26 lines
1.1 KiB
YAML
26 lines
1.1 KiB
YAML
id: springboot-workflow
|
|
|
|
info:
|
|
name: Springboot Security Checks
|
|
author: dwisiswant0
|
|
description: A simple workflow that runs all springboot related nuclei templates on a given target.
|
|
tags: workflow
|
|
|
|
# Supported on Nuclei v2.2.0 (https://github.com/projectdiscovery/nuclei/releases/tag/v2.2.0)
|
|
# Old workflows still remains valid, and will be working with all nuclei versions.
|
|
|
|
workflows:
|
|
|
|
- template: technologies/detect-springboot-actuator.yaml
|
|
subtemplates:
|
|
- template: misconfiguration/springboot/springboot-configprops.yaml
|
|
- template: misconfiguration/springboot/springboot-env.yaml
|
|
- template: misconfiguration/springboot/springboot-heapdump.yaml
|
|
- template: misconfiguration/springboot/springboot-loggers.yaml
|
|
- template: misconfiguration/springboot/springboot-mappings.yaml
|
|
- template: misconfiguration/springboot/springboot-trace.yaml
|
|
- template: vulnerabilities/springboot/springboot-actuators-jolokia-xxe.yaml
|
|
- template: vulnerabilities/springboot/springboot-h2-db-rce.yaml
|
|
- template: cves/2018/CVE-2018-1271.yaml
|
|
- template: cves/2020/CVE-2020-5410.yaml
|