From 445df7ec4bc6b3fdfb9abf8ac35a2e1c3b1b4003 Mon Sep 17 00:00:00 2001
From: mynameisfathima <fathimafirozmm@gmail.com>
Date: Fri, 3 Jan 2025 07:20:42 +0530
Subject: [PATCH 01/65] loads single file

---
 main.py | 52 ++++++++++++++++++++++++++++++++++++++++++----------
 1 file changed, 42 insertions(+), 10 deletions(-)

diff --git a/main.py b/main.py
index 0d43d0b..8893ddf 100644
--- a/main.py
+++ b/main.py
@@ -1,28 +1,60 @@
-import sys
+import argparse
+import yaml
+import os
 from engine.template_parser import load_templates_from_directory
 from engine.scanner import Scanner
-from engine.utils import print_results
 
 
 def main():
-    # TODO, setup CLI Interface https://www.geeksforgeeks.org/command-line-option-and-argument-parsing-using-argparse-in-python/
-    if len(sys.argv) < 2:
-        print(f"Usage: python {sys.argv[0]} <target_url> [<templates_directory>]")
-        sys.exit(1)
+    parser = argparse.ArgumentParser(
+        description="A tool for scanning a target URL using templates."
+    )
 
-    target_url = sys.argv[1] 
-    templates_dir = sys.argv[2] if len(sys.argv) > 2 else "templates/http"
+    parser.add_argument(
+        "target_url",
+        help="The target URL to scan.",
+    )
+    parser.add_argument(
+        "-t", "--templates",
+        default="templates/http",
+        help=(
+            "Path to a specific template file or directory containing YAML templates. "
+            "Default: templates/http"
+        ),
+    )
 
-    # Load the templates
-    templates = load_templates_from_directory(templates_dir)
+    # Parse the arguments
+    args = parser.parse_args()
+
+    target_url = args.target_url
+    templates_path = args.templates
+
+    # Check and load YAML templates
+    if os.path.isfile(templates_path) and templates_path.endswith(".yaml"):
+        print(f"Loading specific template: {templates_path}")
+        with open(templates_path, "r") as file:
+            try:
+                templates = [yaml.safe_load(file)]  # Parse the YAML into a dictionary
+            except yaml.YAMLError as e:
+                print(f"Error parsing YAML file: {e}")
+                exit(1)
+    elif os.path.isdir(templates_path):
+        print(f"Loading all YAML files from directory: {templates_path}")
+        templates = load_templates_from_directory(templates_path)
+    else:
+        print(f"Invalid path: {templates_path}. Ensure it points to a .yaml file or a directory.")
+        exit(1)
     # Create the scanner instance
     scanner = Scanner(templates)
 
     # Run the scan
+    print(f"Scanning target URL: {target_url}")
     results = scanner.scan(target_url)
+
     for idx, result in enumerate(results):
         print(f"Result #{idx + 1}, result for {result['name']}: {result['matched']}")
 
 
 if __name__ == "__main__":
     main()
+

From 61c94510ca92bd95440b0035001a899f8ae1614f Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Fri, 3 Jan 2025 08:45:06 +0530
Subject: [PATCH 02/65] sql-injection

---
 templates/http/sql-injection.yaml | 81 +++++++++++++++++++++++++++++++
 1 file changed, 81 insertions(+)
 create mode 100644 templates/http/sql-injection.yaml

diff --git a/templates/http/sql-injection.yaml b/templates/http/sql-injection.yaml
new file mode 100644
index 0000000..5b7b964
--- /dev/null
+++ b/templates/http/sql-injection.yaml
@@ -0,0 +1,81 @@
+id: sql-vulnerability-test
+name: SQL Injection Vulnerability
+description: Extensive test for SQL injection vulnerabilities in query parameters and form fields.
+severity: Critical
+author: Project
+tags:
+  - sql
+  - injection
+  - critical
+  - database
+  - web
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}?id=1' OR '1'='1"
+      - "{{BaseURL}}?id=1'--"
+      - "{{BaseURL}}?id=1'/*"
+      - "{{BaseURL}}?id=1'; DROP TABLE users;--"
+      - "{{BaseURL}}?id=1' UNION SELECT NULL, NULL--"
+      - "{{BaseURL}}?id=1' AND SLEEP(5)--"
+      - "{{BaseURL}}?id=1' OR 'a'='a"
+      - "{{BaseURL}}?id=-1' UNION SELECT 1, @@version--"
+      - "{{BaseURL}}?id=1' AND '1'='2"
+    headers:
+      User-Agent: SQL-Injection-Scanner
+    matchers:
+      - type: word
+        words:
+          - SQL syntax error
+          - MySQL
+          - syntax error
+          - unclosed quotation mark
+          - Warning: mysql_fetch
+          - Unknown column
+          - database error
+        condition: or
+
+  - method: POST
+    path:
+      - "{{BaseURL}}/submit"
+    body:
+      - "username=admin' OR '1'='1&password=test"
+      - "username=admin'--&password=test"
+      - "username=1' AND SLEEP(5)--&password=test"
+      - "username=1' UNION SELECT 1,2,3--&password=test"
+      - "username=1'; DROP TABLE users;--&password=test"
+      - "username=admin' OR 1=1--&password=test"
+      - "username=1' AND '1'='2&password=test"
+    headers:
+      Content-Type: application/x-www-form-urlencoded
+      User-Agent: SQL-Injection-Scanner
+    matchers:
+      - type: word
+        words:
+          - SQL syntax error
+          - MySQL
+          - syntax error
+          - unclosed quotation mark
+          - Warning: mysql_fetch
+          - Unknown column
+          - database error
+        condition: or
+
+  - method: GET
+    path:
+      - "{{BaseURL}}?search=' OR 1=1--"
+      - "{{BaseURL}}?search=' UNION SELECT username, password FROM users--"
+    headers:
+      User-Agent: SQL-Injection-Scanner
+    matchers:
+      - type: word
+        words:
+          - SQL syntax error
+          - MySQL
+          - syntax error
+          - unclosed quotation mark
+          - Warning: mysql_fetch
+          - Unknown column
+          - database error
+        condition: or

From 5bf41fc548bf7fa43c7bfd31f96798f56833f27c Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Fri, 3 Jan 2025 09:20:15 +0530
Subject: [PATCH 03/65] Updated for sql

---
 engine/matchers.py | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/engine/matchers.py b/engine/matchers.py
index 081fb40..e04cc24 100644
--- a/engine/matchers.py
+++ b/engine/matchers.py
@@ -46,6 +46,24 @@ def header_search(response, matcher):
                 return False
         else:
             return False
+
+    elif condition_type == "or":
+        sql_error_keywords = [
+            "SQL syntax error",
+            "MySQL",
+            "syntax error",
+            "unclosed quotation mark",
+            "Warning: mysql_fetch",
+            "Unknown column",
+            "database error"
+        ]
+
+        for key, value in headers.items():
+            if any(error_keyword in value for error_keyword in sql_error_keywords):
+                return True
+
+        return False
+    return False
     
 def regex_match(response: Response, matcher: Dict[str, Any]) -> bool:
     """

From 0c2728c6436c11e32c4a3129bf3400c3695cf0e7 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Sat, 4 Jan 2025 12:47:48 +0530
Subject: [PATCH 04/65] Update sql-injection

---
 templates/http/sql-injection.yaml | 66 ++++++-------------------------
 1 file changed, 12 insertions(+), 54 deletions(-)

diff --git a/templates/http/sql-injection.yaml b/templates/http/sql-injection.yaml
index 5b7b964..cad299a 100644
--- a/templates/http/sql-injection.yaml
+++ b/templates/http/sql-injection.yaml
@@ -1,16 +1,17 @@
 id: sql-vulnerability-test
-name: SQL Injection Vulnerability
-description: Extensive test for SQL injection vulnerabilities in query parameters and form fields.
-severity: Critical
-author: Project
-tags:
-  - sql
-  - injection
-  - critical
-  - database
-  - web
+info:
+  name: SQL Injection Vulnerability
+  description: Extensive test for SQL injection vulnerabilities in query parameters and form fields.
+  severity: Critical
+  author: Project
+  tags:
+    - sql
+    - injection
+    - critical
+    - database
+    - web
 
-requests:
+http:
   - method: GET
     path:
       - "{{BaseURL}}?id=1' OR '1'='1"
@@ -36,46 +37,3 @@ requests:
           - database error
         condition: or
 
-  - method: POST
-    path:
-      - "{{BaseURL}}/submit"
-    body:
-      - "username=admin' OR '1'='1&password=test"
-      - "username=admin'--&password=test"
-      - "username=1' AND SLEEP(5)--&password=test"
-      - "username=1' UNION SELECT 1,2,3--&password=test"
-      - "username=1'; DROP TABLE users;--&password=test"
-      - "username=admin' OR 1=1--&password=test"
-      - "username=1' AND '1'='2&password=test"
-    headers:
-      Content-Type: application/x-www-form-urlencoded
-      User-Agent: SQL-Injection-Scanner
-    matchers:
-      - type: word
-        words:
-          - SQL syntax error
-          - MySQL
-          - syntax error
-          - unclosed quotation mark
-          - Warning: mysql_fetch
-          - Unknown column
-          - database error
-        condition: or
-
-  - method: GET
-    path:
-      - "{{BaseURL}}?search=' OR 1=1--"
-      - "{{BaseURL}}?search=' UNION SELECT username, password FROM users--"
-    headers:
-      User-Agent: SQL-Injection-Scanner
-    matchers:
-      - type: word
-        words:
-          - SQL syntax error
-          - MySQL
-          - syntax error
-          - unclosed quotation mark
-          - Warning: mysql_fetch
-          - Unknown column
-          - database error
-        condition: or

From f5e0731dea3f066a48a9725c3ec6661ec11b8260 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Sat, 4 Jan 2025 12:48:49 +0530
Subject: [PATCH 05/65] Update ping_google.yaml

