Ice3man
27ddfd3d15
Merge pull request #187 from Mad-robot/master
...
CVE-2020-5902 F5 BIG-IP TMUI
2020-07-05 01:13:54 -07:00
SaN ThosH
193d536685
CVE-2020-5902 F5 BIG-IP TMUI
...
Version:
- BIG-IP 15.x: 15.1.0/15.0.0
- BIG-IP 14.x: 14.1.0 ~ 14.1.2
- BIG-IP 13.x: 13.1.0 ~ 13.1.3
- BIG-IP 12.x: 12.1.0 ~ 12.1.5
- BIG-IP 11.x: 11.6.1 ~ 11.6.5
2020-07-05 13:41:58 +05:30
dw1
79291e9e54
🔥 BIG-IP Configuration Utility detection
2020-07-05 15:04:32 +07:00
dw1
695afb7a96
✏️ Rename to CVE-2019-16759
2020-07-05 14:20:36 +07:00
bauthard
3d0898c8fb
Merge pull request #185 from bing0o/master
...
Create CVE-2019-15043.yaml
2020-07-05 10:04:07 +05:30
dw1
8a338f93cb
⚠️ Clear Yamllint warnings
2020-07-04 23:32:47 +07:00
dw1
40e627d9db
🔨 Escaping payload - CVE-2020-7961
2020-07-04 23:29:12 +07:00
dw1
09df55940c
🔥 Add 0day RCE in vBulletin v5.0.0-v5.5.4
2020-07-04 22:56:10 +07:00
dw1
56e21957a3
🔨 Update payload & matchers - CVE-2020-7961
2020-07-04 22:55:40 +07:00
med pro
c40cd5259f
Create CVE-2019-15043.yaml
2020-07-04 14:05:56 +01:00
bauthard
84f05e3fec
Update s3-subtakeover.yaml
2020-07-04 17:00:35 +05:30
bauthard
b8e86d44f7
Merge pull request #183 from secureITmania/master
...
S3 takeover pattern
2020-07-04 16:57:49 +05:30
secureITmania
54140411ce
S3 takeover pattern
2020-07-04 16:40:36 +05:30
secureITmania
30cebddb8a
Delete s3-takeover.yaml
...
YAML format error
2020-07-04 16:38:46 +05:30
secureITmania
e2e9261db0
Update s3-takeover.yaml
...
YAML-formatter validate
2020-07-04 14:57:49 +05:30
secureITmania
86e4b5a478
S3 takeover pattern
...
I recently identified a subdomain takeover in one of Bug Bounty programs. I notice this pattern was not defined in the old templates. So I added this pattern
Happy Hunting
2020-07-04 13:41:27 +05:30
bauthard
765b15d79a
Update ntlm-directories.yaml
2020-07-04 10:58:15 +05:30
bauthard
6004fdeb88
Merge pull request #181 from manuelbua/ntlm-dirs-fixes
...
NTLM directories detection fixes
2020-07-04 10:57:41 +05:30
Manuel Bua
cd4da8998a
Perform comparison on the normalized header name
2020-07-03 23:07:32 +02:00
Manuel Bua
ec5b66a941
Remove duplicate entries
2020-07-03 23:06:50 +02:00
bauthard
243e478cdd
Merge pull request #178 from dwisiswant0/add-cves
...
Add CVEs (CVE-2020-9757, CVE-2020-8982, CVE-2020-8091, CVE-2020-8982)
2020-07-03 23:45:43 +05:30
dw1
fc3bc06f65
🔥 Add SEOmatic SSTI (CVE-2020-9757)
2020-07-04 00:56:51 +07:00
dw1
53a9952dc7
🔥 Add Citrix ShareFile StorageZones Unauthenticated Arbitrary File Read (CVE-2020-8982)
2020-07-04 00:56:16 +07:00
dw1
b427cfc641
🔥 TYPO3 XSS (CVE-2020-8091)
2020-07-04 00:55:17 +07:00
dw1
919d657c41
🔥 Add Liferay Portal Unauthenticated RCE (CVE-2020-8982)
2020-07-04 00:54:34 +07:00
dw1
c173cb357b
🔧 Update Liferay Portal Detection
2020-07-04 00:53:46 +07:00
bauthard
d1eb7d3f68
Merge pull request #177 from dwisiswant0/add-cve-2020-9484
...
Add CVE-2020-9484
2020-07-03 12:00:19 +05:30
bauthard
3914856fab
Merge pull request #176 from dwisiswant0/development
...
Update conditions & regexes for exposed-svn
2020-07-03 11:56:08 +05:30
dw1
5756349c14
⚡ Add Apache Tomcat RCE by deserialization - CVE-2020-9484
2020-07-03 12:39:02 +07:00
dw1
7760d4f172
🔨 Update conditions & regexes for exposed-svn. Fixes #175
2020-07-03 10:26:33 +07:00
bauthard
72f3939981
syntax updates
2020-07-02 18:11:53 +00:00
bauthard
991376c439
Merge pull request #174 from dwisiswant0/development
...
Adding Spring Boot Actuators (Jolokia) XXE
2020-07-02 23:07:34 +05:30
dw1
ecd295aff4
🔥 Add Springboot Actuators (Jolokia) XXE Vulnerability
2020-07-02 23:15:33 +07:00
dw1
c167a31784
🔧 Add path requests & matchers for Springboot Actuators
2020-07-02 23:14:39 +07:00
bauthard
6914ef1d5e
Merge pull request #173 from organiccrap/master
...
updates
2020-07-02 19:33:19 +05:30
organiccrap
2d8c78c263
updates
2020-07-02 21:53:41 +08:00
bauthard
29722f8547
Merge pull request #171 from dwisiswant0/development
...
Update exposed-svn matchers due to False Positive Results
2020-07-02 17:36:31 +05:30
dw1
43c90fc616
✏️ Fix misplaced regex & escaping regexes
2020-07-02 18:56:51 +07:00
dw1
4a140eaeec
🔧 Update exposed-svn regexes & request paths
2020-07-02 18:31:10 +07:00
dw1
19cbaad130
🔧 Update exposed-svn matchers
2020-07-02 18:26:21 +07:00
bauthard
94416fe939
Merge pull request #170 from dwisiswant0/fix-cve-2018-16341-false-positives
...
Fix for false-positive CVE-2018-16341 results
2020-07-02 16:21:35 +05:30
dw1
caf833c28e
🔧 Fix for false-positive CVE-2018-16341 results
2020-07-02 17:45:29 +07:00
bauthard
bd1146d77d
Update chained-workflow-multiple-templates.yaml
2020-07-02 15:47:20 +05:30
bauthard
179edf7914
removing extra spaces
2020-07-02 15:43:03 +05:30
bauthard
14494ba4d3
Update CVE-2019-8449.yaml
2020-07-02 15:36:11 +05:30
bauthard
b369c971dc
Update and rename tomcat.yaml to public-tomcat-instance.yaml
2020-07-01 11:36:04 +05:30
bauthard
0678eb620c
Update GUIDE.md
2020-07-01 02:36:31 +05:30
bauthard
fd0da2c344
Merge pull request #163 from bauthard/master
...
updating information for chained workflow
2020-07-01 02:13:36 +05:30
bauthard
98267729d8
adding tomcat manager bruteforce
2020-06-30 15:08:39 +00:00
bauthard
f2862538ba
Update chained-workflow-multiple-templates.yaml
2020-06-30 18:59:39 +05:30