Commit Graph

346 Commits (4b983bbe2a207d07c5a8a641e4dd7c673f936e05)

Author SHA1 Message Date
Dhiyaneshwaran 31a10ebfb7
Update jetty-showcontexts-enable.yaml 2021-07-02 20:50:15 +05:30
sandeep 5b91ef07a6 Update unauthenticated-glances.yaml 2021-07-02 17:15:32 +05:30
sandeep db61d85e75 minor updates 2021-07-02 17:14:03 +05:30
Dhiyaneshwaran 5f779266bc
Create jetty-showcontexts-enable.yaml 2021-07-02 08:16:57 +05:30
Dhiyaneshwaran 39eb91a582
Update aem-crx-bypass.yaml 2021-07-01 22:23:08 +05:30
Petko D. Petkov 7c39ab8c79 Check if json. 2021-06-30 12:03:47 +00:00
sandeep e8ffd4ea06 Update aem-crx-bypass.yaml 2021-06-28 20:45:41 +05:30
sandeep eaa5d7600f Added more strict matchers 2021-06-28 20:44:24 +05:30
Dhiyaneshwaran e53b262283
Update aem-crx-bypass.yaml 2021-06-28 20:23:11 +05:30
Dhiyaneshwaran 91b673ad17
Create aem-crx-bypass.yaml 2021-06-28 20:20:58 +05:30
sandeep 2a7d45fa1f more strict matcher 2021-06-26 19:42:11 +05:30
Prince Chaddha 89b4fdf8ed
Merge pull request #1757 from pussycat0x/master
New template added
2021-06-24 02:02:42 +05:30
Prince Chaddha 5fa51dd043
Update phpmyadmin-sql.php-server.yaml 2021-06-24 01:26:51 +05:30
sandeep 134a23aeab Some fixes (WIP)
- Added missing matcher condition
- Updated severity to lowercase, as it's case sensitive
2021-06-24 01:03:41 +05:30
pussycat0x 2dd0ce2664
Update phpmyadmin-sql.php-server.yaml 2021-06-23 21:37:14 +05:30
pussycat0x 5ae899a66f
Update phpmyadmin-sql.php-server.yaml 2021-06-23 21:34:13 +05:30
pussycat0x bb251938c8
Add files via upload 2021-06-22 20:40:53 +05:30
sandeep 49f9b67827 Added reference 2021-06-20 16:39:47 +05:30
Prince Chaddha bd4b43bbce
Merge pull request #995 from pikpikcu/patch-101
Create zhiyuan-oa-unauthorized
2021-06-19 12:53:24 +05:30
Prince Chaddha 5463655627
Update zhiyuan-oa-unauthorized.yaml 2021-06-19 12:52:35 +05:30
sandeep f0b67ef56b Few template updates 2021-06-18 15:53:49 +05:30
sandeep 6081edd83f Added reference 2021-06-18 12:16:27 +05:30
sandeep f9d068a105 Added ssrf-via-oauth-misconfig 2021-06-18 12:15:13 +05:30
sandeep b1e401ff9c Delete adobe-connect-xss.yaml 2021-06-15 15:54:19 +05:30
sandeep 891e8374b1 misc changes 2021-06-14 20:32:21 +05:30
Dhiyaneshwaran 629b655ef1
Create adobe-connect-xss.yaml 2021-06-13 23:54:48 +05:30
Dhiyaneshwaran afec528d82
Create adobe-connect-version.yaml 2021-06-13 23:40:58 +05:30
Dhiyaneshwaran 6e727805c1
Create adobe-connect-username-exposure.yaml 2021-06-13 23:25:39 +05:30
sandeep 8d35960831 Strict matchers 2021-06-10 21:18:38 +05:30
Sandeep Singh 13090ace75
Merge pull request #1659 from WillD96/IIS-Internal-IP-Disclosure
Created IIS Internal IP Disclosure Template
2021-06-10 00:02:02 +05:30
r3naissance aa9e899dd2
Added conditional word in body
I found this be a valid finding /actuator/env on a production host but was missing additional words to check which was causing a false negative. 'activeProfiles' allows this test to pass on the instance that I came across.
