TemplateMan Update [Fri Jun 7 10:04:28 UTC 2024] 🤖

2024-06-07 10:04:29 +00:00 · 2024-06-07 10:04:29 +00:00 · f559aeaeb9
parent 262b446300
commit f559aeaeb9
2476 changed files with 9883 additions and 4859 deletions
--- a/cloud/aws/acm/acm-cert-renewal-30days.yaml
+++ b/cloud/aws/acm/acm-cert-renewal-30days.yaml
@ -11,8 +11,9 @@ info:
    Set up Amazon CloudWatch to monitor ACM certificate expiration and automate renewal notifications or processes.
  reference:
    - https://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,acm,aws-cloud-config
 variables:
  region: "us-east-1"
--- a/cloud/aws/acm/acm-cert-renewal-45days.yaml
+++ b/cloud/aws/acm/acm-cert-renewal-45days.yaml
@ -11,8 +11,9 @@ info:
    Set up Amazon CloudWatch to monitor ACM certificate expiration and automate renewal notifications or processes.
  reference:
    - https://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,acm,aws-cloud-config
 variables:
  region: "us-east-1"
--- a/cloud/aws/acm/acm-cert-validation.yaml
+++ b/cloud/aws/acm/acm-cert-validation.yaml
@ -11,8 +11,9 @@ info:
    Use AWS ACM for certificate provisioning and ensure domain validation steps are correctly followed for each certificate issued or renewed.
  reference:
    - https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,acm,aws-cloud-config
 variables:
  region: "us-east-1"
--- a/cloud/aws/acm/acm-wildcard-cert.yaml
+++ b/cloud/aws/acm/acm-wildcard-cert.yaml
@ -11,8 +11,9 @@ info:
    Replace wildcard ACM certificates with single domain name certificates for each domain/subdomain within your AWS account. This enhances security by ensuring each domain/subdomain has its own unique private key and certificate.
  reference:
    - https://docs.aws.amazon.com/acm/latest/userguide/acm-certificate.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,acm,aws-cloud-config
 variables:
  region: "us-east-1"
--- a/cloud/aws/aws-code-env.yaml
+++ b/cloud/aws/aws-code-env.yaml
@ -7,6 +7,8 @@ info:
    Checks if AWS CLI is set up and all necessary tools are installed on the environment.
  reference:
    - https://aws.amazon.com/cli/
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazone,aws-cloud-config
 variables:
--- a/cloud/aws/cloudtrail/cloudtrail-data-events.yaml
+++ b/cloud/aws/cloudtrail/cloudtrail-data-events.yaml
@ -11,8 +11,9 @@ info:
    Enable data event logging in CloudTrail for S3 buckets to ensure detailed activity monitoring and logging for better security and compliance.
  reference:
    - https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,s3,cloudtrail,aws-cloud-config
 variables:
  region: "ap-south-1"
--- a/cloud/aws/cloudtrail/cloudtrail-disabled.yaml
+++ b/cloud/aws/cloudtrail/cloudtrail-disabled.yaml
@ -11,8 +11,9 @@ info:
    Enable CloudTrail in all AWS regions through the AWS Management Console or CLI to ensure comprehensive activity logging and monitoring.
  reference:
    - https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-getting-started.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,cloudtrail,aws-cloud-config
 variables:
  region: "ap-south-1"
--- a/cloud/aws/cloudtrail/cloudtrail-dup-logs.yaml
+++ b/cloud/aws/cloudtrail/cloudtrail-dup-logs.yaml
@ -11,8 +11,9 @@ info:
    Configure only one multi-region trail to log global service events and disable global service logging for all other trails.
  reference:
    - https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-find-log-files.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,cloudtrail,aws-cloud-config
 variables:
  region: "ap-south-1"
--- a/cloud/aws/cloudtrail/cloudtrail-global-disabled.yaml
+++ b/cloud/aws/cloudtrail/cloudtrail-global-disabled.yaml
@ -11,8 +11,9 @@ info:
    Enable global service logging in CloudTrail by creating or updating a trail to include global services. This ensures comprehensive activity monitoring.
  reference:
    - https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-create-and-update-a-trail.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,cloudtrail,aws-cloud-config
 variables:
  region: "ap-south-1"
--- a/cloud/aws/cloudtrail/cloudtrail-integrated-cloudwatch.yaml
+++ b/cloud/aws/cloudtrail/cloudtrail-integrated-cloudwatch.yaml
@ -11,8 +11,9 @@ info:
    Enable CloudTrail log file validation and configure CloudWatch Logs to monitor CloudTrail log files. Create CloudWatch Alarms for specific events of interest.
  reference:
    - https://docs.aws.amazon.com/awscloudtrail/latest/userguide/send-cloudtrail-events-to-cloudwatch-logs.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,cloudtrail,cloudwatch,aws-cloud-config
 variables:
  region: "ap-south-1"
--- a/cloud/aws/cloudtrail/cloudtrail-log-integrity.yaml
+++ b/cloud/aws/cloudtrail/cloudtrail-log-integrity.yaml
@ -11,8 +11,9 @@ info:
    Enable log file integrity validation on all CloudTrail trails to ensure the integrity and authenticity of your logs.
  reference:
    - https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-log-file-validation-intro.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,cloudtrail,aws-cloud-config
 variables:
  region: "ap-south-1"
--- a/cloud/aws/cloudtrail/cloudtrail-logs-not-encrypted.yaml
+++ b/cloud/aws/cloudtrail/cloudtrail-logs-not-encrypted.yaml
@ -11,8 +11,9 @@ info:
    Enable Server-Side Encryption (SSE) for CloudTrail logs using an AWS KMS key through the CloudTrail console or AWS CLI.
  reference:
    - https://docs.aws.amazon.com/awscloudtrail/latest/userguide/encrypting-cloudtrail-log-files-with-aws-kms.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,cloudtrail,aws-cloud-config
 variables:
  region: "us-east-1"
--- a/cloud/aws/cloudtrail/cloudtrail-mfa-delete.yaml
+++ b/cloud/aws/cloudtrail/cloudtrail-mfa-delete.yaml
@ -11,8 +11,9 @@ info:
    Enable MFA Delete on CloudTrail buckets via the S3 console or AWS CLI.
