mirror of
https://github.com/projectdiscovery/nuclei-templates.git
synced 2026-01-31 07:43:27 +08:00
46 lines
1.4 KiB
YAML
46 lines
1.4 KiB
YAML
id: security-notification-disabled
|
|
|
|
info:
|
|
name: Security Center Notifications - Disabled
|
|
author: DhiyaneshDK
|
|
severity: medium
|
|
description: |
|
|
Notifications for Alibaba Security Center are disabled, which may result in missed alerts for critical security events.
|
|
reference:
|
|
- https://www.alibabacloud.com/help/en/security-center/user-guide/use-the-notification-feature
|
|
- https://www.trendmicro.com/cloudoneconformity/knowledge-base/alibaba-cloud/AlibabaCloud-SecurityCenter/enable-high-risk-item-notifications.html
|
|
metadata:
|
|
max-request: 1
|
|
verified: true
|
|
tags: cloud,devops,aliyun,alibaba,alibaba-cloud-config,security-center
|
|
|
|
variables:
|
|
region: "cn-hangzhou"
|
|
|
|
self-contained: true
|
|
|
|
code:
|
|
- engine:
|
|
- sh
|
|
- bash
|
|
source: |
|
|
aliyun sas DescribeNoticeConfig --region $region
|
|
|
|
matchers:
|
|
- type: word
|
|
words:
|
|
- '"Route": 0'
|
|
- '"Project":'
|
|
condition: and
|
|
|
|
extractors:
|
|
- type: json
|
|
name: noticeconfiglist
|
|
internal: true
|
|
json:
|
|
- '.NoticeConfigList | map(select(.Route == 0) | .Project)'
|
|
|
|
- type: dsl
|
|
dsl:
|
|
- '"Project: " + noticeconfiglist + " Security Center Notifications are Disabled"'
|
|
# digest: 4a0a0047304502206bb3ce0373cea87c10fe50304702a2735b2a0b00d647d3dae32855d3ccf22cf0022100d04d9c53034fae778c1977000641151e10498778e333a960ffe426ba8d9c9b89:922c64590222798bb761d5b6d8e72950 |