2021-06-09 11:36:54 -06:00
sandeep 3c6aa9da0c misc updates 2021-06-09 22:15:55 +05:30
Will Davison cd06c6137f Fixed trailing spaces 2021-06-09 16:04:53 +01:00
Will Davison ad8d064bf9 Fixed linting error. 2021-06-09 15:40:06 +01:00
Will Davison 6279e1fb70 Added template for IIS Internal IP Disclosure
By sending a HTTP 1.0 request to the root of the webserver, sometimes an internal IP address is disclosed in the Location header of the 302 response.
2021-06-09 15:30:59 +01:00
Prince Chaddha 83ce809e8d Updated author names 2021-06-09 17:50:56 +05:30
Prince Chaddha 0013f94807
Merge pull request #1631 from projectdiscovery/sap_update
SAP NetWeaver update
2021-06-09 14:17:51 +05:30
sandeep 1851068721 Updated matcher 2021-06-08 00:33:06 +05:30
sandeep 0fe0d327b0 moving files around 2021-06-07 19:57:59 +05:30
Dhiyaneshwaran 52adac2e12
Create firebase-urls.yaml 2021-06-06 19:38:51 +05:30
Dhiyaneshwaran 158914d4db
Create artifactory-anonymous-deploy.yaml 2021-06-06 19:37:32 +05:30
Prince Chaddha 1d07ace8a5
Merge pull request #1634 from DhiyaneshGeek/master
Exposed jQuery File Upload
2021-06-06 17:58:25 +05:30
Prince Chaddha 6649abf131
Update exposed-jquery-file-upload.yaml 2021-06-06 17:55:05 +05:30
Sandeep Singh fae9755374
Merge pull request #1639 from pdelteil/patch-9
Update shell-history.yaml
2021-06-06 13:40:47 +05:30
sandeep 0cf8ffdc57 misc changes 2021-06-06 13:39:16 +05:30
sandeep e2eaedc6a1 misc updates 2021-06-06 13:19:01 +05:30
Philippe Delteil 652da29f9a
Update shell-history.yaml
There are two problems with this template, it only checks for chmod commands but most importantly doesn't check for html tags. A real history file the response doesn't include html tags at all. 

So, I'm adding two rules: Check for another possible commands (from real example) and adding a negative rule to discard false positives like this one:

nuclei -debug -t /home/kali/nuclei-templates/misconfiguration/shell-history.yaml -u http://777.urbanup.com
2021-06-05 22:06:30 -04:00
Philippe Delteil 9014a4b0a2
Update aws-object-listing.yaml
Added extractor that retrieves the name of the s3 bucket. 

