id: wildcard-tls

info:
  name: Wildcard TLS Certificate
  author: lucky0x0d
  severity: info
  description: |
    Checks a sites certificate to see if there are wildcard CN or SAN entries.
  reference:
    - https://cheatsheetseries.owasp.org/cheatsheets/Transport_Layer_Protection_Cheat_Sheet.html#carefully-consider-the-use-of-wildcard-certificates
  metadata:
    max-request: 1
  tags: ssl,tls,wildcard
ssl:
  - address: "{{Host}}:{{Port}}"
    matchers:
      - type: dsl
        dsl:
          - wildcard_certificate == true

    extractors:
      - type: dsl
        dsl:
          - '"CN: " + subject_cn'
          - '" SAN: " + subject_an'
# digest: 4a0a00473045022100d6245a99d40eed59cd8f7e4a1547670b87ea7c05dd8b59adedbad391eed66c350220701bfd0928ceb6ccc15364190231e82a7559261e862923e15b16151edc50358e:922c64590222798bb761d5b6d8e72950