Commit Graph

788 Commits (fe539a246639bde1bd6fe8fff4e2127cf13bc339)

Author SHA1 Message Date
Prince Chaddha 2d22147f0a
Update git-mailmap.yaml 2022-06-14 18:23:32 +05:30
sandeep a6cdc52be5 Update error-logs.yaml 2022-06-14 10:35:39 +05:30
sandeep fbc08895e0 additional error log path 2022-06-14 10:34:06 +05:30
Dhiyaneshwaran c37db734ae
Create vagrantfile-exposure.yaml 2022-06-13 00:52:41 +01:00
Dhiyaneshwaran 981c2463b2
Create editor-exposure.yaml 2022-06-13 00:48:02 +01:00
Dhiyaneshwaran 03484fb750
6 New Templates Added (Files,Config) (#4574)
* Create karma-configuration-file.yaml

* Update and rename karma-configuration-file.yaml to appveyor-configuration-file.yaml

* Create karma-config-js.yaml

* Create phpunit-result-cache-exposure.yaml

* Create styleci-yml-disclosure.yaml

* Create webpack-mix-js.yaml

* Create proxy-wpad-exposure.yaml

* Create wp-cli-exposure.yaml

* Create npm-shrinkwrap-exposure.yaml

* misc updates

* misc updates

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-06-12 13:01:58 +05:30
sandeep 2d5361a747 misc updates 2022-06-12 13:01:46 +05:30
sandeep e4271fc295 misc updates 2022-06-12 09:42:41 +05:30
Dhiyaneshwaran f84605ce62
Create npm-shrinkwrap-exposure.yaml 2022-06-12 00:50:45 +01:00
Dhiyaneshwaran d1ae2c5e54
Create wp-cli-exposure.yaml 2022-06-12 00:35:01 +01:00
Dhiyaneshwaran 01a186ecde
Create proxy-wpad-exposure.yaml 2022-06-12 00:25:33 +01:00
Dhiyaneshwaran f92969bc27
Create webpack-mix-js.yaml 2022-06-12 00:11:02 +01:00
Dhiyaneshwaran f1d28e65ff
Create styleci-yml-disclosure.yaml 2022-06-11 23:54:08 +01:00
Dhiyaneshwaran cc378bbbd9
Create phpunit-result-cache-exposure.yaml 2022-06-11 23:42:13 +01:00
Dhiyaneshwaran f2054b094b
AppVeyor , Karma Configuration File Exposure (#4573)
* Create karma-configuration-file.yaml

* Update and rename karma-configuration-file.yaml to appveyor-configuration-file.yaml

* Create karma-config-js.yaml
2022-06-11 23:53:03 +05:30
Dhiyaneshwaran 988f30ff78
Create karma-config-js.yaml 2022-06-11 08:09:39 +01:00
Dhiyaneshwaran 91d5588e5e
Update and rename karma-configuration-file.yaml to appveyor-configuration-file.yaml 2022-06-11 08:04:58 +01:00
Dhiyaneshwaran 6fb966568f
Create karma-configuration-file.yaml 2022-06-11 08:04:11 +01:00
NullFuzz 094538c568 Added git-logs-exposure Template 2022-06-10 12:39:27 -03:00
Prince Chaddha 580a82283b
Update azure-apim-secretkey.yaml 2022-06-10 20:16:12 +05:30
Prince Chaddha 1500365c41
Merge pull request #4548 from z3xddd/master
Create ciphersecretkey.yaml and apimsecretkey.yaml
2022-06-10 19:00:11 +05:30
Prince Chaddha 8bba01b57d
Update azure-apim-secretkey.yaml 2022-06-10 18:57:52 +05:30
Prince Chaddha 587292a4e1
Update cipher-secret-key.yaml 2022-06-10 18:57:47 +05:30
Prince Chaddha af2e5dd153
Update and rename ciphersecretkey.yaml to cipher-secret-key.yaml 2022-06-10 18:52:11 +05:30
Prince Chaddha 135a0a7e6c
Update and rename apimsecretkey.yaml to azure-apim-secretkey.yaml 2022-06-10 18:46:34 +05:30
MostInterestingBotInTheWorld b883737198
Dashboard Content Enhancements (#4567)
Dashboard Content Enhancements
2022-06-09 16:35:21 -04:00
Prince Chaddha 833ff4fb0f
Update azure-pipelines-exposed.yaml 2022-06-09 10:47:56 +05:30
Dhiyaneshwaran 0b8bde2e12
Create azure-pipelines-exposed.yaml 2022-06-08 23:12:20 +01:00
Alexandre ZANNI d8440ff2d0
GLPI Telemetry Disclosure: add CVE info (#4555)
* GLPI Telemetry Disclosure: add CVE info

