From b0ba3e4a5d01e6aee8680f0d386bf737e064daf4 Mon Sep 17 00:00:00 2001 From: m ayadi Date: Wed, 13 Mar 2024 22:03:38 +0000 Subject: [PATCH 01/37] Update js-analyse.yaml New extractors --- file/js/js-analyse.yaml | 48 ++++++++++++++++++++++++++++++++++++++++- 1 file changed, 47 insertions(+), 1 deletion(-) diff --git a/file/js/js-analyse.yaml b/file/js/js-analyse.yaml index 4730f4e553..8778d2399c 100644 --- a/file/js/js-analyse.yaml +++ b/file/js/js-analyse.yaml @@ -35,4 +35,50 @@ file: name: AMAZON-ACCES-KEY regex: - "(?i)(A3T[A-Z0-9]|AKIA|AGPA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" -# digest: 4a0a0047304502200738658ef4985c1261c662fd545a23504b402343ad994af584866d74d37e11ac022100c8213e439b8a574bee55ce0881363c0964830df8255bcd89249d37a778f038ba:922c64590222798bb761d5b6d8e72950 \ No newline at end of file + - type: regex + name: AMAZON-S3-URL + regex: + - "(?i)([a-z0-9_\\-\\.]+\\.s3\\.amazonaws\\.com)" + - "(?i)([a-z0-9\\.-]+\\.s3-[a-z0-9-\\.]+\\.amazonaws\\.com)" + - "(?i)[a-z0-9\\.-]+\\.s3-website[\\.-](eu|ap|us|ca|sa|cn)" + - "(?i)(s3://[a-z0-9_\\-\\./]+)" + - "(?i)(s3\\.amazonaws\\.com/[a-z0-9/_\\-\\.]+)" + - "(?i)(s3\\.console\\.aws\\.com/s3/buckets/[a-z0-9/_\\-\\.]+)" + - "(?i)(s3-[a-z0-9-\\.]\\.amazonaws\\.com/[a-z0-9/_\\-\\.]+)" + - type: regex + name: Github-Personal-Access-Token + regex: + - "(?i)(ghp_[a-z0-9]{36}|github_pat_[a-z0-9]{82})" + - type: regex + name: Github-OAuth-Access-Token + regex: + - "(?i)(gho_[a-zA-Z0-9]{36})" + - type: regex + name: Github-App-Token + regex: + - "\b((?:ghu|ghs)_[a-zA-Z0-9]{36})\b" + - type: regex + name: Authorization-Basic + regex: + - "(?i)(Authorization:\\sbasic\\s+[a-z0-9=:_\\-+/]{5,100})" + - type: regex + name: Authorization-Bearer + regex: + - "(?i)(Authorization:\\sbearer\\s+[a-z0-9=:_\\-\\.+/]{5,100})" + - type: regex + name: RSA-Private-Key + regex: + - "(?i)(-----BEGIN RSA PRIVATE KEY-----)" + - type: regex + name: SSH-DSA-Private-Key + regex: + - "(?i)(-----BEGIN DSA PRIVATE KEY-----)" + - type: regex + name: SSH-EC-Private-Key + regex: + - "(?i)(-----BEGIN EC PRIVATE KEY-----)" + - type: regex + name: Potential-Ajax-Request + regex: + - "(?i)(new\\s+xmlhttprequest\\(\\)|\\$\\.ajax\\(\\{)" +# digest: 4a0a0047304502200738658ef4985c1261c662fd545a23504b402343ad994af584866d74d37e11ac022100c8213e439b8a574bee55ce0881363c0964830df8255bcd89249d37a778f038ba:922c64590222798bb761d5b6d8e72950 From 56d82473dc7f8dc11ec21621aaf8d07cd7846acb Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 15 Mar 2024 09:57:19 +0530 Subject: [PATCH 02/37] fir formatting --- file/js/js-analyse.yaml | 34 +++++++++++++++++++++++----------- 1 file changed, 23 insertions(+), 11 deletions(-) diff --git a/file/js/js-analyse.yaml b/file/js/js-analyse.yaml index 8778d2399c..7a26564911 100644 --- a/file/js/js-analyse.yaml +++ b/file/js/js-analyse.yaml @@ -31,12 +31,14 @@ file: name: extracted-uri regex: - "(?i)([a-z]{2,10}):(//|/)[a-z0-9\\./?&-_=:]+" + - type: regex - name: AMAZON-ACCES-KEY + name: amazon-access-key regex: - "(?i)(A3T[A-Z0-9]|AKIA|AGPA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}" + - type: regex - name: AMAZON-S3-URL + name: amazon-s3-url regex: - "(?i)([a-z0-9_\\-\\.]+\\.s3\\.amazonaws\\.com)" - "(?i)([a-z0-9\\.-]+\\.s3-[a-z0-9-\\.]+\\.amazonaws\\.com)" @@ -45,40 +47,50 @@ file: - "(?i)(s3\\.amazonaws\\.com/[a-z0-9/_\\-\\.]+)" - "(?i)(s3\\.console\\.aws\\.com/s3/buckets/[a-z0-9/_\\-\\.]+)" - "(?i)(s3-[a-z0-9-\\.]\\.amazonaws\\.com/[a-z0-9/_\\-\\.]+)" + - type: regex - name: Github-Personal-Access-Token + name: github-personal-access-token regex: - "(?i)(ghp_[a-z0-9]{36}|github_pat_[a-z0-9]{82})" + - type: regex - name: Github-OAuth-Access-Token + name: github-oauth-access-token regex: - "(?i)(gho_[a-zA-Z0-9]{36})" + - type: regex - name: Github-App-Token + name: github-app-token regex: - "\b((?:ghu|ghs)_[a-zA-Z0-9]{36})\b" + - type: regex - name: Authorization-Basic + name: authorization-basic regex: - "(?i)(Authorization:\\sbasic\\s+[a-z0-9=:_\\-+/]{5,100})" + - type: regex - name: Authorization-Bearer + name: authorization-bearer regex: - "(?i)(Authorization:\\sbearer\\s+[a-z0-9=:_\\-\\.+/]{5,100})" + - type: regex - name: RSA-Private-Key + name: rsa-private-key regex: - "(?i)(-----BEGIN RSA PRIVATE KEY-----)" + - type: regex - name: SSH-DSA-Private-Key + name: ssh-dsa-private-key regex: - "(?i)(-----BEGIN DSA PRIVATE KEY-----)" + - type: regex - name: SSH-EC-Private-Key + name: ssh-ec-private-key regex: - "(?i)(-----BEGIN EC PRIVATE KEY-----)" + - type: regex - name: Potential-Ajax-Request + name: potential-ajax-request regex: - "(?i)(new\\s+xmlhttprequest\\(\\)|\\$\\.ajax\\(\\{)" + # digest: 4a0a0047304502200738658ef4985c1261c662fd545a23504b402343ad994af584866d74d37e11ac022100c8213e439b8a574bee55ce0881363c0964830df8255bcd89249d37a778f038ba:922c64590222798bb761d5b6d8e72950 From 8f38c6d54dbc0fde4a26691481a7bd602de9c622 Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Sat, 16 Mar 2024 10:19:13 +0100 Subject: [PATCH 03/37] Add files via upload --- .../cisco/cisco-expressway-panel.yaml | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 http/exposed-panels/cisco/cisco-expressway-panel.yaml diff --git a/http/exposed-panels/cisco/cisco-expressway-panel.yaml b/http/exposed-panels/cisco/cisco-expressway-panel.yaml new file mode 100644 index 0000000000..b2dcb9e79f --- /dev/null +++ b/http/exposed-panels/cisco/cisco-expressway-panel.yaml @@ -0,0 +1,34 @@ +id: cisco-expressway-panel + +info: + name: CISCO Expressway Login Panel - Detect + author: righettod + severity: info + description: | + CISCO Expressway login panel was detected. + reference: + - https://www.cisco.com/c/en/us/products/unified-communications/expressway-series/index.html + metadata: + max-request: 1 + shodan-query: http.html:"Cisco Expressway" + verified: true + tags: panel,cisco,login,detect + +http: + - method: GET + path: + - "{{BaseURL}}/login" + + matchers: + - type: dsl + dsl: + - 'status_code == 200' + - 'contains_any(to_lower(body), "cisco expressway", "cisco expway") && contains(to_lower(body), "login")' + condition: and + + extractors: + - type: regex + part: body + group: 1 + regex: + - 'Cisco\s+(?:Expressway|Expway)\s+([A-Za-z\s]+)<\/legend>' \ No newline at end of file From 97ab030fcf9e4e5fde180032b838826d92814495 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sun, 17 Mar 2024 09:28:07 +0530 Subject: [PATCH 04/37] Update assign_tasks.py --- .github/scripts/assign_tasks.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/scripts/assign_tasks.py b/.github/scripts/assign_tasks.py index 03b35de468..393e17e87c 100644 --- a/.github/scripts/assign_tasks.py +++ b/.github/scripts/assign_tasks.py @@ -8,7 +8,7 @@ password = sys.argv[3] repo_owner = "projectdiscovery" repo_name = "nuclei-templates" pr_user_list = ["DhiyaneshGeek", "pussycat0x", "ritikchaddha"] -issue_user_list = ["princechaddha", "DhiyaneshGeek", "pussycat0x", "ritikchaddha"] +issue_user_list = ["DhiyaneshGeek", "pussycat0x", "ritikchaddha", "princechaddha"] headers = {'Authorization': f'Bearer {password}', 'Accept': 'application/vnd.github+json', From 4baef3fda559646fd1eb36777d79c2c8e95aec64 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sun, 17 Mar 2024 10:41:15 +0530 Subject: [PATCH 05/37] Create CVE-2023-5830.yaml --- http/cves/2023/CVE-2023-5830.yaml | 68 +++++++++++++++++++++++++++++++ 1 file changed, 68 insertions(+) create mode 100644 http/cves/2023/CVE-2023-5830.yaml diff --git a/http/cves/2023/CVE-2023-5830.yaml b/http/cves/2023/CVE-2023-5830.yaml new file mode 100644 index 0000000000..558ceed547 --- /dev/null +++ b/http/cves/2023/CVE-2023-5830.yaml @@ -0,0 +1,68 @@ +id: CVE-2023-5830 +info: + name: ColumbiaSoft DocumentLocator - Improper Authentication + author: Gonski + severity: critical + description: Instances of ColumbiaSoft's Document Locator prior to version 7.2 + SP4 and 2021.1 are vulnerable to an Improper Authentication/SSRF + vulnerability. This template identifies vulnerable instances of the + ColumbiaSoft Document Locater application by confirming external DNS + interaction/lookups by modifying the value of the client-side SERVER + parameter at /api/authentication/login. + impact: | + An attacker could exploit this vulnerability to gain unauthorized access to sensitive information. + remediation: | + Upgrade to a patched version of ColumbiaSoft DocumentLocator to fix the improper authentication issue. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2023-5830 + - https://vuldb.com/?ctiid.243729 + - https://github.com/advisories/GHSA-j89v-wm7x-4434 + - https://vuldb.com/?id.243729 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2023-5830 + cwe-id: CWE-287 + epss-score: 0.00091 + epss-percentile: 0.37582 + cpe: cpe:2.3:a:documentlocator:document_locator:*:*:*:*:*:*:*:* + metadata: + max-request: 1 + vendor: documentlocator + product: document_locator + shodan-query: 'title:"Document Locator - WebTools"' + tags: cve,cve2023,ssrf,unauth,columbiasoft,intrusive,webtools + +http: + - raw: + - | + @timeout: 30s + POST /api/authentication/login HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/json;charset=UTF-8 + Origin: {{BaseURL}} + Referer: {{BaseURL}} + User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.97 Safari/537.36 + Accept-Encoding: gzip, deflate + Accept-Language: en-US,en;q=0.9 + + { + "LoginType":"differentWindows", + "User":"{{randstr}}", + "Password":"{{rand_base(5, "abc")}}", + "Domain":"{{randstr}}", + "Server":"{{interactsh-url}}", + "Repository":"{{randstr}}" + } + + matchers-condition: and + matchers: + - type: word + part: interactsh_protocol + words: + - "dns" + + - type: word + part: body + words: + - '"Authorized":false' From e6b4ed3f4638c800cdefe7e82655d1ccfd5f28bf Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Sun, 17 Mar 2024 23:03:50 +0530 Subject: [PATCH 06/37] Update cisco-expressway-panel.yaml --- http/exposed-panels/cisco/cisco-expressway-panel.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/http/exposed-panels/cisco/cisco-expressway-panel.yaml b/http/exposed-panels/cisco/cisco-expressway-panel.yaml index b2dcb9e79f..6b37647296 100644 --- a/http/exposed-panels/cisco/cisco-expressway-panel.yaml +++ b/http/exposed-panels/cisco/cisco-expressway-panel.yaml @@ -9,9 +9,9 @@ info: reference: - https://www.cisco.com/c/en/us/products/unified-communications/expressway-series/index.html metadata: - max-request: 1 - shodan-query: http.html:"Cisco Expressway" verified: true + max-request: 1 + shodan-query: html:"Cisco Expressway" tags: panel,cisco,login,detect http: @@ -23,7 +23,7 @@ http: - type: dsl dsl: - 'status_code == 200' - - 'contains_any(to_lower(body), "cisco expressway", "cisco expway") && contains(to_lower(body), "login")' + - 'contains_any(to_lower(body), "cisco expressway", "cisco expway")' condition: and extractors: @@ -31,4 +31,4 @@ http: part: body group: 1 regex: - - 'Cisco\s+(?:Expressway|Expway)\s+([A-Za-z\s]+)<\/legend>' \ No newline at end of file + - 'Cisco\s+(?:Expressway|Expway)\s+([A-Za-z\s]+)<\/legend>' From 77f5899be6fb1f6db67fcf954a7a0a2ab048c9e1 Mon Sep 17 00:00:00 2001 From: Muhammad Daffa <36522826+daffainfo@users.noreply.github.com> Date: Mon, 18 Mar 2024 09:48:07 +0700 Subject: [PATCH 07/37] Rename http/exposed-panels/forticlientems-panel.yaml to http/exposed-panels/fortinet/forticlientems-panel.yaml --- http/exposed-panels/{ => fortinet}/forticlientems-panel.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename http/exposed-panels/{ => fortinet}/forticlientems-panel.yaml (99%) diff --git a/http/exposed-panels/forticlientems-panel.yaml b/http/exposed-panels/fortinet/forticlientems-panel.yaml similarity index 99% rename from http/exposed-panels/forticlientems-panel.yaml rename to http/exposed-panels/fortinet/forticlientems-panel.yaml index aa71d7757d..92c39c7c20 100644 --- a/http/exposed-panels/forticlientems-panel.yaml +++ b/http/exposed-panels/fortinet/forticlientems-panel.yaml @@ -33,4 +33,4 @@ http: group: 1 regex: - 'VERSION_FULL\\u0022: \\u0022(.*?)