Update index

crowdsecurity · Mar 28, 2024 · 1455abb · 1455abb
1 parent a2aea6e
commit 1455abb
Showing 1 changed file with 65 additions and 25 deletions.
diff --git a/.index.json b/.index.json
@@ -17,6 +17,19 @@
    "author": "crowdsecurity",
    "labels": null
   },
+  "crowdsecurity/generic-rules": {
+   "path": "appsec-configs/crowdsecurity/generic-rules.yaml",
+   "version": "0.1",
+   "versions": {
+    "0.1": {
+     "digest": "e406c104f040ca39220f610efce241489d64ce0f1654b3fca39a844893ea0840",
+     "deprecated": false
+    }
+   },
+   "content": "bmFtZTogY3Jvd2RzZWN1cml0eS9nZW5lcmljLXJ1bGVzCmRlZmF1bHRfcmVtZWRpYXRpb246IGJhbgojbG9nX2xldmVsOiBkZWJ1ZwppbmJhbmRfcnVsZXM6CiAtIGNyb3dkc2VjdXJpdHkvZ2VuZXJpYy0qCiMgaW5iYW5kX29wdGlvbnM6CiMgIGRpc2FibGVfYm9keV9pbnNwZWN0aW9uOiB0cnVlCg==",
+   "author": "crowdsecurity",
+   "labels": null
+  },
   "crowdsecurity/virtual-patching": {
    "path": "appsec-configs/crowdsecurity/virtual-patching.yaml",
    "version": "0.3",
@@ -78,6 +91,31 @@
    "author": "crowdsecurity",
    "labels": null
   },
+  "crowdsecurity/generic-freemarker-ssti": {
+   "path": "appsec-rules/crowdsecurity/generic-freemarker-ssti.yaml",
+   "version": "0.1",
+   "versions": {
+    "0.1": {
+     "digest": "4c4466729b2fdebcf23dfd197e2b967c17d79324cfd4245ac3a3d9be6f029df8",
+     "deprecated": false
+    }
+   },
+   "content": "bmFtZTogY3Jvd2RzZWN1cml0eS92cGF0Y2gtZ2VuZXJpYy1mcmVlbWFya2VyLXNzdGkKZGVzY3JpcHRpb246ICJHZW5lcmljIEZyZWVNYXJrZXIgU1NUSSBBdHRlbXB0IgpydWxlczoKICAtIGFuZDoKICAgIC0gem9uZXM6IAogICAgICAtIFJBV19CT0RZCiAgICAgIC0gQVJHUwogICAgICB0cmFuc2Zvcm06CiAgICAgIC0gbG93ZXJjYXNlCiAgICAgIG1hdGNoOgogICAgICAgIHR5cGU6IGNvbnRhaW5zCiAgICAgICAgdmFsdWU6ICdmcmVlbWFya2VyLnRlbXBsYXRlLnV0aWxpdHkuZXhlY3V0ZScKCmxhYmVsczoKICAgdHlwZTogZXhwbG9pdAogICBzZXJ2aWNlOiBodHRwCiAgIGNvbmZpZGVuY2U6IDIKICAgc3Bvb2ZhYmxlOiAwCiAgIGJlaGF2aW9yOiAiaHR0cDpleHBsb2l0IgogICBsYWJlbDogIkdlbmVyaWMgRnJlZU1hcmtlciBTU1RJIEF0dGVtcHQiCiAgIGNsYXNzaWZpY2F0aW9uOgogICAgIC0gYXR0YWNrLlQxNTk1CiAgICAgLSBhdHRhY2suVDExOTA=",
+   "description": "Generic FreeMarker SSTI Attempt",
+   "author": "crowdsecurity",
+   "labels": {
+    "behavior": "http:exploit",
+    "classification": [
+     "attack.T1595",
+     "attack.T1190"
+    ],
+    "confidence": 2,
+    "label": "Generic FreeMarker SSTI Attempt",
+    "service": "http",
+    "spoofable": 0,
+    "type": "exploit"
+   }
+  },
   "crowdsecurity/vpatch-CVE-2017-9841": {
    "path": "appsec-rules/crowdsecurity/vpatch-CVE-2017-9841.yaml",
    "version": "0.3",
@@ -1475,31 +1513,6 @@
     "type": "scan"
    }
   },
-  "crowdsecurity/vpatch-generic-freemarker-ssti": {
-   "path": "appsec-rules/crowdsecurity/vpatch-generic-freemarker-ssti.yaml",
-   "version": "0.1",
-   "versions": {
-    "0.1": {
-     "digest": "4c4466729b2fdebcf23dfd197e2b967c17d79324cfd4245ac3a3d9be6f029df8",
-     "deprecated": false
-    }
-   },