  reference:
    - https://docs.aws.amazon.com/AmazonS3/latest/userguide/MultiFactorAuthenticationDelete.html
  metadata:
    max-request: 3
  tags: cloud,devops,aws,amazon,s3,aws-cloud-config
 variables:
  region: "ap-south-1"
--- a/cloud/aws/cloudtrail/cloudtrail-mgmt-events.yaml
+++ b/cloud/aws/cloudtrail/cloudtrail-mgmt-events.yaml
@ -11,9 +11,9 @@ info:
    Enable management event logging in CloudTrail by creating a new trail or updating existing trails to include management events.
  reference:
    - https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-and-data-events-with-cloudtrail.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,cloudtrail,aws-cloud-config
 variables:
  region: "ap-south-1"
--- a/cloud/aws/cloudtrail/cloudtrail-public-buckets.yaml
+++ b/cloud/aws/cloudtrail/cloudtrail-public-buckets.yaml
@ -11,8 +11,9 @@ info:
    Restrict S3 bucket access using bucket policies or IAM policies to ensure that CloudTrail logs are not publicly accessible.
  reference:
    - https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-find-log-files.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,s3,aws-cloud-config
 variables:
  region: "ap-south-1"
--- a/cloud/aws/cloudtrail/cloudtrail-s3-bucket-logging.yaml
+++ b/cloud/aws/cloudtrail/cloudtrail-s3-bucket-logging.yaml
@ -11,8 +11,9 @@ info:
    Enable Server Access Logging on the S3 bucket used by CloudTrail. Configure the logging feature to capture all requests made to the CloudTrail bucket.
  reference:
    - https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-log-file-validation-intro.html
  metadata:
    max-request: 3
  tags: cloud,devops,aws,amazon,s3,cloudtrail,aws-cloud-config
 variables:
  region: "ap-south-1"
--- a/cloud/aws/cloudtrail/s3-object-lock-not-enabled.yaml
+++ b/cloud/aws/cloudtrail/s3-object-lock-not-enabled.yaml
@ -11,8 +11,9 @@ info:
    Enable S3 Object Lock in Governance mode with a retention period that meets your compliance requirements for CloudTrail S3 buckets.
  reference:
    - https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html
  metadata:
    max-request: 3
  tags: cloud,devops,aws,amazon,s3,aws-cloud-config
 variables:
  region: "ap-south-1"
--- a/cloud/aws/cloudwatch/cw-alarm-action-set.yaml
+++ b/cloud/aws/cloudwatch/cw-alarm-action-set.yaml
@ -11,8 +11,9 @@ info:
    Configure at least one action for each CloudWatch alarm to ensure timely response to monitored issues.
  reference:
    - https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,cloudwatch,aws-cloud-config
 variables:
  region: "us-east-1"
--- a/cloud/aws/cloudwatch/cw-alarms-actions.yaml
+++ b/cloud/aws/cloudwatch/cw-alarms-actions.yaml
@ -11,8 +11,9 @@ info:
    Enable actions for each CloudWatch alarm by setting the ActionEnabled parameter to true, allowing for automated responses to alarms.
  reference:
    - https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/AlarmThatSendsEmail.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,cloudwatch,aws-cloud-config
 variables:
  region: "us-east-1"
--- a/cloud/aws/ec2/ec2-imdsv2.yaml
+++ b/cloud/aws/ec2/ec2-imdsv2.yaml
@ -11,9 +11,9 @@ info:
    Modify the EC2 instance metadata options to set `HttpTokens` to `required`, enforcing the use of IMDSv2. This can be done via the AWS Management Console, CLI, or EC2 API.
  reference:
    - https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,ec2,aws-cloud-config
 variables:
  region: "us-east-1"
--- a/cloud/aws/ec2/ec2-public-ip.yaml
+++ b/cloud/aws/ec2/ec2-public-ip.yaml
@ -11,8 +11,9 @@ info:
    Restrict public IP assignment for EC2 instances, particularly for backend instances. Use private IPs and manage access via AWS VPC and security groups.
  reference:
    - https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-instance-addressing.html#concepts-public-addresses
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,ec2,aws-cloud-config
 variables:
  region: "us-east-1"
--- a/cloud/aws/ec2/ec2-sg-egress-open.yaml
+++ b/cloud/aws/ec2/ec2-sg-egress-open.yaml
@ -11,8 +11,9 @@ info:
    Restrict egress traffic in EC2 security groups to only necessary IP addresses and ranges, adhering to the Principle of Least Privilege.
  reference:
    - https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-security-groups.html#sg-rules
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,ec2,aws-cloud-config
 variables:
  region: "us-east-1"
--- a/cloud/aws/ec2/ec2-sg-ingress.yaml
+++ b/cloud/aws/ec2/ec2-sg-ingress.yaml
@ -11,8 +11,9 @@ info:
    Restrict access to uncommon ports in EC2 security groups, permitting only necessary traffic and implementing stringent access controls.
  reference:
    - https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,ec2,aws-cloud-config
 variables:
  region: "us-east-1"
--- a/cloud/aws/ec2/publicly-shared-ami.yaml
+++ b/cloud/aws/ec2/publicly-shared-ami.yaml
@ -11,8 +11,9 @@ info:
    Restrict AMI sharing to specific, trusted AWS accounts and ensure they are not publicly accessible.
  reference:
    - https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sharingamis-explicit.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,ami,aws-cloud-config
 variables:
  region: "us-east-1"
--- a/cloud/aws/ec2/unencrypted-aws-ami.yaml
+++ b/cloud/aws/ec2/unencrypted-aws-ami.yaml
@ -11,8 +11,9 @@ info:
    Encrypt your AMIs using AWS managed keys or customer-managed keys in the AWS Key Management Service (KMS) to ensure data security.
