Skip to content

Commit

Permalink
Merge pull request #11408 from projectdiscovery/release-prep-10.1.1
Browse files Browse the repository at this point in the history 
Release Prep - v10.1.1
  • Loading branch information
@princechaddha
princechaddha authored Dec 23, 2024
2 parents c2872b5 + 7ba61dc commit 4913c06
Show file tree
Hide file tree
Showing 31 changed files with 51 additions and 39 deletions.
2 changes: 1 addition & 1 deletion cloud/alibaba/actiontrail/multi-region-logging-disabled.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ info:
metadata:
max-request: 1
verified: true
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config,actiontrail
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,actiontrail

variables:
region: "cn-hangzhou"
Expand Down
26 changes: 19 additions & 7 deletions cloud/alibaba/aliyun-code-env.yaml → cloud/alibaba/alibaba-cloud-code-env.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,23 +1,25 @@
id: aliyun-code-env
id: alibaba-cloud-code-env

info:
name: Aliyun Cloud Environment Validation
name: Alibaba Cloud Environment Validation
author: DhiyaneshDK
severity: info
description: |
Checks if Aliyun CLI is set up and all necessary tools are installed on the environment.
reference:
- https://github.com/aliyun/aliyun-cli
metadata:
max-request: 2
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config
max-request: 3
verified: true
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config

variables:
region: "cn-hangzhou"

flow: code(1) && code(2)
flow: code(1) && code(2) && code (3)

self-contained: true

code:
- engine:
- sh
Expand Down Expand Up @@ -49,8 +51,18 @@ code:
words:
- "jq is installed"

- engine:
- sh
- bash
source: |
ossutil --version >/dev/null 2>&1 && echo "ossutil is installed." || echo "ossutil is not installed."
matchers:
- type: word
words:
- "ossutil is installed"

extractors:
- type: dsl
dsl:
- '"Aliyun CLI is properly configured for account \"" + account + "\" and all the necessary tools required are installed"'
# digest: 4a0a00473045022100cef41c277f557c5c47985c8dbb8c631377535b96487c987174156c8387fa145402207be4372c14784ddedac10ec8bdb623a02ac17dd481fc9e8fdfa21adf0a1032b7:922c64590222798bb761d5b6d8e72950
- '"Aliyun CLI is properly configured for account \"" + account + "\" and all the necessary tools required are installed."'
2 changes: 1 addition & 1 deletion cloud/alibaba/ecs/os-patches-outdated.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ info:
metadata:
max-request: 1
verified: true
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config,ecs
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,ecs

variables:
region: "cn-hangzhou"
Expand Down
2 changes: 1 addition & 1 deletion cloud/alibaba/ecs/unattached-disk-encryption-disabled.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ info:
metadata:
max-request: 1
verified: true
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config,ecs
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,ecs

variables:
region: "cn-hangzhou"
Expand Down
2 changes: 1 addition & 1 deletion cloud/alibaba/ecs/unattached-vminstance-encryption-disabled.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ info:
metadata:
max-request: 1
verified: true
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config,ecs
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,ecs

variables:
region: "cn-hangzhou"
Expand Down
2 changes: 1 addition & 1 deletion cloud/alibaba/ecs/unrestricted-rdp-access.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ info:
metadata:
max-request: 1
verified: true
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config,ecs
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,ecs

variables:
region: "cn-hangzhou"
Expand Down
2 changes: 1 addition & 1 deletion cloud/alibaba/ecs/unrestricted-ssh-access.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ info:
metadata:
max-request: 1
verified: true
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config,ecs
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,ecs

variables:
region: "cn-hangzhou"
Expand Down
2 changes: 1 addition & 1 deletion cloud/alibaba/ram/custom-ram-policy-admin-priv.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ info:
metadata:
max-request: 1
verified: true
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config,alibaba-ram
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,alibaba-ram

variables:
region: "cn-hangzhou"
Expand Down
2 changes: 1 addition & 1 deletion cloud/alibaba/ram/max-password-retry-disabled.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ info:
metadata:
max-request: 1
verified: true
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config,alibaba-ram
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,alibaba-ram

variables:
region: "cn-hangzhou"
Expand Down
2 changes: 1 addition & 1 deletion cloud/alibaba/ram/mfa-console-password-disabled.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ info:
metadata:
max-request: 1
verified: true
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config,alibaba-ram
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,alibaba-ram

variables:
region: "cn-hangzhou"
Expand Down
2 changes: 1 addition & 1 deletion cloud/alibaba/ram/password-policy-expiration-unconfigured.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ info:
metadata:
max-request: 1
verified: true
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config,alibaba-ram
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,alibaba-ram

variables:
region: "cn-hangzhou"
Expand Down
2 changes: 1 addition & 1 deletion cloud/alibaba/ram/password-policy-length-unconfigured.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ info:
metadata:
max-request: 1
verified: true
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config,alibaba-ram
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,alibaba-ram

variables:
region: "cn-hangzhou"
Expand Down
2 changes: 1 addition & 1 deletion cloud/alibaba/ram/password-policy-lowercase-unconfigured.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ info:
metadata:
max-request: 1
verified: true
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config,alibaba-ram
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,alibaba-ram

variables:
region: "cn-hangzhou"
Expand Down
2 changes: 1 addition & 1 deletion cloud/alibaba/ram/password-policy-num-unconfigured.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ info:
metadata:
max-request: 1
verified: true
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config,alibaba-ram
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,alibaba-ram

