projectdiscovery/nuclei-templates v9.8.5

v9.8.5 - AWS Cloud Config Review

on GitHub

🔥 Release Highlights 🔥

We're excited to share about Nuclei-Templates v9.8.5! This new version includes newly added AWS cloud config review templates.
These templates can be used by companies or pentesters for identifying misconfigurations in the AWS cloud environment.

Similarly by leveraging aws code templates, security teams will be able to write their own checks for identifying misconfigurations that are specific to their particular workflows. This will enable them to effectively identify and remediate potential security issues within AWS environments.

To use cloud configuration review templates, first we need set up the environment. This setup is similar to using the aws-cli, where you either add aws_access_key_id and aws_secret_access_key to the ~/.aws/credentials file or export them as environment variables.

nuclei -id aws-code-env -code

We've also introduced the concept of profiles, which allow users to run a specific set of templates tailored for a particular use case. For running AWS templates, we have a profile named aws-cloud-config.

Now you're all set to run the templates!

nuclei -config ~/nuclei-templates/profiles/aws-cloud-config.yml -cloud-upload

What's Changed

New Templates Added: 142 | CVEs Added: 10 | First-time contributions: 6

• http/cves/2024/CVE-2024-26331.yaml by @carsonchan12345 🔥
• http/cves/2024/CVE-2024-3400.yaml by @Salts,@parthmalhotra 🔥
• http/cves/2024/CVE-2024-3273.yaml by @pussycat0x 🔥
• code/cves/2024/CVE-2024-3094.yaml by @pdteam 🔥
• http/cves/2024/CVE-2024-2879.yaml by @d4ly 🔥
• http/cves/2024/CVE-2024-2389.yaml by @pdresearch,@parthmalhotra 🔥
• http/cves/2024/CVE-2024-0337.yaml by @Kazgangap
• javascript/cves/2023/CVE-2023-48795.yaml by @pussycat0x
• http/cves/2022/CVE-2022-24627.yaml by @geeknik
• http/cves/2022/CVE-2022-0424.yaml by @Kazgangap
• http/vulnerabilities/other/opencart-core-sqli.yaml by @Kazgangap
• http/vulnerabilities/other/quick-cms-sqli.yaml by @Kazgangap
• http/vulnerabilities/other/user-management-system-sqli.yaml by @f0xy
• cloud/aws/acm/acm-cert-expired.yaml by @princechaddha
• cloud/aws/acm/acm-cert-renewal-30days.yaml by @princechaddha
• cloud/aws/acm/acm-cert-renewal-45days.yaml by @princechaddha
• cloud/aws/acm/acm-cert-validation.yaml by @princechaddha
• cloud/aws/acm/acm-wildcard-cert.yaml by @princechaddha
• cloud/aws/aws-code-env.yaml by @princechaddha
• cloud/aws/cloudtrail/cloudtrail-data-events.yaml by @princechaddha
• cloud/aws/cloudtrail/cloudtrail-disabled.yaml by @princechaddha
• cloud/aws/cloudtrail/cloudtrail-dup-logs.yaml by @princechaddha
• cloud/aws/cloudtrail/cloudtrail-global-disabled.yaml by @princechaddha
• cloud/aws/cloudtrail/cloudtrail-integrated-cloudwatch.yaml by @princechaddha
• cloud/aws/cloudtrail/cloudtrail-log-integrity.yaml by @princechaddha
• cloud/aws/cloudtrail/cloudtrail-logs-not-encrypted.yaml by @princechaddha
• cloud/aws/cloudtrail/cloudtrail-mfa-delete.yaml by @princechaddha
• cloud/aws/cloudtrail/cloudtrail-mgmt-events.yaml by @princechaddha
• cloud/aws/cloudtrail/cloudtrail-public-buckets.yaml by @princechaddha
• cloud/aws/cloudtrail/cloudtrail-s3-bucket-logging.yaml by @princechaddha
• cloud/aws/cloudtrail/s3-object-lock-not-enabled.yaml by @princechaddha
• cloud/aws/cloudwatch/cw-alarm-action-set.yaml by @princechaddha
• cloud/aws/cloudwatch/cw-alarms-actions.yaml by @princechaddha
