nuclei-templates/tokens/slack-access-token.yaml

27 lines
570 B
YAML

id: slack-access-token
# xoxp-702234529XXX-688970480XXX-109182524XXXX-87fa5b4d2e62ac5c16fc6ea93bXXXXXX
# xoxb-702234529XXX-1076883857XXX-Ou9aRuvtFZ4DuTsepevXXXXX
info:
name: Slack access token
author: nadino
severity: medium
requests:
- method: GET
path:
- "{{BaseURL}}"
extractors:
- type: regex
name: person-token
part: body
regex:
- "xoxp-[0-9A-Za-z\\-]{72}"
- type: regex
name: bot-token
part: body
regex:
- "xoxb-[0-9A-Za-z\\-]{51}"