sullo
976539bffd
Cleanups.
...
rename fuzzing/adminer-panel-fuzz.yaml -> exposed-panels/adminer-panel-detect.yaml as it's just guessing file names, not fuzzing.
2023-03-10 15:24:54 -05:00
MostInterestingBotInTheWorld
8d26baad86
Enhancement: fuzzing/mdb-database-file.yaml by md
2023-03-08 11:16:31 -05:00
MostInterestingBotInTheWorld
1056f99bbe
Enhancement: fuzzing/linux-lfi-fuzzing.yaml by md
2023-03-08 11:05:24 -05:00
MostInterestingBotInTheWorld
a65be336aa
Enhancement: fuzzing/iis-shortname.yaml by md
2023-03-08 11:02:58 -05:00
MostInterestingBotInTheWorld
d44363d3de
Enhancement: fuzzing/adminer-panel-fuzz.yaml by md
2023-03-08 10:50:45 -05:00
MostInterestingBotInTheWorld
b57a9d110a
Enhancement: fuzzing/adminer-panel-fuzz.yaml by md
2023-03-07 18:05:46 -05:00
Dhiyaneshwaran
9b7dff718d
Merge pull request #5547 from ColbyJack1134/patch-1
...
Update cache-poisoning-fuzz.yaml
2023-02-10 19:55:10 +05:30
Ritik Chaddha
44a0a5c09b
updated header
2023-02-10 14:21:09 +05:30
Ritik Chaddha
70d9e4e175
updated matcher part
2023-02-01 14:23:01 +05:30
MostInterestingBotInTheWorld
693e1e3daa
Dashboard Content Enhancements ( #6613 )
...
Dashboard Content Enhancements
2023-01-24 08:21:18 -08:00
MostInterestingBotInTheWorld
0b1a79f39d
Dashboard Content Enhancements ( #5704 )
...
Dashboard Content Enhancements
2022-10-19 17:11:27 -04:00
Sandeep Singh
712264db7e
Using "host-redirects" instead of "redirects" to avoid scanning 3rd party / out of scope hosts. ( #5491 )
2022-10-08 02:57:25 +05:30
Ayden Colby
1adc897f3f
Update cache-poisoning-fuzz.yaml
...
Proposed fixes to cache-poisoning-fuzz.yaml based on issue #5070
What I believe was wrong before:
- The author of this template used the {{uniq}} in three places in the template, however, all three values are different with each pair of requests. This means that the cache buster query changes between request 1 and request 2, causing cache poisoning detection to not work properly.
Implemented fixes:
- Changed the cache buster query to be the same for request 1 and request 2, allowing for proper cache poisoning detection
- Used the consistent {{randstr}} preprocessor as the value for headers, since {{uniq}} would not be detected in the matchers as it changes every call
- Used the same User-Agent for each request, as having user agents change between request 1 and request 2 could cause a cache to miss
- Added a matching condition for {{randstr}} to exist in both responses to avoid false positives
- Added reference to portswigger's web cache poisoning lesson
Side notes:
- The tag "fuzz" for some reason caused errors on my nuclei instance, but "fuzzing" would not. However, I left it alone in case it is just a local issue
- Template tested on and properly detected web cache poisoning for https://portswigger.net/web-security/web-cache-poisoning/exploiting-design-flaws/lab-web-cache-poisoning-targeted-using-an-unknown-header
2022-10-02 19:35:04 -04:00
GitHub Action
bc21497f99
Auto Generated CVE annotations [Sat Aug 27 04:41:18 UTC 2022] 🤖
2022-08-27 04:41:18 +00:00
sullo
88c150d2e0
Remove blank cve-id fields from templates. ( #4516 )
...
* Remove blank cve-id fields from templates.
Add cve-id to CVE-2022-0776.yaml
* Fix classification spelling
2022-05-31 20:04:35 +05:30
MostInterestingBotInTheWorld
809e87987c
Dashboard Content Enhancements ( #4456 )
...
Dashboard Content Enhancements
2022-05-20 17:38:52 -04:00
sandeep
f09fd4b8f6
added reference
2022-05-07 13:03:25 +05:30
Dwi Siswanto
b0aa2c1d17
Add valid Google Mail checks ( #4315 )
...
* Add valid Google Mail checks
* misc: Replace to HEAD method
2022-05-07 13:00:47 +05:30
Klaxon
7f995056e3
Update wordpress-plugins-detect.yaml to extract plugin name and version ( #4290 )
...
