nuclei-templates/exposed-tokens/tokens/http-username-password.yaml

21 lines
396 B
YAML

id: http-username-password
# Extract something like https://username:password@vulnerable.com
# can be improved
info:
name: Http usernamme password
author: nadino
severity: info
requests:
- method: GET
path:
- "{{BaseURL}}/"
extractors:
- type: regex
part: body
regex:
- '(ftp|ftps|http|https)://[A-Za-z0-9-_:\.~]+(@)'