  reference:
    - https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AMIEncryption.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,ec2,aws-cloud-config
 variables:
  region: "us-east-1"
--- a/cloud/aws/iam/iam-full-admin-privileges.yaml
+++ b/cloud/aws/iam/iam-full-admin-privileges.yaml
@ -7,6 +7,8 @@ info:
    Verifies that no Amazon IAM policies grant full administrative privileges, ensuring adherence to the Principle of Least Privilege
  reference:
    - https://docs.aws.amazon.com/cli/latest/reference/iam/get-policy-version.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,iam,aws-cloud-config
 flow: |
--- a/cloud/aws/iam/iam-key-rotation-90days.yaml
+++ b/cloud/aws/iam/iam-key-rotation-90days.yaml
@ -7,6 +7,8 @@ info:
    Checks if IAM user access keys are rotated every 90 days to minimize accidental exposures and unauthorized access risks
  reference:
    - https://docs.aws.amazon.com/cli/latest/reference/iam/list-access-keys.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,iam,aws-cloud-config
 flow: |
--- a/cloud/aws/iam/iam-mfa-enable.yaml
+++ b/cloud/aws/iam/iam-mfa-enable.yaml
@ -7,6 +7,8 @@ info:
    Verifies that Multi-Factor Authentication (MFA) is enabled for all IAM users with console access in AWS
  reference:
    - https://docs.aws.amazon.com/cli/latest/reference/iam/list-mfa-devices.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,iam,aws-cloud-config
 flow: |
--- a/cloud/aws/iam/iam-ssh-keys-rotation.yaml
+++ b/cloud/aws/iam/iam-ssh-keys-rotation.yaml
@ -7,6 +7,8 @@ info:
    Verifies that IAM SSH public keys are rotated every 90 days, enhancing security and preventing unauthorized access to AWS CodeCommit repositories
  reference:
    - https://docs.aws.amazon.com/cli/latest/reference/iam/list-ssh-public-keys.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,iam,ssh,aws-cloud-config
 flow: |
--- a/cloud/aws/rds/aurora-copy-tags-snap.yaml
+++ b/cloud/aws/rds/aurora-copy-tags-snap.yaml
@ -11,8 +11,9 @@ info:
    Enable Copy Tags to Snapshots for Aurora clusters via the AWS Management Console or modify the DB cluster to include this feature using AWS CLI.
  reference:
    - https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_Tagging.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,aurora,rds,aws-cloud-config
 variables:
  region: "ap-northeast-1"
--- a/cloud/aws/rds/aurora-delete-protect.yaml
+++ b/cloud/aws/rds/aurora-delete-protect.yaml
@ -11,8 +11,9 @@ info:
    Enable Deletion Protection by modifying the Aurora cluster settings in the AWS Management Console or via the AWS CLI.
  reference:
    - https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/DBInstanceDeletionProtection.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,aurora,rds,aws-cloud-config
 variables:
  region: "ap-northeast-1"
--- a/cloud/aws/rds/iam-db-auth.yaml
+++ b/cloud/aws/rds/iam-db-auth.yaml
@ -11,8 +11,9 @@ info:
    Enable IAM Database Authentication for MySQL and PostgreSQL RDS database instances to leverage IAM for secure, token-based access control.
  reference:
    - https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,rds,aws-cloud-config
 variables:
  region: "ap-northeast-1"
--- a/cloud/aws/rds/rds-backup-enable.yaml
+++ b/cloud/aws/rds/rds-backup-enable.yaml
@ -11,8 +11,9 @@ info:
    Enable automated backups for RDS instances by setting the backup retention period to a value other than 0.
  reference:
    - https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,rds,aws-cloud-config
 variables:
  region: "ap-northeast-1"
--- a/cloud/aws/rds/rds-deletion-protection.yaml
+++ b/cloud/aws/rds/rds-deletion-protection.yaml
@ -11,9 +11,9 @@ info:
    Enable Deletion Protection for all Amazon RDS instances via the AWS Management Console or using the AWS CLI.
  reference:
    - https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,rds,aws-cloud-config
 variables:
  region: "ap-northeast-1"
--- a/cloud/aws/rds/rds-encryption-check.yaml
+++ b/cloud/aws/rds/rds-encryption-check.yaml
@ -11,8 +11,9 @@ info:
    Enable encryption for your Amazon RDS instances by modifying the instance and setting the "Storage Encrypted" option to true. For new instances, enable encryption within the launch wizard.
  reference:
    - https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.Encryption.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,rds,aws-cloud-config
 variables:
  region: "ap-northeast-1"
--- a/cloud/aws/rds/rds-gp-ssd-usage.yaml
+++ b/cloud/aws/rds/rds-gp-ssd-usage.yaml
@ -11,8 +11,9 @@ info:
    Convert RDS instances from Provisioned IOPS to General Purpose SSDs to optimize costs without sacrificing I/O performance for most database workloads.
  reference:
    - https://aws.amazon.com/rds/features/storage/
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,rds,aws-cloud-config
 variables:
  region: "ap-northeast-1"
--- a/cloud/aws/rds/rds-public-snapshot.yaml
+++ b/cloud/aws/rds/rds-public-snapshot.yaml
@ -11,8 +11,9 @@ info:
    Modify the snapshot's visibility settings to ensure it is not public, only shared with specific AWS accounts.
  reference:
    - https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_ShareSnapshot.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,rds,aws-cloud-config
 variables:
  region: "ap-northeast-1"
--- a/cloud/aws/rds/rds-public-subnet.yaml
+++ b/cloud/aws/rds/rds-public-subnet.yaml
@ -11,8 +11,9 @@ info:
    Migrate RDS instances to private subnets within the VPC and ensure proper network ACLs and security group settings are in place to restrict access.
  reference:
    - https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_VPC.WorkingWithRDSInstanceinaVPC.html#USER_VPC.Subnets
  metadata:
    max-request: 3
  tags: cloud,devops,aws,amazon,rds,aws-cloud-config
 variables:
  region: "ap-northeast-1"
--- a/cloud/aws/rds/rds-ri-payment-fail.yaml
+++ b/cloud/aws/rds/rds-ri-payment-fail.yaml
@ -11,8 +11,9 @@ info:
    Review the payment methods on file and retry the reservation purchase for RDS instances to secure discounted rates.
  reference:
    - https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithReservedDBInstances.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,rds,aws-cloud-config
 variables:
  region: "ap-northeast-1"
--- a/cloud/aws/rds/rds-snapshot-encryption.yaml
+++ b/cloud/aws/rds/rds-snapshot-encryption.yaml
@ -11,8 +11,9 @@ info:
    Enable encryption for RDS snapshots by using AWS KMS Customer Master Keys (CMKs) for enhanced data security and compliance.
