": "gy741",
+        "links": {
+            "github": "https://github.com/gy741",
+            "twitter": "",
+            "linkedin": "",
+            "website": "",
+            "email": ""
+        }
+    },
+    {
+        "author": "ritikchaddha",
+        "links": {
+            "github": "https://github.com/ritikchaddha",
+            "twitter": "https://twitter.com/ritikchaddha",
+            "linkedin": "",
+            "website": "",
+            "email": ""
+        }
+    },
+    {
+        "author": "theamanrawat",
+        "links": {
+            "github": "https://github.com/theamanrawat",
+            "twitter": "https://twitter.com/theamanrawat",
+            "linkedin": "",
+            "website": "",
+            "email": ""
+        }
+    },
+    {
+        "author": "dwisiswant0",
+        "links": {
+            "github": "https://github.com/dwisiswant0",
+            "twitter": "https://twitter.com/dwisiswant0",
+            "linkedin": "",
+            "website": "",
+            "email": ""
+        }
+    },
    {
        "author": "Tirtha",
        "links": {
@ -20,7 +70,7 @@
        }
    },
    {
-        "author": "DhiyaneshDk",
+        "author": "dhiyaneshdk",
        "links": {
            "github": "https://github.com/DhiyaneshGeek",
            "twitter": "https://twitter.com/DhiyaneshDK",
@ -120,10 +170,10 @@
        }
    },
    {
-        "author": "Akokonunes",
+        "author": "0x_akoko",
        "links": {
-            "github": "https://www.github.com/Akokonunes",
-            "twitter": "",
+            "github": "https://github.com/akokonunes",
+            "twitter": "https://twitter.com/0x_Akoko",
            "linkedin": "",
            "website": "",
            "email": ""
@ -613,7 +663,7 @@
        "author": "daffainfo",
        "links": {
            "github": "https://www.github.com/daffainfo",
-            "twitter": "",
+            "twitter": "https://twitter.com/daffainfo",
            "linkedin": "",
            "website": "",
            "email": ""
@ -713,7 +763,7 @@
        "author": "geeknik",
        "links": {
            "github": "https://www.github.com/geeknik",
-            "twitter": "",
+            "twitter": "https://twitter.com/geeknik",
            "linkedin": "",
            "website": "",
            "email": ""
@ -1133,7 +1183,7 @@
        "author": "pikpikcu",
        "links": {
            "github": "https://www.github.com/pikpikcu",
-            "twitter": "",
+            "twitter": "https://twitter.com/pikpikcu",
            "linkedin": "",
            "website": "",
            "email": ""
--- a/file/js/js-analyse.yaml
+++ b/file/js/js-analyse.yaml
@ -31,8 +31,65 @@ file:
        name: extracted-uri
        regex:
          - "(?i)([a-z]{2,10}):(//|/)[a-z0-9\\./?&-_=:]+"
+
      - type: regex
-        name: AMAZON-ACCES-KEY
+        name: amazon-access-key
        regex:
          - "(?i)(A3T[A-Z0-9]|AKIA|AGPA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}"
-# digest: 4a0a0047304502200738658ef4985c1261c662fd545a23504b402343ad994af584866d74d37e11ac022100c8213e439b8a574bee55ce0881363c0964830df8255bcd89249d37a778f038ba:922c64590222798bb761d5b6d8e72950
+
+      - type: regex
+        name: amazon-s3-url
+        regex:
+          - "(?i)([a-z0-9_\\-\\.]+\\.s3\\.amazonaws\\.com)"
+          - "(?i)([a-z0-9\\.-]+\\.s3-[a-z0-9-\\.]+\\.amazonaws\\.com)"
+          - "(?i)[a-z0-9\\.-]+\\.s3-website[\\.-](eu|ap|us|ca|sa|cn)"
+          - "(?i)(s3://[a-z0-9_\\-\\./]+)"
+          - "(?i)(s3\\.amazonaws\\.com/[a-z0-9/_\\-\\.]+)"
+          - "(?i)(s3\\.console\\.aws\\.com/s3/buckets/[a-z0-9/_\\-\\.]+)"
+          - "(?i)(s3-[a-z0-9-\\.]\\.amazonaws\\.com/[a-z0-9/_\\-\\.]+)"
+
+      - type: regex
+        name: github-personal-access-token
+        regex:
+          - "(?i)(ghp_[a-z0-9]{36}|github_pat_[a-z0-9]{82})"
+
+      - type: regex
+        name: github-oauth-access-token
+        regex:
+          - "(?i)(gho_[a-zA-Z0-9]{36})"
+
+      - type: regex
+        name: github-app-token
+        regex:
+          - "\b((?:ghu|ghs)_[a-zA-Z0-9]{36})\b"
+
+      - type: regex
+        name: authorization-basic
+        regex:
+          - "(?i)(Authorization:\\sbasic\\s+[a-z0-9=:_\\-+/]{5,100})"
+
+      - type: regex
+        name: authorization-bearer
+        regex:
+          - "(?i)(Authorization:\\sbearer\\s+[a-z0-9=:_\\-\\.+/]{5,100})"
+
+      - type: regex
+        name: rsa-private-key
+        regex:
+          - "(?i)(-----BEGIN RSA PRIVATE KEY-----)"
+
+      - type: regex
+        name: ssh-dsa-private-key
+        regex:
+          - "(?i)(-----BEGIN DSA PRIVATE KEY-----)"
+
+      - type: regex
+        name: ssh-ec-private-key
+        regex:
+          - "(?i)(-----BEGIN EC PRIVATE KEY-----)"
+
+      - type: regex
+        name: potential-ajax-request
+        regex:
+          - "(?i)(new\\s+xmlhttprequest\\(\\)|\\$\\.ajax\\(\\{)"
+# digest: 4a0a00473045022100a1dfbb218bb6e589fe608e853b26ab2acd789a197a02d92e3f0499331b80e03602206ac9cf015a855085c501f0e372f587e6dd518133e9bb9781de0d34ee15266bb9:922c64590222798bb761d5b6d8e72950
--- a/file/keys/dependency/dependency-track.yaml
+++ b/file/keys/dependency/dependency-track.yaml
@ -0,0 +1,25 @@
+id: dependency-track
+
+info:
+  name: Dependency Track API Key
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/dependency_track.yml
+    - https://docs.dependencytrack.org/integrations/rest-api/
+    - https://docs.dependencytrack.org/getting-started/configuration/
+  metadata:
+    verified: true
+    max-request: 1
+  tags: dependency,keys,file
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - \b(odt_[A-Za-z0-9]{32,255})\b
