nuclei-templates/vulnerabilities/ransomware/deadbolt-ransomware.yaml

16 lines
284 B
YAML

id: deadbolt-ransomware
info:
name: Deadbolt Ransomware Detection
author: pdteam
severity: info
requests:
- method: GET
path:
- "{{BaseURL}}"
matchers:
- type: word
words:
- "<title>ALL YOUR FILES HAVE BEEN LOCKED BY DEADBOLT.</title>"