daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
14,148 Commits
12 Branches
0 Tags
148 MiB
Commit Graph

621 Commits (10c4cf562f8518e5f1e4cd65f393d07a18ee0ba2)

Author SHA1 Message Date
MostInterestingBotInTheWorld 31312b1c19
Dashboard Content Enhancements (#4191) 
Dashboard Content Enhancements
 2022-04-21 17:16:41 -04:00
sandeep 338d4622bf parts update to use response instead of all 2022-04-20 20:08:07 +05:30
d[-_-]b d342a82225
Update zip-backup-files.yaml (#4158) 
path with subdomain
 2022-04-16 13:58:41 +05:30
MostInterestingBotInTheWorld 5730781afa
Dashboard Content Enhancements (#4157) 
* Enhancement: exposures/files/joomla-file-listing.yaml by cs

* Enhancement: cves/2019/CVE-2019-5418.yaml by mp

* Enhancement: cves/2016/CVE-2016-10940.yaml by mp

* Enhancement: cves/2015/CVE-2015-4694.yaml by mp

* Enhancement: cves/2016/CVE-2016-10960.yaml by mp

* Enhancement: cves/2021/CVE-2021-20091.yaml by mp

* Enhancement: cves/2021/CVE-2021-20092.yaml by mp

* Enhancement: vulnerabilities/other/solar-log-authbypass.yaml by mp

* Enhancement: vulnerabilities/wordpress/churchope-lfi.yaml by mp

* Enhancement: vulnerabilities/other/solar-log-authbypass.yaml by mp

* Enhancement: cves/2017/CVE-2017-10075.yaml by mp

* Enhancement: cves/2021/CVE-2021-27358.yaml by mp

* Enhancement: cves/2017/CVE-2017-9833.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml by mp

* Enhancement: vulnerabilities/wordpress/wp-spot-premium-lfi.yaml by mp

* Enhancement: misconfiguration/symfony-debugmode.yaml by mp

* Enhancement: cves/2016/CVE-2016-10940.yaml by mp

* Enhancement: cves/2015/CVE-2015-4694.yaml by mp

* Enhancement: cves/2016/CVE-2016-10960.yaml by mp

* Enhancement: cves/2015/CVE-2015-4694.yaml by mp

* Enhancement: vulnerabilities/wordpress/churchope-lfi.yaml by mp

* Enhancement: cves/2017/CVE-2017-10075.yaml by mp

* Enhancement: cves/2021/CVE-2021-27358.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml by mp