* update wordpress-plugins-detect template to extract plugin name and version
* fix yamllint errors
* version extractor update
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-05-05 17:53:16 +05:30
sullo
c3d4dfd6ae
Tenda Template Enhancementleanup ( #4257 )
...
* Replace § markers with {{ }} pairs
* Clean up new Tenda admin panel template
* Update tenda-11n-wireless-router-login.yaml
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-04-29 10:34:34 +05:30
forgedhallpass
209538baa6
refactor: Description field uniformization
...
* info field reorder
* reference values refactored to list
* added new lines after the id and before the protocols
* removed extra new lines
* split really long descriptions to multiple lines (part 1)
* other minor fixes
2022-04-22 13:38:41 +03:00
MostInterestingBotInTheWorld
f18404302a
Dashboard Text Enhancement ( #3798 )
...
Dashboard text enhancements
2022-02-28 09:09:26 -05:00
Pathtaga
e281e5bf88
Updated all templates tags with technologies ( #3478 )
...
* Updated tags for template sonicwall-email-security-detect.yaml
* Updated tags for template detect-sentry.yaml
* Updated tags for template kong-detect.yaml
* Updated tags for template openam-detect.yaml
* Updated tags for template shiro-detect.yaml
* Updated tags for template iplanet-web-server.yaml
* Updated tags for template graylog-api-browser.yaml
* Updated tags for template prtg-detect.yaml
* Updated tags for template node-red-detect.yaml
* Updated tags for template abyss-web-server.yaml
* Updated tags for template geo-webserver.yaml
* Updated tags for template autobahn-python-detect.yaml
* Updated tags for template default-lighttpd-page.yaml
* Updated tags for template microsoft-iis-8.yaml
* Updated tags for template lucee-detect.yaml
* Updated tags for template php-proxy-detect.yaml
* Updated tags for template jenkins-detect.yaml
* Updated tags for template cockpit-detect.yaml
* Updated tags for template csrfguard-detect.yaml
* Updated tags for template dwr-index-detect.yaml
* Updated tags for template netsweeper-webadmin-detect.yaml
* Updated tags for template weblogic-detect.yaml
* Updated tags for template s3-detect.yaml
* Updated tags for template tileserver-gl.yaml
* Updated tags for template springboot-actuator.yaml
* Updated tags for template terraform-detect.yaml
* Updated tags for template redmine-cli-detect.yaml
* Updated tags for template mrtg-detect.yaml
* Updated tags for template tableau-server-detect.yaml
* Updated tags for template magmi-detect.yaml
* Updated tags for template oidc-detect.yaml
* Updated tags for template tor-socks-proxy.yaml
* Updated tags for template synology-web-station.yaml
* Updated tags for template herokuapp-detect.yaml
* Updated tags for template gunicorn-detect.yaml
* Updated tags for template sql-server-reporting.yaml
* Updated tags for template google-bucket-service.yaml
* Updated tags for template kubernetes-mirantis.yaml
* Updated tags for template kubernetes-enterprise-manager.yaml
* Updated tags for template oracle-iplanet-web-server.yaml
* Updated tags for template dell-idrac7-detect.yaml
* Updated tags for template dell-idrac6-detect.yaml
* Updated tags for template dell-idrac9-detect.yaml
* Updated tags for template dell-idrac8-detect.yaml
* Updated tags for template apache-guacamole.yaml
* Updated tags for template aws-cloudfront-service.yaml
* Updated tags for template aws-bucket-service.yaml
* Updated tags for template nginx-linux-page.yaml
* Updated tags for template telerik-fileupload-detect.yaml
* Updated tags for template telerik-dialoghandler-detect.yaml
* Updated tags for template htaccess-config.yaml
* Updated tags for template microsoft-azure-error.yaml
* Updated tags for template detect-options-method.yaml
* Updated tags for template unpatched-coldfusion.yaml
* Updated tags for template moodle-changelog.yaml
* Updated tags for template detect-dns-over-https.yaml