\\u0022' -# digest: 4a0a00473045022100ca8f62bf9c299d2ef4a24562fab0cfa6df4bf3e529e144287b08a9bddd70bfff0220395f7b7c4d94585210c9476eb9589430b114ef7e13f20e84109aef636d456745:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4a0a00473045022100ca8f62bf9c299d2ef4a24562fab0cfa6df4bf3e529e144287b08a9bddd70bfff0220395f7b7c4d94585210c9476eb9589430b114ef7e13f20e84109aef636d456745:922c64590222798bb761d5b6d8e72950 From f74050c474c578fad01c2acd752ba66033994954 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 18 Mar 2024 11:11:38 +0530 Subject: [PATCH 08/37] fix formatting --- http/cves/2023/CVE-2023-5830.yaml | 16 +++++----------- 1 file changed, 5 insertions(+), 11 deletions(-) diff --git a/http/cves/2023/CVE-2023-5830.yaml b/http/cves/2023/CVE-2023-5830.yaml index 558ceed547..c6985aac05 100644 --- a/http/cves/2023/CVE-2023-5830.yaml +++ b/http/cves/2023/CVE-2023-5830.yaml @@ -1,14 +1,11 @@ id: CVE-2023-5830 + info: name: ColumbiaSoft DocumentLocator - Improper Authentication author: Gonski severity: critical - description: Instances of ColumbiaSoft's Document Locator prior to version 7.2 - SP4 and 2021.1 are vulnerable to an Improper Authentication/SSRF - vulnerability. This template identifies vulnerable instances of the - ColumbiaSoft Document Locater application by confirming external DNS - interaction/lookups by modifying the value of the client-side SERVER - parameter at /api/authentication/login. + description: | + Instances of ColumbiaSoft's Document Locator prior to version 7.2 SP4 and 2021.1 are vulnerable to an Improper Authentication/SSRF vulnerability. This template identifies vulnerable instances of the ColumbiaSoft Document Locater application by confirming external DNS interaction/lookups by modifying the value of the client-side SERVER parameter at /api/authentication/login. impact: | An attacker could exploit this vulnerability to gain unauthorized access to sensitive information. remediation: | @@ -24,7 +21,7 @@ info: cve-id: CVE-2023-5830 cwe-id: CWE-287 epss-score: 0.00091 - epss-percentile: 0.37582 + epss-percentile: 0.37579 cpe: cpe:2.3:a:documentlocator:document_locator:*:*:*:*:*:*:*:* metadata: max-request: 1 @@ -36,15 +33,12 @@ info: http: - raw: - | - @timeout: 30s + @timeout: 20s POST /api/authentication/login HTTP/1.1 Host: {{Hostname}} Content-Type: application/json;charset=UTF-8 Origin: {{BaseURL}} Referer: {{BaseURL}} - User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.97 Safari/537.36 - Accept-Encoding: gzip, deflate - Accept-Language: en-US,en;q=0.9 { "LoginType":"differentWindows", From ca9321083f13ce08da8348811b77d2a65cbbc9da Mon Sep 17 00:00:00 2001 From: "[PDBot]" Date: Mon, 18 Mar 2024 05:44:58 +0000 Subject: [PATCH 09/37] Auto Generated New Template Addition List [Mon Mar 18 05:44:58 UTC 2024] :robot: --- .new-additions | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.new-additions b/.new-additions index 0fcf9e9134..2b293af549 100644 --- a/.new-additions +++ b/.new-additions @@ -3,7 +3,7 @@ http/cves/2024/CVE-2023-5914.yaml http/cves/2024/CVE-2024-1698.yaml http/exposed-panels/bynder-panel.yaml http/exposed-panels/emqx-panel.yaml -http/exposed-panels/forticlientems-panel.yaml +http/exposed-panels/fortinet/forticlientems-panel.yaml http/exposed-panels/fortinet/fortiwlm-panel.yaml http/exposed-panels/neocase-hrportal-panel.yaml http/exposed-panels/osnexus-panel.yaml From 5dc169cea017244c417bec810c1bbddd6148cf10 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 18 Mar 2024 05:45:17 +0000 Subject: [PATCH 10/37] Auto Generated Templates Checksum [Mon Mar 18 05:45:17 UTC 2024] :robot: --- templates-checksum.txt | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/templates-checksum.txt b/templates-checksum.txt index 455c08c21f..4bcd2e5295 100644 --- a/templates-checksum.txt +++ b/templates-checksum.txt @@ -3565,9 +3565,9 @@ http/exposed-panels/footprints-panel.yaml:12b1ff801c88bafe46638794e739adb9d5379f http/exposed-panels/forcepoint-applicance.yaml:f18ffbd665ae28a2bacec9117186e68621287db4 http/exposed-panels/forcepoint.yaml:c3c1417daa067deaf421ae9c0a30d4b88c3b0350 http/exposed-panels/forti/fortiadc-panel.yaml:8dfb7582c659d516cc6eb9d8dceb42a0424fe143 -http/exposed-panels/forticlientems-panel.yaml:376dfeea4aba569ce865208dc9fe81f7858b175d http/exposed-panels/fortinet/fortiap-panel.yaml:300ab4949fd73ca59e9e7c4706a2c616ada75914 http/exposed-panels/fortinet/fortiauthenticator-detect.yaml:c0f02944e1c861c523acfe6f5a3c823327339989 +http/exposed-panels/fortinet/forticlientems-panel.yaml:65d946fe428862980085d4410cf8a4367cd8f3fc http/exposed-panels/fortinet/fortimail-panel.yaml:c0202da50a4af46f6290259e367f7fa997ffa18e http/exposed-panels/fortinet/fortinet-fortiddos-panel.yaml:ba098255839e2c7f85c7793ea2b4056aea91839c http/exposed-panels/fortinet/fortinet-fortigate-panel.yaml:6b53e7e548ca993721fd221cc473775d56f8398d @@ -6500,8 +6500,8 @@ http/technologies/mappproxy-detect.yaml:34f8715bb04d15e410646087f140852d5e67e6a4 http/technologies/matrix-detect.yaml:33b6e2aef92cf34e8fdfa015ed1d7c4cbb0c9ca7 http/technologies/matrix-homeserver-detect.yaml:03f44055b1385667e1d860c9160c9b0a3b5b24b0 http/technologies/metatag-cms.yaml:dddeec9fe5817ce89ce12c7fb09e5702c6cf5ea7 -http/technologies/microsoft/aspnet-version-detect.yaml:c2322047d526d4cbf5e23afb5299227a493e76b7 -http/technologies/microsoft/aspnetmvc-version-disclosure.yaml:ec99bbdc39f070ec50892003e8edc062b0526de4 +http/technologies/microsoft/aspnet-version-detect.yaml:5bed426fbdc77d0e323d7d3c0113c4bfb34ce8f6 +http/technologies/microsoft/aspnetmvc-version-disclosure.yaml:341d9ec2d4e676c7d022608a43527ec30e3df2c9 http/technologies/microsoft/default-iis7-page.yaml:c4e22ee6e9c969c526ea2609a510a8e23150963d http/technologies/microsoft/default-microsoft-azure-page.yaml:edf6bd39671cbd1eeda217a1956965a66e368d06 http/technologies/microsoft/default-windows-server-page.yaml:eddc0c09081a8fdfdd579671ba67816b49e8bb81 @@ -8057,6 +8057,7 @@ network/detection/vmware-authentication-daemon-detect.yaml:fe32f8021fd370465c0f9 network/detection/vnc-service-detect.yaml:22f648aa53fa7fb08f258bcd06fa4b15d80eebca network/detection/weblogic-iiop-detect.yaml:05bf3f6fdfa938cfb88ee0e5f27da5e1b8d70bfa network/detection/weblogic-t3-detect.yaml:06f88de334b8bae8279d944c0cf4467919930e93 +network/detection/wing-ftp-detect.yaml:9feec58cdec3444ea6e77227021e14e6722e11eb network/detection/ws_ftp-ssh-detect.yaml:558ac2fd876a7239ddfd7c5c9433769f166644bd network/detection/xlight-ftp-service-detect.yaml:c1bcbafb4cd2ad7a5b4b6c7b947779ee08367781 network/enumeration/beanstalk-service.yaml:4116fb96469ca087e5b79686fe57c54862835ad8 @@ -8142,7 +8143,7 @@ ssl/tls-version.yaml:4e40f08efbb39172b9280ea9e26ca5f0a14a575a ssl/untrusted-root-certificate.yaml:a91d36990a1d052f5ee64d170ad8f084d38dab19 ssl/weak-cipher-suites.yaml:62fe808d9dfafda67c410e6cb9445fdc70257e89 ssl/wildcard-tls.yaml:d244f62c7bd22d3868fc6fc7cb9550af6b261210 -templates-checksum.txt:5b1362ef552ea57e67c47c4d472d4386c9aa6368 +templates-checksum.txt:da0ae7facbd2718a8d123ac6233db68929637c18 wappalyzer-mapping.yml:7f03bd65baacac20c1dc6bbf35ff2407959574f1 workflows/74cms-workflow.yaml:bb010e767ad32b906153e36ea618be545b4e22d0 workflows/acrolinx-workflow.yaml:8434089bb55dec3d7b2ebc6a6f340e73382dd0c4 From a3592013fc2d6ce50d31cdadad4c0792b9796bf0 Mon Sep 17 00:00:00 2001 From: "[PDBot]" Date: Mon, 18 Mar 2024 05:45:33 +0000 Subject: [PATCH 11/37] Syncing Templates --- .github/workflows/templates-sync.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/templates-sync.yml b/.github/workflows/templates-sync.yml index 9f1f2d3a31..5c86c2053d 100644 --- a/.github/workflows/templates-sync.yml +++ b/.github/workflows/templates-sync.yml @@ -8,7 +8,7 @@ on: - 'http/cves/2024/CVE-2024-1698.yaml' - 'http/exposed-panels/bynder-panel.yaml' - 'http/exposed-panels/emqx-panel.yaml' - - 'http/exposed-panels/forticlientems-panel.yaml' + - 'http/exposed-panels/fortinet/forticlientems-panel.yaml' - 'http/exposed-panels/fortinet/fortiwlm-panel.yaml' - 'http/exposed-panels/neocase-hrportal-panel.yaml' - 'http/exposed-panels/osnexus-panel.yaml' From 79b7e8a18a94119e81fa7204c5ce50b7b48462d6 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 18 Mar 2024 05:47:15 +0000 Subject: [PATCH 12/37] Auto Template Signing [Mon Mar 18 05:47:15 UTC 2024] :robot: --- network/detection/wing-ftp-detect.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/network/detection/wing-ftp-detect.yaml b/network/detection/wing-ftp-detect.yaml index 44f5795d94..f73ee40f28 100644 --- a/network/detection/wing-ftp-detect.yaml +++ b/network/detection/wing-ftp-detect.yaml @@ -24,3 +24,4 @@ tcp: part: body words: - "Wing FTP Server" +# digest: 490a00463044022041b78c4dea63a1fbdd51b152e120900093db0ab7e81b050e75d03c542d80b4a10220476a48aa15c3c12290b8d485e4ddd49d48d0173d1bc14ad16cbf0d2079fb8acf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file From 7749d3d29d5a1055941272188f9f353085e58494 Mon Sep 17 00:00:00 2001 From: "[PDBot]" Date: Mon, 18 Mar 2024 06:09:47 +0000 Subject: [PATCH 13/37] Auto Generated New Template Addition List [Mon Mar 18 06:09:47 UTC 2024] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 2b293af549..45c95827d0 100644 --- a/.new-additions +++ b/.new-additions @@ -2,6 +2,7 @@ http/cves/2023/CVE-2023-49785.yaml http/cves/2024/CVE-2023-5914.yaml http/cves/2024/CVE-2024-1698.yaml http/exposed-panels/bynder-panel.yaml +http/exposed-panels/cisco/cisco-expressway-panel.yaml http/exposed-panels/emqx-panel.yaml http/exposed-panels/fortinet/forticlientems-panel.yaml http/exposed-panels/fortinet/fortiwlm-panel.yaml From 6e34149e3c68da1ce8d242a45dc8acdef853c18c Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 18 Mar 2024 06:10:02 +0000 Subject: [PATCH 14/37] Auto Generated Templates Checksum [Mon Mar 18 06:10:01 UTC 2024] :robot: --- templates-checksum.txt | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/templates-checksum.txt b/templates-checksum.txt index 4bcd2e5295..2f00f43723 100644 --- a/templates-checksum.txt +++ b/templates-checksum.txt @@ -3406,6 +3406,7 @@ http/exposed-panels/cisco/cisco-ace-device-manager.yaml:c5c9e855c9978d5f1770f828 http/exposed-panels/cisco/cisco-anyconnect-vpn.yaml:426651066804491b7128cb9d1518adcece334719 http/exposed-panels/cisco/cisco-asa-panel.yaml:404619b86f43443c4cb6a77e46855879a1ad4778 http/exposed-panels/cisco/cisco-edge-340.yaml:cd15ec08c18c29079865df10dfec7f1fe23008f3 +http/exposed-panels/cisco/cisco-expressway-panel.yaml:857d663d12cfec2d3080e48ddaa0aa3749b4490a http/exposed-panels/cisco/cisco-finesse-login.yaml:742d956488dcddf7305d32facc6a47b5a5e51f4e http/exposed-panels/cisco/cisco-integrated-login.yaml:1e712a4925fe31fb6076255a1ea1d3c5518d600e http/exposed-panels/cisco/cisco-ios-xe-panel.yaml:2c260bc7aeaaea7892a11b22c8d1f08007b7c479 @@ -8057,7 +8058,7 @@ network/detection/vmware-authentication-daemon-detect.yaml:fe32f8021fd370465c0f9 network/detection/vnc-service-detect.yaml:22f648aa53fa7fb08f258bcd06fa4b15d80eebca network/detection/weblogic-iiop-detect.yaml:05bf3f6fdfa938cfb88ee0e5f27da5e1b8d70bfa network/detection/weblogic-t3-detect.yaml:06f88de334b8bae8279d944c0cf4467919930e93 -network/detection/wing-ftp-detect.yaml:9feec58cdec3444ea6e77227021e14e6722e11eb +network/detection/wing-ftp-detect.yaml:79fe3254d4657278f122977cda7145287f7b993c network/detection/ws_ftp-ssh-detect.yaml:558ac2fd876a7239ddfd7c5c9433769f166644bd network/detection/xlight-ftp-service-detect.yaml:c1bcbafb4cd2ad7a5b4b6c7b947779ee08367781 network/enumeration/beanstalk-service.yaml:4116fb96469ca087e5b79686fe57c54862835ad8 @@ -8143,7 +8144,7 @@ ssl/tls-version.yaml:4e40f08efbb39172b9280ea9e26ca5f0a14a575a ssl/untrusted-root-certificate.yaml:a91d36990a1d052f5ee64d170ad8f084d38dab19 ssl/weak-cipher-suites.yaml:62fe808d9dfafda67c410e6cb9445fdc70257e89 ssl/wildcard-tls.yaml:d244f62c7bd22d3868fc6fc7cb9550af6b261210 -templates-checksum.txt:da0ae7facbd2718a8d123ac6233db68929637c18 +templates-checksum.txt:39ab23b56eda1c237a5e87906e81fbc0dab179e2 wappalyzer-mapping.yml:7f03bd65baacac20c1dc6bbf35ff2407959574f1 workflows/74cms-workflow.yaml:bb010e767ad32b906153e36ea618be545b4e22d0 workflows/acrolinx-workflow.yaml:8434089bb55dec3d7b2ebc6a6f340e73382dd0c4 From 1f093f44fe8253180a3d43193386d2d8b0a94b84 Mon Sep 17 00:00:00 2001 From: "[PDBot]" Date: Mon, 18 Mar 2024 06:10:39 +0000 Subject: [PATCH 15/37] Syncing Templates --- .github/workflows/templates-sync.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/templates-sync.yml b/.github/workflows/templates-sync.yml index 5c86c2053d..53a19b01a9 100644 --- a/.github/workflows/templates-sync.yml +++ b/.github/workflows/templates-sync.yml @@ -7,6 +7,7 @@ on: - 'http/cves/2024/CVE-2023-5914.yaml' - 'http/cves/2024/CVE-2024-1698.yaml' - 'http/exposed-panels/bynder-panel.yaml' + - 'http/exposed-panels/cisco/cisco-expressway-panel.yaml' - 'http/exposed-panels/emqx-panel.yaml' - 'http/exposed-panels/fortinet/forticlientems-panel.yaml' - 'http/exposed-panels/fortinet/fortiwlm-panel.yaml' From 455e50254af63e1f7659e2fa35f83a6092498100 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 18 Mar 2024 06:11:33 +0000 Subject: [PATCH 16/37] Auto Template Signing [Mon Mar 18 06:11:33 UTC 2024] :robot: --- http/exposed-panels/cisco/cisco-expressway-panel.