RubyGems - intrigue-ident - Versions diffs - 0.2 → 0.9.9 - Mend

intrigue-ident 0.2 → 0.9.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (484) hide show

checksums.yaml +4 -4
data/.circleci/config.yml +21 -0
data/.gitignore +3 -0
data/.ruby-version +1 -0
data/Dockerfile +39 -0
data/Gemfile +10 -3
data/Gemfile.lock +35 -20
data/LICENSE.md +12 -0
data/README.md +79 -0
data/checks/ftp/base.rb +15 -0
data/checks/ftp/filezilla.rb +28 -0
data/checks/ftp/microsoft.rb +27 -0
data/checks/ftp/proftp.rb +28 -0
data/checks/ftp/pureftpd.rb +27 -0
data/checks/ftp/vsftp.rb +28 -0
data/checks/http/123reg.rb +31 -0
data/checks/http/acme.rb +28 -0
data/checks/http/acquia.rb +28 -0
data/checks/http/adeptia.rb +30 -0
data/checks/http/adobe.rb +168 -0
data/checks/http/advantshop.rb +33 -0
data/checks/http/afrihost.rb +29 -0
data/checks/http/aftermarketpl.rb +46 -0
data/checks/http/agility.rb +34 -0
data/checks/http/akamai.rb +88 -0
data/checks/http/alkacon.rb +30 -0
data/checks/http/allegro.rb +28 -0
data/checks/http/almuba.rb +30 -0
data/checks/http/amazon.rb +263 -0
data/checks/http/amirocms.rb +30 -0
data/checks/http/anelectron.rb +29 -0
data/checks/http/anquanbao.rb +32 -0
data/checks/http/aol.rb +29 -0
data/checks/http/apache.rb +358 -0
data/checks/http/appdynamics.rb +43 -0
data/checks/http/arris.rb +30 -0
data/checks/http/artifactory.rb +30 -0
data/checks/http/aruba.rb +27 -0
data/checks/http/atlassian.rb +152 -0
data/checks/http/auth0.rb +44 -0
data/checks/http/automattic.rb +292 -0
data/checks/http/axinom.rb +30 -0
data/checks/http/axios.rb +29 -0
data/checks/http/axis.rb +27 -0
data/checks/http/axway.rb +33 -0
data/checks/http/backdrop.rb +30 -0
data/checks/http/banu.rb +30 -0
data/checks/http/barracuda.rb +99 -0
data/checks/http/base.rb +139 -0
data/checks/http/beehive.rb +30 -0
data/checks/http/bigcartel.rb +33 -0
data/checks/http/bigcommerce.rb +33 -0
data/checks/http/binarysec.rb +47 -0
data/checks/http/bitly.rb +40 -0
data/checks/http/blackboard.rb +44 -0
data/checks/http/blueimp.rb +27 -0
data/checks/http/bomgar.rb +27 -0
data/checks/http/bootstrap.rb +27 -0
data/checks/http/bower.rb +28 -0
data/checks/http/broadcom.rb +29 -0
data/checks/http/brocade.rb +39 -0
data/checks/http/browsermedia.rb +29 -0
data/checks/http/bsm.rb +29 -0
data/checks/http/bynder.rb +31 -0
data/checks/http/calibre.rb +33 -0
data/checks/http/centos.rb +28 -0
data/checks/http/cerberus.rb +28 -0
data/checks/http/charity_engine.rb +27 -0
data/checks/http/checkpoint.rb +56 -0
data/checks/http/cherokee.rb +29 -0
data/checks/http/cisco.rb +134 -0
data/checks/http/citrix.rb +137 -0
data/checks/http/cloud_city.rb +30 -0
data/checks/http/cloudflare.rb +219 -0
data/checks/http/cmsimple.rb +30 -0
data/checks/http/codeigniter.rb +26 -0
data/checks/http/communigate.rb +32 -0
data/checks/http/concrete5.rb +30 -0
data/checks/http/contenido.rb +33 -0
data/checks/http/content/analytics.rb +40 -0
data/checks/http/content/authentication.rb +111 -0
data/checks/http/content/content.rb +92 -0
data/checks/http/content/security_headers.rb +70 -0
data/checks/http/cpanel.rb +56 -0
data/checks/http/cradlepoint.rb +30 -0
data/checks/http/craft.rb +42 -0
data/checks/http/crazydomains.rb +31 -0
data/checks/http/crowdstrike.rb +27 -0
data/checks/http/dan.rb +30 -0
data/checks/http/danneo.rb +30 -0
data/checks/http/day.rb +31 -0
data/checks/http/debian.rb +27 -0
data/checks/http/dell.rb +43 -0
data/checks/http/dev_php.rb +30 -0
data/checks/http/discourse.rb +30 -0
data/checks/http/discuz!.rb +30 -0
