├── LICENSE
├── README.md
└── rules.json
/LICENSE:
--------------------------------------------------------------------------------
1 | GNU LESSER GENERAL PUBLIC LICENSE
2 | Version 3, 29 June 2007
3 |
4 | Copyright (C) 2007 Free Software Foundation, Inc.
5 | Everyone is permitted to copy and distribute verbatim copies
6 | of this license document, but changing it is not allowed.
7 |
8 |
9 | This version of the GNU Lesser General Public License incorporates
10 | the terms and conditions of version 3 of the GNU General Public
11 | License, supplemented by the additional permissions listed below.
12 |
13 | 0. Additional Definitions.
14 |
15 | As used herein, "this License" refers to version 3 of the GNU Lesser
16 | General Public License, and the "GNU GPL" refers to version 3 of the GNU
17 | General Public License.
18 |
19 | "The Library" refers to a covered work governed by this License,
20 | other than an Application or a Combined Work as defined below.
21 |
22 | An "Application" is any work that makes use of an interface provided
23 | by the Library, but which is not otherwise based on the Library.
24 | Defining a subclass of a class defined by the Library is deemed a mode
25 | of using an interface provided by the Library.
26 |
27 | A "Combined Work" is a work produced by combining or linking an
28 | Application with the Library. The particular version of the Library
29 | with which the Combined Work was made is also called the "Linked
30 | Version".
31 |
32 | The "Minimal Corresponding Source" for a Combined Work means the
33 | Corresponding Source for the Combined Work, excluding any source code
34 | for portions of the Combined Work that, considered in isolation, are
35 | based on the Application, and not on the Linked Version.
36 |
37 | The "Corresponding Application Code" for a Combined Work means the
38 | object code and/or source code for the Application, including any data
39 | and utility programs needed for reproducing the Combined Work from the
40 | Application, but excluding the System Libraries of the Combined Work.
41 |
42 | 1. Exception to Section 3 of the GNU GPL.
43 |
44 | You may convey a covered work under sections 3 and 4 of this License
45 | without being bound by section 3 of the GNU GPL.
46 |
47 | 2. Conveying Modified Versions.
48 |
49 | If you modify a copy of the Library, and, in your modifications, a
50 | facility refers to a function or data to be supplied by an Application
51 | that uses the facility (other than as an argument passed when the
52 | facility is invoked), then you may convey a copy of the modified
53 | version:
54 |
55 | a) under this License, provided that you make a good faith effort to
56 | ensure that, in the event an Application does not supply the
57 | function or data, the facility still operates, and performs
58 | whatever part of its purpose remains meaningful, or
59 |
60 | b) under the GNU GPL, with none of the additional permissions of
61 | this License applicable to that copy.
62 |
63 | 3. Object Code Incorporating Material from Library Header Files.
64 |
65 | The object code form of an Application may incorporate material from
66 | a header file that is part of the Library. You may convey such object
67 | code under terms of your choice, provided that, if the incorporated
68 | material is not limited to numerical parameters, data structure
69 | layouts and accessors, or small macros, inline functions and templates
70 | (ten or fewer lines in length), you do both of the following:
71 |
72 | a) Give prominent notice with each copy of the object code that the
73 | Library is used in it and that the Library and its use are
74 | covered by this License.
75 |
76 | b) Accompany the object code with a copy of the GNU GPL and this license
77 | document.
78 |
79 | 4. Combined Works.
80 |
81 | You may convey a Combined Work under terms of your choice that,
82 | taken together, effectively do not restrict modification of the
83 | portions of the Library contained in the Combined Work and reverse
84 | engineering for debugging such modifications, if you also do each of
85 | the following:
86 |
87 | a) Give prominent notice with each copy of the Combined Work that
88 | the Library is used in it and that the Library and its use are
89 | covered by this License.
90 |
91 | b) Accompany the Combined Work with a copy of the GNU GPL and this license
92 | document.
93 |
94 | c) For a Combined Work that displays copyright notices during
95 | execution, include the copyright notice for the Library among
96 | these notices, as well as a reference directing the user to the
97 | copies of the GNU GPL and this license document.
98 |
99 | d) Do one of the following:
100 |
101 | 0) Convey the Minimal Corresponding Source under the terms of this
102 | License, and the Corresponding Application Code in a form
103 | suitable for, and under terms that permit, the user to
104 | recombine or relink the Application with a modified version of
105 | the Linked Version to produce a modified Combined Work, in the
106 | manner specified by section 6 of the GNU GPL for conveying
107 | Corresponding Source.
