id: HTTP-TRACE info: name: HTTP TRACE method enabled author: nodauf severity: info # References: # - https://www.blackhillsinfosec.com/three-minutes-with-the-http-trace-method/ requests: - method: TRACE path: - "{{BaseURL}}" matchers: - type: word name: trace-request words: - "TRACE / HTTP" part: body - method: OPTIONS path: - "{{BaseURL}}" matchers: - type: regex name: options-request regex: - "(?i)Allow: [A-Z,]*TRACE" part: header