Commit Graph

720 Commits (a4db46a4e8caa724e26533df1f6aba425bf748e5)

Author SHA1 Message Date
d[-_-]b d342a82225
Update zip-backup-files.yaml (#4158)
path with subdomain
2022-04-16 13:58:41 +05:30
MostInterestingBotInTheWorld 5730781afa
Dashboard Content Enhancements (#4157)
* Enhancement: exposures/files/joomla-file-listing.yaml by cs

* Enhancement: cves/2019/CVE-2019-5418.yaml by mp

* Enhancement: cves/2016/CVE-2016-10940.yaml by mp

* Enhancement: cves/2015/CVE-2015-4694.yaml by mp

* Enhancement: cves/2016/CVE-2016-10960.yaml by mp

* Enhancement: cves/2021/CVE-2021-20091.yaml by mp

* Enhancement: cves/2021/CVE-2021-20092.yaml by mp

* Enhancement: vulnerabilities/other/solar-log-authbypass.yaml by mp

* Enhancement: vulnerabilities/wordpress/churchope-lfi.yaml by mp

* Enhancement: vulnerabilities/other/solar-log-authbypass.yaml by mp

* Enhancement: cves/2017/CVE-2017-10075.yaml by mp

* Enhancement: cves/2021/CVE-2021-27358.yaml by mp

* Enhancement: cves/2017/CVE-2017-9833.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml by mp

* Enhancement: vulnerabilities/wordpress/wp-spot-premium-lfi.yaml by mp

* Enhancement: misconfiguration/symfony-debugmode.yaml by mp

* Enhancement: cves/2016/CVE-2016-10940.yaml by mp

* Enhancement: cves/2015/CVE-2015-4694.yaml by mp

* Enhancement: cves/2016/CVE-2016-10960.yaml by mp

* Enhancement: cves/2015/CVE-2015-4694.yaml by mp

* Enhancement: vulnerabilities/wordpress/churchope-lfi.yaml by mp

* Enhancement: cves/2017/CVE-2017-10075.yaml by mp

* Enhancement: cves/2021/CVE-2021-27358.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml by mp

* Enhancement: vulnerabilities/wordpress/wp-spot-premium-lfi.yaml by mp

* Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp

* Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp

* Enhancement: vulnerabilities/wordpress/pieregister-open-redirect.yaml by mp

* Enhancement: cves/2021/CVE-2021-25055.yaml by mp

* Enhancement: cves/2021/CVE-2021-25028.yaml by mp

* Enhancement: vulnerabilities/wordpress/noptin-open-redirect.yaml by mp

* Enhancement: vulnerabilities/wordpress/elex-woocommerce-xss.yaml by mp

* Enhancement: vulnerabilities/wordpress/my-chatbot-xss.yaml by mp

* Enhancement: vulnerabilities/wordpress/wp-adaptive-xss.yaml by mp

* Enhancement: cves/2021/CVE-2021-24947.yaml by mp

* Enhancement: cves/2021/CVE-2021-24406.yaml by mp

* Enhancement: vulnerabilities/wordpress/elementorpage-open-redirect.yaml by mp

* Enhancement: cves/2016/CVE-2016-10033.yaml by mp

* Enhancement: cves/2021/CVE-2021-31682.yaml by mp

* Enhancement: vulnerabilities/wordpress/wp-woocommerce-file-download.yaml by mp

* Enhancement: cves/2021/CVE-2021-22986.yaml by mp

* Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp

* Enhancement: vulnerabilities/wordpress/pieregister-open-redirect.yaml by mp

* Enhancement: cves/2021/CVE-2021-25055.yaml by mp

* Enhancement: cves/2021/CVE-2021-25028.yaml by mp

* Enhancement: vulnerabilities/wordpress/noptin-open-redirect.yaml by mp

* Enhancement: vulnerabilities/wordpress/elex-woocommerce-xss.yaml by mp

* Enhancement: cves/2021/CVE-2021-24947.yaml by mp

* Enhancement: cves/2021/CVE-2021-24406.yaml by mp

* Enhancement: cves/2021/CVE-2021-22986.yaml by mp

* Enhancement: cves/2016/CVE-2016-10033.yaml by mp

* Enhancement: vulnerabilities/wordpress/elementorpage-open-redirect.yaml by mp

* Enhancement: cves/2021/CVE-2021-24406.yaml by mp

* Relocating to CVE folder

* Enhancement: cves/2017/CVE-2017-14651.yaml by mp

* Enhancement: cves/2020/CVE-2020-24589.yaml by mp

* Enhancement: vulnerabilities/confluence/confluence-ssrf-sharelinks.yaml by mp

* Enhancement: cves/2019/CVE-2019-2729.yaml by mp

* Enhancement: cves/2018/CVE-2018-2893.yaml by mp

* Enhancement: cves/2018/CVE-2018-2628.yaml by mp

* Enhancement: cves/2018/CVE-2018-3238.yaml by mp

* Enhancement: cves/2018/CVE-2018-3238.yaml by mp

* Enhancement: cves/2017/CVE-2017-3528.yaml by mp

* Enhancement: cves/2019/CVE-2019-2588.yaml by mp

* Enhancement: cves/2021/CVE-2021-31755.yaml by mp

* Enhancement: cves/2021/CVE-2021-42071.yaml by mp

* Enhancement: misconfiguration/zabbix-dashboards-access.yaml by mp

* Enhancement: cves/2017/CVE-2017-14651.yaml by mp

* Enhancement: cves/2020/CVE-2020-24589.yaml by mp

* Enhancement: vulnerabilities/confluence/confluence-ssrf-sharelinks.yaml by mp

* Enhancement: cves/2019/CVE-2019-2729.yaml by mp

* Enhancement: cves/2018/CVE-2018-2893.yaml by mp

* Enhancement: cves/2018/CVE-2018-3238.yaml by mp

* Enhancement: cves/2017/CVE-2017-3528.yaml by mp

* Enhancement: cves/2021/CVE-2021-42071.yaml by mp

* Syntax corrections
Added some cve-id fields
Removed duplicate dashboard comments