data/checks/http/distil.rb +27 -0
data/checks/http/django.rb +27 -0
data/checks/http/dmanager.rb +29 -0
data/checks/http/dns_made_easy.rb +29 -0
data/checks/http/docuwiki.rb +27 -0
data/checks/http/docverify.rb +29 -0
data/checks/http/domain_parking_ru.rb +31 -0
data/checks/http/domainname_shop.rb +30 -0
data/checks/http/dosarrest.rb +29 -0
data/checks/http/dreamhost.rb +31 -0
data/checks/http/drupal.rb +91 -0
data/checks/http/duo.rb +45 -0
data/checks/http/dyn.rb +41 -0
data/checks/http/dynamicweb.rb +29 -0
data/checks/http/dynatrace.rb +40 -0
data/checks/http/easyname.rb +44 -0
data/checks/http/eclipse.rb +64 -0
data/checks/http/enservio.rb +29 -0
data/checks/http/envoy.rb +26 -0
data/checks/http/epiccom.rb +31 -0
data/checks/http/ergon.rb +31 -0
data/checks/http/expressjs.rb +27 -0
data/checks/http/ezproxy.rb +28 -0
data/checks/http/f5.rb +122 -0
data/checks/http/facebook.rb +27 -0
data/checks/http/fastly.rb +67 -0
data/checks/http/first_domains.rb +31 -0
data/checks/http/flywheel.rb +30 -0
data/checks/http/forgerock.rb +43 -0
data/checks/http/fortinet.rb +29 -0
data/checks/http/fresh_service.rb +30 -0
data/checks/http/frontify.rb +29 -0
data/checks/http/generic.rb +272 -0
data/checks/http/github.rb +40 -0
data/checks/http/gitlab.rb +30 -0
data/checks/http/glimpse.rb +32 -0
data/checks/http/globalscape.rb +27 -0
data/checks/http/goahead.rb +31 -0
data/checks/http/godaddy.rb +31 -0
data/checks/http/google.rb +164 -0
data/checks/http/google_cloud.rb +27 -0
data/checks/http/grafana.rb +27 -0
data/checks/http/gunicorn.rb +30 -0
data/checks/http/haskell.rb +31 -0
data/checks/http/heroku.rb +77 -0
data/checks/http/hikvision.rb +29 -0
data/checks/http/hp.rb +27 -0
data/checks/http/hubspot.rb +104 -0
data/checks/http/ibm.rb +182 -0
data/checks/http/icewarp.rb +29 -0
data/checks/http/impresspages.rb +30 -0
data/checks/http/imunify360.rb +28 -0
data/checks/http/incapsula.rb +54 -0
data/checks/http/ingram_micro.rb +28 -0
data/checks/http/innovative_interfaces_inc.rb +27 -0
data/checks/http/inside_sales.rb +27 -0
data/checks/http/instra.rb +61 -0
data/checks/http/intercom.rb +27 -0
data/checks/http/ivanti.rb +28 -0
data/checks/http/jamf.rb +31 -0
data/checks/http/jekyll.rb +31 -0
data/checks/http/jenkins.rb +59 -0
data/checks/http/jetbrains.rb +27 -0
data/checks/http/jetty.rb +27 -0
data/checks/http/jforum.rb +27 -0
data/checks/http/jitbit.rb +30 -0
data/checks/http/jive.rb +27 -0
data/checks/http/joomla.rb +43 -0
data/checks/http/jquery.rb +58 -0
data/checks/http/jupyter.rb +28 -0
data/checks/http/kentico.rb +27 -0
data/checks/http/kerio.rb +34 -0
data/checks/http/kibana.rb +56 -0
data/checks/http/kong.rb +32 -0
data/checks/http/kubernetes.rb +66 -0
data/checks/http/laravel.rb +27 -0
data/checks/http/lastpass.rb +27 -0
data/checks/http/lcn.rb +27 -0
data/checks/http/leadpages.rb +29 -0
data/checks/http/lighttpd.rb +31 -0
data/checks/http/limelight_networks.rb +43 -0
data/checks/http/limesuvey.rb +27 -0
data/checks/http/link1.rb +31 -0
data/checks/http/linksys.rb +38 -0
data/checks/http/litespeed.rb +29 -0
data/checks/http/lithium.rb +43 -0
data/checks/http/lotus.rb +55 -0
data/checks/http/magento.rb +96 -0
data/checks/http/magnolia.rb +27 -0
data/checks/http/mailchimp.rb +27 -0
data/checks/http/manage_engine.rb +27 -0
data/checks/http/markmonitor.rb +27 -0
data/checks/http/mbf_bioscience.rb +29 -0
data/checks/http/mcafee.rb +27 -0
data/checks/http/media_temple.rb +27 -0
data/checks/http/mediawiki.rb +54 -0