  reference:
    - https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_EncryptSnapshot.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,rds,aws-cloud-config
 variables:
  region: "ap-northeast-1"
--- a/cloud/aws/s3/s3-access-logging.yaml
+++ b/cloud/aws/s3/s3-access-logging.yaml
@ -7,6 +7,8 @@ info:
    This template verifies if the Server Access Logging feature is enabled for Amazon S3 buckets, which is essential for tracking access requests for security and audit purposes.
  reference:
    - https://docs.aws.amazon.com/cli/latest/reference/s3api/get-bucket-encryption.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,s3,aws-cloud-config
 flow: |
--- a/cloud/aws/s3/s3-auth-fullcontrol.yaml
+++ b/cloud/aws/s3/s3-auth-fullcontrol.yaml
@ -7,6 +7,8 @@ info:
    Checks if Amazon S3 buckets grant FULL_CONTROL access to authenticated users, preventing unauthorized operations
  reference:
    - https://docs.aws.amazon.com/AmazonS3/latest/userguide/manage-versioning-examples.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,s3,aws-cloud-config
 flow: |
--- a/cloud/aws/s3/s3-bucket-key.yaml
+++ b/cloud/aws/s3/s3-bucket-key.yaml
@ -7,6 +7,8 @@ info:
    This template verifies if Amazon S3 buckets have bucket keys enabled to optimize the cost of AWS Key Management Service (SSE-KMS) for server-side encryption
  reference:
    - https://docs.aws.amazon.com/AmazonS3/latest/userguide/manage-versioning-examples.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,s3,aws-cloud-config
 flow: |
--- a/cloud/aws/s3/s3-bucket-policy-public-access.yaml
+++ b/cloud/aws/s3/s3-bucket-policy-public-access.yaml
@ -7,6 +7,8 @@ info:
    This template checks if Amazon S3 buckets are configured to prevent public access via bucket policies
  reference:
    - https://docs.aws.amazon.com/cli/latest/reference/s3api/get-bucket-policy.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,s3,aws-cloud-config
 flow: |
--- a/cloud/aws/s3/s3-mfa-delete-check.yaml
+++ b/cloud/aws/s3/s3-mfa-delete-check.yaml
@ -7,6 +7,8 @@ info:
    This template verifies that Amazon S3 buckets are configured with Multi-Factor Authentication (MFA) Delete feature, ensuring enhanced protection against unauthorized deletion of versioned objects
  reference:
    - https://docs.aws.amazon.com/cli/latest/reference/s3api/get-bucket-versioning.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,s3,aws-cloud-config
 flow: |
--- a/cloud/aws/s3/s3-public-read-acp.yaml
+++ b/cloud/aws/s3/s3-public-read-acp.yaml
@ -8,6 +8,8 @@ info:
    Verifies that Amazon S3 buckets do not permit public 'READ_ACP' (LIST) access to anonymous users, protecting against unauthorized data exposure
  reference:
    - https://docs.aws.amazon.com/cli/latest/reference/s3api/get-bucket-acl.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,s3,aws-cloud-config
 flow: |
--- a/cloud/aws/s3/s3-public-read.yaml
+++ b/cloud/aws/s3/s3-public-read.yaml
@ -8,6 +8,8 @@ info:
    Verifies that Amazon S3 buckets do not permit public 'READ' (LIST) access to anonymous users, protecting against unauthorized data exposure
  reference:
    - https://docs.aws.amazon.com/cli/latest/reference/s3api/get-bucket-acl.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,s3,aws-cloud-config
 flow: |
--- a/cloud/aws/s3/s3-public-write-acp.yaml
+++ b/cloud/aws/s3/s3-public-write-acp.yaml
@ -7,6 +7,8 @@ info:
    Checks if Amazon S3 buckets are secured against public WRITE_ACP access, preventing unauthorized modifications to access control permissions.
  reference:
    - https://docs.aws.amazon.com/cli/latest/reference/s3api/get-bucket-acl.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,s3,aws-cloud-config
 flow: |
--- a/cloud/aws/s3/s3-public-write.yaml
+++ b/cloud/aws/s3/s3-public-write.yaml
@ -7,6 +7,8 @@ info:
    Checks if Amazon S3 buckets are secured against public WRITE access, preventing unauthorized modifications to access control permissions.
  reference:
    - https://docs.aws.amazon.com/cli/latest/reference/s3api/get-bucket-acl.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,s3,aws-cloud-config
 flow: |
--- a/cloud/aws/s3/s3-server-side-encryption.yaml
+++ b/cloud/aws/s3/s3-server-side-encryption.yaml
@ -7,6 +7,8 @@ info:
    This template verifies if Amazon S3 buckets have server-side encryption enabled for protecting sensitive content at rest, using either AWS S3-managed keys (SSE-S3) or AWS KMS-managed keys (SSE-KMS).
  reference:
    - https://docs.aws.amazon.com/cli/latest/reference/s3api/get-bucket-encryption.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,s3,aws-cloud-config
 flow: |
--- a/cloud/aws/s3/s3-versioning.yaml
+++ b/cloud/aws/s3/s3-versioning.yaml
@ -7,6 +7,8 @@ info:
    Verifies that Amazon S3 buckets have object versioning enabled, providing a safeguard for recovering overwritten or deleted objects
  reference:
    - https://docs.aws.amazon.com/AmazonS3/latest/userguide/manage-versioning-examples.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,s3,aws-cloud-config
 flow: |
--- a/cloud/aws/sns/sns-topic-public-accessible.yaml
+++ b/cloud/aws/sns/sns-topic-public-accessible.yaml
@ -8,6 +8,8 @@ info:
    This template checks if Amazon SNS topics are configured to prevent public access via topic policies.
  reference:
    - https://docs.aws.amazon.com/sns/latest/api/API_GetTopicAttributes.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,sns,aws-cloud-config
 flow: |
--- a/cloud/aws/vpc/nacl-open-inbound.yaml
+++ b/cloud/aws/vpc/nacl-open-inbound.yaml
@ -11,8 +11,9 @@ info:
    Restrict Network ACL inbound rules to only allow necessary IP ranges and ports as per the Principle of Least Privilege.
