Vulnerability Scanning
Created bymhmdiaa-trickest
Last updated8/12/2024

Input Parameters

urls
file
required
List of web server URLs
header
string
Header(s) to include in HTTP requests
rate-limit
string
Header(s) to include in HTTP requests
header-file
file
Header(s) to include in HTTP requests

Outputs

findings

Scan for Exposed Admin Panels

Description

Scan for web administrative panels that may provide an entry point to an asset, and check them for default credentials.

Features

  • Scans for a wide range of admin panel paths across various stacks.
  • Checks for default credentials on a subset of found panels.
  • Can scan thousands of web servers simulataneously.

Inputs

Required

  • urls: a list of URLs
https://foo.example.com
https://bar.example.com

Optional

  • header: Header(s) to include in HTTP requests
  • header-file: File with header(s) to include in HTTP requests
  • rate-limit: Maximum number of requests to send per second per machine (default: 300)

Outputs

  • findings: JSONLines records of finding details.
{"finding": "Pulse Secure VPN Login Panel", "location": "https://foo.example.com/dana-na/auth/url_default/welcome.cgi", "severity": "info", "hostname": "foo.example.com", "domain_name": "example.com", "ip_address": "1.2.3.4", "method": "GET", "description": "Pulse Secure VPN login panel was detected."}

Changelog

  • v1.0.0
    • Initial release
  • v1.1.0
    • Added header-file input
  • v1.2.0
    • Added recursive scanning to detect vulnerabilities at every level of the input URL paths
  • v1.3.0
    • Added checks for admin panels located at custom paths
  • v1.3.1
    • Included the HTTP request that triggered each finding in the request field of the findings output