---
 templates/http/ping_google.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/templates/http/ping_google.yaml b/templates/http/ping_google.yaml
index 3a11ba0..6d3ff40 100644
--- a/templates/http/ping_google.yaml
+++ b/templates/http/ping_google.yaml
@@ -1,7 +1,7 @@
 id: check-route-root
 
 info:
-  name: Script to check if HTTP Page of Google at 8.8.8.8 is available
+  name: Script to check if HTTP Page is available
   author: DanBrown47
   severity: none
   description: Script will send a HTTP request to 8.8.8.8 to see if network is available
@@ -15,4 +15,4 @@ http:
     max-redirects: 1
 
   - response: 
-      - status: 200
\ No newline at end of file
+      - status: 200

From ce9b4760be7f4b89ef42068e7876c5cbad7c0ad3 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Sat, 4 Jan 2025 13:53:55 +0530
Subject: [PATCH 06/65] Created yaml

---
 templates/http/broken-access-control.yaml | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 templates/http/broken-access-control.yaml

diff --git a/templates/http/broken-access-control.yaml b/templates/http/broken-access-control.yaml
new file mode 100644
index 0000000..c062aad
--- /dev/null
+++ b/templates/http/broken-access-control.yaml
@@ -0,0 +1,23 @@
+id: broken-access-control-test
+info:
+  name: Broken Access Control Vulnerability Test
+  description: Test for broken access control in sensitive sections.
+  severity: Critical
+  author: Project
+  tags:
+    - access
+    - control
+    - security
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/admin"
+    headers:
+      User-Agent: Access-Control-Tester
+    matchers:
+      - type: word
+        words:
+          - "Access Denied"
+          - "Forbidden"
+        condition: or

From e2caa7407b8ddf5694a2419aed1fbc74c467d294 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Sat, 4 Jan 2025 13:55:12 +0530
Subject: [PATCH 07/65] creates yaml

---
 templates/http/Broken-authentication.yaml | 25 +++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 templates/http/Broken-authentication.yaml

diff --git a/templates/http/Broken-authentication.yaml b/templates/http/Broken-authentication.yaml
new file mode 100644
index 0000000..c5373a9
--- /dev/null
+++ b/templates/http/Broken-authentication.yaml
@@ -0,0 +1,25 @@
+id: broken-authentication-test
+info:
+  name: Broken Authentication Vulnerability Test
+  description: Test for broken authentication vulnerabilities in login forms.
+  severity: Critical
+  author: Project
+  tags:
+    - authentication
+    - security
+
+http:
+  - method: POST
+    path:
+      - "{{BaseURL}}/login"
+    body:
+      - "username=admin&password=admin' OR '1'='1"
+    headers:
+      Content-Type: application/x-www-form-urlencoded
+      User-Agent: Auth-Scanner
+    matchers:
+      - type: word
+        words:
+          - login failed
+          - incorrect username or password
+        condition: or

From e254e734bec5fddf680dccb14545347637832288 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Sat, 4 Jan 2025 13:57:24 +0530
Subject: [PATCH 08/65] yaml

---
 templates/http/insecure-deserialization.yaml  | 25 +++++++++++++++++++
 .../http/insufficient-logging-monitoring.yaml | 23 +++++++++++++++++
 .../http/known-vulnerable-components.yaml     | 22 ++++++++++++++++
 3 files changed, 70 insertions(+)
 create mode 100644 templates/http/insecure-deserialization.yaml
 create mode 100644 templates/http/insufficient-logging-monitoring.yaml
 create mode 100644 templates/http/known-vulnerable-components.yaml

diff --git a/templates/http/insecure-deserialization.yaml b/templates/http/insecure-deserialization.yaml
new file mode 100644
index 0000000..ca4358d
--- /dev/null
+++ b/templates/http/insecure-deserialization.yaml
@@ -0,0 +1,25 @@
+id: insecure-deserialization-test
+info:
+  name: Insecure Deserialization Vulnerability Test
+  description: Test for insecure deserialization vulnerabilities in user inputs.
+  severity: High
+  author: Project
+  tags:
+    - deserialization
+    - security
+
+
+http:
+  - method: POST
+    path:
+      - "{{BaseURL}}/deserialize"
+    body:
+      - "username=admin&password=test&data=%s"  # Potential for insecure deserialization payload
+    headers:
+      Content-Type: application/x-www-form-urlencoded
+    matchers:
+      - type: word
+        words:
+          - "Object"
+          - "deserialization"
+        condition: or
diff --git a/templates/http/insufficient-logging-monitoring.yaml b/templates/http/insufficient-logging-monitoring.yaml
new file mode 100644
index 0000000..5e811fa
--- /dev/null
+++ b/templates/http/insufficient-logging-monitoring.yaml
@@ -0,0 +1,23 @@
+id: insufficient-logging-monitoring-test
+info:
+  name: Insufficient Logging & Monitoring Vulnerability Test
+  description: Test for missing or insufficient logging and monitoring.
+  severity: High
+  author: Project
+  tags:
+    - logging
+    - monitoring
+    - security
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/admin/logs"
+    headers:
+      User-Agent: Logging-Monitoring-Scanner
+    matchers:
+      - type: word
+        words:
+          - "error"
+          - "log"
+        condition: or
diff --git a/templates/http/known-vulnerable-components.yaml b/templates/http/known-vulnerable-components.yaml
new file mode 100644
index 0000000..b16cbba
--- /dev/null
+++ b/templates/http/known-vulnerable-components.yaml
@@ -0,0 +1,22 @@
+id: known-vulnerable-components-test
+info:
+  name: Components with Known Vulnerabilities Test
+  description: Test for vulnerable components by checking versions.
+  severity: High
+  author: Project
+  tags:
+    - components
+    - vulnerabilities
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/version"
+    headers:
+      User-Agent: Vulnerability-Scanner
+    matchers:
+      - type: word
+        words:
+          - "CVE"
+          - "version"
+        condition: or

From bb83abcfd3f936335aed71307616f37ca7506293 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Sat, 4 Jan 2025 14:00:36 +0530
Subject: [PATCH 09/65] yaml

---
 templates/http/security-misconfiguration.yaml | 21 ++++++++++++++++
 templates/http/sensitive-data-exposure.yaml   | 24 +++++++++++++++++++
 templates/http/xss-vulnerability.yaml         | 22 +++++++++++++++++
 templates/http/xxe-vulnerability.yaml         | 23 ++++++++++++++++++
 4 files changed, 90 insertions(+)
 create mode 100644 templates/http/security-misconfiguration.yaml
 create mode 100644 templates/http/sensitive-data-exposure.yaml
 create mode 100644 templates/http/xss-vulnerability.yaml
 create mode 100644 templates/http/xxe-vulnerability.yaml

diff --git a/templates/http/security-misconfiguration.yaml b/templates/http/security-misconfiguration.yaml
new file mode 100644
index 0000000..a4db83c
--- /dev/null
+++ b/templates/http/security-misconfiguration.yaml
@@ -0,0 +1,21 @@
+id: security-misconfiguration-test
+info:
+  name: Security Misconfiguration Vulnerability Test
+  description: Test for misconfiguration issues, such as access to sensitive files.
+  severity: High
+  author: Project
+  tags:
+    - misconfiguration
+    - security
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/.env"
+    headers:
+      User-Agent: Misconfiguration-Scanner
+    matchers:
+      - type: word
+        words:
+          - "database_url"
+          - "secret_key"
+        condition: or
diff --git a/templates/http/sensitive-data-exposure.yaml b/templates/http/sensitive-data-exposure.yaml
new file mode 100644
index 0000000..e906e3d
--- /dev/null
+++ b/templates/http/sensitive-data-exposure.yaml
@@ -0,0 +1,24 @@
+id: sensitive-data-exposure-test
+info:
+  name: Sensitive Data Exposure Vulnerability Test
+  description: Test for sensitive data exposure in profile pages.
+  severity: Critical
+  author: Project
+  tags:
+    - data
+    - exposure
+    - privacy
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/profile"
+    headers:
+      User-Agent: Sensitive-Data-Exposure-Scanner
+    matchers:
+      - type: word
+        words:
+          - "password="
+          - "token="
+          - "session="
+        condition: or
diff --git a/templates/http/xss-vulnerability.yaml b/templates/http/xss-vulnerability.yaml
new file mode 100644
index 0000000..6bce17e
--- /dev/null
+++ b/templates/http/xss-vulnerability.yaml
@@ -0,0 +1,22 @@
+id: xss-vulnerability-test
+info:
+  name: Cross-Site Scripting (XSS) Vulnerability Test
+  description: Test for reflected or stored XSS vulnerabilities in inputs.
+  severity: High
+  author: Project
+  tags:
+    - xss
+    - security
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}?search=<script>alert('XSS')</script>"
+    headers:
+      User-Agent: XSS-Scanner
+    matchers:
+      - type: word
+        words:
+          - "<script>"
+          - "alert("
+        condition: or
diff --git a/templates/http/xxe-vulnerability.yaml b/templates/http/xxe-vulnerability.yaml
new file mode 100644
index 0000000..144def7
--- /dev/null
+++ b/templates/http/xxe-vulnerability.yaml
@@ -0,0 +1,23 @@
+id: xxe-vulnerability-test
+info:
+  name: XML External Entities Vulnerability Test
+  description: Test for XML External Entity (XXE) vulnerabilities.
+  severity: High
+  author: Project
+  tags:
+    - xxe
+    - xml
+
+http:
+  - method: POST
+    path:
+      - "{{BaseURL}}/xml-upload"
+    body:
+      - "<?xml version='1.0' encoding='ISO-8859-1' ?><!DOCTYPE foo [ <!ELEMENT foo ANY > <!ENTITY xxe SYSTEM 'http://malicious.com/malicious.xml' >]><foo>&xxe;</foo>"
+    headers:
+      Content-Type: application/xml
+    matchers:
+      - type: word
+        words:
+          - "malicious"
+        condition: or

From ae02657f1909247a12367cd2f766d6b6d8ec0cfd Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Sat, 4 Jan 2025 14:02:13 +0530
Subject: [PATCH 10/65] result changed

---
 main.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/main.py b/main.py
index 8893ddf..1a7e900 100644
--- a/main.py
+++ b/main.py
@@ -52,7 +52,7 @@ def main():
     results = scanner.scan(target_url)
 
     for idx, result in enumerate(results):
-        print(f"Result #{idx + 1}, result for {result['name']}: {result['matched']}")
+        print(f"[{idx + 1}] {result['name']}:[{result['matched']}][{result['severity']}]")
 
 
 if __name__ == "__main__":

