daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,887 Commits
17 Branches
0 Tags
165 MiB
Commit Graph

1887 Commits (9fc9c838559d4f7b8d65a834583472dd6aad7f82)

Author SHA1 Message Date
bauthard 625228bddd Update CVE-2019-15858.yaml 2020-12-02 10:41:37 +05:30
bauthard f8449a41d9 readme update 2020-12-02 10:25:36 +05:30
bauthard 6b5734f25d
Merge pull request #630 from Patralos/master 
cve-2019-15858 reversed check
 2020-12-02 10:22:45 +05:30
un-fmunozs 13046a8419 Merge branch 'fix-cve' of https://github.com/un-fmunozs/nuclei-templates into fix-cve 2020-12-01 23:46:55 -05:00
un-fmunozs 56b2926fc8 Update CVE-2019-15858.yaml 
version number on the description was ok :)
 2020-12-01 23:46:41 -05:00
GitHub Action 6917310e7f Auto Update README [Wed Dec 2 04:43:16 UTC 2020] 🤖 2020-12-02 04:43:16 +00:00
un-fmunozs bfe6d099af Update CVE-2019-15858.yaml 
This got me a couple of false positive, so I went to review the original exploit

My changes:
- include the text/plain to make sure we are reading the readme file and not a redirect to /
- The check function on the template was  looking for 2.2.5 while the original exploit marks the site as NOT vulnerable if 2.2.5 string is found on the readme.txt file. [1] Changing that as negative check.
 2020-12-01 23:42:33 -05:00
GitHub Action f874871060 Auto Update README [Wed Dec 2 04:39:44 UTC 2020] 🤖 2020-12-02 04:39:44 +00:00
bauthard 24257aed1e
Merge pull request #659 from nodauf/patch-4 
Detect if trace method is enabled
 2020-12-02 10:09:16 +05:30
bauthard 4406f681ff moving dirs 2020-12-02 10:08:03 +05:30
bauthard b286a9839a
Merge pull request #660 from un-fmunozs/text-html 
Update basic-xss-prober.yaml
 2020-12-02 10:02:36 +05:30
bauthard b2c07e0db6 matcher update 2020-12-02 10:01:03 +05:30
GitHub Action c6b4e62823 Auto Update README [Wed Dec 2 03:12:09 UTC 2020] 🤖 2020-12-02 03:12:09 +00:00
un-fmunozs 35b585fc3a Update basic-xss-prober.yaml 
IMHO its better to test for text/html to report a possible XSS, there are a more content types that could cause reflect the content and dont have a XSS. like javascript, css, plaintext files, etc.
 2020-12-01 22:11:07 -05:00
nodauf 951c605ab2
Detect if trace method is enabled 2020-12-01 15:45:15 +01:00
GitHub Action 18e4552cab Auto Update README [Tue Dec 1 13:55:45 UTC 2020] 🤖 2020-12-01 13:55:45 +00:00
bauthard f1aa96221e Adding misc 2020-12-01 19:25:11 +05:30
GitHub Action 461617c1c9 Auto Update README [Tue Dec 1 13:51:28 UTC 2020] 🤖 2020-12-01 13:51:28 +00:00
bauthard af477e2825
Merge pull request #653 from geeknik/patch-22 
Create htpasswd.yaml
 2020-12-01 19:18:15 +05:30
bauthard 7ee05c78e7 name and file rename 2020-12-01 19:16:49 +05:30
bauthard 194aa9d0b9
Merge pull request #657 from nodauf/patch-3 
Using regex to detect when a hash is used
 2020-12-01 18:57:49 +05:30
bauthard 3bb362c2e7 updating matcher type 2020-12-01 18:56:59 +05:30
GitHub Action 6befd9d601 Auto Update README [Tue Dec 1 13:23:45 UTC 2020] 🤖 2020-12-01 13:23:45 +00:00
bauthard f48d0ce88d
Merge pull request #656 from nodauf/patch-2 
Detect One Identity Password Manager
 2020-12-01 18:53:19 +05:30
bauthard 18ca239039 Added oipm-detect 2020-12-01 18:50:54 +05:30
GitHub Action 05fd83ebda Auto Update README [Tue Dec 1 13:08:02 UTC 2020] 🤖 2020-12-01 13:08:02 +00:00
bauthard aaae4b259c
Merge pull request #658 from dwisiswant0/add/CVE-2020-23972 
Add CVE-2020-23972 [verified]
 2020-12-01 18:37:36 +05:30
Dwi Siswanto 06b94ebae3 🔥 Add CVE-2020-23972 2020-12-01 16:25:33 +07:00
nodauf 242bca7592
Using regex to detect when a hash is used 
There is some case where the like to the css file contains the hash of the file and looks like:
`/dana-na/css/ds_<hash>.css`

