updated matchers

projectdiscovery · Dec 23, 2024 · 16d015c · 16d015c
1 parent 5642c6b
commit 16d015c
Show file tree

Hide file tree

Showing 25 changed files with 1 addition and 35 deletions.
diff --git a/cloud/alibaba/ack/ack-cluster-api-public.yaml b/cloud/alibaba/ack/ack-cluster-api-public.yaml
@@ -28,13 +28,11 @@ code:
     matchers-condition: and
     matchers:
       - type: word
-        part: body
         words:
           - 'master_url":'
           - 'api_server_endpoint\":\"'
 
       - type: word
-        part: body
         words:
           - 'api_server_endpoint\":\"\",'
         negative: true
diff --git a/cloud/alibaba/ack/ack-cluster-auditing-disable.yaml b/cloud/alibaba/ack/ack-cluster-auditing-disable.yaml
@@ -47,7 +47,6 @@ code:
 
     matchers:
       - type: regex
-        part: body
         regex:
           - '"AuditProjectName"\s*:\s*""'
 

diff --git a/cloud/alibaba/ack/ack-cluster-cloud-monitor-disable.yaml b/cloud/alibaba/ack/ack-cluster-cloud-monitor-disable.yaml
@@ -47,7 +47,6 @@ code:
 
     matchers:
       - type: word
-        part: body
         words:
           - 'kubernetes_config":'
           - 'cms_enabled": false'

diff --git a/cloud/alibaba/ack/ack-cluster-health-disable.yaml b/cloud/alibaba/ack/ack-cluster-health-disable.yaml
@@ -48,13 +48,11 @@ code:
     matchers-condition: and
     matchers:
       - type: word
-        part: body
         words:
           - 'check_id":'
           - 'status":'
 
       - type: word
-        part: body
         words:
           - '"status": "Succeeded'
         negative: true

diff --git a/cloud/alibaba/ack/ack-cluster-network-policies-disable.yaml b/cloud/alibaba/ack/ack-cluster-network-policies-disable.yaml
@@ -34,7 +34,6 @@ code:
 
     matchers:
       - type: word
-        part: body
         words:
           - '"Network": "terway-eniip"'
         internal: true
@@ -54,7 +53,6 @@ code:
 
     matchers:
       - type: word
-        part: body
         words:
           - 'NetworkPolicy\":\"false'
 

diff --git a/cloud/alibaba/ack/ack-cluster-network-policies-missing.yaml b/cloud/alibaba/ack/ack-cluster-network-policies-missing.yaml
@@ -28,17 +28,15 @@ code:
     matchers-condition: and
     matchers:
       - type: regex
-        part: body
         regex:
           - '"Network"\s*:\s*"'
 
       - type: word
-        part: body
         words:
           - '"Network": "terway-eniip"'
         negative: true
 
     extractors:
       - type: dsl
         dsl:
-          - '" Cluster is not using the plugin to enforce network policies"'
+          - '"Cluster is not using the plugin to enforce network policies"'
diff --git a/cloud/alibaba/ack/kubernetes-dashboard-enabled.yaml b/cloud/alibaba/ack/kubernetes-dashboard-enabled.yaml
@@ -47,7 +47,6 @@ code:
 
     matchers:
       - type: word
-        part: body
         words:
           - 'kubernetes-dashboard'
 

diff --git a/cloud/alibaba/actiontrail/multi-region-logging-disabled.yaml b/cloud/alibaba/actiontrail/multi-region-logging-disabled.yaml
@@ -30,13 +30,11 @@ code:
     matchers-condition: and
     matchers:
       - type: word
-        part: body
         words:
           - '"TrailRegion": "All"'
         negative: true
 
       - type: word
-        part: body
         words:
           - '"Status": "Enable"'
 

diff --git a/cloud/alibaba/actiontrail/public-actiontrail-bucket.yaml b/cloud/alibaba/actiontrail/public-actiontrail-bucket.yaml
@@ -47,7 +47,6 @@ code:
 
     matchers:
       - type: regex
-        part: body
         regex:
           - 'ACL.*:.*public-read-write'
 

diff --git a/cloud/alibaba/ecs/os-patches-outdated.yaml b/cloud/alibaba/ecs/os-patches-outdated.yaml
@@ -29,14 +29,12 @@ code:
     matchers-condition: and
     matchers:
       - type: word
-        part: body
         words:
           - '"RaspStatus":'
           - '"Type":'
         condition: and
 
       - type: word
-        part: body
         words:
           - '"TotalCount": 0'
           - '"VulRecords":'

diff --git a/cloud/alibaba/ecs/unattached-disk-encryption-disabled.yaml b/cloud/alibaba/ecs/unattached-disk-encryption-disabled.yaml
@@ -28,7 +28,6 @@ code:
 
     matchers:
       - type: word
-        part: body
         words:
           - '"Encrypted": false'
 

diff --git a/cloud/alibaba/ecs/unattached-vminstance-encryption-disabled.yaml b/cloud/alibaba/ecs/unattached-vminstance-encryption-disabled.yaml
@@ -51,12 +51,10 @@ code:
     matchers-condition: and
     matchers:
       - type: word
-        part: body
         words:
           - '"Encrypted": false'
 