* Tag typo

Co-authored-by: sullo <sullo@cirt.net>
2022-04-15 12:39:44 -04:00
MostInterestingBotInTheWorld 45174dee16
Dashboard Content Enhancements (#4111)
Dashboard Content Enhancements
2022-04-11 10:42:35 -04:00
MostInterestingBotInTheWorld 9663595dd1
Dashboard Text Enhancements (#3948)
Dashboard content enhancements
2022-03-21 23:48:47 -04:00
Prince Chaddha b4e2c148b2
Merge pull request #3939 from geeknik/patch-46
Update exposed-gitignore.yaml
2022-03-21 13:17:01 +05:30
Prince Chaddha 1d06349297
Merge pull request #3940 from geeknik/patch-47
Update wp-app-log.yaml
2022-03-21 13:16:01 +05:30
geeknik 2554d8ed56
Update javascript-env.yaml 2022-03-20 19:51:06 -05:00
geeknik 88996f5a7c
Update javascript-env.yaml
Fix FP
2022-03-20 17:06:28 -05:00
geeknik 6f2f25e9c9
Update wp-app-log.yaml
Fix FP
2022-03-20 15:53:45 -05:00
geeknik 70c7799043
Update exposed-gitignore.yaml
Fix FP
2022-03-20 15:46:47 -05:00
sandeep 0a0d7c6213 severity update for token templates 2022-03-14 18:51:04 +05:30
sandeep 4d1166dfc1 syntax update 2022-03-13 18:34:50 +05:30
Prince Chaddha 69b9ad8d2c
Update swagger-api.yaml 2022-03-11 18:07:33 +05:30
Prince Chaddha ff34cc3be7
Update dbeaver-credentials.yaml 2022-03-11 17:48:28 +05:30
Geeknik Labs 08a7572275
Update laravel-env.yaml 2022-03-10 04:19:55 -06:00
Geeknik Labs 6f628e360f
Update laravel-env.yaml 2022-03-10 03:55:06 -06:00
Prince Chaddha 3b9d2ce475
Merge pull request #3800 from geeknik/patch-44
Update general-tokens.yaml
2022-03-03 16:30:34 +05:30
Sandeep Singh 4f757d74c9
Update prometheus-metrics.yaml 2022-03-02 22:38:05 +05:30
Philippe Delteil 929fe3f70c
Update and rename golang-metrics.yaml to prometheus-metrics.yaml
1. This is not a golang specific metric/config. It's an open source tool that runs on Go.
2. Added more variables since cpu_seconds_total might be disabled. 
3. Added a link to the tool. 
4. Change the id to be the same as the filename.
2022-03-02 11:59:13 -05:00
sullo 93e9c04f38 Merge branch 'dashboard' of https://github.com/MostInterestingBotInTheWorld/nuclei-templates into dashboard 2022-02-28 17:31:38 -05:00
Geeknik Labs f79df504ac
Update general-tokens.yaml
Fix FP
2022-02-28 11:46:34 -06:00
MostInterestingBotInTheWorld efc0fa1cca Enhancement: exposures/tokens/digitalocean/axiom-digitalocean-key-exposure.yaml by cs 2022-02-28 10:32:15 -05:00
MostInterestingBotInTheWorld f18404302a
Dashboard Text Enhancement (#3798)
Dashboard text enhancements
2022-02-28 09:09:26 -05:00
Sandeep Singh 2b1d4b3202
backup file template update (#3760)
* Updated backup template

Co-Authored-By: r0fus0d <r0fus0d@ffffffff0x.com>

* Update zip-backup-files.yaml

Co-authored-by: r0fus0d <r0fus0d@ffffffff0x.com>
2022-02-24 20:03:38 +05:30
Prince Chaddha f8a52f9be2
Update nuuno-network-login.yaml (#3701)
* Update nuuno-network-login.yaml

