• Home
• biz.netcentric.security
• pickaxe-checks-example-aem-cli
• 2.4.3
• source code
• crx-check.yaml

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

checks.crx-check.yaml Maven / Gradle / Ivy

name: "CRX Yaml Spec 1"
id: "yaml-test-1"
vulnerability:
  name: "Information Disclosure"
  description: "CRX should not be accessible"
  remediation: "Block CRX access through AEM dispatcher rules."
  cve: ""
  severity: "HIGH"
steps:
  - name: "CRX Yaml Spec 1"
    method: "GET"
    paths:
      - "/crx/de"
      - "/crx/de/index.jsp"
    extensions:
      - ".json"
    requestHeaders:
      host: "example.com"
      Referer: "referer.example.com"
    authenticationHeaders:
      authentication: "Basic xyz"
    params:
      param1: "value1"
      param2: "value2"
    detect:
      - type: all
        expectedStatusCode: 200
        bodyContains:
          - "CRX"
          - "Explorer"