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/http/exposed-panels/cisco/cisco-expressway-panel.yaml b/http/exposed-panels/cisco/cisco-expressway-panel.yaml index 6b37647296..7dd5c5eed5 100644 --- a/http/exposed-panels/cisco/cisco-expressway-panel.yaml +++ b/http/exposed-panels/cisco/cisco-expressway-panel.yaml @@ -32,3 +32,4 @@ http: group: 1 regex: - 'Cisco\s+(?:Expressway|Expway)\s+([A-Za-z\s]+)<\/legend>' +# digest: 4a0a004730450221009a93171a94b3dcd6d212e35ffa66bf4d9432bd4ccac43de4141f63c5e61c060e0220021d84484a72649f562eaf3d436b260c53cc31c830240371f88855c097a4c6c8:922c64590222798bb761d5b6d8e72950 \ No newline at end of file From 3a5f76fd09ec5ebeff0cb4a52d7973a8c1c5a7b9 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 18 Mar 2024 15:49:06 +0530 Subject: [PATCH 17/37] File Based Template & Moving Directory --- file/keys/dependency/dependency-track.yaml | 24 +++++++++++++++++ file/keys/docker/dockerhub-pat.yaml | 22 +++++++++++++++ file/keys/doppler/doppler-audit.yaml | 23 ++++++++++++++++ file/keys/doppler/doppler-cli.yaml | 23 ++++++++++++++++ file/keys/doppler/doppler-scim.yaml | 23 ++++++++++++++++ .../keys/doppler/doppler-service-account.yaml | 23 ++++++++++++++++ file/keys/doppler/doppler-service.yaml | 23 ++++++++++++++++ file/keys/dropbox/dropbox-access.yaml | 24 +++++++++++++++++ .../huggingface/huggingface-user-access.yaml | 22 +++++++++++++++ file/keys/linkedin/linkedin-client.yaml | 22 +++++++++++++++ file/keys/linkedin/linkedin-secret.yaml | 22 +++++++++++++++ file/keys/newrelic/newrelic-api-service.yaml | 23 ++++++++++++++++ file/keys/newrelic/newrelic-license-non.yaml | 23 ++++++++++++++++ file/keys/newrelic/newrelic-license.yaml | 23 ++++++++++++++++ file/keys/odbc/odbc-connection.yaml | 21 +++++++++++++++ file/keys/okta/okta-api.yaml | 23 ++++++++++++++++ file/keys/particle/particle-access.yaml | 23 ++++++++++++++++ file/keys/react/reactapp-password.yaml | 23 ++++++++++++++++ file/keys/react/reactapp-username.yaml | 23 ++++++++++++++++ file/keys/salesforce/salesforce-access.yaml | 21 +++++++++++++++ file/keys/thingsboard/thingsboard-access.yaml | 23 ++++++++++++++++ file/keys/truenas/truenas-api.yaml | 27 +++++++++++++++++++ file/keys/twitter/twitter-client.yaml | 22 +++++++++++++++ file/keys/twitter/twitter-secret.yaml | 22 +++++++++++++++ file/keys/wireguard/wireguard-preshared.yaml | 24 +++++++++++++++++ file/keys/wireguard/wireguard-private.yaml | 24 +++++++++++++++++ 26 files changed, 596 insertions(+) create mode 100644 file/keys/dependency/dependency-track.yaml create mode 100644 file/keys/docker/dockerhub-pat.yaml create mode 100644 file/keys/doppler/doppler-audit.yaml create mode 100644 file/keys/doppler/doppler-cli.yaml create mode 100644 file/keys/doppler/doppler-scim.yaml create mode 100644 file/keys/doppler/doppler-service-account.yaml create mode 100644 file/keys/doppler/doppler-service.yaml create mode 100644 file/keys/dropbox/dropbox-access.yaml create mode 100644 file/keys/huggingface/huggingface-user-access.yaml create mode 100644 file/keys/linkedin/linkedin-client.yaml create mode 100644 file/keys/linkedin/linkedin-secret.yaml create mode 100644 file/keys/newrelic/newrelic-api-service.yaml create mode 100644 file/keys/newrelic/newrelic-license-non.yaml create mode 100644 file/keys/newrelic/newrelic-license.yaml create mode 100644 file/keys/odbc/odbc-connection.yaml create mode 100644 file/keys/okta/okta-api.yaml create mode 100644 file/keys/particle/particle-access.yaml create mode 100644 file/keys/react/reactapp-password.yaml create mode 100644 file/keys/react/reactapp-username.yaml create mode 100644 file/keys/salesforce/salesforce-access.yaml create mode 100644 file/keys/thingsboard/thingsboard-access.yaml create mode 100644 file/keys/truenas/truenas-api.yaml create mode 100644 file/keys/twitter/twitter-client.yaml create mode 100644 file/keys/twitter/twitter-secret.yaml create mode 100644 file/keys/wireguard/wireguard-preshared.yaml create mode 100644 file/keys/wireguard/wireguard-private.yaml diff --git a/file/keys/dependency/dependency-track.yaml b/file/keys/dependency/dependency-track.yaml new file mode 100644 index 0000000000..0641b8ff39 --- /dev/null +++ b/file/keys/dependency/dependency-track.yaml @@ -0,0 +1,24 @@ +id: dependency-track + +info: + name: Dependency Track API Key + author: DhiyaneshDK + severity: info + reference: + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/dependency_track.yml + - https://docs.dependencytrack.org/integrations/rest-api/ + - https://docs.dependencytrack.org/getting-started/configuration/ + metadata: + verified: true + max-request: 1 + tags: dependency,keys,file + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - \b(odt_[A-Za-z0-9]{32,255})\b \ No newline at end of file diff --git a/file/keys/docker/dockerhub-pat.yaml b/file/keys/docker/dockerhub-pat.yaml new file mode 100644 index 0000000000..817b6fea4c --- /dev/null +++ b/file/keys/docker/dockerhub-pat.yaml @@ -0,0 +1,22 @@ +id: dockerhub-pat + +info: + name: Docker Hub Personal Access Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/dockerhub.yml + - https://docs.docker.com/security/for-developers/access-tokens/ + metadata: + verified: true + tags: docker,keys,file + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - \b(dckr_pat_[a-zA-Z0-9_-]{27})(?:$|[^a-zA-Z0-9_-]) \ No newline at end of file diff --git a/file/keys/doppler/doppler-audit.yaml b/file/keys/doppler/doppler-audit.yaml new file mode 100644 index 0000000000..c118aa3a8e --- /dev/null +++ b/file/keys/doppler/doppler-audit.yaml @@ -0,0 +1,23 @@ +id: doppler-audit + +info: + name: Doppler Audit Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/doppler.yml + - https://docs.doppler.com/reference/api + - https://docs.doppler.com/reference/auth-token-formats + metadata: + verified: true + tags: doppler,keys,file + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - \b(dp\.audit\.[a-zA-Z0-9]{40,44})\b \ No newline at end of file diff --git a/file/keys/doppler/doppler-cli.yaml b/file/keys/doppler/doppler-cli.yaml new file mode 100644 index 0000000000..3d67b5e899 --- /dev/null +++ b/file/keys/doppler/doppler-cli.yaml @@ -0,0 +1,23 @@ +id: doppler-cli + +info: + name: Doppler CLI Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/doppler.yml + - https://docs.doppler.com/reference/api + - https://docs.doppler.com/reference/auth-token-formats + metadata: + verified: true + tags: doppler,keys,file + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - \b(dp\.ct\.[a-zA-Z0-9]{40,44})\b \ No newline at end of file diff --git a/file/keys/doppler/doppler-scim.yaml b/file/keys/doppler/doppler-scim.yaml new file mode 100644 index 0000000000..4c3d67e111 --- /dev/null +++ b/file/keys/doppler/doppler-scim.yaml @@ -0,0 +1,23 @@ +id: doppler-scim + +info: + name: Doppler SCIM Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/doppler.yml + - https://docs.doppler.com/reference/api + - https://docs.doppler.com/reference/auth-token-formats + metadata: + verified: true + tags: doppler,keys,file + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - \b(dp\.scim\.[a-zA-Z0-9]{40,44})\b \ No newline at end of file diff --git a/file/keys/doppler/doppler-service-account.yaml b/file/keys/doppler/doppler-service-account.yaml new file mode 100644 index 0000000000..f1e18ca1bd --- /dev/null +++ b/file/keys/doppler/doppler-service-account.yaml @@ -0,0 +1,23 @@ +id: doppler-service-account + +info: + name: Doppler Service Account Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/doppler.yml + - https://docs.doppler.com/reference/api + - https://docs.doppler.com/reference/auth-token-formats + metadata: + verified: true + tags: doppler,keys,file + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - \b(dp\.sa\.[a-zA-Z0-9]{40,44})\b \ No newline at end of file diff --git a/file/keys/doppler/doppler-service.yaml b/file/keys/doppler/doppler-service.yaml new file mode 100644 index 0000000000..a56de68df9 --- /dev/null +++ b/file/keys/doppler/doppler-service.yaml @@ -0,0 +1,23 @@ +id: doppler-service + +info: + name: Doppler Service + author: DhiyaneshDK + severity: info + reference: + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/doppler.yml + - https://docs.doppler.com/reference/api + - https://docs.doppler.com/reference/auth-token-formats + metadata: + verified: true + tags: doppler,keys,file + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - \b(dp\.st\.(?:[a-z0-9\-_]{2,35}\.)?[a-zA-Z0-9]{40,44})\b \ No newline at end of file diff --git a/file/keys/dropbox/dropbox-access.yaml b/file/keys/dropbox/dropbox-access.yaml new file mode 100644 index 0000000000..c93a25f910 --- /dev/null +++ b/file/keys/dropbox/dropbox-access.yaml @@ -0,0 +1,24 @@ +id: dropbox-access + +info: + name: Dropbox Access Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/dropbox.yml + - https://developers.dropbox.com/oauth-guide + - https://www.dropbox.com/developers/ + - https://www.dropbox.com/developers/documentation/http/documentation + metadata: + verified: true + tags: dropbox,keys,file + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - \b(sl\.[a-zA-Z0-9_-]{130,152})(?:$|[^a-zA-Z0-9_-]) \ No newline at end of file diff --git a/file/keys/huggingface/huggingface-user-access.yaml b/file/keys/huggingface/huggingface-user-access.yaml new file mode 100644 index 0000000000..ea9de171a3 --- /dev/null +++ b/file/keys/huggingface/huggingface-user-access.yaml @@ -0,0 +1,22 @@ +id: huggingface-user-access + +info: + name: HuggingFace User Access Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/huggingface.yml + - https://huggingface.co/docs/hub/security-tokens + metadata: + verified: true + tags: huggingface,keys,file + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - '\b(hf_[a-zA-Z]{34})\b' \ No newline at end of file diff --git a/file/keys/linkedin/linkedin-client.yaml b/file/keys/linkedin/linkedin-client.yaml new file mode 100644 index 0000000000..cc5efceb3c --- /dev/null +++ b/file/keys/linkedin/linkedin-client.yaml @@ -0,0 +1,22 @@ +id: linkedin-client + +info: + name: LinkedIn Client ID + author: DhiyaneshDK + severity: info + reference: + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/linkedin.yml + - https://docs.microsoft.com/en-us/linkedin/shared/api-guide/best-practices/secure-applications + metadata: + verified: true + tags: linkedin,keys,file + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)linkedin.?(?:api|app|application|client|consumer|customer)?.?(?:id|identifier|key).{0,2}\s{0,20}.{0,2}\s{0,20}.{0,2}\b([a-z0-9]{12,14})\b \ No newline at end of file diff --git a/file/keys/linkedin/linkedin-secret.yaml b/file/keys/linkedin/linkedin-secret.yaml new file mode 100644 index 0000000000..cb11c02d6d --- /dev/null +++ b/file/keys/linkedin/linkedin-secret.yaml @@ -0,0 +1,22 @@ +id: linkedin-secret + +info: + name: LinkedIn Secret Key + author: DhiyaneshDK + severity: info + reference: + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/linkedin.yml + - https://docs.microsoft.com/en-us/linkedin/shared/api-guide/best-practices/secure-applications + metadata: + verified: true + tags: linkedin,keys,file + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)linkedin.?(?:api|app|application|client|consumer|customer|secret|key).?(?:key|oauth|sec|secret)?.{0,2}\s{0,20}.{0,2}\s{0,20}.{0,2}\b([a-z0-9]{16})\b \ No newline at end of file diff --git a/file/keys/newrelic/newrelic-api-service.yaml b/file/keys/newrelic/newrelic-api-service.yaml new file mode 100644 index 0000000000..8664287edc --- /dev/null +++ b/file/keys/newrelic/newrelic-api-service.yaml @@ -0,0 +1,23 @@ +id: newrelic-api-service + +info: + name: New Relic API Service Key + author: DhiyaneshDK + severity: info + reference: + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/newrelic.yml + - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys + - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys/#user-key + metadata: + verified: true + tags: newrelic,keys,file + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)\b(nrak-[a-z0-9]{27})\b \ No newline at end of file diff --git a/file/keys/newrelic/newrelic-license-non.yaml b/file/keys/newrelic/newrelic-license-non.yaml new file mode 100644 index 0000000000..ce41a57b63 --- /dev/null +++ b/file/keys/newrelic/newrelic-license-non.yaml @@ -0,0 +1,23 @@ +id: newrelic-license-non + +info: + name: New Relic License Key (non-suffixed) + author: DhiyaneshDK + severity: info + reference: + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/newrelic.yml + - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys + - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys/#license-key + metadata: + verified: true + tags: newrelic,keys,file + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)associated\ with\ your\ New\ Relic\ account\.\s+license_key:\s*([a-f0-9]{40})\b \ No newline at end of file diff --git a/file/keys/newrelic/newrelic-license.yaml b/file/keys/newrelic/newrelic-license.yaml new file mode 100644 index 0000000000..279edd5fc6 --- /dev/null +++ b/file/keys/newrelic/newrelic-license.yaml @@ -0,0 +1,23 @@ +id: newrelic-license + +info: + name: New Relic License Key + author: DhiyaneshDK + severity: info + reference: + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/newrelic.yml + - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys + - https://docs.newrelic.com/docs/apis/intro-apis/new-relic-api-keys/#license-key + metadata: + verified: true + tags: newrelic,keys,file + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)\b([a-z0-9]{6}[a-f0-9]{30}nral)\b \ No newline at end of file diff --git a/file/keys/odbc/odbc-connection.yaml b/file/keys/odbc/odbc-connection.yaml new file mode 100644 index 0000000000..fe7d35357c --- /dev/null +++ b/file/keys/odbc/odbc-connection.yaml @@ -0,0 +1,21 @@ +id: odbc-connection + +info: + name: ODBC Connection String + author: DhiyaneshDK + severity: info + reference: + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/odbc.yml + metadata: + verified: true + tags: odbc,keys,file + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?:User|User\sId|UserId|Uid)\s*=\s*([^\s;]{3,100})\s*;[\ \t]*.