* template file update

* misc update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-06-08 13:40:34 +05:30
Israel Comazzetto dos Reis 25baa25a8c
Update apimsecretkey.yaml 2022-06-06 15:07:10 -03:00
Israel Comazzetto dos Reis d0babf91ac
Create apimsecretkey.yaml 2022-06-06 15:04:14 -03:00
Israel Comazzetto dos Reis f102bad624
Create ciphersecretkey.yaml 2022-06-06 14:52:10 -03:00
Prince Chaddha 2373a4e299
Update git-mailmap.yaml 2022-06-06 17:35:15 +05:30
Prince Chaddha f9c32a2fa5
Update ftpconfig.yaml 2022-06-06 17:25:05 +05:30
Prince Chaddha 24678f6217
Update django-secret-key.yaml 2022-06-06 17:22:25 +05:30
Prince Chaddha ceaa145f58
Update php-ini.yaml 2022-06-06 17:18:34 +05:30
Dhiyaneshwaran a515b549d1
Update django-secret-key.yaml 2022-06-05 22:56:25 +01:00
Dhiyaneshwaran 71787a0e91
Create php-ini.yaml 2022-06-05 22:45:03 +01:00
Dhiyaneshwaran b4dc41e4d8
Create git-mailmap.yaml 2022-06-05 22:26:44 +01:00
Dhiyaneshwaran 55fa96c469
Create ftpconfig.yaml 2022-06-05 22:17:41 +01:00
Dhiyaneshwaran 6cbd6ba2c6
Create django-secret-key.yaml 2022-06-05 22:05:46 +01:00
Prince Chaddha a88b6eace8
Update appsettings-file-disclosure.yaml 2022-06-05 15:34:07 +05:30
Prince Chaddha 4db6f59eb8
Merge pull request #4533 from DhiyaneshGeek/master
Create appsettings-file-disclosure.yaml
2022-06-05 15:31:50 +05:30
Prince Chaddha 88fdd855b1
Update appsettings-file-disclosure.yaml 2022-06-05 15:28:09 +05:30
Dhiyaneshwaran 5266e5807a
Create appsettings-file-disclosure.yaml 2022-06-04 20:40:24 +01:00
sullo 88c150d2e0
Remove blank cve-id fields from templates. (#4516)
* Remove blank cve-id fields from templates.
Add cve-id to CVE-2022-0776.yaml

* Fix classification spelling
2022-05-31 20:04:35 +05:30
MostInterestingBotInTheWorld 809e87987c
Dashboard Content Enhancements (#4456)
Dashboard Content Enhancements
2022-05-20 17:38:52 -04:00
Prince Chaddha 72255ac94d
Update and rename xampp-environment-variable.yaml to xampp-environment-variables.yaml 2022-05-19 23:41:14 +05:30
Dhiyaneshwaran 5097ea2423
Create xampp-environment-variable.yaml 2022-05-19 17:07:46 +01:00
MostInterestingBotInTheWorld 581b7a627b
Dashboard Content Enhancements (#4381)
Dashboard Content Enhancements
2022-05-13 16:26:43 -04:00
Ritik Chaddha 27a039a70c
Update metadata query (#4350)
* Update adobe-component-login.yaml

* Update cold-fusion-cfcache-map.yaml

* Update unpatched-coldfusion.yaml

* Update coldfusion-debug-xss.yaml

* Update CVE-2020-11978.yaml

* Update CVE-2020-13927.yaml

* Update CVE-2021-38540.yaml

* Update CVE-2021-44451.yaml

* Update CVE-2022-24288.yaml

* Update airflow-debug.yaml

* Update airflow-detect.yaml

* Update CVE-2010-0219.yaml

* Update apache-axis-detect.yaml

* Update CVE-2020-11991.yaml

* Update apache-cocoon-detect.yaml

* Update CVE-2021-21402.yaml

* Update jellyfin-detect.yaml

* Update CVE-2021-21402.yaml

* Update CVE-2021-21402.yaml

* Update ecology-arbitrary-file-upload.yaml

* Update ecology-v8-sqli.yaml

* Update ecology-syncuserinfo-sqli.yaml

* Update ecology-filedownload-directory-traversal.yaml

* Update CNVD-2021-15822.yaml

* Update dedecms-carbuyaction-fileinclude.yaml

* Update dedecms-openredirect.yaml

* Update tamronos-rce.yaml

* Update natshell-path-traversal.yaml
2022-05-12 19:48:36 +05:30
Prince Chaddha ab766f2b05
Update msmtp-config.yaml 2022-05-12 02:07:01 +05:30
Prince Chaddha ec678deb4e
Update msmtp-config.yaml 2022-05-11 23:46:35 +05:30
geeknik 8d5b3a0a5b
Update msmtp-config.yaml 2022-05-11 08:49:08 -05:00
geeknik 3ba801f69b
Create msmtp-config.yaml 2022-05-11 08:46:48 -05:00
Ritik Chaddha 5aefe1ddf8 Update cold-fusion-cfcache-map.yaml 2022-05-10 15:44:04 +05:30
Prince Chaddha d7f2c8eb4a
Merge pull request #3104 from projectdiscovery/desktop-ini-exposure
Create desktop-ini-exposure.yaml
2022-05-01 02:43:02 +05:30
Prince Chaddha 8e2cd44448
Update desktop-ini-exposure.yaml 2022-05-01 02:34:12 +05:30
sandeep 03a8c16f71 tags update 2022-04-27 03:06:21 +05:30
Sandeep Singh 4080b51a48
Added Microsoft Azure - Domain Tenant ID exposure (#4145)
Co-Authored-By: V0idC0de <26016825+V0idC0de@users.noreply.github.com>

Co-authored-by: V0idC0de <26016825+V0idC0de@users.noreply.github.com>
2022-04-25 16:45:46 +05:30
Wim Mostmans 68bff41e27
Add detection template for webpack config files (#4218)
* Add detection template for webpack config files

* minor matcher update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-04-24 16:02:27 +05:30
Wim Mostmans cc3459a405
Add exposure detection for README.md files (#4220)
* Add exposure detection for README.md files