* Update panasonic-network-management.yaml

* Update cisco-network-config.yaml

* Update emerson-power-panel.yaml

* Update unifi-network-log4j-rce.yaml
2022-02-14 19:53:51 +05:30
sullo 01d74bebaa Spacing issue 2022-02-09 17:07:16 -05:00
sullo 24e91983c4 Duplicate comments & some spacing issues fixed 2022-02-09 17:04:19 -05:00
MostInterestingBotInTheWorld db9dd3ba66 Enhancement: exposures/files/phpunit.yaml by mp 2022-02-09 12:46:09 -05:00
MostInterestingBotInTheWorld 4df891b66d Enhancement: exposures/files/phpunit.yaml by mp 2022-02-09 12:34:14 -05:00
PikPikcU b8340217f7
Update swagger-api.yaml 2022-02-06 12:57:16 -05:00
Techbrunch 9bc17ecae0
Update swagger-api.yaml 2022-02-06 15:27:54 +01:00
Geeknik Labs 5645f7e9c6
Update credentials-disclosure.yaml
This new regex matches the following patterns:
```
air_table_api_key:"82973659213857235"
airtable_api_key: '28375628173562352'
"airtableapikey":'test'
"air_table_api_key":"test"
```
2022-01-27 12:26:15 -06:00
Sandeep Singh e321bf0ce2
Merge pull request #3576 from projectdiscovery/credentials-disclosure
Credentials disclosure refactor
2022-01-27 18:10:12 +05:30
Sullo 9a8482172d Remove:
- various nonstandard ascii chars in favor of the standard ones (mostly quotes)
 - spaces after : in some files
2022-01-25 14:38:53 -05:00
forgedhallpass 5b3e3dbdf0 refactor: credentials-disclosure.yaml & credential-exposure.yaml
* correction
2022-01-21 16:25:39 +02:00
forgedhallpass 840f25137e Merge remote-tracking branch 'origin/master' into credentials-disclosure 2022-01-21 16:02:06 +02:00
forgedhallpass 02c0417190 refactor: credentials-disclosure.yaml & credential-exposure.yaml
* Extended the regex to handle more use-cases
2022-01-21 15:55:19 +02:00
sandeep 1685477532 tags update 2022-01-21 15:24:20 +05:30
forgedhallpass da68c83220
Credentials disclosure refactor (#3552)
* misc updates
* fixed linter error: unnecessary escape of single quotes
* minor simplification of the last capture group
* replaced (=| =|:| :)(( \"|\")|( '|')) with \\s*[=:]\\s*[\"'] because it's more readable and also more permissive with white space characters
* changed the [a-z0-9-_] with [\w-] for readability
* removed the unnecessary capture group

Co-authored-by: Emad Youssef <48482029+Sy3Omda@users.noreply.github.com>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-18 16:25:55 +05:30
forgedhallpass 0ff3afe771 refactor: credentials-disclosure.yaml
* removed the unnecessary capture group
2022-01-18 11:35:45 +02:00
forgedhallpass a67af376e7 refactor: credentials-disclosure.yaml
* changed the [a-z0-9-_] with [\w-] for readability
2022-01-18 11:35:41 +02:00
forgedhallpass 98a2d89ad8 refactor: credentials-disclosure.yaml
* replaced (=| =|:| :)(( \"|\")|( '|')) with \\s*[=:]\\s*[\"'] because it's more readable and also more permissive with white space characters
2022-01-18 11:35:34 +02:00
forgedhallpass 66435721f9 refactor: credentials-disclosure.yaml
* fixed linter error: unnecessary escape of single quotes
* minor simplification of the last capture group
2022-01-18 11:35:29 +02:00
forgedhallpass 9ecf52ec0e
Merge pull request #3500 from Sy3Omda/master
Update credentials-disclosure.yaml
2022-01-18 11:34:22 +02:00
S Bani 7fd96b2c17
Add Template for Netbeans Configurations (#3527)
* Add Template for Netbeans Configurations

Netbeans configs might be exposed via the path `nbproject/project.properties`.
That file can leak secrets.

* severity update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-16 00:34:00 +05:30
sandeep fa7c2d3553 misc updates 2022-01-12 19:10:31 +05:30
Emad Youssef c5262cb836
Update credentials-disclosure.yaml 2022-01-07 21:36:35 +02:00
Sandeep Singh 5c8ccbd1e5
Added CGI script environment variable (#3498) 2022-01-07 14:02:29 +05:30
Pathtaga e281e5bf88
Updated all templates tags with technologies (#3478)
* Updated tags for template sonicwall-email-security-detect.yaml