{0,10}[\ \t]*(?:Password|Pwd)\s*=\s*([^\t\ ;]{3,100})\s*(?:[;]|$) \ No newline at end of file diff --git a/file/keys/okta/okta-api.yaml b/file/keys/okta/okta-api.yaml new file mode 100644 index 0000000000..9052d9df6b --- /dev/null +++ b/file/keys/okta/okta-api.yaml @@ -0,0 +1,23 @@ +id: okta-api + +info: + name: Okta API Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/okta.yml + - https://devforum.okta.com/t/api-token-length/5519 + - https://developer.okta.com/docs/guides/create-an-api-token/main/ + metadata: + verified: true + tags: okta,keys,file + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)(?s)(?:okta|ssws).{0,40}\b(00[a-z0-9_-]{39}[a-z0-9_])\b \ No newline at end of file diff --git a/file/keys/particle/particle-access.yaml b/file/keys/particle/particle-access.yaml new file mode 100644 index 0000000000..945b9905c8 --- /dev/null +++ b/file/keys/particle/particle-access.yaml @@ -0,0 +1,23 @@ +id: particle-access + +info: + name: particle.io Access Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/particle.io.yml + - https://docs.particle.io/reference/cloud-apis/api/ + metadata: + verified: true + tags: particle,keys,file + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - 'https://api\.particle\.io/v1/[a-zA-Z0-9_\-\s/"\\?]*(?:access_token=|Authorization:\s*Bearer\s*)\b([a-zA-Z0-9]{40})\b' + - '(?:access_token=|Authorization:\s*Bearer\s*)\b([a-zA-Z0-9]{40})\b[\s"\\]*https://api\.particle\.io/v1' \ No newline at end of file diff --git a/file/keys/react/reactapp-password.yaml b/file/keys/react/reactapp-password.yaml new file mode 100644 index 0000000000..62fab9550b --- /dev/null +++ b/file/keys/react/reactapp-password.yaml @@ -0,0 +1,23 @@ +id: reactapp-password + +info: + name: React App Password + author: DhiyaneshDK + severity: info + reference: + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/react.yml + - https://create-react-app.dev/docs/adding-custom-environment-variables/ + - https://stackoverflow.com/questions/48699820/how-do-i-hide-an-api-key-in-create-react-app + metadata: + verified: true + tags: react,keys,file + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - \bREACT_APP(?:_[A-Z0-9]+)*_PASS(?:\s+WORD)?\s*=\s*['"]?([^\s'"$]{6,})(?:[\s'"$]|$) \ No newline at end of file diff --git a/file/keys/react/reactapp-username.yaml b/file/keys/react/reactapp-username.yaml new file mode 100644 index 0000000000..a9e93b86d8 --- /dev/null +++ b/file/keys/react/reactapp-username.yaml @@ -0,0 +1,23 @@ +id: reactapp-username + +info: + name: React App Username + author: DhiyaneshDK + severity: info + reference: + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/react.yml + - https://create-react-app.dev/docs/adding-custom-environment-variables/ + - https://stackoverflow.com/questions/48699820/how-do-i-hide-an-api-key-in-create-react-app + metadata: + verified: true + tags: react,keys,file + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - \bREACT_APP(?:_[A-Z0-9]+)*_USER(?:\s+NAME)?\s*=\s*['"]?([^\s'"$]{3,})(?:[\s'"$]|$) \ No newline at end of file diff --git a/file/keys/salesforce/salesforce-access.yaml b/file/keys/salesforce/salesforce-access.yaml new file mode 100644 index 0000000000..413aade6fc --- /dev/null +++ b/file/keys/salesforce/salesforce-access.yaml @@ -0,0 +1,21 @@ +id: salesforce-access + +info: + name: Salesforce Access Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/salesforce.yml + metadata: + verified: true + tags: salesforce,keys,file + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - \b(00[a-zA-Z0-9]{13}![a-zA-Z0-9._]{96})(?:\b|$|[^a-zA-Z0-9._]) \ No newline at end of file diff --git a/file/keys/thingsboard/thingsboard-access.yaml b/file/keys/thingsboard/thingsboard-access.yaml new file mode 100644 index 0000000000..7dd95dc4c0 --- /dev/null +++ b/file/keys/thingsboard/thingsboard-access.yaml @@ -0,0 +1,23 @@ +id: thingsboard-access + +info: + name: ThingsBoard Access Token + author: DhiyaneshDK + severity: info + reference: + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/thingsboard.yml + - https://thingsboard.io/docs/paas/reference/http-api/ + - https://thingsboard.io/docs/paas/reference/coap-api/ + metadata: + verified: true + tags: thingsboard,keys,file + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - thingsboard\.cloud/api/v1/([a-z0-9]{20}) \ No newline at end of file diff --git a/file/keys/truenas/truenas-api.yaml b/file/keys/truenas/truenas-api.yaml new file mode 100644 index 0000000000..6cb29cffe8 --- /dev/null +++ b/file/keys/truenas/truenas-api.yaml @@ -0,0 +1,27 @@ +id: truenas-api + +info: + name: TrueNAS API Key (WebSocket) + author: DhiyaneshDK + severity: info + reference: + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/truenas.yml + - https://www.truenas.com/docs/api/core_websocket_api.html + - https://www.truenas.com/docs/api/scale_rest_api.html + - https://www.truenas.com/docs/scale/scaletutorials/toptoolbar/managingapikeys/ + - https://www.truenas.com/docs/scale/scaleclireference/auth/cliapikey/ + - https://www.truenas.com/docs/scale/api/ + - https://www.truenas.com/community/threads/api-examples-in-perl-python.108053/ + metadata: + verified: true + tags: truenas,keys,file + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - '"params"\s*:\s*\[\s*"(\d+-[a-zA-Z0-9]{64})"\s*\]' \ No newline at end of file diff --git a/file/keys/twitter/twitter-client.yaml b/file/keys/twitter/twitter-client.yaml new file mode 100644 index 0000000000..25bc461ad9 --- /dev/null +++ b/file/keys/twitter/twitter-client.yaml @@ -0,0 +1,22 @@ +id: twitter-client + +info: + name: Twitter Client ID + author: DhiyaneshDK + severity: info + reference: + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/twitter.yml + - https://developer.twitter.com/en/docs/authentication/overview + metadata: + verified: true + tags: twitter,keys,file + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)\btwitter.?(?:api|app|application|client|consumer|customer)?.?(?:id|identifier|key).{0,2}\s{0,20}.{0,2}\s{0,20}.{0,2}\b([a-z0-9]{18,25})\b \ No newline at end of file diff --git a/file/keys/twitter/twitter-secret.yaml b/file/keys/twitter/twitter-secret.yaml new file mode 100644 index 0000000000..65e53475bd --- /dev/null +++ b/file/keys/twitter/twitter-secret.yaml @@ -0,0 +1,22 @@ +id: twitter-secret + +info: + name: Twitter Secret Key + author: DhiyaneshDK + severity: info + reference: + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/twitter.yml + - https://developer.twitter.com/en/docs/authentication/overview + metadata: + verified: true + tags: twitter,keys,file + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - (?i)twitter.?(?:api|app|application|client|consumer|customer|secret|key).?(?:key|oauth|sec|secret)?.{0,2}\s{0,20}.{0,2}\s{0,20}.{0,2}\b([a-z0-9]{35,44})\b \ No newline at end of file diff --git a/file/keys/wireguard/wireguard-preshared.yaml b/file/keys/wireguard/wireguard-preshared.yaml new file mode 100644 index 0000000000..1cfe71d22e --- /dev/null +++ b/file/keys/wireguard/wireguard-preshared.yaml @@ -0,0 +1,24 @@ +id: wireguard-preshared + +info: + name: WireGuard Preshared Key + author: DhiyaneshDK + severity: info + reference: + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/wireguard.yml + - https://www.wireguard.com/quickstart/ + - https://manpages.debian.org/testing/wireguard-tools/wg.8.en.html + - https://gist.github.com/lanceliao/5d2977f417f34dda0e3d63ac7e217fd + metadata: + verified: true + tags: wireguard,keys,file + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - PresharedKey\s*=\s*([A-Za-z0-9+/]{43}=) \ No newline at end of file diff --git a/file/keys/wireguard/wireguard-private.yaml b/file/keys/wireguard/wireguard-private.yaml new file mode 100644 index 0000000000..f269075884 --- /dev/null +++ b/file/keys/wireguard/wireguard-private.yaml @@ -0,0 +1,24 @@ +id: wireguard-private + +info: + name: WireGuard Private Key + author: DhiyaneshDK + severity: info + reference: + - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/wireguard.yml + - https://www.wireguard.com/quickstart/ + - https://manpages.debian.org/testing/wireguard-tools/wg.8.en.html + - https://gist.github.com/lanceliao/5d2977f417f34dda0e3d63ac7e217fd + metadata: + verified: true + tags: wireguard,keys,file + +file: + - extensions: + - all + + extractors: + - type: regex + part: body + regex: + - PrivateKey\s*=\s*([A-Za-z0-9+/]{43}= \ No newline at end of file From eff979412b2b1d21db2267f9e44f6453f18dbbfc Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 18 Mar 2024 15:57:39 +0530 Subject: [PATCH 18/37] fix duplicate template --- file/keys/twitter-secret.yaml | 17 ----------------- file/keys/twitter/twitter-secret.yaml | 2 +- 2 files changed, 1 insertion(+), 18 deletions(-) delete mode 100644 file/keys/twitter-secret.yaml diff --git a/file/keys/twitter-secret.yaml b/file/keys/twitter-secret.yaml deleted file mode 100644 index a37f289cfc..0000000000 --- a/file/keys/twitter-secret.yaml +++ /dev/null @@ -1,17 +0,0 @@ -id: twitter-secret - -info: - name: Twitter Secret - author: gaurang,daffainfo - severity: medium - tags: file,keys,token,twitter -file: - - extensions: - - all - - extractors: - - type: regex - regex: - - "(?i)twitter(.{0,20})?[0-9a-z]{35,44}" - - "(?i)twitter(.{0,20})?['\"][0-9a-z]{35,44}" -# digest: 490a00463044022070cedf48e8996b407257da229d7553720f700fc1f154260196c812ba9423159f022010695ee7d48aeac7287967c049bd5dfad24faf6e701db05ede091e8be3e79305:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/file/keys/twitter/twitter-secret.yaml b/file/keys/twitter/twitter-secret.yaml index 65e53475bd..47b80064dd 100644 --- a/file/keys/twitter/twitter-secret.yaml +++ b/file/keys/twitter/twitter-secret.yaml @@ -2,7 +2,7 @@ id: twitter-secret info: name: Twitter Secret Key - author: DhiyaneshDK + author: DhiyaneshDK,gaurang,daffainfo severity: info reference: - https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/twitter.yml From e515d77f723a61fa8516ad0f75b6df55036e1457 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 18 Mar 2024 16:39:10 +0530 Subject: [PATCH 19/37] fix regex --- file/keys/wireguard/wireguard-private.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/file/keys/wireguard/wireguard-private.yaml b/file/keys/wireguard/wireguard-private.yaml index f269075884..ca67db69d0 100644 --- a/file/keys/wireguard/wireguard-private.yaml +++ b/file/keys/wireguard/wireguard-private.yaml @@ -21,4 +21,4 @@ file: - type: regex part: body regex: - - PrivateKey\s*=\s*([A-Za-z0-9+/]{43}= \ No newline at end of file + - PrivateKey\s*=\s*([A-Za-z0-9+/]{43}=) \ No newline at end of file From a5140f663a7f684b185e8077b7f0e29b01ffd281 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 18 Mar 2024 17:18:40 +0530 Subject: [PATCH 20/37] Rename CVE-2023-5914.yaml to CVE-2023-5914.yaml --- http/cves/{2024 => 2023}/CVE-2023-5914.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename http/cves/{2024 => 2023}/CVE-2023-5914.yaml (99%) diff --git a/http/cves/2024/CVE-2023-5914.yaml b/http/cves/2023/CVE-2023-5914.yaml similarity index 99% rename from http/cves/2024/CVE-2023-5914.yaml rename to http/cves/2023/CVE-2023-5914.yaml index e46a02c08a..af96dd3713 100644 --- a/http/cves/2024/CVE-2023-5914.yaml +++ b/http/cves/2023/CVE-2023-5914.yaml @@ -41,4 +41,4 @@ http: - 'contains(content_type, "text/html")' - 'contains_all(body, "", "XmlException")' condition: and -# digest: 4b0a00483046022100c444c81b2b8b8c7685a7c8b6561444155245452a96458ce4ababf2b07efd197a022100cca7f9aa78063d40421d7bb070c601a698b3c6ea172e211040abb4bd0bb804e4:922c64590222798bb761d5b6d8e72950 \ No newline at end of file +# digest: 4b0a00483046022100c444c81b2b8b8c7685a7c8b6561444155245452a96458ce4ababf2b07efd197a022100cca7f9aa78063d40421d7bb070c601a698b3c6ea172e211040abb4bd0bb804e4:922c64590222798bb761d5b6d8e72950 From 03d0f76595553a2a9c42457688e18e3ad028cd96 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 18 Mar 2024 23:29:14 +0530 Subject: [PATCH 21/37] lower case (#9373) --- contributors.