• cloud/aws/ec2/ec2-imdsv2.yaml by @princechaddha
• cloud/aws/ec2/ec2-public-ip.yaml by @princechaddha
• cloud/aws/ec2/ec2-sg-egress-open.yaml by @princechaddha
• cloud/aws/ec2/ec2-sg-ingress.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-cifs.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-dns.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-ftp.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-http.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-https.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-icmp.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-memcached.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-mongodb.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-mssql.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-mysql.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-netbios.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-opensearch.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-oracle.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-pgsql.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-rdp.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-redis.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-smtp.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-ssh.yaml by @princechaddha
• cloud/aws/ec2/ec2-unrestricted-telnet.yaml by @princechaddha
• cloud/aws/ec2/publicly-shared-ami.yaml by @princechaddha
• cloud/aws/ec2/unencrypted-aws-ami.yaml by @princechaddha
• cloud/aws/iam/iam-access-analyzer.yaml by @princechaddha
• cloud/aws/iam/iam-expired-ssl.yaml by @princechaddha
• cloud/aws/iam/iam-full-admin-privileges.yaml by @princechaddha
• cloud/aws/iam/iam-key-rotation-90days.yaml by @princechaddha
• cloud/aws/iam/iam-mfa-enable.yaml by @princechaddha
• cloud/aws/iam/iam-password-policy.yaml by @princechaddha
• cloud/aws/iam/iam-root-mfa.yaml by @princechaddha
• cloud/aws/iam/iam-ssh-keys-rotation.yaml by @princechaddha
• cloud/aws/iam/iam-unapproved-policy.yaml by @princechaddha
• cloud/aws/iam/iam-user-password-change.yaml by @princechaddha
• cloud/aws/iam/ssl-cert-renewal.yaml by @princechaddha
• cloud/aws/rds/aurora-copy-tags-snap.yaml by @princechaddha
• cloud/aws/rds/aurora-delete-protect.yaml by @princechaddha
• cloud/aws/rds/iam-db-auth.yaml by @princechaddha
• cloud/aws/rds/rds-backup-enable.yaml by @princechaddha
• cloud/aws/rds/rds-deletion-protection.yaml by @princechaddha
• cloud/aws/rds/rds-encryption-check.yaml by @princechaddha
• cloud/aws/rds/rds-event-notify.yaml by @princechaddha
• cloud/aws/rds/rds-event-sub-enable.yaml by @princechaddha
• cloud/aws/rds/rds-event-sub.yaml by @princechaddha
• cloud/aws/rds/rds-gp-ssd-usage.yaml by @princechaddha
• cloud/aws/rds/rds-public-snapshot.yaml by @princechaddha
• cloud/aws/rds/rds-public-subnet.yaml by @princechaddha
• cloud/aws/rds/rds-ri-payment-fail.yaml by @princechaddha
• cloud/aws/rds/rds-snapshot-encryption.yaml by @princechaddha
• cloud/aws/s3/s3-access-logging.yaml by @princechaddha
• cloud/aws/s3/s3-auth-fullcontrol.yaml by @princechaddha
• cloud/aws/s3/s3-bucket-key.yaml by @princechaddha
• cloud/aws/s3/s3-bucket-policy-public-access.yaml by @princechaddha
• cloud/aws/s3/s3-mfa-delete-check.yaml by @princechaddha
• cloud/aws/s3/s3-public-read-acp.yaml by @princechaddha
• cloud/aws/s3/s3-public-read.yaml by @princechaddha
• cloud/aws/s3/s3-public-write-acp.yaml by @princechaddha
• cloud/aws/s3/s3-public-write.yaml by @princechaddha
• cloud/aws/s3/s3-server-side-encryption.yaml by @princechaddha