data/checks/http/mhcsoftwareinc.rb +29 -0
data/checks/http/microsoft.rb +1325 -0
data/checks/http/mikrotik.rb +44 -0
data/checks/http/modwsgi.rb +30 -0
data/checks/http/mojolicious.rb +32 -0
data/checks/http/moodle.rb +28 -0
data/checks/http/mura.rb +30 -0
data/checks/http/nagios.rb +27 -0
data/checks/http/namesilo.rb +31 -0
data/checks/http/nationbuilder.rb +30 -0
data/checks/http/nec.rb +32 -0
data/checks/http/netlify.rb +40 -0
data/checks/http/netobjects_inc.rb +30 -0
data/checks/http/netscape.rb +29 -0
data/checks/http/neustar.rb +29 -0
data/checks/http/new_relic.rb +27 -0
data/checks/http/nexicom.rb +44 -0
data/checks/http/nginx.rb +82 -0
data/checks/http/nisource.rb +29 -0
data/checks/http/nodejs.rb +79 -0
data/checks/http/okta.rb +53 -0
data/checks/http/ookla.rb +28 -0
data/checks/http/openbsd.rb +30 -0
data/checks/http/openresty.rb +41 -0
data/checks/http/openscholar.rb +27 -0
data/checks/http/opensolution.rb +46 -0
data/checks/http/openssl.rb +43 -0
data/checks/http/opentext.rb +46 -0
data/checks/http/openvpn.rb +27 -0
data/checks/http/opscode.rb +43 -0
data/checks/http/oracle.rb +335 -0
data/checks/http/orion_technology.rb +30 -0
data/checks/http/ovh.rb +46 -0
data/checks/http/palo_alto.rb +27 -0
data/checks/http/pantheon.rb +54 -0
data/checks/http/papercut.rb +29 -0
data/checks/http/parallels.rb +44 -0
data/checks/http/pardot.rb +44 -0
data/checks/http/parkingcrew.rb +47 -0
data/checks/http/pbworks.rb +27 -0
data/checks/http/perfectsense.rb +28 -0
data/checks/http/perl.rb +62 -0
data/checks/http/pfsense.rb +27 -0
data/checks/http/php.rb +72 -0
data/checks/http/phpmyadmin.rb +40 -0
data/checks/http/phpwind.rb +30 -0
data/checks/http/phusion.rb +59 -0
data/checks/http/ping_identity.rb +28 -0
data/checks/http/pivotal_software.rb +97 -0
data/checks/http/pjax.rb +40 -0
data/checks/http/plesk.rb +58 -0
data/checks/http/porkbun.rb +31 -0
data/checks/http/progress.rb +30 -0
data/checks/http/proofpoint.rb +30 -0
data/checks/http/pulsesecure.rb +91 -0
data/checks/http/python.rb +30 -0
data/checks/http/qnap.rb +43 -0
data/checks/http/qualys.rb +69 -0
data/checks/http/rapid7.rb +27 -0
data/checks/http/rbs.rb +30 -0
data/checks/http/readmeio.rb +28 -0
data/checks/http/red_hat.rb +95 -0
data/checks/http/redmine.rb +38 -0
data/checks/http/restlet.rb +30 -0
data/checks/http/ritecms.rb +30 -0
data/checks/http/roadiz.rb +30 -0
data/checks/http/rock.rb +30 -0
data/checks/http/rollbar.rb +27 -0
data/checks/http/roundcube.rb +42 -0
data/checks/http/ruby.rb +92 -0
data/checks/http/ruckus_wireless.rb +26 -0
data/checks/http/sailpoint.rb +30 -0
data/checks/http/salesforce.rb +28 -0
data/checks/http/sap.rb +149 -0
data/checks/http/seamless_cms.rb +30 -0
data/checks/http/securi.rb +54 -0
data/checks/http/sedo.rb +63 -0
data/checks/http/segment.rb +27 -0
data/checks/http/sencha.rb +31 -0
data/checks/http/sentry.rb +27 -0
data/checks/http/serendipity.rb +30 -0
data/checks/http/shopfactory.rb +30 -0
data/checks/http/sip.rb +29 -0
data/checks/http/sitecore.rb +39 -0
data/checks/http/smartling.rb +27 -0
data/checks/http/smf.rb +30 -0
data/checks/http/snews.rb +30 -0
data/checks/http/software_ag.rb +47 -0
data/checks/http/soha.rb +66 -0
data/checks/http/solarwinds.rb +41 -0
data/checks/http/sonatype.rb +43 -0
data/checks/http/sonicwall.rb +63 -0
data/checks/http/sophos.rb +40 -0
data/checks/http/southriver.rb +43 -0
data/checks/http/splash.rb +29 -0
data/checks/http/splunk.rb +27 -0
data/checks/http/springfox.rb +43 -0
data/checks/http/squarespace.rb +41 -0