Test
nuclei -t nuclei-templates/misconfiguration/aws-object-listing.yaml -u http://img.secnews.gr


[2021-06-06 01:19:10] [aws-object-listing] [http] [low] http://imgcdn.secnews.gr [img.secnews.gr]
2021-06-05 21:27:44 -04:00
Dhiyaneshwaran 0d82660f90
Create exposed-jquery-file-upload.yaml 2021-06-05 22:04:09 +05:30
sandeep a85c1dd35a Moving files around + duplicate remove 2021-06-05 15:57:13 +05:30
sandeep ae8c130668 Moving files around 2021-06-05 15:55:01 +05:30
sandeep edcc35d604 Added Private key exposure via helper detector 2021-06-04 20:46:19 +05:30
sandeep 0c436e35aa Added airflow-debug 2021-06-03 19:39:51 +05:30
sandeep 0c4f75d3ad Duplicate template 2021-06-03 18:44:50 +05:30
sandeep bdc803fd4b Added CVE-2020-13927 2021-06-03 14:23:34 +05:30
Prince Chaddha f63cd48c79
Update alibaba-mongoshake-unauth.yaml 2021-06-02 01:16:41 +05:30
PikPikcU 9f8852572e
Create alibaba-mongoshake-unauth.yaml 2021-06-01 10:53:26 +00:00
Prince Chaddha cf0a3f69c6
Update kubernetes-pods.yaml 2021-05-27 02:45:50 +05:30
Prince Chaddha 8d65ab7958
Update exposed-docker-api.yaml 2021-05-27 02:44:54 +05:30
Prince Chaddha da49c78c7c
Update docker-registry.yaml 2021-05-27 02:44:33 +05:30
Prince Chaddha 0ed9fe6fa3
Update misconfigured-docker.yaml 2021-05-27 02:42:11 +05:30
Sandeep Singh 6e23c0c207
Merge pull request #1528 from projectdiscovery/DhiyaneshGeek/master
Dhiyanesh geek/master
2021-05-24 01:28:15 +05:30
sandeep 8a182ff0cc misc changes 2021-05-24 01:26:48 +05:30
Dhiyaneshwaran 22812d2112
Create cx-cloud-upload-detect.yaml 2021-05-23 17:07:30 +05:30
Geeknik Labs c83785f916
Update server-status-localhost.yaml
OCD
2021-05-22 13:46:31 -05:00
Dhiyaneshwaran 7499faff02
Create kubeflow-dashboard-unauth.yaml 2021-05-22 20:05:32 +05:30
Dhiyaneshwaran 4fc7bd61fe
Create pinpoint-unauth.yaml 2021-05-22 20:01:28 +05:30
TheConciergeDev a1c283da87
Update java-melody-exposed.yaml 2021-05-21 15:42:46 +02:00
TheConciergeDev 8e5255c407
updated tags
The affected technology is JavaMelody - the given services in the tag help to mitigate the problem, however are not the affected technology themselves. 

Ref: https://www.acunetix.com/vulnerabilities/web/javamelody-publicly-accessible/
2021-05-21 15:42:29 +02:00
Ajaysen R 842d62bb40
Create springboot-beans.yaml 2021-05-20 01:39:21 +05:30
Ajaysen R aabf384e39
Update springboot-httptrace.yaml
It can be accessed via a path like /httptrace also.
2021-05-19 12:36:42 +05:30
sandeep 0f13cd506c misc changes 2021-05-16 21:04:58 +05:30
Dhiyaneshwaran b01fc7c9d7
Create tensorflow-unauth.yaml 2021-05-16 18:34:43 +05:30
sandeep 5488370527 Handling edge cases 2021-05-16 15:19:19 +05:30
Sandeep Singh ffe61049e7
Merge pull request #1465 from geeknik/patch-92
Create apache-filename-brute-force.yaml
2021-05-14 21:24:21 +05:30
sandeep 3203754361 Workflow and tags update 2021-05-14 19:37:13 +05:30
sandeep 450254cd3d Adding "max-size" to avoid timeout error due to response size 2021-05-14 19:22:08 +05:30
sandeep 92c742a890 severity updates 2021-05-14 18:55:06 +05:30
Geeknik Labs f5771466c1
