id: web-framework-detect

info:
  name: Web Framework Detect
  author: NkxxkN https://twitter.com/NkkxN
  severity: low

requests:
  - method: GET
    path:
      - "{{BaseURL}}/"
    matchers-condition: or
    matchers:
      - type: word
        name: symfony
        words:
          - "Set-Cookie: symfony="
        part: header
      - type: word
        name: laravel
        words:
          - "Set-Cookie: laravel_session="
        part: header
      - type: word
        name: express
        words:
          - "X-Powered-By: Express"
        part: header
      - type: word
        name: rails
        words:
          - "meta content=\"authenticity_token\" name=\"csrf-param"
        part: body
      - type: word
        name: angular
        words:
          - "ng-app=\""
          - "<ng-app"
          - "*ngIf="
          - "ng-controller="
        condition: or
        part: body