+# digest: 4a0a004730450220702a4c3c4219c5f6c449c503a1ada1924589fe8a8ee69ca9788a4fd1da542a7f022100c396ad3ca884547cbb32a55a497a33e09e9d592987536b27742dae33485e1abf:922c64590222798bb761d5b6d8e72950
--- a/file/keys/docker/dockerhub-pat.yaml
+++ b/file/keys/docker/dockerhub-pat.yaml
@ -0,0 +1,23 @@
+id: dockerhub-pat
+
+info:
+  name: Docker Hub Personal Access Token
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/dockerhub.yml
+    - https://docs.docker.com/security/for-developers/access-tokens/
+  metadata:
+    verified: true
+  tags: docker,keys,file
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - \b(dckr_pat_[a-zA-Z0-9_-]{27})(?:$|[^a-zA-Z0-9_-])
+# digest: 4a0a00473045022100bc73fcf69453af6d917f363d99e57d06620e6b40f1e38b54ac72982c1aff0865022030218f700bce4f88878c34d596fcc3563ee6a6a0f233055703455751caaabd08:922c64590222798bb761d5b6d8e72950
--- a/file/keys/doppler/doppler-audit.yaml
+++ b/file/keys/doppler/doppler-audit.yaml
@ -0,0 +1,24 @@
+id: doppler-audit
+
+info:
+  name: Doppler Audit Token
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/doppler.yml
+    - https://docs.doppler.com/reference/api
+    - https://docs.doppler.com/reference/auth-token-formats
+  metadata:
+    verified: true
+  tags: doppler,keys,file
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - \b(dp\.audit\.[a-zA-Z0-9]{40,44})\b
+# digest: 490a00463044022047f3853a49b38bfc41c3a21edae871fa20dbc00c3e4fec75a443da4c802ce4e702205fce2aa010ee24edfbc190aad5475ba28a4ea42e81476b2e36a2eb95de8c4479:922c64590222798bb761d5b6d8e72950
--- a/file/keys/doppler/doppler-cli.yaml
+++ b/file/keys/doppler/doppler-cli.yaml
@ -0,0 +1,24 @@
+id: doppler-cli
+
+info:
+  name: Doppler CLI Token
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/doppler.yml
+    - https://docs.doppler.com/reference/api
+    - https://docs.doppler.com/reference/auth-token-formats
+  metadata:
+    verified: true
+  tags: doppler,keys,file
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - \b(dp\.ct\.[a-zA-Z0-9]{40,44})\b
+# digest: 4b0a00483046022100de413ad22bea43d8292d3d22ed07b2d5c6a06bfb4819104c20eeb9134f913be2022100d2915ad20b135f4f8d477c1acec455af6c749833455e09d2542c0e849ab3fc7b:922c64590222798bb761d5b6d8e72950
--- a/file/keys/doppler/doppler-scim.yaml
+++ b/file/keys/doppler/doppler-scim.yaml
@ -0,0 +1,24 @@
+id: doppler-scim
+
+info:
+  name: Doppler SCIM Token
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/doppler.yml
+    - https://docs.doppler.com/reference/api
+    - https://docs.doppler.com/reference/auth-token-formats
+  metadata:
+    verified: true
+  tags: doppler,keys,file
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - \b(dp\.scim\.[a-zA-Z0-9]{40,44})\b
+# digest: 4a0a00473045022010274194b3725b6ef14112e5fc7f4e0d5c60123a51583f044bf2e94b76077001022100a0caa7739f04c145ec8ee920c613f38a6b5befd04918931bd0ee39cfdbcf3a44:922c64590222798bb761d5b6d8e72950
--- a/file/keys/doppler/doppler-service-account.yaml
+++ b/file/keys/doppler/doppler-service-account.yaml
@ -0,0 +1,24 @@
+id: doppler-service-account
+
+info:
+  name: Doppler Service Account Token
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/doppler.yml
+    - https://docs.doppler.com/reference/api
+    - https://docs.doppler.com/reference/auth-token-formats
+  metadata:
+    verified: true
+  tags: doppler,keys,file
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - \b(dp\.sa\.[a-zA-Z0-9]{40,44})\b
+# digest: 4a0a00473045022100c8177f1a0244e794af08cc9615e65a415d8cb7dc3616acc9f779e61aab518eb002204d63814164c93815807eb87c0919830977be1d4f878bd1697b90644de744894c:922c64590222798bb761d5b6d8e72950
--- a/file/keys/doppler/doppler-service.yaml
+++ b/file/keys/doppler/doppler-service.yaml
@ -0,0 +1,24 @@
+id: doppler-service
+
+info:
+  name: Doppler Service
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/doppler.yml
+    - https://docs.doppler.com/reference/api
+    - https://docs.doppler.com/reference/auth-token-formats
+  metadata:
+    verified: true
+  tags: doppler,keys,file
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - \b(dp\.st\.(?:[a-z0-9\-_]{2,35}\.)?[a-zA-Z0-9]{40,44})\b
+# digest: 4a0a00473045022100b61969103e1649c2c330814280aea5b020d5f47ca55c9601d0647af01c47ddbf02200698f545c2217332324593dffcc44a82bccb5ec45faf31507c356b71ee4ad7cf:922c64590222798bb761d5b6d8e72950
--- a/file/keys/dropbox/dropbox-access.yaml
+++ b/file/keys/dropbox/dropbox-access.yaml
@ -0,0 +1,25 @@
+id: dropbox-access
+
+info:
+  name: Dropbox Access Token
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/dropbox.yml
+    - https://developers.dropbox.com/oauth-guide
+    - https://www.dropbox.com/developers/
+    - https://www.dropbox.com/developers/documentation/http/documentation
+  metadata:
+    verified: true
+  tags: dropbox,keys,file
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - \b(sl\.[a-zA-Z0-9_-]{130,152})(?:$|[^a-zA-Z0-9_-])
+# digest: 490a0046304402203d0305c1997e320e30d2d0ad0460beb9c8478986a0f1b75f621167a79f8ca17302206da5b41a7402312c0d16fc2665349e3caf8aac3cee677a34f34089d739a743c6:922c64590222798bb761d5b6d8e72950
--- a/file/keys/huggingface/huggingface-user-access.yaml
+++ b/file/keys/huggingface/huggingface-user-access.yaml
@ -0,0 +1,23 @@
+id: huggingface-user-access
+
+info:
+  name: HuggingFace User Access Token
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/huggingface.yml
+    - https://huggingface.co/docs/hub/security-tokens
+  metadata:
+    verified: true
+  tags: huggingface,keys,file
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - '\b(hf_[a-zA-Z]{34})\b'
+# digest: 4b0a00483046022100934e5db46a96a95fbd52e60737825b1ed564ae6f42363a5843a5317f25c8b15d0221008fd6451b353118cd6c0b7a054f49e79c36d5c4222658de97e4b5fea6731da789:922c64590222798bb761d5b6d8e72950
--- a/file/keys/linkedin/linkedin-client.yaml
+++ b/file/keys/linkedin/linkedin-client.yaml