108 |
109 | 1) Use a suitable shared library mechanism for linking with the
110 | Library. A suitable mechanism is one that (a) uses at run time
111 | a copy of the Library already present on the user's computer
112 | system, and (b) will operate properly with a modified version
113 | of the Library that is interface-compatible with the Linked
114 | Version.
115 |
116 | e) Provide Installation Information, but only if you would otherwise
117 | be required to provide such information under section 6 of the
118 | GNU GPL, and only to the extent that such information is
119 | necessary to install and execute a modified version of the
120 | Combined Work produced by recombining or relinking the
121 | Application with a modified version of the Linked Version. (If
122 | you use option 4d0, the Installation Information must accompany
123 | the Minimal Corresponding Source and Corresponding Application
124 | Code. If you use option 4d1, you must provide the Installation
125 | Information in the manner specified by section 6 of the GNU GPL
126 | for conveying Corresponding Source.)
127 |
128 | 5. Combined Libraries.
129 |
130 | You may place library facilities that are a work based on the
131 | Library side by side in a single library together with other library
132 | facilities that are not Applications and are not covered by this
133 | License, and convey such a combined library under terms of your
134 | choice, if you do both of the following:
135 |
136 | a) Accompany the combined library with a copy of the same work based
137 | on the Library, uncombined with any other library facilities,
138 | conveyed under the terms of this License.
139 |
140 | b) Give prominent notice with the combined library that part of it
141 | is a work based on the Library, and explaining where to find the
142 | accompanying uncombined form of the same work.
143 |
144 | 6. Revised Versions of the GNU Lesser General Public License.
145 |
146 | The Free Software Foundation may publish revised and/or new versions
147 | of the GNU Lesser General Public License from time to time. Such new
148 | versions will be similar in spirit to the present version, but may
149 | differ in detail to address new problems or concerns.
150 |
151 | Each version is given a distinguishing version number. If the
152 | Library as you received it specifies that a certain numbered version
153 | of the GNU Lesser General Public License "or any later version"
154 | applies to it, you have the option of following the terms and
155 | conditions either of that published version or of any later version
156 | published by the Free Software Foundation. If the Library as you
157 | received it does not specify a version number of the GNU Lesser
158 | General Public License, you may choose any version of the GNU Lesser
159 | General Public License ever published by the Free Software Foundation.
160 |
161 | If the Library as you received it specifies that a proxy can decide
162 | whether future versions of the GNU Lesser General Public License shall
163 | apply, that proxy's public statement of acceptance of any version is
164 | permanent authorization for you to choose that version for the
165 | Library.
166 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # Vulners signature-base software version detection rules
2 |
3 | # Description
4 | Vulners rules are used in [Vulners Burp Plugin](https://github.com/vulnersCom/burp-vulners-scanner) for the software:version pairs detection. Using this regular expressions and aliases plugin calls [Vulners Burp API](https://vulners.com/api/v3/burp/software/?) to find vulnerabilities.
5 |
6 | # Rule structure
7 |
8 | The rule structure is:
9 |
10 | ```python
11 | "jQuery": {
12 | "regex": "jQuery v([\\d.]+)",
13 | "alias": "jquery",
14 | "type": "software"
15 | },
16 | ```
17 | ## "jQuery"
18 | Is the human-readable alias.
19 |
20 | ## "regex"
21 | Regular expression with single match group to find version of the product.
22 | It will be used on the raw plain-text server HTTP reply.
23 |
24 | ## "alias"
25 | CPE string or software name alias. CPE is the preffered method.
26 |
27 | ## "type"
28 | "cpe" or "software".
29 | When "cpe" is selected, alias must me a CPE string like in this example:
30 |
31 | ```python
32 | "mod_perl": {
33 | "regex": "mod_perl/([\\d.]+)",
34 | "alias": "cpe:/a:apache:mod_perl",
35 | "type": "cpe"
36 | },
37 | ```
38 |
39 | # Contributors
40 |
41 | Vulners Team
42 |
43 |
44 |
45 |
--------------------------------------------------------------------------------
/rules.json:
--------------------------------------------------------------------------------
1 | {
2 | "A-Frame, script": {
3 | "alias": "A-Frame",
4 | "regex": "/?([\\d.]+)?/aframe(?:\\.min)?\\.js",
5 | "type": "software"
6 | },
7 | "AOLserver, headers": {
8 | "alias": "cpe:/a:aol:aolserver",
9 | "regex": "Server:\\s*AOLserver/?([\\d.]+)?",
10 | "type": "cpe"
11 | },
12 | "Adminer, html": {
13 | "alias": "Adminer",
14 | "regex": "Adminer ([\\d.]+)|onclick=\"bodyClick\\(event\\);\" onload=\"verifyVersion\\('([\\d.]+)'\\);\">",
15 | "type": "software"
16 | },
17 | "Akka HTTP, headers": {
18 | "alias": "Akka HTTP",
19 | "type": "software",
20 | "regex": "akka-http/([\\d.]+)|Server:\\s*akka-http(?:/([\\d.]+))?"
