daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
5,631 Commits
17 Branches
0 Tags
160 MiB
Commit Graph

5631 Commits (b9c59c18a3f44fe272cb2b35d6cd0e24cff7607a)

Author SHA1 Message Date
sandeep 2953942c3c Added CVE-2021-24285 2021-06-09 03:13:23 +05:30
Sandeep Singh 3188ad1585
Merge pull request #1649 from projectdiscovery/CVE-2018-1247-fix 
CVE-2018-1247 fix
 2021-06-09 01:41:24 +05:30
sandeep 68642e226b CVE-2018-1247 fix 2021-06-09 01:40:02 +05:30
Sandeep Singh d3ee316e1e
Merge pull request #1648 from projectdiscovery/wordpress-db-repair-fix 
Adding more conditions
 2021-06-09 01:35:18 +05:30
sandeep c273587fa9 Adding more conditions 2021-06-09 01:34:02 +05:30
GitHub Action 9bd8cff5d7 Auto Update README [Tue Jun 8 19:54:25 UTC 2021] 🤖 2021-06-08 19:54:25 +00:00
Sandeep Singh e2c25db028
Merge pull request #1647 from Mad-robot/master 
Oracle BI XXE
 2021-06-09 01:24:07 +05:30
sandeep 799af2e5fb minor update 2021-06-09 01:23:13 +05:30
SaN ThosH aca824b910
Update CVE-2019-2767.yaml 2021-06-08 21:59:59 +05:30
SaN ThosH ff9b9a871c
Update CVE-2019-2767.yaml 2021-06-08 21:53:28 +05:30
SaN ThosH 41784d5261
Update CVE-2019-2767.yaml 2021-06-08 21:52:58 +05:30
SaN ThosH 169d64a3ff
Create CVE-2019-2767.yaml 2021-06-08 21:49:35 +05:30
sandeep b3021288d8 path update 2021-06-08 18:12:04 +05:30
Prince Chaddha 3fce64a66a
Merge pull request #1645 from geeknik/patch-103 
Update server-private-keys.yaml
 2021-06-08 13:50:06 +05:30
Geeknik Labs 3a307fdcdd
Update server-private-keys.yaml 2021-06-08 00:06:01 +00:00
Geeknik Labs 578f83f39a
Update server-private-keys.yaml 
Adding support for JWT private key detection.
 2021-06-08 00:04:02 +00:00
GitHub Action 80a84d75a2 Auto Update README [Mon Jun 7 19:04:39 UTC 2021] 🤖 2021-06-07 19:04:39 +00:00
Sandeep Singh 77b0e8ae07
Merge pull request #1644 from projectdiscovery/DhiyaneshGeek/master 
Dhiyanesh geek/master
 2021-06-08 00:34:21 +05:30
sandeep 1851068721 Updated matcher 2021-06-08 00:33:06 +05:30
sandeep 6d0afe217d misc changes 2021-06-08 00:19:14 +05:30
sandeep 52a7bfa124 minor updates 2021-06-07 20:22:33 +05:30
sandeep 0fe0d327b0 moving files around 2021-06-07 19:57:59 +05:30
sandeep bac42743a9 move files around 2021-06-07 19:50:37 +05:30
Dhiyaneshwaran 5eb6af15bd
Create shellscripts.yaml 2021-06-06 19:39:29 +05:30
Dhiyaneshwaran 52adac2e12
Create firebase-urls.yaml 2021-06-06 19:38:51 +05:30
Dhiyaneshwaran e69eb970f4
Create email-address-extraction.yaml 2021-06-06 19:38:09 +05:30
Dhiyaneshwaran 158914d4db
Create artifactory-anonymous-deploy.yaml 2021-06-06 19:37:32 +05:30
Dhiyaneshwaran 0ca3da9a28
Create apple-app-site-association.yaml 2021-06-06 19:36:34 +05:30
Dhiyaneshwaran c355e326ec
Merge pull request #56 from projectdiscovery/master 
Updation
 2021-06-06 19:34:38 +05:30
GitHub Action da3d19eecb Auto Update README [Sun Jun 6 12:28:42 UTC 2021] 🤖 2021-06-06 12:28:42 +00:00
Prince Chaddha 1d07ace8a5
Merge pull request #1634 from DhiyaneshGeek/master 
Exposed jQuery File Upload
 2021-06-06 17:58:25 +05:30
Prince Chaddha 6649abf131
Update exposed-jquery-file-upload.yaml 2021-06-06 17:55:05 +05:30
sandeep 1b879d1dc7 Added missing condition 2021-06-06 17:44:27 +05:30
Sandeep Singh 25fdd0068e
Merge pull request #1632 from geeknik/patch-103 
Update rails-database-config.yaml
 2021-06-06 14:16:53 +05:30
sandeep 9b3c3ec7a0 tags + additional string match 2021-06-06 14:14:01 +05:30
Sandeep Singh 6244641122
Merge pull request #1633 from pdelteil/patch-5 
Update smartling-takeover.yaml
 2021-06-06 14:06:51 +05:30
Sandeep Singh aa01e47d28
Merge pull request #1641 from nrathaus/master 
Spelling
 2021-06-06 14:06:23 +05:30
Sandeep Singh fae9755374
Merge pull request #1639 from pdelteil/patch-9 
Update shell-history.yaml
 2021-06-06 13:40:47 +05:30
sandeep 0cf8ffdc57 misc changes 2021-06-06 13:39:16 +05:30
Sandeep Singh 108894bfbd
Merge pull request #1638 from pdelteil/patch-8 
Update aws-object-listing.yaml
 2021-06-06 13:19:23 +05:30
sandeep e2eaedc6a1 misc updates 2021-06-06 13:19:01 +05:30
Noam Rathaus 8b0c5eaee3 Spelling 2021-06-06 10:35:09 +03:00
Sandeep Singh 99550ea082
Merge pull request #1640 from pdelteil/patch-10 
Update phpmyadmin-panel.yaml
 2021-06-06 12:43:23 +05:30
sandeep 5bed289288 Update phpmyadmin-panel.yaml 2021-06-06 12:41:30 +05:30
sandeep c8dd574555 Minor improvements 2021-06-06 12:07:19 +05:30
Philippe Delteil c0c29d26ba
Update phpmyadmin-panel.yaml 
Extractor added to retrieve version. 
Test