  reference:
    - https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,vpc,aws-cloud-config
 variables:
  region: "us-east-1"
--- a/cloud/aws/vpc/nacl-outbound-restrict.yaml
+++ b/cloud/aws/vpc/nacl-outbound-restrict.yaml
@ -11,8 +11,9 @@ info:
    Modify NACL outbound rules to limit traffic to only the ports required for legitimate business needs.
  reference:
    - https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,vpc,aws-cloud-config
 variables:
  region: "us-east-1"
--- a/cloud/aws/vpc/nat-gateway-usage.yaml
+++ b/cloud/aws/vpc/nat-gateway-usage.yaml
@ -11,8 +11,9 @@ info:
    Replace NAT instances with Amazon Managed NAT Gateway to ensure high availability and scalability in your VPC network.
  reference:
    - https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,vpc,aws-cloud-config
 variables:
  region: "us-east-1"
--- a/cloud/aws/vpc/unrestricted-admin-ports.yaml
+++ b/cloud/aws/vpc/unrestricted-admin-ports.yaml
@ -11,8 +11,9 @@ info:
    Restrict access to ports 22 and 3389 to trusted IPs or IP ranges to adhere to the Principle of Least Privilege (POLP).
  reference:
    - https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,vpc,aws-cloud-config
 variables:
  region: "us-east-1"
--- a/cloud/aws/vpc/vpc-endpoint-exposed.yaml
+++ b/cloud/aws/vpc/vpc-endpoint-exposed.yaml
@ -11,8 +11,9 @@ info:
    Update the VPC endpoint's policy to restrict access only to authorized entities and ensure all requests are signed.
  reference:
    - https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints-access.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,vpc,aws-cloud-config
 variables:
  region: "us-east-1"
--- a/cloud/aws/vpc/vpc-endpoints-not-deployed.yaml
+++ b/cloud/aws/vpc/vpc-endpoints-not-deployed.yaml
@ -11,8 +11,9 @@ info:
    Implement VPC endpoints for supported AWS services to secure and optimize connectivity within your VPC, minimizing external access risks.
  reference:
    - https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,vpc,aws-cloud-config
 variables:
  region: "us-east-1"
--- a/cloud/aws/vpc/vpc-flowlogs-not-enabled.yaml
+++ b/cloud/aws/vpc/vpc-flowlogs-not-enabled.yaml
@ -11,8 +11,9 @@ info:
    Enable VPC Flow Logs in the AWS Management Console under the VPC dashboard to collect data on IP traffic going to and from network interfaces in your VPC.
  reference:
    - https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,vpc,aws-cloud-config
 variables:
  region: "us-east-1"
--- a/cloud/aws/vpc/vpn-tunnel-down.yaml
+++ b/cloud/aws/vpc/vpn-tunnel-down.yaml
@ -11,8 +11,9 @@ info:
    Monitor VPN tunnel status via the AWS Management Console or CLI. If a tunnel is DOWN, troubleshoot according to AWS documentation and ensure redundancy by configuring multiple tunnels.
  reference:
    - https://docs.aws.amazon.com/vpn/latest/s2svpn/VPNConnections.html
  metadata:
    max-request: 2
  tags: cloud,devops,aws,amazon,vpn,aws-cloud-config
 variables:
  region: "us-east-1"
--- a/cloud/enum/azure-db-enum.yaml
+++ b/cloud/enum/azure-db-enum.yaml
@ -9,7 +9,7 @@ info:
  metadata:
    verified: true
    max-request: 1
-  tags: cloud,enum,cloud-enum,azure
+  tags: cloud,enum,cloud-enum,azure,dns
 self-contained: true
--- a/cloud/enum/azure-vm-cloud-enum.yaml
+++ b/cloud/enum/azure-vm-cloud-enum.yaml
@ -9,7 +9,7 @@ info:
  metadata:
    verified: true
    max-request: 1
-  tags: cloud,cloud-enum,azure,fuzz,enum
+  tags: cloud,cloud-enum,azure,fuzz,enum,dns
 self-contained: true
--- a/code/cves/2019/CVE-2019-14287.yaml
+++ b/code/cves/2019/CVE-2019-14287.yaml
@ -25,7 +25,7 @@ info:
    max-request: 2
    vendor: sudo_project
    product: sudo
-  tags: packetstorm,cve,cve2019,sudo,code,linux,privesc,local,canonical
+  tags: packetstorm,cve,cve2019,sudo,code,linux,privesc,local,canonical,sudo_project
 self-contained: true
 code:
--- a/code/cves/2021/CVE-2021-3156.yaml
+++ b/code/cves/2021/CVE-2021-3156.yaml
@ -24,7 +24,7 @@ info:
    verified: true
    vendor: sudo_project
    product: sudo
-  tags: packetstorm,cve,cve2021,sudo,code,linux,privesc,local,kev
+  tags: packetstorm,cve,cve2021,sudo,code,linux,privesc,local,kev,sudo_project
 self-contained: true
 code:
--- a/code/cves/2023/CVE-2023-2640.yaml
+++ b/code/cves/2023/CVE-2023-2640.yaml
@ -29,6 +29,7 @@ info:
    max-request: 2
    vendor: canonical
    product: ubuntu_linux
    shodan-query: cpe:"cpe:2.3:o:canonical:ubuntu_linux"
  tags: cve,cve2023,code,packetstorm,kernel,ubuntu,linux,privesc,local,canonical
 self-contained: true
--- a/code/cves/2023/CVE-2023-49105.yaml
+++ b/code/cves/2023/CVE-2023-49105.yaml
@ -17,14 +17,18 @@ info:
    cvss-score: 9.8
    cve-id: CVE-2023-49105
    cwe-id: CWE-287
-    epss-score: 0.21237
+    epss-score: 0.18166
-    epss-percentile: 0.96302
+    epss-percentile: 0.96172
    cpe: cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:*
  metadata:
    max-request: 2
