id: salesforce-aura info: name: Detect the exposure of Salesforce Lightning aura API author: aaron_costello (@ConspiracyProof) severity: info reference: - https://www.enumerated.de/index/salesforce tags: aura,unauth,salesforce,exposure requests: - method: POST path: - "{{BaseURL}}/aura" - "{{BaseURL}}/s/sfsites/aura" - "{{BaseURL}}/sfsites/aura" body: "{}" matchers: - type: word part: body words: - 'aura:invalidSession'