nuclei -t nuclei-templates/exposed-panels/phpmyadmin-panel.yaml -u https://mojavedata.gov
 2021-06-05 22:22:14 -04:00
Philippe Delteil 652da29f9a
Update shell-history.yaml 
There are two problems with this template, it only checks for chmod commands but most importantly doesn't check for html tags. A real history file the response doesn't include html tags at all. 

So, I'm adding two rules: Check for another possible commands (from real example) and adding a negative rule to discard false positives like this one:

nuclei -debug -t /home/kali/nuclei-templates/misconfiguration/shell-history.yaml -u http://777.urbanup.com
 2021-06-05 22:06:30 -04:00
Philippe Delteil 9014a4b0a2
Update aws-object-listing.yaml 
Added extractor that retrieves the name of the s3 bucket. 

Test
nuclei -t nuclei-templates/misconfiguration/aws-object-listing.yaml -u http://img.secnews.gr


[2021-06-06 01:19:10] [aws-object-listing] [http] [low] http://imgcdn.secnews.gr [img.secnews.gr]
 2021-06-05 21:27:44 -04:00
Philippe Delteil 888cc6418d
Update smartling-takeover.yaml 
There's no evidence the takeover is possible. Is not possible to create an account or request for a demo. 

https://github.com/EdOverflow/can-i-take-over-xyz/issues/67
 2021-06-05 12:35:27 -04:00
Dhiyaneshwaran 0d82660f90
Create exposed-jquery-file-upload.yaml 2021-06-05 22:04:09 +05:30