data/checks/http/stackpath.rb +29 -0
data/checks/http/stibo_systems.rb +35 -0
data/checks/http/subrion.rb +29 -0
data/checks/http/symantec.rb +27 -0
data/checks/http/synacor.rb +26 -0
data/checks/http/tableau_software.rb +42 -0
data/checks/http/telerik.rb +46 -0
data/checks/http/tengine.rb +29 -0
data/checks/http/tibco.rb +57 -0
data/checks/http/townnews.rb +33 -0
data/checks/http/tridium.rb +28 -0
data/checks/http/twiki.rb +27 -0
data/checks/http/typo3.rb +27 -0
data/checks/http/uberflip.rb +28 -0
data/checks/http/ucoz.rb +31 -0
data/checks/http/umbraco.rb +29 -0
data/checks/http/unbounce.rb +28 -0
data/checks/http/united_domains.rb +27 -0
data/checks/http/vanilla_forums.rb +27 -0
data/checks/http/varnish.rb +79 -0
data/checks/http/vbulletin.rb +66 -0
data/checks/http/verizon.rb +27 -0
data/checks/http/vmware.rb +53 -0
data/checks/http/vue_js.rb +27 -0
data/checks/http/webflow.rb +44 -0
data/checks/http/webgui.rb +30 -0
data/checks/http/webmin.rb +44 -0
data/checks/http/webpagetest_project.rb +30 -0
data/checks/http/wftpserver.rb +28 -0
data/checks/http/wildfly.rb +29 -0
data/checks/http/wix.rb +28 -0
data/checks/http/woltlab_gmbh.rb +30 -0
data/checks/http/wordpress/ithemes.rb +50 -0
data/checks/http/wordpress/john_godley.rb +29 -0
data/checks/http/wordpress/pixelcraft.rb +31 -0
data/checks/http/wordpress/rocklobster.rb +29 -0
data/checks/http/wordpress/team_heateor.rb +31 -0
data/checks/http/wordpress/w3_total_cache.rb +30 -0
data/checks/http/wordpress/wp_fastest_cache.rb +30 -0
data/checks/http/wordpress/wp_super_cache.rb +46 -0
data/checks/http/wordpress/wpbakery.rb +30 -0
data/checks/http/world4you.rb +46 -0
data/checks/http/wp_engine.rb +57 -0
data/checks/http/xcms.rb +30 -0
data/checks/http/xelion.rb +27 -0
data/checks/http/xerox.rb +27 -0
data/checks/http/xmb.rb +30 -0
data/checks/http/xtec.rb +30 -0
data/checks/http/yaf.rb +30 -0
data/checks/http/yaws.rb +30 -0
data/checks/http/yoast.rb +31 -0
data/checks/http/zeit.rb +30 -0
data/checks/http/zendesk.rb +41 -0
data/checks/http/zengenti.rb +30 -0
data/checks/http/zoho.rb +69 -0
data/checks/http/zscaler.rb +30 -0
data/checks/smtp/base.rb +16 -0
data/checks/smtp/exim.rb +30 -0
data/checks/snmp/base.rb +15 -0
data/checks/snmp/cisco.rb +59 -0
data/checks/ssh/array_networks.rb +28 -0
data/checks/ssh/base.rb +16 -0
data/checks/ssh/openssh.rb +26 -0
data/checks/telnet/base.rb +16 -0
data/checks/telnet/huawei.rb +26 -0
data/data/logos/acquia.png +0 -0
data/data/logos/amazon_cloudfront.png +0 -0
data/data/logos/apache_coyote.png +0 -0
data/data/logos/apache_tomcat.png +0 -0
data/data/logos/atlassian_bamboo.png +0 -0
data/data/logos/atlassian_bitbucket.png +0 -0
data/data/logos/atlassian_confluence.png +0 -0
data/data/logos/atlassian_crowd.png +0 -0
data/data/logos/atlassian_crucible.png +0 -0
data/data/logos/atlassian_fisheye.png +0 -0
data/data/logos/atlassian_jira.png +0 -0
data/data/logos/atlassian_sourcetree.png +0 -0
data/data/logos/automattic_wordpress.png +0 -0
data/data/logos/calibre.png +0 -0
data/data/logos/cisco_ssl_vpn.png +0 -0
data/data/logos/citrix_netscaler_gateway.png +0 -0
data/data/logos/cloudflare_cdn.png +0 -0
data/data/logos/drupal.png +0 -0
data/data/logos/f5_big-ip.png +0 -0
data/data/logos/f5_big-ip_apm.png +0 -0
data/data/logos/fastly.png +0 -0
data/data/logos/generic.png +0 -0
data/data/logos/gitlab.png +0 -0
data/data/logos/ibm_axway_securetransport.png +0 -0
data/data/logos/lithium.png +0 -0
data/data/logos/microsoft_asp.net.png +0 -0
data/data/logos/microsoft_iis.png +0 -0
