id: puppetserver-detect info: name: Puppetserver Detection author: c-sh0 severity: info reference: https://insinuator.net/2020/09/puppet-assessment-techniques/ tags: tech,puppet,exposure requests: - method: GET path: - "{{BaseURL}}/puppet-ca/v1/certificate_request/{{randstr}}" matchers-condition: and matchers: - type: status status: - 404 - type: word part: header words: - "x-puppet-version" case-insensitive: true - type: word part: body words: - "{{randstr}}" extractors: - type: kval kval: - x_puppet_version