Commit Graph

632 Commits (0fef4420eb76d5a34678d5ea6a941ce5030ce52f)

Author SHA1 Message Date
Prince Chaddha d7f2c8eb4a
Merge pull request #3104 from projectdiscovery/desktop-ini-exposure
Create desktop-ini-exposure.yaml
2022-05-01 02:43:02 +05:30
Prince Chaddha 8e2cd44448
Update desktop-ini-exposure.yaml 2022-05-01 02:34:12 +05:30
sandeep 03a8c16f71 tags update 2022-04-27 03:06:21 +05:30
Sandeep Singh 4080b51a48
Added Microsoft Azure - Domain Tenant ID exposure (#4145)
Co-Authored-By: V0idC0de <26016825+V0idC0de@users.noreply.github.com>

Co-authored-by: V0idC0de <26016825+V0idC0de@users.noreply.github.com>
2022-04-25 16:45:46 +05:30
Wim Mostmans 68bff41e27
Add detection template for webpack config files (#4218)
* Add detection template for webpack config files

* minor matcher update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-04-24 16:02:27 +05:30
Wim Mostmans cc3459a405
Add exposure detection for README.md files (#4220)
* Add exposure detection for README.md files

* misc updates

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-04-24 15:52:43 +05:30
geeknik 8af59950ae
Update general-tokens.yaml
add more cases
2022-04-22 13:05:48 -05:00
geeknik 095d66ce92
Update general-tokens.yaml 2022-04-22 12:48:33 -05:00
geeknik 57f06adffb
Update general-tokens.yaml
You can use `https://d1qmdf3vop2l07.cloudfront.net/zealous-moose.cloudvent.net/hash-store/e4de1149884ad087f92efb7819427956.js` as a before and after test to validate this change. 👍🏻
2022-04-22 12:43:22 -05:00
forgedhallpass 209538baa6 refactor: Description field uniformization
* info field reorder
* reference values refactored to list
* added new lines after the id and before the protocols
* removed extra new lines
* split really long descriptions to multiple lines (part 1)
* other minor fixes
2022-04-22 13:38:41 +03:00
MostInterestingBotInTheWorld 31312b1c19
Dashboard Content Enhancements (#4191)
Dashboard Content Enhancements
2022-04-21 17:16:41 -04:00
sandeep 338d4622bf parts update to use response instead of all 2022-04-20 20:08:07 +05:30
d[-_-]b d342a82225
Update zip-backup-files.yaml (#4158)
path with subdomain
2022-04-16 13:58:41 +05:30
MostInterestingBotInTheWorld 5730781afa
Dashboard Content Enhancements (#4157)
* Enhancement: exposures/files/joomla-file-listing.yaml by cs

* Enhancement: cves/2019/CVE-2019-5418.yaml by mp

* Enhancement: cves/2016/CVE-2016-10940.yaml by mp

* Enhancement: cves/2015/CVE-2015-4694.yaml by mp

* Enhancement: cves/2016/CVE-2016-10960.yaml by mp

* Enhancement: cves/2021/CVE-2021-20091.yaml by mp

* Enhancement: cves/2021/CVE-2021-20092.yaml by mp

* Enhancement: vulnerabilities/other/solar-log-authbypass.yaml by mp

* Enhancement: vulnerabilities/wordpress/churchope-lfi.yaml by mp

* Enhancement: vulnerabilities/other/solar-log-authbypass.yaml by mp

* Enhancement: cves/2017/CVE-2017-10075.yaml by mp

* Enhancement: cves/2021/CVE-2021-27358.yaml by mp

* Enhancement: cves/2017/CVE-2017-9833.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml by mp

* Enhancement: vulnerabilities/wordpress/wp-spot-premium-lfi.yaml by mp

* Enhancement: misconfiguration/symfony-debugmode.yaml by mp

* Enhancement: cves/2016/CVE-2016-10940.yaml by mp

* Enhancement: cves/2015/CVE-2015-4694.yaml by mp

* Enhancement: cves/2016/CVE-2016-10960.yaml by mp

* Enhancement: cves/2015/CVE-2015-4694.yaml by mp

* Enhancement: vulnerabilities/wordpress/churchope-lfi.yaml by mp

* Enhancement: cves/2017/CVE-2017-10075.yaml by mp

* Enhancement: cves/2021/CVE-2021-27358.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml by mp

