7016e71473
Update prometheus-config-endpoint.yaml
2021-10-19 20:27:46 +05:30
c9f2ef68ed
Update prometheus-config-endpoint.yaml
2021-10-18 17:28:10 -05:00
eac799774d
Update prometheus-flags-endpoint.yaml
2021-10-18 14:36:49 -05:00
86a8332187
Update prometheus-flags-endpoint.yaml
...
adding regex extractor to alert if `optional` Prometheus management API is enabled as per the linked reference article. 👍🏻
2021-10-18 13:51:11 -05:00
72805491d0
Create prometheus-targets-endpoint.yaml
2021-10-18 13:44:55 -05:00
0f20469e96
Update prometheus-flags-endpoint.yaml
2021-10-18 13:43:36 -05:00
a8a063d14c
Create prometheus-flags-endpoint.yaml
2021-10-18 13:36:27 -05:00
c7efad4b58
Create prometheus-config-endpoint.yaml
2021-10-18 13:35:04 -05:00
a476fc9ca4
Update laravel-env.yaml
...
added case insensitivity to the regex matcher
2021-10-08 11:30:44 -05:00
4d52f354ee
Merge pull request #2853 from pdelteil/patch-66
...
Update zend-config-file.yaml
2021-10-08 19:15:45 +05:30
8960821db1
Update zend-config-file.yaml
2021-10-08 19:15:26 +05:30
976f695929
Update zend-config-file.yaml
2021-10-08 03:53:52 -03:00
589a1c16ee
Update github-workflows-disclosure.yaml
2021-10-07 16:51:45 -05:00
793f3474b0
Update github-workflows-disclosure.yaml
...
Add new paths
2021-10-07 16:50:57 -05:00
5c4dd11b6b
Rename misconfiguration/wpconfig-aws-keys.yaml to exposures/configs/wpconfig-aws-keys.yaml
2021-10-05 18:20:43 +05:30
807920c0ac
clean-up
2021-09-21 17:16:53 +05:30
ab4e6a4dd6
Merge pull request #2696 from DhiyaneshGeek/master
...
New Templates Added
2021-09-17 16:29:58 +05:30
156daddde0
Update phpinfo.yaml
2021-09-17 13:20:06 +05:30
24b40f5f5d
Update phpinfo.yaml
2021-09-17 08:19:28 +05:30
bd24dc198e
Coverage for all templates using tags
2021-09-09 19:08:13 +05:30
609705f676
removed extra headers not required for template
2021-09-08 17:47:19 +05:30
c266084621
Added stop-at-first-match in applicable templates
2021-09-02 17:29:10 +05:30
7608386bb3
Update dbeaver-credentials.yaml
2021-08-30 15:24:34 +05:30
7a9093c8a7
Update dbeaver-credentials.yaml
...
Change solve the false positives due to {} (empty response)
Example
nuclei -t nuclei-templates/exposures/configs/dbeaver-credentials.yaml -u https://lbs.map.qq.com
2021-08-30 02:55:35 -04:00
110f9c9ddd
Merge remote-tracking branch 'origin' into dynamic_attributes
2021-08-24 20:38:11 +03:00
ae0aabd905
misc update
2021-08-24 02:50:14 +05:30
a124e393b4
Merge remote-tracking branch 'origin' into dynamic_attributes
2021-08-23 19:15:14 +03:00
647d27925a
Merge pull request #2426 from projectdiscovery/generic
...
Templates by geeknik
2021-08-23 19:55:32 +05:30
1def46a72e
Update firebase-config-exposure.yaml
2021-08-23 15:11:10 +05:30
93894d5b8c
Update dbeaver-credentials.yaml
2021-08-23 15:09:33 +05:30
e160acb481
misc updates
2021-08-20 16:37:22 +05:30
77103bc629
Satisfying the linter (all errors and warnings)
...
* whitespace modifications only
2021-08-19 17:44:46 +03:00
002e8db616
Moved the "vendor" custom attribute under reference
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 17:00:46 +03:00
f55d6b75e1
Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 16:59:12 +03:00
7b29be739e
Merge branch 'master' into dynamic_attributes
2021-08-19 16:23:26 +03:00
0b432b341b
Added comments with URLs under the "references" field
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 16:15:35 +03:00
e68d15ab63
Fixed mistakes/typos in the templates.
