-
Notifications
You must be signed in to change notification settings - Fork 7
Expand file tree
/
Copy pathRules.js
More file actions
1 lines (1 loc) · 9.34 KB
/
Rules.js
File metadata and controls
1 lines (1 loc) · 9.34 KB
1
const config={rules:[{group:"Fingerprint",rule:[{name:"Shiro",loaded:!0,f_regex:"(=deleteMe|rememberMe=)",s_regex:"",format:"{0}",color:"green",scope:"any header",engine:"dfa",sensitive:!0},{name:"JSON Web Token",loaded:!0,f_regex:"(eyJ[A-Za-z0-9_-]{10,}\\.[A-Za-z0-9._-]{10,}|eyJ[A-Za-z0-9_\\/+-]{10,}\\.[A-Za-z0-9._\\/+-]{10,})",s_regex:"",format:"{0}",color:"green",scope:"any",engine:"nfa",sensitive:!0},{name:"Swagger UI",loaded:!0,f_regex:'((swagger-ui.html)|(\\"swagger\\":)|(Swagger UI)|(swaggerUi)|(swaggerVersion))',s_regex:"",format:"{0}",color:"red",scope:"response body",engine:"dfa",sensitive:!1},{name:"Ueditor",loaded:!0,f_regex:"(ueditor\\.(config|all)\\.js)",s_regex:"",format:"{0}",color:"green",scope:"response body",engine:"dfa",sensitive:!1},{name:"Druid",loaded:!0,f_regex:"(Druid Stat Index)",s_regex:"",format:"{0}",color:"orange",scope:"response body",engine:"dfa",sensitive:!1},{name:"PDF.js Viewer",loaded:!0,f_regex:"(pdf.worker)",s_regex:"",format:"{0}",color:"green",scope:"response body",engine:"dfa",sensitive:!1},{name:"Vite DevMode",loaded:!0,f_regex:"(/\\@vite/client)",s_regex:"",format:"{0}",color:"red",scope:"response body",engine:"dfa",sensitive:!0}]},{group:"Maybe Vulnerability",rule:[{name:"Java Deserialization",loaded:!0,f_regex:"(javax\\.faces\\.ViewState)",s_regex:"",format:"{0}",color:"yellow",scope:"response body",engine:"dfa",sensitive:!1},{name:"Debug Logic Parameters",loaded:!0,f_regex:"((access=)|(adm=)|(admin=)|(alter=)|(cfg=)|(clone=)|(config=)|(create=)|(dbg=)|(debug=)|(delete=)|(disable=)|(edit=)|(enable=)|(exec=)|(execute=)|(grant=)|(load=)|(make=)|(modify=)|(rename=)|(reset=)|(root=)|(shell=)|(test=)|(toggl=))",s_regex:"",format:"{0}",color:"cyan",scope:"request",engine:"dfa",sensitive:!1},{name:"URL As A Value",loaded:!0,f_regex:"(=(https?)(://|%3a%2f%2f))",s_regex:"",format:"{0}",color:"cyan",scope:"any",engine:"nfa",sensitive:!1},{name:"Upload Form",loaded:!0,f_regex:'(type\\=\\"file\\")',s_regex:"",format:"{0}",color:"yellow",scope:"response body",engine:"dfa",sensitive:!1},{name:"DoS Paramters",loaded:!0,f_regex:"((size=)|(page=)|(num=)|(limit=)|(start=)|(end=)|(count=))",s_regex:"",format:"{0}",color:"cyan",scope:"request",engine:"dfa",sensitive:!1},{name:"Passwd