├── CHANGELOG.md ├── Dockerfile ├── LICENSE.md ├── README.md ├── Sn1per.gif ├── Sn1per.jpg ├── bin ├── github-subdomains.py ├── http-default-accounts-fingerprints-nndefaccts.lua ├── inurlbr.php ├── nmap-bootstrap.xsl ├── pyText2pdf.py ├── report.py ├── samrdump.py ├── slack.sh ├── slurp.zip ├── waybackrobots.py ├── waybackurls.py ├── webscreenshot.js ├── webscreenshot.py └── zap-scan.py ├── conf ├── bug_bounty_full_brute ├── bug_bounty_max_javascript_files ├── bug_bounty_quick ├── bug_bounty_quick_port_80_443_only ├── deep_active_recon ├── default ├── fast_service_portscan ├── super_stealth_mode ├── super_stealth_mode_OSINT ├── web_mode_all_plugins ├── webpwn_only ├── webpwn_only_metasploit_disabled └── zap_only_webscan ├── install.sh ├── loot └── README.md ├── modes ├── airstrike.sh ├── bruteforce.sh ├── discover.sh ├── flyover.sh ├── fullportonly.sh ├── fullportscan.sh ├── javascript-analysis.sh ├── massportscan.sh ├── massvulnscan.sh ├── massweb.sh ├── masswebscan.sh ├── normal.sh ├── normal_webporthttp.sh ├── normal_webporthttps.sh ├── nuke.sh ├── osint.sh ├── osint_stage_2.sh ├── recon.sh ├── sc0pe-active-webscan.sh ├── sc0pe-network-scan.sh ├── sc0pe-passive-webscan.sh ├── sc0pe.sh ├── static-grep-search.sh ├── stealth.sh ├── vulnscan.sh ├── web.sh ├── web_autopwn.sh ├── webporthttp.sh ├── webporthttps.sh └── webscan.sh ├── pro └── notepad.html ├── sn1per.desktop ├── sn1per.png ├── sniper ├── sniper.conf ├── templates ├── active │ ├── AWS_S3_Public_Bucket_Listing.sh │ ├── ApPHP_MicroBlog_Remote_Code_Execution_Vulnerability.sh │ ├── Apache_Solr_Scanner.sh │ ├── Apache_Tomcat_Scanner.sh │ ├── AvantFAX_LOGIN_Detected.sh │ ├── CVE-2018-13379_-_Fortigate_Pulse_Connect_Secure_Directory_Traversal.sh │ ├── CVE-2019-11510_-_Pulse_Connect_Secure_SSL_VPN_Arbitrary_File_Read.sh │ ├── CVE-2019-11580_-_Atlassian_Crowd_Data_Center_Unauthenticated_RCE.sh │ ├── CVE-2019-11581_-_Jira_Template_Injection.sh │ ├── CVE-2019-1653_-_Cisco_RV320_RV326_Configuration_Disclosure.sh │ ├── CVE-2019-16662_-_rConfig_3.9.2_Remote_Code_Execution.sh │ ├── CVE-2019-16759_-_vBulletin_5.x_0-Day_Pre-Auth_Remote_Command_Execution.sh │ ├── CVE-2019-16759_-_vBulletin_5.x_0-Day_Pre-Auth_Remote_Command_Execution_Bypass.sh │ ├── CVE-2019-17558_-_Apache_Solr_RCE.sh │ ├── CVE-2019-19719_Tableau_Server_DOM_XSS.py │ ├── CVE-2019-19781_-_Citrix_ADC_Directory_Traversal.sh │ ├── CVE-2019-19908_-_phpMyChat-Plus_XSS.sh │ ├── CVE-2019-5418_-_Rail_File_Content_Disclosure.sh │ ├── CVE-2019-6340_-_Drupal8_REST_RCE_SA-CORE-2019-003.disabled │ ├── CVE-2019-7192_-_QNAP_Pre-Auth_Root_RCE.sh │ ├── CVE-2019-8442_-_Jira_Webroot_Directory_Traversal_1.sh │ ├── CVE-2019-8442_-_Jira_Webroot_Directory_Traversal_2.sh │ ├── CVE-2019-8451_Jira_SSRF_1.sh │ ├── CVE-2019-8451_Jira_SSRF_2.sh │ ├── CVE-2019-8451_Jira_SSRF_3.sh │ ├── CVE-2019-8451_Jira_SSRF_4.sh │ ├── CVE-2019-8903_-_Totaljs_Unathenticated_Directory_Traversal.sh │ ├── CVE-2019-8982_-_Wavemaker_Studio_6.6_LFI_SSRF.sh │ ├── CVE-2020-0618_-_Remote_Code_Execution_SQL_Server_Reporting_Services.sh │ ├── CVE-2020-10204_-_Sonatype_Nexus_Repository_RCE.sh │ ├── CVE-2020-1147_-_Remote_Code_Execution_in_Microsoft_SharePoint_Server.sh │ ├── CVE-2020-11530_-_Wordpress_Chop_Slider_3_Plugin_SQL_Injection.sh │ ├── CVE-2020-11738_-_WordPress_Duplicator_plugin_Directory_Traversal.sh │ ├── CVE-2020-11738_-_WordPress_Duplicator_plugin_Directory_Traversal_2.sh │ ├── CVE-2020-11738_-_WordPress_Duplicator_plugin_Directory_Traversal_3.sh │ ├── CVE-2020-11738_-_WordPress_Duplicator_plugin_Directory_Traversal_4.sh │ ├── CVE-2020-12271_-_Sophos_XG_Firewall_Pre-Auth_SQL_Injection.sh │ ├── CVE-2020-12720_-_vBulletin_Unauthenticaed_SQLi_1.sh │ ├── CVE-2020-12720_-_vBulletin_Unauthenticaed_SQLi_2.sh │ ├── CVE-2020-12720_-_vBulletin_Unauthenticaed_SQLi_3.sh │ ├── CVE-2020-13167_-_Netsweeper_WebAdmin_Python_Code_Injection_1.sh │ ├── CVE-2020-13167_-_Netsweeper_WebAdmin_Python_Code_Injection_2.sh │ ├── CVE-2020-14181_-_User_Enumeration_Via_Insecure_Jira_Endpoint.sh │ ├── CVE-2020-14815_-_Oracle_Business_Intelligence_Enterprise_DOM_XSS.sh │ ├── CVE-2020-15129_-_Open_Redirect_In_Traefik.sh │ ├── CVE-2020-15920_-_Mida_eFramework_Unauthenticated_RCE.sh │ ├── CVE-2020-17519_-_Apache_Flink_Path_Traversal.sh │ ├── CVE-2020-2034_-_PAN-OS_GlobalProtect_OS_Command_Injection.sh │ ├── CVE-2020-2096_-_Jenkins_Gitlab_Hook_XSS.sh │ ├── CVE-2020-2096_Jenkins_Gitlab_XSS_1.sh │ ├── CVE-2020-2096_Jenkins_Gitlab_XSS_2.sh │ ├── CVE-2020-2096_Jenkins_Gitlab_XSS_3.sh │ ├── CVE-2020-2096_Jenkins_Gitlab_XSS_4.sh │ ├── CVE-2020-2140_-_Jenkin_AuditTrailPlugin_XSS.sh │ ├── CVE-2020-24223_-_Mara_CMS_7.5_Reflective_XSS.sh │ ├── CVE-2020-25213_-_WP_File_Manager_File_Upload.sh │ ├── CVE-2020-2551_-_Unauthenticated_Oracle_WebLogic_Server_Remote_Code_Execution.sh │ ├── CVE-2020-2555_-_WebLogic_Server_Deserialization_RCE.sh │ ├── CVE-2020-3187_-_Citrix_Unauthenticated_File_Deletion.sh │ ├── CVE-2020-3452_-_Cisco_ASA-FTD_Arbitrary_File_Reading_Vulnerability.sh │ ├── CVE-2020-5284_-_Next_JS_Limited_Path_Traversal.sh │ ├── CVE-2020-5405_-_Spring_Directory_Traversal_1.sh │ ├── CVE-2020-5405_-_Spring_Directory_Traversal_2.sh │ ├── CVE-2020-5405_-_Spring_Directory_Traversal_3.sh │ ├── CVE-2020-5412_-_Full-read_SSRF_in_Spring_Cloud_Netflix.sh │ ├── CVE-2020-5902_-_F5_BIG-IP_Remote_Code_Execution_1.sh │ ├── CVE-2020-5902_-_F5_BIG-IP_Remote_Code_Execution_2.sh │ ├── CVE-2020-5902_-_F5_BIG-IP_XSS.sh │ ├── CVE-2020-6287_-_Create_an_Administrative_User_in_SAP_NetWeaver_AS_JAVA.sh │ ├── CVE-2020-7048_-_WP_Database_Reset_3.15_Unauthenticated_Database_Reset.sh │ ├── CVE-2020-7209_-_LinuxKI_Toolset_6.01_Remote_Command_Execution.sh │ ├── CVE-2020-7246_-_qdPM_Authenticated_Remote_Code_Execution.sh │ ├── CVE-2020-7473_Citrix_ShareFile_StorageZones.disabled │ ├── CVE-2020-8115_-_Revive_Adserver_XSS.py │ ├── CVE-2020-8115_-_Revive_Adserver_XSS.sh │ ├── CVE-2020-8163_-_Rails_5.0.1_Remote_Code_Execution.sh │ ├── CVE-2020-8191_-_Citrix_ADC_NetScaler_Gateway_Reflected_XSS.sh │ ├── CVE-2020-8193_-_Citrix_Unauthenticated_LFI.sh │ ├── CVE-2020-8194_-_Citrix_ADC_NetScaler_Gateway_Reflected_Code_Injection.sh │ ├── CVE-2020-8209_-_Citrix_XenMobile_Server_Path_Traversal.sh │ ├── CVE-2020-8209_-_XenMobile-Citrix_Endpoint_Management_Config_Password_Disclosure.sh │ ├── CVE-2020-8209_-_XenMobile-Citrix_Endpoint_Management_Path_Traversal.sh │ ├── CVE-2020-8512_-_IceWarp_WebMail_XSS.sh │ ├── CVE-2020-8772_-_IfiniteWP_Client_1.9.4.5_Authentication_Bypass_1.sh │ ├── CVE-2020-8982_-_Citrix_ShareFile_StorageZones_Unauthenticated_Arbitrary_File_Read.sh │ ├── CVE-2020-9047_-_exacqVision_Web_Service_Remote_Code_Execution.sh │ ├── CVE-2020-9054_-_ZyXEL_NAS_Remote_Code_Execution.sh │ ├── CVE-2020-9484_-_Apache_Tomcat_RCE_by_deserialization.sh │ ├── CVE-2020-9757_-_SEOmatic_3.3.0_Server-Side_Template_Injection.sh │ ├── Cisco_VPN_Login_Scanner.sh │ ├── Cisco_VPN_Scanner.sh │ ├── Citrix-Access-Gateway_Detected.sh │ ├── Citrix_VPN_Scanner.sh │ ├── Citrix_VPN_Scanner_2.sh │ ├── Clear-text_Communications_HTTP.sh │ ├── Clickjacking.sh │ ├── Common_Status_File_Scanner_1.sh │ ├── Common_Status_File_Scanner_2.sh │ ├── Common_Status_File_Scanner_3.sh │ ├── Confluence_Scanner.sh │ ├── Contact_Form_7_Wordpress_Plugin_Found_1.sh │ ├── Contact_Form_7_Wordpress_Plugin_Found_2.sh │ ├── Directory_Listing_Enabled.sh │ ├── Drupal_Install_Found.sh │ ├── Drupal_Scanner_1.sh │ ├── Drupal_Scanner_2.sh │ ├── Drupal_Scanner_3.sh │ ├── Drupal_User_Login.sh │ ├── Drupal_Version_Disclosure.sh │ ├── F5_BIG-IP_Scanner.sh │ ├── F5_BIG-IP_Scanner_2.sh │ ├── Fortigate_Pulse_Connect_Secure_Scanner.sh │ ├── Fortinet_FortiGate_SSL_VPN_Panel_Detected.sh │ ├── Fortinet_FortiGate_SSL_VPN_Panel_Detected_1.sh │ ├── Fortinet_FortiGate_SSL_VPN_Panel_Detected_2.sh │ ├── Fortinet_FortiGate_SSL_VPN_Panel_Detected_3.sh │ ├── Frontpage_Service_Password_Disclosure.sh │ ├── Git_Config_Detected.sh │ ├── JK_Status_Manager.sh │ ├── Jaspersoft_Detected.sh │ ├── Jenkins_Scanner.sh │ ├── Jetty_Version_Disclosure.sh │ ├── Jira_Scanner_1.sh │ ├── Jira_Scanner_2.sh │ ├── Jira_Scanner_3.sh │ ├── Jolokia_Version_Disclosure.sh │ ├── Joomla_Scanner_1.sh │ ├── Joomla_Scanner_2.sh │ ├── Joomla_Version_Disclosure.sh │ ├── Laraval_Environment_File_Found.sh │ ├── MS_SQL_Reporting_Server_Scanner_1.sh │ ├── MS_SQL_Reporting_Server_Scanner_2.sh │ ├── Magento_2.3.0_SQL_Injection.sh │ ├── Mailman_Version_Disclosure.sh │ ├── MobileIron_Login_1.sh │ ├── MobileIron_Login_2.sh │ ├── MobileIron_Login_3.sh │ ├── PHP_Composer_Disclosure.sh │ ├── PHP_Info.sh │ ├── Palo_Alto_GlobalProtect_PAN-OS_Portal_Scanner.sh │ ├── PulseSecure_VPN_Detected.sh │ ├── RabbitMQ_Management_Default_Credentials.sh │ ├── RabbitMQ_Management_Interface_Detected.sh │ ├── Robots.txt_Detected.sh │ ├── SAP_NetWeaver_AS_JAVA_LM_Configuration_Wizard_Detection.sh │ ├── SQLiteManager_Scanner_1.sh │ ├── Sitemap.xml_Detected.sh │ ├── SolarWinds_Orion_Default_Credentials_1.sh │ ├── SolarWinds_Orion_Default_Credentials_2.sh │ ├── SolarWinds_Orion_Panel.sh │ ├── TeamQuest_Login_Found.sh │ ├── Telerik_File_Upload_Web_UI.sh │ ├── Tiki_Wiki_CMS_Groupware_Scanner.sh │ ├── Unauthenticated_Jenkins_Dashboard_Detected.sh │ ├── VMware_vCenter_Unauthenticated_Arbitrary_File_Read.sh │ ├── Weak_Authentication_Scanner.sh │ ├── WebLogic_Scanner.sh │ ├── Web_Config_Detected.sh │ ├── Weblogic_Application_Server_Detected.sh │ ├── Wordpres_Scanner_1.sh │ ├── Wordpres_Scanner_2.sh │ ├── Wordpres_Scanner_3.sh │ ├── Wordpress_WP-File-Manager_Version_Detected.sh │ ├── XSS.py │ ├── cPanel_Login_Found.sh │ ├── cPanel_Login_Found_2.sh │ └── phpMyAdmin_Scanner_1.sh └── passive │ ├── network │ ├── CVE-2018-15473_-_OpenSSH_Username_Enumeration.sh │ ├── Default_Credentials_BruteX.sh │ ├── Default_Credentials_NMap.sh │ ├── Interesting_Domain_Found.sh │ ├── Lack_of_SPF_DNS_Record.sh │ ├── Possible_Takeover_Detected.sh │ ├── SMB_Info_Disclosure.sh │ ├── SMBv1_Enabled.sh │ ├── SSH_Version_Disclosure.sh │ ├── Subjack_Takeover_Detected.sh │ ├── Subover_Takeover_Detected.sh │ └── recursive │ │ ├── Component_With_Known_Vulnerabilities_-_NMap.sh │ │ ├── Interesting_Ports_Found.sh │ │ └── Nessus_Import.sh │ └── web │ ├── Autocomplete_Enabled.sh │ ├── CORS_Policy_-_Allow-Credentials_Enabled.sh │ ├── CORS_Policy_-_Allow-Origin_Wildcard.sh │ ├── CSP_Not_Enforced.sh │ ├── Clear-text_Communications_HTTP.sh │ ├── Clickjacking.sh │ ├── Drupal_Detected.sh │ ├── Expired_SSL_Certificate.sh │ ├── Fortinet_FortiGate_SSL_VPN_Panel_Passive_Detection.sh │ ├── Insecure_Cookie_-_HTTPOnly_Not_Set.sh │ ├── Insecure_Cookie_-_Secure_Not_Set.sh │ ├── Insecure_SSL_TLS_Connection.sh │ ├── Insecure_SSL_TLS_Connection_CN_Mismatch.sh │ ├── Interesting_Title_Found.sh │ ├── Server_Header_Disclosure.sh │ ├── Strict_Tranposrt_Security_Not_Enforced.sh │ ├── Trace_Method_Enabled.sh │ ├── X-Powered-By_Header_Found.sh │ └── recursive │ ├── Arachni_Vulnerability_Scan.disabled │ ├── Arachni_Vulnerability_Scan_-_HTTP.sh │ ├── Arachni_Vulnerability_Scan_-_HTTPS.sh │ ├── Nikto_Vulnerability_Scan-HTTP.sh │ ├── Nikto_Vulnerability_Scan-HTTPS.sh │ ├── Nuclei_Vulnerability_Scan_-_HTTP.sh │ ├── Nuclei_Vulnerability_Scan_-_HTTPS.sh │ ├── OWASP_Zap_Scan_-_HTTP.sh │ ├── OWASP_Zap_Scan_-_HTTPS.sh │ ├── Wordpress_Vulnerability_Scan_-_HTTPS_1.sh │ ├── Wordpress_Vulnerability_Scan_-_HTTPS_2.sh │ ├── Wordpress_Vulnerability_Scan_-_HTTP_1.sh │ └── Wordpress_Vulnerability_Scan_-_HTTP_2.sh ├── uninstall.sh └── wordlists ├── altdns.txt ├── domains-default.txt ├── domains-quick.txt ├── vhosts.txt ├── web-brute-common.txt ├── web-brute-exploits.txt ├── web-brute-full.txt ├── web-brute-stealth.txt └── web-brute-vulnerabilities.txt /CHANGELOG.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/CHANGELOG.md -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/Dockerfile -------------------------------------------------------------------------------- /LICENSE.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/LICENSE.md -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/README.md -------------------------------------------------------------------------------- /Sn1per.gif: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/Sn1per.gif -------------------------------------------------------------------------------- /Sn1per.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/Sn1per.jpg -------------------------------------------------------------------------------- /bin/github-subdomains.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/bin/github-subdomains.py -------------------------------------------------------------------------------- /bin/http-default-accounts-fingerprints-nndefaccts.lua: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/bin/http-default-accounts-fingerprints-nndefaccts.lua -------------------------------------------------------------------------------- /bin/inurlbr.php: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/bin/inurlbr.php -------------------------------------------------------------------------------- /bin/nmap-bootstrap.xsl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/bin/nmap-bootstrap.xsl -------------------------------------------------------------------------------- /bin/pyText2pdf.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/bin/pyText2pdf.py -------------------------------------------------------------------------------- /bin/report.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/bin/report.py -------------------------------------------------------------------------------- /bin/samrdump.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/bin/samrdump.py -------------------------------------------------------------------------------- /bin/slack.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/bin/slack.sh -------------------------------------------------------------------------------- /bin/slurp.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/bin/slurp.zip -------------------------------------------------------------------------------- /bin/waybackrobots.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/bin/waybackrobots.py -------------------------------------------------------------------------------- /bin/waybackurls.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/bin/waybackurls.py -------------------------------------------------------------------------------- /bin/webscreenshot.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/bin/webscreenshot.js -------------------------------------------------------------------------------- /bin/webscreenshot.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/bin/webscreenshot.py -------------------------------------------------------------------------------- /bin/zap-scan.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/bin/zap-scan.py -------------------------------------------------------------------------------- /conf/bug_bounty_full_brute: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/conf/bug_bounty_full_brute -------------------------------------------------------------------------------- /conf/bug_bounty_max_javascript_files: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/conf/bug_bounty_max_javascript_files -------------------------------------------------------------------------------- /conf/bug_bounty_quick: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/conf/bug_bounty_quick -------------------------------------------------------------------------------- /conf/bug_bounty_quick_port_80_443_only: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/conf/bug_bounty_quick_port_80_443_only -------------------------------------------------------------------------------- /conf/deep_active_recon: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/conf/deep_active_recon -------------------------------------------------------------------------------- /conf/default: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/conf/default -------------------------------------------------------------------------------- /conf/fast_service_portscan: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/conf/fast_service_portscan -------------------------------------------------------------------------------- /conf/super_stealth_mode: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/conf/super_stealth_mode -------------------------------------------------------------------------------- /conf/super_stealth_mode_OSINT: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/conf/super_stealth_mode_OSINT -------------------------------------------------------------------------------- /conf/web_mode_all_plugins: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/conf/web_mode_all_plugins -------------------------------------------------------------------------------- /conf/webpwn_only: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/conf/webpwn_only -------------------------------------------------------------------------------- /conf/webpwn_only_metasploit_disabled: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/conf/webpwn_only_metasploit_disabled -------------------------------------------------------------------------------- /conf/zap_only_webscan: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/conf/zap_only_webscan -------------------------------------------------------------------------------- /install.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/install.sh -------------------------------------------------------------------------------- /loot/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/loot/README.md -------------------------------------------------------------------------------- /modes/airstrike.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/airstrike.sh -------------------------------------------------------------------------------- /modes/bruteforce.