* misc updates

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-04-24 15:52:43 +05:30
geeknik 8af59950ae
Update general-tokens.yaml
add more cases
2022-04-22 13:05:48 -05:00
geeknik 095d66ce92
Update general-tokens.yaml 2022-04-22 12:48:33 -05:00
geeknik 57f06adffb
Update general-tokens.yaml
You can use `https://d1qmdf3vop2l07.cloudfront.net/zealous-moose.cloudvent.net/hash-store/e4de1149884ad087f92efb7819427956.js` as a before and after test to validate this change. 👍🏻
2022-04-22 12:43:22 -05:00
forgedhallpass 209538baa6 refactor: Description field uniformization
* info field reorder
* reference values refactored to list
* added new lines after the id and before the protocols
* removed extra new lines
* split really long descriptions to multiple lines (part 1)
* other minor fixes
2022-04-22 13:38:41 +03:00
MostInterestingBotInTheWorld 31312b1c19
Dashboard Content Enhancements (#4191)
Dashboard Content Enhancements
2022-04-21 17:16:41 -04:00
sandeep 338d4622bf parts update to use response instead of all 2022-04-20 20:08:07 +05:30
d[-_-]b d342a82225
Update zip-backup-files.yaml (#4158)
path with subdomain
2022-04-16 13:58:41 +05:30
MostInterestingBotInTheWorld 5730781afa
Dashboard Content Enhancements (#4157)
* Enhancement: exposures/files/joomla-file-listing.yaml by cs

* Enhancement: cves/2019/CVE-2019-5418.yaml by mp

* Enhancement: cves/2016/CVE-2016-10940.yaml by mp

* Enhancement: cves/2015/CVE-2015-4694.yaml by mp

* Enhancement: cves/2016/CVE-2016-10960.yaml by mp

* Enhancement: cves/2021/CVE-2021-20091.yaml by mp

* Enhancement: cves/2021/CVE-2021-20092.yaml by mp

* Enhancement: vulnerabilities/other/solar-log-authbypass.yaml by mp

* Enhancement: vulnerabilities/wordpress/churchope-lfi.yaml by mp

* Enhancement: vulnerabilities/other/solar-log-authbypass.yaml by mp

* Enhancement: cves/2017/CVE-2017-10075.yaml by mp

* Enhancement: cves/2021/CVE-2021-27358.yaml by mp

* Enhancement: cves/2017/CVE-2017-9833.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml by mp

* Enhancement: vulnerabilities/wordpress/wp-spot-premium-lfi.yaml by mp

* Enhancement: misconfiguration/symfony-debugmode.yaml by mp

* Enhancement: cves/2016/CVE-2016-10940.yaml by mp

* Enhancement: cves/2015/CVE-2015-4694.yaml by mp

* Enhancement: cves/2016/CVE-2016-10960.yaml by mp

* Enhancement: cves/2015/CVE-2015-4694.yaml by mp

* Enhancement: vulnerabilities/wordpress/churchope-lfi.yaml by mp

* Enhancement: cves/2017/CVE-2017-10075.yaml by mp

* Enhancement: cves/2021/CVE-2021-27358.yaml by mp

* Enhancement: vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml by mp

* Enhancement: vulnerabilities/wordpress/wp-spot-premium-lfi.yaml by mp

* Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp

* Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp

* Enhancement: vulnerabilities/wordpress/pieregister-open-redirect.yaml by mp

* Enhancement: cves/2021/CVE-2021-25055.yaml by mp

* Enhancement: cves/2021/CVE-2021-25028.yaml by mp

* Enhancement: vulnerabilities/wordpress/noptin-open-redirect.yaml by mp

* Enhancement: vulnerabilities/wordpress/elex-woocommerce-xss.yaml by mp

* Enhancement: vulnerabilities/wordpress/my-chatbot-xss.yaml by mp

* Enhancement: vulnerabilities/wordpress/wp-adaptive-xss.yaml by mp

* Enhancement: cves/2021/CVE-2021-24947.yaml by mp

* Enhancement: cves/2021/CVE-2021-24406.yaml by mp

* Enhancement: vulnerabilities/wordpress/elementorpage-open-redirect.yaml by mp

* Enhancement: cves/2016/CVE-2016-10033.yaml by mp

* Enhancement: cves/2021/CVE-2021-31682.yaml by mp

* Enhancement: vulnerabilities/wordpress/wp-woocommerce-file-download.yaml by mp

* Enhancement: cves/2021/CVE-2021-22986.yaml by mp

* Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp

* Enhancement: vulnerabilities/wordpress/pieregister-open-redirect.yaml by mp

* Enhancement: cves/2021/CVE-2021-25055.yaml by mp

* Enhancement: cves/2021/CVE-2021-25028.yaml by mp

* Enhancement: vulnerabilities/wordpress/noptin-open-redirect.yaml by mp

* Enhancement: vulnerabilities/wordpress/elex-woocommerce-xss.yaml by mp

* Enhancement: cves/2021/CVE-2021-24947.yaml by mp

* Enhancement: cves/2021/CVE-2021-24406.yaml by mp

* Enhancement: cves/2021/CVE-2021-22986.yaml by mp

* Enhancement: cves/2016/CVE-2016-10033.yaml by mp

* Enhancement: vulnerabilities/wordpress/elementorpage-open-redirect.yaml by mp

* Enhancement: cves/2021/CVE-2021-24406.yaml by mp

* Relocating to CVE folder

* Enhancement: cves/2017/CVE-2017-14651.yaml by mp

* Enhancement: cves/2020/CVE-2020-24589.yaml by mp

* Enhancement: vulnerabilities/confluence/confluence-ssrf-sharelinks.yaml by mp

* Enhancement: cves/2019/CVE-2019-2729.yaml by mp

* Enhancement: cves/2018/CVE-2018-2893.yaml by mp

* Enhancement: cves/2018/CVE-2018-2628.yaml by mp

* Enhancement: cves/2018/CVE-2018-3238.yaml by mp

* Enhancement: cves/2018/CVE-2018-3238.yaml by mp

* Enhancement: cves/2017/CVE-2017-3528.yaml by mp

* Enhancement: cves/2019/CVE-2019-2588.yaml by mp

* Enhancement: cves/2021/CVE-2021-31755.yaml by mp

* Enhancement: cves/2021/CVE-2021-42071.yaml by mp

* Enhancement: misconfiguration/zabbix-dashboards-access.yaml by mp

* Enhancement: cves/2017/CVE-2017-14651.yaml by mp

* Enhancement: cves/2020/CVE-2020-24589.yaml by mp

* Enhancement: vulnerabilities/confluence/confluence-ssrf-sharelinks.yaml by mp

* Enhancement: cves/2019/CVE-2019-2729.yaml by mp

* Enhancement: cves/2018/CVE-2018-2893.yaml by mp

* Enhancement: cves/2018/CVE-2018-3238.yaml by mp

* Enhancement: cves/2017/CVE-2017-3528.yaml by mp

* Enhancement: cves/2021/CVE-2021-42071.yaml by mp

* Syntax corrections
Added some cve-id fields
Removed duplicate dashboard comments