Update apache-filename-brute-force.yaml 2021-05-12 20:31:52 +00:00
Geeknik Labs 00af677408
Create apache-filename-brute-force.yaml 2021-05-12 20:30:15 +00:00
Sandeep Singh 27ed8be9dd
Merge pull request #1444 from DhiyaneshGeek/master
PHP Debug bar,SAP Directory Listing,Unauthenticated Netdata,Zippkin Unauth
2021-05-11 23:07:35 +05:30
sandeep 915501175a file updates 2021-05-11 21:14:40 +05:30
sandeep 5b102e02ef Improved matcher 2021-05-11 21:12:10 +05:30
sandeep a854fec546 Improved matcher 2021-05-11 21:09:56 +05:30
sandeep f495d36958 minor update 2021-05-09 20:36:52 +05:30
sandeep 252e4dc2fa Adding cloudflare-image-ssrf 2021-05-09 20:26:24 +05:30
Dhiyaneshwaran a53286b201
Create zippkin-unauth.yaml 2021-05-09 12:47:14 +05:30
Dhiyaneshwaran 8093e13f63
Create sap-directory-listing.yaml 2021-05-09 12:20:03 +05:30
Dhiyaneshwaran ab93cda4ae
Create unauth-netdata.yaml 2021-05-09 11:47:58 +05:30
sandeep c062651789 minor update 2021-05-07 14:41:52 +05:30
Dhiyaneshwaran 103df33af8
Create exposed-kafdrop.yaml 2021-05-06 00:23:22 +05:30
sandeep b10918510c Adding strict matcher 2021-05-05 17:39:31 +05:30
Sandeep Singh 500ce9544b
Merge pull request #1411 from geeknik/patch-82
Create nginx-vhost-traffic-status.yaml
2021-05-05 14:29:26 +05:30
sandeep e0c99aea6a misc changes 2021-05-05 14:28:46 +05:30
sandeep 399fc675a6 improved matcher 2021-05-04 16:32:53 +05:30
Noam Rathaus 20a67faa4a Description 2021-05-02 09:13:37 +03:00
sandeep c5f24e5692 misc updates 2021-04-28 15:50:24 +05:30
sandeep 269cc168c5 Improved matcher 2021-04-28 15:13:16 +05:30
sandeep 06c5cd45fa minor update 2021-04-27 16:13:28 +05:30
Dhiyaneshwaran d9c8057fe2
Create aem-login-status.yaml 2021-04-26 22:09:26 +05:30
Dhiyaneshwaran 21cf3a8e27
Create aem-bg-servlet.yaml 2021-04-26 22:08:54 +05:30
Geeknik Labs d59cf643a9
Create spidercontrol-scada-server-info.yaml 2021-04-24 17:22:22 +00:00
Dhiyaneshwaran 17d556feeb
Create unauthenticated-popup-upload.yaml 2021-04-22 02:11:41 +05:30
Sandeep Singh 4637798845
Merge pull request #1196 from notsoevilweasel/add-laravel-debug
Added new check for  Laravel debug mode enabled.
2021-04-18 21:14:27 +05:30
sandeep acdad9f812 tags and name update 2021-04-18 21:11:40 +05:30
sandeep 8c791c59dd moving files around 2021-04-17 22:25:22 +05:30
sandeep 11e515daad Update drupal-user-enum-ajax.yaml 2021-04-17 22:23:49 +05:30
sandeep 6dff922033 Improved path 2021-04-17 19:05:45 +05:30
Techbrunch 8338edcb59
Update java-melody-exposed.yaml
Fix trailing whitespace
2021-04-14 18:19:31 +02:00
Techbrunch 70fa457a16
Update java-melody-exposed.yaml
Add description, references and tags
2021-04-14 18:15:35 +02:00
PD-Team 5aa52a1760
Rename phpMyAdmin-setup.yaml to phpmyadmin-setup.yaml 2021-04-14 17:49:18 +05:30
sandeep e9b036a4f7 duplicate of CVE-2009-1151 2021-04-14 17:48:33 +05:30
sandeep 829ab1e3a6 Update sonarqube-public-projects.yaml 2021-04-14 15:58:18 +05:30
sandeep baf3132a71 Update sonarqube-public-projects.yaml 2021-04-14 15:54:40 +05:30
sandeep a5977604a4 Added sonarqube-public-projects 2021-04-14 15:49:06 +05:30