• cloud/aws/s3/s3-versioning.yaml by @princechaddha
• cloud/aws/vpc/nacl-open-inbound.yaml by @princechaddha
• cloud/aws/vpc/nacl-outbound-restrict.yaml by @princechaddha
• cloud/aws/vpc/nat-gateway-usage.yaml by @princechaddha
• cloud/aws/vpc/unrestricted-admin-ports.yaml by @princechaddha
• cloud/aws/vpc/vpc-endpoint-exposed.yaml by @princechaddha
• cloud/aws/vpc/vpc-endpoints-not-deployed.yaml by @princechaddha
• cloud/aws/vpc/vpc-flowlogs-not-enabled.yaml by @princechaddha
• cloud/aws/vpc/vpn-tunnel-down.yaml by @princechaddha
• http/misconfiguration/apple-cups-exposure.yaml by @dhiyaneshdk
• http/misconfiguration/dlink-unauth-cgi-script.yaml by @pussycat0x
• http/misconfiguration/helm-dashboard-exposure.yaml by @dhiyaneshdk
• http/misconfiguration/installer/phpipam-installer.yaml by @dhiyaneshdk
• http/misconfiguration/intelbras-dvr-unauth.yaml by @pussycat0x
• http/misconfiguration/sentinel-license-monitor.yaml by @dhiyaneshdk
• http/misconfiguration/thanos-prometheus-exposure.yaml by @dhiyaneshdk
• http/default-logins/allnet/allnet-default-login.yaml by @ritikchaddha
• http/default-logins/asus/asus-rtn16-default-login.yaml by @ritikchaddha
• http/default-logins/asus/asus-wl500g-default-login.yaml by @ritikchaddha
• http/default-logins/asus/asus-wl520GU-default-login.yaml by @ritikchaddha
• http/default-logins/barco-clickshare-default-login.yaml by @ritikchaddha
• http/exposed-panels/akhq-panel.yaml by @dhiyaneshdk
• http/exposed-panels/algonomia-panel.yaml by @righettod
• http/exposed-panels/beyondtrust-priv-panel.yaml by @righettod
• http/exposed-panels/chemotargets-clarityvista-panel.yaml by @righettod
• http/exposed-panels/mitel-micollab-panel.yaml by @righettod
• http/exposed-panels/mitric-checker-panel.yaml by @righettod
• http/exposed-panels/ni-web-based-panel.yaml by @dhiyaneshdk
• http/exposed-panels/ollama-llm-panel.yaml by @pbuff07
• http/exposed-panels/outsystems-servicecenter-panel.yaml by @righettod
• http/exposed-panels/powerchute-network-panel.yaml by @dhiyaneshdk
• http/exposed-panels/rtm-web-panel.yaml by @dhiyaneshdk
• http/exposed-panels/suprema-biostar-panel.yaml by @ritikchaddha
• http/exposed-panels/tibco-spotfire-panel.yaml by @righettod
• http/exposed-panels/uipath-orchestrator-panel.yaml by @righettod
• http/exposed-panels/urbackup-panel.yaml by @dhiyaneshdk
• http/exposed-panels/zenml-dashboard-panel.yaml by @dhiyaneshdk
• http/exposures/apis/aspnet-soap-webservices-asmx.yaml by @righettod
• http/exposures/apis/redfish-api.yaml by @righettod
• http/exposures/files/ht-deployment.yaml by @Michal-Mikolas
• http/takeovers/gohire-takeover.yaml by @philippedelteil
• http/takeovers/helpdocs-takeover.yaml by @philippedelteil
• http/takeovers/softr-takeover.yaml by @philippedelteil
• http/takeovers/uptime-takeover.yaml by @philippedelteil
• http/technologies/citrix-xenmobile-version.yaml by @Puben
• http/technologies/splunkhec-detect.yaml by @idealphase
• http/technologies/tibco-spotfire-services-detect.yaml by @righettod
• ssl/c2/sliver-c2.yaml by @johnk3r
• dns/bimi-detect.yaml by @rxerium

New Contributors

• @d4lyw made their first contribution in #9512
• @Puben made their first contribution in #9530
• @carsonchan12345 made their first contribution in #9566
• @0xKayala made their first contribution in #9573
• @scottdharvey made their first contribution in #9585
• @Eyub-kurnaz made their first contribution in #9450

Full Changelog: v9.8.1...v9.8.5