* Tag typo

Co-authored-by: sullo <sullo@cirt.net>
2022-04-15 12:39:44 -04:00
MostInterestingBotInTheWorld 45174dee16
Dashboard Content Enhancements (#4111)
Dashboard Content Enhancements
2022-04-11 10:42:35 -04:00
MostInterestingBotInTheWorld 9663595dd1
Dashboard Text Enhancements (#3948)
Dashboard content enhancements
2022-03-21 23:48:47 -04:00
Prince Chaddha b4e2c148b2
Merge pull request #3939 from geeknik/patch-46
Update exposed-gitignore.yaml
2022-03-21 13:17:01 +05:30
Prince Chaddha 1d06349297
Merge pull request #3940 from geeknik/patch-47
Update wp-app-log.yaml
2022-03-21 13:16:01 +05:30
geeknik 2554d8ed56
Update javascript-env.yaml 2022-03-20 19:51:06 -05:00
geeknik 88996f5a7c
Update javascript-env.yaml
Fix FP
2022-03-20 17:06:28 -05:00
geeknik 6f2f25e9c9
Update wp-app-log.yaml
Fix FP
2022-03-20 15:53:45 -05:00
geeknik 70c7799043
Update exposed-gitignore.yaml
Fix FP
2022-03-20 15:46:47 -05:00
sandeep 0a0d7c6213 severity update for token templates 2022-03-14 18:51:04 +05:30
sandeep 4d1166dfc1 syntax update 2022-03-13 18:34:50 +05:30
Prince Chaddha 69b9ad8d2c
Update swagger-api.yaml 2022-03-11 18:07:33 +05:30
Prince Chaddha ff34cc3be7
Update dbeaver-credentials.yaml 2022-03-11 17:48:28 +05:30
Geeknik Labs 08a7572275
Update laravel-env.yaml 2022-03-10 04:19:55 -06:00
Geeknik Labs 6f628e360f
Update laravel-env.yaml 2022-03-10 03:55:06 -06:00
Prince Chaddha 3b9d2ce475
Merge pull request #3800 from geeknik/patch-44
Update general-tokens.yaml
2022-03-03 16:30:34 +05:30
Sandeep Singh 4f757d74c9
Update prometheus-metrics.yaml 2022-03-02 22:38:05 +05:30
Philippe Delteil 929fe3f70c
Update and rename golang-metrics.yaml to prometheus-metrics.yaml
1. This is not a golang specific metric/config. It's an open source tool that runs on Go.
2. Added more variables since cpu_seconds_total might be disabled. 
3. Added a link to the tool. 
4. Change the id to be the same as the filename.
2022-03-02 11:59:13 -05:00
sullo 93e9c04f38 Merge branch 'dashboard' of https://github.com/MostInterestingBotInTheWorld/nuclei-templates into dashboard 2022-02-28 17:31:38 -05:00
Geeknik Labs f79df504ac
Update general-tokens.yaml
Fix FP
2022-02-28 11:46:34 -06:00
MostInterestingBotInTheWorld efc0fa1cca Enhancement: exposures/tokens/digitalocean/axiom-digitalocean-key-exposure.yaml by cs 2022-02-28 10:32:15 -05:00
MostInterestingBotInTheWorld f18404302a
Dashboard Text Enhancement (#3798)
Dashboard text enhancements
2022-02-28 09:09:26 -05:00
Sandeep Singh 2b1d4b3202
backup file template update (#3760)
* Updated backup template

Co-Authored-By: r0fus0d <r0fus0d@ffffffff0x.com>

* Update zip-backup-files.yaml

Co-authored-by: r0fus0d <r0fus0d@ffffffff0x.com>
2022-02-24 20:03:38 +05:30
Prince Chaddha f8a52f9be2
Update nuuno-network-login.yaml (#3701)
* Update nuuno-network-login.yaml