-   "content": "bmFtZTogY3Jvd2RzZWN1cml0eS92cGF0Y2gtZ2VuZXJpYy1mcmVlbWFya2VyLXNzdGkKZGVzY3JpcHRpb246ICJHZW5lcmljIEZyZWVNYXJrZXIgU1NUSSBBdHRlbXB0IgpydWxlczoKICAtIGFuZDoKICAgIC0gem9uZXM6IAogICAgICAtIFJBV19CT0RZCiAgICAgIC0gQVJHUwogICAgICB0cmFuc2Zvcm06CiAgICAgIC0gbG93ZXJjYXNlCiAgICAgIG1hdGNoOgogICAgICAgIHR5cGU6IGNvbnRhaW5zCiAgICAgICAgdmFsdWU6ICdmcmVlbWFya2VyLnRlbXBsYXRlLnV0aWxpdHkuZXhlY3V0ZScKCmxhYmVsczoKICAgdHlwZTogZXhwbG9pdAogICBzZXJ2aWNlOiBodHRwCiAgIGNvbmZpZGVuY2U6IDIKICAgc3Bvb2ZhYmxlOiAwCiAgIGJlaGF2aW9yOiAiaHR0cDpleHBsb2l0IgogICBsYWJlbDogIkdlbmVyaWMgRnJlZU1hcmtlciBTU1RJIEF0dGVtcHQiCiAgIGNsYXNzaWZpY2F0aW9uOgogICAgIC0gYXR0YWNrLlQxNTk1CiAgICAgLSBhdHRhY2suVDExOTA=",
-   "description": "Generic FreeMarker SSTI Attempt",
-   "author": "crowdsecurity",
-   "labels": {
-    "behavior": "http:exploit",
-    "classification": [
-     "attack.T1595",
-     "attack.T1190"
-    ],
-    "confidence": 2,
-    "label": "Generic FreeMarker SSTI Attempt",
-    "service": "http",
-    "spoofable": 0,
-    "type": "exploit"
-   }
-  },
   "crowdsecurity/vpatch-laravel-debug-mode": {
    "path": "appsec-rules/crowdsecurity/vpatch-laravel-debug-mode.yaml",
    "version": "0.3",
@@ -2224,6 +2237,33 @@
     "crowdsecurity/crs"
    ]
   },
+  "crowdsecurity/appsec-generic-rules": {
+   "path": "collections/crowdsecurity/appsec-generic-rules.yaml",
+   "version": "0.1",
+   "versions": {
+    "0.1": {
+     "digest": "f538ca65415d016977a2ed77939df0cecdea212bb16c3e1c22f1df0b1ec2775b",
+     "deprecated": false
+    }
+   },
+   "long_description": "IyBBcHBTZWMgR2VuZXJpYyBSdWxlcwoKVGhpcyBjb2xsZWN0aW9uIGNvbnRhaW5zIGdlbmVyaWMgc2NlbmFyaW9zIGZvciBhcHBzZWMuIFRoZXNlIGdlbmVyaWMgcnVsZXMgdHJ5IHRvIGRldGVjdCBhdHRhY2sgdmVjdG9ycyB0aGF0IG1pZ2h0IGJlIHVzZWQgdG8gZXhwbG9pdCBuZXdseSBkaXNjb3ZlcmVkIHZ1bG5lcmFiaWxpdGllcy4gRm9yIGluc3RhbmNlLCBhIHNjZW5hcmlvIGNvdWxkIGxvb2sgZm9yIGNhbGxzIHN1Y2ggYXMgYGNhdCAvZXRjL3Bhc3N3ZGAuIFRoZSBnb2FsIG9mIHRoaXMgY29sbGVjdGlvbiBpcyB0byBwcm92aWRlIHNvbWUgbGV2ZWwgb2YgcHJvdGVjdGlvbiBpbiBjYXNlcyB3aGVyZSBhIHNjZW5hcmlvIGZvciB0aGUgc3BlY2lmaWMgdnVsbmVyYWJpbGl0eSBpcyBhYnNlbnQu",
+   "content": "bmFtZTogY3Jvd2RzZWN1cml0eS9hcHBzZWMtZ2VuZXJpYy1ydWxlcwphcHBzZWMtcnVsZXM6CiAgLSBjcm93ZHNlY3VyaXR5L3ZwYXRjaC1nZW5lcmljLWZyZWVtYXJrZXItc3N0aQphcHBzZWMtY29uZmlnczoKICAtIGNyb3dkc2VjdXJpdHkvZ2VuZXJpYy1ydWxlcwpwYXJzZXJzOgogIC0gY3Jvd2RzZWN1cml0eS9hcHBzZWMtbG9ncwpzY2VuYXJpb3M6CiAgLSBjcm93ZHNlY3VyaXR5L2FwcHNlYy12cGF0Y2gKZGVzY3JpcHRpb246ICJBIGNvbGxlY3Rpb24gb2YgZ2VuZXJpYyBhdHRhY2sgdmVjdG9ycyBmb3IgYWRkaXRpb25hbCBwcm90ZWN0aW9uLiIKYXV0aG9yOiBjcm93ZHNlY3VyaXR5",
+   "description": "A collection of generic attack vectors for additional protection.",
+   "author": "crowdsecurity",
+   "labels": null,
+   "parsers": [
+    "crowdsecurity/appsec-logs"
+   ],
+   "scenarios": [
+    "crowdsecurity/appsec-vpatch"
+   ],
+   "appsec-rules": [
+    "crowdsecurity/vpatch-generic-freemarker-ssti"
+   ],
+   "appsec-configs": [
+    "crowdsecurity/generic-rules"
+   ]
+  },
   "crowdsecurity/appsec-virtual-patching": {
    "path": "collections/crowdsecurity/appsec-virtual-patching.yaml",
    "version": "2.2",