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/bruteforce.sh -------------------------------------------------------------------------------- /modes/discover.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/discover.sh -------------------------------------------------------------------------------- /modes/flyover.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/flyover.sh -------------------------------------------------------------------------------- /modes/fullportonly.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/fullportonly.sh -------------------------------------------------------------------------------- /modes/fullportscan.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/fullportscan.sh -------------------------------------------------------------------------------- /modes/javascript-analysis.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/javascript-analysis.sh -------------------------------------------------------------------------------- /modes/massportscan.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/massportscan.sh -------------------------------------------------------------------------------- /modes/massvulnscan.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/massvulnscan.sh -------------------------------------------------------------------------------- /modes/massweb.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/massweb.sh -------------------------------------------------------------------------------- /modes/masswebscan.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/masswebscan.sh -------------------------------------------------------------------------------- /modes/normal.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/normal.sh -------------------------------------------------------------------------------- /modes/normal_webporthttp.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/normal_webporthttp.sh -------------------------------------------------------------------------------- /modes/normal_webporthttps.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/normal_webporthttps.sh -------------------------------------------------------------------------------- /modes/nuke.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/nuke.sh -------------------------------------------------------------------------------- /modes/osint.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/osint.sh -------------------------------------------------------------------------------- /modes/osint_stage_2.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/osint_stage_2.sh -------------------------------------------------------------------------------- /modes/recon.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/recon.sh -------------------------------------------------------------------------------- /modes/sc0pe-active-webscan.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/sc0pe-active-webscan.sh -------------------------------------------------------------------------------- /modes/sc0pe-network-scan.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/sc0pe-network-scan.sh -------------------------------------------------------------------------------- /modes/sc0pe-passive-webscan.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/sc0pe-passive-webscan.sh -------------------------------------------------------------------------------- /modes/sc0pe.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/sc0pe.sh -------------------------------------------------------------------------------- /modes/static-grep-search.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/static-grep-search.sh -------------------------------------------------------------------------------- /modes/stealth.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/stealth.sh -------------------------------------------------------------------------------- /modes/vulnscan.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/vulnscan.sh -------------------------------------------------------------------------------- /modes/web.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/web.sh -------------------------------------------------------------------------------- /modes/web_autopwn.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/web_autopwn.sh -------------------------------------------------------------------------------- /modes/webporthttp.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/webporthttp.sh -------------------------------------------------------------------------------- /modes/webporthttps.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/webporthttps.sh -------------------------------------------------------------------------------- /modes/webscan.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/modes/webscan.sh -------------------------------------------------------------------------------- /pro/notepad.html: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/pro/notepad.html -------------------------------------------------------------------------------- /sn1per.desktop: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/sn1per.desktop -------------------------------------------------------------------------------- /sn1per.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/sn1per.png -------------------------------------------------------------------------------- /sniper: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/sniper -------------------------------------------------------------------------------- /sniper.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/sniper.conf -------------------------------------------------------------------------------- /templates/active/AWS_S3_Public_Bucket_Listing.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/AWS_S3_Public_Bucket_Listing.sh -------------------------------------------------------------------------------- /templates/active/ApPHP_MicroBlog_Remote_Code_Execution_Vulnerability.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/ApPHP_MicroBlog_Remote_Code_Execution_Vulnerability.sh -------------------------------------------------------------------------------- /templates/active/Apache_Solr_Scanner.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Apache_Solr_Scanner.sh -------------------------------------------------------------------------------- /templates/active/Apache_Tomcat_Scanner.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Apache_Tomcat_Scanner.sh -------------------------------------------------------------------------------- /templates/active/AvantFAX_LOGIN_Detected.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/AvantFAX_LOGIN_Detected.sh -------------------------------------------------------------------------------- /templates/active/CVE-2018-13379_-_Fortigate_Pulse_Connect_Secure_Directory_Traversal.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2018-13379_-_Fortigate_Pulse_Connect_Secure_Directory_Traversal.sh -------------------------------------------------------------------------------- /templates/active/CVE-2019-11510_-_Pulse_Connect_Secure_SSL_VPN_Arbitrary_File_Read.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2019-11510_-_Pulse_Connect_Secure_SSL_VPN_Arbitrary_File_Read.sh -------------------------------------------------------------------------------- /templates/active/CVE-2019-11580_-_Atlassian_Crowd_Data_Center_Unauthenticated_RCE.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2019-11580_-_Atlassian_Crowd_Data_Center_Unauthenticated_RCE.sh -------------------------------------------------------------------------------- /templates/active/CVE-2019-11581_-_Jira_Template_Injection.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2019-11581_-_Jira_Template_Injection.sh -------------------------------------------------------------------------------- /templates/active/CVE-2019-1653_-_Cisco_RV320_RV326_Configuration_Disclosure.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2019-1653_-_Cisco_RV320_RV326_Configuration_Disclosure.sh -------------------------------------------------------------------------------- /templates/active/CVE-2019-16662_-_rConfig_3.9.2_Remote_Code_Execution.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2019-16662_-_rConfig_3.9.2_Remote_Code_Execution.sh -------------------------------------------------------------------------------- /templates/active/CVE-2019-16759_-_vBulletin_5.x_0-Day_Pre-Auth_Remote_Command_Execution.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2019-16759_-_vBulletin_5.x_0-Day_Pre-Auth_Remote_Command_Execution.sh -------------------------------------------------------------------------------- /templates/active/CVE-2019-16759_-_vBulletin_5.x_0-Day_Pre-Auth_Remote_Command_Execution_Bypass.