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contributors.json b/contributors.json index 73f519cdb6..3b7f819d5a 100644 --- a/contributors.json +++ b/contributors.json @@ -20,7 +20,7 @@ } }, { - "author": "DhiyaneshDk", + "author": "dhiyaneshdk", "links": { "github": "https://github.com/DhiyaneshGeek", "twitter": "https://twitter.com/DhiyaneshDK", From 18b90f957d24f9573efbb70523ee0c7fa3519190 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 19 Mar 2024 02:18:58 +0530 Subject: [PATCH 22/37] Update contributors.json (#9374) --- contributors.json | 62 ++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 56 insertions(+), 6 deletions(-) diff --git a/contributors.json b/contributors.json index 3b7f819d5a..3c9f71c42b 100644 --- a/contributors.json +++ b/contributors.json @@ -1,4 +1,54 @@ [ + { + "author": "princechaddha", + "links": { + "github": "https://github.com/princechaddha", + "twitter": "https://twitter.com/princechaddha", + "linkedin": "https://www.linkedin.com/in/princechaddha/", + "website": "https://pwnmachine.me/", + "email": "" + } + }, + { + "author": "gy741", + "links": { + "github": "https://github.com/gy741", + "twitter": "", + "linkedin": "", + "website": "", + "email": "" + } + }, + { + "author": "ritikchaddha", + "links": { + "github": "https://github.com/ritikchaddha", + "twitter": "https://twitter.com/ritikchaddha", + "linkedin": "", + "website": "", + "email": "" + } + }, + { + "author": "theamanrawat", + "links": { + "github": "https://github.com/theamanrawat", + "twitter": "https://twitter.com/theamanrawat", + "linkedin": "", + "website": "", + "email": "" + } + }, + { + "author": "dwisiswant0", + "links": { + "github": "https://github.com/dwisiswant0", + "twitter": "https://twitter.com/dwisiswant0", + "linkedin": "", + "website": "", + "email": "" + } + }, { "author": "Tirtha", "links": { @@ -120,10 +170,10 @@ } }, { - "author": "Akokonunes", + "author": "0x_akoko", "links": { - "github": "https://www.github.com/Akokonunes", - "twitter": "", + "github": "https://github.com/akokonunes", + "twitter": "https://twitter.com/0x_Akoko", "linkedin": "", "website": "", "email": "" @@ -613,7 +663,7 @@ "author": "daffainfo", "links": { "github": "https://www.github.com/daffainfo", - "twitter": "", + "twitter": "https://twitter.com/daffainfo", "linkedin": "", "website": "", "email": "" @@ -713,7 +763,7 @@ "author": "geeknik", "links": { "github": "https://www.github.com/geeknik", - "twitter": "", + "twitter": "https://twitter.com/geeknik", "linkedin": "", "website": "", "email": "" @@ -1133,7 +1183,7 @@ "author": "pikpikcu", "links": { "github": "https://www.github.com/pikpikcu", - "twitter": "", + "twitter": "https://twitter.com/pikpikcu", "linkedin": "", "website": "", "email": "" From 380b3a3f76413899a526144dec38f9af51737918 Mon Sep 17 00:00:00 2001 From: "[PDBot]" Date: Tue, 19 Mar 2024 03:32:27 +0000 Subject: [PATCH 23/37] Auto Generated New Template Addition List [Tue Mar 19 03:32:27 UTC 2024] :robot: --- .new-additions | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/.new-additions b/.new-additions index 45c95827d0..2280198949 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,29 @@ +file/keys/dependency/dependency-track.yaml +file/keys/docker/dockerhub-pat.yaml +file/keys/doppler/doppler-audit.yaml +file/keys/doppler/doppler-cli.yaml +file/keys/doppler/doppler-scim.yaml +file/keys/doppler/doppler-service-account.yaml +file/keys/doppler/doppler-service.yaml +file/keys/dropbox/dropbox-access.yaml +file/keys/huggingface/huggingface-user-access.yaml +file/keys/linkedin/linkedin-client.yaml +file/keys/linkedin/linkedin-secret.yaml +file/keys/newrelic/newrelic-api-service.yaml +file/keys/newrelic/newrelic-license-non.yaml +file/keys/newrelic/newrelic-license.yaml +file/keys/odbc/odbc-connection.yaml +file/keys/okta/okta-api.yaml +file/keys/particle/particle-access.yaml +file/keys/react/reactapp-password.yaml +file/keys/react/reactapp-username.yaml +file/keys/salesforce/salesforce-access.yaml +file/keys/thingsboard/thingsboard-access.yaml +file/keys/truenas/truenas-api.yaml +file/keys/twitter/twitter-client.yaml +file/keys/twitter/twitter-secret.yaml +file/keys/wireguard/wireguard-preshared.yaml +file/keys/wireguard/wireguard-private.yaml http/cves/2023/CVE-2023-49785.yaml http/cves/2024/CVE-2023-5914.yaml http/cves/2024/CVE-2024-1698.yaml From b3b3c459906124bea2fd21645b3b2a3ff2426b9b Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 19 Mar 2024 03:32:51 +0000 Subject: [PATCH 24/37] Auto Generated Templates Checksum [Tue Mar 19 03:32:51 UTC 2024] :robot: --- templates-checksum.txt | 33 +++++++++++++++++++++++++++++---- 1 file changed, 29 insertions(+), 4 deletions(-) diff --git a/templates-checksum.txt b/templates-checksum.txt index 2f00f43723..5ead435a56 100644 --- a/templates-checksum.txt +++ b/templates-checksum.txt @@ -104,7 +104,7 @@ config/osint.yml:683fe1e52716d054760d707dbc123f5e09de5418 config/pentest.yml:c7b04a39e2efaf1a5f627da9b49ecf714d927f0e config/privilege-escalation.yml:325607b721fcea55111f8698b10951fd2f0d17b8 config/recommended.yml:eb4d0cb29634218f0279692e8c59fa1906d7148c -contributors.json:7aceb02f36b26022058d0a11cd8517df6aae4445 +contributors.json:951e2ab8bbae42da01f52da9ef0a14ce7f17e159 cves.json:51d8ac58d8ffdf6cfd4660d3e19373bb08bb6605 cves.json-checksum.txt:fdca644f563bcfe217c57881fc5991db50a942e4 dns/azure-takeover-detection.yaml:34e8e8a0db3e2ff7af0bf8df8ee9c54f2ee8e3b4 @@ -203,14 +203,22 @@ file/keys/credential-exposure-file.yaml:d6be05c931599edd628a0591224a0c7ba56fa987 file/keys/credentials.yaml:7d9557524fa206e8bb91295da81890e44084838f file/keys/databricks-api-token.yaml:a9bfc986be3fff96341f96b4213700a370c852a4 file/keys/datadog-access-token.yaml:12b74598ee375f3a5ffbcd81ef8d526c9b852638 +file/keys/dependency/dependency-track.yaml:44b46e0afab25519e38ba19b365bd1935028b079 file/keys/digitalocean/digitalocean-access-token.yaml:29da3c43c8ff92cead04e92fd1961e8b8599c69a file/keys/digitalocean/digitalocean-personal-access.yaml:8e82ebd4f3e85120abc293e1e9312cef25531950 file/keys/digitalocean/digitalocean-refresh-token.yaml:07071ed0e0a505395e4557e9d7d366a95ef4b668 file/keys/discord/discord-api-token.yaml:2dedd90e44f3c638beab645b83a757d31673b880 file/keys/discord/discord-cilent-secret.yaml:1ecb39bf91f8bb1190acb0c183867d7feeea1890 file/keys/discord/discord-client-id.yaml:987ee6636deb77670c3578276cd9f46681d87bdb +file/keys/docker/dockerhub-pat.yaml:54663c454d7b216666dac424bbc922caff172d85 +file/keys/doppler/doppler-audit.yaml:6d83f69e457e14e3466c848d1e4da93ce08d1e1b +file/keys/doppler/doppler-cli.yaml:f50e89688ab48c49a8cabd6f30abd12490cd5c3c +file/keys/doppler/doppler-scim.yaml:49b6937a2af36af3422bc83e3a1ece18cee62690 +file/keys/doppler/doppler-service-account.yaml:9663c2857ba9a3754250460fee3468b95be458f4 +file/keys/doppler/doppler-service.yaml:aa659cc3816c7d98b7cb4915dbaf528e41066bd0 file/keys/doppler-api-token.yaml:1c64194e0ee54ece342ac3be8abf4cd1e435cbab file/keys/droneci-access-token.yaml:50eecf6767282a184e8e35bed455ddc90aa77f5a +file/keys/dropbox/dropbox-access.yaml:0adc68da416cd8be7f309ba6b206711d9ee76c15 file/keys/dropbox/dropbox-api-token.yaml:73c1e3c967b0c8c2869417f9b0fbd9943e571814 file/keys/dropbox/dropbox-longlived-token.yaml:c39f688533f912ff0482778740f03ad46183824c file/keys/dropbox/dropbox-shortlived-token.yaml:4ede1ec7aa2b17ba7e8a60b3f01e5136ec4ec176 @@ -255,26 +263,38 @@ file/keys/grafana/grafana-cloud-api-token.yaml:7866324b7ee666df3acdac0d3f66c2345 file/keys/grafana/grafana-service-account-token.yaml:ab639575a2a2ee8e223f0e579c9fcd519b3bc2cd file/keys/hashicorp-api-token.yaml:9bb83e6cda00977645b1f613864243fd126576d6 file/keys/heroku-key.yaml:591f63afb7e7ebf8e75644e8dc0131f6524cdf39 +file/keys/huggingface/huggingface-user-access.yaml:05864ff49f2b2a2822452a3906366f295883a2a6 file/keys/jenkins-token.yaml:f48b5889c3815de3948e3eb5bb07fbd9e6902eb7 file/keys/kubernetes/kubernetes-dockercfg-secret.yaml:fdd22e6e0b0fac8772d949ba8bc6a296c9845074 file/keys/kubernetes/kubernetes-dockerconfigjson-secret.yaml:f7ada6c8e01ad6561cb6d97e31bec4c95a71de9c +file/keys/linkedin/linkedin-client.yaml:997f9bdfb6763481c1667e25d7ebf8b7400edfa9 +file/keys/linkedin/linkedin-secret.yaml:68891f39ccb0bb6597b5c3fcbb84b03adfadffe0 file/keys/linkedin-id.yaml:39efe931f4ace6377fbc63d76bd12d88fcecd7e9 file/keys/mailchimp-api.yaml:5b1ee7bc57b19f46f705d27419e8d0b802258b71 file/keys/mailgun-api.yaml:7299dc580989b55622b2f460fce1c8724cbf7343 file/keys/mapbox-token.yaml:b911206f1ccba8f70d6e9387771ca97a18fee32a +file/keys/newrelic/newrelic-api-service.yaml:b4d1c5d8da9e5f2918426314f75e479cea9ebc3e +file/keys/newrelic/newrelic-license-non.yaml:19d2deaf97692e2a034ecc77c39a22435b3d8a0d +file/keys/newrelic/newrelic-license.yaml:99f7cc2be9862a05090c1bb1d595603fa6547853 file/keys/newrelic/newrelic-pixie-apikey.yaml:6896635d7b4c891ffabb946ff9ab6deb8fba5d51 file/keys/newrelic/newrelic-pixie-deploykey.yaml:d038d136304e6c13d533f3302e1c1eafc39bdf38 file/keys/npm-accesstoken.yaml:a2ea270e9e7f1a236e7d4da33e833ab26031e5ce file/keys/nuget-key.yaml:4c0a481dc9873f455ed2dc3d990c17a8550b243a +file/keys/odbc/odbc-connection.yaml:a41b9372d28fc8a8db2c291202b627cbf364b241 +file/keys/okta/okta-api.yaml:4465bba50108d3e8085e04b7e7110c07ca7dfbc1 file/keys/openai-key.yaml:362b3e2c11d11f7183034aaa5cdb47f3b40700b9 +file/keys/particle/particle-access.yaml:ba93bc30c4263728ac06ad1fb66dd60c123f4d89 file/keys/paypal-braintree-token.yaml:402e0754808e014fb8b0ebdb3fb1e0eb585c3be2 file/keys/pictatic-api-key.yaml:5d254108f9865c20a83080b3f92a3152b54d3c05 file/keys/postman-api-key.yaml:91b5bbc73ae8fc4430498d92e5ab029e332f8817 file/keys/private-key.yaml:c297f883a9ff39ab4807a35914edffc3f0cc01a9 file/keys/pypi-token.yaml:d5d89be532cce80e65a912bf277f94d7bcf8f1c2 file/keys/razorpay-client-id.yaml:a88d58769de655a660b4e5ee8a58aba9faeed91d +file/keys/react/reactapp-password.yaml:59e23f63f4d565966cbfce5ee20054fcb5cea60a +file/keys/react/reactapp-username.yaml:5891d39de628b2c06dc5fe255ba00fd1104fe7b9 file/keys/rubygems-key.yaml:fa5cdc44cbd4f734c9aedf00b112ccf27a073a50 file/keys/s3-bucket.yaml:5604162f278a70b8742678a1a006949ca62e64e2 +file/keys/salesforce/salesforce-access.yaml:148f631363251178abc761e647be07c0225e5ed6 file/keys/sauce-access-token.yaml:c9aa59af67698af4ffa2486af99819e3cb4147c3 file/keys/segment-public-api.yaml:a193504eea902e1c11b23f3e408a7b7593389b22 file/keys/sendgrid-api.yaml:15e1a6951aa39738c4fa1310f420a55340460f11 @@ -290,8 +310,13 @@ file/keys/square-oauth-secret.yaml:6d588fb6fcb3851617348b0cfa394d85824708f1 file/keys/stackhawk-api-key.yaml:0bfb39d55ad1ba8e731e72918dfc1b098059d1c8 file/keys/stripe-api-key.yaml:5df4a9e34d7acd181f0451c1e620cdbff2c8ff0b file/keys/telegram-token.yaml:a7fbf76a80e8dbb51ae3876632d15afae04eb519 +file/keys/thingsboard/thingsboard-access.yaml:d1fd346add6238c487bb798f791d7f16ff91a160 +file/keys/truenas/truenas-api.yaml:38e8d156b194e30c4f3a4d2ca25f7e891724068a file/keys/twilio-api.yaml:b225fe4dd0f8f0f2bc7b76870aaac28f70993d12 -file/keys/twitter-secret.yaml:994272364c3c831d4a6db48e34a0154cb8f52983 +file/keys/twitter/twitter-client.yaml:140ebbd198c9823e4f92cef1b5c1a198e9e7c1c8 +file/keys/twitter/twitter-secret.yaml:2e308f8e409e01ffc1d7ca872b05191f49a20123 +file/keys/wireguard/wireguard-preshared.yaml:cf49189ea00def8b26138a9170b6a1f959609ff5 +file/keys/wireguard/wireguard-private.yaml:98993de626c527658fc3b9132808010318624e90 file/keys/zapier-webhook.yaml:8d0f9312fd5acb2f63899a50b2ac8b670f389464 file/keys/zendesk-secret-key.yaml:cdf5d13a59f7036d60f6ea546087c7e48f016612 file/logs/django-framework-exceptions.yaml:84d8ecc728d13f3f5e756cf29b1b2691a64e031e @@ -3406,7 +3431,7 @@ http/exposed-panels/cisco/cisco-ace-device-manager.yaml:c5c9e855c9978d5f1770f828 http/exposed-panels/cisco/cisco-anyconnect-vpn.yaml:426651066804491b7128cb9d1518adcece334719 http/exposed-panels/cisco/cisco-asa-panel.yaml:404619b86f43443c4cb6a77e46855879a1ad4778 http/exposed-panels/cisco/cisco-edge-340.yaml:cd15ec08c18c29079865df10dfec7f1fe23008f3 -http/exposed-panels/cisco/cisco-expressway-panel.yaml:857d663d12cfec2d3080e48ddaa0aa3749b4490a +http/exposed-panels/cisco/cisco-expressway-panel.yaml:27975d60e84a053e1473319a625a353d448dd516 http/exposed-panels/cisco/cisco-finesse-login.yaml:742d956488dcddf7305d32facc6a47b5a5e51f4e http/exposed-panels/cisco/cisco-integrated-login.yaml:1e712a4925fe31fb6076255a1ea1d3c5518d600e http/exposed-panels/cisco/cisco-ios-xe-panel.yaml:2c260bc7aeaaea7892a11b22c8d1f08007b7c479 @@ -8144,7 +8169,7 @@ ssl/tls-version.yaml:4e40f08efbb39172b9280ea9e26ca5f0a14a575a ssl/untrusted-root-certificate.yaml:a91d36990a1d052f5ee64d170ad8f084d38dab19 ssl/weak-cipher-suites.yaml:62fe808d9dfafda67c410e6cb9445fdc70257e89 ssl/wildcard-tls.yaml:d244f62c7bd22d3868fc6fc7cb9550af6b261210 -templates-checksum.txt:39ab23b56eda1c237a5e87906e81fbc0dab179e2 +templates-checksum.txt:5bec9329924980ba3ab933306dec6a2f67ea4cf1 wappalyzer-mapping.yml:7f03bd65baacac20c1dc6bbf35ff2407959574f1 workflows/74cms-workflow.yaml:bb010e767ad32b906153e36ea618be545b4e22d0 workflows/acrolinx-workflow.yaml:8434089bb55dec3d7b2ebc6a6f340e73382dd0c4 From a4729cee641ecaecbe8572ca8ed01d402a61592a Mon Sep 17 00:00:00 2001 From: "[PDBot]" Date: Tue, 19 Mar 2024 03:33:12 +0000 Subject: [PATCH 25/37] Syncing Templates --- .github/workflows/templates-sync.yml | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/.github/workflows/templates-sync.yml b/.github/workflows/templates-sync.yml index 53a19b01a9..25a3549fb1 100644 --- a/.github/workflows/templates-sync.yml +++ b/.github/workflows/templates-sync.yml @@ -3,6 +3,32 @@ on: push: paths: - '.new-additions' + - 'file/keys/dependency/dependency-track.yaml' + - 'file/keys/docker/dockerhub-pat.yaml' + - 'file/keys/doppler/doppler-audit.yaml' + - 'file/keys/doppler/doppler-cli.yaml' + - 'file/keys/doppler/doppler-scim.yaml' + - 'file/keys/doppler/doppler-service-account.yaml' + - 'file/keys/doppler/doppler-service.yaml' + - 'file/keys/dropbox/dropbox-access.yaml' + - 'file/keys/huggingface/huggingface-user-access.yaml' + - 'file/keys/linkedin/linkedin-client.yaml' + - 'file/keys/linkedin/linkedin-secret.yaml' + - 'file/keys/newrelic/newrelic-api-service.yaml' + - 'file/keys/newrelic/newrelic-license-non.yaml' + - 'file/keys/newrelic/newrelic-license.yaml' + - 'file/keys/odbc/odbc-connection.yaml' + - 'file/keys/okta/okta-api.yaml' + - 'file/keys/particle/particle-access.yaml' + - 'file/keys/react/reactapp-password.yaml' + - 'file/keys/react/reactapp-username.yaml' + - 'file/keys/salesforce/salesforce-access.yaml' + - 'file/keys/thingsboard/thingsboard-access.yaml' + - 