* Update panasonic-network-management.yaml

* Update cisco-network-config.yaml

* Update emerson-power-panel.yaml

* Update unifi-network-log4j-rce.yaml
2022-02-14 19:53:51 +05:30
sullo 01d74bebaa Spacing issue 2022-02-09 17:07:16 -05:00
sullo 24e91983c4 Duplicate comments & some spacing issues fixed 2022-02-09 17:04:19 -05:00
MostInterestingBotInTheWorld db9dd3ba66 Enhancement: exposures/files/phpunit.yaml by mp 2022-02-09 12:46:09 -05:00
MostInterestingBotInTheWorld 4df891b66d Enhancement: exposures/files/phpunit.yaml by mp 2022-02-09 12:34:14 -05:00
PikPikcU b8340217f7
Update swagger-api.yaml 2022-02-06 12:57:16 -05:00
Techbrunch 9bc17ecae0
Update swagger-api.yaml 2022-02-06 15:27:54 +01:00
Geeknik Labs 5645f7e9c6
Update credentials-disclosure.yaml
This new regex matches the following patterns:
```
air_table_api_key:"82973659213857235"
airtable_api_key: '28375628173562352'
"airtableapikey":'test'
"air_table_api_key":"test"
```
2022-01-27 12:26:15 -06:00
Sandeep Singh e321bf0ce2
Merge pull request #3576 from projectdiscovery/credentials-disclosure
Credentials disclosure refactor
2022-01-27 18:10:12 +05:30
Sullo 9a8482172d Remove:
- various nonstandard ascii chars in favor of the standard ones (mostly quotes)
 - spaces after : in some files
2022-01-25 14:38:53 -05:00
forgedhallpass 5b3e3dbdf0 refactor: credentials-disclosure.yaml & credential-exposure.yaml
* correction
2022-01-21 16:25:39 +02:00
forgedhallpass 840f25137e Merge remote-tracking branch 'origin/master' into credentials-disclosure 2022-01-21 16:02:06 +02:00
forgedhallpass 02c0417190 refactor: credentials-disclosure.yaml & credential-exposure.yaml
* Extended the regex to handle more use-cases
2022-01-21 15:55:19 +02:00
sandeep 1685477532 tags update 2022-01-21 15:24:20 +05:30
forgedhallpass da68c83220
Credentials disclosure refactor (#3552)
* misc updates
* fixed linter error: unnecessary escape of single quotes
* minor simplification of the last capture group
* replaced (=| =|:| :)(( \"|\")|( '|')) with \\s*[=:]\\s*[\"'] because it's more readable and also more permissive with white space characters
* changed the [a-z0-9-_] with [\w-] for readability
* removed the unnecessary capture group

Co-authored-by: Emad Youssef <48482029+Sy3Omda@users.noreply.github.com>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-18 16:25:55 +05:30
forgedhallpass 0ff3afe771 refactor: credentials-disclosure.yaml
* removed the unnecessary capture group
2022-01-18 11:35:45 +02:00
forgedhallpass a67af376e7 refactor: credentials-disclosure.yaml
* changed the [a-z0-9-_] with [\w-] for readability
2022-01-18 11:35:41 +02:00
forgedhallpass 98a2d89ad8 refactor: credentials-disclosure.yaml
* replaced (=| =|:| :)(( \"|\")|( '|')) with \\s*[=:]\\s*[\"'] because it's more readable and also more permissive with white space characters
2022-01-18 11:35:34 +02:00
forgedhallpass 66435721f9 refactor: credentials-disclosure.yaml
* fixed linter error: unnecessary escape of single quotes
* minor simplification of the last capture group
2022-01-18 11:35:29 +02:00
forgedhallpass 9ecf52ec0e
Merge pull request #3500 from Sy3Omda/master
Update credentials-disclosure.yaml
2022-01-18 11:34:22 +02:00
S Bani 7fd96b2c17
Add Template for Netbeans Configurations (#3527)
* Add Template for Netbeans Configurations

Netbeans configs might be exposed via the path `nbproject/project.properties`.
That file can leak secrets.

* severity update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-16 00:34:00 +05:30
sandeep fa7c2d3553 misc updates 2022-01-12 19:10:31 +05:30
Emad Youssef c5262cb836
Update credentials-disclosure.yaml 2022-01-07 21:36:35 +02:00
Sandeep Singh 5c8ccbd1e5
Added CGI script environment variable (#3498) 2022-01-07 14:02:29 +05:30
Pathtaga e281e5bf88
Updated all templates tags with technologies (#3478)
* Updated tags for template sonicwall-email-security-detect.yaml

