0425b36e10
moving templates around
2021-11-28 03:39:10 +05:30
6220525d3e
Added Golang expvar Information Disclosure
...
Co-Authored-By: Luqman <9842995+luqmanhy@users.noreply.github.com>
2021-11-13 02:03:22 +05:30
8c3f98c767
fixed invalid template syntax
2021-10-30 16:47:35 +05:30
8e730ca455
Create dwsync-exposure.yaml
2021-10-27 00:25:22 +05:30
9e16035488
Merge pull request #2939 from martincodes-de/template/sensitive-idea-folder-files
...
add template for .idea files with sensitive data
2021-10-25 15:16:17 +05:30
918c437dee
Update idea-folder-exposure.yaml
2021-10-24 14:32:00 +05:30
bc7d6e10be
Create idea-logs-exposure.yaml
2021-10-24 14:25:40 +05:30
62643edb22
Update idea-folder-exposure.yaml
2021-10-24 14:23:37 +05:30
fc39fdd2f7
Update idea-folder-exposure.yaml
2021-10-21 19:29:49 +05:30
709f6edbf7
Merge pull request #2948 from dahse89/add-config-symfony-security-config
...
Add Symfony Security Config Expose Template
2021-10-21 19:21:16 +05:30
197c550fce
Update symfony-security-config.yaml
2021-10-21 19:19:21 +05:30
9f197e6bf2
Merge pull request #2947 from sbani/php-errors
...
Merge PHP Errors Templates
2021-10-21 16:28:51 +05:30
09d143b885
Update and rename .idea-folder-with-sensitive-files.yaml to idea-folder-exposure.yaml
2021-10-21 16:10:24 +05:30
ac9f713d97
Merge PHP Errors Templates
...
There was an extra error template for PHP warnings although there was
another template holding that already.
The status code check (500) is a step that would make sense for all of
the checks. This is not limited to warnings. Though I think that error
code 500 shrinks the result set too much in this case. That's why I
would leave it out.
2021-10-21 10:46:04 +02:00
a1be6ff566
Merge pull request #2945 from sbani/logs-folder
...
Add Deeper Search for Access Logs
2021-10-21 14:13:54 +05:30
fe4e6b8246
Add Symfony Security Config Expose Template
...
Symfony security contain information about used encryption algorithms and list which routes are protected
2021-10-21 10:33:56 +02:00
378a682a5e
Enhance Text Matching in Error Logs
...
Some words are missing that normally indicate that this is an error log.
2021-10-21 09:52:09 +02:00
6d28009f5e
Add Deeper Search for Access Logs
...
Search access logs in more folders. This happens for error logs too.
2021-10-21 09:42:50 +02:00
5d6be591a0
Merge pull request #2934 from sbani/guntfile
...
Add Gruntfile Expose Test
2021-10-21 04:22:49 +05:30
cda7245de9
misc update
2021-10-21 04:21:52 +05:30
00b0b7ecd0
Merge pull request #2936 from FlorianMaak/master
...
Add jetbrains datasource exposure check
2021-10-21 04:13:38 +05:30
06b38542ff
Update jetbrains-datasources.yaml
2021-10-21 04:11:30 +05:30
5f7519a89a
add template for .idea files with sensitive data
2021-10-20 22:13:41 +02:00
ccc026ac70
Update github-workflows-disclosure.yaml
...
Might expose a SNYK_TOKEN
2021-10-20 13:44:17 -05:00
ecdb28d826
Add jetbrains datasource exposure check
2021-10-20 19:14:25 +02:00
9ded2fcccf
Add Gruntfile Expose Test
...
Gruntfile can include secrets or other information that helps find
further vulnerabilities.
2021-10-20 19:05:54 +02:00
0152a2c355
Merge pull request #2917 from geeknik/patch-36
...
Create prometheus-config-endpoint.yaml
2021-10-19 22:28:09 +05:30
e2a074730e
Merge pull request #2919 from geeknik/patch-37
...
Create prometheus-flags-endpoint.yaml
2021-10-19 22:27:39 +05:30
c0857e0ab6
Merge pull request #2920 from geeknik/patch-38
...
