nuclei-templates/token-spray
Prince Chaddha bddd1ab697
Merge pull request #4629 from geeknik/patch-58
Create api-digitalocean.yaml
2022-06-22 09:24:10 +05:30
..
README.md
api-1forge.yaml Create api-1forge.yaml 2022-06-16 15:57:17 +07:00
api-abstractapi.yaml Update api-abstractapi.yaml 2022-02-15 16:51:38 +07:00
api-abuseipdb.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-accuweather.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-adafruit-io.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-adoptapet.yaml
api-airtable.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-alchemy.yaml Add 3 token-spray templates (#3481) 2022-01-05 01:10:09 +05:30
api-alienvault.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-amdoren.yaml Create api-amdoren.yaml 2022-06-16 16:00:12 +07:00
api-aniapi.yaml
api-api2convert.yaml Add Api2Convert 2022-06-18 11:09:32 +07:00
api-apiflash.yaml Update api-apiflash.yaml 2022-06-21 10:41:30 +05:30
api-apigee-edge.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-appveyor.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-asana.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-bhagavadgita.yaml
api-bible.yaml
api-binance.yaml Add 3 token-spray templates (#3481) 2022-01-05 01:10:09 +05:30
api-binaryedge.yaml Update api-binaryedge.yaml 2022-05-23 14:21:05 +05:30
api-bingmaps.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-bitcoinaverage.yaml Add 3 token-spray templates (#3481) 2022-01-05 01:10:09 +05:30
api-bitly.yaml Update api-bitly.yaml (#4265) 2022-04-29 22:58:27 +05:30
api-bitquery.yaml
api-bitrise.yaml Create api-bitrise.yaml 2021-12-15 23:48:17 +07:00
api-blitapp.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-block.yaml Add 3 token-spray templates (#3481) 2022-01-05 01:10:09 +05:30
api-blockchain.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-blockfrost.yaml Add 3 token-spray templates (#3481) 2022-01-05 01:10:09 +05:30
api-box.yaml Update api-box.yaml 2021-12-09 20:46:02 +05:30
api-bravenewcoin.yaml Add 3 token-spray templates (#3481) 2022-01-05 01:10:09 +05:30
api-browshot.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-buildkite.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-buttercms.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-c99.yaml Update api-c99.yaml 2022-05-23 14:40:08 +05:30
api-calendarific.yaml
api-calendly.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-chaos.yaml feat(token-spray): chaos api test (#4441) 2022-05-18 22:54:50 +05:30
api-charity.yaml Updated all templates tags with technologies (#3478) 2022-01-05 01:04:16 +05:30
api-circleci.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-clearbit.yaml
api-cloudflare.yaml Added api-cloudflare (#3985) 2022-03-26 15:02:06 +05:30
api-coinapi.yaml Add 3 token-spray templates (#3481) 2022-01-05 01:10:09 +05:30
api-coinlayer.yaml Add 3 token-spray templates (#3481) 2022-01-05 01:10:09 +05:30
api-coinmarketcap.yaml Update api-coinmarketcap.yaml 2022-04-18 02:34:52 +04:00
api-coinranking.yaml Create api-coinranking.yaml 2022-04-18 13:56:04 +07:00
api-cooperhewitt.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-covalent.yaml
api-currencyfreaks.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-currencylayer.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-currencyscoop.yaml Update api-currencyscoop.yaml 2022-06-21 10:36:26 +05:30
api-dbt.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-ddownload.yaml Create api-ddownload.yaml 2021-12-09 18:44:12 +07:00
api-debounce.yaml Fixed possible FPs in open redirect templates (#4544) 2022-06-06 16:10:15 +05:30
api-deviantart.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-digitalocean.yaml Update api-digitalocean.yaml 2022-06-22 09:20:22 +05:30
api-dribbble.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-dropbox.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-ebird.yaml
api-etherscan.yaml
api-europeana.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-exchangerateapi.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-facebook.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-fastly.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-festivo.yaml
api-flickr.yaml Update api-flickr.yaml 2022-05-27 10:11:11 +05:30
api-fontawesome.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-fortitoken-cloud.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-front.yaml Update api-front.yaml 2022-05-23 14:44:29 +05:30
api-fullhunt.yaml Fixed possible FPs in open redirect templates (#4544) 2022-06-06 16:10:15 +05:30
api-github.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-gitlab.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-gofile.yaml Create api-gofile.yaml 2021-12-09 18:46:41 +07:00
api-google-drive.yaml Update api-google-drive.yaml (#4520) 2022-06-02 00:34:52 +05:30
api-gorest.yaml Update api-gorest.yaml 2022-06-21 12:16:40 +05:30
api-harvardart.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-heroku.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-hirak-rates.yaml Update and rename api-hirak-exchange-rates.yaml to api-hirak-rates.yaml 2022-04-22 18:26:29 +04:00
api-holidayapi.yaml
api-host-io.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-hubspot.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-hunter.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-iconfinder.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-improvmx.yaml
api-instagram.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-instatus.yaml
api-intelx.yaml Update api-intelx.yaml 2022-05-23 14:53:39 +05:30
api-intercom.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-ip2whois.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-ipfind.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-ipstack.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-iterable.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-iucn.yaml
api-jsonbin.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-jumpcloud.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-launchdarkly.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-leanix.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-linkedin.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-lob.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-lokalise.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-loqate.yaml Update api-loqate.yaml 2022-05-15 18:31:18 +05:30
api-mac-address-lookup.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-mailboxvalidator.yaml