* Updated tags for template detect-sentry.yaml

* Updated tags for template kong-detect.yaml

* Updated tags for template openam-detect.yaml

* Updated tags for template shiro-detect.yaml

* Updated tags for template iplanet-web-server.yaml

* Updated tags for template graylog-api-browser.yaml

* Updated tags for template prtg-detect.yaml

* Updated tags for template node-red-detect.yaml

* Updated tags for template abyss-web-server.yaml

* Updated tags for template geo-webserver.yaml

* Updated tags for template autobahn-python-detect.yaml

* Updated tags for template default-lighttpd-page.yaml

* Updated tags for template microsoft-iis-8.yaml

* Updated tags for template lucee-detect.yaml

* Updated tags for template php-proxy-detect.yaml

* Updated tags for template jenkins-detect.yaml

* Updated tags for template cockpit-detect.yaml

* Updated tags for template csrfguard-detect.yaml

* Updated tags for template dwr-index-detect.yaml

* Updated tags for template netsweeper-webadmin-detect.yaml

* Updated tags for template weblogic-detect.yaml

* Updated tags for template s3-detect.yaml

* Updated tags for template tileserver-gl.yaml

* Updated tags for template springboot-actuator.yaml

* Updated tags for template terraform-detect.yaml

* Updated tags for template redmine-cli-detect.yaml

* Updated tags for template mrtg-detect.yaml

* Updated tags for template tableau-server-detect.yaml

* Updated tags for template magmi-detect.yaml

* Updated tags for template oidc-detect.yaml

* Updated tags for template tor-socks-proxy.yaml

* Updated tags for template synology-web-station.yaml

* Updated tags for template herokuapp-detect.yaml

* Updated tags for template gunicorn-detect.yaml

* Updated tags for template sql-server-reporting.yaml

* Updated tags for template google-bucket-service.yaml

* Updated tags for template kubernetes-mirantis.yaml

* Updated tags for template kubernetes-enterprise-manager.yaml

* Updated tags for template oracle-iplanet-web-server.yaml

* Updated tags for template dell-idrac7-detect.yaml

* Updated tags for template dell-idrac6-detect.yaml

* Updated tags for template dell-idrac9-detect.yaml

* Updated tags for template dell-idrac8-detect.yaml

* Updated tags for template apache-guacamole.yaml

* Updated tags for template aws-cloudfront-service.yaml

* Updated tags for template aws-bucket-service.yaml

* Updated tags for template nginx-linux-page.yaml

* Updated tags for template telerik-fileupload-detect.yaml

* Updated tags for template telerik-dialoghandler-detect.yaml

* Updated tags for template htaccess-config.yaml

* Updated tags for template microsoft-azure-error.yaml

* Updated tags for template detect-options-method.yaml

* Updated tags for template unpatched-coldfusion.yaml

* Updated tags for template moodle-changelog.yaml

* Updated tags for template detect-dns-over-https.yaml

* Updated tags for template CVE-2019-19134.yaml

* Updated tags for template CVE-2019-3929.yaml

* Updated tags for template CVE-2019-19908.yaml

* Updated tags for template CVE-2019-10475.yaml

* Updated tags for template CVE-2019-17382.yaml

* Updated tags for template CVE-2019-16332.yaml

* Updated tags for template CVE-2019-14974.yaml

* Updated tags for template CVE-2019-19368.yaml

* Updated tags for template CVE-2019-12725.yaml

* Updated tags for template CVE-2019-15501.yaml

* Updated tags for template CVE-2019-9733.yaml

* Updated tags for template CVE-2019-14322.yaml

* Updated tags for template CVE-2019-9955.yaml

* Updated tags for template CVE-2019-0230.yaml

* Updated tags for template CVE-2019-10232.yaml

* Updated tags for template CVE-2019-17506.yaml

* Updated tags for template CVE-2019-8449.yaml

* Updated tags for template CVE-2019-12593.yaml

* Updated tags for template CVE-2019-10092.yaml

* Updated tags for template CVE-2019-1821.yaml

* Updated tags for template CVE-2019-3401.yaml

* Updated tags for template CVE-2019-16662.yaml

* Updated tags for template CVE-2019-5418.yaml

* Updated tags for template CVE-2016-4975.yaml

* Updated tags for template CVE-2016-1000137.yaml

* Updated tags for template CVE-2016-7552.yaml

* Updated tags for template CVE-2016-10956.yaml

* Updated tags for template CVE-2016-1000146.yaml

* Updated tags for template CVE-2013-2251.yaml

* Updated tags for template CVE-2013-1965.yaml

* Updated tags for template CVE-2014-2323.yaml

* Updated tags for template CVE-2014-5111.yaml

* Updated tags for template CVE-2014-2962.yaml

* Updated tags for template CVE-2014-4561.yaml

* Updated tags for template CVE-2014-4558.yaml

* Updated tags for template CVE-2014-3120.yaml

* Updated tags for template CVE-2007-5728.yaml

* Updated tags for template CVE-2009-4679.yaml

* Updated tags for template CVE-2009-1558.yaml

* Updated tags for template CVE-2009-4202.yaml

* Updated tags for template CVE-2009-0932.yaml

* Updated tags for template CVE-2015-2068.yaml

* Updated tags for template CVE-2015-8813.yaml

* Updated tags for template CVE-2015-7450.yaml

* Updated tags for template CVE-2015-2067.yaml

* Updated tags for template CVE-2015-3306.yaml

* Updated tags for template CVE-2015-3337.yaml

* Updated tags for template CVE-2015-1427.yaml

* Updated tags for template CVE-2015-1503.yaml

* Updated tags for template CVE-2015-1880.yaml

* Updated tags for template CVE-2018-3810.yaml

* Updated tags for template CVE-2018-18069.yaml

* Updated tags for template CVE-2018-17246.yaml

* Updated tags for template CVE-2018-10141.yaml

* Updated tags for template CVE-2018-16341.yaml

* Updated tags for template CVE-2018-18777.yaml

* Updated tags for template CVE-2018-15138.yaml

* Updated tags for template CVE-2018-11784.yaml

* Updated tags for template CVE-2018-16299.yaml

* Updated tags for template CVE-2018-7251.yaml

* Updated tags for template CVE-2018-1273.yaml

* Updated tags for template CVE-2018-1271.yaml

* Updated tags for template CVE-2018-11759.yaml

* Updated tags for template CVE-2018-3167.yaml

* Updated tags for template CVE-2018-7490.yaml

* Updated tags for template CVE-2018-2628.yaml

* Updated tags for template CVE-2018-13380.yaml

* Updated tags for template CVE-2018-2893.yaml