* Enhancement: vulnerabilities/wordpress/wp-spot-premium-lfi.yaml by mp

* Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp

* Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp

* Enhancement: vulnerabilities/wordpress/pieregister-open-redirect.yaml by mp

* Enhancement: cves/2021/CVE-2021-25055.yaml by mp

* Enhancement: cves/2021/CVE-2021-25028.yaml by mp

* Enhancement: vulnerabilities/wordpress/noptin-open-redirect.yaml by mp

* Enhancement: vulnerabilities/wordpress/elex-woocommerce-xss.yaml by mp

* Enhancement: vulnerabilities/wordpress/my-chatbot-xss.yaml by mp

* Enhancement: vulnerabilities/wordpress/wp-adaptive-xss.yaml by mp

* Enhancement: cves/2021/CVE-2021-24947.yaml by mp

* Enhancement: cves/2021/CVE-2021-24406.yaml by mp

* Enhancement: vulnerabilities/wordpress/elementorpage-open-redirect.yaml by mp

* Enhancement: cves/2016/CVE-2016-10033.yaml by mp

* Enhancement: cves/2021/CVE-2021-31682.yaml by mp

* Enhancement: vulnerabilities/wordpress/wp-woocommerce-file-download.yaml by mp

* Enhancement: cves/2021/CVE-2021-22986.yaml by mp

* Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp

* Enhancement: vulnerabilities/wordpress/pieregister-open-redirect.yaml by mp

* Enhancement: cves/2021/CVE-2021-25055.yaml by mp

* Enhancement: cves/2021/CVE-2021-25028.yaml by mp

* Enhancement: vulnerabilities/wordpress/noptin-open-redirect.yaml by mp

* Enhancement: vulnerabilities/wordpress/elex-woocommerce-xss.yaml by mp

* Enhancement: cves/2021/CVE-2021-24947.yaml by mp

* Enhancement: cves/2021/CVE-2021-24406.yaml by mp

* Enhancement: cves/2021/CVE-2021-22986.yaml by mp

* Enhancement: cves/2016/CVE-2016-10033.yaml by mp

* Enhancement: vulnerabilities/wordpress/elementorpage-open-redirect.yaml by mp

* Enhancement: cves/2021/CVE-2021-24406.yaml by mp

* Relocating to CVE folder

* Enhancement: cves/2017/CVE-2017-14651.yaml by mp

* Enhancement: cves/2020/CVE-2020-24589.yaml by mp

* Enhancement: vulnerabilities/confluence/confluence-ssrf-sharelinks.yaml by mp

* Enhancement: cves/2019/CVE-2019-2729.yaml by mp

* Enhancement: cves/2018/CVE-2018-2893.yaml by mp

* Enhancement: cves/2018/CVE-2018-2628.yaml by mp

* Enhancement: cves/2018/CVE-2018-3238.yaml by mp

* Enhancement: cves/2018/CVE-2018-3238.yaml by mp

* Enhancement: cves/2017/CVE-2017-3528.yaml by mp

* Enhancement: cves/2019/CVE-2019-2588.yaml by mp

* Enhancement: cves/2021/CVE-2021-31755.yaml by mp

* Enhancement: cves/2021/CVE-2021-42071.yaml by mp

* Enhancement: misconfiguration/zabbix-dashboards-access.yaml by mp

* Enhancement: cves/2017/CVE-2017-14651.yaml by mp

* Enhancement: cves/2020/CVE-2020-24589.yaml by mp

* Enhancement: vulnerabilities/confluence/confluence-ssrf-sharelinks.yaml by mp

* Enhancement: cves/2019/CVE-2019-2729.yaml by mp

* Enhancement: cves/2018/CVE-2018-2893.yaml by mp

* Enhancement: cves/2018/CVE-2018-3238.yaml by mp

* Enhancement: cves/2017/CVE-2017-3528.yaml by mp

* Enhancement: cves/2021/CVE-2021-42071.yaml by mp

* Syntax corrections
Added some cve-id fields
Removed duplicate dashboard comments

