|
5 | 5 | - response_payload: |
6 | 6 | regex: |
7 | 7 | - (?m)(?:^Exception in thread "[^"]*"\s*$|\b(?:java|javax|jakarta)(?:\.[\w$]+)*\.[A-Z][\w$]*E(?:xception|rror)\b|\b(?:org|com)(?:\.[\w$]+)*\.[A-Z][\w$]*E(?:xception|rror)\b|^\s*at\s+(?:ja(?:vax?|karta)|org|com)\.(?:[\w$]+\.)+[\w$<>]+\([^()\r\n]*\)\s*$|^\s*goroutine\s+\d+\s+\[[^\]]*]:\s*$|^\s*panic:\s+.+$|^\s*Traceback\s+\(most recent call last\):\s*$|^\s*File\s+".+?",\s+line\s+\d+,\s+in\s+\w+\s*$) |
8 | | - - request_headers: |
9 | | - for_one: |
10 | | - key: |
11 | | - eq: host |
12 | | - value: |
13 | | - regex: ^(?:\d{1,3}(?:\.\d{1,3}){3}|[a-zA-Z0-9.-]+:\d+)$ |
14 | 8 | info: |
15 | 9 | name: "SecurityMisconfig" |
16 | 10 | description: "Security misconfigurations occur when systems, applications, or APIs are not securely configured, exposing vulnerabilities that attackers can exploit. This includes improper settings, default configurations, unnecessary features enabled, or misconfigured permissions, leading to unauthorized access or data exposure." |
|
0 commit comments