* Updated tags for template detect-sentry.yaml

* Updated tags for template kong-detect.yaml

* Updated tags for template openam-detect.yaml

* Updated tags for template shiro-detect.yaml

* Updated tags for template iplanet-web-server.yaml

* Updated tags for template graylog-api-browser.yaml

* Updated tags for template prtg-detect.yaml

* Updated tags for template node-red-detect.yaml

* Updated tags for template abyss-web-server.yaml

* Updated tags for template geo-webserver.yaml

* Updated tags for template autobahn-python-detect.yaml

* Updated tags for template default-lighttpd-page.yaml

* Updated tags for template microsoft-iis-8.yaml

* Updated tags for template lucee-detect.yaml

* Updated tags for template php-proxy-detect.yaml

* Updated tags for template jenkins-detect.yaml

* Updated tags for template cockpit-detect.yaml

* Updated tags for template csrfguard-detect.yaml

* Updated tags for template dwr-index-detect.yaml

* Updated tags for template netsweeper-webadmin-detect.yaml

* Updated tags for template weblogic-detect.yaml

* Updated tags for template s3-detect.yaml

* Updated tags for template tileserver-gl.yaml

* Updated tags for template springboot-actuator.yaml

* Updated tags for template terraform-detect.yaml

* Updated tags for template redmine-cli-detect.yaml

* Updated tags for template mrtg-detect.yaml

* Updated tags for template tableau-server-detect.yaml

* Updated tags for template magmi-detect.yaml

* Updated tags for template oidc-detect.yaml

* Updated tags for template tor-socks-proxy.yaml

* Updated tags for template synology-web-station.yaml

* Updated tags for template herokuapp-detect.yaml

* Updated tags for template gunicorn-detect.yaml

* Updated tags for template sql-server-reporting.yaml

* Updated tags for template google-bucket-service.yaml

* Updated tags for template kubernetes-mirantis.yaml

* Updated tags for template kubernetes-enterprise-manager.yaml

* Updated tags for template oracle-iplanet-web-server.yaml

* Updated tags for template dell-idrac7-detect.yaml

* Updated tags for template dell-idrac6-detect.yaml

* Updated tags for template dell-idrac9-detect.yaml

* Updated tags for template dell-idrac8-detect.yaml

* Updated tags for template apache-guacamole.yaml

* Updated tags for template aws-cloudfront-service.yaml

* Updated tags for template aws-bucket-service.yaml

* Updated tags for template nginx-linux-page.yaml

* Updated tags for template telerik-fileupload-detect.yaml

* Updated tags for template telerik-dialoghandler-detect.yaml

* Updated tags for template htaccess-config.yaml

* Updated tags for template microsoft-azure-error.yaml

* Updated tags for template detect-options-method.yaml

* Updated tags for template unpatched-coldfusion.yaml

* Updated tags for template moodle-changelog.yaml

* Updated tags for template detect-dns-over-https.yaml

* Updated tags for template CVE-2019-19134.yaml

* Updated tags for template CVE-2019-3929.yaml

* Updated tags for template CVE-2019-19908.yaml

* Updated tags for template CVE-2019-10475.yaml

* Updated tags for template CVE-2019-17382.yaml

* Updated tags for template CVE-2019-16332.yaml

* Updated tags for template CVE-2019-14974.yaml

* Updated tags for template CVE-2019-19368.yaml

* Updated tags for template CVE-2019-12725.yaml

* Updated tags for template CVE-2019-15501.yaml

* Updated tags for template CVE-2019-9733.yaml

* Updated tags for template CVE-2019-14322.yaml

* Updated tags for template CVE-2019-9955.yaml

* Updated tags for template CVE-2019-0230.yaml

* Updated tags for template CVE-2019-10232.yaml

* Updated tags for template CVE-2019-17506.yaml

* Updated tags for template CVE-2019-8449.yaml

* Updated tags for template CVE-2019-12593.yaml

* Updated tags for template CVE-2019-10092.yaml

* Updated tags for template CVE-2019-1821.yaml

* Updated tags for template CVE-2019-3401.yaml

* Updated tags for template CVE-2019-16662.yaml

* Updated tags for template CVE-2019-5418.yaml

* Updated tags for template CVE-2016-4975.yaml

* Updated tags for template CVE-2016-1000137.yaml

* Updated tags for template CVE-2016-7552.yaml

* Updated tags for template CVE-2016-10956.yaml

* Updated tags for template CVE-2016-1000146.yaml

* Updated tags for template CVE-2013-2251.yaml

* Updated tags for template CVE-2013-1965.yaml

* Updated tags for template CVE-2014-2323.yaml

* Updated tags for template CVE-2014-5111.yaml

* Updated tags for template CVE-2014-2962.yaml

* Updated tags for template CVE-2014-4561.yaml

* Updated tags for template CVE-2014-4558.yaml

* Updated tags for template CVE-2014-3120.yaml

* Updated tags for template CVE-2007-5728.yaml

* Updated tags for template CVE-2009-4679.yaml

* Updated tags for template CVE-2009-1558.yaml

* Updated tags for template CVE-2009-4202.yaml

* Updated tags for template CVE-2009-0932.yaml

* Updated tags for template CVE-2015-2068.yaml

* Updated tags for template CVE-2015-8813.yaml

* Updated tags for template CVE-2015-7450.yaml

* Updated tags for template CVE-2015-2067.yaml

* Updated tags for template CVE-2015-3306.yaml

* Updated tags for template CVE-2015-3337.yaml

* Updated tags for template CVE-2015-1427.yaml

* Updated tags for template CVE-2015-1503.yaml

* Updated tags for template CVE-2015-1880.yaml

* Updated tags for template CVE-2018-3810.yaml

* Updated tags for template CVE-2018-18069.yaml

* Updated tags for template CVE-2018-17246.yaml

* Updated tags for template CVE-2018-10141.yaml

* Updated tags for template CVE-2018-16341.yaml

* Updated tags for template CVE-2018-18777.yaml

* Updated tags for template CVE-2018-15138.yaml

* Updated tags for template CVE-2018-11784.yaml

* Updated tags for template CVE-2018-16299.yaml

* Updated tags for template CVE-2018-7251.yaml

* Updated tags for template CVE-2018-1273.yaml

* Updated tags for template CVE-2018-1271.yaml

* Updated tags for template CVE-2018-11759.yaml

* Updated tags for template CVE-2018-3167.yaml

* Updated tags for template CVE-2018-7490.yaml

* Updated tags for template CVE-2018-2628.yaml

* Updated tags for template CVE-2018-13380.yaml

* Updated tags for template CVE-2018-2893.yaml

* Updated tags for template CVE-2018-5316.yaml