* Tag typo

Co-authored-by: sullo <sullo@cirt.net>
2022-04-15 12:39:44 -04:00
MostInterestingBotInTheWorld 45174dee16
Dashboard Content Enhancements (#4111)
Dashboard Content Enhancements
2022-04-11 10:42:35 -04:00
MostInterestingBotInTheWorld 9663595dd1
Dashboard Text Enhancements (#3948)
Dashboard content enhancements
2022-03-21 23:48:47 -04:00
Prince Chaddha b4e2c148b2
Merge pull request #3939 from geeknik/patch-46
Update exposed-gitignore.yaml
2022-03-21 13:17:01 +05:30
Prince Chaddha 1d06349297
Merge pull request #3940 from geeknik/patch-47
Update wp-app-log.yaml
2022-03-21 13:16:01 +05:30
geeknik 2554d8ed56
Update javascript-env.yaml 2022-03-20 19:51:06 -05:00
geeknik 88996f5a7c
Update javascript-env.yaml
Fix FP
2022-03-20 17:06:28 -05:00
geeknik 6f2f25e9c9
Update wp-app-log.yaml
Fix FP
2022-03-20 15:53:45 -05:00
geeknik 70c7799043
Update exposed-gitignore.yaml
Fix FP
2022-03-20 15:46:47 -05:00
sandeep 0a0d7c6213 severity update for token templates 2022-03-14 18:51:04 +05:30
sandeep 4d1166dfc1 syntax update 2022-03-13 18:34:50 +05:30
Prince Chaddha 69b9ad8d2c
Update swagger-api.yaml 2022-03-11 18:07:33 +05:30
Prince Chaddha ff34cc3be7
Update dbeaver-credentials.yaml 2022-03-11 17:48:28 +05:30
Geeknik Labs 08a7572275
Update laravel-env.yaml 2022-03-10 04:19:55 -06:00
Geeknik Labs 6f628e360f
Update laravel-env.yaml 2022-03-10 03:55:06 -06:00
Prince Chaddha 3b9d2ce475
Merge pull request #3800 from geeknik/patch-44
Update general-tokens.yaml
2022-03-03 16:30:34 +05:30
Sandeep Singh 4f757d74c9
Update prometheus-metrics.yaml 2022-03-02 22:38:05 +05:30
Philippe Delteil 929fe3f70c
Update and rename golang-metrics.yaml to prometheus-metrics.yaml
1. This is not a golang specific metric/config. It's an open source tool that runs on Go.
2. Added more variables since cpu_seconds_total might be disabled. 
3. Added a link to the tool. 
4. Change the id to be the same as the filename.
2022-03-02 11:59:13 -05:00
sullo 93e9c04f38 Merge branch 'dashboard' of https://github.com/MostInterestingBotInTheWorld/nuclei-templates into dashboard 2022-02-28 17:31:38 -05:00
Geeknik Labs f79df504ac
Update general-tokens.yaml
Fix FP
2022-02-28 11:46:34 -06:00
MostInterestingBotInTheWorld efc0fa1cca Enhancement: exposures/tokens/digitalocean/axiom-digitalocean-key-exposure.yaml by cs 2022-02-28 10:32:15 -05:00
MostInterestingBotInTheWorld f18404302a
Dashboard Text Enhancement (#3798)
Dashboard text enhancements
2022-02-28 09:09:26 -05:00
Sandeep Singh 2b1d4b3202
backup file template update (#3760)
* Updated backup template

Co-Authored-By: r0fus0d <r0fus0d@ffffffff0x.com>

* Update zip-backup-files.yaml

Co-authored-by: r0fus0d <r0fus0d@ffffffff0x.com>
2022-02-24 20:03:38 +05:30
Prince Chaddha f8a52f9be2
Update nuuno-network-login.yaml (#3701)
* Update nuuno-network-login.yaml

* Update panasonic-network-management.yaml

* Update cisco-network-config.yaml

* Update emerson-power-panel.yaml

* Update unifi-network-log4j-rce.yaml
2022-02-14 19:53:51 +05:30
sullo 01d74bebaa Spacing issue 2022-02-09 17:07:16 -05:00
sullo 24e91983c4 Duplicate comments & some spacing issues fixed 2022-02-09 17:04:19 -05:00
MostInterestingBotInTheWorld db9dd3ba66 Enhancement: exposures/files/phpunit.yaml by mp 2022-02-09 12:46:09 -05:00
MostInterestingBotInTheWorld 4df891b66d Enhancement: exposures/files/phpunit.yaml by mp 2022-02-09 12:34:14 -05:00
PikPikcU b8340217f7
Update swagger-api.yaml 2022-02-06 12:57:16 -05:00
Techbrunch 9bc17ecae0
Update swagger-api.yaml 2022-02-06 15:27:54 +01:00
Geeknik Labs 5645f7e9c6
Update credentials-disclosure.yaml
This new regex matches the following patterns:
```
air_table_api_key:"82973659213857235"
airtable_api_key: '28375628173562352'
"airtableapikey":'test'
"air_table_api_key":"test"
```
2022-01-27 12:26:15 -06:00
Sandeep Singh e321bf0ce2
Merge pull request #3576 from projectdiscovery/credentials-disclosure
Credentials disclosure refactor
2022-01-27 18:10:12 +05:30
Sullo 9a8482172d Remove:
- various nonstandard ascii chars in favor of the standard ones (mostly quotes)
 - spaces after : in some files
2022-01-25 14:38:53 -05:00
forgedhallpass 5b3e3dbdf0 refactor: credentials-disclosure.yaml & credential-exposure.yaml
* correction
2022-01-21 16:25:39 +02:00
forgedhallpass 840f25137e Merge remote-tracking branch 'origin/master' into credentials-disclosure 2022-01-21 16:02:06 +02:00
forgedhallpass 02c0417190 refactor: credentials-disclosure.yaml & credential-exposure.yaml
* Extended the regex to handle more use-cases
2022-01-21 15:55:19 +02:00
sandeep 1685477532 tags update 2022-01-21 15:24:20 +05:30