github.com/adevinta/lava@v0.7.2/internal/engine/testdata/store/report.json (about) 1 { 2 "check_id": "7dde8ffc-059e-4ad6-8efb-208c83b55a5d", 3 "checktype_name": "vulcansec/vulcan-nuclei", 4 "checktype_version": "edge", 5 "status": "FINISHED", 6 "target": "http://example.com/", 7 "options": "{\"tag_exclusion_list\":[\"intrusive\",\"dos\",\"fuzz\"]}", 8 "tag": "", 9 "vulnerabilities": [ 10 { 11 "id": "", 12 "summary": "Nginx version detect", 13 "score": 0, 14 "affected_resource": "http://example.com/", 15 "affected_resource_string": "", 16 "fingerprint": "eaec180c337a30e6dded5d96ee5d8b0c3b49426094b3efb880b823ea9474df8f", 17 "description": "Some nginx servers have the version on the response header. Useful when you need to find specific CVEs on your targets.", 18 "details": "Run the following command to get the findings from your computer:\n\n\tdocker run -it --rm projectdiscovery/nuclei -u http://example.com/ -t http/technologies/nginx/nginx-version.yaml", 19 "labels": [ 20 "nuclei", 21 "issue" 22 ], 23 "recommendations": [ 24 "The check does not provide specific recommendations for this issue.", 25 "Take a look to reference links (if any) for further details about the finding." 26 ], 27 "resources": [ 28 { 29 "Name": "Finding", 30 "Header": [ 31 "Template", 32 "MatcherName", 33 "Matched" 34 ], 35 "Rows": [ 36 { 37 "Matched": "http://example.com/", 38 "MatcherName": "", 39 "Template": "nginx-version" 40 } 41 ] 42 }, 43 { 44 "Name": "Results", 45 "Header": [ 46 "References" 47 ], 48 "Rows": [ 49 { 50 "References": "nginx/1.25.2" 51 } 52 ] 53 } 54 ], 55 "vulnerabilities": null 56 }, 57 { 58 "id": "", 59 "summary": "Nginx Default Test Page", 60 "score": 0, 61 "affected_resource": "http://example.com/", 62 "affected_resource_string": "", 63 "fingerprint": "2c919d0280509c75e5aa4b9e10ed82275f41fbc78dd7cda1b383053237207386", 64 "details": "Run the following command to get the findings from your computer:\n\n\tdocker run -it --rm projectdiscovery/nuclei -u http://example.com/ -t http/technologies/nginx/default-nginx-page.yaml", 65 "labels": [ 66 "nuclei", 67 "issue" 68 ], 69 "recommendations": [ 70 "The check does not provide specific recommendations for this issue.", 71 "Take a look to reference links (if any) for further details about the finding." 72 ], 73 "resources": [ 74 { 75 "Name": "Finding", 76 "Header": [ 77 "Template", 78 "MatcherName", 79 "Matched" 80 ], 81 "Rows": [ 82 { 83 "Matched": "http://example.com/", 84 "MatcherName": "", 85 "Template": "default-nginx-page" 86 } 87 ] 88 } 89 ], 90 "vulnerabilities": null 91 }, 92 { 93 "id": "", 94 "summary": "HTTP Missing Security Headers", 95 "score": 0, 96 "affected_resource": "http://example.com/", 97 "affected_resource_string": "", 98 "fingerprint": "ad32844db95b74cc1fb92d22d66f8db396c88a91d6cb026e0121791e7ebae872", 99 "description": "This template searches for missing HTTP security headers. The impact of these missing headers can vary.\n", 100 "details": "Run the following command to get the findings from your computer:\n\n\tdocker run -it --rm projectdiscovery/nuclei -u http://example.com/ -t http/misconfiguration/http-missing-security-headers.yaml", 101 "labels": [ 102 "nuclei", 103 "issue" 104 ], 105 "recommendations": [ 106 "The check does not provide specific recommendations for this issue.", 107 "Take a look to reference links (if any) for further details about the finding." 