From de1dbaaeeab743c353e06ea43d7a04d07a479dd9 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Sat, 4 Jan 2025 15:28:31 +0530
Subject: [PATCH 11/65] setup

---
 setup.py | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 setup.py

diff --git a/setup.py b/setup.py
new file mode 100644
index 0000000..8137264
--- /dev/null
+++ b/setup.py
@@ -0,0 +1,16 @@
+from setuptools import setup
+
+setup(
+    name="opTech",
+    version="1.0.0",
+    description="A tool for scanning a target URL using YAML templates.",
+    author="X",
+    url="https://github.com/mynameisfathima/PenetrationTesting/tree/check",
+    py_modules=["main"],  # Assuming your file is named main.py
+    entry_points={
+        "console_scripts": [
+            "optech=main:main",  # Maps the `optech` command to the `main()` function in `main.py`
+        ],
+    },
+    install_requires=["pyyaml"],  # Add other dependencies as needed
+)

From 735f15c6b9d9f044cdf8544d8be163b75240b4b3 Mon Sep 17 00:00:00 2001
From: Makrihashq <147227931+Makrihashq@users.noreply.github.com>
Date: Sat, 4 Jan 2025 20:51:52 +0530
Subject: [PATCH 12/65] Add files via upload

interface
---
 banner.py | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 banner.py

diff --git a/banner.py b/banner.py
new file mode 100644
index 0000000..ba668fc
--- /dev/null
+++ b/banner.py
@@ -0,0 +1,33 @@
+import logging
+from updateutils import get_update_tool_callback
+from pdcpauth import check_and_validate_credentials
+
+# Define the banner
+banner = '''
+             __________________
+  ____  ____/_  __/ ____/ ____/
+ / __ \/ __ \/ / / __/ / /
+/ /_/ / /_/ / / / /___/ /___
+\____/ .___/_/ /_____/\____/
+    /_/                          1.0.0
+'''
+
+# Show the banner to the user
+def show_banner():
+    print(f"{banner}")
+    print("\t\toptec.example.com\n")
+
+# Update nuclei binary/tool to the latest version
+def nuclei_tool_update_callback():
+    show_banner()
+    get_update_tool_callback('nuclei', '1.0.0')()
+
+# Authenticate with PDCP
+def auth_with_pdcp():
+    show_banner()
+    check_and_validate_credentials('nuclei')
+
+# Example usage
+if __name__ == "__main__":
+    auth_with_pdcp()
+    nuclei_tool_update_callback()

From cb73af43aaa4e7294859dee77d8c5c38c70c3985 Mon Sep 17 00:00:00 2001
From: Makrihashq <147227931+Makrihashq@users.noreply.github.com>
Date: Sat, 4 Jan 2025 20:53:34 +0530
Subject: [PATCH 13/65] banner.py

---
 banner.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/banner.py b/banner.py
index ba668fc..5dfb4ce 100644
--- a/banner.py
+++ b/banner.py
@@ -20,12 +20,12 @@ def show_banner():
 # Update nuclei binary/tool to the latest version
 def nuclei_tool_update_callback():
     show_banner()
-    get_update_tool_callback('nuclei', '1.0.0')()
+    get_update_tool_callback('optec', '1.0.0')()
 
 # Authenticate with PDCP
 def auth_with_pdcp():
     show_banner()
-    check_and_validate_credentials('nuclei')
+    check_and_validate_credentials('optec')
 
 # Example usage
 if __name__ == "__main__":

From 52da0d36f50213de6826b45bfd8ccd3c0583f4ff Mon Sep 17 00:00:00 2001
From: Makrihashq <147227931+Makrihashq@users.noreply.github.com>
Date: Sat, 4 Jan 2025 21:49:01 +0530
Subject: [PATCH 14/65] Update main.py

---
 main.py | 32 ++++++++++++++++++--------------
 1 file changed, 18 insertions(+), 14 deletions(-)

diff --git a/main.py b/main.py
index 1a7e900..6f395c6 100644
--- a/main.py
+++ b/main.py
@@ -1,32 +1,35 @@
+# main.py
 import argparse
-import yaml
 import os
+import yaml
 from engine.template_parser import load_templates_from_directory
 from engine.scanner import Scanner
-
+from banner import show_banner  # Assuming you have the banner function
 
 def main():
+    # Show banner at the start
+    show_banner()
+
+    # Remove target_url argument from command line input
+    target_url = "http://www.google.com"  # Hardcode the target URL here
+
     parser = argparse.ArgumentParser(
         description="A tool for scanning a target URL using templates."
     )
 
     parser.add_argument(
-        "target_url",
-        help="The target URL to scan.",
-    )
-    parser.add_argument(
-        "-t", "--templates",
-        default="templates/http",
-        help=(
-            "Path to a specific template file or directory containing YAML templates. "
-            "Default: templates/http"
+    "-t", "--templates",
+    default="templates/",
+    help=("Path to a specific template file or directory containing YAML templates. "
+          "Default: templates/"
         ),
     )
+    
+    
 
-    # Parse the arguments
+    # Parse arguments
     args = parser.parse_args()
 
-    target_url = args.target_url
     templates_path = args.templates
 
     # Check and load YAML templates
@@ -44,6 +47,7 @@ def main():
     else:
         print(f"Invalid path: {templates_path}. Ensure it points to a .yaml file or a directory.")
         exit(1)
+
     # Create the scanner instance
     scanner = Scanner(templates)
 
@@ -51,10 +55,10 @@ def main():
     print(f"Scanning target URL: {target_url}")
     results = scanner.scan(target_url)
 
+    # Display the results
     for idx, result in enumerate(results):
         print(f"[{idx + 1}] {result['name']}:[{result['matched']}][{result['severity']}]")
 
-
 if __name__ == "__main__":
     main()
 

From eb82e55d757cbd011634178eecc8d1f87e51183b Mon Sep 17 00:00:00 2001
From: Makrihashq <147227931+Makrihashq@users.noreply.github.com>
Date: Sat, 4 Jan 2025 21:50:13 +0530
Subject: [PATCH 15/65] Update banner.py

---
 banner.py | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/banner.py b/banner.py
index 5dfb4ce..b6f5b7a 100644
--- a/banner.py
+++ b/banner.py
@@ -1,6 +1,7 @@
 import logging
 from updateutils import get_update_tool_callback
-from pdcpauth import check_and_validate_credentials
+from auth.pdcpauth import check_and_validate_credentials
+
 
 # Define the banner
 banner = '''
@@ -20,12 +21,12 @@ def show_banner():
 # Update nuclei binary/tool to the latest version
 def nuclei_tool_update_callback():
     show_banner()
-    get_update_tool_callback('optec', '1.0.0')()
+    get_update_tool_callback('nuclei', '1.0.0')()
 
 # Authenticate with PDCP
 def auth_with_pdcp():
     show_banner()
-    check_and_validate_credentials('optec')
+    check_and_validate_credentials('nuclei')
 
 # Example usage
 if __name__ == "__main__":

From 8eb2e4dfb7e278070a140e3407886e868b5ffa5a Mon Sep 17 00:00:00 2001
From: Makrihashq <147227931+Makrihashq@users.noreply.github.com>
Date: Sat, 4 Jan 2025 21:59:34 +0530
Subject: [PATCH 16/65] Update scanner.py

---
 engine/scanner.py | 98 +++++++++++++++--------------------------------
 1 file changed, 30 insertions(+), 68 deletions(-)

diff --git a/engine/scanner.py b/engine/scanner.py
index c00de0a..4e1bef6 100644
--- a/engine/scanner.py
+++ b/engine/scanner.py
@@ -1,79 +1,41 @@
-import requests  # Alternative to a browser in real lyf
-from typing import Dict, Any, List
-from .matchers import run_matchers
-
-
+# engine/scanner.py
 class Scanner:
-    """
-    The main scanning engine that takes Nuclei-like templates
-    and a list of target URLs to test.
-    """
-
-    def __init__(self, templates: List[Dict[str, Any]]):
+    def __init__(self, templates):
+        """
+        Initializes the Scanner with a list of templates.
+        Args:
+            templates (list): A list of templates to use for scanning.
+        """
         self.templates = templates
-        self.logged_urls = set()  # Set to track already logged URLs for warnings
 
-    def scan(self, target_url: str):
+    def scan(self, target_url):
         """
-        Scan a single target URL with all loaded templates.
+        Scans the target URL using the provided templates.
+        Args:
+            target_url (str): The target URL to scan.
+        Returns:
+            list: A list of results from the scan.
         """
         results = []
         for template in self.templates:
-            template_id = template.get("id", "unknown-id")
-            template_info = template.get("info", {})
-            template_requests = template.get("http", [])
-
-            for request_config in template_requests:
-                result = self._process_request(template_id, template_info, request_config, target_url)
-                if result:
-                    results.append(result)
+            matched = self._match_template(template, target_url)
+            # Collect the result for this template
+            results.append({
+                "name": template.get("name", "Unnamed Template"),
+                "matched": matched,
+                "severity": template.get("severity", "low"),
+            })
         return results
 
