id: jenkins-detect info: name: Jenkins Detection author: philippdelteil,daffainfo,c-sh0 severity: info reference: - https://www.jenkins.io/doc/book/using/remote-access-api/#RemoteaccessAPI-DetectingJenkinsversion - https://github.com/jenkinsci/jenkins/pull/470 - https://www.jenkins.io/doc/book/security/access-control/permissions/#access-granted-without-overallread metadata: shodan-query: http.favicon.hash:81586312 tags: tech,jenkins http: - method: GET path: - "{{BaseURL}}" - "{{BaseURL}}/whoAmI/" host-redirects: true max-redirects: 2 stop-at-first-match: true matchers-condition: and matchers: - type: word part: header words: - "x-jenkins:" case-insensitive: true - type: word words: - "Jenkins" extractors: - type: kval kval: - x_jenkins