108 ], 109 "resources": [ 110 { 111 "Name": "Finding", 112 "Header": [ 113 "Template", 114 "MatcherName", 115 "Matched" 116 ], 117 "Rows": [ 118 { 119 "Matched": "http://example.com/", 120 "MatcherName": "content-security-policy", 121 "Template": "http-missing-security-headers" 122 }, 123 { 124 "Matched": "http://example.com/", 125 "MatcherName": "permissions-policy", 126 "Template": "http-missing-security-headers" 127 }, 128 { 129 "Matched": "http://example.com/", 130 "MatcherName": "x-permitted-cross-domain-policies", 131 "Template": "http-missing-security-headers" 132 }, 133 { 134 "Matched": "http://example.com/", 135 "MatcherName": "referrer-policy", 136 "Template": "http-missing-security-headers" 137 }, 138 { 139 "Matched": "http://example.com/", 140 "MatcherName": "cross-origin-opener-policy", 141 "Template": "http-missing-security-headers" 142 }, 143 { 144 "Matched": "http://example.com/", 145 "MatcherName": "cross-origin-resource-policy", 146 "Template": "http-missing-security-headers" 147 }, 148 { 149 "Matched": "http://example.com/", 150 "MatcherName": "strict-transport-security", 151 "Template": "http-missing-security-headers" 152 }, 153 { 154 "Matched": "http://example.com/", 155 "MatcherName": "x-frame-options", 156 "Template": "http-missing-security-headers" 157 }, 158 { 159 "Matched": "http://example.com/", 160 "MatcherName": "x-content-type-options", 161 "Template": "http-missing-security-headers" 162 }, 163 { 164 "Matched": "http://example.com/", 165 "MatcherName": "clear-site-data", 166 "Template": "http-missing-security-headers" 167 }, 168 { 169 "Matched": "http://example.com/", 170 "MatcherName": "cross-origin-embedder-policy", 171 "Template": "http-missing-security-headers" 172 } 173 ] 174 } 175 ], 176 "vulnerabilities": null 177 }, 178 { 179 "id": "", 180 "summary": "Wappalyzer Technology Detection", 181 "score": 0, 182 "affected_resource": "http://example.com/", 183 "affected_resource_string": "", 184 "fingerprint": "c7cd3d0f1f8c419fe708961261c44ca628cafd8b1b09ea5972875cd355f001aa", 185 "details": "Run the following command to get the findings from your computer:\n\n\tdocker run -it --rm projectdiscovery/nuclei -u http://example.com/ -t http/technologies/tech-detect.yaml", 186 "labels": [ 187 "nuclei", 188 "issue" 189 ], 190 "recommendations": [ 191 "The check does not provide specific recommendations for this issue.", 192 "Take a look to reference links (if any) for further details about the finding." 193 ], 194 "resources": [ 195 { 196 "Name": "Finding", 197 "Header": [ 198 "Template", 199 "MatcherName", 200 "Matched" 201 ], 202 "Rows": [ 203 { 204 "Matched": "http://example.com/", 205 "MatcherName": "nginx", 206 "Template": "tech-detect" 207 } 208 ] 209 } 210 ], 211 "vulnerabilities": null 212 }, 213 { 214 "id": "", 215 "summary": "WAF Detection", 216 "score": 0, 217 "affected_resource": "http://example.com/", 218 "affected_resource_string": "", 219 "fingerprint": "2411ef7ccc7b413c4e9c5f362365c17a32fc173b7a0ad8a83de6c9123f21a3b7", 220 "cwe_id": 200, 221 "description": "A web application firewall was detected.", 222 "details": "Run the following command to get the findings from your computer:\n\n\tdocker run -it --rm projectdiscovery/nuclei -u http://example.com/ -t http/technologies/waf-detect.yaml", 223 "labels": [ 224 "nuclei", 225 "issue" 226 ], 227 "recommendations": [ 228 "The check does not provide specific recommendations for this issue.", 229 "Take a look to reference links (if any) for further details about the finding." 230 ], 231 "references": [ 232 "https://github.com/ekultek/whatwaf" 233 ], 234 "resources": [ 235 { 236 "Name": "Finding", 237 "Header": [ 238 "Template", 239 "MatcherName", 240 "Matched" 241 ], 242 "Rows": [ 243 { 244 "Matched": "http://example.com/", 245 "MatcherName": "nginxgeneric", 246 "Template": "waf-detect" 247 } 248 ] 249 } 250 ], 251 "vulnerabilities": null 252 } 253 ], 254 "error": "", 255 "start_time": "2023-09-07 16:35:31", 256 "end_time": "2023-09-07 16:36:46" 257 }