@ -0,0 +1,23 @@
+id: linkedin-client
+
+info:
+  name: LinkedIn Client ID
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/linkedin.yml
+    - https://docs.microsoft.com/en-us/linkedin/shared/api-guide/best-practices/secure-applications
+  metadata:
+    verified: true
+  tags: linkedin,keys,file
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - (?i)linkedin.?(?:api|app|application|client|consumer|customer)?.?(?:id|identifier|key).{0,2}\s{0,20}.{0,2}\s{0,20}.{0,2}\b([a-z0-9]{12,14})\b
+# digest: 4a0a00473045022100ade417f9932824017914990383cd867a37ba57dd1badc60aa55dac97e73cbf3f02203bb0babcad422204af64f70926c18827b3940c69f909d205f440468d18b0bb31:922c64590222798bb761d5b6d8e72950
--- a/file/keys/linkedin/linkedin-secret.yaml
+++ b/file/keys/linkedin/linkedin-secret.yaml
@ -0,0 +1,23 @@
+id: linkedin-secret
+
+info:
+  name: LinkedIn Secret Key
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/linkedin.yml
+    - https://docs.microsoft.com/en-us/linkedin/shared/api-guide/best-practices/secure-applications
+  metadata:
+    verified: true
+  tags: linkedin,keys,file
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - (?i)linkedin.?(?:api|app|application|client|consumer|customer|secret|key).?(?:key|oauth|sec|secret)?.{0,2}\s{0,20}.{0,2}\s{0,20}.{0,2}\b([a-z0-9]{16})\b
+# digest: 4a0a0047304502205def151b767d6270018ea90666e56089b0dde70467ca94489c6ab9ec0b735fe2022100ea3cee5471199b7e21bd6a63b75a667adcddad7281d249e83cbb8eb8cda82fd7:922c64590222798bb761d5b6d8e72950
--- a/file/keys/newrelic/newrelic-api-service.yaml
+++ b/file/keys/newrelic/newrelic-api-service.yaml
@ -0,0 +1,24 @@
+id: newrelic-api-service
+
+info:
+  name: New Relic API Service Key
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/newrelic.yml
+    - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys
+    - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys/#user-key
+  metadata:
+    verified: true
+  tags: newrelic,keys,file
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - (?i)\b(nrak-[a-z0-9]{27})\b
+# digest: 4a0a00473045022100b0305a1f0644ca813e1b1408183fb6100e36a5ccf5716a072f32d60cf9956d7102207b59c7dc0411cc69bf362c9a1035ac73c61bccbabbbfeea75aa3eff7db628214:922c64590222798bb761d5b6d8e72950
--- a/file/keys/newrelic/newrelic-license-non.yaml
+++ b/file/keys/newrelic/newrelic-license-non.yaml
@ -0,0 +1,24 @@
+id: newrelic-license-non
+
+info:
+  name: New Relic License Key (non-suffixed)
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/newrelic.yml
+    - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys
+    - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys/#license-key
+  metadata:
+    verified: true
+  tags: newrelic,keys,file
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - (?i)associated\ with\ your\ New\ Relic\ account\.\s+license_key:\s*([a-f0-9]{40})\b
+# digest: 4b0a00483046022100cb892d11153aa7205e3a23dab514da50e195f959de8fc957589d622d9ab5cc2b0221008328f65ee06dc78d96499d42170e2fb036cfa2aacb467698c39c672dc53cba96:922c64590222798bb761d5b6d8e72950
--- a/file/keys/newrelic/newrelic-license.yaml
+++ b/file/keys/newrelic/newrelic-license.yaml
@ -0,0 +1,24 @@
+id: newrelic-license
+
+info:
+  name: New Relic License Key
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/newrelic.yml
+    - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys
+    - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys/#license-key
+  metadata:
+    verified: true
+  tags: newrelic,keys,file
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - (?i)\b([a-z0-9]{6}[a-f0-9]{30}nral)\b
+# digest: 4b0a00483046022100e041b8d63bb59009c36c1d2f8b42a95d352acb3c8d0345afae5b908a78ab8f090221009e2de0a5b782aa3b65c7cbf357c0c7cd47497bef6ade233b239afa63ff863fff:922c64590222798bb761d5b6d8e72950
--- a/file/keys/odbc/odbc-connection.yaml
+++ b/file/keys/odbc/odbc-connection.yaml
@ -0,0 +1,22 @@
+id: odbc-connection
+
+info:
+  name: ODBC Connection String
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/odbc.yml
+  metadata:
+    verified: true
+  tags: odbc,keys,file
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - (?i)(?:User|User\sId|UserId|Uid)\s*=\s*([^\s;]{3,100})\s*;[\ \t]*.{0,10}[\ \t]*(?:Password|Pwd)\s*=\s*([^\t\ ;]{3,100})\s*(?:[;]|$)
+# digest: 4a0a004730450221009cdd18eb9c779b2230d9b141a315ef98d1da77f0173be2da4d099c46e3b5c46f02207ae6fac5ccfbcbe6ab6902e3e4431449873bf31680040ec3b616c0e3750e1c4d:922c64590222798bb761d5b6d8e72950
--- a/file/keys/okta/okta-api.yaml
+++ b/file/keys/okta/okta-api.yaml
@ -0,0 +1,24 @@
+id: okta-api
+
+info:
+  name: Okta API Token
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/okta.yml
+    - https://devforum.okta.com/t/api-token-length/5519
+    - https://developer.okta.com/docs/guides/create-an-api-token/main/
+  metadata:
+    verified: true
+  tags: okta,keys,file
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - (?i)(?s)(?:okta|ssws).{0,40}\b(00[a-z0-9_-]{39}[a-z0-9_])\b
+# digest: 4b0a0048304602210099f31a1c5cf66963fb04f1f4a78317a1329098914e756d1a97879086ca81de74022100c51328ddf041ad3e06759c5ce691eed371adf63ef1c6d203b2a50d87b165b1f9:922c64590222798bb761d5b6d8e72950
--- a/file/keys/particle/particle-access.yaml
+++ b/file/keys/particle/particle-access.yaml
@ -0,0 +1,24 @@
+id: particle-access
+
+info:
+  name: particle.io Access Token
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/particle.io.yml
+    - https://docs.particle.io/reference/cloud-apis/api/
+  metadata:
+    verified: true
+  tags: particle,keys,file
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - 'https://api\.particle\.io/v1/[a-zA-Z0-9_\-\s/"\\?]*(?:access_token=|Authorization:\s*Bearer\s*)\b([a-zA-Z0-9]{40})\b'
+          - '(?:access_token=|Authorization:\s*Bearer\s*)\b([a-zA-Z0-9]{40})\b[\s"\\]*https://api\.particle\.io/v1'