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2019-16759_-_vBulletin_5.x_0-Day_Pre-Auth_Remote_Command_Execution_Bypass.sh -------------------------------------------------------------------------------- /templates/active/CVE-2019-17558_-_Apache_Solr_RCE.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2019-17558_-_Apache_Solr_RCE.sh -------------------------------------------------------------------------------- /templates/active/CVE-2019-19719_Tableau_Server_DOM_XSS.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2019-19719_Tableau_Server_DOM_XSS.py -------------------------------------------------------------------------------- /templates/active/CVE-2019-19781_-_Citrix_ADC_Directory_Traversal.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2019-19781_-_Citrix_ADC_Directory_Traversal.sh -------------------------------------------------------------------------------- /templates/active/CVE-2019-19908_-_phpMyChat-Plus_XSS.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2019-19908_-_phpMyChat-Plus_XSS.sh -------------------------------------------------------------------------------- /templates/active/CVE-2019-5418_-_Rail_File_Content_Disclosure.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2019-5418_-_Rail_File_Content_Disclosure.sh -------------------------------------------------------------------------------- /templates/active/CVE-2019-6340_-_Drupal8_REST_RCE_SA-CORE-2019-003.disabled: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2019-6340_-_Drupal8_REST_RCE_SA-CORE-2019-003.disabled -------------------------------------------------------------------------------- /templates/active/CVE-2019-7192_-_QNAP_Pre-Auth_Root_RCE.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2019-7192_-_QNAP_Pre-Auth_Root_RCE.sh -------------------------------------------------------------------------------- /templates/active/CVE-2019-8442_-_Jira_Webroot_Directory_Traversal_1.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2019-8442_-_Jira_Webroot_Directory_Traversal_1.sh -------------------------------------------------------------------------------- /templates/active/CVE-2019-8442_-_Jira_Webroot_Directory_Traversal_2.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2019-8442_-_Jira_Webroot_Directory_Traversal_2.sh -------------------------------------------------------------------------------- /templates/active/CVE-2019-8451_Jira_SSRF_1.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2019-8451_Jira_SSRF_1.sh -------------------------------------------------------------------------------- /templates/active/CVE-2019-8451_Jira_SSRF_2.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2019-8451_Jira_SSRF_2.sh -------------------------------------------------------------------------------- /templates/active/CVE-2019-8451_Jira_SSRF_3.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2019-8451_Jira_SSRF_3.sh -------------------------------------------------------------------------------- /templates/active/CVE-2019-8451_Jira_SSRF_4.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2019-8451_Jira_SSRF_4.sh -------------------------------------------------------------------------------- /templates/active/CVE-2019-8903_-_Totaljs_Unathenticated_Directory_Traversal.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2019-8903_-_Totaljs_Unathenticated_Directory_Traversal.sh -------------------------------------------------------------------------------- /templates/active/CVE-2019-8982_-_Wavemaker_Studio_6.6_LFI_SSRF.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2019-8982_-_Wavemaker_Studio_6.6_LFI_SSRF.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-0618_-_Remote_Code_Execution_SQL_Server_Reporting_Services.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-0618_-_Remote_Code_Execution_SQL_Server_Reporting_Services.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-10204_-_Sonatype_Nexus_Repository_RCE.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-10204_-_Sonatype_Nexus_Repository_RCE.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-1147_-_Remote_Code_Execution_in_Microsoft_SharePoint_Server.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-1147_-_Remote_Code_Execution_in_Microsoft_SharePoint_Server.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-11530_-_Wordpress_Chop_Slider_3_Plugin_SQL_Injection.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-11530_-_Wordpress_Chop_Slider_3_Plugin_SQL_Injection.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-11738_-_WordPress_Duplicator_plugin_Directory_Traversal.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-11738_-_WordPress_Duplicator_plugin_Directory_Traversal.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-11738_-_WordPress_Duplicator_plugin_Directory_Traversal_2.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-11738_-_WordPress_Duplicator_plugin_Directory_Traversal_2.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-11738_-_WordPress_Duplicator_plugin_Directory_Traversal_3.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-11738_-_WordPress_Duplicator_plugin_Directory_Traversal_3.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-11738_-_WordPress_Duplicator_plugin_Directory_Traversal_4.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-11738_-_WordPress_Duplicator_plugin_Directory_Traversal_4.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-12271_-_Sophos_XG_Firewall_Pre-Auth_SQL_Injection.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-12271_-_Sophos_XG_Firewall_Pre-Auth_SQL_Injection.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-12720_-_vBulletin_Unauthenticaed_SQLi_1.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-12720_-_vBulletin_Unauthenticaed_SQLi_1.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-12720_-_vBulletin_Unauthenticaed_SQLi_2.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-12720_-_vBulletin_Unauthenticaed_SQLi_2.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-12720_-_vBulletin_Unauthenticaed_SQLi_3.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-12720_-_vBulletin_Unauthenticaed_SQLi_3.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-13167_-_Netsweeper_WebAdmin_Python_Code_Injection_1.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-13167_-_Netsweeper_WebAdmin_Python_Code_Injection_1.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-13167_-_Netsweeper_WebAdmin_Python_Code_Injection_2.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-13167_-_Netsweeper_WebAdmin_Python_Code_Injection_2.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-14181_-_User_Enumeration_Via_Insecure_Jira_Endpoint.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-14181_-_User_Enumeration_Via_Insecure_Jira_Endpoint.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-14815_-_Oracle_Business_Intelligence_Enterprise_DOM_XSS.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-14815_-_Oracle_Business_Intelligence_Enterprise_DOM_XSS.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-15129_-_Open_Redirect_In_Traefik.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-15129_-_Open_Redirect_In_Traefik.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-15920_-_Mida_eFramework_Unauthenticated_RCE.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-15920_-_Mida_eFramework_Unauthenticated_RCE.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-17519_-_Apache_Flink_Path_Traversal.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-17519_-_Apache_Flink_Path_Traversal.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-2034_-_PAN-OS_GlobalProtect_OS_Command_Injection.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-2034_-_PAN-OS_GlobalProtect_OS_Command_Injection.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-2096_-_Jenkins_Gitlab_Hook_XSS.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-2096_-_Jenkins_Gitlab_Hook_XSS.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-2096_Jenkins_Gitlab_XSS_1.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-2096_Jenkins_Gitlab_XSS_1.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-2096_Jenkins_Gitlab_XSS_2.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-2096_Jenkins_Gitlab_XSS_2.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-2096_Jenkins_Gitlab_XSS_3.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-2096_Jenkins_Gitlab_XSS_3.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-2096_Jenkins_Gitlab_XSS_4.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-2096_Jenkins_Gitlab_XSS_4.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-2140_-_Jenkin_AuditTrailPlugin_XSS.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-2140_-_Jenkin_AuditTrailPlugin_XSS.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-24223_-_Mara_CMS_7.5_Reflective_XSS.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-24223_-_Mara_CMS_7.5_Reflective_XSS.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-25213_-_WP_File_Manager_File_Upload.