Files
nuclei-templates/http/osint/phishing/visual-studio-code-phish.yaml
2025-06-12 12:10:07 +00:00

37 lines
1.1 KiB
YAML

id: visual-studio-code-phish
info:
name: visual studio code phishing Detection
author: rxerium
severity: info
description: |
A visual studio code phishing website was detected
reference:
- https://visualstudio.com
metadata:
max-request: 1
tags: phishing,visual-studio-code,osint
http:
- method: GET
path:
- "{{BaseURL}}"
host-redirects: true
max-redirects: 2
matchers-condition: and
matchers:
- type: word
words:
- 'Visual Studio Code is a code editor redefined and optimized for building and debugging modern web and cloud applications. Visual Studio Code is free and available on your favorite platform - Linux, macOS, and Windows.'
- 'Visual Studio Code - Code Editing. Redefined'
condition: and
- type: status
status:
- 200
- type: dsl
dsl:
- '!contains(host,"visualstudio.com")'
# digest: 4a0a0047304502200ae27955ebf7202dc9d9429199005c633a8dac13069c7418171d38171ff6d6cd02210095caf0634757bdeb1436de5be0ab431019f3bed90ee0498e4f6dc2e2217321bf:922c64590222798bb761d5b6d8e72950