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 15:30:14 +03:00
f65a78bb5c
Create firebase-config-exposure.yaml
2021-08-19 16:56:13 +05:30
d7e7c39982
Update dbeaver-credentials.yaml
2021-08-19 16:34:32 +05:30
c980eea40b
Create dbeaver-credentials.yaml
2021-08-19 16:32:09 +05:30
4d9bd2d13b
Update zend-config-file.yaml
2021-08-19 14:27:45 +05:30
cdf9451158
Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-18 14:44:27 +03:00
9850ced093
strict matchers
2021-08-17 22:11:28 +05:30
999a8febb9
Update laravel-env.yaml
2021-08-10 09:54:37 +07:00
a6e3a6a458
Merge branch 'master' into master
2021-08-09 16:09:41 +05:30
8ab6fc07bc
Update laravel-env.yaml
...
added new path
2021-08-09 13:43:29 +07:00
b86e8eabf9
Update codeigniter-env.yaml
2021-08-08 01:22:58 +05:30
a5500cca02
Additional optional matcher
2021-08-08 01:19:15 +05:30
5767a0d5a2
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into pr/1241
2021-08-08 01:13:41 +05:30
b111aeadc3
Update laravel-env.yaml
2021-08-08 01:11:14 +05:30
31a77d4e02
Update symfony-profiler.yaml
2021-08-07 09:19:05 +07:00
f01678b9c6
Update symfony-database-config.yaml
2021-08-07 09:18:02 +07:00
685183858e
minor update
2021-08-06 23:35:35 +05:30
30c5d2c3b8
Update ruijie-eg-password-leak.yaml
2021-08-06 23:07:27 +05:30
6a3a7ae691
password extractor
2021-08-06 23:04:32 +05:30
fc1af10daa
Added ruijie-eg-password-leak
2021-08-06 22:42:41 +05:30
5952685f5c
Create ruijie-nbr1300g-cli-password-leak.yaml
2021-08-06 17:46:57 +07:00
24efdfd678
Update qdpm-info-leak.yaml
2021-08-05 16:17:30 +05:30
8e0a730e3d
Rename vulnerabilities/other/qdpm-info-leak.yaml to exposures/configs/qdpm-info-leak.yaml
2021-08-05 16:10:17 +05:30
a7f75416f0
Update and rename appsec-yml-disclosure.yaml to appspec-yml-disclosure.yaml
2021-07-30 13:16:30 +03:00
8da48bbea8
Update git-config.yaml
...
improvement suggestion to keep it simple and flexible
2021-07-29 15:17:15 +02:00
e9210d80bf
strict negative matchers
2021-07-26 15:14:33 +05:30
b990243906
uniform tags
2021-07-26 14:25:43 +05:30
c9f5f01bb9
minor update
2021-07-26 00:39:16 +05:30
41c41abdb7
Update exposed-gitignore.yaml
...
Fixes the issue here: https://github.com/projectdiscovery/nuclei-templates/issues/1898#issuecomment-886237512
2021-07-25 18:29:28 +00:00
4b444af3c4
Merge pull request #2125 from DhiyaneshGeek/master
...
17 New Templates Added
2021-07-24 03:26:09 +05:30
1ea3b8a8bf
matcher updates
2021-07-24 03:03:31 +05:30
9788ebbf27
more matcher updates
2021-07-24 02:54:09 +05:30
19533bcc08
removed content type check to avoid valid matches
2021-07-24 02:53:11 +05:30
4795c084e1
Update nginx-config.yaml
...
fixes a false positive
2021-07-23 15:18:51 -05:00
96c78d8695
additional negative matcher
2021-07-24 00:39:30 +05:30
1f4f8ce332
matcher update
2021-07-24 00:30:53 +05:30
840d3ee4e3
Update github-workflows-disclosure.yaml
...
