nuclei-templates/misconfiguration/http-missing-security-heade...

137 lines
4.1 KiB
YAML

id: http-missing-security-headers
info:
name: HTTP Missing Security Headers
author: socketz,geeknik,G4L1T0,convisoappsec,kurohost,dawid-czarnecki,forgedhallpass
severity: info
description: It searches for missing security headers, but obviously, could be so less generic and could be useless for Bug Bounty.
tags: misconfig,generic
requests:
- method: GET
path:
- "{{BaseURL}}"
redirects: true
max-redirects: 3
matchers-condition: or
matchers:
- type: dsl
name: strict-transport-security
dsl:
- "!regex('(?i)strict-transport-security', all_headers)"
- "status_code != 301 && status_code != 302"
condition: and
- type: dsl
name: content-security-policy
dsl:
- "!regex('(?i)content-security-policy', all_headers)"
- "status_code != 301 && status_code != 302"
condition: and
- type: dsl
name: permission-policy
dsl:
- "!regex('(?i)permission-policy', all_headers)"
- "status_code != 301 && status_code != 302"
condition: and
- type: dsl
name: x-frame-options
dsl:
- "!regex('(?i)x-frame-options', all_headers)"
- "status_code != 301 && status_code != 302"
condition: and
- type: dsl
name: x-content-type-options
dsl:
- "!regex('(?i)x-content-type-options', all_headers)"
- "status_code != 301 && status_code != 302"
condition: and
- type: dsl
name: x-permitted-cross-domain-policies
dsl:
- "!regex('(?i)x-permitted-cross-domain-policies', all_headers)"
- "status_code != 301 && status_code != 302"
condition: and
- type: dsl
name: referrer-policy
dsl:
- "!regex('(?i)referrer-policy', all_headers)"
- "status_code != 301 && status_code != 302"
condition: and
- type: dsl
name: clear-site-data
dsl:
- "!regex('(?i)clear-site-data', all_headers)"
- "status_code != 301 && status_code != 302"
condition: and
- type: dsl
name: cross-origin-embedder-policy
dsl:
- "!regex('(?i)cross-origin-embedder-policy', all_headers)"
- "status_code != 301 && status_code != 302"
condition: and
- type: dsl
name: cross-origin-opener-policy
dsl:
- "!regex('(?i)cross-origin-opener-policy', all_headers)"
- "status_code != 301 && status_code != 302"
condition: and
- type: dsl
name: cross-origin-resource-policy
dsl:
- "!regex('(?i)cross-origin-resource-policy', all_headers)"
- "status_code != 301 && status_code != 302"
condition: and
- type: dsl
name: access-control-allow-origin
dsl:
- "!regex('(?i)access-control-allow-origin', all_headers)"
- "status_code != 301 && status_code != 302"
condition: and
- type: dsl
name: access-control-allow-credentials
dsl:
- "!regex('(?i)access-control-allow-credentials', all_headers)"
- "status_code != 301 && status_code != 302"
condition: and
- type: dsl
name: access-control-expose-headers
dsl:
- "!regex('(?i)access-control-expose-headers', all_headers)"
- "status_code != 301 && status_code != 302"
condition: and
- type: dsl
name: access-control-max-age
dsl:
- "!regex('(?i)access-control-max-age', all_headers)"
- "status_code != 301 && status_code != 302"
condition: and
- type: dsl
name: access-control-allow-methods
dsl:
- "!regex('(?i)access-control-allow-methods', all_headers)"
- "status_code != 301 && status_code != 302"
condition: and
- type: dsl
name: access-control-allow-headers
dsl:
- "!regex('(?i)access-control-allow-headers', all_headers)"
- "status_code != 301 && status_code != 302"
condition: and