21 | },
22 | "All in One SEO Pack, html": {
23 | "alias": "cpe:/a:semperfiwebdesign:all_in_one_seo_pack",
24 | "regex": "",
490 | "type": "cpe"
491 | },
492 | "Nginx, headers": {
493 | "alias": "cpe:/a:nginx:nginx",
494 | "regex": "Server:\\s*nginx(?:(?:-reuseport)?/([\\d.]+))?",
495 | "type": "cpe"
496 | },
497 | "OpenResty, headers": {
498 | "alias": "OpenResty",
499 | "type": "software",
500 | "regex": "openresty/([\\d.]+)|Server:\\s*openresty(?:/([\\d.]+))?"
501 | },
502 | "OpenSSL, headers": {
503 | "alias": "OpenSSL",
504 | "type": "software",
505 | "regex": "OpenSSL/([a-z\\d.]+(-fips|-freebsd)?)|Server:\\s*OpenSSL(?:/([\\d.]+[a-z]?))?"
506 | },
507 | "Oracle Commerce, headers": {
508 | "alias": "cpe:/a:oracle:commerce_platform",
509 | "regex": "X-ATG-Version:\\s*(?:ATGPlatform/([\\d.]+))?",
510 | "type": "cpe"
511 | },
512 | "Oracle HTTP Server, headers": {
513 | "alias": "cpe:/a:oracle:http_server",
514 | "regex": "Server:\\s*Oracle-HTTP-Server(?:/([\\d.]+))?",
515 | "type": "cpe"
516 | },
517 | "Outlook Web App, html": {
518 | "alias": "OWA",
519 | "regex": "]*href=\"[^\"]*?([\\d.]+)/themes/resources/owafont\\.css",
520 | "type": "software"
521 | },
522 | "PHP, headers": {
523 | "alias": "cpe:/a:php:php",
524 | "type": "cpe",
525 | "regex": "PHP/([\\d]+[\\.]+(?:[-\\w\\d\\.]+)?)|Server:\\s*php/?([\\d.]+)?|X-Powered-By:\\s*php/?([\\d.]+)?"
526 | },
527 | "Perl, headers": {
528 | "alias": "Perl",
529 | "type": "software",
530 | "regex": "Perl/v([\\d.]+)|Server:\\s*\\bPerl\\b(?: ?/?v?([\\d.]+))?"
531 | },
532 | "Phusion Passenger, headers": {
533 | "alias": "cpe:/a:phusion:passenger",
534 | "regex": "Server:\\s*Phusion Passenger ([\\d.]+)|X-Powered-By:\\s*Phusion Passenger ?([\\d.]+)?|Phusion Passenger(?: \\([a-zA-Z_/]+\\))? ([\\d.]+)",
535 | "type": "cpe"
536 | },
537 | "Python, headers": {
538 | "alias": "Python",
539 | "regex": "Server:\\s*(?:^|\\s)Python(?:/([\\d.]+))?",
540 | "type": "software"
541 | },
542 | "Raphael, script": {
543 | "alias": "raphael",
544 | "regex": "raphael(?:-([\\d.]+))?(?:\\.min)?\\.js",
545 | "type": "software"
546 | },
547 | "React, script": {
548 | "alias": "React",
549 | "regex": "/([\\d.]+)/react(?:\\.min)?\\.js",
550 | "type": "software"
551 | },
552 | "SPIP, headers": {
553 | "alias": "cpe:/a:spip:spip",
554 | "regex": "Composed-By:\\s*SPIP ([\\d.]+) @",
555 | "type": "cpe"
556 | },
557 | "SUSE, headers": {
558 | "alias": "cpe:/o:suse:linux_enterprise_server",
559 | "regex": "Server:\\s*SUSE(?:/?\\s?-?([\\d.]+))?|X-Powered-By:\\s*SUSE(?:/?\\s?-?([\\d.]+))?",
560 | "type": "cpe"
561 | },
562 | "Semantic-ui, script": {
563 | "alias": "Semantic-ui",
564 | "regex": "/semantic(?:-([\\d.]+))?(?:\\.min)?\\.js",
565 | "type": "software"
566 | },
567 | "Shapecss, script": {
568 | "alias": "Shapecss",
569 | "regex": "/([\\d.]+)/shapecss(?:\\.min)?\\.js",
570 | "type": "software"
571 | },
572 | "Shopware, html": {
573 | "alias": "Shopware",
574 | "regex": "Shopware ([\\d\\.]+) [^<]+",
575 | "type": "software"
576 | },
577 | "SimpleHTTP, headers": {
578 | "alias": "SimpleHTTP",