removing content type check as this might miss valid results with no content type in response
2021-07-24 00:26:56 +05:30
b0b737e0eb
Update exposures/configs/hp-ilo-serial-key-disclosure.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-24 00:24:26 +05:30
2dbeb70480
Update exposures/configs/github-workflows-disclosure.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-24 00:24:11 +05:30
fccc31717a
Update exposures/configs/github-workflows-disclosure.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-24 00:16:13 +05:30
763591bc97
lint fixes
2021-07-24 00:12:28 +05:30
1d9979fead
Update exposures/configs/hp-ilo-serial-key-disclosure.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 17:54:36 +05:30
3528cd7bef
Update exposures/configs/github-workflows-disclosure.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 17:54:27 +05:30
62c2693d34
Update exposures/configs/appsec-yml-disclosure.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 17:54:17 +05:30
834d6b8f2a
Update dockerfile-hidden-disclosure.yaml
2021-07-23 17:49:32 +05:30
80b1205379
Update exposures/configs/kubernetes-kustomization-disclosure.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 09:45:58 +05:30
a96c9c74c6
Update exposures/configs/kubernetes-kustomization-disclosure.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 09:45:52 +05:30
4051f03440
Update exposures/configs/kubernetes-kustomization-disclosure.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 09:45:44 +05:30
1646db1156
Update exposures/configs/hp-ilo-serial-key-disclosure.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 09:45:37 +05:30
dd025100e7
Update exposures/configs/github-workflows-disclosure.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 09:45:30 +05:30
ea45cdd369
Update exposures/configs/git-credentials-disclosure.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 09:44:54 +05:30
9271fa9492
Update exposures/configs/dockerfile-hidden-disclosure.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 09:44:47 +05:30
39f23522e4
Update exposures/configs/dockerfile-hidden-disclosure.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 09:44:38 +05:30
838002d77a
Update exposures/configs/appsec-yml-disclosure.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 09:44:23 +05:30
7d72783090
WIP improvements
2021-07-22 16:32:37 +05:30
419456f277
Update kubernetes-kustomization-disclosure.yaml
2021-07-21 13:39:36 +05:30
6e76e533c8
Create kubernetes-kustomization-disclosure.yaml
2021-07-21 13:36:59 +05:30
bf4d51136a
Create hp-ilo-serial-key-disclosure.yaml
2021-07-21 13:29:52 +05:30
15a19dea3d
Create github-workflows-disclosure.yaml
2021-07-21 13:21:05 +05:30
3425a83d38
Create git-credentials-disclosure.yaml
2021-07-21 11:19:35 +05:30
01bd0b38f4
Create dockerfile-hidden-disclosure.yaml
2021-07-21 11:13:50 +05:30
4f5a9f7d94
Create appsec-yml-disclosure.yaml
2021-07-21 11:09:04 +05:30
aec3d87e72
Update exposed-gitignore.yaml
...
New conditions to avoid false positives.
2021-07-17 23:15:08 -04:00
e232ba52d4
Added additional path
2021-07-14 18:24:26 +05:30
950cc356ee
path update
2021-07-14 17:39:50 +05:30
367bfd4441
Added keycloak-openid-config
2021-07-14 17:38:01 +05:30
7f1b075cf0
Temporally removing as matcher needs to be improved.
2021-07-11 13:37:39 +05:30
72781f8dfa
Merge branch 'master' into master
2021-07-10 15:07:33 +05:30
a35c34127c
Added content length condition
2021-07-10 00:40:09 +05:30
684761587d
Merge pull request #1913 from projectdiscovery/exposed-gitignore
...
Added exposed-gitignore
2021-07-09 22:52:44 +05:30
899f1e732b
Added exposed-gitignore
2021-07-09 22:50:20 +05:30
a77a3db701
Update symfony-database-config.yaml
...
Fixes #1910
2021-07-09 06:23:28 +00:00
cd8e485541
Added Git Logs
2021-07-07 20:51:33 +05:30
1b65d294d3
Merge pull request #1878 from jeenikaa/master
...
templates added
2021-07-07 18:57:46 +05:30
9d78a1656b
few updates
2021-07-07 18:52:35 +05:30
f97ae5ceba
minor update to check full header
2021-06-30 19:29:26 +05:30
199ee498f8
Update javascript-env.yaml
...
Added additional matchers to broaden detection
2021-06-30 13:55:21 +01:00
6d12b9bb6b
Added additional matcher
2021-06-30 17:53:27 +05:30
9bd750e28e
Update javascript-env.yaml
2021-06-30 16:07:25 +05:30
e04b943dce
Detect javascript environment configs.
2021-06-30 10:17:58 +00:00
96fc7bb341
more strict matchers
2021-06-30 03:26:01 +05:30
102d0b21b4
Removing duplicate template
2021-06-28 20:07:22 +05:30
fd63d24d53
Additional matcher
2021-06-11 16:20:34 +05:30
c539205559
Added phalcon-framework-source
2021-06-11 16:16:05 +05:30
83ce809e8d
Updated author names
2021-06-09 17:50:56 +05:30
3a307fdcdd
Update server-private-keys.yaml
2021-06-08 00:06:01 +00:00
578f83f39a
Update server-private-keys.yaml
...