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-25213_-_WP_File_Manager_File_Upload.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-2551_-_Unauthenticated_Oracle_WebLogic_Server_Remote_Code_Execution.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-2551_-_Unauthenticated_Oracle_WebLogic_Server_Remote_Code_Execution.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-2555_-_WebLogic_Server_Deserialization_RCE.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-2555_-_WebLogic_Server_Deserialization_RCE.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-3187_-_Citrix_Unauthenticated_File_Deletion.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-3187_-_Citrix_Unauthenticated_File_Deletion.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-3452_-_Cisco_ASA-FTD_Arbitrary_File_Reading_Vulnerability.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-3452_-_Cisco_ASA-FTD_Arbitrary_File_Reading_Vulnerability.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-5284_-_Next_JS_Limited_Path_Traversal.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-5284_-_Next_JS_Limited_Path_Traversal.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-5405_-_Spring_Directory_Traversal_1.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-5405_-_Spring_Directory_Traversal_1.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-5405_-_Spring_Directory_Traversal_2.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-5405_-_Spring_Directory_Traversal_2.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-5405_-_Spring_Directory_Traversal_3.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-5405_-_Spring_Directory_Traversal_3.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-5412_-_Full-read_SSRF_in_Spring_Cloud_Netflix.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-5412_-_Full-read_SSRF_in_Spring_Cloud_Netflix.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-5902_-_F5_BIG-IP_Remote_Code_Execution_1.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-5902_-_F5_BIG-IP_Remote_Code_Execution_1.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-5902_-_F5_BIG-IP_Remote_Code_Execution_2.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-5902_-_F5_BIG-IP_Remote_Code_Execution_2.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-5902_-_F5_BIG-IP_XSS.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-5902_-_F5_BIG-IP_XSS.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-6287_-_Create_an_Administrative_User_in_SAP_NetWeaver_AS_JAVA.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-6287_-_Create_an_Administrative_User_in_SAP_NetWeaver_AS_JAVA.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-7048_-_WP_Database_Reset_3.15_Unauthenticated_Database_Reset.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-7048_-_WP_Database_Reset_3.15_Unauthenticated_Database_Reset.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-7209_-_LinuxKI_Toolset_6.01_Remote_Command_Execution.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-7209_-_LinuxKI_Toolset_6.01_Remote_Command_Execution.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-7246_-_qdPM_Authenticated_Remote_Code_Execution.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-7246_-_qdPM_Authenticated_Remote_Code_Execution.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-7473_Citrix_ShareFile_StorageZones.disabled: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-7473_Citrix_ShareFile_StorageZones.disabled -------------------------------------------------------------------------------- /templates/active/CVE-2020-8115_-_Revive_Adserver_XSS.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-8115_-_Revive_Adserver_XSS.py -------------------------------------------------------------------------------- /templates/active/CVE-2020-8115_-_Revive_Adserver_XSS.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-8115_-_Revive_Adserver_XSS.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-8163_-_Rails_5.0.1_Remote_Code_Execution.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-8163_-_Rails_5.0.1_Remote_Code_Execution.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-8191_-_Citrix_ADC_NetScaler_Gateway_Reflected_XSS.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-8191_-_Citrix_ADC_NetScaler_Gateway_Reflected_XSS.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-8193_-_Citrix_Unauthenticated_LFI.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-8193_-_Citrix_Unauthenticated_LFI.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-8194_-_Citrix_ADC_NetScaler_Gateway_Reflected_Code_Injection.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-8194_-_Citrix_ADC_NetScaler_Gateway_Reflected_Code_Injection.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-8209_-_Citrix_XenMobile_Server_Path_Traversal.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-8209_-_Citrix_XenMobile_Server_Path_Traversal.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-8209_-_XenMobile-Citrix_Endpoint_Management_Config_Password_Disclosure.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-8209_-_XenMobile-Citrix_Endpoint_Management_Config_Password_Disclosure.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-8209_-_XenMobile-Citrix_Endpoint_Management_Path_Traversal.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-8209_-_XenMobile-Citrix_Endpoint_Management_Path_Traversal.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-8512_-_IceWarp_WebMail_XSS.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-8512_-_IceWarp_WebMail_XSS.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-8772_-_IfiniteWP_Client_1.9.4.5_Authentication_Bypass_1.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-8772_-_IfiniteWP_Client_1.9.4.5_Authentication_Bypass_1.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-8982_-_Citrix_ShareFile_StorageZones_Unauthenticated_Arbitrary_File_Read.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-8982_-_Citrix_ShareFile_StorageZones_Unauthenticated_Arbitrary_File_Read.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-9047_-_exacqVision_Web_Service_Remote_Code_Execution.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-9047_-_exacqVision_Web_Service_Remote_Code_Execution.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-9054_-_ZyXEL_NAS_Remote_Code_Execution.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-9054_-_ZyXEL_NAS_Remote_Code_Execution.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-9484_-_Apache_Tomcat_RCE_by_deserialization.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-9484_-_Apache_Tomcat_RCE_by_deserialization.sh -------------------------------------------------------------------------------- /templates/active/CVE-2020-9757_-_SEOmatic_3.3.0_Server-Side_Template_Injection.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/CVE-2020-9757_-_SEOmatic_3.3.0_Server-Side_Template_Injection.sh -------------------------------------------------------------------------------- /templates/active/Cisco_VPN_Login_Scanner.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Cisco_VPN_Login_Scanner.sh -------------------------------------------------------------------------------- /templates/active/Cisco_VPN_Scanner.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Cisco_VPN_Scanner.sh -------------------------------------------------------------------------------- /templates/active/Citrix-Access-Gateway_Detected.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Citrix-Access-Gateway_Detected.sh -------------------------------------------------------------------------------- /templates/active/Citrix_VPN_Scanner.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Citrix_VPN_Scanner.sh -------------------------------------------------------------------------------- /templates/active/Citrix_VPN_Scanner_2.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Citrix_VPN_Scanner_2.sh -------------------------------------------------------------------------------- /templates/active/Clear-text_Communications_HTTP.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Clear-text_Communications_HTTP.sh -------------------------------------------------------------------------------- /templates/active/Clickjacking.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Clickjacking.sh -------------------------------------------------------------------------------- /templates/active/Common_Status_File_Scanner_1.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Common_Status_File_Scanner_1.sh -------------------------------------------------------------------------------- /templates/active/Common_Status_File_Scanner_2.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Common_Status_File_Scanner_2.sh -------------------------------------------------------------------------------- /templates/active/Common_Status_File_Scanner_3.