+# digest: 4b0a00483046022100a93af0a2a59859c973d5551ca538c3445e1bbdcdb6ffae6bb511031ab0920b6e022100b5528e182489365a2d48d40ff6ef41f6b79a28fa270c311e4fe6f767e45e4414:922c64590222798bb761d5b6d8e72950
--- a/file/keys/react/reactapp-password.yaml
+++ b/file/keys/react/reactapp-password.yaml
@ -0,0 +1,24 @@
+id: reactapp-password
+
+info:
+  name: React App Password
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/react.yml
+    - https://create-react-app.dev/docs/adding-custom-environment-variables/
+    - https://stackoverflow.com/questions/48699820/how-do-i-hide-an-api-key-in-create-react-app
+  metadata:
+    verified: true
+  tags: react,keys,file
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - \bREACT_APP(?:_[A-Z0-9]+)*_PASS(?:\s+WORD)?\s*=\s*['"]?([^\s'"$]{6,})(?:[\s'"$]|$)
+# digest: 4b0a00483046022100b4791a0989f14242e6ffe187281643b8b1417e5aba7fe98f353e37dbdc2ffb6c022100c3eee981ff792f8372f7f9292d0e73e0718b69a12d6d40ba0a58dff15dc3f948:922c64590222798bb761d5b6d8e72950
--- a/file/keys/react/reactapp-username.yaml
+++ b/file/keys/react/reactapp-username.yaml
@ -0,0 +1,24 @@
+id: reactapp-username
+
+info:
+  name: React App Username
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/react.yml
+    - https://create-react-app.dev/docs/adding-custom-environment-variables/
+    - https://stackoverflow.com/questions/48699820/how-do-i-hide-an-api-key-in-create-react-app
+  metadata:
+    verified: true
+  tags: react,keys,file
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - \bREACT_APP(?:_[A-Z0-9]+)*_USER(?:\s+NAME)?\s*=\s*['"]?([^\s'"$]{3,})(?:[\s'"$]|$)
+# digest: 4a0a0047304502201077003a86f122901374676e5f9dfda39f6c54f870a6e4f12b7dd01707a3a5e2022100c998646fe193fa833a18772b90679efa1ba4cca48a55a2da1c839b79e50b4cfd:922c64590222798bb761d5b6d8e72950
--- a/file/keys/salesforce/salesforce-access.yaml
+++ b/file/keys/salesforce/salesforce-access.yaml
@ -0,0 +1,22 @@
+id: salesforce-access
+
+info:
+  name: Salesforce Access Token
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/salesforce.yml
+  metadata:
+    verified: true
+  tags: salesforce,keys,file
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - \b(00[a-zA-Z0-9]{13}![a-zA-Z0-9._]{96})(?:\b|$|[^a-zA-Z0-9._])
+# digest: 490a0046304402207a4efb9c2401eaa2ebf49fcc5ec4676dfc142a5f5d607777827383c94bf144f102207b75489de473e1c5e3264e2d664fbb87cecbfc5811b20e6ac658fcd3f1415806:922c64590222798bb761d5b6d8e72950
--- a/file/keys/thingsboard/thingsboard-access.yaml
+++ b/file/keys/thingsboard/thingsboard-access.yaml
@ -0,0 +1,24 @@
+id: thingsboard-access
+
+info:
+  name: ThingsBoard Access Token
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/thingsboard.yml
+    - https://thingsboard.io/docs/paas/reference/http-api/
+    - https://thingsboard.io/docs/paas/reference/coap-api/
+  metadata:
+    verified: true
+  tags: thingsboard,keys,file
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - thingsboard\.cloud/api/v1/([a-z0-9]{20})
+# digest: 4b0a00483046022100e85330533e34d275242ad231bb436951116dabe56acafa94f3db46fca45ed3ae022100a799502b27b8e16f77e8406be58127578dd5f3465dab8b0a2381ee944432c239:922c64590222798bb761d5b6d8e72950
--- a/file/keys/truenas/truenas-api.yaml
+++ b/file/keys/truenas/truenas-api.yaml
@ -0,0 +1,28 @@
+id: truenas-api
+
+info:
+  name: TrueNAS API Key (WebSocket)
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/truenas.yml
+    - https://www.truenas.com/docs/api/core_websocket_api.html
+    - https://www.truenas.com/docs/api/scale_rest_api.html
+    - https://www.truenas.com/docs/scale/scaletutorials/toptoolbar/managingapikeys/
+    - https://www.truenas.com/docs/scale/scaleclireference/auth/cliapikey/
+    - https://www.truenas.com/docs/scale/api/
+    - https://www.truenas.com/community/threads/api-examples-in-perl-python.108053/
+  metadata:
+    verified: true
+  tags: truenas,keys,file
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - '"params"\s*:\s*\[\s*"(\d+-[a-zA-Z0-9]{64})"\s*\]'
+# digest: 490a0046304402207bb4c8c5d8688099a5fb0972662080602259b4356fa5f947f6bf7ace68af235702201273f66e211b1ddfafc26dd957bc970aa1b23f7c0de5c142347e4d83f5ce1b49:922c64590222798bb761d5b6d8e72950
--- a/file/keys/twitter-secret.yaml
+++ b/file/keys/twitter-secret.yaml
@ -1,17 +0,0 @@
-id: twitter-secret
-
-info:
-  name: Twitter Secret
-  author: gaurang,daffainfo
-  severity: medium
-  tags: file,keys,token,twitter
-file:
-  - extensions:
-      - all
-
-    extractors:
-      - type: regex
-        regex:
-          - "(?i)twitter(.{0,20})?[0-9a-z]{35,44}"
-          - "(?i)twitter(.{0,20})?['\"][0-9a-z]{35,44}"
-# digest: 490a00463044022070cedf48e8996b407257da229d7553720f700fc1f154260196c812ba9423159f022010695ee7d48aeac7287967c049bd5dfad24faf6e701db05ede091e8be3e79305:922c64590222798bb761d5b6d8e72950
--- a/file/keys/twitter/twitter-client.yaml
+++ b/file/keys/twitter/twitter-client.yaml
@ -0,0 +1,23 @@
+id: twitter-client
+
+info:
+  name: Twitter Client ID
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/twitter.yml
+    - https://developer.twitter.com/en/docs/authentication/overview
+  metadata:
+    verified: true
+  tags: twitter,keys,file
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - (?i)\btwitter.?(?:api|app|application|client|consumer|customer)?.?(?:id|identifier|key).{0,2}\s{0,20}.{0,2}\s{0,20}.{0,2}\b([a-z0-9]{18,25})\b
+# digest: 4a0a00473045022030cb9bb226fc38ff17accc2fbe89603cae16c35050ec725ad20ce14d5fbc5ad2022100860577843f28d261d7fbf35ef59577e5fd0e84a50eb370cfbd714f1039338c19:922c64590222798bb761d5b6d8e72950
--- a/file/keys/twitter/twitter-secret.yaml
+++ b/file/keys/twitter/twitter-secret.yaml
@ -0,0 +1,23 @@
+id: twitter-secret
+
+info:
+  name: Twitter Secret Key