Adding support for JWT private key detection.
2021-06-08 00:04:02 +00:00
1b879d1dc7
Added missing condition
2021-06-06 17:44:27 +05:30
9b3c3ec7a0
tags + additional string match
2021-06-06 14:14:01 +05:30
f01abd3e6d
Update rails-database-config.yaml
...
False positive reduction. 12 matches out of 2 million hosts and they all showed a content-type of `application/octet-stream`.
2021-06-05 12:50:49 +00:00
e4c1927a2f
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-06-04 20:00:36 +05:30
e2555d69d1
minor improvements
2021-06-04 19:59:41 +05:30
b6396aa310
Added zend-config-file
2021-06-04 18:50:38 +05:30
dac1649248
Merge pull request #1616 from projectdiscovery/CVE-2020-11978
...
Added CVE-2020-11978 & Airflow Workflow
2021-06-04 02:39:57 +05:30
0f0ff2ee1e
moving files around
2021-06-03 21:54:08 +05:30
9147d61ce7
Added missing tags
2021-06-03 19:48:37 +05:30
cdf6cdf638
Update detect-drone-config.yaml
2021-06-02 00:38:33 +05:30
259eb048cc
Update detect-drone-config.yaml
2021-06-02 00:33:22 +05:30
5d083f1124
Create detect-drone-config.yaml
2021-06-01 09:07:39 -05:00
9cd21c72b8
Added exposed-vscode
2021-05-31 12:28:19 +05:30
670b488bfe
more strict matcher
2021-05-31 11:17:26 +05:30
36c45cfbc9
Create hikvision-info-leak.yaml
2021-05-31 02:21:40 +00:00
ef7aa52fcd
Merge pull request #1537 from geeknik/patch-98
...
Create esmtprc.yaml
2021-05-28 09:12:01 +05:30
f2b7f88db9
misc changes
2021-05-28 09:09:55 +05:30
4e25fd7a33
Merge pull request #1539 from geeknik/patch-99
...
Create robomongo.yaml
2021-05-28 09:04:06 +05:30
6d6c95c6cc
misc changes
2021-05-28 09:01:24 +05:30
f287b87c86
Create robomongo.yaml
2021-05-26 16:36:36 -05:00
fe385ded1e
Create esmtprc.yaml
2021-05-26 16:28:18 -05:00
c65d023f96
Update amazon-docker-config-disclosure.yaml
2021-05-27 02:45:11 +05:30
207e86c419
Update docker-compose-config.yaml
2021-05-27 02:44:15 +05:30
a320fd7720
Merge pull request #1494 from Techbrunch/magento-stuff
...
Security Checks for Magento - Templates and workflow
2021-05-20 20:04:25 +05:30
1abbe0df30
Update netrc.yaml
2021-05-19 12:43:28 +00:00
9aa71e4954
misc changes
2021-05-19 06:45:50 +05:30
034d85e296
Create nagios-status-page.yaml
2021-05-19 00:51:15 +05:30
776776621a
Added a few Magento related templates
2021-05-18 15:53:10 +02:00
8894a058b9
Updating paths
2021-05-15 15:13:19 +05:30
3644f09534
Refrence also includes explaination and a solution
2021-05-10 09:47:28 +03:00
01f3541aae
Update ruijie-phpinfo.yaml
2021-05-10 01:45:12 +05:30
3856e88307
misc updates
2021-05-10 01:43:37 +05:30
84d919eb3d
Create ruijjie-phpinfo.yaml
2021-05-09 11:30:13 +00:00
ada897f4ef
Improved matcher
2021-05-08 02:17:09 +05:30
7033cf16b9
Adding plesk-stat
2021-05-07 17:00:19 +05:30
859af7e503
Merge pull request #1404 from DhiyaneshGeek/master
...