Create prometheus-targets-endpoint.yaml
2021-10-19 22:27:23 +05:30
8a69822285
Update prometheus-config-endpoint.yaml
2021-10-19 22:26:52 +05:30
1d70ac6ccb
Update prometheus-flags-endpoint.yaml
2021-10-19 22:26:31 +05:30
a25a9f3020
Update prometheus-targets-endpoint.yaml
2021-10-19 22:25:44 +05:30
6d13118df6
Update prometheus-targets-endpoint.yaml
2021-10-19 20:35:34 +05:30
2893847959
Update prometheus-flags-endpoint.yaml
2021-10-19 20:34:13 +05:30
8d36ebe1d6
Update prometheus-config-endpoint.yaml
2021-10-19 20:32:48 +05:30
10c2314367
Update prometheus-flags-endpoint.yaml
2021-10-19 20:32:37 +05:30
7016e71473
Update prometheus-config-endpoint.yaml
2021-10-19 20:27:46 +05:30
667ee78cb5
Update sensitive-storage-exposure.yaml
2021-10-18 23:09:27 -03:00
c9f2ef68ed
Update prometheus-config-endpoint.yaml
2021-10-18 17:28:10 -05:00
eac799774d
Update prometheus-flags-endpoint.yaml
2021-10-18 14:36:49 -05:00
86a8332187
Update prometheus-flags-endpoint.yaml
...
adding regex extractor to alert if `optional` Prometheus management API is enabled as per the linked reference article. 👍🏻
2021-10-18 13:51:11 -05:00
72805491d0
Create prometheus-targets-endpoint.yaml
2021-10-18 13:44:55 -05:00
0f20469e96
Update prometheus-flags-endpoint.yaml
2021-10-18 13:43:36 -05:00
a8a063d14c
Create prometheus-flags-endpoint.yaml
2021-10-18 13:36:27 -05:00
c7efad4b58
Create prometheus-config-endpoint.yaml
2021-10-18 13:35:04 -05:00
aec00d0d11
add more tags to keycloak json file template
2021-10-18 13:38:04 -03:00
233ca1fef9
improved regex to handle more cases
2021-10-13 11:53:02 +05:30
a476fc9ca4
Update laravel-env.yaml
...
added case insensitivity to the regex matcher
2021-10-08 11:30:44 -05:00
4d52f354ee
Merge pull request #2853 from pdelteil/patch-66
...
Update zend-config-file.yaml
2021-10-08 19:15:45 +05:30
8960821db1
Update zend-config-file.yaml
2021-10-08 19:15:26 +05:30
976f695929
Update zend-config-file.yaml
2021-10-08 03:53:52 -03:00
589a1c16ee
Update github-workflows-disclosure.yaml
2021-10-07 16:51:45 -05:00
793f3474b0
Update github-workflows-disclosure.yaml
...
Add new paths
2021-10-07 16:50:57 -05:00
5b5e764b48
Merge pull request #2787 from mr-rizwan-syed/master
...
wp-config-file and aws-s3-access-key-leak
2021-10-05 18:25:04 +05:30
5c4dd11b6b
Rename misconfiguration/wpconfig-aws-keys.yaml to exposures/configs/wpconfig-aws-keys.yaml
2021-10-05 18:20:43 +05:30
56c8c36ef2
Merge pull request #2802 from geeknik/patch-32
...
Create axiom-digitalocean-key-exposure.yaml
2021-10-05 09:34:53 +05:30
74f0620a9f
Update axiom-digitalocean-key-exposure.yaml
2021-10-04 22:09:12 +05:30
5618fcaa7e
Update axiom-digitalocean-key-exposure.yaml
2021-10-02 04:41:32 +05:30
e08ccf85db
adding missing condition
2021-10-02 04:37:10 +05:30
2327224260
Update axiom-digitalocean-key-exposure.yaml
2021-10-01 13:22:35 -05:00
bdbf73cd34
Update tugboat-config-exposure.yaml
2021-10-01 13:21:58 -05:00
ec88d62ad4
Create axiom-digitalocean-key-exposure.yaml
...
create axiom-digitalocean-key-exposure.yaml
2021-10-01 13:20:23 -05:00
c05df76ed2
Create tugboat-config-exposure.yaml
...
Create tugboat-config-exposure.yaml
2021-10-01 13:13:35 -05:00
807920c0ac
clean-up
2021-09-21 17:16:53 +05:30
cf0edc490a
Rename crossdomin-xml.yaml to crossdomain-xml.yaml
2021-09-20 23:28:06 +05:30
8eea40d15c
Update php-warning.yaml
...