* Updated tags for template CVE-2018-5316.yaml

* Updated tags for template CVE-2018-20985.yaml

* Updated tags for template CVE-2018-10818.yaml

* Updated tags for template CVE-2018-1000861.yaml

* Updated tags for template CVE-2018-0296.yaml

* Updated tags for template CVE-2018-19458.yaml

* Updated tags for template CVE-2018-3760.yaml

* Updated tags for template CVE-2018-12998.yaml

* Updated tags for template CVE-2018-9118.yaml

* Updated tags for template CVE-2018-1000130.yaml

* Updated tags for template CVE-2008-6668.yaml

* Updated tags for template CVE-2017-7269.yaml

* Updated tags for template CVE-2017-1000170.yaml

* Updated tags for template CVE-2017-16877.yaml

* Updated tags for template CVE-2017-1000486.yaml

* Updated tags for template CVE-2017-9822.yaml

* Updated tags for template CVE-2017-0929.yaml

* Updated tags for template CVE-2017-7921.yaml

* Updated tags for template CVE-2017-14535.yaml

* Updated tags for template CVE-2017-5521.yaml

* Updated tags for template CVE-2017-12637.yaml

* Updated tags for template CVE-2017-12635.yaml

* Updated tags for template CVE-2017-11610.yaml

* Updated tags for template CVE-2021-20114.yaml

* Updated tags for template CVE-2021-40856.yaml

* Updated tags for template CVE-2021-21972.yaml

* Updated tags for template CVE-2021-31602.yaml

* Updated tags for template CVE-2021-41773.yaml

* Updated tags for template CVE-2021-37704.yaml

* Updated tags for template CVE-2021-45046.yaml

* Updated tags for template CVE-2021-26084.yaml

* Updated tags for template CVE-2021-27931.yaml

* Updated tags for template CVE-2021-24291.yaml

* Updated tags for template CVE-2021-41648.yaml

* Updated tags for template CVE-2021-37216.yaml

* Updated tags for template CVE-2021-22005.yaml

* Updated tags for template CVE-2021-37573.yaml

* Updated tags for template CVE-2021-31755.yaml

* Updated tags for template CVE-2021-43287.yaml

* Updated tags for template CVE-2021-24274.yaml

* Updated tags for template CVE-2021-33564.yaml

* Updated tags for template CVE-2021-22145.yaml

* Updated tags for template CVE-2021-24237.yaml

* Updated tags for template CVE-2021-44848.yaml

* Updated tags for template CVE-2021-25646.yaml

* Updated tags for template CVE-2021-21816.yaml

* Updated tags for template CVE-2021-41649.yaml

* Updated tags for template CVE-2021-41291.yaml

* Updated tags for template CVE-2021-41293.yaml

* Updated tags for template CVE-2021-21801.yaml

* Updated tags for template CVE-2021-29156.yaml

* Updated tags for template CVE-2021-34370.yaml

* Updated tags for template CVE-2021-27132.yaml

* Updated tags for template CVE-2021-28151.yaml

* Updated tags for template CVE-2021-26812.yaml

* Updated tags for template CVE-2021-21985.yaml

* Updated tags for template CVE-2021-43778.yaml

* Updated tags for template CVE-2021-25281.yaml

* Updated tags for template CVE-2021-40539.yaml

* Updated tags for template CVE-2021-36749.yaml

* Updated tags for template CVE-2021-21234.yaml

* Updated tags for template CVE-2021-33221.yaml

* Updated tags for template CVE-2021-42013.yaml

* Updated tags for template CVE-2021-33807.yaml

* Updated tags for template CVE-2021-44228.yaml

* Updated tags for template CVE-2012-0896.yaml

* Updated tags for template CVE-2012-0991.yaml

* Updated tags for template CVE-2012-0392.yaml

* Updated tags for template CVE-2012-4940.yaml

* Updated tags for template CVE-2012-1226.yaml

* Updated tags for template CVE-2012-4878.yaml

* Updated tags for template CVE-2010-1304.yaml

* Updated tags for template CVE-2010-1217.yaml

* Updated tags for template CVE-2010-0759.yaml

* Updated tags for template CVE-2010-2307.yaml

* Updated tags for template CVE-2010-4231.yaml

* Updated tags for template CVE-2010-2861.yaml

* Updated tags for template CVE-2010-4282.yaml

* Updated tags for template CVE-2010-1302.yaml

* Updated tags for template CVE-2010-1461.yaml

* Updated tags for template CVE-2020-4463.yaml

* Updated tags for template CVE-2020-1943.yaml

* Updated tags for template CVE-2020-36289.yaml

* Updated tags for template CVE-2020-17518.yaml

* Updated tags for template CVE-2020-12800.yaml

* Updated tags for template CVE-2020-10770.yaml

* Updated tags for template CVE-2020-17506.yaml

* Updated tags for template CVE-2020-11547.yaml

* Updated tags for template CVE-2020-11034.yaml

* Updated tags for template CVE-2020-24589.yaml

* Updated tags for template CVE-2020-9054.yaml

* Updated tags for template CVE-2020-28976.yaml

* Updated tags for template CVE-2020-16952.yaml

* Updated tags for template CVE-2020-24312.yaml

* Updated tags for template CVE-2020-8512.yaml

* Updated tags for template CVE-2020-14179.yaml

* Updated tags for template CVE-2020-6308.yaml

* Updated tags for template CVE-2020-35846.yaml

* Updated tags for template CVE-2020-7318.yaml

* Updated tags for template CVE-2020-2140.yaml

* Updated tags for template CVE-2020-5410.yaml

* Updated tags for template CVE-2020-5777.yaml

* Updated tags for template CVE-2020-13700.yaml

* Updated tags for template CVE-2020-5775.yaml

* Updated tags for template CVE-2020-13167.yaml

* Updated tags for template CVE-2020-35848.yaml

* Updated tags for template CVE-2020-9484.yaml

* Updated tags for template CVE-2020-15505.yaml

* Updated tags for template CVE-2020-9047.yaml

* Updated tags for template CVE-2020-17519.yaml

* Updated tags for template CVE-2020-17505.yaml

* Updated tags for template CVE-2020-9376.yaml

* Updated tags for template CVE-2020-8497.yaml

* Updated tags for template CVE-2020-14092.yaml

* Updated tags for template CVE-2020-10148.yaml

* Updated tags for template CVE-2020-35847.yaml

* Updated tags for template CVE-2020-12116.yaml

* Updated tags for template CVE-2020-11930.yaml

* Updated tags for template CVE-2020-24186.yaml

* Updated tags for template CVE-2020-9496.yaml

* Updated tags for template CVE-2020-35489.yaml

* Updated tags for template CVE-2020-26413.yaml

* Updated tags for template CVE-2020-2096.yaml

* misc updates

* misc update

* more updates

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-05 01:04:16 +05:30
Sandeep Singh 4acf3ece75
Template syntax fixes (#3484)
* syntax fix

