Open treburn opened 1 week ago
The crawler has the ability to identify fields that accept input for high-priority assets at the moment.
Depending on the exact criteria you're looking for, a nuclei template can likely handle this type of detection without an additional capability.
Is this something that we want on all assets, or just high-profile assets we crawl?
There's a few approaches we can take:
I would say we want this for all assets in scope, not just high-profile assets. This ticket was created based on feedback from a recent customer call.
Make sense, so approach 2 from what I just edited in before you responded will probably make sense.
@noah-tutt-praetorian's Nuclei idea was most straightforward to solve this. I've added a Nuclei template in https://github.com/praetorian-inc/nuclei-templates/pull/126 to address this.
Let's hold for now before we deploy. We are working on a tagging solution and also want to test that template a bit.
No problem - when you're ready for us to integrate - let us know.
The Nuclei template is completed and has been tagged such that it will appear as a metadata attribute.
Feature Description We want to be able to identify login portals and create an Info risk today (possibly a tag in the future)
Problem Customers want to understand where their login portals are on their perimeter.