579 | "regex": "Server:\\s*SimpleHTTP(?:/([\\d.]+))?",
580 | "type": "software"
581 | },
582 | "Slick, html": {
583 | "alias": "Slick",
584 | "regex": "<link [^>]+(?:/([\\d.]+)/)?slick-theme\\.css",
585 | "type": "software"
586 | },
587 | "Slick, script": {
588 | "alias": "Slick",
589 | "regex": "(?:/([\\d.]+))?/slick(?:\\.min)?\\.js",
590 | "type": "software"
591 | },
592 | "SonarQubes, html": {
593 | "alias": "SonarQubes",
594 | "regex": "<link href=\"/css/sonar\\.css\\?v=([\\d.]+)",
595 | "type": "software"
596 | },
597 | "SonarQubes, script": {
598 | "alias": "SonarQubes",
599 | "regex": "^/js/bundles/sonar\\.js?v=([\\d.]+)$",
600 | "type": "software"
601 | },
602 | "Splunk, html": {
603 | "alias": "cpe:/a:splunk:splunk",
604 | "regex": "<p class=\"footer\">© [-\\d]+ Splunk Inc\\.(?: Splunk ([\\d\\.]+(?: build [\\d\\.]*\\d)?))?[^<]*</p>",
605 | "type": "cpe"
606 | },
607 | "SunOS, headers": {
608 | "alias": "cpe:/o:sun:sunos",
609 | "regex": "Server:\\s*SunOS( [\\d\\.]+)?|Servlet-engine:\\s*SunOS( [\\d\\.]+)?",
610 | "type": "cpe"
611 | },
612 | "TeamCity, html": {
613 | "alias": "cpe:/a:jetbrains:teamcity",
614 | "regex": "<span class=\"versionTag\"><span class=\"vWord\">Version</span> ([\\d\\.]+)",
615 | "type": "cpe"
616 | },
617 | "TornadoServer, headers": {
618 | "alias": "cpe:/a:tornadoweb:tornado",
619 | "regex": "Server:\\s*TornadoServer(?:/([\\d.]+))?",
620 | "type": "cpe"
621 | },
622 | "Trac, html": {
623 | "alias": "cpe:/a:edgewall_software:trac",
624 | "regex": "Powered by <a href=\"[^\"]*\"><strong>Trac(?:[ /]([\\d.]+))?",
625 | "type": "cpe"
626 | },
627 | "TwistedWeb, headers": {
628 | "alias": "cpe:/a:twistedmatrix:twistedweb",
629 | "regex": "Server:\\s*TwistedWeb(?:/([\\d.]+))?",
630 | "type": "cpe"
631 | },
632 | "Underscore.js, script": {
633 | "alias": "Underscore.js",
634 | "regex": "underscore.*\\.js(?:\\?ver=([\\d.]+))?",
635 | "type": "software"
636 | },
637 | "Vaadin, script": {
638 | "alias": "Vaadin",
639 | "regex": "vaadinBootstrap\\.js(?:\\?v=([\\d.]+))?",
640 | "type": "software"
641 | },
642 | "Varnish, headers": {
643 | "alias": "cpe:/a:varnish-cache:varnish",
644 | "regex": "Via:\\s*varnish(?: \\(Varnish/([\\d.]+)\\))?",
645 | "type": "cpe"
646 | },
647 | "Vue.js, script": {
648 | "alias": "Vue.js",
649 | "type": "software",
650 | "regex": "/([\\d.]+)/vue(?:\\.min)?\\.js"
651 | },
652 | "W3 Total Cache, headers": {
653 | "alias": "cpe:/a:w3edge:total_cache",
654 | "regex": "X-Powered-By:\\s*W3 Total Cache(?:/([\\d.]+))?",
655 | "type": "cpe"
656 | },
657 | "WP Rocket, headers": {
658 | "alias": "WP Rocket",
659 | "regex": "X-Powered-By:\\s*WP Rocket(?:/([\\d.]+))?",
660 | "type": "software"
661 | },
662 | "Webdev, html": {
663 | "alias": "Webdev",
664 | "regex": "<!-- [a-zA-Z0-9_]+ [\\d/]+ [\\d:]+ WebDev \\d\\d ([\\d.]+) -->",
665 | "type": "software"
666 | },
667 | "Webs, headers": {
668 | "alias": "Webs",
669 | "regex": "Server:\\s*Webs\\.com/?([\\d\\.]+)?",
670 | "type": "software"
671 | },
672 | "Winstone Servlet Container, headers": {