'file/keys/truenas/truenas-api.yaml' + - 'file/keys/twitter/twitter-client.yaml' + - 'file/keys/twitter/twitter-secret.yaml' + - 'file/keys/wireguard/wireguard-preshared.yaml' + - 'file/keys/wireguard/wireguard-private.yaml' - 'http/cves/2023/CVE-2023-49785.yaml' - 'http/cves/2024/CVE-2023-5914.yaml' - 'http/cves/2024/CVE-2024-1698.yaml' From d523d9621e1ff6bcf20c70619fbdf268dee50b5f Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 19 Mar 2024 03:34:30 +0000 Subject: [PATCH 26/37] Auto Template Signing [Tue Mar 19 03:34:30 UTC 2024] :robot: --- file/keys/dependency/dependency-track.yaml | 3 ++- file/keys/docker/dockerhub-pat.yaml | 3 ++- file/keys/doppler/doppler-audit.yaml | 3 ++- file/keys/doppler/doppler-cli.yaml | 3 ++- file/keys/doppler/doppler-scim.yaml | 3 ++- file/keys/doppler/doppler-service-account.yaml | 3 ++- file/keys/doppler/doppler-service.yaml | 3 ++- file/keys/dropbox/dropbox-access.yaml | 3 ++- file/keys/huggingface/huggingface-user-access.yaml | 3 ++- file/keys/linkedin/linkedin-client.yaml | 3 ++- file/keys/linkedin/linkedin-secret.yaml | 3 ++- file/keys/newrelic/newrelic-api-service.yaml | 3 ++- file/keys/newrelic/newrelic-license-non.yaml | 3 ++- file/keys/newrelic/newrelic-license.yaml | 3 ++- file/keys/odbc/odbc-connection.yaml | 3 ++- file/keys/okta/okta-api.yaml | 3 ++- file/keys/particle/particle-access.yaml | 3 ++- file/keys/react/reactapp-password.yaml | 3 ++- file/keys/react/reactapp-username.yaml | 3 ++- file/keys/salesforce/salesforce-access.yaml | 3 ++- file/keys/thingsboard/thingsboard-access.yaml | 3 ++- file/keys/truenas/truenas-api.yaml | 3 ++- file/keys/twitter/twitter-client.yaml | 3 ++- file/keys/twitter/twitter-secret.yaml | 3 ++- file/keys/wireguard/wireguard-preshared.yaml | 3 ++- file/keys/wireguard/wireguard-private.yaml | 3 ++- 26 files changed, 52 insertions(+), 26 deletions(-) diff --git a/file/keys/dependency/dependency-track.yaml b/file/keys/dependency/dependency-track.yaml index 0641b8ff39..1f7d0cc48a 100644 --- a/file/keys/dependency/dependency-track.yaml +++ b/file/keys/dependency/dependency-track.yaml @@ -21,4 +21,5 @@ file: - type: regex part: body regex: - - \b(odt_[A-Za-z0-9]{32,255})\b \ No newline at end of file + - \b(odt_[A-Za-z0-9]{32,255})\b +# digest: 4a0a004730450220702a4c3c4219c5f6c449c503a1ada1924589fe8a8ee69ca9788a4fd1da542a7f022100c396ad3ca884547cbb32a55a497a33e09e9d592987536b27742dae33485e1abf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/file/keys/docker/dockerhub-pat.yaml b/file/keys/docker/dockerhub-pat.yaml index 817b6fea4c..1452bcec51 100644 --- a/file/keys/docker/dockerhub-pat.yaml +++ b/file/keys/docker/dockerhub-pat.yaml @@ -19,4 +19,5 @@ file: - type: regex part: body regex: - - \b(dckr_pat_[a-zA-Z0-9_-]{27})(?:$|[^a-zA-Z0-9_-]) \ No newline at end of file + - \b(dckr_pat_[a-zA-Z0-9_-]{27})(?:$|[^a-zA-Z0-9_-]) +# digest: 4a0a00473045022100bc73fcf69453af6d917f363d99e57d06620e6b40f1e38b54ac72982c1aff0865022030218f700bce4f88878c34d596fcc3563ee6a6a0f233055703455751caaabd08:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/file/keys/doppler/doppler-audit.yaml b/file/keys/doppler/doppler-audit.yaml index c118aa3a8e..796795cba5 100644 --- a/file/keys/doppler/doppler-audit.yaml +++ b/file/keys/doppler/doppler-audit.yaml @@ -20,4 +20,5 @@ file: - type: regex part: body regex: - - \b(dp\.audit\.[a-zA-Z0-9]{40,44})\b \ No newline at end of file + - \b(dp\.audit\.[a-zA-Z0-9]{40,44})\b +# digest: 490a00463044022047f3853a49b38bfc41c3a21edae871fa20dbc00c3e4fec75a443da4c802ce4e702205fce2aa010ee24edfbc190aad5475ba28a4ea42e81476b2e36a2eb95de8c4479:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/file/keys/doppler/doppler-cli.yaml b/file/keys/doppler/doppler-cli.yaml index 3d67b5e899..6626234bb5 100644 --- a/file/keys/doppler/doppler-cli.yaml +++ b/file/keys/doppler/doppler-cli.yaml @@ -20,4 +20,5 @@ file: - type: regex part: body regex: - - \b(dp\.ct\.[a-zA-Z0-9]{40,44})\b \ No newline at end of file + - \b(dp\.ct\.[a-zA-Z0-9]{40,44})\b +# digest: 4b0a00483046022100de413ad22bea43d8292d3d22ed07b2d5c6a06bfb4819104c20eeb9134f913be2022100d2915ad20b135f4f8d477c1acec455af6c749833455e09d2542c0e849ab3fc7b:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/file/keys/doppler/doppler-scim.yaml b/file/keys/doppler/doppler-scim.yaml index 4c3d67e111..dc67ff5e3d 100644 --- a/file/keys/doppler/doppler-scim.yaml +++ b/file/keys/doppler/doppler-scim.yaml @@ -20,4 +20,5 @@ file: - type: regex part: body regex: - - \b(dp\.scim\.[a-zA-Z0-9]{40,44})\b \ No newline at end of file + - \b(dp\.scim\.[a-zA-Z0-9]{40,44})\b +# digest: 4a0a00473045022010274194b3725b6ef14112e5fc7f4e0d5c60123a51583f044bf2e94b76077001022100a0caa7739f04c145ec8ee920c613f38a6b5befd04918931bd0ee39cfdbcf3a44:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/file/keys/doppler/doppler-service-account.yaml b/file/keys/doppler/doppler-service-account.yaml index f1e18ca1bd..dd03b7a8f5 100644 --- a/file/keys/doppler/doppler-service-account.yaml +++ b/file/keys/doppler/doppler-service-account.yaml @@ -20,4 +20,5 @@ file: - type: regex part: body regex: - - \b(dp\.sa\.[a-zA-Z0-9]{40,44})\b \ No newline at end of file + - \b(dp\.sa\.[a-zA-Z0-9]{40,44})\b +# digest: 4a0a00473045022100c8177f1a0244e794af08cc9615e65a415d8cb7dc3616acc9f779e61aab518eb002204d63814164c93815807eb87c0919830977be1d4f878bd1697b90644de744894c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/file/keys/doppler/doppler-service.yaml b/file/keys/doppler/doppler-service.yaml index a56de68df9..36faeb5ace 100644 --- a/file/keys/doppler/doppler-service.yaml +++ b/file/keys/doppler/doppler-service.yaml @@ -20,4 +20,5 @@ file: - type: regex part: body regex: - - \b(dp\.st\.(?:[a-z0-9\-_]{2,35}\.)?[a-zA-Z0-9]{40,44})\b \ No newline at end of file + - \b(dp\.st\.(?:[a-z0-9\-_]{2,35}\.)?[a-zA-Z0-9]{40,44})\b +# digest: 4a0a00473045022100b61969103e1649c2c330814280aea5b020d5f47ca55c9601d0647af01c47ddbf02200698f545c2217332324593dffcc44a82bccb5ec45faf31507c356b71ee4ad7cf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/file/keys/dropbox/dropbox-access.yaml b/file/keys/dropbox/dropbox-access.yaml index c93a25f910..34e24c072b 100644 --- a/file/keys/dropbox/dropbox-access.yaml +++ b/file/keys/dropbox/dropbox-access.yaml @@ -21,4 +21,5 @@ file: - type: regex part: body regex: - - \b(sl\.[a-zA-Z0-9_-]{130,152})(?:$|[^a-zA-Z0-9_-]) \ No newline at end of file + - \b(sl\.[a-zA-Z0-9_-]{130,152})(?:$|[^a-zA-Z0-9_-]) +# digest: 490a0046304402203d0305c1997e320e30d2d0ad0460beb9c8478986a0f1b75f621167a79f8ca17302206da5b41a7402312c0d16fc2665349e3caf8aac3cee677a34f34089d739a743c6:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/file/keys/huggingface/huggingface-user-access.yaml b/file/keys/huggingface/huggingface-user-access.yaml index ea9de171a3..e0b3ffced8 100644 --- a/file/keys/huggingface/huggingface-user-access.yaml +++ b/file/keys/huggingface/huggingface-user-access.yaml @@ -19,4 +19,5 @@ file: - type: regex part: body regex: - - '\b(hf_[a-zA-Z]{34})\b' \ No newline at end of file + - '\b(hf_[a-zA-Z]{34})\b' +# digest: 4b0a00483046022100934e5db46a96a95fbd52e60737825b1ed564ae6f42363a5843a5317f25c8b15d0221008fd6451b353118cd6c0b7a054f49e79c36d5c4222658de97e4b5fea6731da789:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/file/keys/linkedin/linkedin-client.yaml b/file/keys/linkedin/linkedin-client.yaml index cc5efceb3c..03c271d09c 100644 --- a/file/keys/linkedin/linkedin-client.yaml +++ b/file/keys/linkedin/linkedin-client.yaml @@ -19,4 +19,5 @@ file: - type: regex part: body regex: - - (?i)linkedin.?(?:api|app|application|client|consumer|customer)?.?(?:id|identifier|key).{0,2}\s{0,20}.{0,2}\s{0,20}.{0,2}\b([a-z0-9]{12,14})\b \ No newline at end of file + - (?i)linkedin.?(?:api|app|application|client|consumer|customer)?.?(?:id|identifier|key).{0,2}\s{0,20}.{0,2}\s{0,20}.{0,2}\b([a-z0-9]{12,14})\b +# digest: 4a0a00473045022100ade417f9932824017914990383cd867a37ba57dd1badc60aa55dac97e73cbf3f02203bb0babcad422204af64f70926c18827b3940c69f909d205f440468d18b0bb31:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/file/keys/linkedin/linkedin-secret.yaml b/file/keys/linkedin/linkedin-secret.yaml index cb11c02d6d..698117b82c 100644 --- a/file/keys/linkedin/linkedin-secret.yaml +++ b/file/keys/linkedin/linkedin-secret.yaml @@ -19,4 +19,5 @@ file: - type: regex part: body regex: - - (?i)linkedin.?(?:api|app|application|client|consumer|customer|secret|key).?(?:key|oauth|sec|secret)?.{0,2}\s{0,20}.{0,2}\s{0,20}.{0,2}\b([a-z0-9]{16})\b \ No newline at end of file + - (?i)linkedin.?(?:api|app|application|client|consumer|customer|secret|key).?(?:key|oauth|sec|secret)?.{0,2}\s{0,20}.{0,2}\s{0,20}.{0,2}\b([a-z0-9]{16})\b +# digest: 4a0a0047304502205def151b767d6270018ea90666e56089b0dde70467ca94489c6ab9ec0b735fe2022100ea3cee5471199b7e21bd6a63b75a667adcddad7281d249e83cbb8eb8cda82fd7:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/file/keys/newrelic/newrelic-api-service.yaml b/file/keys/newrelic/newrelic-api-service.yaml index 8664287edc..c65ec1a8eb 100644 --- a/file/keys/newrelic/newrelic-api-service.yaml +++ b/file/keys/newrelic/newrelic-api-service.yaml @@ -20,4 +20,5 @@ file: - type: regex part: body regex: - - (?i)\b(nrak-[a-z0-9]{27})\b \ No newline at end of file + - (?i)\b(nrak-[a-z0-9]{27})\b +# digest: 4a0a00473045022100b0305a1f0644ca813e1b1408183fb6100e36a5ccf5716a072f32d60cf9956d7102207b59c7dc0411cc69bf362c9a1035ac73c61bccbabbbfeea75aa3eff7db628214:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/file/keys/newrelic/newrelic-license-non.yaml b/file/keys/newrelic/newrelic-license-non.yaml index ce41a57b63..030432762d 100644 --- a/file/keys/newrelic/newrelic-license-non.yaml +++ b/file/keys/newrelic/newrelic-license-non.yaml @@ -20,4 +20,5 @@ file: - type: regex part: body regex: - - (?i)associated\ with\ your\ New\ Relic\ account\.\s+license_key:\s*([a-f0-9]{40})\b \ No newline at end of file + - (?i)associated\ with\ your\ New\ Relic\ account\.\s+license_key:\s*([a-f0-9]{40})\b +# digest: 4b0a00483046022100cb892d11153aa7205e3a23dab514da50e195f959de8fc957589d622d9ab5cc2b0221008328f65ee06dc78d96499d42170e2fb036cfa2aacb467698c39c672dc53cba96:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/file/keys/newrelic/newrelic-license.yaml b/file/keys/newrelic/newrelic-license.yaml index 279edd5fc6..4e05af4fdb 100644 --- a/file/keys/newrelic/newrelic-license.yaml +++ b/file/keys/newrelic/newrelic-license.yaml @@ -20,4 +20,5 @@ file: - type: regex part: body regex: - - (?i)\b([a-z0-9]{6}[a-f0-9]{30}nral)\b \ No newline at end of file + - (?i)\b([a-z0-9]{6}[a-f0-9]{30}nral)\b +# digest: 4b0a00483046022100e041b8d63bb59009c36c1d2f8b42a95d352acb3c8d0345afae5b908a78ab8f090221009e2de0a5b782aa3b65c7cbf357c0c7cd47497bef6ade233b239afa63ff863fff:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/file/keys/odbc/odbc-connection.yaml b/file/keys/odbc/odbc-connection.yaml index fe7d35357c..3c501cdf85 100644 --- a/file/keys/odbc/odbc-connection.yaml +++ b/file/keys/odbc/odbc-connection.yaml @@ -18,4 +18,5 @@ file: - type: regex part: body regex: - - (?i)(?:User|User\sId|UserId|Uid)\s*=\s*([^\s;]{3,100})\s*;[\ \t]*.{0,10}[\ \t]*(?:Password|Pwd)\s*=\s*([^\t\ ;]{3,100})\s*(?:[;]|$) \ No newline at end of file + - (?i)(?:User|User\sId|UserId|Uid)\s*=\s*([^\s;]{3,100})\s*;[\ \t]*.{0,10}[\ \t]*(?:Password|Pwd)\s*=\s*([^\t\ ;]{3,100})\s*(?:[;]|$) +# digest: 4a0a004730450221009cdd18eb9c779b2230d9b141a315ef98d1da77f0173be2da4d099c46e3b5c46f02207ae6fac5ccfbcbe6ab6902e3e4431449873bf31680040ec3b616c0e3750e1c4d:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/file/keys/okta/okta-api.yaml b/file/keys/okta/okta-api.yaml index 9052d9df6b..5bfae71a38 100644 --- a/file/keys/okta/okta-api.yaml +++ b/file/keys/okta/okta-api.yaml @@ -20,4 +20,5 @@ file: - type: regex part: body regex: - - (?i)(?s)(?:okta|ssws).{0,40}\b(00[a-z0-9_-]{39}[a-z0-9_])\b \ No newline at end of file + - (?i)(?s)(?:okta|ssws).{0,40}\b(00[a-z0-9_-]{39}[a-z0-9_])\b +# digest: 4b0a0048304602210099f31a1c5cf66963fb04f1f4a78317a1329098914e756d1a97879086ca81de74022100c51328ddf041ad3e06759c5ce691eed371adf63ef1c6d203b2a50d87b165b1f9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/file/keys/particle/particle-access.yaml b/file/keys/particle/particle-access.yaml index 945b9905c8..e8dac9802f 100644 --- a/file/keys/particle/particle-access.yaml +++ b/file/keys/particle/particle-access.yaml @@ -20,4 +20,5 @@ file: part: body regex: - 'https://api\.particle\.io/v1/[a-zA-Z0-9_\-\s/"\\?]*(?:access_token=|Authorization:\s*Bearer\s*)\b([a-zA-Z0-9]{40})\b' - - '(?:access_token=|Authorization:\s*Bearer\s*)\b([a-zA-Z0-9]{40})\b[\s"\\]*https://api\.particle\.io/v1' \ No newline at end of file + - '(?:access_token=|Authorization:\s*Bearer\s*)\b([a-zA-Z0-9]{40})\b[\s"\\]*https://api\.particle\.io/v1' +# digest: 4b0a00483046022100a93af0a2a59859c973d5551ca538c3445e1bbdcdb6ffae6bb511031ab0920b6e022100b5528e182489365a2d48d40ff6ef41f6b79a28fa270c311e4fe6f767e45e4414:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/file/keys/react/reactapp-password.yaml b/file/keys/react/reactapp-password.yaml index 62fab9550b..1f12960e62 100644 --- a/file/keys/react/reactapp-password.yaml +++ b/file/keys/react/reactapp-password.yaml @@ -20,4 +20,5 @@ file: - type: regex part: body regex: - - \bREACT_APP(?:_[A-Z0-9]+)*_PASS(?:\s+WORD)?