* Enhancement: vulnerabilities/wordpress/wp-spot-premium-lfi.yaml by mp

* Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp

* Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp

* Enhancement: vulnerabilities/wordpress/pieregister-open-redirect.yaml by mp

* Enhancement: cves/2021/CVE-2021-25055.yaml by mp

* Enhancement: cves/2021/CVE-2021-25028.yaml by mp

* Enhancement: vulnerabilities/wordpress/noptin-open-redirect.yaml by mp

* Enhancement: vulnerabilities/wordpress/elex-woocommerce-xss.yaml by mp

* Enhancement: vulnerabilities/wordpress/my-chatbot-xss.yaml by mp

* Enhancement: vulnerabilities/wordpress/wp-adaptive-xss.yaml by mp

* Enhancement: cves/2021/CVE-2021-24947.yaml by mp

* Enhancement: cves/2021/CVE-2021-24406.yaml by mp

* Enhancement: vulnerabilities/wordpress/elementorpage-open-redirect.yaml by mp

* Enhancement: cves/2016/CVE-2016-10033.yaml by mp

* Enhancement: cves/2021/CVE-2021-31682.yaml by mp

* Enhancement: vulnerabilities/wordpress/wp-woocommerce-file-download.yaml by mp

* Enhancement: cves/2021/CVE-2021-22986.yaml by mp

* Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp

* Enhancement: vulnerabilities/wordpress/pieregister-open-redirect.yaml by mp

* Enhancement: cves/2021/CVE-2021-25055.yaml by mp

* Enhancement: cves/2021/CVE-2021-25028.yaml by mp

* Enhancement: vulnerabilities/wordpress/noptin-open-redirect.yaml by mp

* Enhancement: vulnerabilities/wordpress/elex-woocommerce-xss.yaml by mp

* Enhancement: cves/2021/CVE-2021-24947.yaml by mp

* Enhancement: cves/2021/CVE-2021-24406.yaml by mp

* Enhancement: cves/2021/CVE-2021-22986.yaml by mp

* Enhancement: cves/2016/CVE-2016-10033.yaml by mp

* Enhancement: vulnerabilities/wordpress/elementorpage-open-redirect.yaml by mp

* Enhancement: cves/2021/CVE-2021-24406.yaml by mp

* Relocating to CVE folder

* Enhancement: cves/2017/CVE-2017-14651.yaml by mp

* Enhancement: cves/2020/CVE-2020-24589.yaml by mp

* Enhancement: vulnerabilities/confluence/confluence-ssrf-sharelinks.yaml by mp

* Enhancement: cves/2019/CVE-2019-2729.yaml by mp

* Enhancement: cves/2018/CVE-2018-2893.yaml by mp

* Enhancement: cves/2018/CVE-2018-2628.yaml by mp

* Enhancement: cves/2018/CVE-2018-3238.yaml by mp

* Enhancement: cves/2018/CVE-2018-3238.yaml by mp

* Enhancement: cves/2017/CVE-2017-3528.yaml by mp

* Enhancement: cves/2019/CVE-2019-2588.yaml by mp

* Enhancement: cves/2021/CVE-2021-31755.yaml by mp

* Enhancement: cves/2021/CVE-2021-42071.yaml by mp

* Enhancement: misconfiguration/zabbix-dashboards-access.yaml by mp

* Enhancement: cves/2017/CVE-2017-14651.yaml by mp

* Enhancement: cves/2020/CVE-2020-24589.yaml by mp

* Enhancement: vulnerabilities/confluence/confluence-ssrf-sharelinks.yaml by mp

* Enhancement: cves/2019/CVE-2019-2729.yaml by mp

* Enhancement: cves/2018/CVE-2018-2893.yaml by mp

* Enhancement: cves/2018/CVE-2018-3238.yaml by mp

* Enhancement: cves/2017/CVE-2017-3528.yaml by mp

* Enhancement: cves/2021/CVE-2021-42071.yaml by mp

* Syntax corrections
Added some cve-id fields
Removed duplicate dashboard comments

* Tag typo

Co-authored-by: sullo <sullo@cirt.net>
 2022-04-15 12:39:44 -04:00
MostInterestingBotInTheWorld 45174dee16
Dashboard Content Enhancements (#4111) 
Dashboard Content Enhancements
 2022-04-11 10:42:35 -04:00
MostInterestingBotInTheWorld 9663595dd1
Dashboard Text Enhancements (#3948) 
Dashboard content enhancements
 2022-03-21 23:48:47 -04:00
Prince Chaddha b4e2c148b2
Merge pull request #3939 from geeknik/patch-46 
Update exposed-gitignore.yaml
 2022-03-21 13:17:01 +05:30
Prince Chaddha 1d06349297
Merge pull request #3940 from geeknik/patch-47 
Update wp-app-log.yaml
 2022-03-21 13:16:01 +05:30
geeknik 2554d8ed56
Update javascript-env.yaml 2022-03-20 19:51:06 -05:00
geeknik 88996f5a7c
Update javascript-env.yaml 
Fix FP
 2022-03-20 17:06:28 -05:00
geeknik 6f2f25e9c9
Update wp-app-log.yaml 
Fix FP
 2022-03-20 15:53:45 -05:00
geeknik 70c7799043
Update exposed-gitignore.yaml 
Fix FP
 2022-03-20 15:46:47 -05:00
sandeep 0a0d7c6213 severity update for token templates 2022-03-14 18:51:04 +05:30
sandeep 4d1166dfc1 syntax update 2022-03-13 18:34:50 +05:30
Prince Chaddha 69b9ad8d2c
Update swagger-api.yaml 2022-03-11 18:07:33 +05:30
Prince Chaddha ff34cc3be7
Update dbeaver-credentials.yaml 2022-03-11 17:48:28 +05:30
Geeknik Labs 08a7572275
Update laravel-env.yaml 2022-03-10 04:19:55 -06:00
Geeknik Labs 6f628e360f
Update laravel-env.yaml 2022-03-10 03:55:06 -06:00
Prince Chaddha 3b9d2ce475
Merge pull request #3800 from geeknik/patch-44 
Update general-tokens.yaml
 2022-03-03 16:30:34 +05:30
Sandeep Singh 4f757d74c9
Update prometheus-metrics.yaml 2022-03-02 22:38:05 +05:30
Philippe Delteil 929fe3f70c
Update and rename golang-metrics.yaml to prometheus-metrics.yaml 
1. This is not a golang specific metric/config. It's an open source tool that runs on Go.
2. Added more variables since cpu_seconds_total might be disabled. 
3. Added a link to the tool. 
4. Change the id to be the same as the filename.
 2022-03-02 11:59:13 -05:00
sullo 93e9c04f38 Merge branch 'dashboard' of https://github.com/MostInterestingBotInTheWorld/nuclei-templates into dashboard 2022-02-28 17:31:38 -05:00
Geeknik Labs f79df504ac
Update general-tokens.yaml 
Fix FP
 2022-02-28 11:46:34 -06:00
MostInterestingBotInTheWorld efc0fa1cca Enhancement: exposures/tokens/digitalocean/axiom-digitalocean-key-exposure.yaml by cs 2022-02-28 10:32:15 -05:00
MostInterestingBotInTheWorld f18404302a
Dashboard Text Enhancement (#3798) 
Dashboard text enhancements
 2022-02-28 09:09:26 -05:00
Sandeep Singh 2b1d4b3202
backup file template update (#3760) 
* Updated backup template