-    def _process_request(self, template_id, template_info, request_config, target_url):
+    def _match_template(self, template, target_url):
         """
-        Process a single request configuration from a template.
+        Placeholder method for matching a template to a target URL.
+        You can extend this method with custom logic to check patterns or conditions.
+        Args:
+            template (dict): A single template (dict) to match.
+            target_url (str): The target URL.
+        Returns:
+            bool: Whether the target URL matches the template.
         """
-        method = request_config.get("method", "GET").upper()
-        paths = request_config.get("path", [])
-        matchers_config = request_config.get("matchers", [])
-        for path in paths:
-            url = path.replace("{{BaseURL}}", target_url).strip("/")  # Remove extra slashes
-            
-            try:
-                # Make the request based on method
-                if method == "GET":
-                    response = requests.get(url, timeout=5)
-                elif method == "POST":
-                    response = requests.post(url, timeout=5)
-
-                # Evaluate matchers
-                matched_result = run_matchers(response, matchers_config)
-
-                # Combine results: Header issues override matchers
-                if matched_result:
-                    return {
-                        "template_id": template_id,
-                        "name": template_info.get("name"),
-                        "author": template_info.get("author"),
-                        "severity": template_info.get("severity"),
-                        "url": url,
-                        "status_code": response.status_code,
-                        "matched": "True",
-                    }
-                else:
-                    return {
-                        "template_id": template_id,
-                        "name": template_info.get("name"),
-                        "author": template_info.get("author"),
-                        "severity": template_info.get("severity"),
-                        "url": url,
-                        "status_code": response.status_code,
-                        "matched": "False",
-                    }
-
-            except requests.RequestException as e:
-                print(f"[ERROR] Request failed for {url}: {e}")
-
-        return None
-
-  
+        # Basic matching logic (you can extend it as needed)
+        return "example" in target_url  # Example condition for matching

From aec98c6c8a5b845343637af1b7e4556bfd56f9ee Mon Sep 17 00:00:00 2001
From: Makrihashq <147227931+Makrihashq@users.noreply.github.com>
Date: Sat, 4 Jan 2025 22:00:15 +0530
Subject: [PATCH 17/65] Update template_parser.py

---
 engine/template_parser.py | 30 ++++++++++++++----------------
 1 file changed, 14 insertions(+), 16 deletions(-)

diff --git a/engine/template_parser.py b/engine/template_parser.py
index 6634742..0b9ddfc 100644
--- a/engine/template_parser.py
+++ b/engine/template_parser.py
@@ -1,26 +1,24 @@
-import os
+# engine/template_parser.py
 import yaml
-from typing import List, Dict, Any
-
+import os
 
-def load_templates_from_directory(directory: str) -> List[Dict[str, Any]]:
+def load_templates_from_directory(directory):
     """
-    Loads all YAML files from the specified directory and returns
-    them as a list of parsed dictionaries.
-
-    The directory needs to be till yaml or else nothing at all 
-    incase of no  directory is passed, load all yaml 
-    TODO: Handled by another function - Who will take care of this ?
+    Loads all YAML templates from the specified directory.
+    Args:
+        directory (str): Path to the directory containing YAML template files.
+    Returns:
+        list: A list of parsed templates (as dictionaries).
     """
     templates = []
+    # Iterate over all files in the directory
     for filename in os.listdir(directory):
-        if filename.endswith(".yaml") or filename.endswith(".yml"):
+        if filename.endswith(".yaml"):  # Only load .yaml files
             filepath = os.path.join(directory, filename)
-            with open(filepath, "r", encoding="utf-8") as f:
+            with open(filepath, 'r') as file:
                 try:
-                    data = yaml.safe_load(f) # Using safe load here, I dont want deserialization attack happening here !
-                    if data:
-                        templates.append(data) # TODO : Handle else case YAML errors may need a blank
+                    # Parse the YAML file into a dictionary and append to templates list
+                    templates.append(yaml.safe_load(file))
                 except yaml.YAMLError as e:
-                    print(f"[ERROR] Failed to parse YAML file {filename}: {e}")
+                    print(f"Error parsing YAML file {filename}: {e}")
     return templates

From 0001c5796a981b73c430882209296929b12c570a Mon Sep 17 00:00:00 2001
From: Makrihashq <147227931+Makrihashq@users.noreply.github.com>
Date: Sat, 4 Jan 2025 22:03:46 +0530
Subject: [PATCH 18/65] Create temp

---
 auth/temp | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 auth/temp

diff --git a/auth/temp b/auth/temp
new file mode 100644
index 0000000..7898192
--- /dev/null
+++ b/auth/temp
@@ -0,0 +1 @@
+a

From b9abb6fa00574755ed39c7a9fac3ba4b8cc6523c Mon Sep 17 00:00:00 2001
From: Makrihashq <147227931+Makrihashq@users.noreply.github.com>
Date: Sat, 4 Jan 2025 22:04:10 +0530
Subject: [PATCH 19/65] Add files via upload

---
 auth/pdcpauth.py | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 auth/pdcpauth.py

diff --git a/auth/pdcpauth.py b/auth/pdcpauth.py
new file mode 100644
index 0000000..48a1fd2
--- /dev/null
+++ b/auth/pdcpauth.py
@@ -0,0 +1,12 @@
+# pdcpauth.py
+
+def check_and_validate_credentials(tool_name):
+    """
+    Simulates checking and validating credentials for a tool.
+    Args:
+        tool_name (str): The name of the tool to authenticate.
+    """
+    print(f"Validating credentials for {tool_name}...")
+    # Replace this with actual logic for authenticating a user
+    # For now, it just returns True to simulate a successful validation.
+    return True

From cf49bb6a9b81d3096196494c8858c2298e5bd1e6 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Sat, 4 Jan 2025 22:06:53 +0530
Subject: [PATCH 20/65] Delete auth/temp

---
 auth/temp | 1 -
 1 file changed, 1 deletion(-)
 delete mode 100644 auth/temp

diff --git a/auth/temp b/auth/temp
deleted file mode 100644
index 7898192..0000000
--- a/auth/temp
+++ /dev/null
@@ -1 +0,0 @@
-a

From 839dab9d31545e1bba9146194521845392d292d2 Mon Sep 17 00:00:00 2001
From: Makrihashq <147227931+Makrihashq@users.noreply.github.com>
Date: Sat, 4 Jan 2025 22:16:40 +0530
Subject: [PATCH 21/65] Update main.py

---
 main.py | 23 +++++++++++------------
 1 file changed, 11 insertions(+), 12 deletions(-)

diff --git a/main.py b/main.py
index 6f395c6..970133c 100644
--- a/main.py
+++ b/main.py
@@ -1,4 +1,3 @@
-# main.py
 import argparse
 import os
 import yaml
@@ -10,26 +9,27 @@ def main():
     # Show banner at the start
     show_banner()
 
-    # Remove target_url argument from command line input
-    target_url = "http://www.google.com"  # Hardcode the target URL here
-
     parser = argparse.ArgumentParser(
         description="A tool for scanning a target URL using templates."
     )
 
+    # Add target_url argument (no default, making it required)
     parser.add_argument(
-    "-t", "--templates",
-    default="templates/",
-    help=("Path to a specific template file or directory containing YAML templates. "
-          "Default: templates/"
-        ),
+        "target_url",
+        help="The target URL to scan.",
+    )
+
+    parser.add_argument(
+        "-t", "--templates",
+        default="templates/",
+        help=("Path to a specific template file or directory containing YAML templates. "
+              "Default: templates/")
     )
-    
-    
 
     # Parse arguments
     args = parser.parse_args()
 
+    target_url = args.target_url  # Get the target URL from the argument
     templates_path = args.templates
 
     # Check and load YAML templates
@@ -61,4 +61,3 @@ def main():
 
 if __name__ == "__main__":
     main()
-

From 98834fc4a8b93adf2791f4b40129feccfbdcf613 Mon Sep 17 00:00:00 2001
From: Makrihashq <147227931+Makrihashq@users.noreply.github.com>
Date: Sat, 4 Jan 2025 22:17:54 +0530
Subject: [PATCH 22/65] Add files via upload

---
 updateutils.py | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 updateutils.py

diff --git a/updateutils.py b/updateutils.py
new file mode 100644
index 0000000..1fb939d
--- /dev/null
+++ b/updateutils.py
@@ -0,0 +1,18 @@
+# updateutils.py
+
+def get_update_tool_callback(tool_name, version):
+    """
+    Returns a callback function to update the specified tool.
+    Args:
+        tool_name (str): The name of the tool to update.
+        version (str): The desired version of the tool.
+    Returns:
+        function: A callback function that handles the update logic.
+    """
+    def update_tool():
+        print(f"Updating {tool_name} to version {version}...")
+        # You can add logic here to perform the actual update process
+        # For now, this is just a placeholder
+        print(f"{tool_name} is now updated to version {version}.")
+    
+    return update_tool

From 77094197722a19d4b7821dacb7ebbd6826b13cc7 Mon Sep 17 00:00:00 2001
From: Makrihashq <147227931+Makrihashq@users.noreply.github.com>
Date: Sat, 4 Jan 2025 22:21:58 +0530
Subject: [PATCH 23/65] Update main.py

---
 main.py | 25 +++++++++++++++++++++----
 1 file changed, 21 insertions(+), 4 deletions(-)

diff --git a/main.py b/main.py
index 970133c..ff0d997 100644
--- a/main.py
+++ b/main.py
@@ -5,6 +5,22 @@
 from engine.scanner import Scanner
 from banner import show_banner  # Assuming you have the banner function
 
+def load_templates_from_directory_recursive(directory_path):
+    """
+    Recursively loads all YAML files from a directory and its subdirectories.
+    """
+    templates = []
+    for root, dirs, files in os.walk(directory_path):
+        for file in files:
+            if file.endswith(".yaml"):
+                file_path = os.path.join(root, file)
+                with open(file_path, 'r') as file:
+                    try:
+                        templates.append(yaml.safe_load(file))  # Parse the YAML file
+                    except yaml.YAMLError as e:
+                        print(f"Error parsing YAML file {file_path}: {e}")
+    return templates
+
 def main():
     # Show banner at the start
     show_banner()
@@ -19,11 +35,12 @@ def main():
         help="The target URL to scan.",
     )
 
+    # Add templates argument with default to 'templates/'
     parser.add_argument(
         "-t", "--templates",
-        default="templates/",
+        default="templates/http",  # Default is the 'templates/http' folder
         help=("Path to a specific template file or directory containing YAML templates. "
-              "Default: templates/")
+              "Default: templates/http")
     )
 
     # Parse arguments
@@ -42,8 +59,8 @@ def main():
                 print(f"Error parsing YAML file: {e}")
                 exit(1)
     elif os.path.isdir(templates_path):
-        print(f"Loading all YAML files from directory: {templates_path}")
-        templates = load_templates_from_directory(templates_path)
+        print(f"Loading all YAML files from directory: {templates_path} (including subdirectories)")
+        templates = load_templates_from_directory_recursive(templates_path)
     else:
         print(f"Invalid path: {templates_path}. Ensure it points to a .yaml file or a directory.")
         exit(1)

