Commit Graph

567 Commits (0e9455701775cc8767b630399c484cdb232d5f4b)

Author SHA1 Message Date
sandeep 0425b36e10 moving templates around 2021-11-28 03:39:10 +05:30
sandeep 6220525d3e Added Golang expvar Information Disclosure
Co-Authored-By: Luqman <9842995+luqmanhy@users.noreply.github.com>
2021-11-13 02:03:22 +05:30
sandeep 8c3f98c767 fixed invalid template syntax 2021-10-30 16:47:35 +05:30
Prince Chaddha 8e730ca455
Create dwsync-exposure.yaml 2021-10-27 00:25:22 +05:30
Prince Chaddha 9e16035488
Merge pull request #2939 from martincodes-de/template/sensitive-idea-folder-files
add  template for  .idea files with sensitive data
2021-10-25 15:16:17 +05:30
Prince Chaddha 918c437dee
Update idea-folder-exposure.yaml 2021-10-24 14:32:00 +05:30
Prince Chaddha bc7d6e10be
Create idea-logs-exposure.yaml 2021-10-24 14:25:40 +05:30
Prince Chaddha 62643edb22
Update idea-folder-exposure.yaml 2021-10-24 14:23:37 +05:30
Prince Chaddha fc39fdd2f7
Update idea-folder-exposure.yaml 2021-10-21 19:29:49 +05:30
Prince Chaddha 709f6edbf7
Merge pull request #2948 from dahse89/add-config-symfony-security-config
Add Symfony Security Config Expose Template
2021-10-21 19:21:16 +05:30
Prince Chaddha 197c550fce
Update symfony-security-config.yaml 2021-10-21 19:19:21 +05:30
Prince Chaddha 9f197e6bf2
Merge pull request #2947 from sbani/php-errors
Merge PHP Errors Templates
2021-10-21 16:28:51 +05:30
Prince Chaddha 09d143b885
Update and rename .idea-folder-with-sensitive-files.yaml to idea-folder-exposure.yaml 2021-10-21 16:10:24 +05:30
Sufijen Bani ac9f713d97 Merge PHP Errors Templates
There was an extra error template for PHP warnings although there was
another template holding that already.

The status code check (500) is a step that would make sense for all of
the checks. This is not limited to warnings. Though I think that error
code 500 shrinks the result set too much in this case. That's why I
would leave it out.
2021-10-21 10:46:04 +02:00
Prince Chaddha a1be6ff566
Merge pull request #2945 from sbani/logs-folder
Add Deeper Search for Access Logs
2021-10-21 14:13:54 +05:30
Philipp Dahse fe4e6b8246 Add Symfony Security Config Expose Template
Symfony security contain information about used encryption algorithms and list which routes are protected
2021-10-21 10:33:56 +02:00
Sufijen Bani 378a682a5e Enhance Text Matching in Error Logs
Some words are missing that normally indicate that this is an error log.
2021-10-21 09:52:09 +02:00
Sufijen Bani 6d28009f5e Add Deeper Search for Access Logs
Search access logs in more folders. This happens for error logs too.
2021-10-21 09:42:50 +02:00
Sandeep Singh 5d6be591a0
Merge pull request #2934 from sbani/guntfile
Add Gruntfile Expose Test
2021-10-21 04:22:49 +05:30
sandeep cda7245de9 misc update 2021-10-21 04:21:52 +05:30
Sandeep Singh 00b0b7ecd0
Merge pull request #2936 from FlorianMaak/master
Add jetbrains datasource exposure check
2021-10-21 04:13:38 +05:30
Sandeep Singh 06b38542ff
Update jetbrains-datasources.yaml 2021-10-21 04:11:30 +05:30
martincodes 5f7519a89a add template for .idea files with sensitive data 2021-10-20 22:13:41 +02:00
Geeknik Labs ccc026ac70
Update github-workflows-disclosure.yaml
Might expose a SNYK_TOKEN
2021-10-20 13:44:17 -05:00
Florian Maak ecdb28d826 Add jetbrains datasource exposure check 2021-10-20 19:14:25 +02:00
Sufijen Bani 9ded2fcccf Add Gruntfile Expose Test
Gruntfile can include secrets or other information that helps find
further vulnerabilities.
2021-10-20 19:05:54 +02:00
Prince Chaddha 0152a2c355
Merge pull request #2917 from geeknik/patch-36
Create prometheus-config-endpoint.yaml
2021-10-19 22:28:09 +05:30
Prince Chaddha e2a074730e
Merge pull request #2919 from geeknik/patch-37
Create prometheus-flags-endpoint.yaml
2021-10-19 22:27:39 +05:30
Prince Chaddha c0857e0ab6
Merge pull request #2920 from geeknik/patch-38
Create prometheus-targets-endpoint.yaml
2021-10-19 22:27:23 +05:30
Prince Chaddha 8a69822285
Update prometheus-config-endpoint.yaml 2021-10-19 22:26:52 +05:30
Prince Chaddha 1d70ac6ccb
Update prometheus-flags-endpoint.yaml 2021-10-19 22:26:31 +05:30
Prince Chaddha a25a9f3020
Update prometheus-targets-endpoint.yaml 2021-10-19 22:25:44 +05:30
Prince Chaddha 6d13118df6
Update prometheus-targets-endpoint.yaml 2021-10-19 20:35:34 +05:30
Prince Chaddha 2893847959
Update prometheus-flags-endpoint.yaml 2021-10-19 20:34:13 +05:30
Prince Chaddha 8d36ebe1d6
Update prometheus-config-endpoint.yaml 2021-10-19 20:32:48 +05:30
Prince Chaddha 10c2314367
Update prometheus-flags-endpoint.yaml 2021-10-19 20:32:37 +05:30
Prince Chaddha 7016e71473
Update prometheus-config-endpoint.yaml 2021-10-19 20:27:46 +05:30
Philippe Delteil 667ee78cb5
Update sensitive-storage-exposure.yaml 2021-10-18 23:09:27 -03:00
Geeknik Labs c9f2ef68ed
Update prometheus-config-endpoint.yaml 2021-10-18 17:28:10 -05:00
Geeknik Labs eac799774d
Update prometheus-flags-endpoint.yaml 2021-10-18 14:36:49 -05:00
Geeknik Labs 86a8332187
Update prometheus-flags-endpoint.yaml
adding regex extractor to alert if `optional` Prometheus management API is enabled as per the linked reference article. 👍🏻
2021-10-18 13:51:11 -05:00
Geeknik Labs 72805491d0
Create prometheus-targets-endpoint.yaml 2021-10-18 13:44:55 -05:00
Geeknik Labs 0f20469e96
Update prometheus-flags-endpoint.yaml 2021-10-18 13:43:36 -05:00
Geeknik Labs a8a063d14c
Create prometheus-flags-endpoint.yaml 2021-10-18 13:36:27 -05:00
Geeknik Labs c7efad4b58
Create prometheus-config-endpoint.yaml 2021-10-18 13:35:04 -05:00
opp? aec00d0d11
add more tags to keycloak json file template 2021-10-18 13:38:04 -03:00
sandeep 233ca1fef9 improved regex to handle more cases 2021-10-13 11:53:02 +05:30
Geeknik Labs a476fc9ca4
Update laravel-env.yaml
added case insensitivity to the regex matcher
2021-10-08 11:30:44 -05:00
Sandeep Singh 4d52f354ee
Merge pull request #2853 from pdelteil/patch-66
Update zend-config-file.yaml
2021-10-08 19:15:45 +05:30
sandeep 8960821db1 Update zend-config-file.yaml 2021-10-08 19:15:26 +05:30