File",loaded:!0,f_regex:"(/root:/bin/bash)",s_regex:"",format:"{0}",color:"red",scope:"response body",engine:"dfa",sensitive:!0},{name:"Win.ini File",loaded:!0,f_regex:"(for 16-bit app)",s_regex:"",format:"{0}",color:"red",scope:"response body",engine:"dfa",sensitive:!0}]},{group:"Basic Information",rule:[{name:"Email",loaded:!0,f_regex:"(\\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\\.[A-Z|a-z]{2,5}\\b)",s_regex:"^((?!.*\\.(jpg|jpeg|png|gif|bmp|webp|svg|tiff|ico?)$).*@.*\\..*)$",format:"{0}",color:"yellow",scope:"response",engine:"nfa",sensitive:!1},{name:"Chinese IDCard",loaded:!0,f_regex:"[^0-9]((\\d{8}(0\\d|10|11|12)([0-2]\\d|30|31)\\d{3}$)|(\\d{6}(18|19|20)\\d{2}(0[1-9]|10|11|12)([0-2]\\d|30|31)\\d{3}(\\d|X|x)))[^0-9]",s_regex:"",format:"{0}",color:"orange",scope:"response body",engine:"nfa",sensitive:!0},{name:"Chinese Mobile Number",loaded:!0,f_regex:"[^\\w]((?:(?:\\+|0{0,2})86)?1(?:(?:3[\\d])|(?:4[5-79])|(?:5[0-35-9])|(?:6[5-7])|(?:7[0-8])|(?:8[\\d])|(?:9[189]))\\d{8})[^\\w]",s_regex:"",format:"{0}",color:"orange",scope:"response body",engine:"nfa",sensitive:!1},{name:"Internal IP Address",loaded:!0,f_regex:"[^0-9]((127\\.0\\.0\\.1)|(10\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3})|(172\\.((1[6-9])|(2\\d)|(3[01]))\\.\\d{1,3}\\.\\d{1,3})|(192\\.168\\.\\d{1,3}\\.\\d{1,3}))",s_regex:"",format:"{0}",color:"cyan",scope:"response",engine:"nfa",sensitive:!0},{name:"MAC Address",loaded:!0,f_regex:"(^([a-fA-F0-9]{2}(:[a-fA-F0-9]{2}){5})|[^a-zA-Z0-9]([a-fA-F0-9]{2}(:[a-fA-F0-9]{2}){5}))",s_regex:"",format:"{0}",color:"green",scope:"response",engine:"nfa",sensitive:!0}]},{group:"Sensitive Information",rule:[{name:"Cloud Key",loaded:!0,f_regex:"(((access)(|-|_)(key)(|-|_)(id|secret))|(LTAI[a-z0-9]{12,20}))",s_regex:"",format:"{0}",color:"yellow",scope:"any",engine:"nfa",sensitive:!1},{name:"Windows File/Dir Path",loaded:!0,f_regex:"[^\\w]([a-zA-Z]:\\\\\\\\?(?:[^<>:/\\\\|?*]+\\\\\\\\?)*)([^<>:/\\\\|?*]+(?:\\.[^<>:/\\\\|?*]+)?)",s_regex:"",format:"{0}",color:"green",scope:"response",engine:"nfa",sensitive:!0},{name:"Password Field",loaded:!0,f_regex:"(((|\\\\)(|'|\")(|[\\.\\w]{1,32})([p](ass|wd|asswd|assword))(|[\\.\\w]{1,32})(|\\\\)(|'|\")( |)(:|[=]{1,3}|![=]{1,2}|[\\)]{0,1}\\.val\\()( |)(|\\\\)('|\")([^'\"]+?)(|\\\\)('|\")(|,|\\)))|((|\\\\)('|\")([^'\"]+?)(|\\\\)('|\")(|\\\\)(|'|\")( |)(:|[=]{1,3}|![=]{1,2})( |)(|[\\.\\w]{1,32})([p](ass|wd|asswd|assword))(|[\\.