From d2db1696575b64152bcdc9b1698220163bb36e9f Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Mon, 6 Jan 2025 17:05:21 +0530
Subject: [PATCH 24/65] Update scanner.py

---
 engine/scanner.py | 98 ++++++++++++++++++++++++++++++++---------------
 1 file changed, 68 insertions(+), 30 deletions(-)

diff --git a/engine/scanner.py b/engine/scanner.py
index 4e1bef6..c00de0a 100644
--- a/engine/scanner.py
+++ b/engine/scanner.py
@@ -1,41 +1,79 @@
-# engine/scanner.py
+import requests  # Alternative to a browser in real lyf
+from typing import Dict, Any, List
+from .matchers import run_matchers
+
+
 class Scanner:
-    def __init__(self, templates):
-        """
-        Initializes the Scanner with a list of templates.
-        Args:
-            templates (list): A list of templates to use for scanning.
-        """
+    """
+    The main scanning engine that takes Nuclei-like templates
+    and a list of target URLs to test.
+    """
+
+    def __init__(self, templates: List[Dict[str, Any]]):
         self.templates = templates
+        self.logged_urls = set()  # Set to track already logged URLs for warnings
 
-    def scan(self, target_url):
+    def scan(self, target_url: str):
         """
-        Scans the target URL using the provided templates.
-        Args:
-            target_url (str): The target URL to scan.
-        Returns:
-            list: A list of results from the scan.
+        Scan a single target URL with all loaded templates.
         """
         results = []
         for template in self.templates:
-            matched = self._match_template(template, target_url)
-            # Collect the result for this template
-            results.append({
-                "name": template.get("name", "Unnamed Template"),
-                "matched": matched,
-                "severity": template.get("severity", "low"),
-            })
+            template_id = template.get("id", "unknown-id")
+            template_info = template.get("info", {})
+            template_requests = template.get("http", [])
+
+            for request_config in template_requests:
+                result = self._process_request(template_id, template_info, request_config, target_url)
+                if result:
+                    results.append(result)
         return results
 
-    def _match_template(self, template, target_url):
+    def _process_request(self, template_id, template_info, request_config, target_url):
         """
-        Placeholder method for matching a template to a target URL.
-        You can extend this method with custom logic to check patterns or conditions.
-        Args:
-            template (dict): A single template (dict) to match.
-            target_url (str): The target URL.
-        Returns:
-            bool: Whether the target URL matches the template.
+        Process a single request configuration from a template.
         """
-        # Basic matching logic (you can extend it as needed)
-        return "example" in target_url  # Example condition for matching
+        method = request_config.get("method", "GET").upper()
+        paths = request_config.get("path", [])
+        matchers_config = request_config.get("matchers", [])
+        for path in paths:
+            url = path.replace("{{BaseURL}}", target_url).strip("/")  # Remove extra slashes
+            
+            try:
+                # Make the request based on method
+                if method == "GET":
+                    response = requests.get(url, timeout=5)
+                elif method == "POST":
+                    response = requests.post(url, timeout=5)
+
+                # Evaluate matchers
+                matched_result = run_matchers(response, matchers_config)
+
+                # Combine results: Header issues override matchers
+                if matched_result:
+                    return {
+                        "template_id": template_id,
+                        "name": template_info.get("name"),
+                        "author": template_info.get("author"),
+                        "severity": template_info.get("severity"),
+                        "url": url,
+                        "status_code": response.status_code,
+                        "matched": "True",
+                    }
+                else:
+                    return {
+                        "template_id": template_id,
+                        "name": template_info.get("name"),
+                        "author": template_info.get("author"),
+                        "severity": template_info.get("severity"),
+                        "url": url,
+                        "status_code": response.status_code,
+                        "matched": "False",
+                    }
+
+            except requests.RequestException as e:
+                print(f"[ERROR] Request failed for {url}: {e}")
+
+        return None
+
+  

From 140cd4e41abde8b48331bf9b02116be02285fcbb Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Mon, 6 Jan 2025 17:05:53 +0530
Subject: [PATCH 25/65] template_parser

---
 engine/template_parser.py | 30 ++++++++++++++++--------------
 1 file changed, 16 insertions(+), 14 deletions(-)

diff --git a/engine/template_parser.py b/engine/template_parser.py
index 0b9ddfc..6634742 100644
--- a/engine/template_parser.py
+++ b/engine/template_parser.py
@@ -1,24 +1,26 @@
-# engine/template_parser.py
-import yaml
 import os
+import yaml
+from typing import List, Dict, Any
 
-def load_templates_from_directory(directory):
+
+def load_templates_from_directory(directory: str) -> List[Dict[str, Any]]:
     """
-    Loads all YAML templates from the specified directory.
-    Args:
-        directory (str): Path to the directory containing YAML template files.
-    Returns:
-        list: A list of parsed templates (as dictionaries).
+    Loads all YAML files from the specified directory and returns
+    them as a list of parsed dictionaries.
+
+    The directory needs to be till yaml or else nothing at all 
+    incase of no  directory is passed, load all yaml 
+    TODO: Handled by another function - Who will take care of this ?
     """
     templates = []
-    # Iterate over all files in the directory
     for filename in os.listdir(directory):
-        if filename.endswith(".yaml"):  # Only load .yaml files
+        if filename.endswith(".yaml") or filename.endswith(".yml"):
             filepath = os.path.join(directory, filename)
-            with open(filepath, 'r') as file:
+            with open(filepath, "r", encoding="utf-8") as f:
                 try:
-                    # Parse the YAML file into a dictionary and append to templates list
-                    templates.append(yaml.safe_load(file))
+                    data = yaml.safe_load(f) # Using safe load here, I dont want deserialization attack happening here !
+                    if data:
+                        templates.append(data) # TODO : Handle else case YAML errors may need a blank
                 except yaml.YAMLError as e:
-                    print(f"Error parsing YAML file {filename}: {e}")
+                    print(f"[ERROR] Failed to parse YAML file {filename}: {e}")
     return templates

From 8d120e4331aa5e78672a44a72b88bdfb6184898d Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Mon, 6 Jan 2025 17:06:34 +0530
Subject: [PATCH 26/65] main

---
 main.py | 57 +++++++++++++++++++++++++--------------------------------
 1 file changed, 25 insertions(+), 32 deletions(-)

diff --git a/main.py b/main.py
index ff0d997..be75ec7 100644
--- a/main.py
+++ b/main.py
@@ -1,25 +1,13 @@
+# main.py
 import argparse
 import os
+import sys
+sys.path.append(os.path.dirname(os.path.abspath(__file__)))
 import yaml
 from engine.template_parser import load_templates_from_directory
 from engine.scanner import Scanner
-from banner import show_banner  # Assuming you have the banner function
+from banner import show_banner  
 
-def load_templates_from_directory_recursive(directory_path):
-    """
-    Recursively loads all YAML files from a directory and its subdirectories.
-    """
-    templates = []
-    for root, dirs, files in os.walk(directory_path):
-        for file in files:
-            if file.endswith(".yaml"):
-                file_path = os.path.join(root, file)
-                with open(file_path, 'r') as file:
-                    try:
-                        templates.append(yaml.safe_load(file))  # Parse the YAML file
-                    except yaml.YAMLError as e:
-                        print(f"Error parsing YAML file {file_path}: {e}")
-    return templates
 
 def main():
     # Show banner at the start
@@ -29,26 +17,32 @@ def main():
         description="A tool for scanning a target URL using templates."
     )
 
-    # Add target_url argument (no default, making it required)
     parser.add_argument(
         "target_url",
         help="The target URL to scan.",
     )
-
-    # Add templates argument with default to 'templates/'
     parser.add_argument(
         "-t", "--templates",
-        default="templates/http",  # Default is the 'templates/http' folder
-        help=("Path to a specific template file or directory containing YAML templates. "
-              "Default: templates/http")
+        default="templates/http",
+        help=(
+            "Path to a specific template file or directory containing YAML templates. "
+            "Default: templates/http"
+        ),
+    )
+   
+    parser.add_argument(
+        "-tag",
+        nargs="+",
+        help="Filter templates by tags. Provide one or more tags to filter.",
     )
 
-    # Parse arguments
-    args = parser.parse_args()
 
-    target_url = args.target_url  # Get the target URL from the argument
+    # Parse the arguments
+    args = parser.parse_args()
+    target_url = args.target_url
     templates_path = args.templates
-
+    selected_tags = args.tag
+     
     # Check and load YAML templates
     if os.path.isfile(templates_path) and templates_path.endswith(".yaml"):
         print(f"Loading specific template: {templates_path}")
@@ -59,22 +53,21 @@ def main():
                 print(f"Error parsing YAML file: {e}")
                 exit(1)
     elif os.path.isdir(templates_path):
-        print(f"Loading all YAML files from directory: {templates_path} (including subdirectories)")
-        templates = load_templates_from_directory_recursive(templates_path)
+        print(f"Loading all YAML files from directory: {templates_path}")
+        templates = load_templates_from_directory(templates_path)
     else:
         print(f"Invalid path: {templates_path}. Ensure it points to a .yaml file or a directory.")
         exit(1)
-
     # Create the scanner instance
     scanner = Scanner(templates)
 
     # Run the scan
     print(f"Scanning target URL: {target_url}")
+    
     results = scanner.scan(target_url)
-
-    # Display the results
     for idx, result in enumerate(results):
-        print(f"[{idx + 1}] {result['name']}:[{result['matched']}][{result['severity']}]")
+        print(f"[{idx + 1}]{result['name']}: [{result['matched']}][{result['severity']}]")
+
 
 if __name__ == "__main__":
     main()

From f38ee5184488d526b998a005f58d468454b30582 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Mon, 6 Jan 2025 17:07:21 +0530
Subject: [PATCH 27/65] pyproject.toml

---
 pyproject.toml | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 pyproject.toml

diff --git a/pyproject.toml b/pyproject.toml
new file mode 100644
index 0000000..8fd8d67
--- /dev/null
+++ b/pyproject.toml
@@ -0,0 +1,3 @@
+[build-system]
+requires = ["setuptools", "setuptools-scm"]
+build-backend = "setuptools.build_meta"

