diff --git a/exposed-panels/circarlife-setup.yaml b/exposed-panels/circarlife-setup.yaml index e84c2e93f0..f1be4d4778 100644 --- a/exposed-panels/circarlife-setup.yaml +++ b/exposed-panels/circarlife-setup.yaml @@ -6,7 +6,7 @@ info: description: CirCarLife is an internet-connected electric vehicle charging station reference: https://circontrol.com/ severity: critical - tags: scada,circontrorl,circarlife,setup,exposure + tags: scada,circontrorl,circarlife,setup,exposure,panel requests: - method: GET diff --git a/exposed-panels/exposed-nomad.yaml b/exposed-panels/exposed-nomad.yaml index 6966adbc29..f4a5f4c958 100644 --- a/exposed-panels/exposed-nomad.yaml +++ b/exposed-panels/exposed-nomad.yaml @@ -4,7 +4,7 @@ info: name: Exposed Nomad Jobs author: pdteam severity: high - tags: nomad,devops,hashicorp + tags: nomad,devops,hashicorp,panel reference: https://www.nomadproject.io/docs/internals/security requests: diff --git a/exposed-panels/jira-detect.yaml b/exposed-panels/jira-detect.yaml index b6569fb056..0e5cbb35d5 100644 --- a/exposed-panels/jira-detect.yaml +++ b/exposed-panels/jira-detect.yaml @@ -4,7 +4,7 @@ info: name: Detect Jira Issue Management Software author: pdteam,philippedelteil severity: info - tags: panel + tags: panel,jira requests: - method: GET diff --git a/exposed-panels/jmx-console.yaml b/exposed-panels/jmx-console.yaml index d223904914..81893c03f8 100644 --- a/exposed-panels/jmx-console.yaml +++ b/exposed-panels/jmx-console.yaml @@ -3,7 +3,7 @@ info: name: JMX Console author: yashanand155 severity: low - tags: panel + tags: panel,jmx requests: - method: GET diff --git a/exposed-panels/joomla-panel.yaml b/exposed-panels/joomla-panel.yaml index 84ee9d3a3c..bef3cb248d 100644 --- a/exposed-panels/joomla-panel.yaml +++ b/exposed-panels/joomla-panel.yaml @@ -4,7 +4,7 @@ info: name: Joomla Panel author: its0x08 severity: info - tags: panel + tags: panel,joomla requests: - method: GET diff --git a/exposed-panels/kafka-connect-ui.yaml b/exposed-panels/kafka-connect-ui.yaml index f05523b287..7eeab84fb6 100644 --- a/exposed-panels/kafka-connect-ui.yaml +++ b/exposed-panels/kafka-connect-ui.yaml @@ -4,7 +4,7 @@ info: name: Apache Kafka Connect UI Exposure author: pdteam severity: low - tags: panel + tags: panel,kafka requests: - method: GET diff --git a/exposed-panels/kafka-monitoring.yaml b/exposed-panels/kafka-monitoring.yaml index faf62308cc..d7d75e2c47 100644 --- a/exposed-panels/kafka-monitoring.yaml +++ b/exposed-panels/kafka-monitoring.yaml @@ -4,7 +4,7 @@ info: name: Apache Kafka Monitor Exposure author: pdteam severity: low - tags: panel + tags: panel,kafka requests: - method: GET diff --git a/exposed-panels/kafka-topics-ui.yaml b/exposed-panels/kafka-topics-ui.yaml index 8dbc3f9571..9b4fc715ae 100644 --- a/exposed-panels/kafka-topics-ui.yaml +++ b/exposed-panels/kafka-topics-ui.yaml @@ -4,7 +4,7 @@ info: name: Apache Kafka Topics UI Exposure author: pdteam severity: low - tags: panel + tags: panel,kafka requests: - method: GET diff --git a/exposed-panels/keenetic-web-login.yaml b/exposed-panels/keenetic-web-login.yaml index 3faad52760..bc9aba324b 100644 --- a/exposed-panels/keenetic-web-login.yaml +++ b/exposed-panels/keenetic-web-login.yaml @@ -5,7 +5,7 @@ info: author: dhiyaneshDK severity: info reference: https://www.exploit-db.com/ghdb/6817 - tags: panel + tags: panel,keenetic requests: - method: GET diff --git a/exposed-panels/magento-admin-panel.yaml b/exposed-panels/magento-admin-panel.yaml index 71820a3d1d..ba964e2efb 100644 --- a/exposed-panels/magento-admin-panel.yaml +++ b/exposed-panels/magento-admin-panel.yaml @@ -6,7 +6,7 @@ info: severity: info description: As a security best practice, Magento recommends that you use a unique, custom Admin URL instead of the default admin or a common term such as backend. Although it will not directly protect your site from a determined bad actor, it can reduce exposure to scripts that try to gain unauthorized access. reference: https://docs.magento.com/user-guide/stores/store-urls-custom-admin.html - tags: magento + tags: magento,panel requests: - method: GET diff --git a/exposed-panels/monitorix-exposure.yaml b/exposed-panels/monitorix-exposure.yaml index 4c32dc5743..8c0b91fe08 100644 --- a/exposed-panels/monitorix-exposure.yaml +++ b/exposed-panels/monitorix-exposure.yaml @@ -5,7 +5,7 @@ info: description: Monitorix is a free, open source, lightweight system monitoring tool designed to monitor as many services and system resources as possible. reference: https://www.monitorix.org/ severity: low - tags: monitorix,exposure,logs + tags: monitorix,exposure,logs,panel requests: - method: GET diff --git a/exposed-panels/netscalar-aaa-login.yaml b/exposed-panels/netscalar-aaa-login.yaml index 4f8d6137ac..1f8c66d7b3 100644 --- a/exposed-panels/netscalar-aaa-login.yaml +++ b/exposed-panels/netscalar-aaa-login.yaml @@ -5,6 +5,7 @@ info: author: dhiyaneshDk severity: info reference: https://www.exploit-db.com/ghdb/6898 + tags: panel requests: - method: GET diff --git a/exposed-panels/openerp-database.yaml b/exposed-panels/openerp-database.yaml index c9446f8607..7d9f2c6a84 100644 --- a/exposed-panels/openerp-database.yaml +++ b/exposed-panels/openerp-database.yaml @@ -4,7 +4,7 @@ info: name: OpenERP database instances author: impramodsargar severity: info - tags: openerp + tags: openerp,panel requests: - method: GET diff --git a/exposed-panels/portainer-init-deploy.yaml b/exposed-panels/portainer-init-deploy.yaml index 44a7e3ac60..c25c658536 100644 --- a/exposed-panels/portainer-init-deploy.yaml +++ b/exposed-panels/portainer-init-deploy.yaml @@ -3,7 +3,7 @@ info: name: Portainer Init Deploy author: princechaddha severity: high - tags: portainer,exposure,docker,devops + tags: portainer,exposure,docker,devops,panel reference: https://documentation.portainer.io/v2.0/deploy/initial/ requests: - method: GET diff --git a/exposed-panels/rstudio-detect.yaml b/exposed-panels/rstudio-detect.yaml new file mode 100644 index 0000000000..e24cf77d08 --- /dev/null +++ b/exposed-panels/rstudio-detect.yaml @@ -0,0 +1,21 @@ +id: rstudio-detect + +info: + name: RStudio panel detector + author: philippedelteil + severity: info + tags: panel,rstudio + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers: + - type: word + words: + - 'RStudio' + part: header + - type: status + status: + - 302 diff --git a/exposed-panels/saferoads-vms-login.yaml b/exposed-panels/saferoads-vms-login.yaml index 87def4c2a4..7fd9a2d174 100644 --- a/exposed-panels/saferoads-vms-login.yaml +++ b/exposed-panels/saferoads-vms-login.yaml @@ -4,7 +4,7 @@ info: name: Saferoads VMS Login author: dhiyaneshDk severity: info - tags: login + tags: panel reference: https://www.exploit-db.com/ghdb/6941 requests: diff --git a/exposed-panels/sharecenter-login.yaml b/exposed-panels/sharecenter-login.yaml index d41580c34c..1c3df0b1ad 100644 --- a/exposed-panels/sharecenter-login.yaml +++ b/exposed-panels/sharecenter-login.yaml @@ -5,6 +5,7 @@ info: author: dhiyaneshDk severity: info reference: https://www.exploit-db.com/ghdb/6892 + tags: panel requests: - method: GET