nuclei-templates/http/osint/phishing/visual-studio-code-phish.yaml

36 lines
1.1 KiB
YAML

id: visual-studio-code-phish
info:
name: visual studio code phishing Detection
author: rxerium
severity: info
description: |
A visual studio code phishing website was detected
reference:
- https://visualstudio.com
tags: phishing,visual-studio-code,osint
http:
- method: GET
path:
- "{{BaseURL}}"
host-redirects: true
max-redirects: 2
matchers-condition: and
matchers:
- type: word
words:
- 'Visual Studio Code is a code editor redefined and optimized for building and debugging modern web and cloud applications. Visual Studio Code is free and available on your favorite platform - Linux, macOS, and Windows.'
- 'Visual Studio Code - Code Editing. Redefined'
condition: and
- type: status
status:
- 200
- type: dsl
dsl:
- '!contains(host,"visualstudio.com")'
# digest: 4a0a0047304502200ac692134c746861c818eae66fb9d301834388548bd8abf388116f1c71abac190221009f9cb5ba97616392893b2cc291ed5f48775ff7cb35853c550d526ee2d028aa7e:922c64590222798bb761d5b6d8e72950