From 50c294bc8831be6e428868f64b0dd726b0ae55c2 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Mon, 6 Jan 2025 17:18:05 +0530
Subject: [PATCH 28/65] detect-dangling-cname

---
 templates/dns/detect-dangling-cname.yaml | 38 ++++++++++++++++++++++++
 1 file changed, 38 insertions(+)
 create mode 100644 templates/dns/detect-dangling-cname.yaml

diff --git a/templates/dns/detect-dangling-cname.yaml b/templates/dns/detect-dangling-cname.yaml
new file mode 100644
index 0000000..03d7a24
--- /dev/null
+++ b/templates/dns/detect-dangling-cname.yaml
@@ -0,0 +1,38 @@
+id: detect-dangling-cname
+
+info:
+  name: CNAME Detect Dangling
+  author: pdteam,nytr0gen
+  severity: info
+  description: A CNAME detect dangling condition was discovered. Most commonly this relates to failing to remove records from the zone once they are no longer needed.
+  reference:
+    - https://securitytrails.com/blog/subdomain-takeover-tips
+    - https://nominetcyber.com/dangling-dns-is-no-laughing-matter/
+    - https://nabeelxy.medium.com/dangling-dns-records-are-a-real-vulnerability-361f2a29d37f
+    - https://docs.microsoft.com/en-us/azure/security/fundamentals/subdomain-takeover
+  classification:
+    cwe-id: CWE-200
+  metadata:
+    max-request: 1
+  tags: dns,takeover
+
+dns:
+  - name: "{{FQDN}}"
+    type: A
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "NXDOMAIN"
+
+      - type: regex
+        part: answer
+        regex:
+          - "IN\tCNAME\t(.+)$"
+
+    extractors:
+      - type: dsl
+        dsl:
+          - cname
+# digest: 4a0a00473045022068970462c003171d31d9f5968e26d73eb7435bea738ae8753ec21bb6a7416028022100ac969c65486f52dcac005333256eeb722f1d1bad1ca642e5ebfb9166891dd1a1:922c64590222798bb761d5b6d8e72950

From bb23ac65b60820e14b0d5e2fc7ad2ac66e1688d6 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Mon, 6 Jan 2025 17:19:01 +0530
Subject: [PATCH 29/65] exposed-zookeeper

---
 templates/network/exposed-zookeeper.yaml | 27 ++++++++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 templates/network/exposed-zookeeper.yaml

diff --git a/templates/network/exposed-zookeeper.yaml b/templates/network/exposed-zookeeper.yaml
new file mode 100644
index 0000000..f94c485
--- /dev/null
+++ b/templates/network/exposed-zookeeper.yaml
@@ -0,0 +1,27 @@
+id: exposed-zookeeper
+
+info:
+  name: Apache ZooKeeper - Unauthenticated Access
+  author: pdteam
+  severity: high
+  description: Apache ZooKeeper was able to be accessed without any required authentication.
+  reference:
+    - https://zookeeper.apache.org/security.html
+  metadata:
+    max-request: 1
+  tags: network,zookeeper,unauth,exposure,tcp
+
+tcp:
+  - inputs:
+      - data: "envi\r\nquit\r\n"
+
+    host:
+      - "{{Hostname}}"
+    port: 2181
+    read-size: 2048
+
+    matchers:
+      - type: word
+        words:
+          - "zookeeper.version"
+# digest: 490a0046304402201f3b10c29fa1cd3d672e47a1ee0ba3e03ad1cb39c48e79402cd9f95be773584102201e8c95b99057a1d116218a6528bfdec925523bb7946f6882c3ca4576c27cb3ab:922c64590222798bb761d5b6d8e72950

From 07d5032915f8d51b1b555b695e5f8a84d0e50a0b Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Mon, 6 Jan 2025 17:19:59 +0530
Subject: [PATCH 30/65]  detect-ssl-issuer

---
 templates/ssl/detect-ssl-issuer.yaml | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 templates/ssl/detect-ssl-issuer.yaml

diff --git a/templates/ssl/detect-ssl-issuer.yaml b/templates/ssl/detect-ssl-issuer.yaml
new file mode 100644
index 0000000..8b13789
--- /dev/null
+++ b/templates/ssl/detect-ssl-issuer.yaml
@@ -0,0 +1 @@
+

From 883d7f8d6ce8e564b771bad9833450a15c9bb889 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Mon, 6 Jan 2025 17:20:31 +0530
Subject: [PATCH 31/65] detect-ssl-issuer

---
 templates/ssl/detect-ssl-issuer.yaml | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/templates/ssl/detect-ssl-issuer.yaml b/templates/ssl/detect-ssl-issuer.yaml
index 8b13789..f9e224a 100644
--- a/templates/ssl/detect-ssl-issuer.yaml
+++ b/templates/ssl/detect-ssl-issuer.yaml
@@ -1 +1,19 @@
+id: ssl-issuer
 
+info:
+  name: Detect SSL Certificate Issuer
+  author: Lingtren
+  severity: info
+  description: |
+    Extract the issuer's organization from the target's certificate. Issuers are entities which sign and distribute certificates.
+  metadata:
+    max-request: 1
+  tags: ssl,tls
+ssl:
+  - address: "{{Host}}:{{Port}}"
+
+    extractors:
+      - type: json
+        json:
+          - " .issuer_org[]"
+# digest: 4b0a00483046022100bd0a46c7b6830ac660cd83da55422c5850a89b45976bfcd0035a5f03095b4c58022100eab9663bc02f087311822ee77dcd71fbc12d396007e8c8ea86ede19fab4a468a:922c64590222798bb761d5b6d8e72950

From 1c66fb550538e34edd5ec52e6cb130bf2e439fb5 Mon Sep 17 00:00:00 2001
From: Danwand NS <danwand47@gmail.com>
Date: Tue, 7 Jan 2025 19:40:43 +0530
Subject: [PATCH 32/65] Fixed broken access control, with tests

---
 engine/matchers.py                        | 48 +++++++++++------------
 engine/scanner.py                         | 15 +++----
 main.py                                   |  5 ++-
 templates/http/broken-access-control.yaml | 10 ++---
 4 files changed, 39 insertions(+), 39 deletions(-)

diff --git a/engine/matchers.py b/engine/matchers.py
index e04cc24..e678da6 100644
--- a/engine/matchers.py
+++ b/engine/matchers.py
@@ -11,7 +11,7 @@ def run_matchers(response: Response, matchers_config: List[Dict[str, Any]]) -> b
     """
     for matcher in matchers_config:
         matcher_type = matcher.get("type")
-
+        
         if matcher_type == "regex":
             if not regex_match(response, matcher):
                 return False
@@ -31,6 +31,7 @@ def header_search(response, matcher):
     headers = dict(response.headers)
     stuff_to_match = matcher['name']
     condition_type = matcher['condition'] # Either Present or Contains
+
     if condition_type == 'present':
         if stuff_to_match in headers:
             return True
@@ -47,42 +48,37 @@ def header_search(response, matcher):
         else:
             return False
 
-    elif condition_type == "or":
-        sql_error_keywords = [
-            "SQL syntax error",
-            "MySQL",
-            "syntax error",
-            "unclosed quotation mark",
-            "Warning: mysql_fetch",
-            "Unknown column",
-            "database error"
-        ]
-
-        for key, value in headers.items():
-            if any(error_keyword in value for error_keyword in sql_error_keywords):
-                return True
-
-        return False
-    return False
-    
 def regex_match(response: Response, matcher: Dict[str, Any]) -> bool:
     """
     Checks if the response body matches a given regex pattern.
     """
-    pattern = matcher.get("pattern")
-    if not pattern:
+    patterns = matcher.get("pattern", [])
+    condition = matcher.get("condition", "or").lower()
+
+    if not patterns or not isinstance(patterns, list):
         return False
-    return bool(re.search(pattern, response.text))
+    
+    pool_of_response_text = response.text
+    if condition == "and":
+        return all(bool(re.search(pattern, pool_of_response_text)) for pattern in patterns)
+    elif condition == "or":
+        return any(bool(re.search(pattern, pool_of_response_text)) for pattern in patterns)
 
 def word_match(response: Response, matcher: Dict[str, Any]) -> bool:
-    """
+    """ 
     Checks if th respose body contains the word
     """
-    word_to_search = matcher.get("word")
-    if not word_to_search:
+    words_to_search = matcher.get("words", [])
+    condition = matcher.get("condition", "or").lower()
+
+    if not words_to_search or not isinstance(words_to_search, list):
         return False
+
     pool_of_response_text = response.text
-    return bool(pool_of_response_text.find(word_to_search) > 0) # returns false if not found, ie, returns -1
+    if condition == "and":
+        return all(word in pool_of_response_text for word in words_to_search)
+    elif condition == "or":
+        return any(word in pool_of_response_text for word in words_to_search)
 
 
 def status_match(response: Response, matcher: Dict[str, Any]) -> bool:
diff --git a/engine/scanner.py b/engine/scanner.py
index c00de0a..afd45ea 100644
--- a/engine/scanner.py
+++ b/engine/scanner.py
@@ -22,11 +22,12 @@ def scan(self, target_url: str):
             template_id = template.get("id", "unknown-id")
             template_info = template.get("info", {})
             template_requests = template.get("http", [])
-
-            for request_config in template_requests:
-                result = self._process_request(template_id, template_info, request_config, target_url)
-                if result:
-                    results.append(result)
+            print("Testing  template: ", template_id)
+            if template_id  == "broken-access-control-test":
+                for request_config in template_requests:
+                    result = self._process_request(template_id, template_info, request_config, target_url)
+                    if result:
+                        results.append(result)
         return results
 
     def _process_request(self, template_id, template_info, request_config, target_url):
@@ -37,7 +38,7 @@ def _process_request(self, template_id, template_info, request_config, target_ur
         paths = request_config.get("path", [])
         matchers_config = request_config.get("matchers", [])
         for path in paths:
-            url = path.replace("{{BaseURL}}", target_url).strip("/")  # Remove extra slashes
+            url = path.replace("{{BaseURL}}", target_url).strip("/")  # Remove extra slashes # TODO : Check for slashes and/or double slashes and then remove the same #noqa
             
             try:
                 # Make the request based on method
@@ -50,7 +51,7 @@ def _process_request(self, template_id, template_info, request_config, target_ur
                 matched_result = run_matchers(response, matchers_config)
 
