daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,486 Commits
17 Branches
0 Tags
165 MiB
Commit Graph

226 Commits (41c6dfea0c576911c010881b46814e1ecda5ff73)

Author SHA1 Message Date
PD-Team dc24595935 BaseURL updates 2021-01-14 20:11:56 +05:30
team-projectdiscovery 106da77fc3 Preparing for request clustering 2021-01-13 13:01:46 +05:30
team-projectdiscovery b5159893d0 removing duplicate template 2021-01-13 12:40:31 +05:30
team-projectdiscovery 0b4c49e485 misc 2021-01-11 13:24:57 +05:30
team-projectdiscovery c62dfd2b53 adding few from masters 2021-01-11 12:28:56 +05:30
team-projectdiscovery 1468d8a52c matcher updates 2021-01-11 12:14:22 +05:30
team-projectdiscovery b5dd30abf5 fixes 2021-01-11 04:09:54 +05:30
team-projectdiscovery b80ca7732d linting errors 2021-01-11 03:31:24 +05:30
team-projectdiscovery a52ffe5c4e fixes and updates 2021-01-10 19:45:36 +05:30
team-projectdiscovery a90d047991 Massive template checks addition 🎉 🎉 2021-01-10 18:41:25 +05:30
team-projectdiscovery 187e4a5feb moving more files around 2021-01-09 18:32:04 +05:30
team-projectdiscovery 95d784d9b7 moving folder/files around 2021-01-08 22:25:54 +05:30
team-projectdiscovery 9a1c93c1c0 Update thinkific-redirect.yaml 2020-12-29 11:30:30 +05:30
Gal Nagli c5838760fe
Create thinkific-redirect.yaml 2020-12-29 00:51:40 +02:00
team-projectdiscovery fb3b2551df Removing as this is same as cve-2020-11738 2020-12-23 19:31:29 +05:30
team-projectdiscovery 441c1d2c40 updated rails6-xss 2020-12-23 14:54:03 +05:30
PD-Team 280ad158a5
Merge pull request #682 from PR3R00T/patch-6 
Linux appliance version of vmware-vcenter-lfi.yaml
 2020-12-15 01:14:33 +05:30
team-projectdiscovery 6690a49299 Update vmware-vcenter-lfi-linux.yaml 2020-12-15 01:14:06 +05:30
team-projectdiscovery 961977a1d4 Update easy-wp-smtp-listing.yaml 2020-12-14 19:04:51 +05:30
PR3R00T 9d6d6bbd70
Linux appliance version of vmware-vcenter-lfi.yaml 
Looking into the references in vmware-vcenter-lfi.yaml, Twitter comments also mentioned it affecting the Linux appliance version (VMWare PSC). 
I created this template and tested it on vulnerable PSCs.
 2020-12-13 20:30:05 +00:00
PR3R00T 76e8315c3f
Create easy-wp-smtp-listing.yaml 2020-12-13 20:05:21 +00:00
team-projectdiscovery d0df82d928 Adding content type checks for XSS templates 2020-12-14 00:54:23 +05:30
Dwi Siswanto 0d103fe950 ✏️ Update description 2020-12-09 15:53:20 +07:00
Dwi Siswanto 711053cfa5 🔥 Add McAfee ePO RCE vulnerability 2020-12-09 15:33:35 +07:00
bauthard 9d51cec01e Reference update 2020-11-23 23:56:36 +05:30
bauthard beb578cdf0 Marker updates to payloads 
Adding § marker to variable names to avoid any confusion with real data and variable name, supported from nuclei v2.2.0
 2020-11-21 12:25:49 +05:30
Geeknik Labs bc398cf3e3
Update open-redirect.yaml 
Add `langTo` parameter.
 2020-11-16 17:02:48 +00:00
Geeknik Labs a2243cbf30
Update open-redirect.yaml 
Add missing host to `RequestURI`. 👍🏻
 2020-11-16 16:52:13 +00:00
bauthard 4f746684c8 Encoding updates 2020-11-10 19:43:51 +05:30
bauthard 377a7df758 Adding NUUO NVRmini2 3.0.8 - Remote Code Execution 2020-11-09 16:09:50 +05:30
bauthard e55d12c8de
Merge pull request #587 from dwisiswant0/add-vuln/wordpress-wpcourses-info-disclosure 
Add wordpress-wpcourses-info-disclosure
 2020-10-23 02:16:07 +05:30
bauthard c11b53eedb Update sassy-social-share.yaml 2020-10-23 02:08:55 +05:30
Dwi Siswanto 4e09270571 🔥 Add wordpress-wpcourses-info-disclosure 2020-10-20 23:46:12 +07:00
Robbie 6a1ade3566
Create sassy-social-share.yaml 2020-10-20 16:28:01 +01:00
bauthard ec50c8519e
Merge pull request #574 from dwisiswant0/add/vpms-auth-bypass 
Add Vehicle Parking Management System 1.0 - Authentication Bypass
 2020-10-16 13:23:21 +05:30
Dwi Siswanto 5885f7b7cc 🔥 Add VPMS Auth Bypass 2020-10-16 02:42:37 +07:00
Dwi Siswanto 8903773275 📝 Add more regex patterns 2020-10-16 02:32:52 +07:00
Dwi Siswanto c098675c01 🔥 Add ZMS Auth Bypass 2020-10-16 02:30:42 +07:00
Dwi Siswanto f899b78fa8 🔥 Add rConfig RCE 2020-10-16 00:26:11 +07:00
bauthard 29ec4777e2 Update vmware-vcenter-lfi.yaml 2020-10-13 21:34:12 +05:30
bauthard aa83f5e443 Update vmware-vcenter-lfi.yaml 2020-10-13 21:32:26 +05:30
Dwi Siswanto 7b662fbaee 🔨 Update regex pattern 2020-10-13 22:51:29 +07:00
Dwi Siswanto ac8c5c98b4 🔨 Using paths as payloads 2020-10-13 21:55:29 +07:00
Dwi Siswanto e0afe64ec1 📝 Remove additional matchers based on docs.vmware.com 2020-10-13 21:34:08 +07:00
Dwi Siswanto e238af244b 🔥 Add VMware vCenter Unauthenticated Arbitrary File Read 2020-10-13 21:24:30 +07:00
bauthard 1a01b49bd5 Removed host-header-injection 
Removing as this template look for reflection and not HTTP interaction, that is also not possible to detect for now.
 2020-10-12 21:19:32 +05:30
bauthard 901f8d4483
Rename Symantec-Messaging-Gateway.yaml to symantec-messaging-gateway.yaml 2020-10-08 16:01:14 +05:30
bauthard 072adb6681 template update 2020-10-08 03:49:59 +05:30
Hacker2202 4b42f6852a Add Oracle-EBS LFI 2020-10-07 21:59:39 +00:00
bauthard 1c602223fb template update 2020-10-06 19:38:59 +05:30
Robbie 53c296c49a
Create w3c-total-cache.yaml 2020-10-06 10:45:54 +01:00
bauthard 2ae545cab4 some updates 2020-10-02 22:28:16 +05:30
bauthard 864c0781b4
Merge pull request #394 from sushant-kamble/master 
[fuzzing][wip] new template in vulnerability
 2020-10-02 22:23:42 +05:30
bauthard 471daf1bfd Update arbitrary-file-read.yaml 2020-10-02 22:22:52 +05:30
mohammedshine bcf83e3191
Update open-redirect.yaml 2020-10-01 20:49:01 +05:30
bauthard 6045c00987 wordpress workflow update 2020-09-27 13:22:13 +05:30
bauthard debc3c846a Update wordpress-social-metrics-tracker.yaml 2020-09-27 13:14:52 +05:30
bauthard dae1c4af79 Update wordpress-social-metrics-tracker.yaml 2020-09-27 13:12:57 +05:30
Robbie 0a92a6acc4
Create wordpress-social-metrics-tracker.yaml 2020-09-26 09:20:15 +01:00
bauthard dbfa0fca2d severity updates 2020-09-20 18:27:43 +05:30
bauthard 2febdea3ec
Merge pull request #476 from al3xdelarge/master 
Replace /etc/shadow by /etc/passwd
 2020-09-17 14:04:13 +05:30
aron ac0df32184 Fix malformed yaml 2020-09-17 10:30:45 +02:00
aron 7140ca2430 Fix malformed yaml 2020-09-17 10:24:16 +02:00
aron 3deec15ad1 Fix malformed yaml 2020-09-17 10:23:00 +02:00
aron 7d434171fc Adapt matcher to passwd 2020-09-17 10:15:41 +02:00
