Security Testing
Template Syntax
Learn how to create your own templates for scanning
Here is an example of a template that performs a path traversal to access the CRXDE Panel
{
"requests": {
"path": "/content/..;/crx/de/index.jsp",
"method": "GET"
},
"responses": {
"matchers-condition": "and",
"matchers": [
{
"type": "word",
"words": ["CRXDE Lite"]
},
{
"type": "status",
"status": [200]
}
]
}
}
Requests
path
string
requiredThe http path
method
string
requiredThe http method
headers
array
Responses
matchers-condition
string
requiredThe matcher condition:
- and will make sure all matches are true for a valid finding
- or will make sure one or more matches are true for a valid finding
matchers
array