* more fixes
2022-01-05 00:22:08 +05:30
Muhammad Daffa c83d035fff
Seperate technology template (#3430)
* Edit magmi workflow

* Add some workflow template + edit some template

* Changing some templates

* minor update

* workflow matcher fixes

* tech update

* Seperate technology template

* Update metabase-panel.yaml

* Update lucee-detect.yaml

* Update oneblog-detect.yaml

* Update dolibarr-panel.yaml

* Update dolibarr-panel.yaml

* Update dolibarr-panel.yaml

* Update gespage-panel.yaml

* Update gespage-panel.yaml

* Update mautic-crm-panel.yaml

* Update kibana-panel.yaml

* Update metabase-panel.yaml

* Update home-assistant-detect.yaml

* Update jitsi-meet-detect.yaml

* Update lucee-detect.yaml

* Update gotmls-plugin-lfi.yaml

* Update and rename technologies/opencast-detect.yaml to exposed-panels/opencast-detect.yaml

* duplicate template - cves/2020/CVE-2020-11738.yaml

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
2021-12-31 17:57:46 +05:30
Muhammad Daffa 5c800a4ef7
Seperate technologies and exposed-panels templates (#3424)
* Edit magmi workflow

* Add some workflow template + edit some template

* Changing some templates

* minor update

* workflow matcher fixes

* tech update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-27 10:31:53 +05:30
sandeep 0425b36e10 moving templates around 2021-11-28 03:39:10 +05:30
sandeep 6220525d3e Added Golang expvar Information Disclosure
Co-Authored-By: Luqman <9842995+luqmanhy@users.noreply.github.com>
2021-11-13 02:03:22 +05:30
Prince Chaddha c1ca75e84d
Create desktop-ini-exposure.yaml 2021-11-08 13:03:22 +05:30
sandeep 8c3f98c767 fixed invalid template syntax 2021-10-30 16:47:35 +05:30
Prince Chaddha 8e730ca455
Create dwsync-exposure.yaml 2021-10-27 00:25:22 +05:30
Prince Chaddha 9e16035488
Merge pull request #2939 from martincodes-de/template/sensitive-idea-folder-files
add  template for  .idea files with sensitive data
2021-10-25 15:16:17 +05:30
Prince Chaddha 918c437dee
Update idea-folder-exposure.yaml 2021-10-24 14:32:00 +05:30
Prince Chaddha bc7d6e10be
Create idea-logs-exposure.yaml 2021-10-24 14:25:40 +05:30
Prince Chaddha 62643edb22
Update idea-folder-exposure.yaml 2021-10-24 14:23:37 +05:30
Prince Chaddha fc39fdd2f7
Update idea-folder-exposure.yaml 2021-10-21 19:29:49 +05:30
Prince Chaddha 709f6edbf7
Merge pull request #2948 from dahse89/add-config-symfony-security-config
Add Symfony Security Config Expose Template
2021-10-21 19:21:16 +05:30
Prince Chaddha 197c550fce
Update symfony-security-config.yaml 2021-10-21 19:19:21 +05:30
Prince Chaddha 9f197e6bf2
Merge pull request #2947 from sbani/php-errors
Merge PHP Errors Templates
2021-10-21 16:28:51 +05:30
Prince Chaddha 09d143b885
Update and rename .idea-folder-with-sensitive-files.yaml to idea-folder-exposure.yaml 2021-10-21 16:10:24 +05:30
Sufijen Bani ac9f713d97 Merge PHP Errors Templates
There was an extra error template for PHP warnings although there was
another template holding that already.