sandeep e0387a7c5d typo 2021-04-14 13:48:46 +05:30
sandeep c604dc07d7 Update aem-userinfo-servlet.yaml 2021-04-14 02:01:02 +05:30
PD-Team e049fd7281
Merge pull request #1273 from DhiyaneshGeek/master
7 AEM new Templates and AEM workflow added
2021-04-14 01:29:42 +05:30
sandeep 88037019ce Minor improvements 2021-04-14 01:24:00 +05:30
Dhiyaneshwaran c329b35af2
Update aem-gql-servlet.yaml
Mades some changes in matcher to reduce false positive
2021-04-13 14:45:17 +05:30
Dhiyaneshwaran 88633dd011
Create aem-wcm-suggestions-servlet.yaml 2021-04-13 14:20:43 +05:30
Dhiyaneshwaran ea51a4f891
Create aem-userinfo-servlet.yaml 2021-04-13 14:20:14 +05:30
Dhiyaneshwaran 2a7cc19767
Create aem-merge-metadata-servlet.yaml 2021-04-13 14:19:49 +05:30
Dhiyaneshwaran ac72ee76a9
Create aem-querybuilder-json-servlet.yaml 2021-04-13 14:19:23 +05:30
Dhiyaneshwaran 8efb2cf408
Create aem-gql-servlet.yaml 2021-04-13 14:18:59 +05:30
Dhiyaneshwaran d0af9ae01e
Create aem-default-get-servlet.yaml 2021-04-13 14:18:34 +05:30
Dhiyaneshwaran 295ae55058
Create aem-querybuilder-feed-servlet.yaml 2021-04-13 14:17:44 +05:30
sandeep 0d85374b64 Update unautneicated-cache-purge.yaml 2021-04-11 21:13:24 +05:30
sandeep bae3ee19e6 template update 2021-04-11 20:50:42 +05:30
sandeep 9a4d880b88 Update aws-object-listing.yaml 2021-04-07 17:45:49 +05:30
sandeep 76dcebcf85 Added AWS Bucket Object listing detection 2021-04-07 17:45:12 +05:30
notsoevilweasel 0db4abb862
Added word matchers 2021-04-07 06:22:28 +12:00
sandeep c19ad562fc lint fix 2021-04-06 14:20:26 +05:30
sandeep 8fdfc64e54 misc tag updates 2021-04-06 12:16:11 +05:30
PD-Team 7427eb2e50
Merge pull request #1204 from DhiyaneshGeek/master
AEM internal File read
2021-04-05 23:56:20 +05:30
sandeep d34ca6773b misc changes 2021-04-05 23:55:18 +05:30
PD-Team a73d7f855c
Merge pull request #1200 from pikpikcu/patch-138
Create gitlab-infoleak
2021-04-05 23:46:11 +05:30
sandeep a0d6838672 Minor updates and Gitlab workflow 2021-04-05 23:45:14 +05:30
Dhiyaneshwaran a395f7cd60
Create aem-querybuilder-internal-path-read.yaml 2021-04-05 23:12:25 +05:30
sandeep 477a783790 Added aem-jcr-querybuilder 2021-04-05 22:45:48 +05:30
sandeep db580f47c8 Update aem-hash-querybuilder.yaml 2021-04-05 22:37:57 +05:30
sandeep ab1a3a2e4d matcher update 2021-04-05 22:36:51 +05:30
sandeep 0622a53cfc moving files around 2021-04-05 22:18:31 +05:30
Dhiyaneshwaran e00521bb3a
Update aem-hash-querybuilder.yaml 2021-04-05 18:47:02 +05:30
Dhiyaneshwaran 6001b0680a
Update aem-hash-querybuilder.yaml 2021-04-05 18:45:09 +05:30
Dhiyaneshwaran 78813c6858
Update aem-hash-querybuilder.yaml 2021-04-05 18:44:00 +05:30
Dhiyaneshwaran 20450a808b
Update aem-hash-querybuilder.yaml 2021-04-05 18:42:41 +05:30
Dhiyaneshwaran 21d72cd017
Create aem-hash-querybuilder.yaml 2021-04-05 18:40:29 +05:30
Christopher Berry 1b0cb16b08 Added new check for Laravel debug mode enabled. Current one in repo doesn\'t work 2021-04-04 10:52:49 +12:00
sandeep 5e1302377d Update phpMyAdmin-setup.yaml 2021-04-01 13:46:56 +05:30