id: salesforce-aura info: name: Detect the exposure of Salesforce Lightning aura API author: aaron_costello (@ConspiracyProof) severity: info reference: https://www.enumerated.de/index/salesforce tags: aura,unauth,salesforce requests: - method: POST path: - "{{BaseURL}}/aura" - "{{BaseURL}}/s/sfsites/aura" - "{{BaseURL}}/sfsites/aura" body: "{}" matchers: - type: word words: - 'aura:invalidSession' part: body