+  author: DhiyaneshDK,gaurang,daffainfo
+  severity: info
+  reference:
+    - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/twitter.yml
+    - https://developer.twitter.com/en/docs/authentication/overview
+  metadata:
+    verified: true
+  tags: twitter,keys,file
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - (?i)twitter.?(?:api|app|application|client|consumer|customer|secret|key).?(?:key|oauth|sec|secret)?.{0,2}\s{0,20}.{0,2}\s{0,20}.{0,2}\b([a-z0-9]{35,44})\b
+# digest: 4a0a00473045022100ae8d7dcc6d380f9b0ba6d16ca558e7af6254078b3f1a0a2230f8ddc28f47267102206348551061cffebd4da2b42ec393373ef0987eeeb4382f0e517c38c836fb46cf:922c64590222798bb761d5b6d8e72950
--- a/file/keys/wireguard/wireguard-preshared.yaml
+++ b/file/keys/wireguard/wireguard-preshared.yaml
@ -0,0 +1,25 @@
+id: wireguard-preshared
+
+info:
+  name: WireGuard Preshared Key
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/wireguard.yml
+    - https://www.wireguard.com/quickstart/
+    - https://manpages.debian.org/testing/wireguard-tools/wg.8.en.html
+    - https://gist.github.com/lanceliao/5d2977f417f34dda0e3d63ac7e217fd
+  metadata:
+    verified: true
+  tags: wireguard,keys,file
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - PresharedKey\s*=\s*([A-Za-z0-9+/]{43}=)
+# digest: 4a0a00473045022055b7809c89c44f01db811de03d659329878fabbb6006f65a5cfc4c231e72b5ce022100916852a09714e7cf50f5e239c48dba2b243d889df28c54c7671cb3b0ec8dc9e5:922c64590222798bb761d5b6d8e72950
--- a/file/keys/wireguard/wireguard-private.yaml
+++ b/file/keys/wireguard/wireguard-private.yaml
@ -0,0 +1,25 @@
+id: wireguard-private
+
+info:
+  name: WireGuard Private Key
+  author: DhiyaneshDK
+  severity: info
+  reference:
+    - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/wireguard.yml
+    - https://www.wireguard.com/quickstart/
+    - https://manpages.debian.org/testing/wireguard-tools/wg.8.en.html
+    - https://gist.github.com/lanceliao/5d2977f417f34dda0e3d63ac7e217fd
+  metadata:
+    verified: true
+  tags: wireguard,keys,file
+
+file:
+  - extensions:
+      - all
+
+    extractors:
+      - type: regex
+        part: body
+        regex:
+          - PrivateKey\s*=\s*([A-Za-z0-9+/]{43}=)
+# digest: 4a0a004730450221008bd7fd7c9c74eb3c6d2f1d5e4c8cc9c0fcc230534b094814ee0ca7dff2f7f9800220688ed7ae288880609a373ea69defa1d5ed93ca3fcb312e5c4ea2acea46b2e27c:922c64590222798bb761d5b6d8e72950
--- a/http/cves/2023/CVE-2023-5830.yaml
+++ b/http/cves/2023/CVE-2023-5830.yaml
@ -0,0 +1,63 @@
+id: CVE-2023-5830
+
+info:
+  name: ColumbiaSoft DocumentLocator - Improper Authentication
+  author: Gonski
+  severity: critical
+  description: |
+    Instances of ColumbiaSoft's Document Locator prior to version 7.2 SP4 and 2021.1 are vulnerable to an Improper Authentication/SSRF vulnerability. This template identifies vulnerable instances of the ColumbiaSoft Document Locater application by confirming external DNS interaction/lookups by modifying the value of the client-side SERVER parameter at /api/authentication/login.
+  impact: |
+    An attacker could exploit this vulnerability to gain unauthorized access to sensitive information.
+  remediation: |
+    Upgrade to a patched version of ColumbiaSoft DocumentLocator to fix the improper authentication issue.
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2023-5830
+    - https://vuldb.com/?ctiid.243729
+    - https://github.com/advisories/GHSA-j89v-wm7x-4434
+    - https://vuldb.com/?id.243729
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
+    cve-id: CVE-2023-5830
+    cwe-id: CWE-287
+    epss-score: 0.00091
+    epss-percentile: 0.37579
+    cpe: cpe:2.3:a:documentlocator:document_locator:*:*:*:*:*:*:*:*
+  metadata:
+    max-request: 1
+    vendor: documentlocator
+    product: document_locator
+    shodan-query: 'title:"Document Locator - WebTools"'
+  tags: cve,cve2023,ssrf,unauth,columbiasoft,intrusive,webtools
+
+http:
+  - raw:
+      - |
+        @timeout: 20s
+        POST /api/authentication/login HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/json;charset=UTF-8
+        Origin: {{BaseURL}}
+        Referer: {{BaseURL}}
+
+        {
+          "LoginType":"differentWindows",
+          "User":"{{randstr}}",
+          "Password":"{{rand_base(5, "abc")}}",
+          "Domain":"{{randstr}}",
+          "Server":"{{interactsh-url}}",
+          "Repository":"{{randstr}}"
+        }
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol
+        words:
+          - "dns"
+
+      - type: word
+        part: body
+        words:
+          - '"Authorized":false'
+# digest: 4a0a0047304502201a739a9a323bb1ce5f468a13c31ecc02400b08053b2b81930e86f5decb5d83a2022100b712b21b2b241e8a04f480fe2c2b7cb3e7710265f1332dd9c2996d1a1e0cc3aa:922c64590222798bb761d5b6d8e72950
--- a/http/cves/2023/CVE-2023-5914.yaml
+++ b/http/cves/2023/CVE-2023-5914.yaml
@ -41,4 +41,4 @@ http:
          - 'contains(content_type, "text/html")'
          - 'contains_all(body, "<script>alert(1)</script>", "XmlException")'
        condition: and
-# digest: 4b0a00483046022100c444c81b2b8b8c7685a7c8b6561444155245452a96458ce4ababf2b07efd197a022100cca7f9aa78063d40421d7bb070c601a698b3c6ea172e211040abb4bd0bb804e4:922c64590222798bb761d5b6d8e72950
+# digest: 4b0a00483046022100c444c81b2b8b8c7685a7c8b6561444155245452a96458ce4ababf2b07efd197a022100cca7f9aa78063d40421d7bb070c601a698b3c6ea172e211040abb4bd0bb804e4:922c64590222798bb761d5b6d8e72950
--- a/http/exposed-panels/cisco/cisco-expressway-panel.yaml
+++ b/http/exposed-panels/cisco/cisco-expressway-panel.yaml
@ -0,0 +1,35 @@
+id: cisco-expressway-panel
+
+info:
+  name: CISCO Expressway Login Panel - Detect
+  author: righettod
+  severity: info
+  description: |
+    CISCO Expressway login panel was detected.