CVE-2019-8446,CVE-2018-10141,Oracle EBS Credentials Disclosure,Oracle EBS SQL Log Disclosure
2021-05-03 15:39:04 +05:30
c9e62eeed5
minor updates
2021-05-03 12:52:21 +05:30
52ea8d265b
Update server-private-keys.yaml
2021-05-03 01:57:02 +00:00
339992a6e2
Create oracle-ebs-credentials-disclosure.yaml
2021-05-03 00:31:38 +05:30
817ba2ae91
trailing spaces
2021-04-26 14:06:32 +05:30
beedd4eaf3
Update nginx-config.yaml
2021-04-26 14:02:47 +05:30
50b0fabbf0
Added samba-config
2021-04-26 14:00:03 +05:30
b055f40fd4
Added svnserve-config
2021-04-26 13:59:45 +05:30
f46a8918cd
Added httpd-config
2021-04-26 13:49:39 +05:30
ffbb94bbd2
Added php-fpm-config
2021-04-26 13:30:22 +05:30
572a1a5549
Added apache-config
2021-04-26 13:20:34 +05:30
cce1a0880b
Added nginx-config
2021-04-26 13:11:52 +05:30
3f0806abbd
Added proftpd-config
2021-04-26 13:07:38 +05:30
c838e67753
Added exposed-sharepoint-list
2021-04-26 12:49:20 +05:30
8886c88b2b
Create cisco-network-config.yaml
2021-04-22 02:29:31 +05:30
eaad43c58b
Merge pull request #1305 from pikpikcu/patch-151
...
Add kyan-network-monitor-disclosure
2021-04-20 14:58:31 +05:30
e7f848da72
minor updates
2021-04-20 14:57:16 +05:30
a3b23a2da1
minor updates
2021-04-20 14:41:34 +05:30
4e22fee6d3
Create exposed-authentication-asmx.yaml
2021-04-19 22:18:03 +05:30
c008cc8dc9
Merge pull request #42 from projectdiscovery/master
...
Updation
2021-04-19 21:36:00 +05:30
b14ab006f7
Create saia-web-server-info.yaml
2021-04-19 21:23:41 +05:30
4630e8100c
Create kyan-network-monitor-disclosure.yaml
2021-04-18 19:29:30 +00:00
257562cf08
Merge pull request #1294 from geeknik/patch-70
...
Update server-private-keys.yaml
2021-04-17 15:38:08 +05:30
a0a3ce5679
Merge pull request #1293 from geeknik/patch-72
...
Create ssh-authorized-keys.yaml
2021-04-17 15:37:28 +05:30
6e91e5f8f0
Update ssh-known-hosts.yaml
2021-04-16 15:22:21 +00:00
f877923dc0
Create ssh-authorized-keys.yaml
2021-04-16 15:21:00 +00:00
15c7ef6d48
Create ssh-known-hosts.yaml
2021-04-16 15:20:45 +00:00
3897c49b6c
Update server-private-keys.yaml
2021-04-16 15:16:51 +00:00
618c3a044b
Update ruijie-smartweb-disclosure.yaml
2021-04-14 17:00:09 +05:30
2343eae7bf
Update ruijie-smartweb-disclosure.yaml
2021-04-14 00:17:12 +00:00
268d60349c
Create ruijie-smartweb-disclosure.yaml
2021-04-14 00:07:08 +00:00
99cdbe8c5e
Up severity on public .env file and add description and reference
2021-04-11 16:35:07 +02:00
93cb25d1b1
Update laravel-env.yaml
2021-04-10 00:24:44 +03:00
19914dd2cf
Add files via upload
2021-04-10 00:20:35 +03:00
00a5fae317
Merge pull request #1216 from projectdiscovery/princechaddha-patch-4
...
Create coremail-config-disclosure.yaml
2021-04-08 22:25:03 +05:30
4f2f682cb4
minor fix
2021-04-08 22:23:50 +05:30
465f55f801
Merge pull request #1228 from geeknik/patch-65
...
Create yii-debugger.yaml
2021-04-08 22:09:14 +05:30
d246fb4ad8
moving files around
2021-04-08 21:39:19 +05:30
e5824a72f6
Update laravel-env.yaml
2021-04-08 01:31:27 +03:00
af25782bf4
Update laravel-env.yaml
2021-04-08 01:22:43 +03:00
31f9cf4838
Update laravel-env.yaml
2021-04-07 23:17:02 +03:00
11dec8ac1b
Remove Equal
...
I noticed that some vulnerable sites were being missed out since it expected the site to have APP_* which isn't always the case
2021-04-07 23:11:57 +03:00
Prince Chaddha
Geeknik Labs
Sandeep Singh
Philippe Delteil
Prince Chaddha
Dhiyaneshwaran
forgedhallpass
Muhammad Daffa
adriyansyah-mf
PikPikcU
nxnjz
Nicolas Mattiocco
sandeep
pdparchitect
Petko D. Petkov
Techbrunch
Noam Rathaus
Dieter Van der Stock
Alfie Njeru