Skip to content
/ Salesforce-ContentDocument-DetectorNuclei-Template Public

Nuclei Template for Detecting if a Website has Salesforce Lightning that Serves Files to Unauthenticated Users

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ZoomerTedJackson/Salesforce-ContentDocument-DetectorNuclei-Template

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
README.md
README.md
 
 
salesforce-contentdocument-detector.yaml
salesforce-contentdocument-detector.yaml
 
 

Repository files navigation

Salesforce ContentDocument Detector Nuclei Template

A Nuclei Template that checks if a website is running Salesforce Lightning and then attempts to see if guest users are authorized to retrieve files

About

I wrote this up to automatically check for websites that have Salesforce Lightning and let me download files so I can check for permissions issues in Bug Bounties that allow me to access files i shouldn't

Usage

This should work fine with Nuclei, and a medium-severity item should be returned if successful. You may disagree with having a medium severity for something informational like this, but that's a personal choice because I always want to check out websites that hit on this check.

About

Nuclei Template for Detecting if a Website has Salesforce Lightning that Serves Files to Unauthenticated Users

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published