nuclei-templates/tokens/slack-access-token.yaml

id: slack-access-token

#xoxp-702234529XXX-688970480XXX-109182524XXXX-87fa5b4d2e62ac5c16fc6ea93bXXXXXX
#xoxb-702234529XXX-1076883857XXX-Ou9aRuvtFZ4DuTsepevXXXXX

info:
  name: Slack access token
  author: nadino
  severity: medium

requests:
  - method: GET
    path:
      - "{{BaseURL}}/"
    matchers:
      - type: regex
        part: body
        regex:
          - "xoxp-[0-9A-Za-z\\-]{72}"  #person
          - "xoxb-[0-9A-Za-z\\-]{51}"  #bot
    extractors:
      - type: regex
        part: body
        regex:
          - "xoxp-[0-9A-Za-z\\-]{72}"
          - "xoxb-[0-9A-Za-z\\-]{51}"