Generate an Info risk for login portals

[treburn]

Feature Description We want to be able to identify login portals and create an Info risk today (possibly a tag in the future)

Problem Customers want to understand where their login portals are on their perimeter.

[noah-tutt-praetorian]

The crawler has the ability to identify fields that accept input for high-priority assets at the moment.

Depending on the exact criteria you're looking for, a nuclei template can likely handle this type of detection without an additional capability.

[michaelweber]

Is this something that we want on all assets, or just high-profile assets we crawl?

There's a few approaches we can take:

1. If it's high-profile assets only, we can run the crawler and then regex match the results for input fields along with the existence of text like "login", "sign up", "forgot my password", etc.
2. If we want to run against every http/https asset, we could do a single GET on the page that follows redirects and do a similar lookup to those checks, it just won't be as thorough if the login page requires clicking a link on the page first.

[treburn]

I would say we want this for all assets in scope, not just high-profile assets. This ticket was created based on feedback from a recent customer call.

[michaelweber]

Make sense, so approach 2 from what I just edited in before you responded will probably make sense.

[michaelweber]

@noah-tutt-praetorian's Nuclei idea was most straightforward to solve this. I've added a Nuclei template in https://github.com/praetorian-inc/nuclei-templates/pull/126 to address this.

[treburn]

Let's hold for now before we deploy. We are working on a tagging solution and also want to test that template a bit.

[michaelweber]

No problem - when you're ready for us to integrate - let us know.

[michaelweber]

The Nuclei template is completed and has been tagged such that it will appear as a metadata attribute.