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Common_Status_File_Scanner_3.sh -------------------------------------------------------------------------------- /templates/active/Confluence_Scanner.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Confluence_Scanner.sh -------------------------------------------------------------------------------- /templates/active/Contact_Form_7_Wordpress_Plugin_Found_1.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Contact_Form_7_Wordpress_Plugin_Found_1.sh -------------------------------------------------------------------------------- /templates/active/Contact_Form_7_Wordpress_Plugin_Found_2.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Contact_Form_7_Wordpress_Plugin_Found_2.sh -------------------------------------------------------------------------------- /templates/active/Directory_Listing_Enabled.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Directory_Listing_Enabled.sh -------------------------------------------------------------------------------- /templates/active/Drupal_Install_Found.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Drupal_Install_Found.sh -------------------------------------------------------------------------------- /templates/active/Drupal_Scanner_1.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Drupal_Scanner_1.sh -------------------------------------------------------------------------------- /templates/active/Drupal_Scanner_2.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Drupal_Scanner_2.sh -------------------------------------------------------------------------------- /templates/active/Drupal_Scanner_3.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Drupal_Scanner_3.sh -------------------------------------------------------------------------------- /templates/active/Drupal_User_Login.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Drupal_User_Login.sh -------------------------------------------------------------------------------- /templates/active/Drupal_Version_Disclosure.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Drupal_Version_Disclosure.sh -------------------------------------------------------------------------------- /templates/active/F5_BIG-IP_Scanner.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/F5_BIG-IP_Scanner.sh -------------------------------------------------------------------------------- /templates/active/F5_BIG-IP_Scanner_2.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/F5_BIG-IP_Scanner_2.sh -------------------------------------------------------------------------------- /templates/active/Fortigate_Pulse_Connect_Secure_Scanner.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Fortigate_Pulse_Connect_Secure_Scanner.sh -------------------------------------------------------------------------------- /templates/active/Fortinet_FortiGate_SSL_VPN_Panel_Detected.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Fortinet_FortiGate_SSL_VPN_Panel_Detected.sh -------------------------------------------------------------------------------- /templates/active/Fortinet_FortiGate_SSL_VPN_Panel_Detected_1.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Fortinet_FortiGate_SSL_VPN_Panel_Detected_1.sh -------------------------------------------------------------------------------- /templates/active/Fortinet_FortiGate_SSL_VPN_Panel_Detected_2.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Fortinet_FortiGate_SSL_VPN_Panel_Detected_2.sh -------------------------------------------------------------------------------- /templates/active/Fortinet_FortiGate_SSL_VPN_Panel_Detected_3.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Fortinet_FortiGate_SSL_VPN_Panel_Detected_3.sh -------------------------------------------------------------------------------- /templates/active/Frontpage_Service_Password_Disclosure.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Frontpage_Service_Password_Disclosure.sh -------------------------------------------------------------------------------- /templates/active/Git_Config_Detected.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Git_Config_Detected.sh -------------------------------------------------------------------------------- /templates/active/JK_Status_Manager.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/JK_Status_Manager.sh -------------------------------------------------------------------------------- /templates/active/Jaspersoft_Detected.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Jaspersoft_Detected.sh -------------------------------------------------------------------------------- /templates/active/Jenkins_Scanner.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Jenkins_Scanner.sh -------------------------------------------------------------------------------- /templates/active/Jetty_Version_Disclosure.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Jetty_Version_Disclosure.sh -------------------------------------------------------------------------------- /templates/active/Jira_Scanner_1.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Jira_Scanner_1.sh -------------------------------------------------------------------------------- /templates/active/Jira_Scanner_2.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Jira_Scanner_2.sh -------------------------------------------------------------------------------- /templates/active/Jira_Scanner_3.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Jira_Scanner_3.sh -------------------------------------------------------------------------------- /templates/active/Jolokia_Version_Disclosure.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Jolokia_Version_Disclosure.sh -------------------------------------------------------------------------------- /templates/active/Joomla_Scanner_1.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Joomla_Scanner_1.sh -------------------------------------------------------------------------------- /templates/active/Joomla_Scanner_2.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Joomla_Scanner_2.sh -------------------------------------------------------------------------------- /templates/active/Joomla_Version_Disclosure.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Joomla_Version_Disclosure.sh -------------------------------------------------------------------------------- /templates/active/Laraval_Environment_File_Found.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Laraval_Environment_File_Found.sh -------------------------------------------------------------------------------- /templates/active/MS_SQL_Reporting_Server_Scanner_1.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/MS_SQL_Reporting_Server_Scanner_1.sh -------------------------------------------------------------------------------- /templates/active/MS_SQL_Reporting_Server_Scanner_2.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/MS_SQL_Reporting_Server_Scanner_2.sh -------------------------------------------------------------------------------- /templates/active/Magento_2.3.0_SQL_Injection.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Magento_2.3.0_SQL_Injection.sh -------------------------------------------------------------------------------- /templates/active/Mailman_Version_Disclosure.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Mailman_Version_Disclosure.sh -------------------------------------------------------------------------------- /templates/active/MobileIron_Login_1.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/MobileIron_Login_1.sh -------------------------------------------------------------------------------- /templates/active/MobileIron_Login_2.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/MobileIron_Login_2.sh -------------------------------------------------------------------------------- /templates/active/MobileIron_Login_3.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/MobileIron_Login_3.sh -------------------------------------------------------------------------------- /templates/active/PHP_Composer_Disclosure.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/PHP_Composer_Disclosure.sh -------------------------------------------------------------------------------- /templates/active/PHP_Info.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/PHP_Info.sh -------------------------------------------------------------------------------- /templates/active/Palo_Alto_GlobalProtect_PAN-OS_Portal_Scanner.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Palo_Alto_GlobalProtect_PAN-OS_Portal_Scanner.sh -------------------------------------------------------------------------------- /templates/active/PulseSecure_VPN_Detected.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/PulseSecure_VPN_Detected.sh -------------------------------------------------------------------------------- /templates/active/RabbitMQ_Management_Default_Credentials.