21 lines
945 B
YAML
21 lines
945 B
YAML
id: revoked-ssl-certificate
|
|
|
|
info:
|
|
name: Revoked SSL Certificate - Detect
|
|
author: pussycat0x
|
|
severity: low
|
|
description: |
|
|
Certificate revocation is the act of invalidating a TLS/SSL before its scheduled expiration date. A certificate should be revoked immediately when its private key shows signs of being compromised. It should also be revoked when the domain for which it was issued is no longer operational.
|
|
reference: |
|
|
- https://www.invicti.com/web-vulnerability-scanner/vulnerabilities/revoked-ssl-certificate/
|
|
- https://www.tenable.com/plugins/nnm/5837
|
|
metadata:
|
|
max-request: 1
|
|
tags: ssl,tls,revoked
|
|
ssl:
|
|
- address: "{{Host}}:{{Port}}"
|
|
matchers:
|
|
- type: dsl
|
|
dsl:
|
|
- "revoked == true"
|
|
# digest: 4b0a00483046022100c1ea1d5f4cf38a2f4f5b4b6b835fb2f1e6b03f892293a2eafe450a76374b0df1022100cc0060523b24142c5633c50b9c67608d14a9f7ee8a922b1ce3a46f6ee802f4aa:922c64590222798bb761d5b6d8e72950 |