Co-Authored-By: r0fus0d <r0fus0d@ffffffff0x.com>

* Update zip-backup-files.yaml

Co-authored-by: r0fus0d <r0fus0d@ffffffff0x.com>
 2022-02-24 20:03:38 +05:30
Prince Chaddha f8a52f9be2
Update nuuno-network-login.yaml (#3701) 
* Update nuuno-network-login.yaml

* Update panasonic-network-management.yaml

* Update cisco-network-config.yaml

* Update emerson-power-panel.yaml

* Update unifi-network-log4j-rce.yaml
 2022-02-14 19:53:51 +05:30
sullo 01d74bebaa Spacing issue 2022-02-09 17:07:16 -05:00
sullo 24e91983c4 Duplicate comments & some spacing issues fixed 2022-02-09 17:04:19 -05:00
MostInterestingBotInTheWorld db9dd3ba66 Enhancement: exposures/files/phpunit.yaml by mp 2022-02-09 12:46:09 -05:00
MostInterestingBotInTheWorld 4df891b66d Enhancement: exposures/files/phpunit.yaml by mp 2022-02-09 12:34:14 -05:00
PikPikcU b8340217f7
Update swagger-api.yaml 2022-02-06 12:57:16 -05:00
Techbrunch 9bc17ecae0
Update swagger-api.yaml 2022-02-06 15:27:54 +01:00
Geeknik Labs 5645f7e9c6
Update credentials-disclosure.yaml 
This new regex matches the following patterns:
```
air_table_api_key:"82973659213857235"
airtable_api_key: '28375628173562352'
"airtableapikey":'test'
"air_table_api_key":"test"
```
 2022-01-27 12:26:15 -06:00
Sandeep Singh e321bf0ce2
Merge pull request #3576 from projectdiscovery/credentials-disclosure 
Credentials disclosure refactor
 2022-01-27 18:10:12 +05:30
Sullo 9a8482172d Remove: 
- various nonstandard ascii chars in favor of the standard ones (mostly quotes)
 - spaces after : in some files
 2022-01-25 14:38:53 -05:00
forgedhallpass 5b3e3dbdf0 refactor: credentials-disclosure.yaml & credential-exposure.yaml 
* correction
 2022-01-21 16:25:39 +02:00
forgedhallpass 840f25137e Merge remote-tracking branch 'origin/master' into credentials-disclosure 2022-01-21 16:02:06 +02:00
forgedhallpass 02c0417190 refactor: credentials-disclosure.yaml & credential-exposure.yaml 
* Extended the regex to handle more use-cases
 2022-01-21 15:55:19 +02:00
sandeep 1685477532 tags update 2022-01-21 15:24:20 +05:30
forgedhallpass da68c83220
Credentials disclosure refactor (#3552) 
* misc updates
* fixed linter error: unnecessary escape of single quotes
* minor simplification of the last capture group
* replaced (=| =|:| :)(( \"|\")|( '|')) with \\s*[=:]\\s*[\"'] because it's more readable and also more permissive with white space characters
* changed the [a-z0-9-_] with [\w-] for readability
* removed the unnecessary capture group

Co-authored-by: Emad Youssef <48482029+Sy3Omda@users.noreply.github.com>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-01-18 16:25:55 +05:30
forgedhallpass 0ff3afe771 refactor: credentials-disclosure.yaml 
* removed the unnecessary capture group
 2022-01-18 11:35:45 +02:00
forgedhallpass a67af376e7 refactor: credentials-disclosure.yaml 
* changed the [a-z0-9-_] with [\w-] for readability
 2022-01-18 11:35:41 +02:00
forgedhallpass 98a2d89ad8 refactor: credentials-disclosure.yaml 
* replaced (=| =|:| :)(( \"|\")|( '|')) with \\s*[=:]\\s*[\"'] because it's more readable and also more permissive with white space characters
 2022-01-18 11:35:34 +02:00
forgedhallpass 66435721f9 refactor: credentials-disclosure.yaml 
* fixed linter error: unnecessary escape of single quotes
* minor simplification of the last capture group
 2022-01-18 11:35:29 +02:00
forgedhallpass 9ecf52ec0e
Merge pull request #3500 from Sy3Omda/master 
Update credentials-disclosure.yaml
 2022-01-18 11:34:22 +02:00
S Bani 7fd96b2c17
Add Template for Netbeans Configurations (#3527) 
* Add Template for Netbeans Configurations

Netbeans configs might be exposed via the path `nbproject/project.properties`.
That file can leak secrets.

* severity update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-01-16 00:34:00 +05:30
sandeep fa7c2d3553 misc updates 2022-01-12 19:10:31 +05:30
Emad Youssef c5262cb836
Update credentials-disclosure.yaml 2022-01-07 21:36:35 +02:00
Sandeep Singh 5c8ccbd1e5
Added CGI script environment variable (#3498) 2022-01-07 14:02:29 +05:30