    vendor: owncloud
    product: owncloud
-    shodan-query: title:"owncloud"
+    shodan-query:
      - title:"owncloud"
      - http.title:"owncloud"
    fofa-query: title="owncloud"
    google-query: intitle:"owncloud"
  tags: cve,cve2023,code,owncloud,auth-bypass
 variables:
  username: admin
--- a/code/cves/2023/CVE-2023-4911.yaml
+++ b/code/cves/2023/CVE-2023-4911.yaml
@ -24,7 +24,7 @@ info:
    max-request: 1
    vendor: gnu
    product: glibc
-  tags: cve,cve2023,code,glibc,looneytunables,linux,privesc,local,kev
+  tags: cve,cve2023,code,glibc,looneytunables,linux,privesc,local,kev,gnu
 self-contained: true
 code:
--- a/code/cves/2023/CVE-2023-6246.yaml
+++ b/code/cves/2023/CVE-2023-6246.yaml
@ -24,7 +24,7 @@ info:
    max-request: 1
    vendor: gnu
    product: glibc
-  tags: cve,cve2023,code,glibc,linux,privesc,local
+  tags: cve,cve2023,code,glibc,linux,privesc,local,gnu
 self-contained: true
 code:
--- a/code/cves/2024/CVE-2024-3094.yaml
+++ b/code/cves/2024/CVE-2024-3094.yaml
@ -24,7 +24,7 @@ info:
    verified: true
    vendor: tukaani
    product: xz
-  tags: cve,cve2024,local,code,xz,backdoor
+  tags: cve,cve2024,local,code,xz,backdoor,tukaani
 self-contained: true
 code:
--- a/code/privilege-escalation/linux/binary/privesc-sqlite3.yaml
+++ b/code/privilege-escalation/linux/binary/privesc-sqlite3.yaml
@ -11,7 +11,7 @@ info:
  metadata:
    verified: true
    max-request: 3
-  tags: code,linux,sqlite3,privesc,local
+  tags: code,linux,sqlite3,privesc,local,sqli
 self-contained: true
 code:
--- a/dast/cves/2018/CVE-2018-19518.yaml
+++ b/dast/cves/2018/CVE-2018-19518.yaml
@ -17,6 +17,7 @@ info:
    cve-id: CVE-2018-19518
    cwe-id: CWE-88
  metadata:
    max-request: 1
    confidence: tenative
  tags: imap,dast,vulhub,cve,cve2018,rce,oast,php
--- a/dast/cves/2021/CVE-2021-45046.yaml
+++ b/dast/cves/2021/CVE-2021-45046.yaml
@ -17,6 +17,7 @@ info:
    cve-id: CVE-2021-45046
    cwe-id: CWE-502
  metadata:
    max-request: 1
    confidence: tenative
  tags: cve,cve2021,rce,oast,log4j,injection,dast
--- a/dast/cves/2022/CVE-2022-42889.yaml
+++ b/dast/cves/2022/CVE-2022-42889.yaml
@ -6,19 +6,20 @@ info:
  severity: critical
  description: |
    Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation. Starting with version 1.5 and continuing through 1.9, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - "script" - execute expressions using the JVM script execution engine (javax.script) - "dns" - resolve dns records - "url" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Text 1.10.0, which disables the problematic interpolators by default.
  remediation: Upgrade to Apache Commons Text component between 1.5.0 to 1.10.0.
  reference:
    - https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om
    - http://www.openwall.com/lists/oss-security/2022/10/13/4
    - http://www.openwall.com/lists/oss-security/2022/10/18/1
    - https://securitylab.github.com/advisories/GHSL-2022-018_Apache_Commons_Text/
    - https://github.com/silentsignal/burp-text4shell
  remediation: Upgrade to Apache Commons Text component between 1.5.0 to 1.10.0.
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2022-42889
    cwe-id: CWE-94
  metadata:
    max-request: 1
    confidence: tenative
  tags: cve,cve2022,rce,oast,text4shell,dast
--- a/dast/vulnerabilities/cmdi/blind-oast-polyglots.yaml
+++ b/dast/vulnerabilities/cmdi/blind-oast-polyglots.yaml
@ -5,11 +5,13 @@ info:
  author: pdteam,geeknik
  severity: high
  description: |
-      Potential blind OS command injection vulnerabilities, where the application constructs OS commands using unsanitized user input.
+    Potential blind OS command injection vulnerabilities, where the application constructs OS commands using unsanitized user input.
-      Successful exploitation could lead to arbitrary command execution on the system.
+    Successful exploitation could lead to arbitrary command execution on the system.
  reference:
    - https://portswigger.net/research/hunting-asynchronous-vulnerabilities
    - https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Command%20Injection/README.md
  metadata:
    max-request: 4
  tags: cmdi,oast,dast,blind,polyglot
 variables:
--- a/dast/vulnerabilities/cmdi/ruby-open-rce.yaml
+++ b/dast/vulnerabilities/cmdi/ruby-open-rce.yaml
@ -5,10 +5,12 @@ info:
  author: pdteam
  severity: high
  description: |
-   Ruby's Kernel#open and URI.open enables not only file access but also process invocation by prefixing a pipe symbol (e.g., open(“| ls”)). So, it may lead to Remote Code Execution by using variable input to the argument of Kernel#open and URI.open.
+    Ruby's Kernel#open and URI.open enables not only file access but also process invocation by prefixing a pipe symbol (e.g., open(“| ls”)). So, it may lead to Remote Code Execution by using variable input to the argument of Kernel#open and URI.open.
