id: craft-cms-detect

info:
  name: Craft CMS Detect
  author: skeltavik
  severity: info
  description: Detects Craft CMS
  reference:
    - https://craftcms.com
  metadata:
    max-request: 1
  tags: tech,craftcms

http:
  - method: GET
    path:
      - '{{BaseURL}}'

    host-redirects: true
    max-redirects: 2

    matchers:
      - type: word
        part: header
        words:
          - 'X-Powered-By: Craft CMS'

      - type: regex
        part: header
        regex:
          - 'Set-Cookie: (Craft|CRAFT)'

      - type: regex
        part: body
        regex:
          - '(?i)CRAFT_CSRF_TOKEN'
# digest: 4a0a0047304502202a323e2b0a577ac020a8be258bd0ca1149f25ee577e3546cf3b38da420c45bea02210081e132abbf6f5ca53b7d7cae510172722ef6186ef286bea913b44aba19c72f0e:922c64590222798bb761d5b6d8e72950