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/RabbitMQ_Management_Default_Credentials.sh -------------------------------------------------------------------------------- /templates/active/RabbitMQ_Management_Interface_Detected.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/RabbitMQ_Management_Interface_Detected.sh -------------------------------------------------------------------------------- /templates/active/Robots.txt_Detected.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Robots.txt_Detected.sh -------------------------------------------------------------------------------- /templates/active/SAP_NetWeaver_AS_JAVA_LM_Configuration_Wizard_Detection.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/SAP_NetWeaver_AS_JAVA_LM_Configuration_Wizard_Detection.sh -------------------------------------------------------------------------------- /templates/active/SQLiteManager_Scanner_1.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/SQLiteManager_Scanner_1.sh -------------------------------------------------------------------------------- /templates/active/Sitemap.xml_Detected.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Sitemap.xml_Detected.sh -------------------------------------------------------------------------------- /templates/active/SolarWinds_Orion_Default_Credentials_1.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/SolarWinds_Orion_Default_Credentials_1.sh -------------------------------------------------------------------------------- /templates/active/SolarWinds_Orion_Default_Credentials_2.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/SolarWinds_Orion_Default_Credentials_2.sh -------------------------------------------------------------------------------- /templates/active/SolarWinds_Orion_Panel.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/SolarWinds_Orion_Panel.sh -------------------------------------------------------------------------------- /templates/active/TeamQuest_Login_Found.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/TeamQuest_Login_Found.sh -------------------------------------------------------------------------------- /templates/active/Telerik_File_Upload_Web_UI.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Telerik_File_Upload_Web_UI.sh -------------------------------------------------------------------------------- /templates/active/Tiki_Wiki_CMS_Groupware_Scanner.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Tiki_Wiki_CMS_Groupware_Scanner.sh -------------------------------------------------------------------------------- /templates/active/Unauthenticated_Jenkins_Dashboard_Detected.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Unauthenticated_Jenkins_Dashboard_Detected.sh -------------------------------------------------------------------------------- /templates/active/VMware_vCenter_Unauthenticated_Arbitrary_File_Read.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/VMware_vCenter_Unauthenticated_Arbitrary_File_Read.sh -------------------------------------------------------------------------------- /templates/active/Weak_Authentication_Scanner.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Weak_Authentication_Scanner.sh -------------------------------------------------------------------------------- /templates/active/WebLogic_Scanner.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/WebLogic_Scanner.sh -------------------------------------------------------------------------------- /templates/active/Web_Config_Detected.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Web_Config_Detected.sh -------------------------------------------------------------------------------- /templates/active/Weblogic_Application_Server_Detected.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Weblogic_Application_Server_Detected.sh -------------------------------------------------------------------------------- /templates/active/Wordpres_Scanner_1.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Wordpres_Scanner_1.sh -------------------------------------------------------------------------------- /templates/active/Wordpres_Scanner_2.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Wordpres_Scanner_2.sh -------------------------------------------------------------------------------- /templates/active/Wordpres_Scanner_3.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Wordpres_Scanner_3.sh -------------------------------------------------------------------------------- /templates/active/Wordpress_WP-File-Manager_Version_Detected.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/Wordpress_WP-File-Manager_Version_Detected.sh -------------------------------------------------------------------------------- /templates/active/XSS.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/XSS.py -------------------------------------------------------------------------------- /templates/active/cPanel_Login_Found.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/cPanel_Login_Found.sh -------------------------------------------------------------------------------- /templates/active/cPanel_Login_Found_2.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/cPanel_Login_Found_2.sh -------------------------------------------------------------------------------- /templates/active/phpMyAdmin_Scanner_1.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/active/phpMyAdmin_Scanner_1.sh -------------------------------------------------------------------------------- /templates/passive/network/CVE-2018-15473_-_OpenSSH_Username_Enumeration.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/network/CVE-2018-15473_-_OpenSSH_Username_Enumeration.sh -------------------------------------------------------------------------------- /templates/passive/network/Default_Credentials_BruteX.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/network/Default_Credentials_BruteX.sh -------------------------------------------------------------------------------- /templates/passive/network/Default_Credentials_NMap.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/network/Default_Credentials_NMap.sh -------------------------------------------------------------------------------- /templates/passive/network/Interesting_Domain_Found.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/network/Interesting_Domain_Found.sh -------------------------------------------------------------------------------- /templates/passive/network/Lack_of_SPF_DNS_Record.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/network/Lack_of_SPF_DNS_Record.sh -------------------------------------------------------------------------------- /templates/passive/network/Possible_Takeover_Detected.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/network/Possible_Takeover_Detected.sh -------------------------------------------------------------------------------- /templates/passive/network/SMB_Info_Disclosure.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/network/SMB_Info_Disclosure.sh -------------------------------------------------------------------------------- /templates/passive/network/SMBv1_Enabled.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/network/SMBv1_Enabled.sh -------------------------------------------------------------------------------- /templates/passive/network/SSH_Version_Disclosure.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/network/SSH_Version_Disclosure.sh -------------------------------------------------------------------------------- /templates/passive/network/Subjack_Takeover_Detected.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/network/Subjack_Takeover_Detected.sh -------------------------------------------------------------------------------- /templates/passive/network/Subover_Takeover_Detected.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/network/Subover_Takeover_Detected.sh -------------------------------------------------------------------------------- /templates/passive/network/recursive/Component_With_Known_Vulnerabilities_-_NMap.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/network/recursive/Component_With_Known_Vulnerabilities_-_NMap.sh -------------------------------------------------------------------------------- /templates/passive/network/recursive/Interesting_Ports_Found.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/network/recursive/Interesting_Ports_Found.sh -------------------------------------------------------------------------------- /templates/passive/network/recursive/Nessus_Import.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/network/recursive/Nessus_Import.sh -------------------------------------------------------------------------------- /templates/passive/web/Autocomplete_Enabled.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/Autocomplete_Enabled.sh -------------------------------------------------------------------------------- /templates/passive/web/CORS_Policy_-_Allow-Credentials_Enabled.