                 # Combine results: Header issues override matchers
-                if matched_result:
+                if matched_result: # For clarity Lets keep if true it means there is a vulnerability and false means all good
                     return {
                         "template_id": template_id,
                         "name": template_info.get("name"),
diff --git a/main.py b/main.py
index be75ec7..b5598f1 100644
--- a/main.py
+++ b/main.py
@@ -52,13 +52,16 @@ def main():
             except yaml.YAMLError as e:
                 print(f"Error parsing YAML file: {e}")
                 exit(1)
+
     elif os.path.isdir(templates_path):
         print(f"Loading all YAML files from directory: {templates_path}")
         templates = load_templates_from_directory(templates_path)
+
     else:
         print(f"Invalid path: {templates_path}. Ensure it points to a .yaml file or a directory.")
         exit(1)
-    # Create the scanner instance
+
+    
     scanner = Scanner(templates)
 
     # Run the scan
diff --git a/templates/http/broken-access-control.yaml b/templates/http/broken-access-control.yaml
index c062aad..abe4b26 100644
--- a/templates/http/broken-access-control.yaml
+++ b/templates/http/broken-access-control.yaml
@@ -1,7 +1,7 @@
 id: broken-access-control-test
 info:
-  name: Broken Access Control Vulnerability Test
-  description: Test for broken access control in sensitive sections.
+  name: Broken Access Control Vulnerability Test for WordPress Websites
+  description: Test for broken access control to see if a wordpress website have exposed wp-admin directory
   severity: Critical
   author: Project
   tags:
@@ -12,12 +12,12 @@ info:
 http:
   - method: GET
     path:
-      - "{{BaseURL}}/admin"
+      - "{{BaseURL}}/wp-admin"
     headers:
       User-Agent: Access-Control-Tester
     matchers:
       - type: word
         words:
-          - "Access Denied"
-          - "Forbidden"
+          - "Username"
+          - "Password"
         condition: or

From 84d12977b45a37f6167a2c6c0c07e4e71999984c Mon Sep 17 00:00:00 2001
From: Danwand NS <danwand47@gmail.com>
Date: Tue, 7 Jan 2025 22:58:48 +0530
Subject: [PATCH 33/65] Add SSL Checking test

---
 engine/matchers.py                   |  2 +-
 engine/scanner.py                    | 65 ++++++++++++++++++++++++----
 main.py                              |  3 ++
 templates/ssl/detect-ssl-issuer.yaml | 21 ++++-----
 4 files changed, 70 insertions(+), 21 deletions(-)

diff --git a/engine/matchers.py b/engine/matchers.py
index e678da6..5cbbe3a 100644
--- a/engine/matchers.py
+++ b/engine/matchers.py
@@ -11,7 +11,7 @@ def run_matchers(response: Response, matchers_config: List[Dict[str, Any]]) -> b
     """
     for matcher in matchers_config:
         matcher_type = matcher.get("type")
-        
+
         if matcher_type == "regex":
             if not regex_match(response, matcher):
                 return False
diff --git a/engine/scanner.py b/engine/scanner.py
index afd45ea..e0f2136 100644
--- a/engine/scanner.py
+++ b/engine/scanner.py
@@ -21,16 +21,65 @@ def scan(self, target_url: str):
         for template in self.templates:
             template_id = template.get("id", "unknown-id")
             template_info = template.get("info", {})
-            template_requests = template.get("http", [])
-            print("Testing  template: ", template_id)
-            if template_id  == "broken-access-control-test":
-                for request_config in template_requests:
-                    result = self._process_request(template_id, template_info, request_config, target_url)
-                    if result:
-                        results.append(result)
+            for key, value in template.items():
+                if key == "id":
+                    continue
+                elif key == "info":
+                    continue
+                elif key == "http":
+                    template_requests = template.get("http", [])
+                    for request_config in template_requests:
+                        result = self._process_http_request(template_id, template_info, request_config, target_url)
+                        if result:
+                            results.append(result)
+                elif key == "ssl":
+                    template_requests = template.get("ssl", [])
+                    for request_config in template_requests: # SSL
+                        results = self._process_ssl_request(template_id, template_info, request_config, target_url)
         return results
 
-    def _process_request(self, template_id, template_info, request_config, target_url):
+    def _process_ssl_request(self, template_id, template_info, request_config, target_url):
+        paths = request_config.get("path", []) # TODO : Strip this to just domain name in case any path exists 
+        matchers_config = request_config.get("matchers", [])
+        for path in paths:
+            url = path.replace("{{BaseURL}}", target_url).strip("/")
+            try:
+                response = requests.get(url, verify=True)
+                if response.url.startswith("https://"):
+                    return {
+                        "template_id": template_id,
+                        "name": template_info.get("name"),
+                        "author": template_info.get("author"),
+                        "severity": template_info.get("severity"),
+                        "url": url,
+                        "status_code": response.status_code,
+                        "matched": "Flase", # As a postive result
+                    }
+                else:
+                    return {
+                        "template_id": template_id,
+                        "name": template_info.get("name"),
+                        "author": template_info.get("author"),
+                        "severity": template_info.get("severity"),
+                        "url": url,
+                        "status_code": response.status_code,
+                        "matched": "True", # As a negetive result
+                    }
+            except requests.exceptions.SSLError:
+                return {
+                        "template_id": template_id,
+                        "name": template_info.get("name"),
+                        "author": template_info.get("author"),
+                        "severity": template_info.get("severity"),
+                        "url": url,
+                        "status_code": response.status_code,
+                        "matched": "True", # As a negetive result
+                    }
+            except requests.exceptions.RequestException as e:
+                print("The request was errored out ", str(e))
+
+
+    def _process_http_request(self, template_id, template_info, request_config, target_url):
         """
         Process a single request configuration from a template.
         """
diff --git a/main.py b/main.py
index b5598f1..b74d366 100644
--- a/main.py
+++ b/main.py
@@ -68,6 +68,9 @@ def main():
     print(f"Scanning target URL: {target_url}")
     
     results = scanner.scan(target_url)
+    if isinstance(results, dict): # In case only one yaml is preset for the printing to be more clean
+        results = [results]
+        
     for idx, result in enumerate(results):
         print(f"[{idx + 1}]{result['name']}: [{result['matched']}][{result['severity']}]")
 
diff --git a/templates/ssl/detect-ssl-issuer.yaml b/templates/ssl/detect-ssl-issuer.yaml
index f9e224a..825d78c 100644
--- a/templates/ssl/detect-ssl-issuer.yaml
+++ b/templates/ssl/detect-ssl-issuer.yaml
@@ -1,19 +1,16 @@
 id: ssl-issuer
 
 info:
-  name: Detect SSL Certificate Issuer
-  author: Lingtren
-  severity: info
+  name: Check if SSL present 
+  author: DanBrown47
+  severity: high
   description: |
-    Extract the issuer's organization from the target's certificate. Issuers are entities which sign and distribute certificates.
-  metadata:
-    max-request: 1
+    Check if the domain have SSL certificate installed.
   tags: ssl,tls
+
 ssl:
-  - address: "{{Host}}:{{Port}}"
+  - path:
+      - "{{BaseURL}}"
 
-    extractors:
-      - type: json
-        json:
-          - " .issuer_org[]"
-# digest: 4b0a00483046022100bd0a46c7b6830ac660cd83da55422c5850a89b45976bfcd0035a5f03095b4c58022100eab9663bc02f087311822ee77dcd71fbc12d396007e8c8ea86ede19fab4a468a:922c64590222798bb761d5b6d8e72950
+    matchers:
+      - type: generic_ssl

From 6a2c689413e2c07864df4e402c8841cad74a5cf6 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Sat, 18 Jan 2025 09:00:33 +0530
Subject: [PATCH 34/65] jinja

---
 jinja.py | 76 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 76 insertions(+)
 create mode 100644 jinja.py

diff --git a/jinja.py b/jinja.py
new file mode 100644
index 0000000..bf9cfb9
--- /dev/null
+++ b/jinja.py
@@ -0,0 +1,76 @@
+from jinja2 import Template
+import datetime
+
+# Sample scan data
+data = {
+    "website": "http://example.com",
+    "date": datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S"),
+    "total_vulnerabilities": 2,
+    "vulnerabilities": [
+        {
+            "type": "SQL Injection",
+            "severity": "High",
+            "url": "http://example.com/login",
+            "description": "SQL injection vulnerability in login form.",
+            "recommendation": "Sanitize user inputs using prepared statements."
+        },
+        {
+            "type": "XSS",
+            "severity": "Medium",
+            "url": "http://example.com/search",
+            "description": "Reflected XSS vulnerability in the search bar.",
+            "recommendation": "Escape special characters in user input."
+        }
+    ]
+}
+
+# Load HTML template
+template = Template("""
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Website Scan Report</title>
+</head>
+<body>
+    <h1>Website Scan Report</h1>
+    <p><strong>Website:</strong> {{ website }}</p>
+    <p><strong>Scan Date:</strong> {{ date }}</p>
+    <h2>Summary</h2>
+    <p>Total vulnerabilities found: {{ total_vulnerabilities }}</p>
+    <h2>Vulnerability Details</h2>
+    <table border="1">
+        <thead>
+            <tr>
+                <th>Vulnerability</th>
+                <th>Severity</th>
+                <th>Affected URL</th>
+                <th>Description</th>
+                <th>Recommendation</th>
+            </tr>
+        </thead>
+        <tbody>
+            {% for vuln in vulnerabilities %}
+            <tr>
+                <td>{{ vuln.type }}</td>
+                <td>{{ vuln.severity }}</td>
+                <td>{{ vuln.url }}</td>
+                <td>{{ vuln.description }}</td>
+                <td>{{ vuln.recommendation }}</td>
+            </tr>
+            {% endfor %}
+        </tbody>
+    </table>
+</body>
+</html>
+""")
+
+# Render the template with data
+html_report = template.render(data)
+
+# Save the report to a file
+with open("scan_report.html", "w") as file:
+    file.write(html_report)
+
+print("Report generated successfully: scan-report.html")

