The burp-regexer from brnoleal

Pergunta sobre TOP REGEX

Parabéns pelo projeto.

Gostaria de saber se o correto para o "top regex" não deve ser o seguinte:

"Top 25 Cross-Site Scripting (XSS) Parameters": {
        "description": "",
        "regex": "[\?|&]q=|[\?|&]s=|[\?|&]search=|[\?|&]id=|[\?|&]lang=|[\?|&]keyword=|[\?|&]query=|[\?|&]page=|[\?|&]keywords=|[\?|&]year=|[\?|&]view=|[\?|&]email=|[\?|&]type=|[\?|&]name=|[\?|&]p=|[\?|&]month=|[\?|&]image=|[\?|&]list_type=|[\?|&]url=|[\?|&]terms=|[\?|&]categoryid=|[\?|&]key=|[\?|&]l=|[\?|&]begindate=|[\?|&]enddate="
    },
    "Top 25 Server-Side Request Forgery (SSRF) Parameters": {
        "description": "",
        "regex": "[\?|&]dest=|[\?|&]redirect=|[\?|&]uri=|[\?|&]path=|[\?|&]continue=|[\?|&]url=|[\?|&]window=|[\?|&]next=|[\?|&]data=|[\?|&]reference=|[\?|&]site=|[\?|&]html=|[\?|&]val=|[\?|&]validate=|[\?|&]domain=|[\?|&]callback=|[\?|&]return=|[\?|&]page=|[\?|&]feed=|[\?|&]host=|[\?|&]port=|[\?|&]to=|[\?|&]out=|[\?|&]view=|[\?|&]dir="
    },
    "Top 25 Local File Inclusion (LFI) Parameters": {
        "description": "",
        "regex": "[\?|&]cat=|[\?|&]dir=|[\?|&]action|[\?|&]board=|[\?|&]date=|[\?|&]detail=|[\?|&]file=|[\?|&]download=|[\?|&]path|[\?|&]folder=|[\?|&]prefix=|[\?|&]include=|[\?|&]page=|[\?|&]inc=|[\?|&]locate=|[\?|&]show=|[\?|&]doc=|[\?|&]site=|[\?|&]type=|[\?|&]view=|[\?|&]content=|[\?|&]document=|[\?|&]layout=|[\?|&]mod=|[\?|&]conf="
    },
    "Top 25 SQL Injection Parameters": {
        "description": "",
        "regex": "[\?|&]id=|[\?|&]page=|[\?|&]report=|[\?|&]dir=|[\?|&]search=|[\?|&]category=|[\?|&]file=|[\?|&]class|[\?|&]url=|[\?|&]news=|[\?|&]item=|[\?|&]menu=|[\?|&]lang=|[\?|&]name=|[\?|&]ref=|[\?|&]title=|[\?|&]view=|[\?|&]topic=|[\?|&]thread=|[\?|&]type=|[\?|&]date=|[\?|&]form=|[\?|&]main=|[\?|&]nav=|[\?|&]region="
    },
    "Top 25 Remote Code Execution (RCE) Parameters": {
        "description": "",
        "regex": "[\?|&]cmd=|[\?|&]exec=|[\?|&]command=|[\?|&]execute=|[\?|&]ping=|[\?|&]query=|[\?|&]jump=|[\?|&]code|[\?|&]reg=|[\?|&]do=|[\?|&]func=|[\?|&]arg=|[\?|&]option=|[\?|&]load=|[\?|&]process=|[\?|&]step=|[\?|&]read=|[\?|&]feature=|[\?|&]exe=|[\?|&]module=|[\?|&]payload=|[\?|&]run=|[\?|&]print="
    },
    "Top 25 Open Redirect Parameters": {
        "description": "",
        "regex": "[\?|&]format=|[\?|&]next=|[\?|&]url=|[\?|&]target=|[\?|&]rurl=|[\?|&]dest=|[\?|&]destination=|[\?|&]redir=|[\?|&]redirect_uri|[\?|&]redirect_url=|[\?|&]redirect=|[\?|&]out=|[\?|&]view=|[\?|&]to=|[\?|&]image_url=|[\?|&]go=|[\?|&]return=|[\?|&]returnTo=|[\?|&]return_to=|[\?|&]checkout_url=|[\?|&]continue=|[\?|&]return_path="
    }

em vez de como está atualmente. Nesse sentido, identificaria apenas os parâmetros em urls e não strings contendo o trecho.

Saudações

brnoleal / burp-regexer Goto Github PK

burp-regexer's People

Contributors

Stargazers

Watchers

Forkers

burp-regexer's Issues

Pergunta sobre TOP REGEX

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent