├── index.html
├── main.go
├── .github
└── workflows
│ └── push.yaml
└── results.sarif
/index.html:
--------------------------------------------------------------------------------
1 | test
2 |
--------------------------------------------------------------------------------
/main.go:
--------------------------------------------------------------------------------
1 | package main
2 |
3 | import "fmt"
4 |
5 | func main() {
6 | fmt.Println("Hello world 2")
7 | }
8 |
--------------------------------------------------------------------------------
/.github/workflows/push.yaml:
--------------------------------------------------------------------------------
1 | name: "Upload SARIF"
2 | on:
3 | workflow_dispatch:
4 |
5 | jobs:
6 | update:
7 | runs-on: ubuntu-latest
8 | permissions:
9 | security-events: write
10 | contents: read
11 | actions: read
12 | steps:
13 | - uses: actions/checkout@v2
14 | - name: Upload SARIF file
15 | uses: github/codeql-action/upload-sarif@v1
16 | with:
17 | # Path to SARIF file relative to the root of the repository
18 | sarif_file: results.sarif
19 |
--------------------------------------------------------------------------------
/results.sarif:
--------------------------------------------------------------------------------
1 | {"version":"2.1.0","$schema":"https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json","runs":[{"tool":{"driver":{"name":"nuclei","informationUri":"https://github.com/projectdiscovery/nuclei","rules":[{"id":"gunicorn-detect-2db5cdfcd0b9aa13a1f25f990979978b3bbb7d5c","shortDescription":{"text":"Detect Gunicorn Server"},"fullDescription":{"text":"https://github.com/projectdiscovery/nuclei-templates/blob/master/technologies/gunicorn-detect.yaml"},"helpUri":"https://github.com/projectdiscovery/nuclei-templates/blob/master/technologies/gunicorn-detect.yaml","help":{"text":"Gunicorn Python WSGI HTTP Server for UNIX - https://github.com/benoitc/gunicorn\n**Details**: **gunicorn-detect** matched at http://18.236.217.193:5000/\n\n**Protocol**: HTTP\n\n**Full URL**: http://18.236.217.193:5000/\n\n**Timestamp**: Sat Jun 5 22:44:30 +0530 IST 2021\n\n**Template Information**\n\n| Key | Value |\n|---|---|\n| reference | https://snyk.io/vuln/SNYK-PYTHON-GUNICORN-541164 |\n| name | Detect Gunicorn Server |\n| author | joanbono |\n| description | Gunicorn Python WSGI HTTP Server for UNIX - https://github.com/benoitc/gunicorn |\n| severity | info |\n\n**Request**\n\n```http\nGET / HTTP/1.1\r\nHost: 18.236.217.193:5000\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36\r\nConnection: close\r\nAccept: */*\r\nAccept-Language: en\r\nAccept-Encoding: gzip\r\n\r\n\n```\n\n**Response**\n\n```http\nHTTP/1.1 404 NOT FOUND\r\nConnection: close\r\nContent-Length: 233\r\nContent-Type: text/html\r\nDate: Sat, 05 Jun 2021 17:14:30 GMT\r\nServer: gunicorn/19.6.0\r\n\r\n\u003c!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 3.2 Final//EN\"\u003e\n\u003ctitle\u003e404 Not Found\u003c/title\u003e\n\u003ch1\u003eNot Found\u003c/h1\u003e\n\u003cp\u003eThe requested URL was not found on the server. If you entered the URL manually please check your spelling and try again.\u003c/p\u003e\n\n```\n\n**Extra Information**\n\n**Extracted results**:\n\n- gunicorn/19.6.0\n\n\nReference: \n- https://snyk.io/vuln/SNYK-PYTHON-GUNICORN-541164\n---\nGenerated by [Nuclei](https://github.com/projectdiscovery/nuclei)"}}]}},"results":[{"ruleId":"gunicorn-detect-2db5cdfcd0b9aa13a1f25f990979978b3bbb7d5c","level":"none","message":{"text":"gunicorn-detect matched at http://18.236.217.193:5000/ (HTTP) =\u003e http://18.236.217.193:5000/\u003cbr\u003eTo Reproduce - `nuclei -t technologies/gunicorn-detect.yaml -target \"http://18.236.217.193:5000/\"`"},"locations":[{"physicalLocation":{"artifactLocation":{"uri":"http"},"region":{"startLine":1,"startColumn":1,"endLine":1,"endColumn":1}},"message":{"text":"http://18.236.217.193:5000/"}}]}]}]}
2 |
--------------------------------------------------------------------------------