id: apiman-panel

info:
  name: Apiman Login Panel
  author: righettod
  severity: info
  description: An Apiman instance was detected via the login redirection.
  reference:
    - https://www.apiman.io/latest/
  classification:
    cwe-id: CWE-200
  metadata:
    max-request: 1
  tags: panel,apiman

http:
  - method: GET
    path:
      - "{{BaseURL}}/apimanui/api-manager"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "/auth/realms/apiman"
        part: header

      - type: status
        status:
          - 302

# digest: 4b0a00483046022100b79ecda1929aedc281bad1fc900d632afc56bb2305a46933fc7a7d3446a2e2cd022100d538233edfb8d9c36e38b1188932e0de90768e3f35b8cc44b8f308026a7702f4:922c64590222798bb761d5b6d8e72950