The status code check (500) is a step that would make sense for all of
the checks. This is not limited to warnings. Though I think that error
code 500 shrinks the result set too much in this case. That's why I
would leave it out.
2021-10-21 10:46:04 +02:00
Prince Chaddha a1be6ff566
Merge pull request #2945 from sbani/logs-folder
Add Deeper Search for Access Logs
2021-10-21 14:13:54 +05:30
Philipp Dahse fe4e6b8246 Add Symfony Security Config Expose Template
Symfony security contain information about used encryption algorithms and list which routes are protected
2021-10-21 10:33:56 +02:00
Sufijen Bani 378a682a5e Enhance Text Matching in Error Logs
Some words are missing that normally indicate that this is an error log.
2021-10-21 09:52:09 +02:00
Sufijen Bani 6d28009f5e Add Deeper Search for Access Logs
Search access logs in more folders. This happens for error logs too.
2021-10-21 09:42:50 +02:00
Sandeep Singh 5d6be591a0
Merge pull request #2934 from sbani/guntfile
Add Gruntfile Expose Test
2021-10-21 04:22:49 +05:30
sandeep cda7245de9 misc update 2021-10-21 04:21:52 +05:30
Sandeep Singh 00b0b7ecd0
Merge pull request #2936 from FlorianMaak/master
Add jetbrains datasource exposure check
2021-10-21 04:13:38 +05:30
Sandeep Singh 06b38542ff
Update jetbrains-datasources.yaml 2021-10-21 04:11:30 +05:30
martincodes 5f7519a89a add template for .idea files with sensitive data 2021-10-20 22:13:41 +02:00
Geeknik Labs ccc026ac70
Update github-workflows-disclosure.yaml
Might expose a SNYK_TOKEN
2021-10-20 13:44:17 -05:00
Florian Maak ecdb28d826 Add jetbrains datasource exposure check 2021-10-20 19:14:25 +02:00
Sufijen Bani 9ded2fcccf Add Gruntfile Expose Test
Gruntfile can include secrets or other information that helps find
further vulnerabilities.
2021-10-20 19:05:54 +02:00
Prince Chaddha 0152a2c355
Merge pull request #2917 from geeknik/patch-36
Create prometheus-config-endpoint.yaml
2021-10-19 22:28:09 +05:30
Prince Chaddha e2a074730e
Merge pull request #2919 from geeknik/patch-37
Create prometheus-flags-endpoint.yaml
2021-10-19 22:27:39 +05:30
Prince Chaddha c0857e0ab6
Merge pull request #2920 from geeknik/patch-38
Create prometheus-targets-endpoint.yaml
2021-10-19 22:27:23 +05:30
Prince Chaddha 8a69822285
Update prometheus-config-endpoint.yaml 2021-10-19 22:26:52 +05:30
Prince Chaddha 1d70ac6ccb
Update prometheus-flags-endpoint.yaml 2021-10-19 22:26:31 +05:30
Prince Chaddha a25a9f3020
Update prometheus-targets-endpoint.yaml 2021-10-19 22:25:44 +05:30
Prince Chaddha 6d13118df6
Update prometheus-targets-endpoint.yaml 2021-10-19 20:35:34 +05:30
Prince Chaddha 2893847959
Update prometheus-flags-endpoint.yaml 2021-10-19 20:34:13 +05:30
Prince Chaddha 8d36ebe1d6
Update prometheus-config-endpoint.yaml 2021-10-19 20:32:48 +05:30
Prince Chaddha 10c2314367
Update prometheus-flags-endpoint.yaml 2021-10-19 20:32:37 +05:30
Prince Chaddha 7016e71473
Update prometheus-config-endpoint.yaml 2021-10-19 20:27:46 +05:30
Philippe Delteil 667ee78cb5
Update sensitive-storage-exposure.yaml 2021-10-18 23:09:27 -03:00
Geeknik Labs c9f2ef68ed
Update prometheus-config-endpoint.yaml 2021-10-18 17:28:10 -05:00
Geeknik Labs eac799774d
Update prometheus-flags-endpoint.yaml 2021-10-18 14:36:49 -05:00
Geeknik Labs 86a8332187
Update prometheus-flags-endpoint.yaml
adding regex extractor to alert if `optional` Prometheus management API is enabled as per the linked reference article. 👍🏻
2021-10-18 13:51:11 -05:00
Geeknik Labs 72805491d0
Create prometheus-targets-endpoint.yaml 2021-10-18 13:44:55 -05:00
Geeknik Labs 0f20469e96
Update prometheus-flags-endpoint.yaml 2021-10-18 13:43:36 -05:00
Geeknik Labs a8a063d14c
Create prometheus-flags-endpoint.yaml 2021-10-18 13:36:27 -05:00
Geeknik Labs c7efad4b58
Create prometheus-config-endpoint.yaml 2021-10-18 13:35:04 -05:00
opp? aec00d0d11
add more tags to keycloak json file template 2021-10-18 13:38:04 -03:00
sandeep 233ca1fef9 improved regex to handle more cases 2021-10-13 11:53:02 +05:30
Geeknik Labs a476fc9ca4
Update laravel-env.yaml
added case insensitivity to the regex matcher
2021-10-08 11:30:44 -05:00
Sandeep Singh 4d52f354ee
Merge pull request #2853 from pdelteil/patch-66
Update zend-config-file.yaml
2021-10-08 19:15:45 +05:30
sandeep 8960821db1 Update zend-config-file.yaml 2021-10-08 19:15:26 +05:30
Philippe Delteil 976f695929
Update zend-config-file.yaml 2021-10-08 03:53:52 -03:00
Geeknik Labs 589a1c16ee
Update github-workflows-disclosure.yaml 2021-10-07 16:51:45 -05:00
Geeknik Labs 793f3474b0