* Updated tags for template CVE-2019-19134.yaml
* Updated tags for template CVE-2019-3929.yaml
* Updated tags for template CVE-2019-19908.yaml
* Updated tags for template CVE-2019-10475.yaml
* Updated tags for template CVE-2019-17382.yaml
* Updated tags for template CVE-2019-16332.yaml
* Updated tags for template CVE-2019-14974.yaml
* Updated tags for template CVE-2019-19368.yaml
* Updated tags for template CVE-2019-12725.yaml
* Updated tags for template CVE-2019-15501.yaml
* Updated tags for template CVE-2019-9733.yaml
* Updated tags for template CVE-2019-14322.yaml
* Updated tags for template CVE-2019-9955.yaml
* Updated tags for template CVE-2019-0230.yaml
* Updated tags for template CVE-2019-10232.yaml
* Updated tags for template CVE-2019-17506.yaml
* Updated tags for template CVE-2019-8449.yaml
* Updated tags for template CVE-2019-12593.yaml
* Updated tags for template CVE-2019-10092.yaml
* Updated tags for template CVE-2019-1821.yaml
* Updated tags for template CVE-2019-3401.yaml
* Updated tags for template CVE-2019-16662.yaml
* Updated tags for template CVE-2019-5418.yaml
* Updated tags for template CVE-2016-4975.yaml
* Updated tags for template CVE-2016-1000137.yaml
* Updated tags for template CVE-2016-7552.yaml
* Updated tags for template CVE-2016-10956.yaml
* Updated tags for template CVE-2016-1000146.yaml
* Updated tags for template CVE-2013-2251.yaml
* Updated tags for template CVE-2013-1965.yaml
* Updated tags for template CVE-2014-2323.yaml
* Updated tags for template CVE-2014-5111.yaml
* Updated tags for template CVE-2014-2962.yaml
* Updated tags for template CVE-2014-4561.yaml
* Updated tags for template CVE-2014-4558.yaml
* Updated tags for template CVE-2014-3120.yaml
* Updated tags for template CVE-2007-5728.yaml
* Updated tags for template CVE-2009-4679.yaml
* Updated tags for template CVE-2009-1558.yaml
* Updated tags for template CVE-2009-4202.yaml
* Updated tags for template CVE-2009-0932.yaml
* Updated tags for template CVE-2015-2068.yaml
* Updated tags for template CVE-2015-8813.yaml
* Updated tags for template CVE-2015-7450.yaml
* Updated tags for template CVE-2015-2067.yaml
* Updated tags for template CVE-2015-3306.yaml
* Updated tags for template CVE-2015-3337.yaml
* Updated tags for template CVE-2015-1427.yaml
* Updated tags for template CVE-2015-1503.yaml
* Updated tags for template CVE-2015-1880.yaml
* Updated tags for template CVE-2018-3810.yaml
* Updated tags for template CVE-2018-18069.yaml
* Updated tags for template CVE-2018-17246.yaml
* Updated tags for template CVE-2018-10141.yaml
* Updated tags for template CVE-2018-16341.yaml
* Updated tags for template CVE-2018-18777.yaml
* Updated tags for template CVE-2018-15138.yaml
* Updated tags for template CVE-2018-11784.yaml
* Updated tags for template CVE-2018-16299.yaml
* Updated tags for template CVE-2018-7251.yaml
* Updated tags for template CVE-2018-1273.yaml
* Updated tags for template CVE-2018-1271.yaml
* Updated tags for template CVE-2018-11759.yaml
* Updated tags for template CVE-2018-3167.yaml
* Updated tags for template CVE-2018-7490.yaml
* Updated tags for template CVE-2018-2628.yaml
* Updated tags for template CVE-2018-13380.yaml
* Updated tags for template CVE-2018-2893.yaml
* Updated tags for template CVE-2018-5316.yaml
* Updated tags for template CVE-2018-20985.yaml
* Updated tags for template CVE-2018-10818.yaml
* Updated tags for template CVE-2018-1000861.yaml
* Updated tags for template CVE-2018-0296.yaml
* Updated tags for template CVE-2018-19458.yaml
* Updated tags for template CVE-2018-3760.yaml
* Updated tags for template CVE-2018-12998.yaml
* Updated tags for template CVE-2018-9118.yaml
* Updated tags for template CVE-2018-1000130.yaml
* Updated tags for template CVE-2008-6668.yaml
* Updated tags for template CVE-2017-7269.yaml
* Updated tags for template CVE-2017-1000170.yaml