* Updated tags for template CVE-2018-20985.yaml

* Updated tags for template CVE-2018-10818.yaml

* Updated tags for template CVE-2018-1000861.yaml

* Updated tags for template CVE-2018-0296.yaml

* Updated tags for template CVE-2018-19458.yaml

* Updated tags for template CVE-2018-3760.yaml

* Updated tags for template CVE-2018-12998.yaml

* Updated tags for template CVE-2018-9118.yaml

* Updated tags for template CVE-2018-1000130.yaml

* Updated tags for template CVE-2008-6668.yaml

* Updated tags for template CVE-2017-7269.yaml

* Updated tags for template CVE-2017-1000170.yaml

* Updated tags for template CVE-2017-16877.yaml

* Updated tags for template CVE-2017-1000486.yaml

* Updated tags for template CVE-2017-9822.yaml

* Updated tags for template CVE-2017-0929.yaml

* Updated tags for template CVE-2017-7921.yaml

* Updated tags for template CVE-2017-14535.yaml

* Updated tags for template CVE-2017-5521.yaml

* Updated tags for template CVE-2017-12637.yaml

* Updated tags for template CVE-2017-12635.yaml

* Updated tags for template CVE-2017-11610.yaml

* Updated tags for template CVE-2021-20114.yaml

* Updated tags for template CVE-2021-40856.yaml

* Updated tags for template CVE-2021-21972.yaml

* Updated tags for template CVE-2021-31602.yaml

* Updated tags for template CVE-2021-41773.yaml

* Updated tags for template CVE-2021-37704.yaml

* Updated tags for template CVE-2021-45046.yaml

* Updated tags for template CVE-2021-26084.yaml

* Updated tags for template CVE-2021-27931.yaml

* Updated tags for template CVE-2021-24291.yaml

* Updated tags for template CVE-2021-41648.yaml

* Updated tags for template CVE-2021-37216.yaml

* Updated tags for template CVE-2021-22005.yaml

* Updated tags for template CVE-2021-37573.yaml

* Updated tags for template CVE-2021-31755.yaml

* Updated tags for template CVE-2021-43287.yaml

* Updated tags for template CVE-2021-24274.yaml

* Updated tags for template CVE-2021-33564.yaml

* Updated tags for template CVE-2021-22145.yaml

* Updated tags for template CVE-2021-24237.yaml

* Updated tags for template CVE-2021-44848.yaml

* Updated tags for template CVE-2021-25646.yaml

* Updated tags for template CVE-2021-21816.yaml

* Updated tags for template CVE-2021-41649.yaml

* Updated tags for template CVE-2021-41291.yaml

* Updated tags for template CVE-2021-41293.yaml

* Updated tags for template CVE-2021-21801.yaml

* Updated tags for template CVE-2021-29156.yaml

* Updated tags for template CVE-2021-34370.yaml

* Updated tags for template CVE-2021-27132.yaml

* Updated tags for template CVE-2021-28151.yaml

* Updated tags for template CVE-2021-26812.yaml

* Updated tags for template CVE-2021-21985.yaml

* Updated tags for template CVE-2021-43778.yaml

* Updated tags for template CVE-2021-25281.yaml

* Updated tags for template CVE-2021-40539.yaml

* Updated tags for template CVE-2021-36749.yaml

* Updated tags for template CVE-2021-21234.yaml

* Updated tags for template CVE-2021-33221.yaml

* Updated tags for template CVE-2021-42013.yaml

* Updated tags for template CVE-2021-33807.yaml

* Updated tags for template CVE-2021-44228.yaml

* Updated tags for template CVE-2012-0896.yaml

* Updated tags for template CVE-2012-0991.yaml

* Updated tags for template CVE-2012-0392.yaml

* Updated tags for template CVE-2012-4940.yaml

* Updated tags for template CVE-2012-1226.yaml

* Updated tags for template CVE-2012-4878.yaml

* Updated tags for template CVE-2010-1304.yaml

* Updated tags for template CVE-2010-1217.yaml

* Updated tags for template CVE-2010-0759.yaml

* Updated tags for template CVE-2010-2307.yaml

* Updated tags for template CVE-2010-4231.yaml

* Updated tags for template CVE-2010-2861.yaml

* Updated tags for template CVE-2010-4282.yaml

* Updated tags for template CVE-2010-1302.yaml

* Updated tags for template CVE-2010-1461.yaml

* Updated tags for template CVE-2020-4463.yaml

* Updated tags for template CVE-2020-1943.yaml

* Updated tags for template CVE-2020-36289.yaml

* Updated tags for template CVE-2020-17518.yaml

* Updated tags for template CVE-2020-12800.yaml

* Updated tags for template CVE-2020-10770.yaml

* Updated tags for template CVE-2020-17506.yaml

* Updated tags for template CVE-2020-11547.yaml

* Updated tags for template CVE-2020-11034.yaml

* Updated tags for template CVE-2020-24589.yaml

* Updated tags for template CVE-2020-9054.yaml

* Updated tags for template CVE-2020-28976.yaml

* Updated tags for template CVE-2020-16952.yaml

* Updated tags for template CVE-2020-24312.yaml

* Updated tags for template CVE-2020-8512.yaml

* Updated tags for template CVE-2020-14179.yaml

* Updated tags for template CVE-2020-6308.yaml

* Updated tags for template CVE-2020-35846.yaml

* Updated tags for template CVE-2020-7318.yaml

* Updated tags for template CVE-2020-2140.yaml

* Updated tags for template CVE-2020-5410.yaml

* Updated tags for template CVE-2020-5777.yaml

* Updated tags for template CVE-2020-13700.yaml

* Updated tags for template CVE-2020-5775.yaml

* Updated tags for template CVE-2020-13167.yaml

* Updated tags for template CVE-2020-35848.yaml

* Updated tags for template CVE-2020-9484.yaml

* Updated tags for template CVE-2020-15505.yaml

* Updated tags for template CVE-2020-9047.yaml

* Updated tags for template CVE-2020-17519.yaml

* Updated tags for template CVE-2020-17505.yaml

* Updated tags for template CVE-2020-9376.yaml

* Updated tags for template CVE-2020-8497.yaml

* Updated tags for template CVE-2020-14092.yaml

* Updated tags for template CVE-2020-10148.yaml

* Updated tags for template CVE-2020-35847.yaml

* Updated tags for template CVE-2020-12116.yaml

* Updated tags for template CVE-2020-11930.yaml

* Updated tags for template CVE-2020-24186.yaml

* Updated tags for template CVE-2020-9496.yaml

* Updated tags for template CVE-2020-35489.yaml

* Updated tags for template CVE-2020-26413.yaml

* Updated tags for template CVE-2020-2096.yaml

* misc updates

* misc update

* more updates

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-05 01:04:16 +05:30
Sandeep Singh 4acf3ece75
Template syntax fixes (#3484)
* syntax fix

* more fixes
2022-01-05 00:22:08 +05:30
Muhammad Daffa c83d035fff
Seperate technology template (#3430)
* Edit magmi workflow