\\w]{1,32})(|\\\\)(|'|\")))",s_regex:"",format:"{0}",color:"yellow",scope:"response body",engine:"nfa",sensitive:!1},{name:"Username Field",loaded:!0,f_regex:"(((|\\\\)(|'|\")(|[\\.\\w]{1,32})(([u](ser|name|sername))|(account)|((((create|update)((d|r)|(by|on|at)))|(creator))))(|[\\.\\w]{1,32})(|\\\\)(|'|\")( |)(:|[=]{1,3}|![=]{1,2}|[\\)]{0,1}\\.val\\()( |)(|\\\\)('|\")([^'\"]+?)(|\\\\)('|\")(|,|\\)))|((|\\\\)('|\")([^'\"]+?)(|\\\\)('|\")(|\\\\)(|'|\")( |)(:|[=]{1,3}|![=]{1,2})( |)(|[\\.\\w]{1,32})(([u](ser|name|sername))|(account)|((((create|update)((d|r)|(by|on|at)))|(creator))))(|[\\.\\w]{1,32})(|\\\\)(|'|\")))",s_regex:"",format:"{0}",color:"green",scope:"response body",engine:"nfa",sensitive:!1},{name:"WeCom Key",loaded:!0,f_regex:"((corp)(id|secret))",s_regex:"",format:"{0}",color:"green",scope:"response body",engine:"dfa",sensitive:!1},{name:"JDBC Connection",loaded:!0,f_regex:"(jdbc:[a-z:]+://[a-z0-9\\.\\-_:;=/@?,&]+)",s_regex:"",format:"{0}",color:"yellow",scope:"any",engine:"nfa",sensitive:!1},{name:"Authorization Header",loaded:!0,f_regex:"((basic [a-z0-9=:_\\+\\/-]{5,100})|(bearer [a-z0-9_.=:_\\+\\/-]{5,100}))",s_regex:"",format:"{0}",color:"yellow",scope:"response body",engine:"nfa",sensitive:!1},{name:"Sensitive Field",loaded:!0,f_regex:"(((|\\\\)(|'|\")(|[\\.\\w]{1,32})(key|secret|token|config|auth|access|admin|ticket)(|[\\.\\w]{1,32})(|\\\\)(|'|\")( |)(:|[=]{1,3}|![=]{1,2}|[\\)]{0,1}\\.val\\()( |)(|\\\\)('|\")([^'\"]+?)(|\\\\)('|\")(|,|\\)))|((|\\\\)('|\")([^'\"]+?)(|\\\\)('|\")(|\\\\)(|'|\")( |)(:|[=]{1,3}|![=]{1,2})( |)(|[\\.\\w]{1,32})(key|secret|token|config|auth|access|admin|ticket)(|[\\.\\w]{1,32})(|\\\\)(|'|\")))",s_regex:"",format:"{0}",color:"yellow",scope:"response",engine:"nfa",sensitive:!1},{name:"Mobile Number Field",loaded:!0,f_regex:"(((|\\\\)(|'|\")(|[\\.\\w]{1,32})(mobile|phone|sjh|shoujihao|concat)(|[\\.\\w]{1,32})(|\\\\)(|'|\")( |)(:|[=]{1,3}|![=]{1,2}|[\\)]{0,1}\\.val\\()( |)(|\\\\)('|\")([^'\"]+?)(|\\\\)('|\")(|,|\\)))|((|\\\\)('|\")([^'\"]+?)(|\\\\)('|\")(|\\\\)(|'|\")( |)(:|[=]{1,3}|![=]{1,2})( |)(|[\\.\\w]{1,32})(mobile|phone|sjh|shoujihao|concat)(|[\\.\\w]{1,32})(|\\\\)(|'|\")))",s_regex:"",format:"{0}",color:"green",scope:"response body",engine:"nfa",sensitive:!1},{name:"Userinfo In Link",loaded:!0,f_regex:"(?:\"|'|\\`)(((?:[a-zA-Z]{1,10}://|//)[^\"'/]{1,}\\.[a-zA-Z]{2,}[^\"']{0,})|((?:/|\\.\\./|\\./)[^\"'><,;|*()(%%$^/\\\\\\[\\]][^\"'><,;|()]{1,})|([a-zA-Z0-9_\\-/]{1,}/[a-zA-Z0-9_\\-/]{1,}\\.