data/data/logos/microsoft_outlook_web_access.png +0 -0
data/data/logos/microsoft_sharepoint.png +0 -0
data/data/logos/microtik_routeros.png +0 -0
data/data/logos/mikrotik_routeros.png +0 -0
data/data/logos/newrelic.png +0 -0
data/data/logos/nginx.png +0 -0
data/data/logos/okta.png +0 -0
data/data/logos/oracle_glassfish.png +0 -0
data/data/logos/oracle_java_application_server.png +0 -0
data/data/logos/oracle_java_server_pages.png +0 -0
data/data/logos/oracle_weblogic.png +0 -0
data/data/logos/phpmyadmin.png +0 -0
data/data/logos/tableau.png +0 -0
data/data/logos/vmware_esxi.png +0 -0
data/data/logos/vmware_horizon.png +0 -0
data/data/logos/zendesk.png +0 -0
data/data/logos/zimbra_server.png +0 -0
data/data/microsoft_sharepoint_versions.csv +224 -0
data/intrigue-ident.gemspec +8 -7
data/lib/banner_helpers.rb +36 -0
data/lib/ftp/check_factory.rb +24 -0
data/lib/ftp/content.rb +13 -0
data/lib/ftp/ftp.rb +52 -0
data/lib/ftp/matchers.rb +26 -0
data/lib/http/browser.rb +260 -0
data/lib/http/check_factory.rb +47 -0
data/lib/http/content.rb +45 -0
data/lib/http/http.rb +463 -0
data/lib/http/matchers.rb +132 -0
data/lib/ident.rb +263 -0
data/lib/recog_wrapper.rb +70 -0
data/lib/simple_socket.rb +41 -0
data/lib/smtp/check_factory.rb +24 -0
data/lib/smtp/content.rb +13 -0
data/lib/smtp/matchers.rb +28 -0
data/lib/smtp/smtp.rb +53 -0
data/lib/snmp/check_factory.rb +24 -0
data/lib/snmp/content.rb +13 -0
data/lib/snmp/matchers.rb +25 -0
data/lib/snmp/snmp.rb +55 -0
data/lib/ssh/check_factory.rb +24 -0
data/lib/ssh/content.rb +13 -0
data/lib/ssh/matchers.rb +26 -0
data/lib/ssh/ssh.rb +52 -0
data/lib/telnet/check_factory.rb +24 -0
data/lib/telnet/content.rb +13 -0
data/lib/telnet/matchers.rb +26 -0
data/lib/telnet/telnet.rb +52 -0
data/lib/utils.rb +19 -0
data/lib/version.rb +3 -0
data/lib/vulndb_client.rb +43 -0
data/util/console.rb +9 -0
data/util/docker.sh +2 -0
data/util/ident.rb +375 -0
data/util/list_paths.rb +12 -0
data/util/tags.rb +36 -0
data/utils.rb +19 -0
metadata +487 -55
data/ident.rb +0 -319
data/lib/check_factory.rb +0 -22
data/lib/checks/akamai.rb +0 -22
data/lib/checks/amazon.rb +0 -26
data/lib/checks/aruba.rb +0 -20
data/lib/checks/asp_net.rb +0 -70
data/lib/checks/atlassian.rb +0 -55
data/lib/checks/base.rb +0 -13
data/lib/checks/chef.rb +0 -31
data/lib/checks/cisco.rb +0 -33
data/lib/checks/citrix.rb +0 -24
data/lib/checks/cloudflare.rb +0 -59
data/lib/checks/cloudfront.rb +0 -41
data/lib/checks/cpanel.rb +0 -23
data/lib/checks/django.rb +0 -22
data/lib/checks/drupal.rb +0 -26
data/lib/checks/f5.rb +0 -24
data/lib/checks/fastly.rb +0 -22
data/lib/checks/generic.rb +0 -23
data/lib/checks/gitlab.rb +0 -22
data/lib/checks/google.rb +0 -23
data/lib/checks/grafana.rb +0 -22
data/lib/checks/jenkins.rb +0 -40
data/lib/checks/joomla.rb +0 -23
data/lib/checks/limesuvey.rb +0 -22
data/lib/checks/lithium.rb +0 -30
data/lib/checks/magento.rb +0 -22
data/lib/checks/mcafee.rb +0 -22
data/lib/checks/mediawiki.rb +0 -38
data/lib/checks/microsoft.rb +0 -69
data/lib/checks/nagios.rb +0 -22
data/lib/checks/oracle.rb +0 -38
data/lib/checks/palo_alto.rb +0 -23
data/lib/checks/pardot.rb +0 -22
data/lib/checks/pfsense.rb +0 -25
data/lib/checks/phpmyadmin.rb +0 -22
data/lib/checks/rabbitmq.rb +0 -29
data/lib/checks/spring.rb +0 -31
data/lib/checks/team_city.rb +0 -22
data/lib/checks/telerik.rb +0 -25
data/lib/checks/tomcat.rb +0 -22
data/lib/checks/varnish.rb +0 -27
data/lib/checks/wordpress.rb +0 -120
data/lib/checks/wp_engine.rb +0 -22