Additional status matcher
2021-09-17 13:07:59 -05:00
2cce7831a6
Update php-warning.yaml
...
Fixes #2705
2021-09-17 13:04:07 -05:00
ab4e6a4dd6
Merge pull request #2696 from DhiyaneshGeek/master
...
New Templates Added
2021-09-17 16:29:58 +05:30
5858e3a01c
Update and rename exposures/logs/database-error.yaml to misconfiguration/database-error.yaml
2021-09-17 13:33:54 +05:30
156daddde0
Update phpinfo.yaml
2021-09-17 13:20:06 +05:30
0b7c12951c
Update php-warning.yaml
2021-09-17 13:13:40 +05:30
52162716e5
Update and rename exposures/logs/zabbix-error.yaml to misconfiguration/zabbix-error.yaml
2021-09-17 13:00:35 +05:30
a3ce6426f6
Update database-error.yaml
2021-09-17 12:46:35 +05:30
24b40f5f5d
Update phpinfo.yaml
2021-09-17 08:19:28 +05:30
8554474fd2
Create database-error.yaml
2021-09-17 08:14:18 +05:30
4959b99a7d
Create zabbix-error.yaml
2021-09-17 08:11:38 +05:30
320c973288
Create php-warning.yaml
2021-09-17 08:07:18 +05:30
f47c4da9e8
Merge pull request #2694 from geeknik/geeknik-patch-1
...
MIscellaneous updates
2021-09-17 02:22:26 +05:30
f0cac598cb
misc update
2021-09-17 02:18:04 +05:30
56590675cf
Update squid-analysis-report-generator.yaml
2021-09-16 15:16:26 -05:00
95664dfc18
Update credentials-disclosure.yaml
2021-09-16 15:13:12 -05:00
42e644b7fd
Update bower-json.yaml
2021-09-16 15:11:24 -05:00
cb80cbb537
Create dsm-terminator-error.yaml
2021-09-14 22:46:01 +05:30
c225428932
Create struts-problem-report.yaml
2021-09-14 22:30:18 +05:30
be24688a48
Create error-processing.yaml
2021-09-14 21:49:36 +05:30
bd24dc198e
Coverage for all templates using tags
2021-09-09 19:08:13 +05:30
609705f676
removed extra headers not required for template
2021-09-08 17:47:19 +05:30
ef1f7c5e92
Updates across many templates for clarity, spelling, and grammar.
2021-09-05 17:13:45 -04:00
cdd022c29d
Merge pull request #2550 from projectdiscovery/adding-sfm
...
Added stop-at-first-match in applicable templates
2021-09-02 23:09:21 +05:30
8b37808730
misc update
2021-09-02 22:57:55 +05:30
5414f9a618
Update general-tokens.yaml
2021-09-02 10:36:46 -05:00
c266084621
Added stop-at-first-match in applicable templates
2021-09-02 17:29:10 +05:30
0d1d2b3b1b
Merge pull request #2512 from DhiyaneshGeek/master
...
Webpack Sourcemap Disclosure
2021-09-02 00:34:56 +05:30
aeac5bbec3
misc update
2021-08-31 01:03:44 +05:30
7608386bb3
Update dbeaver-credentials.yaml
2021-08-30 15:24:34 +05:30
7a9093c8a7
Update dbeaver-credentials.yaml
...
Change solve the false positives due to {} (empty response)
Example
nuclei -t nuclei-templates/exposures/configs/dbeaver-credentials.yaml -u https://lbs.map.qq.com
2021-08-30 02:55:35 -04:00
8c1de71ec9
wip - update
2021-08-29 18:50:29 +05:30
6bade73727
Create webpack-sourcemap-disclosure.yaml
2021-08-29 17:13:44 +05:30
a4250b8f2f
Merge remote-tracking branch 'origin' into dynamic_attributes
2021-08-26 15:04:14 +03:00
39ce8ee5b2
misc updates
2021-08-26 15:03:35 +05:30
sandeep
Prince Chaddha
Sufijen Bani
Philipp Dahse
martincodes
Geeknik Labs
Florian Maak
Prince Chaddha
Philippe Delteil
opp?
Dhiyaneshwaran
sullo
forgedhallpass