id: spring-framework-exceptions

info:
  name: Spring Framework Exceptions
  author: geeknik
  severity: medium
  description: Detects suspicious Spring framework exceptions that could indicate exploitation attempts
  reference:
    - https://docs.spring.io/spring-security/site/docs/current/apidocs/overview-tree.html
  tags: file,logs,spring
file:
  - extensions:
      - all

    extractors:
      - type: regex
        name: exception
        part: body
        regex:
          - 'AccessDeniedException'
          - 'CsrfException'
          - 'InvalidCsrfTokenException'
          - 'MissingCsrfTokenException'
          - 'CookieTheftException'
          - 'InvalidCookieException'
          - 'RequestRejectedException'
# digest: 490a00463044022036e09a4af41aa5b148276eaf4bf073c1a02a6eb8e18424a9d3c977b3758eeefb0220743813506a59c636faec868dc4bee0090e42f97b797a09d58c3c464f5abf0b71:922c64590222798bb761d5b6d8e72950