nuclei-templates/miscellaneous/missing-x-frame-options.yaml

19 lines
353 B
YAML

id: missing-x-frame-options
info:
name: Clickjacking (Missing XFO header)
author: kurohost
severity: low
tags: misc
requests:
- method: GET
path:
- "{{BaseURL}}"
redirects: true
max-redirects: 2
matchers:
- type: dsl
dsl:
- "!contains(tolower(all_headers), 'x-frame-options')"