nuclei-templates/exposed-tokens/generic/http-username-password.yaml

23 lines
457 B
YAML

id: http-username-password
# Extract something like https://username:password@vulnerable.com
info:
name: Http usernamme password
author: nadino
severity: info
# Notes:-
# This template requires manual inspection once found valid match.
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
part: body
regex:
- '(ftp|ftps|http|https)://[A-Za-z0-9-_:\.~]+(@)'