nuclei-templates/http/vulnerabilities/ransomware/deadbolt-ransomware.yaml

id: deadbolt-ransomware

info:
  name: Deadbolt Ransomware Detection
  author: pdteam
  severity: info
  tags: ransomware,deadbolt
  metadata:
    max-request: 1

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    matchers:
      - type: word
        words:
          - "<title>ALL YOUR FILES HAVE BEEN LOCKED BY DEADBOLT.</title>"