data/checks/http/content/authentication.rb ADDED

@@ -0,0 +1,111 @@
+module Intrigue
+module Ident
+module Check
+class Authentication < Intrigue::Ident::Check::Base
+  def generate_checks(url)
+    [
+      {
+        :type => "content",
+        :name => "Authentication - HTTP",
+        :match_type => :content_headers,
+        :dynamic_result => lambda { |d|
+          return false unless d["details"]["headers"]
+          return true if _first_header_match(d, /^www-authenticate:.*$/)
+        false
+        },
+        :dynamic_hide => lambda { |d| false },
+        :dynamic_issue => lambda { |d| false },
+        :paths => ["#{url}"]
+      },
+      {
+        :type => "content",
+        :name => "Authentication - NTLM",
+        :match_type => :content_headers,
+        :dynamic_result => lambda { |d|
+          return false unless d["details"]["headers"]
+          return true if _first_header_match(d, /^www-authenticate: NTLM$/i)
+        false
+        },
+        :dynamic_hide => lambda { |d| false },
+        :dynamic_issue => lambda { |d| false },
+        :paths => ["#{url}"]
+      },
+      {
+        :type => "content",
+        :name =>"Authentication - Forms",
+        :references => [
+          "https://webstersprodigy.net/2010/04/07/nmap-script-to-try-and-detect-login-pages/",
+          "https://nmap.org/nsedoc/scripts/http-auth-finder.html"
+        ],
+        :match_type => :content_body,
+        :dynamic_result => lambda { |d|
+          return true if _body(d) =~ /<input type=\"password\"/im;
+          return true if _body(d) =~ /<script>[^>]*login/im;
+          return true if _body(d) =~ /<[^>]*login/im;
+          return true if _body(d) =~ /<script>[^>]*password/im;
+          return true if _body(d) =~ /<script>[^>]*user/im;
+          return true if _body(d) =~ /<input[^>)]*user/im;
+          return true if _body(d) =~ /<input[^>)]*pass/im;
+          return true if _body(d) =~ /<input[^>)]*pwd/im;
+          return true if _body(d) =~ /log_in/im;
+          return true if _body(d) =~ /log_out/im;
+          return true if _body(d) =~ /class=\"login-btn/im;
+          return true if _body(d) =~ /<[^>]*login/im;
+          return true if _body(d) =~ />Login<\/a>/im;
+          return true if _body(d) =~ />Logout<\/a>/im;
+          return true if _body(d) =~ />Log In<\/a>/im;
+          return true if _body(d) =~ />Log Out<\/a>/im;
+          return true if _body(d) =~ />Sign In<\/a>/im;
+          return true if _body(d) =~ /sign\ in/im;
+          return true if _body(d) =~ /sign_in/im;
+          return true if _body(d) =~ /create an account/im;
+          return true if _body(d) =~ /create_account/im;
+        false
+        },
+        :dynamic_hide => lambda { |d| false },
+        :dynamic_issue => lambda { |d| false },
+        :paths => ["#{url}"]
+      },
+      {
+        :type => "content",
+        :name => "Authentication - Session Identifier",
+        :references => [
+          "https://github.com/fuzzdb-project/fuzzdb/blob/ecb0850538bc9152949fa4579654d6b64e2fdb97/regex/sessionid.txt"
+        ],
+        :match_type => :content_cookies,
+        :dynamic_result => lambda { |d|
+          return false unless d["details"]["cookies"]
+          return true if _first_cookie_match d, /ASP.NET_SessionId/i
+          return true if _first_cookie_match d, /ASPSESSIONID/i
+          return true if _first_cookie_match d, /ASPXAUTH/i
+          return true if _first_cookie_match d, /barra_counter_session/i
+          return true if _first_cookie_match d, /cfid/i
+          return true if _first_cookie_match d, /cftoken/i
+          return true if _first_cookie_match d, /_enservio_session/i
+          return true if _first_cookie_match d, /grafana_sess/i
+          return true if _first_cookie_match d, /_gitlab_session/i
+          return true if _first_cookie_match d, /jive.login.ts/i
+          return true if _first_cookie_match d, /JSESSIONID/i
+          return true if _first_cookie_match d, /LiSESSIONID/i
+          return true if _first_cookie_match d, /MRHSession/i
+          return true if _first_cookie_match d, /sails.sid/i
+          return true if _first_cookie_match d, /sessid/i
+          return true if _first_cookie_match d, /session/i
+          return true if _first_cookie_match d, /sid/i
+          return true if _first_cookie_match d, /SITESERVER/i
+          return true if _first_cookie_match d, /TWIKISID/i
+          return true if _first_cookie_match d, /viewstate/i
+          return true if _first_cookie_match d, /zenid/i
+        false
+        },
+        :dynamic_hide => lambda { |d| false },
+        :dynamic_issue => lambda { |d| false },
+        :paths => ["#{url}"]
+      },
+    ]
+  end
+end
+end
+end
+end