673 | "alias": "cpe:/a:jenkins:jenkins",
674 | "regex": "Server:\\s*Winstone Servlet (?:Container|Engine) v?([\\d.]+)?|X-Powered-By:\\s*Winstone(?:.([\\d.]+))?",
675 | "type": "cpe"
676 | },
677 | "WooCommerce, html": {
678 | "alias": "cpe:/a:woocommerce:woocommerce",
679 | "regex": "<link rel='[^']+' id='woocommerce-(?:layout|smallscreen|general)-css' href='https?://[^/]+/wp-content/plugins/woocommerce/assets/css/woocommerce(?:-layout|-smallscreen)?\\.css?ver=([\\d.]+)'",
680 | "type": "cpe"
681 | },
682 | "Wowza Media Server, html": {
683 | "alias": "Wowza Streaming Engine",
684 | "regex": "<title>Wowza Media Server \\d+ ((?:\\w+ Edition )?\\d+\\.[\\d\\.]+(?: build\\d+)?)?",
685 | "type": "software"
686 | },
687 | "XAMPP, html": {
688 | "alias": "cpe:/a:apache_friends:xampp",
689 | "regex": "<title>XAMPP(?: Version ([\\d\\.]+))?",
690 | "type": "cpe"
691 | },
692 | "XRegExp, script": {
693 | "alias": "XRegExp",
694 | "regex": "/([\\d.]+)/xregexp(?:\\.min)?\\.js",
695 | "type": "software"
696 | },
697 | "Xitami, headers": {
698 | "alias": "cpe:/a:imatix:xitami",
699 | "regex": "Server:\\s*Xitami(?:/([\\d.]+))?",
700 | "type": "cpe"
701 | },
702 | "YUI Doc, html": {
703 | "alias": "YUI Doc",
704 | "regex": "(?:]* yuilibrary\\.com/rdf/[\\d.]+/yui\\.rdf|]+class=\"yui3-skin-sam)",
705 | "type": "software"
706 | },
707 | "Yaws, headers": {
708 | "alias": "cpe:/a:yaws:yaws",
709 | "regex": "Server:\\s*Yaws(?: ([\\d.]+))?",
710 | "type": "cpe"
711 | },
712 | "Yoast SEO, html": {
713 | "alias": "cpe:/a:yoast:wordpress_seo",
714 | "regex": "",
1144 | "alias": "cpe:/a:telerik:analytics_monitor_library",
1145 | "type": "cpe"
1146 | },
1147 | "Tornado Server, headers": {
1148 | "regex": "TornadoServer/([\\d.]+)",
1149 | "alias": "cpe:/a:tornadoweb:tornado",
1150 | "type": "cpe"
1151 | },
1152 | "Undertow, headers": {
1153 | "regex": "X-Powered-By: Undertow/([\\d.]+)",
1154 | "alias": "cpe:/a:redhat:undertow",
1155 | "type": "cpe"
1156 | },
1157 | "Microsoft CRM, headers": {
1158 | "regex": "var APPLICATION_FULL_VERSION = '([\\d.]+)';",
1159 | "alias": "cpe:/a:microsoft:business_solutions_crm",
1160 | "type": "cpe"
1161 | },
1162 | "Varnish Cache, headers": {
1163 | "regex": "Varnish/([\\d.]+)",
1164 | "alias": "cpe:/a:varnish-cache:varnish",
1165 | "type": "cpe"
1166 | },
1167 | "WEBrick, headers": {
1168 | "regex": "WEBrick/([\\d.]+)",
1169 | "alias": "WEBrick",
1170 | "type": "software"
1171 | },
1172 | "Websockify, headers": {
1173 | "regex": "WebSockify Python/([\\d.]+)",
1174 | "alias": "Websockify",
1175 | "type": "software"
1176 | },
1177 | "IBM WebSphere Application Server, headers": {
1178 | "regex": "WebSphere Application Server/([\\d.]+)",
1179 | "alias": "WebSphere",
1180 | "type": "software"
1181 | },
1182 | "WildFly, headers": {
1183 | "regex": "Server: WildFly/([\\d.]+)",
1184 | "alias": "cpe:/a:redhat:jboss_wildfly_application_server",
1185 | "type": "cpe"
1186 | },
1187 | "ASP.Net MVC Framework, headers": {
1188 | "regex": "X-AspNetMvc-Version: ([\\d.]+)",
1189 | "alias": "cpe:/a:microsoft:asp.net",