  reference:
    - https://bishopfox.com/blog/ruby-vulnerabilities-exploits
    - https://codeql.github.com/codeql-query-help/ruby/rb-kernel-open/
  metadata:
    max-request: 1
  tags: cmdi,oast,dast,blind,ruby,rce
 variables:
--- a/dast/vulnerabilities/crlf/cookie-injection.yaml
+++ b/dast/vulnerabilities/crlf/cookie-injection.yaml
@ -7,6 +7,8 @@ info:
  reference:
    - https://www.invicti.com/blog/web-security/understanding-cookie-poisoning-attacks/
    - https://docs.imperva.com/bundle/on-premises-knowledgebase-reference-guide/page/cookie_injection.htm
  metadata:
    max-request: 1
  tags: reflected,dast,cookie,injection
 variables:
--- a/dast/vulnerabilities/crlf/crlf-injection.yaml
+++ b/dast/vulnerabilities/crlf/crlf-injection.yaml
@ -4,6 +4,8 @@ info:
  name: CRLF Injection
  author: pdteam
  severity: low
  metadata:
    max-request: 41
  tags: crlf,dast
 http:
--- a/dast/vulnerabilities/lfi/lfi-keyed.yaml
+++ b/dast/vulnerabilities/lfi/lfi-keyed.yaml
@ -6,6 +6,8 @@ info:
  severity: unknown
  reference:
    - https://owasp.org/www-community/attacks/Unicode_Encoding
  metadata:
    max-request: 25
  tags: dast,pathtraversal,lfi
 variables:
--- a/dast/vulnerabilities/lfi/linux-lfi-fuzz.yaml
+++ b/dast/vulnerabilities/lfi/linux-lfi-fuzz.yaml
@ -7,6 +7,8 @@ info:
  reference:
    - https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Directory%20Traversal/Intruder/directory_traversal.txt
    - https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/File%20Inclusion
  metadata:
    max-request: 46
  tags: lfi,dast,linux
 http:
--- a/dast/vulnerabilities/lfi/windows-lfi-fuzz.yaml
+++ b/dast/vulnerabilities/lfi/windows-lfi-fuzz.yaml
@ -4,6 +4,8 @@ info:
  name: Local File Inclusion - Windows
  author: pussycat0x
  severity: high
  metadata:
    max-request: 39
  tags: lfi,windows,dast
 http:
--- a/dast/vulnerabilities/redirect/open-redirect.yaml
+++ b/dast/vulnerabilities/redirect/open-redirect.yaml
@ -4,6 +4,8 @@ info:
  name: Open Redirect Detection
  author: princechaddha,AmirHossein Raeisi
  severity: medium
  metadata:
    max-request: 1
  tags: redirect,dast
 http:
--- a/dast/vulnerabilities/rfi/generic-rfi.yaml
+++ b/dast/vulnerabilities/rfi/generic-rfi.yaml
@ -6,6 +6,8 @@ info:
  severity: high
  reference:
    - https://www.invicti.com/learn/remote-file-inclusion-rfi/
  metadata:
    max-request: 1
  tags: rfi,dast,oast
 http:
--- a/dast/vulnerabilities/sqli/sqli-error-based.yaml
+++ b/dast/vulnerabilities/sqli/sqli-error-based.yaml
@ -8,6 +8,8 @@ info:
    Direct SQL Command Injection is a technique where an attacker creates or alters existing SQL commands to expose hidden data,
    or to override valuable ones, or even to execute dangerous system level commands on the database host.
    This is accomplished by the application taking user input and combining it with static parameters to build an SQL query .
  metadata:
    max-request: 3
  tags: sqli,error,dast
 http:
--- a/dast/vulnerabilities/ssrf/blind-ssrf.yaml
+++ b/dast/vulnerabilities/ssrf/blind-ssrf.yaml
@ -4,6 +4,8 @@ info:
  name: Blind SSRF OAST Detection
  author: pdteam
  severity: medium
  metadata:
    max-request: 3
  tags: ssrf,dast,oast
 http:
--- a/dast/vulnerabilities/ssrf/response-ssrf.yaml
+++ b/dast/vulnerabilities/ssrf/response-ssrf.yaml
@ -6,6 +6,8 @@ info:
  severity: high
  reference:
    - https://github.com/bugcrowd/HUNT/blob/master/ZAP/scripts/passive/SSRF.py
  metadata:
    max-request: 12
  tags: ssrf,dast
 http:
--- a/dast/vulnerabilities/ssti/reflection-ssti.yaml
+++ b/dast/vulnerabilities/ssti/reflection-ssti.yaml
@ -7,6 +7,8 @@ info:
  reference:
    - https://github.com/zaproxy/zap-extensions/blob/2d9898900abe85a47b9fe0ceb85ec39070816b98/addOns/ascanrulesAlpha/src/main/java/org/zaproxy/zap/extension/ascanrulesAlpha/SstiScanRule.java
    - https://github.com/DiogoMRSilva/websitesVulnerableToSSTI#list-of-seversneeds-update
  metadata:
    max-request: 14
  tags: ssti,dast
 variables:
--- a/dast/vulnerabilities/xss/reflected-xss.yaml
+++ b/dast/vulnerabilities/xss/reflected-xss.yaml
@ -4,6 +4,8 @@ info:
  name: Reflected Cross Site Scripting
  author: pdteam
  severity: medium
  metadata:
    max-request: 1
  tags: xss,rxss,dast
 variables:
--- a/dast/vulnerabilities/xxe/generic-xxe.yaml
+++ b/dast/vulnerabilities/xxe/generic-xxe.yaml
@ -6,6 +6,8 @@ info:
  severity: medium
  reference:
    - https://github.com/andresriancho/w3af/blob/master/w3af/plugins/audit/xxe.py
  metadata:
    max-request: 2
  tags: dast,xxe
 variables:
--- a/dns/bimi-detect.yaml
+++ b/dns/bimi-detect.yaml
@ -1,15 +1,16 @@
 id: bimi-record-detect
-info:
+info:
-  name: BIMI Record - Detection
+  name: BIMI Record - Detection
-  author: rxerium
+  author: rxerium
-  severity: info
+  severity: info
-  description: |
+  description: |
-    A BIMI record was detected
+    A BIMI record was detected
-  reference:
+  reference:
-    - https://postmarkapp.com/blog/what-the-heck-is-bimi
+    - https://postmarkapp.com/blog/what-the-heck-is-bimi
-  tags: dns,bimi
+  metadata:
-
+    max-request: 1
  tags: dns,bimi
 dns:
  - name: "{{FQDN}}"
    type: TXT
--- a/file/keys/credential-exposure-file.yaml
+++ b/file/keys/credential-exposure-file.yaml
@ -5,7 +5,7 @@ info:
  author: Sy3Omda,geeknik,forgedhallpass,ayadi
  severity: unknown
  description: Check for multiple keys/tokens/passwords hidden inside of files.
-  tags: exposure,token,file,disclosure
+  tags: exposure,token,file,disclosure,keys
 # Extract secrets regex like api keys, password, token, etc ... for different services.
 # Always validate the leaked key/tokens/passwords to make sure it's valid, a token/keys without any impact is not an valid issue.