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/CORS_Policy_-_Allow-Credentials_Enabled.sh -------------------------------------------------------------------------------- /templates/passive/web/CORS_Policy_-_Allow-Origin_Wildcard.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/CORS_Policy_-_Allow-Origin_Wildcard.sh -------------------------------------------------------------------------------- /templates/passive/web/CSP_Not_Enforced.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/CSP_Not_Enforced.sh -------------------------------------------------------------------------------- /templates/passive/web/Clear-text_Communications_HTTP.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/Clear-text_Communications_HTTP.sh -------------------------------------------------------------------------------- /templates/passive/web/Clickjacking.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/Clickjacking.sh -------------------------------------------------------------------------------- /templates/passive/web/Drupal_Detected.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/Drupal_Detected.sh -------------------------------------------------------------------------------- /templates/passive/web/Expired_SSL_Certificate.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/Expired_SSL_Certificate.sh -------------------------------------------------------------------------------- /templates/passive/web/Fortinet_FortiGate_SSL_VPN_Panel_Passive_Detection.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/Fortinet_FortiGate_SSL_VPN_Panel_Passive_Detection.sh -------------------------------------------------------------------------------- /templates/passive/web/Insecure_Cookie_-_HTTPOnly_Not_Set.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/Insecure_Cookie_-_HTTPOnly_Not_Set.sh -------------------------------------------------------------------------------- /templates/passive/web/Insecure_Cookie_-_Secure_Not_Set.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/Insecure_Cookie_-_Secure_Not_Set.sh -------------------------------------------------------------------------------- /templates/passive/web/Insecure_SSL_TLS_Connection.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/Insecure_SSL_TLS_Connection.sh -------------------------------------------------------------------------------- /templates/passive/web/Insecure_SSL_TLS_Connection_CN_Mismatch.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/Insecure_SSL_TLS_Connection_CN_Mismatch.sh -------------------------------------------------------------------------------- /templates/passive/web/Interesting_Title_Found.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/Interesting_Title_Found.sh -------------------------------------------------------------------------------- /templates/passive/web/Server_Header_Disclosure.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/Server_Header_Disclosure.sh -------------------------------------------------------------------------------- /templates/passive/web/Strict_Tranposrt_Security_Not_Enforced.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/Strict_Tranposrt_Security_Not_Enforced.sh -------------------------------------------------------------------------------- /templates/passive/web/Trace_Method_Enabled.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/Trace_Method_Enabled.sh -------------------------------------------------------------------------------- /templates/passive/web/X-Powered-By_Header_Found.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/X-Powered-By_Header_Found.sh -------------------------------------------------------------------------------- /templates/passive/web/recursive/Arachni_Vulnerability_Scan.disabled: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/recursive/Arachni_Vulnerability_Scan.disabled -------------------------------------------------------------------------------- /templates/passive/web/recursive/Arachni_Vulnerability_Scan_-_HTTP.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/recursive/Arachni_Vulnerability_Scan_-_HTTP.sh -------------------------------------------------------------------------------- /templates/passive/web/recursive/Arachni_Vulnerability_Scan_-_HTTPS.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/recursive/Arachni_Vulnerability_Scan_-_HTTPS.sh -------------------------------------------------------------------------------- /templates/passive/web/recursive/Nikto_Vulnerability_Scan-HTTP.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/recursive/Nikto_Vulnerability_Scan-HTTP.sh -------------------------------------------------------------------------------- /templates/passive/web/recursive/Nikto_Vulnerability_Scan-HTTPS.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/recursive/Nikto_Vulnerability_Scan-HTTPS.sh -------------------------------------------------------------------------------- /templates/passive/web/recursive/Nuclei_Vulnerability_Scan_-_HTTP.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/recursive/Nuclei_Vulnerability_Scan_-_HTTP.sh -------------------------------------------------------------------------------- /templates/passive/web/recursive/Nuclei_Vulnerability_Scan_-_HTTPS.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/recursive/Nuclei_Vulnerability_Scan_-_HTTPS.sh -------------------------------------------------------------------------------- /templates/passive/web/recursive/OWASP_Zap_Scan_-_HTTP.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/recursive/OWASP_Zap_Scan_-_HTTP.sh -------------------------------------------------------------------------------- /templates/passive/web/recursive/OWASP_Zap_Scan_-_HTTPS.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/recursive/OWASP_Zap_Scan_-_HTTPS.sh -------------------------------------------------------------------------------- /templates/passive/web/recursive/Wordpress_Vulnerability_Scan_-_HTTPS_1.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/recursive/Wordpress_Vulnerability_Scan_-_HTTPS_1.sh -------------------------------------------------------------------------------- /templates/passive/web/recursive/Wordpress_Vulnerability_Scan_-_HTTPS_2.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/recursive/Wordpress_Vulnerability_Scan_-_HTTPS_2.sh -------------------------------------------------------------------------------- /templates/passive/web/recursive/Wordpress_Vulnerability_Scan_-_HTTP_1.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/recursive/Wordpress_Vulnerability_Scan_-_HTTP_1.sh -------------------------------------------------------------------------------- /templates/passive/web/recursive/Wordpress_Vulnerability_Scan_-_HTTP_2.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/templates/passive/web/recursive/Wordpress_Vulnerability_Scan_-_HTTP_2.sh -------------------------------------------------------------------------------- /uninstall.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/uninstall.sh -------------------------------------------------------------------------------- /wordlists/altdns.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/wordlists/altdns.txt -------------------------------------------------------------------------------- /wordlists/domains-default.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/wordlists/domains-default.txt -------------------------------------------------------------------------------- /wordlists/domains-quick.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/wordlists/domains-quick.txt -------------------------------------------------------------------------------- /wordlists/vhosts.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/wordlists/vhosts.txt -------------------------------------------------------------------------------- /wordlists/web-brute-common.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/wordlists/web-brute-common.txt -------------------------------------------------------------------------------- /wordlists/web-brute-exploits.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/wordlists/web-brute-exploits.txt -------------------------------------------------------------------------------- /wordlists/web-brute-full.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/wordlists/web-brute-full.txt -------------------------------------------------------------------------------- /wordlists/web-brute-stealth.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/wordlists/web-brute-stealth.txt -------------------------------------------------------------------------------- /wordlists/web-brute-vulnerabilities.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/1N3/AttackSurfaceManagement/HEAD/wordlists/web-brute-vulnerabilities.txt --------------------------------------------------------------------------------