1190 | "type": "cpe"
1191 | },
1192 | "Apache Cocoon, headers": {
1193 | "regex": "X-Cocoon-Version: ([\\d.]+)",
1194 | "alias": "cpe:/a:apache:cocoon",
1195 | "type": "cpe"
1196 | },
1197 | "Outlook Web Access, headers": {
1198 | "regex": "X-OWA-Version: ([\\d.]+)",
1199 | "alias": "cpe:/a:microsoft:outlook_web_access",
1200 | "type": "cpe"
1201 | },
1202 | "IBM TeaLeaf, headers": {
1203 | "regex": "X-TeaLeaf-UIEventCapture-Version: ([\\d.]+)",
1204 | "alias": "cpe:/a:ibm:tealeaf_consumer_experience",
1205 | "type": "cpe"
1206 | },
1207 | "3DM, html": {
1208 | "alias": "3ware",
1209 | "regex": "3ware 3DM([\\d\\.]+)?",
1210 | "type": "software"
1211 | },
1212 | "3ware, headers": {
1213 | "alias": "3ware",
1214 | "regex": "Server:\\s*3ware\\/?([\\d\\.]+)?",
1215 | "type": "software"
1216 | },
1217 | "AMPcms, headers": {
1218 | "alias": "AMP CMS",
1219 | "regex": "X-AMP-Version:\\s*([\\d.]+)",
1220 | "type": "software"
1221 | },
1222 | "ATEN, headers": {
1223 | "alias": "ATEN",
1224 | "regex": "Server:\\s*ATEN HTTP Server(?:\\(?V?([\\d\\.]+)\\)?)?",
1225 | "type": "software"
1226 | },
1227 | "Angular Material, script": {
1228 | "alias": "Angular Material",
1229 | "regex": "/([\\d.]+(?:\\-?rc[.\\d]*)*)/angular-material(?:\\.min)?\\.js",
1230 | "type": "software"
1231 | },
1232 | "Canon HTTP Server, headers": {
1233 | "alias": "Canon HTTP Server",
1234 | "regex": "Server:\\s*CANON HTTP Server(?:/([\\d.]+))?",
1235 | "type": "software"
1236 | },
1237 | "Catwalk, headers": {
1238 | "alias": "Catwalk Server",
1239 | "regex": "Server:\\s*Catwalk\\/?([\\d\\.]+)?",
1240 | "type": "software"
1241 | },
1242 | "CenteHTTPd, headers": {
1243 | "alias": "CenteHTTPd",
1244 | "regex": "Server:\\s*CenteHTTPd(?:/([\\d.]+))?",
1245 | "type": "software"
1246 | },
1247 | "Decorum, headers": {
1248 | "alias": "Decorum",
1249 | "regex": "Server:\\s*DECORUM(?:/([\\d.]+))?",
1250 | "type": "software"
1251 | },
1252 | "ESERV-10, headers": {
1253 | "alias": "eserv",
1254 | "regex": "Server:\\s*ESERV-10(?:/([\\d.]+))?",
1255 | "type": "software"
1256 | },
1257 | "Embedthis-http, headers": {
1258 | "alias": "cpe:/a:embedthis:appweb",
1259 | "regex": "Server:\\s*Embedthis-http(?:/([\\d.]+))?",
1260 | "type": "cpe"
1261 | },
1262 | "FlashCom, headers": {
1263 | "alias": "cpe:/a:macromedia:flash_communication_server",
1264 | "regex": "Server:\\s*FlashCom/?([\\d\\.]+)?",
1265 | "type": "cpe"
1266 | },
1267 | "GitPHP, html": {
1268 | "alias": "GitPHP",
1269 | "regex": "<!-- gitphp web interface ([\\d.]+)",
1270 | "type": "software"
1271 | },
1272 | "Grandstream, headers": {
1273 | "alias": "cpe:/o:grandstream:gxv_device_firmware",
1274 | "regex": "Server:\\s*Grandstream\\/?([\\d\\.]+)?",
1275 | "type": "cpe"
1276 | },
1277 | "HTTP-Server, headers": {
1278 | "alias": "example.com HTTP-Server",
1279 | "regex": "Server:\\s*(?:^|[^-])\bHTTP-Server(?: ?/?V?([\\d.]+))?",
1280 | "type": "software"
1281 | },
1282 | "Happy ICS Server, headers": {
1283 | "alias": "Happy ICS",
1284 | "regex": "Server:\\s*Happy ICS Server(?:/([\\d.]+))?",
