Pxmme
|
6961c63659
|
Adding @ for Twitter handles cause Andi bitched about it
|
2020-05-16 23:39:47 +02:00 |
Pxmme
|
22c85b660f
|
Updating authors with Twitter handles + forgot Andi for giving me a few path based payloads
|
2020-05-16 23:32:21 +02:00 |
Pxmme
|
42e05c89b5
|
Forgot to add fisher who gave me the GET param list!
|
2020-05-16 23:28:20 +02:00 |
Pxmme
|
7c25948a33
|
Update open-redirect.yaml
|
2020-05-16 23:25:31 +02:00 |
Pxmme
|
e33d72e4f2
|
Update and rename path-based-open-redirect-1.yaml to open-redirect.yaml
|
2020-05-16 23:25:16 +02:00 |
bauthard
|
9b48667288
|
Merge pull request #81 from 73735/master
Add CVE-2020-7473.yaml
|
2020-05-16 15:39:42 +05:30 |
bauthard
|
601b3c086d
|
Merge pull request #87 from 73735/front-page-misconfig.yaml
Add front-page-misconfig.yaml
|
2020-05-16 15:38:39 +05:30 |
João Teles
|
78985eb603
|
Merge pull request #1 from 73735/front-page-misconfig.yaml
Add front-page-misconfig.yaml
|
2020-05-15 21:08:58 -03:00 |
João Teles
|
22c6b5e03b
|
Add front-page-misconfig.yaml
|
2020-05-15 21:08:27 -03:00 |
João Teles
|
7a37488076
|
Update CVE-2020-7473.yaml
Ready guys. Now the template will check for size. I didn't implement the "HEAD" method because the nuclei is not supported.
|
2020-05-15 20:59:23 -03:00 |
Nadino92
|
b6078b5d47
|
improve noisy
|
2020-05-15 12:08:27 +02:00 |
bauthard
|
49b45dc2dc
|
updating name
|
2020-05-15 01:55:12 +05:30 |
Nadino92
|
7b88d4258e
|
adding 2 cves and crxde
|
2020-05-14 19:54:02 +02:00 |
Nadino92
|
536b9d9949
|
more precise tokens
|
2020-05-12 18:41:11 +02:00 |
Andrea
|
8ca66bd66d
|
basic xss
|
2020-05-10 17:16:12 +02:00 |
Andrea
|
b72489445c
|
Merge branch 'master' into private
|
2020-05-09 10:59:38 +02:00 |
Andrea
|
f66b732286
|
remove /
|
2020-05-09 10:59:35 +02:00 |
bauthard
|
0d5b682e94
|
updating cve names
|
2020-05-08 18:40:02 +00:00 |
bauthard
|
14fad57a86
|
Merge pull request #84 from michael1026/CVE-accuracy-fixes
Accuracy Fixes
|
2020-05-08 23:57:10 +05:30 |
bauthard
|
c53c7ea8aa
|
Merge pull request #85 from bad5ect0r/master
Detect security.txt file.
|
2020-05-08 22:32:42 +05:30 |
Andrea
|
27e76fe494
|
Merge branch 'master' of https://github.com/Nadino92/nuclei-templates
|
2020-05-08 18:32:26 +02:00 |
Andrea
|
fc797a94e1
|
fix crash for {{
|
2020-05-08 18:31:59 +02:00 |
Andrea
|
1e49185e72
|
Merge branch 'master' of https://github.com/Nadino92/nuclei-templates into private
|
2020-05-08 18:25:09 +02:00 |
Andrea
|
455c47c220
|
Merge branch 'master' into private
|
2020-05-08 18:24:29 +02:00 |
Andrea
|
5f5cdac0d5
|
change noisy location
|
2020-05-08 15:05:58 +02:00 |
bad5ect0r
|
572105b16a
|
Add more strict rules for security.txt
Previous one had a few false positives. This should narrow that down.
|
2020-05-08 21:41:26 +10:00 |
bad5ect0r
|
4565f42799
|
Detect security.txt file.