aron 0f7b226f69 Replace shadow by passwd 2020-09-17 10:13:19 +02:00
bauthard a33439106d Update Symantec-Messaging-Gateway.yaml 2020-09-16 17:56:22 +05:30
Robbie 67bd041417
Create Symantec-Messaging-Gateway.yaml 2020-09-16 12:13:10 +01:00
Ice3man543 ffef121561 Normalized id fields to match schema regex 2020-09-16 00:55:55 +05:30
bauthard d0b47926dc
Merge pull request #453 from dwisiswant0/springboot/h2-db-rce 
Add Spring Boot H2 Database RCE
 2020-09-13 21:33:14 +05:30
Dwi Siswanto 9fbcc70b37 🔥 Add Spring Boot H2 Database RCE 2020-09-13 22:33:07 +07:00
flag007 0a49f1255e
Update open-redirect.yaml 2020-09-13 20:45:16 +08:00
bauthard 52b5f5bb13
Merge pull request #429 from random-robbie/patch-5 
Create wordpress-emails-verification-for-woocommerce.yaml
 2020-09-10 19:26:37 +05:30
Dwi Siswanto 74ca1daede ✏️ Replace em-dash with dash 2020-09-09 22:08:12 +07:00
bauthard 8e645bff19 Update wordpress-emails-verification-for-woocommerce.yaml 2020-09-08 23:57:06 +05:30
Robbie 31b049898e
Update wordpress-emails-verification-for-woocommerce.yaml 2020-09-08 12:25:55 +01:00
Robbie 07c84b347e
Create wordpress-emails-verification-for-woocommerce.yaml 2020-09-08 12:12:53 +01:00
PikPikcU 9c6f45a08a
Create mida-eframework-xss.yaml 2020-09-08 09:45:12 +00:00
bauthard 450df94e3d Update bullwark-momentum-series-directory-traversal.yaml 2020-09-07 02:16:06 +05:30
PikPikcU 67f72d11e6
Create bullwark-momentum-series-directory-traversal.yaml 2020-09-05 14:58:51 +00:00
un-fmunozs 21c8656c12 False positive on XSS templates 
Encode XSS payload to prevent false positives when the Query string is returned AS IS by the server. Recent browsers will always send the parameters encoded.
 2020-09-03 10:56:31 -05:00
sushant-kamble 25fd4da110 new template 2020-09-02 17:22:30 -05:00
Dwi Siswanto ca4dbf605b 🔡 Justifying id's 2020-09-01 09:25:25 +07:00
bauthard 9bf0b6dbaf uniform format 2020-09-01 00:04:29 +05:30
bauthard 6abc3c9429
Merge pull request #369 from projectdiscovery/wems-manager-xss 
Create wems-manager-xss.yaml
 2020-08-30 11:11:18 +05:30
bauthard 140716bac8 Create wems-manager-xss.yaml 2020-08-30 11:10:09 +05:30
bauthard 62cbf524aa
Merge pull request #368 from projectdiscovery/eclipse-help-system-xss 
Create eclipse-help-system-xss.yaml
 2020-08-30 10:39:19 +05:30
bauthard 01d055aa1f Update eclipse-help-system-xss.yaml 2020-08-30 10:38:28 +05:30
bauthard 5a860c63ed Create eclipse-help-system-xss.yaml 2020-08-30 10:35:28 +05:30
bauthard 1d8b3f71a0 Update sick-beard-xss.yaml 2020-08-29 02:33:17 +05:30
bauthard 99c83642fa Create sick-beard-xss.yaml 2020-08-29 02:25:56 +05:30
bauthard 747aa48d09
Merge pull request #345 from aqme/master 
Add *description* property to nuclei-templates
 2020-08-28 01:09:39 +05:30
toufik-airane 8cc901ced0
comment reference field 2020-08-27 21:05:33 +02:00
toufik-airane 146e114a3b
fix minor yamllint issues 
Fix minor yamllint issues to move forward.
 2020-08-25 22:18:58 +02:00
bauthard ddb9a608ff Update rce-via-java-deserialization.yaml 2020-08-26 01:22:50 +05:30
toufik-airane 79ccce2ae4
add few descriptions 
add few descriptions and references on /vulnerabilities/ templates.
 2020-08-25 21:43:43 +02:00
toufik-airane 9990d326e4
CRLF injection 
update description
 2020-08-25 18:46:19 +02:00
toufik-airane 79e826d782
CouchDB Admin Party 
update description
 2020-08-25 17:29:11 +02:00
Khaled Mohamed 532072c677
Update crlf-injection.yaml 2020-08-11 14:58:53 +02:00
Aron Molnar f4ebffa1bc
Improve shellshock payload 2020-08-06 10:03:58 +02:00