1285 | "type": "software"
1286 | },
1287 | "Highlight.js, script": {
1288 | "alias": "Highlight.js",
1289 | "regex": "/highlight\\.js/[\\d.]+?/highlight\\.min\\.js",
1290 | "type": "software"
1291 | },
1292 | "JC-HTTPD, headers": {
1293 | "alias": "JC-HTTPD",
1294 | "regex": "Server:\\s*JC-HTTPD(?:/([\\d.]+))?",
1295 | "type": "software"
1296 | },
1297 | "KS_HTTP, headers": {
1298 | "alias": "KS HTTP",
1299 | "regex": "Server:\\s*KS_HTTP\\/?([\\d\\.]+)?",
1300 | "type": "software"
1301 | },
1302 | "Motion-httpd, headers": {
1303 | "alias": "Motion-httpd",
1304 | "regex": "Server:\\s*Motion-httpd(?:/([\\d.]+))?",
1305 | "type": "software"
1306 | },
1307 | "Moxa, headers": {
1308 | "alias": "cpe:/h:moxa",
1309 | "regex": "Server:\\s*MoxaHttp(?:/([\\d.]+))?",
1310 | "type": "cpe"
1311 | },
1312 | "PerfSONAR-PS, headers": {
1313 | "alias": "PerfSONAR PS",
1314 | "regex": "User-agent:\\s*perfSONAR-PS/?([\\d\\.]+)?",
1315 | "type": "software"
1316 | },
1317 | "Petrojs, script": {
1318 | "alias": "Petrojs",
1319 | "regex": "(?:/([\\d.]+)/)?petrojs(?:\\.min)?\\.js",
1320 | "type": "software"
1321 | },
1322 | "RAID HTTPServer, headers": {
1323 | "alias": "RAID HTTPServer",
1324 | "regex": "Server:\\s*RAID HTTPServer(?:/([\\d.]+))?",
1325 | "type": "software"
1326 | },
1327 | "Rapid Logic, headers": {
1328 | "alias": "Rapid Logic",
1329 | "regex": "Server:\\s*Rapid Logic(?:/([\\d.]+))?",
1330 | "type": "software"
1331 | },
1332 | "Ruby on Rails, headers": {
1333 | "alias": "cpe:/a:rubyonrails:ruby_on_rails",
1334 | "regex": "X-Powered-By:\\s*(?:mod_rails|mod_rack|Phusion[\\._ ]Passenger)(?: \\(mod_rails/mod_rack\\))?(?: ?/?([\\d\\.]+))?",
1335 | "type": "cpe"
1336 | },
1337 | "Schneider Web Server, headers": {
1338 | "alias": "Schneider Web Server",
1339 | "regex": "Server:\\s*Schneider-WEB(?:/V?([\\d.]+))?",
1340 | "type": "software"
1341 | },
1342 | "Sentinel Keys Server, headers": {
1343 | "alias": "Sentinel Keys Server",
1344 | "regex": "Server:\\s*SentinelKeysServer\\/?([\\d\\.]+)?",
1345 | "type": "software"
1346 | },
1347 | "Sentinel Protection Server, headers": {
1348 | "alias": "Sentinel Protection Server",
1349 | "regex": "Server:\\s*SentinelProtectionServer\\/?([\\d\\.]+)?",
1350 | "type": "software"
1351 | },
1352 | "Xregex, script": {
1353 | "alias": "Xregex",
1354 | "regex": "/([\\d.]+)/xregex(?:\\.min)?\\.js",
1355 | "type": "software"
1356 | },
1357 | "eDevice SmartStack, headers": {
1358 | "alias": "eDevice SmartStack",
1359 | "regex": "Server:\\s*eDevice SmartStack(?: ?/?([\\d.]+))?",
1360 | "type": "software"
1361 | },
1362 | "eHTTP, headers": {
1363 | "alias": "eHTTP",
1364 | "regex": "Server:\\s*\beHTTP(?: v?([\\d\\.]+))?",
1365 | "type": "software"
1366 | },
1367 | "Igor Sysoev nginx": {
1368 | "regex": "nginx/([\\d.]+)",
1369 | "alias": "cpe:/a:igor_sysoev:nginx",
1370 | "type": "cpe"
1371 | },
1372 | "Java Server Faces": {
1373 | "regex": "JSF/([\\d.]+)",
1374 | "alias": "cpe:/a:oracle:mojarra",
1375 | "type": "cpe"
1376 | },
1377 | "Jetty": {
1378 | "regex": "Jetty\\(([v\\d.]+)\\)",