With this modification the case above will be detected
 2020-12-01 09:29:47 +01:00
nodauf 5a677bb8a7
Detect One Identity Password Manager 2020-11-30 17:01:13 +01:00
bauthard 66a01665c9
Merge pull request #654 from geeknik/patch-23 
Update CVE-2019-11043.yaml
 2020-11-29 17:39:19 +05:30
bauthard 7d0d8bdb99 Update CVE-2019-11043.yaml 2020-11-29 17:38:24 +05:30
bauthard c89e241cdd
Merge pull request #652 from geeknik/patch-21 
Create pfsense-detect.yaml
 2020-11-29 17:35:44 +05:30
bauthard f72215b580 Added pfsense to tech detect 2020-11-29 17:34:03 +05:30
Geeknik Labs 0bc9e92da6
Update CVE-2019-11043.yaml 2020-11-28 19:14:21 +00:00
Geeknik Labs 536a4c0267
Create htpasswd.yaml 
Less than perfect but better than nothing.
 2020-11-28 14:47:37 +00:00
Geeknik Labs 7885fd32c2
Create pfsense-detect.yaml 2020-11-28 13:56:18 +00:00
bauthard ccc7cfba52 reference update 2020-11-27 19:37:46 +05:30
GitHub Action 570ce82a0d Auto Update README [Fri Nov 27 13:13:31 UTC 2020] 🤖 2020-11-27 13:13:31 +00:00
bauthard 1f0cbd25c4
Merge pull request #651 from geeknik/patch-19 
Create server-private-keys.yaml
 2020-11-27 18:43:06 +05:30
Geeknik Labs cbb11e561d
Create server-private-keys.yaml 2020-11-26 20:53:23 +00:00
bauthard 231974676e
Merge pull request #650 from projectdiscovery/bugfix-cve-2019-12725 
fixing unmarshal error
 2020-11-27 01:19:50 +05:30
bauthard 519ddb4ce5
reverting the change 2020-11-27 01:19:35 +05:30
GitHub Action 478884cc45 Auto Update README [Thu Nov 26 19:47:17 UTC 2020] 🤖 2020-11-26 19:47:17 +00:00
bauthard 1b203b350b
Update CVE-2019-12725.yaml 2020-11-27 01:16:49 +05:30
GitHub Action deb4115269 Auto Update README [Thu Nov 26 19:37:06 UTC 2020] 🤖 2020-11-26 19:37:06 +00:00
Mzack9999 f5e5515a35 fixing unmarshal error 2020-11-26 20:36:28 +01:00
GitHub Action 01dbfcc23c Auto Update README [Thu Nov 26 18:16:07 UTC 2020] 🤖 2020-11-26 18:16:07 +00:00
bauthard c74fec3266
Merge pull request #643 from geeknik/patch-19 
Create redmine-db-config.yaml
 2020-11-26 23:45:43 +05:30
bauthard 14a5e7575a dir updates! 2020-11-26 23:44:49 +05:30