bauthard
b369c971dc
Update and rename tomcat.yaml to public-tomcat-instance.yaml
2020-07-01 11:36:04 +05:30
bauthard
0678eb620c
Update GUIDE.md
2020-07-01 02:36:31 +05:30
bauthard
fd0da2c344
Merge pull request #163 from bauthard/master
...
updating information for chained workflow
2020-07-01 02:13:36 +05:30
bauthard
98267729d8
adding tomcat manager bruteforce
2020-06-30 15:08:39 +00:00
bauthard
f2862538ba
Update chained-workflow-multiple-templates.yaml
2020-06-30 18:59:39 +05:30
bauthard
b8f26dd6ba
Update chained-workflow-multiple-templates.yaml
2020-06-30 17:20:26 +05:30
bauthard
ef2f7352e5
Create chained-workflow-multiple-templates.yaml
2020-06-30 17:15:14 +05:30
bauthard
757bea2468
adding wordpress-directory-listing
2020-06-30 17:06:10 +05:30
bauthard
906e6e918d
Update CVE-2017-7529.yaml
2020-06-30 16:54:48 +05:30
bauthard
737d128c11
Merge pull request #162 from harsh-bothra/patch-3
...
Create CVE-2017-7529.yaml
2020-06-30 16:53:44 +05:30
bauthard
0801439e54
Update GUIDE.md
2020-06-30 16:46:31 +05:30
Harsh Bothra
dbaa71a763
Create CVE-2017-7529.yaml
...
Remote Integer Overflow in Nginx allows an attacker to extract sensitive information from memory buffer by triggering specially crafted requests.
2020-06-30 16:44:33 +05:30
bauthard
8c3ac9b4a9
Update GUIDE.md
2020-06-30 16:33:05 +05:30
bauthard
2f59c74b28
Update CVE-2019-8449.yaml
2020-06-30 16:31:20 +05:30
bauthard
b62e5f88d9
Update GUIDE.md
2020-06-30 16:27:24 +05:30
bauthard
eaa0a75395
adding workflow-example
2020-06-30 16:26:32 +05:30
bauthard
fc95489690
Update CVE-2019-8449.yaml
2020-06-30 16:13:35 +05:30
bauthard
3c28475816
Merge pull request #160 from harsh-bothra/patch-2
...
Create CVE-2019-8449.yaml
2020-06-30 16:12:34 +05:30
Harsh Bothra
d6027b67d2
Create CVE-2019-8449.yaml
...
CVE-2019-8449 which allows an Unauthenticated Attacker to enumerate all the users and their information such as Username, Avatars, Emails, Keys, etc.
Reference - https://www.doyler.net/security-not-included/more-jira-enumeration
2020-06-30 16:06:15 +05:30
bauthard
ba30333045
updating trailing space
2020-06-30 15:55:45 +05:30
bauthard
cd3b1a9804
Merge pull request #159 from harsh-bothra/patch-1
...
Create CVE-2018-11409.yaml
2020-06-30 15:54:13 +05:30
Harsh Bothra
53a47cc1bc
Create CVE-2018-11409.yaml
...
CVE-2018-11409 allows an unauthenticated user to get sensitive information such as license key from a Splunk instance by appending /__raw/services/server/info/server-info?output_mode=json to a query.
2020-06-30 15:49:43 +05:30
bauthard
12bff93ab2
Update and rename Wp-user to wordpress-user-enumaration.yaml
2020-06-30 10:30:57 +05:30
bauthard
9f44292e0c
Merge pull request #158 from manasjha7/patch-1
...
Wp-user
2020-06-30 10:29:48 +05:30
bauthard
b9ea4ecaf3
Update CVE-2020-12720.yaml
2020-06-30 02:04:13 +05:30
bauthard
c718848a88
Update CVE-2020-8512.yaml
2020-06-30 01:59:13 +05:30
Manas
d471642340
Wp-user
...
If this endpoint is misconfigured, we can enumerate Wordpress admins and their userID.
2020-06-30 01:49:40 +05:30
bauthard
01378933c6
Update CVE-2020-12720.yaml
2020-06-29 19:25:45 +05:30
bauthard
75e2166cc5
updating CVE-2020-12720
2020-06-29 19:24:56 +05:30
bauthard
4eee21265b
Delete .DS_Store
2020-06-28 02:29:49 +05:30
bauthard
bc9a6736c2
updating file name
2020-06-28 02:13:57 +05:30
bauthard
0043043f12
Merge pull request #155 from udit-thakkur/patch-2
...
Detect exposed .svn Directory
2020-06-28 02:13:16 +05:30
Udit Bhadauria
73622a256a
Update exposed-svn
2020-06-28 00:19:52 +05:30
Udit Bhadauria
8dd580dca4
Detect exposed .svn Directory
...
Provides a way to detect the version control instance - exposed .svn directory.
2020-06-27 18:30:25 +05:30
bauthard
91cd0e1ec4
updating template details
2020-06-27 12:25:14 +00:00
bauthard
3d8b9d7e5b
Merge pull request #154 from udit-thakkur/patch-1
...
Detect wordpress xmlrpc (sometimes leads to ssrf)
2020-06-27 17:52:56 +05:30
Udit Bhadauria
d58974c479
Detect wordpress xmlrpc (sometimes get ssrf)
...
Provides a way to detect the wordpress xmlrpc endpoint that can help and leads to possible ssrf sometimes.
I am not sure if it is worth to add. But I have got a few good findings using this.
Let me know if I'm doing it right, You guys are doing great work, Love this project. Kudos..!
Trying to contribute a little.
2020-06-27 17:14:59 +05:30
bauthard
3b8e5ae229
Added Wappalyzer Technology Detection
...
Ported hakluke PR into single template
2020-06-27 16:39:16 +05:30
bauthard
084a745600
added CVE-2020-8512
2020-06-26 09:14:54 +05:30
bauthard
d7a5af2b28
updating severity of multiple templates
2020-06-25 02:37:58 +05:30
bauthard
7372b169f8
Merge pull request #153 from manuelbua/detect-linkerd-service
...
Initial Linkerd service detection rules
2020-06-23 03:36:00 +05:30
bauthard
2d56871bd0
Update CVE-2019-3799.yaml
2020-06-23 03:22:51 +05:30
bauthard
2d8efb04ba
Update CVE-2018-20824.yaml
2020-06-23 03:21:54 +05:30
bauthard
d8a79274ae
Update CVE-2018-19439.yaml
2020-06-23 03:17:00 +05:30
Manuel Bua
410423834c
Tweak flags
2020-06-22 23:41:24 +02:00
Manuel Bua
19edc73166
Fix formatting
2020-06-22 23:31:30 +02:00
Manuel Bua
c5fc99af49
Add rules Linkerd service detection
2020-06-22 23:25:52 +02:00
Ice3man
e9c23dffe0
Merge pull request #126 from projectdiscovery/iceman-regex-fix
...
Regex issues fix by simplifying and fixing some edge cases
2020-06-22 08:36:29 -07:00
Ice3man
445ddf6002
Merge pull request #152 from manuelbua/iceman-regex-fix
...
Handle some more edge cases in crlf-injection and open-redirect tests
2020-06-22 08:35:33 -07:00
bauthard
b7103a2197
Pushing newly added cves
2020-06-22 19:05:37 +05:30