       - type: word
-        part: body
         words:
           - '"InstanceId": ""'
         negative: true

diff --git a/cloud/alibaba/ecs/unrestricted-rdp-access.yaml b/cloud/alibaba/ecs/unrestricted-rdp-access.yaml
@@ -49,7 +49,6 @@ code:
     matchers-condition: and
     matchers:
       - type: word
-        part: body
         words:
           - '"IpProtocol": "TCP"'
           - '"PortRange": "3389/3389"'

diff --git a/cloud/alibaba/ecs/unrestricted-ssh-access.yaml b/cloud/alibaba/ecs/unrestricted-ssh-access.yaml
@@ -49,7 +49,6 @@ code:
     matchers-condition: and
     matchers:
       - type: word
-        part: body
         words:
           - '"IpProtocol": "TCP"'
           - '"PortRange": "22/22"'

diff --git a/cloud/alibaba/oss/improper-bucket-sse.yaml b/cloud/alibaba/oss/improper-bucket-sse.yaml
@@ -47,7 +47,6 @@ code:
 
     matchers:
       - type: regex
-        part: body
         regex:
           - 'SSEAlgorithm:\s?AES256'
           - 'StatusCode=404'

diff --git a/cloud/alibaba/oss/sse-cmk-disabled.yaml b/cloud/alibaba/oss/sse-cmk-disabled.yaml
@@ -66,7 +66,6 @@ code:
     matchers-condition: and
     matchers:
       - type: word
-        part: body
         words:
           - 'Creator": "Rds'
 

diff --git a/cloud/alibaba/oss/sse-smk-disabled.yaml b/cloud/alibaba/oss/sse-smk-disabled.yaml
@@ -65,7 +65,6 @@ code:
 
     matchers:
       - type: word
-        part: body
         words:
           - 'AliasName": "alias/acs/rds'
 

diff --git a/cloud/alibaba/ram/password-policy-expiration-unconfigured.yaml b/cloud/alibaba/ram/password-policy-expiration-unconfigured.yaml
@@ -30,12 +30,10 @@ code:
     matchers-condition: and
     matchers:
       - type: regex
-        part: body
         regex:
           - '"MaxPasswordAge":\s*(9[1-9]|[1-9][0-9]{2,})'  # Matches values greater than 90
 
       - type: regex
-        part: body
         regex:
           - '"MaxPasswordAge":\s*(0|[1-9][0-9]?)'  # Excludes values between 0 and 90
 

diff --git a/cloud/alibaba/ram/password-policy-length-unconfigured.yaml b/cloud/alibaba/ram/password-policy-length-unconfigured.yaml
@@ -31,13 +31,11 @@ code:
     matchers-condition: and
     matchers:
       - type: regex
-        part: body
         regex:
           - \"MinimumPasswordLength\":\s*(1[4-9]|[2-9][0-9]{1,})
         negative: true
 
       - type: regex
-        part: body
         regex:
           - \"MinimumPasswordLength":\s*(\d|1[0-3])
 

diff --git a/cloud/alibaba/rds/mssql-audit-disabled.yaml b/cloud/alibaba/rds/mssql-audit-disabled.yaml
@@ -49,7 +49,6 @@ code:
 
     matchers:
       - type: word
-        part: body
         words:
           - '"SQLCollectorStatus": "Disabled"'
 

diff --git a/cloud/alibaba/rds/mysql-audit-disabled.yaml b/cloud/alibaba/rds/mysql-audit-disabled.yaml
@@ -49,7 +49,6 @@ code:
 
     matchers:
       - type: word
-        part: body
         words:
           - '"SQLCollectorStatus": "Disabled"'
 

diff --git a/cloud/alibaba/rds/postgresql-audit-disabled.yaml b/cloud/alibaba/rds/postgresql-audit-disabled.yaml
@@ -49,7 +49,6 @@ code:
 
     matchers:
       - type: word
-        part: body
         words:
           - '"SQLCollectorStatus": "Disabled"'
 

diff --git a/cloud/alibaba/rds/rds-audit-disabled.yaml b/cloud/alibaba/rds/rds-audit-disabled.yaml
@@ -49,7 +49,6 @@ code:
 
     matchers:
       - type: word
-        part: body
         words:
           - '"SQLCollectorStatus": "Disabled"'
 

diff --git a/cloud/alibaba/rds/transparent-encryption-disabled.yaml b/cloud/alibaba/rds/transparent-encryption-disabled.yaml
@@ -49,7 +49,6 @@ code:
 
     matchers:
       - type: word
-        part: body
         words:
           - '"TDEStatus": "Disabled"'
 

diff --git a/cloud/alibaba/vpc/vpc-flow-disabled.yaml b/cloud/alibaba/vpc/vpc-flow-disabled.yaml
@@ -49,7 +49,6 @@ code:
 
     matchers:
       - type: word
-        part: body
         words:
           - '"FlowLog": []'