variables:
region: "cn-hangzhou"
Expand Down
2 changes: 1 addition & 1 deletion cloud/alibaba/ram/password-policy-reuse-enabled.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ info:
metadata:
max-request: 1
verified: true
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config,alibaba-ram
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,alibaba-ram

variables:
region: "cn-hangzhou"
Expand Down
2 changes: 1 addition & 1 deletion cloud/alibaba/ram/password-policy-symbol-unconfigured.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ info:
metadata:
max-request: 1
verified: true
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config,alibaba-ram
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,alibaba-ram

variables:
region: "cn-hangzhou"
Expand Down
2 changes: 1 addition & 1 deletion cloud/alibaba/ram/password-policy-uppercase-unconfigured.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ info:
metadata:
max-request: 1
verified: true
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config,alibaba-ram
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,alibaba-ram

variables:
region: "cn-hangzhou"
Expand Down
2 changes: 1 addition & 1 deletion cloud/alibaba/rds/encryption-intransit-disabled.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ info:
metadata:
max-request: 1
verified: true
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config,alibaba-rds
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,alibaba-rds

variables:
region: "cn-hangzhou"
Expand Down
2 changes: 1 addition & 1 deletion cloud/alibaba/rds/log-connections-disabled.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ info:
metadata:
max-request: 2
verified: true
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config,alibaba-rds
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,alibaba-rds

variables:
region: "cn-hangzhou"
Expand Down
2 changes: 1 addition & 1 deletion cloud/alibaba/rds/log-disconnections-disabled.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ info:
metadata:
max-request: 1
verified: true
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config,alibaba-rds
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,alibaba-rds

variables:
region: "cn-hangzhou"
Expand Down
2 changes: 1 addition & 1 deletion cloud/alibaba/rds/log-duration-disabled.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ info:
metadata:
max-request: 2
verified: true
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config,alibaba-rds
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,alibaba-rds

variables:
region: "cn-hangzhou"
Expand Down
2 changes: 1 addition & 1 deletion cloud/alibaba/rds/mssql-audit-disabled.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ info:
metadata:
max-request: 2
verified: true
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config,alibaba-rds
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,alibaba-rds

variables:
region: "cn-hangzhou"
Expand Down
2 changes: 1 addition & 1 deletion cloud/alibaba/rds/mysql-audit-disabled.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ info:
metadata:
max-request: 2
verified: true
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config,alibaba-rds
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,alibaba-rds

variables:
region: "cn-hangzhou"
Expand Down
2 changes: 1 addition & 1 deletion cloud/alibaba/rds/postgresql-audit-disabled.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ info:
metadata:
max-request: 2
verified: true
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config,alibaba-rds
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,alibaba-rds

variables:
region: "cn-hangzhou"
Expand Down
2 changes: 1 addition & 1 deletion cloud/alibaba/rds/rds-audit-disabled.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ info:
metadata:
max-request: 2
verified: true
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config,alibaba-rds
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,alibaba-rds

variables:
region: "cn-hangzhou"
Expand Down
2 changes: 1 addition & 1 deletion cloud/alibaba/rds/transparent-encryption-disabled.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ info:
metadata:
max-request: 2
verified: true
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config,alibaba-rds
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,alibaba-rds

variables:
region: "cn-hangzhou"
Expand Down
2 changes: 1 addition & 1 deletion cloud/alibaba/security-center/scheduled-vulnscan-disabled.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ info:
metadata:
max-request: 1
verified: true
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config,security-center
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,security-center

variables:
region: "cn-hangzhou"
Expand Down
2 changes: 1 addition & 1 deletion cloud/alibaba/security-center/security-notification-disabled.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ info:
metadata:
max-request: 1
verified: true
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config,security-center
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,security-center

variables:
region: "cn-hangzhou"
Expand Down
2 changes: 1 addition & 1 deletion cloud/alibaba/security-center/security-plan-disabled.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ info:
metadata:
max-request: 1
verified: true
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config,security-center
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,security-center

variables:
region: "cn-hangzhou"
Expand Down
2 changes: 1 addition & 1 deletion cloud/alibaba/vpc/vpc-flow-disabled.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ info:
metadata:
max-request: 1
verified: true
tags: cloud,devops,aliyun,alibaba,aliyun-cloud-config,alibaba-vpc
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,alibaba-vpc

variables:
region: "cn-hangzhou"
Expand Down
6 changes: 3 additions & 3 deletions profiles/aliyun-cloud-config.yml → profiles/alibaba-cloud-config.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,15 +6,15 @@
# This profile is focused on identifying misconfigurations and vulnerabilities in aliyun ACLs. Proper configuration of ACLs is crucial for securing aliyun resources and ensuring that only authorized entities have access.
#
# Included Templates:
# This configuration references specific templates tagged with 'aliyun-cloud-config' to cover comprehensive scanning of aliyun ACLs.
# This configuration references specific templates tagged with 'alibaba-cloud-config' to cover comprehensive scanning of aliyun ACLs.
#
# Running this profile
# You can run this profile using the following command:
# nuclei -profile aliyun-cloud-config
# nuclei -profile alibaba-cloud-config
code: true # enable code templates

tags:
- aliyun-cloud-config # filter templates with "aliyun-cloud-config" tags
- alibaba-cloud-config # filter templates with "alibaba-cloud-config" tags

var:
- region=cn-hangzhou # template input for "region" variable

0 comments on commit 4913c06

Please sign in to comment.