1379 | "alias": "cpe:/a:mortbay:jetty",
1380 | "type": "cpe"
1381 | },
1382 | "Wordpress": {
1383 | "regex": "name=\"generator\" content=\"WordPress ([\\d.]+)\"",
1384 | "alias": "wordpress",
1385 | "type": "software"
1386 | },
1387 | "Java": {
1388 | "regex": "java\\/([\\d\\.\\_]+)",
1389 | "alias": "cpe:/a:oracle:jre",
1390 | "type": "cpe"
1391 | },
1392 | "GlassFish Server": {
1393 | "regex": "GlassFish Server Open Source Edition ([\\d\\.]+)",
1394 | "alias": "cpe:/a:oracle:glassfish_server",
1395 | "type": "cpe"
1396 | },
1397 | "Oracle Weblogic": {
1398 | "regex": "WebLogic (:?Server )?([\\d\\.]+)",
1399 | "alias": "cpe:/a:oracle:weblogic_server",
1400 | "type": "cpe"
1401 | },
1402 | "Oracle Application Server Containers for J2EE 10g": {
1403 | "regex": "Oracle Application Server Containers for J2EE 10g \\(([\\d\\.]+)\\)",
1404 | "alias": "cpe:/a:oracle:application_server",
1405 | "type": "cpe"
1406 | },
1407 | "Oracle Application Server 10g": {
1408 | "regex": "Oracle.Application.Server.10g\\/([\\d\\.]+)",
1409 | "alias": "cpe:/a:oracle:application_server",
1410 | "type": "cpe"
1411 | },
1412 | "Oracle Application Server": {
1413 | "regex": "Oracle Application Server\\/([\\d\\.]+)",
1414 | "alias": "cpe:/a:oracle:application_server",
1415 | "type": "cpe"
1416 | },
1417 | "Oracle9iA": {
1418 | "regex": "Oracle9iAS\\/([\\d\\.]+)",
1419 | "alias": "cpe:/a:oracle:application_server",
1420 | "type": "cpe"
1421 | },
1422 | "Artifactory, headers": {
1423 | "regex": "Artifactory/([\\d.]+)",
1424 | "alias": "cpe:/a:jfrog:artifactory",
1425 | "type": "cpe"
1426 | },
1427 | "AngularJS, headers": {
1428 | "regex": "http://errors\\.angularjs\\.org/([\\d.]+)/",
1429 | "alias": "Angular",
1430 | "type": "software"
1431 | },
1432 | "jQuery UI, headers": {
1433 | "regex": "jQuery UI ([\\d.]+)",
1434 | "alias": "cpe:/a:jqueryui:jquery_ui",
1435 | "type": "cpe"
1436 | },
1437 | "jQuery, headers": {
1438 | "regex": "jQuery v([\\d.]+)",
1439 | "alias": "cpe:/a:jquery:jquery",
1440 | "type": "software"
1441 | },
1442 | "Underscore.js, headers": {
1443 | "regex": "Underscore\\.js ([\\d.]+)",
1444 | "alias": "Underscore.js",
1445 | "type": "software"
1446 | },
1447 | "Chart.js, cloudflare script": {
1448 | "alias": "Chart.js",
1449 | "regex": "cdnjs\\.cloudflare\\.com/ajax/libs/Chart\\.js/([\\d.]+(?:-[^/]+)?)/Chart.*\\.js",
1450 | "type": "software"
1451 | },
1452 | "Chart.js, jsdelivr script": {
1453 | "alias": "Chart.js",
1454 | "regex": "cdn\\.jsdelivr\\.net/npm/chart\\.js@([\\d.]+(?:-[^/]+)?|latest)/dist/Chart.*\\.js",
1455 | "type": "software"
1456 | },
1457 | "Chart.js, jsdelivr latest script": {
1458 | "alias": "Chart.js",
1459 | "regex": "cdn\\.jsdelivr\\.net/gh/chartjs/Chart\\.js@([\\d.]+(?:-[^/]+)?|latest)/dist/Chart.*\\.js",
1460 | "type": "software"
1461 | },
1462 | "Drupal, changelog": {
1463 | "alias": "Drupal",
1464 | "regex": "^Drupal ([\\d\\.]+),\\s\\d{4}-\\d{2}-\\d{2}\\n-{23}",
1465 | "type": "software"
1466 | }
1467 | }
1468 |
--------------------------------------------------------------------------------