 # Severity is not fixed in this case, it varies from none to critical depending upon impact of disclosed key/tokes.
--- a/headless/cves/2018/CVE-2018-25031.yaml
+++ b/headless/cves/2018/CVE-2018-25031.yaml
@ -27,7 +27,10 @@ info:
    max-request: 1
    vendor: smartbear
    product: swagger_ui
-    shodan-query: http.component:"Swagger"
+    shodan-query:
      - http.component:"Swagger"
      - http.component:"swagger"
      - http.favicon.hash:"-1180440057"
    fofa-query: icon_hash="-1180440057"
  tags: headless,cve,cve2018,swagger,xss,smartbear
 headless:
--- a/headless/webpack-sourcemap.yaml
+++ b/headless/webpack-sourcemap.yaml
@ -13,8 +13,9 @@ info:
  reference:
    - https://pulsesecurity.co.nz/articles/javascript-from-sourcemaps
    - https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/01-Information_Gathering/05-Review_Web_Page_Content_for_Information_Leakage
-  tags: javascript,webpack,sourcemaps
+  metadata:
-
+    max-request: 9
  tags: javascript,webpack,sourcemaps,headless
 headless:
  - steps:
      - args:
--- a/http/cnvd/2017/CNVD-2017-06001.yaml
+++ b/http/cnvd/2017/CNVD-2017-06001.yaml
@ -2,16 +2,15 @@ id: CNVD-2017-06001
 info:
  name: Dahua DSS - SQL Injection
  severity: high
  author: napgh0st,ritikchaddha
  severity: high
  reference:
    - https://www.cnvd.org.cn/flaw/show/CNVD-2017-06001
  metadata:
    max-request: 1
    verified: true
-    fofa-query: app="dahua-DSS"
+    max-request: 2
    fofa-query: "app=\"dahua-DSS\""
  tags: cnvd,cnvd2017,sqli,dahua
 variables:
  num: "999999999"
--- a/http/cnvd/2019/CNVD-2019-06255.yaml
+++ b/http/cnvd/2019/CNVD-2019-06255.yaml
@ -15,9 +15,8 @@ info:
    cvss-score: 10
    cwe-id: CWE-77
  metadata:
-    max-request: 1
+    max-request: 2
  tags: cnvd,cnvd2019,rce,catfishcms
 flow: http(1) && http(2)
 http:
--- a/http/cves/2001/CVE-2001-0537.yaml
+++ b/http/cves/2001/CVE-2001-0537.yaml
@ -29,7 +29,10 @@ info:
    max-request: 1
    vendor: cisco
    product: ios
-    shodan-query: product:"Cisco IOS http config" && 200
+    shodan-query:
      - product:"Cisco IOS http config" && 200
      - product:"cisco ios http config"
      - cpe:"cpe:2.3:o:cisco:ios"
  tags: cve,cve2001,cisco,ios,auth-bypass
 http:
--- a/http/cves/2002/CVE-2002-1131.yaml
+++ b/http/cves/2002/CVE-2002-1131.yaml
@ -20,14 +20,16 @@ info:
    cvss-score: 7.5
    cve-id: CVE-2002-1131
    cwe-id: CWE-80
-    epss-score: 0.06018
+    epss-score: 0.04774
-    epss-percentile: 0.92781
+    epss-percentile: 0.92677
    cpe: cpe:2.3:a:squirrelmail:squirrelmail:*:*:*:*:*:*:*:*
  metadata:
    max-request: 5
    vendor: squirrelmail
    product: squirrelmail
-    shodan-query: http.title:"squirrelmail"
+    shodan-query:
      - http.title:"squirrelmail"
      - cpe:"cpe:2.3:a:squirrelmail:squirrelmail"
    fofa-query: title="squirrelmail"
    google-query: intitle:"squirrelmail"
  tags: cve,cve2002,edb,xss,squirrelmail
--- a/http/cves/2005/CVE-2005-2428.yaml
+++ b/http/cves/2005/CVE-2005-2428.yaml
@ -20,7 +20,7 @@ info:
    cve-id: CVE-2005-2428
    cwe-id: CWE-200
    epss-score: 0.01188
-    epss-percentile: 0.83623
+    epss-percentile: 0.85053
    cpe: cpe:2.3:a:ibm:lotus_domino:5.0:*:*:*:*:*:*:*
  metadata:
    max-request: 1
--- a/http/cves/2005/CVE-2005-3634.yaml
+++ b/http/cves/2005/CVE-2005-3634.yaml
@ -29,7 +29,9 @@ info:
    max-request: 1
    vendor: sap
    product: sap_web_application_server
-    shodan-query: html:"SAP Business Server Pages Team"
+    shodan-query:
      - html:"SAP Business Server Pages Team"
      - http.html:"sap business server pages team"
    fofa-query: body="sap business server pages team"
  tags: cve,cve2005,sap,redirect,business,xss
--- a/http/cves/2006/CVE-2006-2842.yaml
+++ b/http/cves/2006/CVE-2006-2842.yaml
@ -27,7 +27,9 @@ info:
    max-request: 1
    vendor: squirrelmail
    product: squirrelmail
-    shodan-query: http.title:"squirrelmail"
+    shodan-query:
      - http.title:"squirrelmail"
      - cpe:"cpe:2.3:a:squirrelmail:squirrelmail"
    fofa-query: title="squirrelmail"
    google-query: intitle:"squirrelmail"
  tags: cve,cve2006,lfi,squirrelmail,edb
--- a/http/cves/2007/CVE-2007-3010.yaml
+++ b/http/cves/2007/CVE-2007-3010.yaml
@ -29,10 +29,15 @@ info:
    max-request: 1
    vendor: alcatel-lucent
    product: omnipcx
-    shodan-query: title:"OmniPCX for Enterprise"
+    shodan-query:
-    fofa-query: app="Alcatel_Lucent-OmniPCX-Enterprise"
+      - title:"OmniPCX for Enterprise"
      - http.title:"omnipcx for enterprise"
    fofa-query:
      - app="Alcatel_Lucent-OmniPCX-Enterprise"
      - app="alcatel_lucent-omnipcx-enterprise"
      - title="omnipcx for enterprise"
    google-query: intitle:"omnipcx for enterprise"
-  tags: cve,cve2007,kev,rce,alcatel
+  tags: cve,cve2007,kev,rce,alcatel,alcatel-lucent
 http:
  - method: GET
--- a/Show More
+++ b/Show More