* Updated tags for template CVE-2017-16877.yaml
* Updated tags for template CVE-2017-1000486.yaml
* Updated tags for template CVE-2017-9822.yaml
* Updated tags for template CVE-2017-0929.yaml
* Updated tags for template CVE-2017-7921.yaml
* Updated tags for template CVE-2017-14535.yaml
* Updated tags for template CVE-2017-5521.yaml
* Updated tags for template CVE-2017-12637.yaml
* Updated tags for template CVE-2017-12635.yaml
* Updated tags for template CVE-2017-11610.yaml
* Updated tags for template CVE-2021-20114.yaml
* Updated tags for template CVE-2021-40856.yaml
* Updated tags for template CVE-2021-21972.yaml
* Updated tags for template CVE-2021-31602.yaml
* Updated tags for template CVE-2021-41773.yaml
* Updated tags for template CVE-2021-37704.yaml
* Updated tags for template CVE-2021-45046.yaml
* Updated tags for template CVE-2021-26084.yaml
* Updated tags for template CVE-2021-27931.yaml
* Updated tags for template CVE-2021-24291.yaml
* Updated tags for template CVE-2021-41648.yaml
* Updated tags for template CVE-2021-37216.yaml
* Updated tags for template CVE-2021-22005.yaml
* Updated tags for template CVE-2021-37573.yaml
* Updated tags for template CVE-2021-31755.yaml
* Updated tags for template CVE-2021-43287.yaml
* Updated tags for template CVE-2021-24274.yaml
* Updated tags for template CVE-2021-33564.yaml
* Updated tags for template CVE-2021-22145.yaml
* Updated tags for template CVE-2021-24237.yaml
* Updated tags for template CVE-2021-44848.yaml
* Updated tags for template CVE-2021-25646.yaml
* Updated tags for template CVE-2021-21816.yaml
* Updated tags for template CVE-2021-41649.yaml
* Updated tags for template CVE-2021-41291.yaml
* Updated tags for template CVE-2021-41293.yaml
* Updated tags for template CVE-2021-21801.yaml
* Updated tags for template CVE-2021-29156.yaml
* Updated tags for template CVE-2021-34370.yaml
* Updated tags for template CVE-2021-27132.yaml
* Updated tags for template CVE-2021-28151.yaml
* Updated tags for template CVE-2021-26812.yaml
* Updated tags for template CVE-2021-21985.yaml
* Updated tags for template CVE-2021-43778.yaml
* Updated tags for template CVE-2021-25281.yaml
* Updated tags for template CVE-2021-40539.yaml
* Updated tags for template CVE-2021-36749.yaml
* Updated tags for template CVE-2021-21234.yaml
* Updated tags for template CVE-2021-33221.yaml
* Updated tags for template CVE-2021-42013.yaml
* Updated tags for template CVE-2021-33807.yaml
* Updated tags for template CVE-2021-44228.yaml
* Updated tags for template CVE-2012-0896.yaml
* Updated tags for template CVE-2012-0991.yaml
* Updated tags for template CVE-2012-0392.yaml
* Updated tags for template CVE-2012-4940.yaml
* Updated tags for template CVE-2012-1226.yaml
* Updated tags for template CVE-2012-4878.yaml
* Updated tags for template CVE-2010-1304.yaml
* Updated tags for template CVE-2010-1217.yaml
* Updated tags for template CVE-2010-0759.yaml
* Updated tags for template CVE-2010-2307.yaml
* Updated tags for template CVE-2010-4231.yaml
* Updated tags for template CVE-2010-2861.yaml
* Updated tags for template CVE-2010-4282.yaml
* Updated tags for template CVE-2010-1302.yaml
* Updated tags for template CVE-2010-1461.yaml
* Updated tags for template CVE-2020-4463.yaml
* Updated tags for template CVE-2020-1943.yaml
* Updated tags for template CVE-2020-36289.yaml
* Updated tags for template CVE-2020-17518.yaml
* Updated tags for template CVE-2020-12800.yaml
* Updated tags for template CVE-2020-10770.yaml
* Updated tags for template CVE-2020-17506.yaml
* Updated tags for template CVE-2020-11547.yaml
* Updated tags for template CVE-2020-11034.yaml
* Updated tags for template CVE-2020-24589.yaml
* Updated tags for template CVE-2020-9054.yaml
* Updated tags for template CVE-2020-28976.yaml
* Updated tags for template CVE-2020-16952.yaml
* Updated tags for template CVE-2020-24312.yaml