data/checks/http/content/content.rb ADDED

@@ -0,0 +1,92 @@
+module Intrigue
+module Ident
+module Check
+class Content < Intrigue::Ident::Check::Base
+  def generate_checks(url)
+    [
+      {
+        :type => "content",
+        :name =>"Location Header",
+        :match_type => :content_header,
+        :dynamic_result => lambda { |d| _first_header_capture(d,/^location:(.*)$/i) },
+        :dynamic_hide => lambda { |d| false },
+        :dynamic_issue => lambda { |d| false },
+        :paths => ["#{url}"]
+      },
+      {
+        :type => "content",
+        :name =>"Directory Listing Detected",
+        :match_type => :content_title,
+        :dynamic_result => lambda { |d| (
+          _first_title_match(d,/Index of \//) ||
+          _first_body_match(d, /<h1>Index of \//) ||
+          _first_body_match(d, /\[To Parent Directory\]/) ) ? true : false },
+        :dynamic_hide => lambda { |d| false },
+        :issue => "directory_listing_detected",
+        :paths => ["#{url}"]
+      },
+      #{
+      #  :type => "content",
+      #  :name =>"Open Redirect Detected",
+      #  :match_type => :content_body,
+      #  :references => [
+      #    "https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Open%20Redirect"
+      #  ],
+      #  :dynamic_result => lambda { |d|
+      #    regex_list = [
+      #    /\?next=http/i,/\?url=http/i,/\?target=http/i,/\?rurl=http/i,
+      #    /\?dest=http/i,/\?destination=http/i,/\?redir=http/i,
+      #    /\?redirect_uri=http/i,/\?redirect_url=http/i,/\?redirect=http/i,
+      #    /\/redirect\/http/i,/\/cgi-bin\/redirect.cgi\?http/i,/\/out\/http/i,
+      #    /\/out\?http/i,/\?view=http/i,/\/login\?to=http/i,/\?image_url=http/i,
+      #    /\?go=http/i,/\?return=http/i,/\?returnTo=http/i,/\?return_to=http/i,
+      #    /\?checkout_url=http/i,/\?continue=http/i,/\?return_path=http/i
+      #    ]
+      #    out = false
+      #    regex_list.each { |regex|
+      #      _first_body_match(d,regex) ? out = true : nil
+      #    }
+      #  out
+      #  },
+      #  :dynamic_hide => lambda { |d| false },
+      #  :dynamic_issue => lambda { |d| false   },
+      #  :paths => ["#{url}"]
+      #},
+      {
+        :type => "content",
+        :name =>"Form Detected",
+        :match_type => :content_body,
+        :dynamic_result => lambda { |d| _first_body_match(d,/\<form/) ? true : false },
+        :dynamic_hide => lambda { |d| false },
+        :dynamic_issue => lambda { |d| false },
+        :paths => ["#{url}"]
+      },
+      {
+        :type => "content",
+        :name =>"File Upload Form Detected",
+        :match_type => :content_body,
+        :dynamic_result => lambda { |d| _first_body_match(d,/enctype=\"multipart\/form-data/) ? true : false },
+        :paths => ["#{url}"],
+        :dynamic_hide => lambda { |d| false },
+        :dynamic_issue => lambda { |d| false },
+      },
+      {
+        :type => "content",
+        :name =>"Email Addresses Detected",
+        :match_type => :content_title,
+        :dynamic_result => lambda { |d|
+        email_address_regex = /\A([\w+\-].?)+@[a-z\d\-]+(\.[a-z]+)*\.[a-z]+\z/i
+          captures = _all_body_captures(d,email_address_regex) || []
+          captures.select{|e| !(e =~ /\.png$/) }.compact
+        },
+        :dynamic_hide => lambda { |d| false },
+        :dynamic_issue => lambda { |d| false },
+        :paths => ["#{url}"]
+      }
+    ]
+  end
+end
+end
+end
+end

data/checks/http/content/security_headers.rb ADDED

@@ -0,0 +1,70 @@
+module Intrigue
+module Ident
+module Check
+class SecurityHeaders < Intrigue::Ident::Check::Base
+  def generate_checks(url)
+    [
+      {
+        :type => "content",
+        :name => "Access-Control-Allow-Origin Header",
+        :match_type => :content_headers,
+        :dynamic_result => lambda { |d|
+          return true if _first_header_match d, /^Access-Control-Allow-Origin:.*/i;
+        false
+        },
+        :dynamic_hide => lambda { |d| false },
+        :dynamic_issue => lambda { |d| false },
+        :paths => ["#{url}"]
+      },
+      {
+        :type => "content",
+        :name => "P3P Header",
+        :match_type => :content_headers,
+        :dynamic_result => lambda { |d|
+          return true if _first_header_match d, /^p3p:.*/i;
+        false
+        },
+        :dynamic_hide => lambda { |d| false },
+        :dynamic_issue => lambda { |d| false },
+        :paths => ["#{url}"]
+      },
+      #{
+      #  :type => "content",
+      #  :name => "X-PJAX Header",
+      #  :match_type => :content_headers,
+      #  :dynamic_result => lambda { |d| _first_header_capture d, /^x-pjax-url:(.*)/i },
+      #  :dynamic_hide => lambda { |d| false },
+      #  :dynamic_issue => lambda { |d| false },
+      #  :paths => ["#{url}"]
+      #},
+      {
+        :type => "content",
+        :name => "X-Frame-Options Header",
+        :match_type => :content_headers,
+        :dynamic_result => lambda { |d|
+          return true if _first_header_match d, /^x-frame-options:.*/i;
+        false
+        },
+        :dynamic_hide => lambda { |d| false },
+        :dynamic_issue => lambda { |d| false },
+        :paths => ["#{url}"]
+      },
+      {
+        :type => "content",
+        :name => "X-XSS-Protection Header",
+        :match_type => :content_headers,
+        :dynamic_result => lambda { |d|
+          return true if _first_header_match d, /^x-xss-protection:.*/i;
+        false
+        },
+        :dynamic_hide => lambda { |d| false },
+        :dynamic_issue => lambda { |d| false },
+        :paths => ["#{url}"]
+      }
+    ]
+  end
+end
+end
+end
+end