api-mailchimp.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-mailgun.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-malshare.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-malwarebazaar.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-mapbox.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-micro-user-service.yaml
api-mojoauth.yaml
api-moonpay.yaml feat(token-spray): moonpay api test (#4380) 2022-05-13 02:31:08 +05:30
api-myanimelist.yaml
api-mywot.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-nerdgraph.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-netlify.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-nownodes.yaml
api-npm.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-onelogin.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-open-page-rank.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-opengraphr.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-openweather.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-optimizely.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-orbintelligence.yaml
api-pagecdn.yaml Update api-pagecdn.yaml 2022-06-21 10:04:52 +05:30
api-pagerduty.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-particle.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-pastebin.yaml Update api-pastebin.yaml 2021-12-15 21:18:12 +05:30
api-paypal.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-pendo.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-petfinder.yaml
api-pinata.yaml Create api-pinata.yaml 2021-12-15 08:36:17 +07:00
api-pivotaltracker.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-postmark.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-proxycrawl.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-proxykingdom.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-quip.yaml Update api-quip.yaml 2021-12-15 22:00:22 +05:30
api-rijksmuseum.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-savepage.yaml Update api-savepage.yaml 2022-06-21 09:58:07 +05:30
api-scanii.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-scraperapi.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-scraperbox.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-scrapestack.yaml Update api-scrapestack.yaml 2022-06-21 23:17:02 +05:30
api-scrapingant.yaml Update api-scrapingant.yaml 2022-06-21 09:50:36 +05:30
api-scrapingdog.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-screenshotapi.yaml Update api-screenshotapi.yaml 2022-06-21 09:43:42 +05:30
api-securitytrails.yaml Update api-securitytrails.yaml 2022-05-23 15:01:47 +05:30
api-segment.yaml Update api-segment.yaml 2022-06-22 09:17:54 +05:30
api-sendgrid.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-sentry.yaml fix: api-sentry lint 2022-05-21 19:27:39 +02:00
api-serpstack.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-shodan.yaml Update api-shodan.yaml 2022-05-23 15:00:07 +05:30
api-slack.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-smartsheet.yaml
api-sonarcloud.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-spotify.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-square.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-sslmate.yaml Fixed possible FPs in open redirect templates (#4544) 2022-06-06 16:10:15 +05:30
api-strava.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-stripe.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-stytch.yaml
api-supportivekoala.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-taiga.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-tatum.yaml Update api-tatum.yaml 2022-05-20 00:56:23 +05:30
api-thecatapi.yaml
api-thedogapi.yaml
api-tink.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-tinypng.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-travisci.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-trello.yaml
api-twitter.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-urlscan.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-vercel.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-virustotal.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-visualstudio.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-wakatime.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-web3storage.yaml Update api-web3storage.yaml 2021-12-18 15:32:58 +05:30
api-webex.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-weglot.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-wordcloud.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-wordnik.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-youtube.yaml refactor: Description field uniformization 2022-04-22 13:38:41 +03:00
api-zenrows.yaml Add 32 token-spray templates and update references 2022-06-18 10:54:41 +07:00
api-zoomeye.yaml Update api-zoomeye.yaml 2022-05-23 14:58:44 +05:30
google-autocomplete.yaml
google-books.yaml
google-customsearch.yaml
google-directions.yaml
google-elevation.yaml
google-fcm.yaml
google-findplacefromtext.yaml
google-gedistancematrix.yaml
google-geocode.yaml
google-geolocation.yaml
google-mapsembed.yaml
google-mapsembedadvanced.yaml
google-nearbysearch.yaml
google-nearestroads.yaml
google-placedetails.yaml
google-placesphoto.yaml
google-playablelocations.yaml
google-routetotraveled.yaml
google-speedlimit.yaml
google-staticmaps.yaml
google-streetview.yaml
google-timezone.yaml
googlet-extsearchplaces.yaml

README.md

About

This directory holds templates that have static API URL endpoints. Use these to test an API token against many API service endpoints. By providing token input using flag, Nuclei will test the token against all known API endpoints within the API templates, and return any successful results. By incorporating API checks as Nuclei Templates, users can test API keys that have no context (i.e., API keys that do not indicate for which API endpoint they are meant).

Usage

token-spray are self-contained template and does not requires URLs as input as the API endpoints have static URLs predefined in the template. Each template in the token-spray directory assumes the input API token/s will be provided using CLI var flag.

# Running token-spray templates against a single token to test
nuclei -t token-spray/ -var token=random-token-to-test

# Running token-spray templates against a file containing multiple new line delimited tokens
nuclei -t token-spray/ -var token=file_with_tokens.txt

Credits

These API testing templates were inspired by the streaak/keyhacks repository. The Bishop Fox Continuous Attack Surface Testing (CAST) team created additional API templates for testing API keys uncovered during investigations. You are welcome to add new templates based on the existing format to cover more APIs.