+  reference:
+    - https://www.cisco.com/c/en/us/products/unified-communications/expressway-series/index.html
+  metadata:
+    verified: true
+    max-request: 1
+    shodan-query: html:"Cisco Expressway"
+  tags: panel,cisco,login,detect
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/login"
+
+    matchers:
+      - type: dsl
+        dsl:
+          - 'status_code == 200'
+          - 'contains_any(to_lower(body), "cisco expressway", "cisco expway")'
+        condition: and
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - 'Cisco\s+(?:Expressway|Expway)\s+([A-Za-z\s]+)<\/legend>'
+# digest: 4a0a004730450221009a93171a94b3dcd6d212e35ffa66bf4d9432bd4ccac43de4141f63c5e61c060e0220021d84484a72649f562eaf3d436b260c53cc31c830240371f88855c097a4c6c8:922c64590222798bb761d5b6d8e72950
--- a/http/exposed-panels/fortinet/forticlientems-panel.yaml
+++ b/http/exposed-panels/fortinet/forticlientems-panel.yaml
@ -33,4 +33,4 @@ http:
        group: 1
        regex:
          - 'VERSION_FULL\\u0022: \\u0022(.*?)\\u0022'
-# digest: 4a0a00473045022100ca8f62bf9c299d2ef4a24562fab0cfa6df4bf3e529e144287b08a9bddd70bfff0220395f7b7c4d94585210c9476eb9589430b114ef7e13f20e84109aef636d456745:922c64590222798bb761d5b6d8e72950
+# digest: 4a0a00473045022100ca8f62bf9c299d2ef4a24562fab0cfa6df4bf3e529e144287b08a9bddd70bfff0220395f7b7c4d94585210c9476eb9589430b114ef7e13f20e84109aef636d456745:922c64590222798bb761d5b6d8e72950
--- a/network/detection/wing-ftp-detect.yaml
+++ b/network/detection/wing-ftp-detect.yaml
@ -24,3 +24,4 @@ tcp:
        part: body
        words:
          - "Wing FTP Server"
+# digest: 490a00463044022041b78c4dea63a1fbdd51b152e120900093db0ab7e81b050e75d03c542d80b4a10220476a48aa15c3c12290b8d485e4ddd49d48d0173d1bc14ad16cbf0d2079fb8acf:922c64590222798bb761d5b6d8e72950
--- a/templates-checksum.txt
+++ b/templates-checksum.txt
@ -104,7 +104,7 @@ config/osint.yml:683fe1e52716d054760d707dbc123f5e09de5418
 config/pentest.yml:c7b04a39e2efaf1a5f627da9b49ecf714d927f0e
 config/privilege-escalation.yml:325607b721fcea55111f8698b10951fd2f0d17b8
 config/recommended.yml:eb4d0cb29634218f0279692e8c59fa1906d7148c
-contributors.json:7aceb02f36b26022058d0a11cd8517df6aae4445
+contributors.json:951e2ab8bbae42da01f52da9ef0a14ce7f17e159
 cves.json:51d8ac58d8ffdf6cfd4660d3e19373bb08bb6605
 cves.json-checksum.txt:fdca644f563bcfe217c57881fc5991db50a942e4
 dns/azure-takeover-detection.yaml:34e8e8a0db3e2ff7af0bf8df8ee9c54f2ee8e3b4
@ -164,7 +164,7 @@ file/audit/pfsense/set-hostname.yaml:c123a3b395ce655438028aab12c18d25423dc136
 file/bash/bash-scanner.yaml:5bc8d723949612cfaed57eddf1e19d8c45b15f6e
 file/electron/electron-version-detect.yaml:9e6b4ced33952723bbf371889793cd69bfe918e2
 file/electron/node-integration-enabled.yaml:772455563db410b4b9113615e1958a45a25965ff
-file/js/js-analyse.yaml:1259e3d3620e8f698ad0f05b62be281febf350a1
+file/js/js-analyse.yaml:d3c27e7fbd123cc86c0f4fbb3ad8f51cb363db41
 file/keys/adafruit-key.yaml:dc4ce3917a2ca4d061ef45032d59ccd68b9e1551
 file/keys/adobe/adobe-client.yaml:bb33624aa34163fabe1d338d33239c8f566ecc7a
 file/keys/adobe/adobe-secret.yaml:e6e4152b3ff3a42223a8ac7169b0a38b0a622234
@ -203,14 +203,22 @@ file/keys/credential-exposure-file.yaml:d6be05c931599edd628a0591224a0c7ba56fa987
 file/keys/credentials.yaml:7d9557524fa206e8bb91295da81890e44084838f
 file/keys/databricks-api-token.yaml:a9bfc986be3fff96341f96b4213700a370c852a4
 file/keys/datadog-access-token.yaml:12b74598ee375f3a5ffbcd81ef8d526c9b852638
+file/keys/dependency/dependency-track.yaml:9d4af12139dc253e1afa70ca7678f2b5a550e3c4
 file/keys/digitalocean/digitalocean-access-token.yaml:29da3c43c8ff92cead04e92fd1961e8b8599c69a
 file/keys/digitalocean/digitalocean-personal-access.yaml:8e82ebd4f3e85120abc293e1e9312cef25531950
 file/keys/digitalocean/digitalocean-refresh-token.yaml:07071ed0e0a505395e4557e9d7d366a95ef4b668
 file/keys/discord/discord-api-token.yaml:2dedd90e44f3c638beab645b83a757d31673b880
 file/keys/discord/discord-cilent-secret.yaml:1ecb39bf91f8bb1190acb0c183867d7feeea1890
 file/keys/discord/discord-client-id.yaml:987ee6636deb77670c3578276cd9f46681d87bdb
+file/keys/docker/dockerhub-pat.yaml:929cef0af54303dafb5262cbd000758da94e76e9
+file/keys/doppler/doppler-audit.yaml:e35727b74223049f36b0bb0ae61a6407a2b2796d
+file/keys/doppler/doppler-cli.yaml:ab8577b4917f225376dadb06fa2291ff7cf3bf60
+file/keys/doppler/doppler-scim.yaml:ac4dc0cd37e6e6f1088321cccdc3446b816c8986
+file/keys/doppler/doppler-service-account.yaml:ee8d6ddbf75cb40624430ba3d054361e9fe43a20
+file/keys/doppler/doppler-service.yaml:af6d77daa3c56bc765f263849c4cec53fb202ccc
 file/keys/doppler-api-token.yaml:1c64194e0ee54ece342ac3be8abf4cd1e435cbab
 file/keys/droneci-access-token.yaml:50eecf6767282a184e8e35bed455ddc90aa77f5a
+file/keys/dropbox/dropbox-access.yaml:bb07dd2c5200bf2d3ac92eef0040005f3777edc6
 file/keys/dropbox/dropbox-api-token.yaml:73c1e3c967b0c8c2869417f9b0fbd9943e571814
 file/keys/dropbox/dropbox-longlived-token.yaml:c39f688533f912ff0482778740f03ad46183824c
 file/keys/dropbox/dropbox-shortlived-token.yaml:4ede1ec7aa2b17ba7e8a60b3f01e5136ec4ec176
@ -255,26 +263,38 @@ file/keys/grafana/grafana-cloud-api-token.yaml:7866324b7ee666df3acdac0d3f66c2345
 file/keys/grafana/grafana-service-account-token.yaml:ab639575a2a2ee8e223f0e579c9fcd519b3bc2cd
 file/keys/hashicorp-api-token.yaml:9bb83e6cda00977645b1f613864243fd126576d6
 file/keys/heroku-key.yaml:591f63afb7e7ebf8e75644e8dc0131f6524cdf39
+file/keys/huggingface/huggingface-user-access.yaml:cee36c254222da7a52d04a30522992c15bf0dd93
 file/keys/jenkins-token.yaml:f48b5889c3815de3948e3eb5bb07fbd9e6902eb7
 file/keys/kubernetes/kubernetes-dockercfg-secret.yaml:fdd22e6e0b0fac8772d949ba8bc6a296c9845074
 file/keys/kubernetes/kubernetes-dockerconfigjson-secret.yaml:f7ada6c8e01ad6561cb6d97e31bec4c95a71de9c
+file/keys/linkedin/linkedin-client.yaml:7c3b0741a3dd4093054efcbed23ca1e728b1dc46
+file/keys/linkedin/linkedin-secret.yaml:6aebe5a012f34324a3d7f3bfbecdf707a8388614
 file/keys/linkedin-id.yaml:39efe931f4ace6377fbc63d76bd12d88fcecd7e9
 file/keys/mailchimp-api.yaml:5b1ee7bc57b19f46f705d27419e8d0b802258b71
 file/keys/mailgun-api.yaml:7299dc580989b55622b2f460fce1c8724cbf7343
 file/keys/mapbox-token.yaml:b911206f1ccba8f70d6e9387771ca97a18fee32a
+file/keys/newrelic/newrelic-api-service.yaml:ef41de67162d12bedf4d6c5d90d74768214e57fe
+file/keys/newrelic/newrelic-license-non.yaml:e7a7abb5354e833ee34a7f078aabd5529c2e4755
+file/keys/newrelic/newrelic-license.yaml:c4c9f83dba1796287e40555a794632adb71e7afd
 file/keys/newrelic/newrelic-pixie-apikey.yaml:6896635d7b4c891ffabb946ff9ab6deb8fba5d51
 file/keys/newrelic/newrelic-pixie-deploykey.yaml:d038d136304e6c13d533f3302e1c1eafc39bdf38
 file/keys/npm-accesstoken.yaml:a2ea270e9e7f1a236e7d4da33e833ab26031e5ce
 file/keys/nuget-key.yaml:4c0a481dc9873f455ed2dc3d990c17a8550b243a
+file/keys/odbc/odbc-connection.yaml:758733489bf7b3defba93b1cda11f384ed7da182
+file/keys/okta/okta-api.yaml:e70809f9fbcaec530687ff077c63796b5eef3031
 file/keys/openai-key.yaml:362b3e2c11d11f7183034aaa5cdb47f3b40700b9
+file/keys/particle/particle-access.yaml:676becab681ec168bae43c74b13e552af4657f5c
 file/keys/paypal-braintree-token.yaml:402e0754808e014fb8b0ebdb3fb1e0eb585c3be2
 file/keys/pictatic-api-key.yaml:5d254108f9865c20a83080b3f92a3152b54d3c05
 file/keys/postman-api-key.yaml:91b5bbc73ae8fc4430498d92e5ab029e332f8817
 file/keys/private-key.yaml:c297f883a9ff39ab4807a35914edffc3f0cc01a9
 file/keys/pypi-token.yaml:d5d89be532cce80e65a912bf277f94d7bcf8f1c2
 file/keys/razorpay-client-id.yaml:a88d58769de655a660b4e5ee8a58aba9faeed91d
+file/keys/react/reactapp-password.yaml:4613021cd4c5d458ab778000587b7229980e4238
+file/keys/react/reactapp-username.yaml:deb652d737576b6ae7c84eb9de36f0b329baf0bd
 file/keys/rubygems-key.yaml:fa5cdc44cbd4f734c9aedf00b112ccf27a073a50
 file/keys/s3-bucket.yaml:5604162f278a70b8742678a1a006949ca62e64e2
+file/keys/salesforce/salesforce-access.yaml:6cb655725ac01c05b073db6645b96cf9e7e7bf8d
 file/keys/sauce-access-token.yaml:c9aa59af67698af4ffa2486af99819e3cb4147c3
 file/keys/segment-public-api.yaml:a193504eea902e1c11b23f3e408a7b7593389b22
 file/keys/sendgrid-api.yaml:15e1a6951aa39738c4fa1310f420a55340460f11
@ -290,8 +310,13 @@ file/keys/square-oauth-secret.yaml:6d588fb6fcb3851617348b0cfa394d85824708f1
 file/keys/stackhawk-api-key.yaml:0bfb39d55ad1ba8e731e72918dfc1b098059d1c8
 file/keys/stripe-api-key.yaml:5df4a9e34d7acd181f0451c1e620cdbff2c8ff0b
 file/keys/telegram-token.yaml:a7fbf76a80e8dbb51ae3876632d15afae04eb519
+file/keys/thingsboard/thingsboard-access.yaml:2393412b4f8629f6fe28837cd394699e344c906e
+file/keys/truenas/truenas-api.yaml:8cb5b99a4702f4fbe69c5ba1a09cc24b7093ba49
 file/keys/twilio-api.yaml:b225fe4dd0f8f0f2bc7b76870aaac28f70993d12
-file/keys/twitter-secret.yaml:994272364c3c831d4a6db48e34a0154cb8f52983
+file/keys/twitter/twitter-client.yaml:9bd5486ea151363def2820c6282b380da52d9b25
+file/keys/twitter/twitter-secret.yaml:65827a76234f874f90f5323afd3ad625821d5b52
+file/keys/wireguard/wireguard-preshared.yaml:f30e419b0c15a28facb053e105c9f0916e3ac9cb
+file/keys/wireguard/wireguard-private.yaml:1fb9592fb98b0e4b26f90bc2d4a5029dd09644dd
 file/keys/zapier-webhook.yaml:8d0f9312fd5acb2f63899a50b2ac8b670f389464
 file/keys/zendesk-secret-key.yaml:cdf5d13a59f7036d60f6ea546087c7e48f016612
 file/logs/django-framework-exceptions.yaml:84d8ecc728d13f3f5e756cf29b1b2691a64e031e
@ -3030,6 +3055,8 @@ http/cves/2023/CVE-2023-5244.yaml:32f7df605dda4c16610c548f773673f5b69c67a5
 http/cves/2023/CVE-2023-5360.yaml:387bf52196ed2e1d383a97ea158fe90b94d213b9
 http/cves/2023/CVE-2023-5375.yaml:394c4b2b0867a8922fcfad500616380c117983d8
 http/cves/2023/CVE-2023-5556.yaml:7d50d6e2861161f90b7876147d3405d5c7eeccf4
+http/cves/2023/CVE-2023-5830.yaml:85965a9925a1cd03639181416b2c20995b33f501
+http/cves/2023/CVE-2023-5914.yaml:93f627b753ac975d5a74a2532a42aa9449682207
 http/cves/2023/CVE-2023-6018.yaml:e840e467eab7d472ae719996be481de06fafb2cf