(?:[a-zA-Z]{1,4}|action)(?:[\\?|#][^\"|']{0,}|))|([a-zA-Z0-9_\\-/]{1,}/[a-zA-Z0-9_\\-/]{3,}(?:[\\?|#][^\"|']{0,}|))|([a-zA-Z0-9_\\-]{1,}\\.(?:\\w)(?:[\\?|#][^\"|']{0,}|)))(?:\"|'|\\`)",s_regex:"((([p](ass|wd|asswd|assword))|(([u](ser|name|sername))|(account)|((((create|update)((d|r)|(by|on|at)))|(creator)))))=[\\.\\w]{1,32})",format:"{0}",color:"green",scope:"response body",engine:"nfa",sensitive:!1}]},{group:"Other",rule:[{name:"Linkfinder",loaded:!0,f_regex:"(?:\"|'|\\`)(((?:[a-zA-Z]{1,10}://|//)[^\"'/]{1,}\\.[a-zA-Z]{2,}[^\"']{0,})|((?:/|\\.\\./|\\./)[^\"'><,;|*()(%%$^/\\\\\\[\\]][^\"'><,;|()]{1,})|([a-zA-Z0-9_\\-/]{1,}/[a-zA-Z0-9_\\-/]{1,}\\.(?:[a-zA-Z]{1,4}|action)(?:[\\?|#][^\"|']{0,}|))|([a-zA-Z0-9_\\-/]{1,}/[a-zA-Z0-9_\\-/]{3,}(?:[\\?|#][^\"|']{0,}|))|([a-zA-Z0-9_\\-]{1,}\\.(?:\\w)(?:[\\?|#][^\"|']{0,}|)))(?:\"|'|\\`)",s_regex:"",format:"{0}",color:"gray",scope:"response body",engine:"nfa",sensitive:!0},{name:"Source Map",loaded:!0,f_regex:"(\\.js\\.map)",s_regex:"",format:"{0}",color:"pink",scope:"response body",engine:"dfa",sensitive:!1},{name:"Create Script",loaded:!0,f_regex:'(\\{[^{}]*\\}\\s*\\[[^\\]]*\\]\\s*\\+\\s*"[^"]*\\.js"|\\{[\\s\\S]{0,5000}?\\}\\s*\\[[^\\]]*\\]\\s*\\+\\s*"[^"]*\\.js")',s_regex:'"?([\\w].*?)"?:"(.*?)"',format:"{0}.{1}",color:"green",scope:"response body",engine:"nfa",sensitive:!1},{name:"URL Schemes",loaded:!0,f_regex:"(\\b(?![\\w]{0,10}?https?://)(([A-Za-z0-9-\\.]{1,20})://([-\\w+&@#/%?=~_|!:,.;]*[-\\w+&@#/%=~_|])?))",s_regex:"",format:"{0}",color:"yellow",scope:"response body",engine:"nfa",sensitive:!1},{name:"Router Push",loaded:!0,f_regex:"(\\$router\\.push)",s_regex:"",format:"{0}",color:"magenta",scope:"response body",engine:"dfa",sensitive:!1},{name:"All URL",loaded:!0,f_regex:"(https?://[-A-Za-z0-9+&@#/%?=~_|!:,.;\\u4E00-\\u9FFF]+[-A-Za-z0-9+&@#/%=~_|])",s_regex:"",format:"{0}",color:"gray",scope:"response body",engine:"nfa",sensitive:!0},{name:"Request URI",loaded:!1,f_regex:" ((?!.*\\.js(\\?.*)?$)(.*?[^.js$])) ",s_regex:"",format:"{0}",color:"gray",scope:"request line",engine:"nfa",sensitive:!1},{name:"302 Location",loaded:!0,f_regex:"Location: (.*?)\\r\\n",s_regex:"",format:"{0}",color:"gray",scope:"response header",engine:"nfa",sensitive:!1},{name:"OSKeys",loaded:!1,f_regex:"<Key>(.*?)</Key>",s_regex:"",format:"{0}",color:"gray",scope:"response body",engine:"nfa",sensitive:!0}]}]};"undefined"!=typeof module&&module.exports?module.exports=config:window.scanRules=config;