From b0011ca043c1c8db710e9c8e1f7788998734b325 Mon Sep 17 00:00:00 2001
From: AmirHossein Raeisi <96957814+Ahsraeisi@users.noreply.github.com>
Date: Sun, 1 Sep 2024 12:16:51 +0330
Subject: [PATCH] Update 9.1.2.yaml

Signed-off-by: AmirHossein Raeisi <96957814+Ahsraeisi@users.noreply.github.com>
---
 templates/9.1.2.yaml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/templates/9.1.2.yaml b/templates/9.1.2.yaml
index ef748c2..5170641 100644
--- a/templates/9.1.2.yaml
+++ b/templates/9.1.2.yaml
@@ -9,6 +9,8 @@ info:
   reference:
     - https://www.acunetix.com/vulnerabilities/web/tls-ssl-weak-cipher-suites/
     - https://github.com/projectdiscovery/nuclei-templates/blob/main/ssl/insecure-cipher-suite-detect.yaml
+    - https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/09-Testing_for_Weak_Cryptography/01-Testing_for_Weak_Transport_Layer_Security
+    - https://cheatsheetseries.owasp.org/cheatsheets/Transport_Layer_Security_Cheat_Sheet.html
   tags: asvs,9.1.2
   description: |
     Verify using up to date TLS testing tools that only strong cipher suites are enabled, with the strongest cipher suites set as preferred.
@@ -420,4 +422,4 @@ ssl:
           - "TLS_KRB5_WITH_3DES_EDE_CBC_MD5"
           - "TLS_KRB5_WITH_RC4_128_SHA"
           - "TLS_RSA_WITH_NULL_SHA"
-        condition: or
\ No newline at end of file
+        condition: or