 http/cves/2023/CVE-2023-6020.yaml:68c05fb386a060d81834e2ddbaefb5779ae81b51
 http/cves/2023/CVE-2023-6021.yaml:83ada3f6cf527a6e4f084151e60fc36c47a31785
@ -3048,7 +3075,6 @@ http/cves/2023/CVE-2023-6895.yaml:0ef4052f3a65107072ee47d11c4028e55f54b472
 http/cves/2023/CVE-2023-6909.yaml:e8c84b54fb87c65ef2afbbe6e44f305c8eb67188
 http/cves/2023/CVE-2023-6977.yaml:5f16b7bdb7c8c98ab5e1c333cffaccbb4fbe51ae
 http/cves/2023/CVE-2023-7028.yaml:16a6a22a93bf8caea281ec34d32def83f8e06fac
-http/cves/2024/CVE-2023-5914.yaml:8d84ed75ed56b35ba6e6f81a23ba37de27945e96
 http/cves/2024/CVE-2024-0204.yaml:6fe6e29907168dd0d6bf7ca67ef70b3e5114430b
 http/cves/2024/CVE-2024-0305.yaml:81dbabe027bcd8f7733aefac310dcb7efa6e0a4f
 http/cves/2024/CVE-2024-0352.yaml:e324d6ccb69d2bee50aa487f5e068cc005c715d8
@ -3406,6 +3432,7 @@ http/exposed-panels/cisco/cisco-ace-device-manager.yaml:c5c9e855c9978d5f1770f828
 http/exposed-panels/cisco/cisco-anyconnect-vpn.yaml:426651066804491b7128cb9d1518adcece334719
 http/exposed-panels/cisco/cisco-asa-panel.yaml:404619b86f43443c4cb6a77e46855879a1ad4778
 http/exposed-panels/cisco/cisco-edge-340.yaml:cd15ec08c18c29079865df10dfec7f1fe23008f3
+http/exposed-panels/cisco/cisco-expressway-panel.yaml:27975d60e84a053e1473319a625a353d448dd516
 http/exposed-panels/cisco/cisco-finesse-login.yaml:742d956488dcddf7305d32facc6a47b5a5e51f4e
 http/exposed-panels/cisco/cisco-integrated-login.yaml:1e712a4925fe31fb6076255a1ea1d3c5518d600e
 http/exposed-panels/cisco/cisco-ios-xe-panel.yaml:2c260bc7aeaaea7892a11b22c8d1f08007b7c479
@ -3565,9 +3592,9 @@ http/exposed-panels/footprints-panel.yaml:12b1ff801c88bafe46638794e739adb9d5379f
 http/exposed-panels/forcepoint-applicance.yaml:f18ffbd665ae28a2bacec9117186e68621287db4
 http/exposed-panels/forcepoint.yaml:c3c1417daa067deaf421ae9c0a30d4b88c3b0350
 http/exposed-panels/forti/fortiadc-panel.yaml:8dfb7582c659d516cc6eb9d8dceb42a0424fe143
-http/exposed-panels/forticlientems-panel.yaml:376dfeea4aba569ce865208dc9fe81f7858b175d
 http/exposed-panels/fortinet/fortiap-panel.yaml:300ab4949fd73ca59e9e7c4706a2c616ada75914
 http/exposed-panels/fortinet/fortiauthenticator-detect.yaml:c0f02944e1c861c523acfe6f5a3c823327339989
+http/exposed-panels/fortinet/forticlientems-panel.yaml:65d946fe428862980085d4410cf8a4367cd8f3fc
 http/exposed-panels/fortinet/fortimail-panel.yaml:c0202da50a4af46f6290259e367f7fa997ffa18e
 http/exposed-panels/fortinet/fortinet-fortiddos-panel.yaml:ba098255839e2c7f85c7793ea2b4056aea91839c
 http/exposed-panels/fortinet/fortinet-fortigate-panel.yaml:6b53e7e548ca993721fd221cc473775d56f8398d
@ -6500,8 +6527,8 @@ http/technologies/mappproxy-detect.yaml:34f8715bb04d15e410646087f140852d5e67e6a4
 http/technologies/matrix-detect.yaml:33b6e2aef92cf34e8fdfa015ed1d7c4cbb0c9ca7
 http/technologies/matrix-homeserver-detect.yaml:03f44055b1385667e1d860c9160c9b0a3b5b24b0
 http/technologies/metatag-cms.yaml:dddeec9fe5817ce89ce12c7fb09e5702c6cf5ea7
-http/technologies/microsoft/aspnet-version-detect.yaml:c2322047d526d4cbf5e23afb5299227a493e76b7
-http/technologies/microsoft/aspnetmvc-version-disclosure.yaml:ec99bbdc39f070ec50892003e8edc062b0526de4
+http/technologies/microsoft/aspnet-version-detect.yaml:5bed426fbdc77d0e323d7d3c0113c4bfb34ce8f6
+http/technologies/microsoft/aspnetmvc-version-disclosure.yaml:341d9ec2d4e676c7d022608a43527ec30e3df2c9
 http/technologies/microsoft/default-iis7-page.yaml:c4e22ee6e9c969c526ea2609a510a8e23150963d
 http/technologies/microsoft/default-microsoft-azure-page.yaml:edf6bd39671cbd1eeda217a1956965a66e368d06
 http/technologies/microsoft/default-windows-server-page.yaml:eddc0c09081a8fdfdd579671ba67816b49e8bb81
@ -8057,6 +8084,7 @@ network/detection/vmware-authentication-daemon-detect.yaml:fe32f8021fd370465c0f9
 network/detection/vnc-service-detect.yaml:22f648aa53fa7fb08f258bcd06fa4b15d80eebca
 network/detection/weblogic-iiop-detect.yaml:05bf3f6fdfa938cfb88ee0e5f27da5e1b8d70bfa
 network/detection/weblogic-t3-detect.yaml:06f88de334b8bae8279d944c0cf4467919930e93
+network/detection/wing-ftp-detect.yaml:79fe3254d4657278f122977cda7145287f7b993c
 network/detection/ws_ftp-ssh-detect.yaml:558ac2fd876a7239ddfd7c5c9433769f166644bd
 network/detection/xlight-ftp-service-detect.yaml:c1bcbafb4cd2ad7a5b4b6c7b947779ee08367781
 network/enumeration/beanstalk-service.yaml:4116fb96469ca087e5b79686fe57c54862835ad8
@ -8142,7 +8170,7 @@ ssl/tls-version.yaml:4e40f08efbb39172b9280ea9e26ca5f0a14a575a
 ssl/untrusted-root-certificate.yaml:a91d36990a1d052f5ee64d170ad8f084d38dab19
 ssl/weak-cipher-suites.yaml:62fe808d9dfafda67c410e6cb9445fdc70257e89
 ssl/wildcard-tls.yaml:d244f62c7bd22d3868fc6fc7cb9550af6b261210
-templates-checksum.txt:5b1362ef552ea57e67c47c4d472d4386c9aa6368
+templates-checksum.txt:f6eaac90af8e77b23be2e3482cf5afbd3b015566
 wappalyzer-mapping.yml:7f03bd65baacac20c1dc6bbf35ff2407959574f1
 workflows/74cms-workflow.yaml:bb010e767ad32b906153e36ea618be545b4e22d0
 workflows/acrolinx-workflow.yaml:8434089bb55dec3d7b2ebc6a6f340e73382dd0c4