data/checks/http/cpanel.rb ADDED

@@ -0,0 +1,56 @@
+module Intrigue
+module Ident
+module Check
+class Cpanel < Intrigue::Ident::Check::Base
+  def generate_checks(url)
+    [
+      {
+        :type => "fingerprint",
+        :category => "application",
+        :tags => ["COTS","Hosting","Administrative"],
+        :vendor => "cPanel",
+        :product =>"cPanel",
+        :match_details =>"server header",
+        :version => nil,
+        :match_type => :content_headers,
+        :match_content => /server: cPanel/i,
+        :paths => ["#{url}"],
+        :inference => false
+      },
+      {
+        :type => "fingerprint",
+        :category => "application",
+        :tags => ["COTS","Hosting","Administrative"],
+        :vendor => "cPanel",
+        :product =>"cPanel Hosted - Missing Page",
+        :match_details =>"cPanel Hosted, but either misconfigured, or accessed via ip vs hostname?",
+        :version => nil,
+        :match_type => :content_body,
+        :match_content =>  /URL=\/cgi-sys\/defaultwebpage.cgi/,
+        :hide => true,
+        :paths => ["#{url}"],
+        :inference => false
+      },
+      {
+        :type => "fingerprint",
+        :category => "application",
+        :tags => ["COTS","Administrative"],
+        :vendor => "cPanel",
+        :product =>"cPanel - Not configured",
+        :match_details =>"cPanel - not yet configured",
+        :version => nil,
+        :match_type => :content_body,
+        :match_content =>  /href=\"\/cpanel\"\>log in<\/a> to launch this site/,
+        :hide => true,
+        :paths => ["#{url}"],
+        :examples => ['href="/cpanel">log in</a> to launch this site'],
+        :inference => false
+      }
+    ]
+  end
+end
+end
+end
+end

data/checks/http/cradlepoint.rb ADDED

@@ -0,0 +1,30 @@
+module Intrigue
+module Ident
+module Check
+class Cerberus < Intrigue::Ident::Check::Base
+  def generate_checks(url)
+    [
+      {
+        :type => "fingerprint",
+        :category => "application",
+        :tags => ["Web Server"],
+        :vendor => "Cradlepoint",
+        :product =>"HTTP Service",
+        :match_details =>"server header",
+        :version => nil,
+        :match_type => :content_headers,
+        :match_content =>  /^server:.*Cerberus.*$/,
+        :dynamic_version => lambda{ |x|
+          _first_header_capture(x,/^server:.*Cerberus\/([\d\.]*)\s.*$/i)
+        },
+        :paths => ["#{url}"],
+        :inference => true
+      }
+    ]
+  end
+end
+end
+end
+end

data/checks/http/craft.rb ADDED

@@ -0,0 +1,42 @@
+module Intrigue
+module Ident
+module Check
+class Craft < Intrigue::Ident::Check::Base
+  def generate_checks(url)
+    [
+      {
+        :type => "fingerprint",
+        :category => "application",
+        :tags => ["CMS"],
+        :vendor => "Craft",
+        :product =>"CMS",
+        :match_details =>"csrf protection cookie",
+        :version => nil,
+        :match_type => :content_cookies,
+        :match_content =>  /CRAFT_CSRF_TOKEN/,
+        :hide => false,
+        :paths => ["#{url}"],
+        :inference => false
+      },
+      {
+        :type => "fingerprint",
+        :category => "application",
+        :tags => ["CMS"],
+        :vendor => "Craft",
+        :product =>"CMS",
+        :match_details =>"x-powered-by header",
+        :version => nil,
+        :match_type => :content_headers,
+        :match_content =>  /^x-powered-by: Craft CMS/,
+        :hide => false,
+        :paths => ["#{url}"],
+        :inference => false
+      }
+    ]
+  end
+end
+end
+end
+end

data/checks/http/crazydomains.rb ADDED

@@ -0,0 +1,31 @@
+module Intrigue
+  module Ident
+  module Check
+  class CrazyDomains < Intrigue::Ident::Check::Base
+    def generate_checks(url)
+      [
+        {
+          :type => "fingerprint",
+          :category => "service",
+          :tags => ["Parked"],
+          :vendor => "CrazyDomains",
+          :product => "CrazyDomains",
+          :website => "https://www.crazydomains.com.au/",
+          :references => [],
+          :version => nil,
+          :match_type => :content_body,
+          :match_content => /Domain name is registered and secured with CrazyDomains.com.au/i,
+          :match_details => "unique body string",
+          :hide => false,
+          :paths => ["#{url}"],
+          :inference => false
+        }
+      ]
+    end
+  end
+  end
+  end
+  end

data/checks/http/crowdstrike.rb ADDED

@@ -0,0 +1,27 @@
+module Intrigue
+module Ident
+module Check
+class Crowdstrike < Intrigue::Ident::Check::Base
+  def generate_checks(url)
+    [
+      {
+        :type => "fingerprint",
+        :category => "service",
+        :tags => ["Security", "SaaS"],
+        :vendor => "Crowdstrike",
+        :product => "Falcon",
+        :references => [""],
+        :version => nil,
+        :match_type => :content_cookies,
+        :match_content => /domain\=\.falcon-sandbox\.com/i,
+        :match_details => "Falcon Sandbox cookie",
+        :paths => ["#{url}"],
+        :inference => false
+      }
+    ]
+  end
+end
+end
+end
+end