\s*=\s*['"]?([^\s'"$]{6,})(?:[\s'"$]|$) \ No newline at end of file + - \bREACT_APP(?:_[A-Z0-9]+)*_PASS(?:\s+WORD)?\s*=\s*['"]?([^\s'"$]{6,})(?:[\s'"$]|$) +# digest: 4b0a00483046022100b4791a0989f14242e6ffe187281643b8b1417e5aba7fe98f353e37dbdc2ffb6c022100c3eee981ff792f8372f7f9292d0e73e0718b69a12d6d40ba0a58dff15dc3f948:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/file/keys/react/reactapp-username.yaml b/file/keys/react/reactapp-username.yaml index a9e93b86d8..ef635e0823 100644 --- a/file/keys/react/reactapp-username.yaml +++ b/file/keys/react/reactapp-username.yaml @@ -20,4 +20,5 @@ file: - type: regex part: body regex: - - \bREACT_APP(?:_[A-Z0-9]+)*_USER(?:\s+NAME)?\s*=\s*['"]?([^\s'"$]{3,})(?:[\s'"$]|$) \ No newline at end of file + - \bREACT_APP(?:_[A-Z0-9]+)*_USER(?:\s+NAME)?\s*=\s*['"]?([^\s'"$]{3,})(?:[\s'"$]|$) +# digest: 4a0a0047304502201077003a86f122901374676e5f9dfda39f6c54f870a6e4f12b7dd01707a3a5e2022100c998646fe193fa833a18772b90679efa1ba4cca48a55a2da1c839b79e50b4cfd:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/file/keys/salesforce/salesforce-access.yaml b/file/keys/salesforce/salesforce-access.yaml index 413aade6fc..08d7ba7c15 100644 --- a/file/keys/salesforce/salesforce-access.yaml +++ b/file/keys/salesforce/salesforce-access.yaml @@ -18,4 +18,5 @@ file: - type: regex part: body regex: - - \b(00[a-zA-Z0-9]{13}![a-zA-Z0-9._]{96})(?:\b|$|[^a-zA-Z0-9._]) \ No newline at end of file + - \b(00[a-zA-Z0-9]{13}![a-zA-Z0-9._]{96})(?:\b|$|[^a-zA-Z0-9._]) +# digest: 490a0046304402207a4efb9c2401eaa2ebf49fcc5ec4676dfc142a5f5d607777827383c94bf144f102207b75489de473e1c5e3264e2d664fbb87cecbfc5811b20e6ac658fcd3f1415806:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/file/keys/thingsboard/thingsboard-access.yaml b/file/keys/thingsboard/thingsboard-access.yaml index 7dd95dc4c0..b6ff0fd86b 100644 --- a/file/keys/thingsboard/thingsboard-access.yaml +++ b/file/keys/thingsboard/thingsboard-access.yaml @@ -20,4 +20,5 @@ file: - type: regex part: body regex: - - thingsboard\.cloud/api/v1/([a-z0-9]{20}) \ No newline at end of file + - thingsboard\.cloud/api/v1/([a-z0-9]{20}) +# digest: 4b0a00483046022100e85330533e34d275242ad231bb436951116dabe56acafa94f3db46fca45ed3ae022100a799502b27b8e16f77e8406be58127578dd5f3465dab8b0a2381ee944432c239:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/file/keys/truenas/truenas-api.yaml b/file/keys/truenas/truenas-api.yaml index 6cb29cffe8..72b69be9b8 100644 --- a/file/keys/truenas/truenas-api.yaml +++ b/file/keys/truenas/truenas-api.yaml @@ -24,4 +24,5 @@ file: - type: regex part: body regex: - - '"params"\s*:\s*\[\s*"(\d+-[a-zA-Z0-9]{64})"\s*\]' \ No newline at end of file + - '"params"\s*:\s*\[\s*"(\d+-[a-zA-Z0-9]{64})"\s*\]' +# digest: 490a0046304402207bb4c8c5d8688099a5fb0972662080602259b4356fa5f947f6bf7ace68af235702201273f66e211b1ddfafc26dd957bc970aa1b23f7c0de5c142347e4d83f5ce1b49:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/file/keys/twitter/twitter-client.yaml b/file/keys/twitter/twitter-client.yaml index 25bc461ad9..f897cd1364 100644 --- a/file/keys/twitter/twitter-client.yaml +++ b/file/keys/twitter/twitter-client.yaml @@ -19,4 +19,5 @@ file: - type: regex part: body regex: - - (?i)\btwitter.?(?:api|app|application|client|consumer|customer)?.?(?:id|identifier|key).{0,2}\s{0,20}.{0,2}\s{0,20}.{0,2}\b([a-z0-9]{18,25})\b \ No newline at end of file + - (?i)\btwitter.?(?:api|app|application|client|consumer|customer)?.?(?:id|identifier|key).{0,2}\s{0,20}.{0,2}\s{0,20}.{0,2}\b([a-z0-9]{18,25})\b +# digest: 4a0a00473045022030cb9bb226fc38ff17accc2fbe89603cae16c35050ec725ad20ce14d5fbc5ad2022100860577843f28d261d7fbf35ef59577e5fd0e84a50eb370cfbd714f1039338c19:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/file/keys/twitter/twitter-secret.yaml b/file/keys/twitter/twitter-secret.yaml index 47b80064dd..de49f434a7 100644 --- a/file/keys/twitter/twitter-secret.yaml +++ b/file/keys/twitter/twitter-secret.yaml @@ -19,4 +19,5 @@ file: - type: regex part: body regex: - - (?i)twitter.?(?:api|app|application|client|consumer|customer|secret|key).?(?:key|oauth|sec|secret)?.{0,2}\s{0,20}.{0,2}\s{0,20}.{0,2}\b([a-z0-9]{35,44})\b \ No newline at end of file + - (?i)twitter.?(?:api|app|application|client|consumer|customer|secret|key).?(?:key|oauth|sec|secret)?.{0,2}\s{0,20}.{0,2}\s{0,20}.{0,2}\b([a-z0-9]{35,44})\b +# digest: 4a0a00473045022100ae8d7dcc6d380f9b0ba6d16ca558e7af6254078b3f1a0a2230f8ddc28f47267102206348551061cffebd4da2b42ec393373ef0987eeeb4382f0e517c38c836fb46cf:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/file/keys/wireguard/wireguard-preshared.yaml b/file/keys/wireguard/wireguard-preshared.yaml index 1cfe71d22e..3062583748 100644 --- a/file/keys/wireguard/wireguard-preshared.yaml +++ b/file/keys/wireguard/wireguard-preshared.yaml @@ -21,4 +21,5 @@ file: - type: regex part: body regex: - - PresharedKey\s*=\s*([A-Za-z0-9+/]{43}=) \ No newline at end of file + - PresharedKey\s*=\s*([A-Za-z0-9+/]{43}=) +# digest: 4a0a00473045022055b7809c89c44f01db811de03d659329878fabbb6006f65a5cfc4c231e72b5ce022100916852a09714e7cf50f5e239c48dba2b243d889df28c54c7671cb3b0ec8dc9e5:922c64590222798bb761d5b6d8e72950 \ No newline at end of file diff --git a/file/keys/wireguard/wireguard-private.yaml b/file/keys/wireguard/wireguard-private.yaml index ca67db69d0..72778a0539 100644 --- a/file/keys/wireguard/wireguard-private.yaml +++ b/file/keys/wireguard/wireguard-private.yaml @@ -21,4 +21,5 @@ file: - type: regex part: body regex: - - PrivateKey\s*=\s*([A-Za-z0-9+/]{43}=) \ No newline at end of file + - PrivateKey\s*=\s*([A-Za-z0-9+/]{43}=) +# digest: 4a0a004730450221008bd7fd7c9c74eb3c6d2f1d5e4c8cc9c0fcc230534b094814ee0ca7dff2f7f9800220688ed7ae288880609a373ea69defa1d5ed93ca3fcb312e5c4ea2acea46b2e27c:922c64590222798bb761d5b6d8e72950 \ No newline at end of file From 96966d211e3312a815babd0398a68a60dc4c5695 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 19 Mar 2024 03:37:18 +0000 Subject: [PATCH 28/37] Auto Generated Templates Checksum [Tue Mar 19 03:37:18 UTC 2024] :robot: --- templates-checksum.txt | 56 +++++++++++++++++++++--------------------- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/templates-checksum.txt b/templates-checksum.txt index 5ead435a56..557f563a78 100644 --- a/templates-checksum.txt +++ b/templates-checksum.txt @@ -164,7 +164,7 @@ file/audit/pfsense/set-hostname.yaml:c123a3b395ce655438028aab12c18d25423dc136 file/bash/bash-scanner.yaml:5bc8d723949612cfaed57eddf1e19d8c45b15f6e file/electron/electron-version-detect.yaml:9e6b4ced33952723bbf371889793cd69bfe918e2 file/electron/node-integration-enabled.yaml:772455563db410b4b9113615e1958a45a25965ff -file/js/js-analyse.yaml:1259e3d3620e8f698ad0f05b62be281febf350a1 +file/js/js-analyse.yaml:a9055653d6b6989be5e649dd73fad1d0285b8319 file/keys/adafruit-key.yaml:dc4ce3917a2ca4d061ef45032d59ccd68b9e1551 file/keys/adobe/adobe-client.yaml:bb33624aa34163fabe1d338d33239c8f566ecc7a file/keys/adobe/adobe-secret.yaml:e6e4152b3ff3a42223a8ac7169b0a38b0a622234 @@ -203,22 +203,22 @@ file/keys/credential-exposure-file.yaml:d6be05c931599edd628a0591224a0c7ba56fa987 file/keys/credentials.yaml:7d9557524fa206e8bb91295da81890e44084838f file/keys/databricks-api-token.yaml:a9bfc986be3fff96341f96b4213700a370c852a4 file/keys/datadog-access-token.yaml:12b74598ee375f3a5ffbcd81ef8d526c9b852638 -file/keys/dependency/dependency-track.yaml:44b46e0afab25519e38ba19b365bd1935028b079 +file/keys/dependency/dependency-track.yaml:9d4af12139dc253e1afa70ca7678f2b5a550e3c4 file/keys/digitalocean/digitalocean-access-token.yaml:29da3c43c8ff92cead04e92fd1961e8b8599c69a file/keys/digitalocean/digitalocean-personal-access.yaml:8e82ebd4f3e85120abc293e1e9312cef25531950 file/keys/digitalocean/digitalocean-refresh-token.yaml:07071ed0e0a505395e4557e9d7d366a95ef4b668 file/keys/discord/discord-api-token.yaml:2dedd90e44f3c638beab645b83a757d31673b880 file/keys/discord/discord-cilent-secret.yaml:1ecb39bf91f8bb1190acb0c183867d7feeea1890 file/keys/discord/discord-client-id.yaml:987ee6636deb77670c3578276cd9f46681d87bdb -file/keys/docker/dockerhub-pat.yaml:54663c454d7b216666dac424bbc922caff172d85 -file/keys/doppler/doppler-audit.yaml:6d83f69e457e14e3466c848d1e4da93ce08d1e1b -file/keys/doppler/doppler-cli.yaml:f50e89688ab48c49a8cabd6f30abd12490cd5c3c -file/keys/doppler/doppler-scim.yaml:49b6937a2af36af3422bc83e3a1ece18cee62690 -file/keys/doppler/doppler-service-account.yaml:9663c2857ba9a3754250460fee3468b95be458f4 -file/keys/doppler/doppler-service.yaml:aa659cc3816c7d98b7cb4915dbaf528e41066bd0 +file/keys/docker/dockerhub-pat.yaml:929cef0af54303dafb5262cbd000758da94e76e9 +file/keys/doppler/doppler-audit.yaml:e35727b74223049f36b0bb0ae61a6407a2b2796d +file/keys/doppler/doppler-cli.yaml:ab8577b4917f225376dadb06fa2291ff7cf3bf60 +file/keys/doppler/doppler-scim.yaml:ac4dc0cd37e6e6f1088321cccdc3446b816c8986 +file/keys/doppler/doppler-service-account.yaml:ee8d6ddbf75cb40624430ba3d054361e9fe43a20 +file/keys/doppler/doppler-service.yaml:af6d77daa3c56bc765f263849c4cec53fb202ccc file/keys/doppler-api-token.yaml:1c64194e0ee54ece342ac3be8abf4cd1e435cbab file/keys/droneci-access-token.yaml:50eecf6767282a184e8e35bed455ddc90aa77f5a -file/keys/dropbox/dropbox-access.yaml:0adc68da416cd8be7f309ba6b206711d9ee76c15 +file/keys/dropbox/dropbox-access.yaml:bb07dd2c5200bf2d3ac92eef0040005f3777edc6 file/keys/dropbox/dropbox-api-token.yaml:73c1e3c967b0c8c2869417f9b0fbd9943e571814 file/keys/dropbox/dropbox-longlived-token.yaml:c39f688533f912ff0482778740f03ad46183824c file/keys/dropbox/dropbox-shortlived-token.yaml:4ede1ec7aa2b17ba7e8a60b3f01e5136ec4ec176 @@ -263,38 +263,38 @@ file/keys/grafana/grafana-cloud-api-token.yaml:7866324b7ee666df3acdac0d3f66c2345 file/keys/grafana/grafana-service-account-token.yaml:ab639575a2a2ee8e223f0e579c9fcd519b3bc2cd file/keys/hashicorp-api-token.yaml:9bb83e6cda00977645b1f613864243fd126576d6 file/keys/heroku-key.yaml:591f63afb7e7ebf8e75644e8dc0131f6524cdf39 -file/keys/huggingface/huggingface-user-access.yaml:05864ff49f2b2a2822452a3906366f295883a2a6 +file/keys/huggingface/huggingface-user-access.yaml:cee36c254222da7a52d04a30522992c15bf0dd93 file/keys/jenkins-token.yaml:f48b5889c3815de3948e3eb5bb07fbd9e6902eb7 file/keys/kubernetes/kubernetes-dockercfg-secret.yaml:fdd22e6e0b0fac8772d949ba8bc6a296c9845074 file/keys/kubernetes/kubernetes-dockerconfigjson-secret.yaml:f7ada6c8e01ad6561cb6d97e31bec4c95a71de9c -file/keys/linkedin/linkedin-client.yaml:997f9bdfb6763481c1667e25d7ebf8b7400edfa9 -file/keys/linkedin/linkedin-secret.yaml:68891f39ccb0bb6597b5c3fcbb84b03adfadffe0 +file/keys/linkedin/linkedin-client.yaml:7c3b0741a3dd4093054efcbed23ca1e728b1dc46 +file/keys/linkedin/linkedin-secret.yaml:6aebe5a012f34324a3d7f3bfbecdf707a8388614 file/keys/linkedin-id.yaml:39efe931f4ace6377fbc63d76bd12d88fcecd7e9 file/keys/mailchimp-api.yaml:5b1ee7bc57b19f46f705d27419e8d0b802258b71 file/keys/mailgun-api.yaml:7299dc580989b55622b2f460fce1c8724cbf7343 file/keys/mapbox-token.yaml:b911206f1ccba8f70d6e9387771ca97a18fee32a -file/keys/newrelic/newrelic-api-service.yaml:b4d1c5d8da9e5f2918426314f75e479cea9ebc3e -file/keys/newrelic/newrelic-license-non.yaml:19d2deaf97692e2a034ecc77c39a22435b3d8a0d -file/keys/newrelic/newrelic-license.yaml:99f7cc2be9862a05090c1bb1d595603fa6547853 +file/keys/newrelic/newrelic-api-service.yaml:ef41de67162d12bedf4d6c5d90d74768214e57fe +file/keys/newrelic/newrelic-license-non.yaml:e7a7abb5354e833ee34a7f078aabd5529c2e4755 +file/keys/newrelic/newrelic-license.yaml:c4c9f83dba1796287e40555a794632adb71e7afd file/keys/newrelic/newrelic-pixie-apikey.yaml:6896635d7b4c891ffabb946ff9ab6deb8fba5d51 file/keys/newrelic/newrelic-pixie-deploykey.yaml:d038d136304e6c13d533f3302e1c1eafc39bdf38 file/keys/npm-accesstoken.yaml:a2ea270e9e7f1a236e7d4da33e833ab26031e5ce file/keys/nuget-key.yaml:4c0a481dc9873f455ed2dc3d990c17a8550b243a -file/keys/odbc/odbc-connection.yaml:a41b9372d28fc8a8db2c291202b627cbf364b241 -file/keys/okta/okta-api.yaml:4465bba50108d3e8085e04b7e7110c07ca7dfbc1 +file/keys/odbc/odbc-connection.yaml:758733489bf7b3defba93b1cda11f384ed7da182 +file/keys/okta/okta-api.yaml:e70809f9fbcaec530687ff077c63796b5eef3031 file/keys/openai-key.yaml:362b3e2c11d11f7183034aaa5cdb47f3b40700b9 -file/keys/particle/particle-access.yaml:ba93bc30c4263728ac06ad1fb66dd60c123f4d89 +file/keys/particle/particle-access.yaml:676becab681ec168bae43c74b13e552af4657f5c file/keys/paypal-braintree-token.yaml:402e0754808e014fb8b0ebdb3fb1e0eb585c3be2 file/keys/pictatic-api-key.yaml:5d254108f9865c20a83080b3f92a3152b54d3c05 file/keys/postman-api-key.yaml:91b5bbc73ae8fc4430498d92e5ab029e332f8817 file/keys/private-key.yaml:c297f883a9ff39ab4807a35914edffc3f0cc01a9 file/keys/pypi-token.yaml:d5d89be532cce80e65a912bf277f94d7bcf8f1c2 file/keys/razorpay-client-id.yaml:a88d58769de655a660b4e5ee8a58aba9faeed91d -file/keys/react/reactapp-password.yaml:59e23f63f4d565966cbfce5ee20054fcb5cea60a -file/keys/react/reactapp-username.yaml:5891d39de628b2c06dc5fe255ba00fd1104fe7b9 +file/keys/react/reactapp-password.yaml:4613021cd4c5d458ab778000587b7229980e4238 +file/keys/react/reactapp-username.yaml:deb652d737576b6ae7c84eb9de36f0b329baf0bd file/keys/rubygems-key.yaml:fa5cdc44cbd4f734c9aedf00b112ccf27a073a50 file/keys/s3-bucket.yaml:5604162f278a70b8742678a1a006949ca62e64e2 -file/keys/salesforce/salesforce-access.yaml:148f631363251178abc761e647be07c0225e5ed6 +file/keys/salesforce/salesforce-access.yaml:6cb655725ac01c05b073db6645b96cf9e7e7bf8d file/keys/sauce-access-token.yaml:c9aa59af67698af4ffa2486af99819e3cb4147c3 file/keys/segment-public-api.yaml:a193504eea902e1c11b23f3e408a7b7593389b22 file/keys/sendgrid-api.yaml:15e1a6951aa39738c4fa1310f420a55340460f11 @@ -310,13 +310,13 @@ file/keys/square-oauth-secret.yaml:6d588fb6fcb3851617348b0cfa394d85824708f1 file/keys/stackhawk-api-key.yaml:0bfb39d55ad1ba8e731e72918dfc1b098059d1c8 file/keys/stripe-api-key.yaml:5df4a9e34d7acd181f0451c1e620cdbff2c8ff0b file/keys/telegram-token.yaml:a7fbf76a80e8dbb51ae3876632d15afae04eb519 -file/keys/thingsboard/thingsboard-access.yaml:d1fd346add6238c487bb798f791d7f16ff91a160 -file/keys/truenas/truenas-api.yaml:38e8d156b194e30c4f3a4d2ca25f7e891724068a +file/keys/thingsboard/thingsboard-access.yaml:2393412b4f8629f6fe28837cd394699e344c906e +file/keys/truenas/truenas-api.yaml:8cb5b99a4702f4fbe69c5ba1a09cc24b7093ba49 file/keys/twilio-api.yaml:b225fe4dd0f8f0f2bc7b76870aaac28f70993d12 -file/keys/twitter/twitter-client.yaml:140ebbd198c9823e4f92cef1b5c1a198e9e7c1c8 -file/keys/twitter/twitter-secret.yaml:2e308f8e409e01ffc1d7ca872b05191f49a20123 -file/keys/wireguard/wireguard-preshared.yaml:cf49189ea00def8b26138a9170b6a1f959609ff5 -file/keys/wireguard/wireguard-private.yaml:98993de626c527658fc3b9132808010318624e90 +file/keys/twitter/twitter-client.yaml:9bd5486ea151363def2820c6282b380da52d9b25 +file/keys/twitter/twitter-secret.yaml:65827a76234f874f90f5323afd3ad625821d5b52 +file/keys/wireguard/wireguard-preshared.yaml:f30e419b0c15a28facb053e105c9f0916e3ac9cb +file/keys/wireguard/wireguard-private.yaml:1fb9592fb98b0e4b26f90bc2d4a5029dd09644dd file/keys/zapier-webhook.yaml:8d0f9312fd5acb2f63899a50b2ac8b670f389464 file/keys/zendesk-secret-key.yaml:cdf5d13a59f7036d60f6ea546087c7e48f016612 file/logs/django-framework-exceptions.yaml:84d8ecc728d13f3f5e756cf29b1b2691a64e031e @@ -8169,7 +8169,7 @@ ssl/tls-version.yaml:4e40f08efbb39172b9280ea9e26ca5f0a14a575a ssl/untrusted-root-certificate.yaml:a91d36990a1d052f5ee64d170ad8f084d38dab19 ssl/weak-cipher-suites.yaml:62fe808d9dfafda67c410e6cb9445fdc70257e89 ssl/wildcard-tls.yaml:d244f62c7bd22d3868fc6fc7cb9550af6b261210 -templates-checksum.txt:5bec9329924980ba3ab933306dec6a2f67ea4cf1 +templates-checksum.txt:93813e7ffa4cc8a1726498f996f6d44e46663b12 wappalyzer-mapping.yml:7f03bd65baacac20c1dc6bbf35ff2407959574f1 workflows/74cms-workflow.yaml:bb010e767ad32b906153e36ea618be545b4e22d0 workflows/acrolinx-workflow.yaml:8434089bb55dec3d7b2ebc6a6f340e73382dd0c4 From 9351e9edef5cb74536c0be1ce3c628e1808a20f6 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 19 Mar 2024 03:38:58 +0000 Subject: [PATCH 29/37] Auto Template Signing [Tue Mar 19 03:38:58 UTC 2024] :robot: --- file/js/js-analyse.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/file/js/js-analyse.yaml b/file/js/js-analyse.yaml index 7a26564911..379cf34a68 100644 --- a/file/js/js-analyse.yaml +++ b/file/js/js-analyse.yaml @@ -92,5 +92,4 @@ file: name: potential-ajax-request regex: - "(?i)(new\\s+xmlhttprequest\\(\\)|\\$\\.ajax\\(\\{)" - -# digest: 4a0a0047304502200738658ef4985c1261c662fd545a23504b402343ad994af584866d74d37e11ac022100c8213e439b8a574bee55ce0881363c0964830df8255bcd89249d37a778f038ba:922c64590222798bb761d5b6d8e72950 +# digest: 4a0a00473045022100a1dfbb218bb6e589fe608e853b26ab2acd789a197a02d92e3f0499331b80e03602206ac9cf015a855085c501f0e372f587e6dd518133e9bb9781de0d34ee15266bb9:922c64590222798bb761d5b6d8e72950 \ No newline at end of file From dddcf0a4b1b9fabaeea9b11b4fed88917b97fe18 Mon Sep 17 00:00:00 2001 From: "[PDBot]" Date: Tue, 19 Mar 2024 04:01:58 +0000 Subject: [PATCH 30/37] Auto Generated New Template Addition List [Tue Mar 19 04:01:58 UTC 2024] :robot: --- .new-additions | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.new-additions b/.new-additions index 2280198949..e6763e2e4f 100644 --- a/.new-additions +++ b/.new-additions @@ -25,7 +25,7 @@ file/keys/twitter/twitter-secret.yaml file/keys/wireguard/wireguard-preshared.yaml file/keys/wireguard/wireguard-private.yaml http/cves/2023/CVE-2023-49785.yaml -http/cves/2024/CVE-2023-5914.yaml +http/cves/2023/CVE-2023-5914.yaml http/cves/2024/CVE-2024-1698.yaml http/exposed-panels/bynder-panel.yaml http/exposed-panels/cisco/cisco-expressway-panel.yaml From 744bad45f51736f773657c8a1d863a2b0f6a6350 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 19 Mar 2024 04:02:05 +0000 Subject: [PATCH 31/37] Auto Generated Templates Checksum [Tue Mar 19 04:02:05 UTC 2024] :robot: --- templates-checksum.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/templates-checksum.txt b/templates-checksum.txt index 557f563a78..f450b56312 100644 --- a/templates-checksum.txt +++ b/templates-checksum.txt @@ -164,7 +164,7 @@ file/audit/pfsense/set-hostname.yaml:c123a3b395ce655438028aab12c18d25423dc136 file/bash/bash-scanner.yaml:5bc8d723949612cfaed57eddf1e19d8c45b15f6e file/electron/electron-version-detect.yaml:9e6b4ced33952723bbf371889793cd69bfe918e2 file/electron/node-integration-enabled.yaml:772455563db410b4b9113615e1958a45a25965ff -file/js/js-analyse.yaml:a9055653d6b6989be5e649dd73fad1d0285b8319 +file/js/js-analyse.yaml:d3c27e7fbd123cc86c0f4fbb3ad8f51cb363db41 file/keys/adafruit-key.yaml:dc4ce3917a2ca4d061ef45032d59ccd68b9e1551 file/keys/adobe/adobe-client.yaml:bb33624aa34163fabe1d338d33239c8f566ecc7a file/keys/adobe/adobe-secret.yaml:e6e4152b3ff3a42223a8ac7169b0a38b0a622234 @@ -3055,6 +3055,7 @@ http/cves/2023/CVE-2023-5244.yaml:32f7df605dda4c16610c548f773673f5b69c67a5 http/cves/2023/CVE-2023-5360.yaml:387bf52196ed2e1d383a97ea158fe90b94d213b9 http/cves/2023/CVE-2023-5375.yaml:394c4b2b0867a8922fcfad500616380c117983d8 http/cves/2023/CVE-2023-5556.yaml:7d50d6e2861161f90b7876147d3405d5c7eeccf4 +http/cves/2023/CVE-2023-5914.yaml:93f627b753ac975d5a74a2532a42aa9449682207 http/cves/2023/CVE-2023-6018.yaml:e840e467eab7d472ae719996be481de06fafb2cf http/cves/2023/CVE-2023-6020.yaml:68c05fb386a060d81834e2ddbaefb5779ae81b51 http/cves/2023/CVE-2023-6021.yaml:83ada3f6cf527a6e4f084151e60fc36c47a31785 @@ -3073,7 +3074,6 @@ http/cves/2023/CVE-2023-6895.yaml:0ef4052f3a65107072ee47d11c4028e55f54b472 http/cves/2023/CVE-2023-6909.yaml:e8c84b54fb87c65ef2afbbe6e44f305c8eb67188 http/cves/2023/CVE-2023-6977.yaml:5f16b7bdb7c8c98ab5e1c333cffaccbb4fbe51ae http/cves/2023/CVE-2023-7028.yaml:16a6a22a93bf8caea281ec34d32def83f8e06fac -http/cves/2024/CVE-2023-5914.yaml:8d84ed75ed56b35ba6e6f81a23ba37de27945e96 http/cves/2024/CVE-2024-0204.yaml:6fe6e29907168dd0d6bf7ca67ef70b3e5114430b http/cves/2024/CVE-2024-0305.yaml:81dbabe027bcd8f7733aefac310dcb7efa6e0a4f http/cves/2024/CVE-2024-0352.yaml:e324d6ccb69d2bee50aa487f5e068cc005c715d8 @@ -8169,7 +8169,7 @@ ssl/tls-version.yaml:4e40f08efbb39172b9280ea9e26ca5f0a14a575a ssl/untrusted-root-certificate.yaml:a91d36990a1d052f5ee64d170ad8f084d38dab19 ssl/weak-cipher-suites.yaml:62fe808d9dfafda67c410e6cb9445fdc70257e89 ssl/wildcard-tls.yaml:d244f62c7bd22d3868fc6fc7cb9550af6b261210 -templates-checksum.txt:93813e7ffa4cc8a1726498f996f6d44e46663b12 +templates-checksum.txt:c9998d0de2bfd2c6b199b74317f5afe47fd97fd5 wappalyzer-mapping.yml:7f03bd65baacac20c1dc6bbf35ff2407959574f1 workflows/74cms-workflow.yaml:bb010e767ad32b906153e36ea618be545b4e22d0 workflows/acrolinx-workflow.yaml:8434089bb55dec3d7b2ebc6a6f340e73382dd0c4 From 5bd8e44c8eb875e3a4c0433fb2f9e8429c05ceb6 Mon Sep 17 00:00:00 2001 From: "[PDBot]" Date: Tue, 19 Mar 2024 04:02:36 +0000 Subject: [PATCH 32/37] Syncing Templates --- .github/workflows/templates-sync.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/templates-sync.yml b/.github/workflows/templates-sync.yml index 25a3549fb1..18f3f0c922 100644 --- a/.github/workflows/templates-sync.yml +++ b/.github/workflows/templates-sync.yml @@ -30,7 +30,7 @@ on: - 'file/keys/wireguard/wireguard-preshared.yaml' - 'file/keys/wireguard/wireguard-private.yaml' - 'http/cves/2023/CVE-2023-49785.yaml' - - 'http/cves/2024/CVE-2023-5914.yaml' + - 'http/cves/2023/CVE-2023-5914.yaml' - 'http/cves/2024/CVE-2024-1698.yaml' - 'http/exposed-panels/bynder-panel.yaml' - 'http/exposed-panels/cisco/cisco-expressway-panel.yaml' From f073333e5d05ef2e6dab1c60a105aa2c1ee0d156 Mon Sep 17 00:00:00 2001 From: "[PDBot]" Date: Tue, 19 Mar 2024 05:01:02 +0000 Subject: [PATCH 33/37] Auto Generated New Template Addition List [Tue Mar 19 05:01:02 UTC 2024] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index e6763e2e4f..4627f5e9d0 100644 --- a/.new-additions +++ b/.new-additions @@ -25,6 +25,7 @@ file/keys/twitter/twitter-secret.yaml file/keys/wireguard/wireguard-preshared.yaml file/keys/wireguard/wireguard-private.yaml http/cves/2023/CVE-2023-49785.yaml +http/cves/2023/CVE-2023-5830.yaml http/cves/2023/CVE-2023-5914.yaml http/cves/2024/CVE-2024-1698.yaml http/exposed-panels/bynder-panel.yaml From fbe430dde59d94dbfaa0434f99c002ff67c2b4cd Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 19 Mar 2024 05:01:25 +0000 Subject: [PATCH 34/37] Auto Generated Templates Checksum [Tue Mar 19 05:01:25 UTC 2024] :robot: --- templates-checksum.txt | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/templates-checksum.txt b/templates-checksum.txt index f450b56312..916ac8838a 100644 --- a/templates-checksum.txt +++ b/templates-checksum.txt @@ -3055,6 +3055,7 @@ http/cves/2023/CVE-2023-5244.yaml:32f7df605dda4c16610c548f773673f5b69c67a5 http/cves/2023/CVE-2023-5360.yaml:387bf52196ed2e1d383a97ea158fe90b94d213b9 http/cves/2023/CVE-2023-5375.yaml:394c4b2b0867a8922fcfad500616380c117983d8 http/cves/2023/CVE-2023-5556.yaml:7d50d6e2861161f90b7876147d3405d5c7eeccf4 +http/cves/2023/CVE-2023-5830.yaml:85965a9925a1cd03639181416b2c20995b33f501 http/cves/2023/CVE-2023-5914.yaml:93f627b753ac975d5a74a2532a42aa9449682207 http/cves/2023/CVE-2023-6018.yaml:e840e467eab7d472ae719996be481de06fafb2cf http/cves/2023/CVE-2023-6020.yaml:68c05fb386a060d81834e2ddbaefb5779ae81b51 @@ -8169,7 +8170,7 @@ ssl/tls-version.yaml:4e40f08efbb39172b9280ea9e26ca5f0a14a575a ssl/untrusted-root-certificate.yaml:a91d36990a1d052f5ee64d170ad8f084d38dab19 ssl/weak-cipher-suites.yaml:62fe808d9dfafda67c410e6cb9445fdc70257e89 ssl/wildcard-tls.yaml:d244f62c7bd22d3868fc6fc7cb9550af6b261210 -templates-checksum.txt:c9998d0de2bfd2c6b199b74317f5afe47fd97fd5 +templates-checksum.txt:f6eaac90af8e77b23be2e3482cf5afbd3b015566 wappalyzer-mapping.yml:7f03bd65baacac20c1dc6bbf35ff2407959574f1 workflows/74cms-workflow.yaml:bb010e767ad32b906153e36ea618be545b4e22d0 workflows/acrolinx-workflow.yaml:8434089bb55dec3d7b2ebc6a6f340e73382dd0c4 From ce2dfbd8176f22411ba25c5ee78ee09b53b2864c Mon Sep 17 00:00:00 2001 From: "[PDBot]" Date: Tue, 19 Mar 2024 05:01:49 +0000 Subject: [PATCH 35/37] Syncing Templates --- .github/workflows/templates-sync.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/templates-sync.yml b/.github/workflows/templates-sync.yml index 18f3f0c922..663e5a316a 100644 --- a/.github/workflows/templates-sync.yml +++ b/.github/workflows/templates-sync.yml @@ -30,6 +30,7 @@ on: - 'file/keys/wireguard/wireguard-preshared.yaml' - 'file/keys/wireguard/wireguard-private.yaml' - 'http/cves/2023/CVE-2023-49785.yaml' + - 'http/cves/2023/CVE-2023-5830.yaml' - 'http/cves/2023/CVE-2023-5914.yaml' - 'http/cves/2024/CVE-2024-1698.yaml' - 'http/exposed-panels/bynder-panel.yaml' From fd781deeaf705f9bac78ffe8e85d8a2c5c6105e5 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 19 Mar 2024 05:03:08 +0000 Subject: [PATCH 36/37] Auto Template Signing [Tue Mar 19 05:03:08 UTC 2024] :robot: --- http/cves/2023/CVE-2023-5830.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/http/cves/2023/CVE-2023-5830.yaml b/http/cves/2023/CVE-2023-5830.yaml index c6985aac05..a9f28e145a 100644 --- a/http/cves/2023/CVE-2023-5830.yaml +++ b/http/cves/2023/CVE-2023-5830.yaml @@ -60,3 +60,4 @@ http: part: body words: - '"Authorized":false' +# digest: 4a0a0047304502201a739a9a323bb1ce5f468a13c31ecc02400b08053b2b81930e86f5decb5d83a2022100b712b21b2b241e8a04f480fe2c2b7cb3e7710265f1332dd9c2996d1a1e0cc3aa:922c64590222798bb761d5b6d8e72950 \ No newline at end of file From 297e9dcf75566c7bd9b558340a665aab9345e271 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Tue, 19 Mar 2024 20:38:10 +0530 Subject: [PATCH 37/37] Update .nuclei-ignore --- .nuclei-ignore | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.nuclei-ignore b/.nuclei-ignore index 4714e3b0df..86bfdb2535 100644 --- a/.nuclei-ignore +++ b/.nuclei-ignore @@ -18,7 +18,6 @@ tags: - "local" - "brute-force" - "bruteforce" - - "phishing" # The following templates have been excluded because they have weak matchers and may generate FP results. # Please feel free to create PR if you can update the templates with strict matchers. @@ -35,4 +34,4 @@ files: - http/cves/2021/CVE-2021-28164.yaml - http/fuzzing/wordpress-themes-detect.yaml - http/fuzzing/mdb-database-file.yaml - - http/fuzzing/iis-shortname.yaml \ No newline at end of file + - http/fuzzing/iis-shortname.yaml