Update github-workflows-disclosure.yaml
Add new paths
2021-10-07 16:50:57 -05:00
Prince Chaddha 5b5e764b48
Merge pull request #2787 from mr-rizwan-syed/master
wp-config-file and aws-s3-access-key-leak
2021-10-05 18:25:04 +05:30
Prince Chaddha 5c4dd11b6b
Rename misconfiguration/wpconfig-aws-keys.yaml to exposures/configs/wpconfig-aws-keys.yaml 2021-10-05 18:20:43 +05:30
Prince Chaddha 56c8c36ef2
Merge pull request #2802 from geeknik/patch-32
Create axiom-digitalocean-key-exposure.yaml
2021-10-05 09:34:53 +05:30
Prince Chaddha 74f0620a9f
Update axiom-digitalocean-key-exposure.yaml 2021-10-04 22:09:12 +05:30
sandeep 5618fcaa7e Update axiom-digitalocean-key-exposure.yaml 2021-10-02 04:41:32 +05:30
sandeep e08ccf85db adding missing condition 2021-10-02 04:37:10 +05:30
Geeknik Labs 2327224260
Update axiom-digitalocean-key-exposure.yaml 2021-10-01 13:22:35 -05:00
Geeknik Labs bdbf73cd34
Update tugboat-config-exposure.yaml 2021-10-01 13:21:58 -05:00
Geeknik Labs ec88d62ad4
Create axiom-digitalocean-key-exposure.yaml
create axiom-digitalocean-key-exposure.yaml
2021-10-01 13:20:23 -05:00
Geeknik Labs c05df76ed2
Create tugboat-config-exposure.yaml
Create tugboat-config-exposure.yaml
2021-10-01 13:13:35 -05:00
Prince Chaddha 807920c0ac clean-up 2021-09-21 17:16:53 +05:30
Prince Chaddha cf0edc490a
Rename crossdomin-xml.yaml to crossdomain-xml.yaml 2021-09-20 23:28:06 +05:30
Geeknik Labs 8eea40d15c
Update php-warning.yaml
Additional status matcher
2021-09-17 13:07:59 -05:00
Geeknik Labs 2cce7831a6
Update php-warning.yaml
Fixes #2705
2021-09-17 13:04:07 -05:00
Prince Chaddha ab4e6a4dd6
Merge pull request #2696 from DhiyaneshGeek/master
New Templates Added
2021-09-17 16:29:58 +05:30
Prince Chaddha 5858e3a01c
Update and rename exposures/logs/database-error.yaml to misconfiguration/database-error.yaml 2021-09-17 13:33:54 +05:30
Prince Chaddha 156daddde0
Update phpinfo.yaml 2021-09-17 13:20:06 +05:30
Prince Chaddha 0b7c12951c
Update php-warning.yaml 2021-09-17 13:13:40 +05:30
Prince Chaddha 52162716e5
Update and rename exposures/logs/zabbix-error.yaml to misconfiguration/zabbix-error.yaml 2021-09-17 13:00:35 +05:30
Prince Chaddha a3ce6426f6
Update database-error.yaml 2021-09-17 12:46:35 +05:30
Dhiyaneshwaran 24b40f5f5d
Update phpinfo.yaml 2021-09-17 08:19:28 +05:30
Dhiyaneshwaran 8554474fd2
Create database-error.yaml 2021-09-17 08:14:18 +05:30
Dhiyaneshwaran 4959b99a7d
Create zabbix-error.yaml 2021-09-17 08:11:38 +05:30
Dhiyaneshwaran 320c973288
Create php-warning.yaml 2021-09-17 08:07:18 +05:30
Sandeep Singh f47c4da9e8
Merge pull request #2694 from geeknik/geeknik-patch-1
MIscellaneous updates
2021-09-17 02:22:26 +05:30
sandeep f0cac598cb misc update 2021-09-17 02:18:04 +05:30
Geeknik Labs 56590675cf
Update squid-analysis-report-generator.yaml 2021-09-16 15:16:26 -05:00
Geeknik Labs 95664dfc18
Update credentials-disclosure.yaml 2021-09-16 15:13:12 -05:00
Geeknik Labs 42e644b7fd
Update bower-json.yaml 2021-09-16 15:11:24 -05:00
Dhiyaneshwaran cb80cbb537
Create dsm-terminator-error.yaml 2021-09-14 22:46:01 +05:30
Dhiyaneshwaran c225428932
Create struts-problem-report.yaml 2021-09-14 22:30:18 +05:30
Dhiyaneshwaran be24688a48
Create error-processing.yaml 2021-09-14 21:49:36 +05:30
sandeep bd24dc198e Coverage for all templates using tags 2021-09-09 19:08:13 +05:30
sandeep 609705f676 removed extra headers not required for template 2021-09-08 17:47:19 +05:30
sullo ef1f7c5e92 Updates across many templates for clarity, spelling, and grammar. 2021-09-05 17:13:45 -04:00
Sandeep Singh cdd022c29d
Merge pull request #2550 from projectdiscovery/adding-sfm
Added stop-at-first-match in applicable templates
2021-09-02 23:09:21 +05:30
sandeep 8b37808730 misc update 2021-09-02 22:57:55 +05:30
Geeknik Labs 5414f9a618
Update general-tokens.yaml 2021-09-02 10:36:46 -05:00
sandeep c266084621 Added stop-at-first-match in applicable templates 2021-09-02 17:29:10 +05:30
Sandeep Singh 0d1d2b3b1b
Merge pull request #2512 from DhiyaneshGeek/master
Webpack Sourcemap Disclosure
2021-09-02 00:34:56 +05:30
sandeep aeac5bbec3 misc update 2021-08-31 01:03:44 +05:30
Sandeep Singh 7608386bb3
Update dbeaver-credentials.yaml 2021-08-30 15:24:34 +05:30
Philippe Delteil 7a9093c8a7
Update dbeaver-credentials.yaml
Change solve the false positives due to  {} (empty response)

Example

nuclei -t nuclei-templates/exposures/configs/dbeaver-credentials.yaml -u https://lbs.map.qq.com
2021-08-30 02:55:35 -04:00
sandeep 8c1de71ec9 wip - update 2021-08-29 18:50:29 +05:30