Detect if a site supports responsible disclosure with a security.txt file: https://securitytxt.org/
|
2020-05-08 21:06:57 +10:00 |
Michael Blake
|
5caa7cecb9
|
Reduce false-positives for Moodle XSS
|
2020-05-07 21:50:17 -07:00 |
Michael Blake
|
339ac74114
|
Prevent false-positives for CVE-2019-19368
|
2020-05-07 21:47:47 -07:00 |
Michael Blake
|
fe2efe6124
|
CVE-2019-14974 check and severity update
|
2020-05-07 21:45:25 -07:00 |
Nadino92
|
3d19cd5bb5
|
improve the regex case sensitive
|
2020-05-07 16:42:33 +02:00 |
Joao Teles
|
d22d0745d2
|
Add CVE-2020-7473.yaml
|
2020-05-07 10:15:25 -03:00 |
bauthard
|
3eb49ad409
|
Merge pull request #79 from kotireddyaluri/master
jaspersoft-detect
|
2020-05-07 17:28:24 +05:30 |
bauthard
|
e0f7914677
|
Merge pull request #80 from Nadino92/master
HTTP username and password
|
2020-05-07 17:26:57 +05:30 |
Nadino92
|
2fb9a3e57c
|
General tokens
General tokens
|
2020-05-07 12:14:17 +02:00 |
Nadino92
|
2654e0d0a4
|
HTTP username and password
Detect urls like https://username:password@vulnerable.com and https://apitoken@vulnerable.com
|
2020-05-07 12:09:09 +02:00 |
Koti Reddy Aluri
|
35335a8e68
|
Update jaspersoft-detect.yaml
|
2020-05-07 15:15:12 +05:30 |
Koti Reddy Aluri
|
85b6ec40cb
|
jaspersoft-detect
|
2020-05-07 15:10:45 +05:30 |
Andrea
|
fba4aba846
|
add hosts file
|
2020-05-06 16:52:33 +02:00 |
Andrea
|
6845f96415
|
remove dupe docker
|
2020-05-06 16:51:45 +02:00 |
Nadino92
|
215b074604
|
Docker public repositories
Searches for public repositories with Docker API endpoint. They contain source code and it's often considered a critical issue.
|
2020-05-06 11:49:38 +02:00 |
bauthard
|
4c3eeba4eb
|
Merge pull request #77 from Nadino92/master
Slack access token
|
2020-05-05 20:04:57 +05:30 |
Nadino92
|
3cfabd1763
|
Slack access token
Fetch the slack access token for both bot/person
|
2020-05-05 13:01:22 +02:00 |
bauthard
|
59abc09ad1
|
Merge pull request #76 from Nadino92/master
Basic CORS misconfiguration
|
2020-05-04 22:03:08 +05:30 |
Nadino92
|
73d4a18752
|
CRLF injection
CRLF injection with normal encoding and unicode bypass encoding https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/CRLF%20Injection
|
2020-05-04 17:53:49 +02:00 |
Nadino92
|
68fff10c89
|
Basic CORS for flash
Detect misconfigured crossdomain.xml allowing Flash to fetch resources cross-domain
|
2020-05-04 17:26:17 +02:00 |
Nadino92
|
74c9ed3844
|
Basic CORS misconfiguration
Detect basic CORS misconfiguration allowing to fetch resources cross-domain
|
2020-05-04 17:03:50 +02:00 |
bauthard
|
ef85a76c29
|
Merge pull request #75 from Nadino92/master
Adding Jenkins - asyncpeople
|
2020-05-04 16:54:15 +05:30 |
bauthard
|
44eae41b25
|
Merge pull request #74 from kotireddyaluri/patch-1
apc_info.yaml
|
2020-05-04 16:50:42 +05:30 |
Nadino92
|
c2a1aaab50
|
Add files via upload
Checking for usernames on a Jenkins machine
|
2020-05-04 12:38:46 +02:00 |