* Add some workflow template + edit some template

* Changing some templates

* minor update

* workflow matcher fixes

* tech update

* Seperate technology template

* Update metabase-panel.yaml

* Update lucee-detect.yaml

* Update oneblog-detect.yaml

* Update dolibarr-panel.yaml

* Update dolibarr-panel.yaml

* Update dolibarr-panel.yaml

* Update gespage-panel.yaml

* Update gespage-panel.yaml

* Update mautic-crm-panel.yaml

* Update kibana-panel.yaml

* Update metabase-panel.yaml

* Update home-assistant-detect.yaml

* Update jitsi-meet-detect.yaml

* Update lucee-detect.yaml

* Update gotmls-plugin-lfi.yaml

* Update and rename technologies/opencast-detect.yaml to exposed-panels/opencast-detect.yaml

* duplicate template - cves/2020/CVE-2020-11738.yaml

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
2021-12-31 17:57:46 +05:30
Muhammad Daffa 5c800a4ef7
Seperate technologies and exposed-panels templates (#3424)
* Edit magmi workflow

* Add some workflow template + edit some template

* Changing some templates

* minor update

* workflow matcher fixes

* tech update

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-27 10:31:53 +05:30
sandeep 0425b36e10 moving templates around 2021-11-28 03:39:10 +05:30
sandeep 6220525d3e Added Golang expvar Information Disclosure
Co-Authored-By: Luqman <9842995+luqmanhy@users.noreply.github.com>
2021-11-13 02:03:22 +05:30
Prince Chaddha c1ca75e84d
Create desktop-ini-exposure.yaml 2021-11-08 13:03:22 +05:30
sandeep 8c3f98c767 fixed invalid template syntax 2021-10-30 16:47:35 +05:30
Prince Chaddha 8e730ca455
Create dwsync-exposure.yaml 2021-10-27 00:25:22 +05:30
Prince Chaddha 9e16035488
Merge pull request #2939 from martincodes-de/template/sensitive-idea-folder-files
add  template for  .idea files with sensitive data
2021-10-25 15:16:17 +05:30
Prince Chaddha 918c437dee
Update idea-folder-exposure.yaml 2021-10-24 14:32:00 +05:30
Prince Chaddha bc7d6e10be
Create idea-logs-exposure.yaml 2021-10-24 14:25:40 +05:30
Prince Chaddha 62643edb22
Update idea-folder-exposure.yaml 2021-10-24 14:23:37 +05:30
Prince Chaddha fc39fdd2f7
Update idea-folder-exposure.yaml 2021-10-21 19:29:49 +05:30
Prince Chaddha 709f6edbf7
Merge pull request #2948 from dahse89/add-config-symfony-security-config
Add Symfony Security Config Expose Template
2021-10-21 19:21:16 +05:30
Prince Chaddha 197c550fce
Update symfony-security-config.yaml 2021-10-21 19:19:21 +05:30
Prince Chaddha 9f197e6bf2
Merge pull request #2947 from sbani/php-errors
Merge PHP Errors Templates
2021-10-21 16:28:51 +05:30
Prince Chaddha 09d143b885
Update and rename .idea-folder-with-sensitive-files.yaml to idea-folder-exposure.yaml 2021-10-21 16:10:24 +05:30
Sufijen Bani ac9f713d97 Merge PHP Errors Templates
There was an extra error template for PHP warnings although there was
another template holding that already.

The status code check (500) is a step that would make sense for all of
the checks. This is not limited to warnings. Though I think that error
code 500 shrinks the result set too much in this case. That's why I
would leave it out.
2021-10-21 10:46:04 +02:00
Prince Chaddha a1be6ff566
Merge pull request #2945 from sbani/logs-folder
Add Deeper Search for Access Logs
2021-10-21 14:13:54 +05:30
Philipp Dahse fe4e6b8246 Add Symfony Security Config Expose Template
Symfony security contain information about used encryption algorithms and list which routes are protected
2021-10-21 10:33:56 +02:00
Sufijen Bani 378a682a5e Enhance Text Matching in Error Logs
Some words are missing that normally indicate that this is an error log.
2021-10-21 09:52:09 +02:00
Sufijen Bani 6d28009f5e Add Deeper Search for Access Logs
Search access logs in more folders. This happens for error logs too.
2021-10-21 09:42:50 +02:00
Sandeep Singh 5d6be591a0
Merge pull request #2934 from sbani/guntfile
Add Gruntfile Expose Test
2021-10-21 04:22:49 +05:30
sandeep cda7245de9 misc update 2021-10-21 04:21:52 +05:30
Sandeep Singh 00b0b7ecd0
Merge pull request #2936 from FlorianMaak/master
Add jetbrains datasource exposure check
2021-10-21 04:13:38 +05:30
Sandeep Singh 06b38542ff
Update jetbrains-datasources.yaml 2021-10-21 04:11:30 +05:30
martincodes 5f7519a89a add template for .idea files with sensitive data 2021-10-20 22:13:41 +02:00
Geeknik Labs ccc026ac70
Update github-workflows-disclosure.yaml
Might expose a SNYK_TOKEN
2021-10-20 13:44:17 -05:00
Florian Maak ecdb28d826 Add jetbrains datasource exposure check 2021-10-20 19:14:25 +02:00
Sufijen Bani 9ded2fcccf Add Gruntfile Expose Test
Gruntfile can include secrets or other information that helps find
further vulnerabilities.
2021-10-20 19:05:54 +02:00
Prince Chaddha 0152a2c355
Merge pull request #2917 from geeknik/patch-36
Create prometheus-config-endpoint.yaml
2021-10-19 22:28:09 +05:30
Prince Chaddha e2a074730e
Merge pull request #2919 from geeknik/patch-37
Create prometheus-flags-endpoint.yaml
2021-10-19 22:27:39 +05:30
Prince Chaddha c0857e0ab6
Merge pull request #2920 from geeknik/patch-38
Create prometheus-targets-endpoint.yaml
2021-10-19 22:27:23 +05:30