id: wildcard-tls

info:
  name: Wildcard TLS Certificate
  author: lucky0x0d
  severity: info
  description: |
    Checks a sites certificate to see if there are wildcard CN or SAN entries.
  reference:
    - https://cheatsheetseries.owasp.org/cheatsheets/Transport_Layer_Protection_Cheat_Sheet.html#carefully-consider-the-use-of-wildcard-certificates
  metadata:
    max-request: 1
  tags: ssl,wildcard,tls
ssl:
  - address: "{{Host}}:{{Port}}"
    matchers:
      - type: dsl
        dsl:
          - wildcard_certificate == true

    extractors:
      - type: dsl
        dsl:
          - '"CN: " + subject_cn'
          - '" SAN: " + subject_an'