Commit Graph

45228 Commits (5b1eb0abc02387b01e5bd76f830659b058d09dbe)

Author SHA1 Message Date
bauthard 94cdb52ee1
added Werkzeug debugger console finder 2020-05-20 18:27:45 +05:30
bauthard 79dac1e326
Merge pull request #91 from Regala/patch-2
Update CVE-2020-7473.yaml
2020-05-19 18:39:12 +05:30
Regala 03e957b0df
Update CVE-2020-7473.yaml 2020-05-19 13:55:49 +01:00
Regala a2433d86a4
Update CVE-2020-7473.yaml
Updated to support 2xx and 3xx status code, as well as accepting redirects just in case.
2020-05-19 11:45:31 +01:00
bauthard 3382595acc
Merge pull request #90 from Regala/patch-1
Update CVE-2020-7473.yaml
2020-05-19 14:30:35 +05:30
bauthard 68bccbfdc2 added dead host with cname finder 2020-05-19 05:13:11 +00:00
Regala 5316f5dbcc
Update CVE-2020-7473.yaml
This is to avoid false positives. I think it would be better to only match 2xx and 3xx status code (don't know if nuclei supports this terminology)
2020-05-18 11:14:04 +01:00
bauthard 6e495e41e7
Merge pull request #88 from Pxmme/master
Updating open redirect detection with regex + more payloads
2020-05-17 04:11:36 +05:30
Pxmme 6961c63659
Adding @ for Twitter handles cause Andi bitched about it 2020-05-16 23:39:47 +02:00
Pxmme 22c85b660f
Updating authors with Twitter handles + forgot Andi for giving me a few path based payloads 2020-05-16 23:32:21 +02:00
Pxmme 42e05c89b5
Forgot to add fisher who gave me the GET param list! 2020-05-16 23:28:20 +02:00
Pxmme 7c25948a33
Update open-redirect.yaml 2020-05-16 23:25:31 +02:00
Pxmme e33d72e4f2
Update and rename path-based-open-redirect-1.yaml to open-redirect.yaml 2020-05-16 23:25:16 +02:00
bauthard 9b48667288
Merge pull request #81 from 73735/master
Add CVE-2020-7473.yaml
2020-05-16 15:39:42 +05:30
bauthard 601b3c086d
Merge pull request #87 from 73735/front-page-misconfig.yaml
Add front-page-misconfig.yaml
2020-05-16 15:38:39 +05:30
João Teles 78985eb603
Merge pull request #1 from 73735/front-page-misconfig.yaml
Add front-page-misconfig.yaml
2020-05-15 21:08:58 -03:00
João Teles 22c6b5e03b
Add front-page-misconfig.yaml 2020-05-15 21:08:27 -03:00
João Teles 7a37488076
Update CVE-2020-7473.yaml
Ready guys. Now the template will check for size. I didn't implement the "HEAD" method because the nuclei is not supported.
2020-05-15 20:59:23 -03:00
Nadino92 b6078b5d47 improve noisy 2020-05-15 12:08:27 +02:00
bauthard 49b45dc2dc
updating name 2020-05-15 01:55:12 +05:30
Nadino92 7b88d4258e adding 2 cves and crxde 2020-05-14 19:54:02 +02:00
Nadino92 536b9d9949 more precise tokens 2020-05-12 18:41:11 +02:00
Andrea 8ca66bd66d basic xss 2020-05-10 17:16:12 +02:00
Andrea b72489445c Merge branch 'master' into private 2020-05-09 10:59:38 +02:00
Andrea f66b732286 remove / 2020-05-09 10:59:35 +02:00
bauthard 0d5b682e94 updating cve names 2020-05-08 18:40:02 +00:00
bauthard 14fad57a86
Merge pull request #84 from michael1026/CVE-accuracy-fixes
Accuracy Fixes
2020-05-08 23:57:10 +05:30
bauthard c53c7ea8aa
Merge pull request #85 from bad5ect0r/master
Detect security.txt file.
2020-05-08 22:32:42 +05:30
Andrea 27e76fe494 Merge branch 'master' of https://github.com/Nadino92/nuclei-templates 2020-05-08 18:32:26 +02:00
Andrea fc797a94e1 fix crash for {{ 2020-05-08 18:31:59 +02:00
Andrea 1e49185e72 Merge branch 'master' of https://github.com/Nadino92/nuclei-templates into private 2020-05-08 18:25:09 +02:00
Andrea 455c47c220 Merge branch 'master' into private 2020-05-08 18:24:29 +02:00
Andrea 5f5cdac0d5 change noisy location 2020-05-08 15:05:58 +02:00
bad5ect0r 572105b16a
Add more strict rules for security.txt
Previous one had a few false positives. This should narrow that down.
2020-05-08 21:41:26 +10:00
bad5ect0r 4565f42799
Detect security.txt file.
Detect if a site supports responsible disclosure with a security.txt file: https://securitytxt.org/
2020-05-08 21:06:57 +10:00
Michael Blake 5caa7cecb9 Reduce false-positives for Moodle XSS 2020-05-07 21:50:17 -07:00
Michael Blake 339ac74114 Prevent false-positives for CVE-2019-19368 2020-05-07 21:47:47 -07:00
Michael Blake fe2efe6124 CVE-2019-14974 check and severity update 2020-05-07 21:45:25 -07:00
Nadino92 3d19cd5bb5 improve the regex case sensitive 2020-05-07 16:42:33 +02:00
Joao Teles d22d0745d2 Add CVE-2020-7473.yaml 2020-05-07 10:15:25 -03:00
bauthard 3eb49ad409
Merge pull request #79 from kotireddyaluri/master
jaspersoft-detect
2020-05-07 17:28:24 +05:30
bauthard e0f7914677
Merge pull request #80 from Nadino92/master
HTTP username and password
2020-05-07 17:26:57 +05:30
Nadino92 2fb9a3e57c
General tokens
General tokens
2020-05-07 12:14:17 +02:00
Nadino92 2654e0d0a4
HTTP username and password
Detect urls like https://username:password@vulnerable.com and https://apitoken@vulnerable.com
2020-05-07 12:09:09 +02:00
Koti Reddy Aluri 35335a8e68
Update jaspersoft-detect.yaml 2020-05-07 15:15:12 +05:30
Koti Reddy Aluri 85b6ec40cb
jaspersoft-detect 2020-05-07 15:10:45 +05:30
Andrea fba4aba846 add hosts file 2020-05-06 16:52:33 +02:00
Andrea 6845f96415 remove dupe docker 2020-05-06 16:51:45 +02:00
Nadino92 215b074604
Docker public repositories
Searches for public repositories with Docker API endpoint. They contain source code and it's often considered a critical issue.
2020-05-06 11:49:38 +02:00
bauthard 4c3eeba4eb
Merge pull request #77 from Nadino92/master
Slack access token
2020-05-05 20:04:57 +05:30