* Updated tags for template CVE-2020-8512.yaml
* Updated tags for template CVE-2020-14179.yaml
* Updated tags for template CVE-2020-6308.yaml
* Updated tags for template CVE-2020-35846.yaml
* Updated tags for template CVE-2020-7318.yaml
* Updated tags for template CVE-2020-2140.yaml
* Updated tags for template CVE-2020-5410.yaml
* Updated tags for template CVE-2020-5777.yaml
* Updated tags for template CVE-2020-13700.yaml
* Updated tags for template CVE-2020-5775.yaml
* Updated tags for template CVE-2020-13167.yaml
* Updated tags for template CVE-2020-35848.yaml
* Updated tags for template CVE-2020-9484.yaml
* Updated tags for template CVE-2020-15505.yaml
* Updated tags for template CVE-2020-9047.yaml
* Updated tags for template CVE-2020-17519.yaml
* Updated tags for template CVE-2020-17505.yaml
* Updated tags for template CVE-2020-9376.yaml
* Updated tags for template CVE-2020-8497.yaml
* Updated tags for template CVE-2020-14092.yaml
* Updated tags for template CVE-2020-10148.yaml
* Updated tags for template CVE-2020-35847.yaml
* Updated tags for template CVE-2020-12116.yaml
* Updated tags for template CVE-2020-11930.yaml
* Updated tags for template CVE-2020-24186.yaml
* Updated tags for template CVE-2020-9496.yaml
* Updated tags for template CVE-2020-35489.yaml
* Updated tags for template CVE-2020-26413.yaml
* Updated tags for template CVE-2020-2096.yaml
* misc updates
* misc update
* more updates
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-05 01:04:16 +05:30
Dwi Siswanto
057d48eb1a
Add cache-poisoning-fuzz ( #3413 )
2021-12-25 13:26:35 +05:30
sandeep
5072932509
more updates
2021-10-10 06:43:30 +05:30
Prince Chaddha
807920c0ac
clean-up
2021-09-21 17:16:53 +05:30
Sandeep Singh
ab159a7143
Update linux-lfi-fuzzing.yaml
2021-09-20 23:59:34 +05:30
Prince Chaddha
3deb57ce9f
Create linux-lfi-fuzzing.yaml
2021-09-20 23:55:50 +05:30
Geeknik Labs
151204ad10
Update iis-shortname.yaml
2021-09-16 15:16:45 -05:00
sandeep
609705f676
removed extra headers not required for template
2021-09-08 17:47:19 +05:30
sullo
ef1f7c5e92
Updates across many templates for clarity, spelling, and grammar.
2021-09-05 17:13:45 -04:00
sandeep
c266084621
Added stop-at-first-match in applicable templates
2021-09-02 17:29:10 +05:30
forgedhallpass
a124e393b4
Merge remote-tracking branch 'origin' into dynamic_attributes
2021-08-23 19:15:14 +03:00
sandeep
7ca1e38e42
misc update
2021-08-23 17:22:29 +05:30
sandeep
cd6ba804cd
Added WordPress Weak Credentials Detection
2021-08-23 17:20:33 +05:30
forgedhallpass
296edfc37b
Merge remote-tracking branch 'origin' into dynamic_attributes
2021-08-23 14:40:33 +03:00
sandeep
2aa54304ee
Payloads positional update to keep the request format uniform
2021-08-22 23:39:33 +05:30
forgedhallpass
77103bc629
Satisfying the linter (all errors and warnings)
...
* whitespace modifications only
2021-08-19 17:44:46 +03:00
forgedhallpass
7b29be739e
Merge branch 'master' into dynamic_attributes
2021-08-19 16:23:26 +03:00
forgedhallpass
cdf9451158
Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-18 14:44:27 +03:00
Sandeep Singh
0ee60c4a3e
Merge pull request #2197 from mesaglio/master
...
Detect azure directory traversal hosts file
2021-08-07 23:15:29 +05:30
sandeep
2233ebf3f1
moving files around
2021-08-07 23:02:17 +05:30
sandeep
d50fc14b74
Update prestashop-module-fuzz.yaml
2021-08-04 21:58:54 +05:30
sandeep
3c9b6e955c
Additional matchers
2021-08-04 21:55:59 +05:30
meme-lord
a525e8c80a
Added Prestashop module fuzz template
2021-07-26 18:10:23 +01:00
sandeep
6ccc5f8792
matcher update to handle edge cases
2021-07-25 03:05:55 +05:30
Prince Chaddha
2d45f5858c
Update adminer-panel-fuzz.yaml
2021-07-21 17:49:16 +05:30
sandeep
c728d256cd
Added MDB database file leakage
2021-06-11 23:22:22 +05:30
Prince Chaddha
83ce809e8d
Updated author names
2021-06-09 17:50:56 +05:30
sandeep
43d61ac6b8
Added XFF-403-bypass
2021-05-09 22:40:56 +05:30