nuclei-templates/dns/cname-fingerprint.yaml

30 lines
599 B
YAML

id: cname-fingerprint
info:
name: CNAME Fingerprint
author: pdteam
severity: info
description: A CNAME DNS record was discovered.
reference:
- https://www.theregister.com/2021/02/24/dns_cname_tracking/
- https://www.ionos.com/digitalguide/hosting/technical-matters/cname-record/
classification:
cwe-id: CWE-200
tags: dns,cname
metadata:
max-request: 1
dns:
- name: "{{FQDN}}"
type: CNAME
matchers:
- type: word
words:
- "IN\tCNAME"
extractors:
- type: regex
group: 1
regex:
- "IN\tCNAME\t(.+)"