From 0ebb2b1a3b52031d45cd35a2403054413b94b5be Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Sat, 18 Jan 2025 09:02:09 +0530
Subject: [PATCH 35/65] color added

---
 main.py | 24 ++++++++++++++++++------
 1 file changed, 18 insertions(+), 6 deletions(-)

diff --git a/main.py b/main.py
index b74d366..1c5bfc1 100644
--- a/main.py
+++ b/main.py
@@ -2,6 +2,7 @@
 import argparse
 import os
 import sys
+from colorama import Fore, Style, init  # Import colorama
 sys.path.append(os.path.dirname(os.path.abspath(__file__)))
 import yaml
 from engine.template_parser import load_templates_from_directory
@@ -10,6 +11,9 @@
 
 
 def main():
+    # Initialize colorama
+    init(autoreset=True)
+
     # Show banner at the start
     show_banner()
 
@@ -29,14 +33,12 @@ def main():
             "Default: templates/http"
         ),
     )
-   
     parser.add_argument(
         "-tag",
         nargs="+",
         help="Filter templates by tags. Provide one or more tags to filter.",
     )
 
-
     # Parse the arguments
     args = parser.parse_args()
     target_url = args.target_url
@@ -61,18 +63,28 @@ def main():
         print(f"Invalid path: {templates_path}. Ensure it points to a .yaml file or a directory.")
         exit(1)
 
-    
     scanner = Scanner(templates)
 
     # Run the scan
     print(f"Scanning target URL: {target_url}")
     
     results = scanner.scan(target_url)
-    if isinstance(results, dict): # In case only one yaml is preset for the printing to be more clean
+    if isinstance(results, dict):  # In case only one YAML file is present
         results = [results]
-        
+    
     for idx, result in enumerate(results):
-        print(f"[{idx + 1}]{result['name']}: [{result['matched']}][{result['severity']}]")
+        # Colorize "True" or "False"
+        if str(result["matched"]) == "True":
+            status_color = f"{Fore.GREEN}True{Style.RESET_ALL}"
+        else:
+            status_color = f"{Fore.RED}False{Style.RESET_ALL}"
+
+        # Print the result with colored "True" or "False"
+        print(
+            f"[{idx + 1}]{result['name']}: "
+            f"[{status_color}]"
+            f"[{result['severity'].capitalize()}]"
+        )
 
 
 if __name__ == "__main__":

From 0027667e439ea4e3927b88115ec09334a64b561c Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Sun, 19 Jan 2025 23:01:45 +0530
Subject: [PATCH 36/65] changed

---
 jinja.py | 120 +++++++++++++++++++++++--------------------------------
 1 file changed, 49 insertions(+), 71 deletions(-)

diff --git a/jinja.py b/jinja.py
index bf9cfb9..afb76b0 100644
--- a/jinja.py
+++ b/jinja.py
@@ -1,76 +1,54 @@
+from typing import Dict, Any
 from jinja2 import Template
-import datetime
 
-# Sample scan data
-data = {
-    "website": "http://example.com",
-    "date": datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S"),
-    "total_vulnerabilities": 2,
-    "vulnerabilities": [
-        {
-            "type": "SQL Injection",
-            "severity": "High",
-            "url": "http://example.com/login",
-            "description": "SQL injection vulnerability in login form.",
-            "recommendation": "Sanitize user inputs using prepared statements."
-        },
-        {
-            "type": "XSS",
-            "severity": "Medium",
-            "url": "http://example.com/search",
-            "description": "Reflected XSS vulnerability in the search bar.",
-            "recommendation": "Escape special characters in user input."
-        }
-    ]
-}
+def generate_html_report(data: Dict[str, Any], template_path: str = "scan_report.html"):
+    # Load HTML template
+    template = Template("""
+    <!DOCTYPE html>
+    <html lang="en">
+    <head>
+        <meta charset="UTF-8">
+        <meta name="viewport" content="width=device-width, initial-scale=1.0">
+        <title>Website Scan Report</title>
+    </head>
+    <body>
+        <h1>Website Scan Report</h1>
+        <p><strong>Website:</strong> {{ website }}</p>
+        <p><strong>Scan Date:</strong> {{ date }}</p>
+        <h2>Summary</h2>
+        <p>Total vulnerabilities found: {{ total_vulnerabilities }}</p>
+        <h2>Vulnerability Details</h2>
+        <table border="1">
+            <thead>
+                <tr>
+                    <th>Vulnerability</th>
+                    <th>Severity</th>
+                    <th>Affected URL</th>
+                    <th>Description</th>
+                    <th>Recommendation</th>
+                </tr>
+            </thead>
+            <tbody>
+                {% for vuln in vulnerabilities %}
+                <tr>
+                    <td>{{ vuln.name }}</td>
+                    <td>{{ vuln.severity }}</td>
+                    <td>{{ vuln.url }}</td>
+                    <td>{{ vuln.description }}</td>
+                    <td>{{ vuln.recommendation }}</td>
+                </tr>
+                {% endfor %}
+            </tbody>
+        </table>
+    </body>
+    </html>
+    """)
 
-# Load HTML template
-template = Template("""
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="UTF-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1.0">
-    <title>Website Scan Report</title>
-</head>
-<body>
-    <h1>Website Scan Report</h1>
-    <p><strong>Website:</strong> {{ website }}</p>
-    <p><strong>Scan Date:</strong> {{ date }}</p>
-    <h2>Summary</h2>
-    <p>Total vulnerabilities found: {{ total_vulnerabilities }}</p>
-    <h2>Vulnerability Details</h2>
-    <table border="1">
-        <thead>
-            <tr>
-                <th>Vulnerability</th>
-                <th>Severity</th>
-                <th>Affected URL</th>
-                <th>Description</th>
-                <th>Recommendation</th>
-            </tr>
-        </thead>
-        <tbody>
-            {% for vuln in vulnerabilities %}
-            <tr>
-                <td>{{ vuln.type }}</td>
-                <td>{{ vuln.severity }}</td>
-                <td>{{ vuln.url }}</td>
-                <td>{{ vuln.description }}</td>
-                <td>{{ vuln.recommendation }}</td>
-            </tr>
-            {% endfor %}
-        </tbody>
-    </table>
-</body>
-</html>
-""")
+    # Render the template with data
+    html_report = template.render(data)
 
-# Render the template with data
-html_report = template.render(data)
+    # Save the report to a file
+    with open(template_path, "w") as file:
+        file.write(html_report)
 
-# Save the report to a file
-with open("scan_report.html", "w") as file:
-    file.write(html_report)
-
-print("Report generated successfully: scan-report.html")
+    print(f"Report generated successfully: {template_path}")

From c9a8f96ee2d66c02a251dfef07be02b3a7a3fdb3 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Sun, 19 Jan 2025 23:02:40 +0530
Subject: [PATCH 37/65] sends data to jinja

---
 main.py | 30 ++++++++++++++++++++++++++----
 1 file changed, 26 insertions(+), 4 deletions(-)

diff --git a/main.py b/main.py
index 1c5bfc1..2adef09 100644
--- a/main.py
+++ b/main.py
@@ -1,14 +1,14 @@
-# main.py
 import argparse
 import os
 import sys
+import datetime
 from colorama import Fore, Style, init  # Import colorama
 sys.path.append(os.path.dirname(os.path.abspath(__file__)))
 import yaml
 from engine.template_parser import load_templates_from_directory
 from engine.scanner import Scanner
-from banner import show_banner  
-
+from banner import show_banner
+from jinja import generate_html_report  # Import the generate_html_report function
 
 def main():
     # Initialize colorama
@@ -71,7 +71,9 @@ def main():
     results = scanner.scan(target_url)
     if isinstance(results, dict):  # In case only one YAML file is present
         results = [results]
-    
+
+    # Prepare the results for printing and saving
+    scan_results = []
     for idx, result in enumerate(results):
         # Colorize "True" or "False"
         if str(result["matched"]) == "True":
@@ -86,6 +88,26 @@ def main():
             f"[{result['severity'].capitalize()}]"
         )
 
+        # Store the result in the scan_results list
+        scan_results.append({
+            "name": result['name'],
+            "matched": result['matched'],
+            "severity": result['severity'],
+            "url": result.get('url', 'N/A'),  # Example to capture URL if available
+            "description": result.get('description', 'No description'),
+            "recommendation": result.get('recommendation', 'No recommendation')
+        })
+    
+    # Structure data for the report
+    data = {
+        "website": target_url,
+        "date": datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S"),
+        "total_vulnerabilities": len(scan_results),
+        "vulnerabilities": scan_results
+    }
+
+    # Generate HTML report with the scan_results
+    generate_html_report(data, "scan_report.html")
 
 if __name__ == "__main__":
     main()

From 750f59b3ae02b8482aa6c77430d9c66ebfdc191e Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Sun, 19 Jan 2025 23:03:42 +0530
Subject: [PATCH 38/65] Update scanner.py

---
 engine/scanner.py | 46 +++++-----------------------------------------
 1 file changed, 5 insertions(+), 41 deletions(-)

diff --git a/engine/scanner.py b/engine/scanner.py
index e0f2136..053fb0a 100644
--- a/engine/scanner.py
+++ b/engine/scanner.py
@@ -1,7 +1,7 @@
 import requests  # Alternative to a browser in real lyf
 from typing import Dict, Any, List
 from .matchers import run_matchers
-
+from .scannerssl import _process_ssl_request
 
 class Scanner:
     """
@@ -18,6 +18,9 @@ def scan(self, target_url: str):
         Scan a single target URL with all loaded templates.
         """
         results = []
+    
+
+        
         for template in self.templates:
             template_id = template.get("id", "unknown-id")
             template_info = template.get("info", {})
@@ -38,46 +41,7 @@ def scan(self, target_url: str):
                         results = self._process_ssl_request(template_id, template_info, request_config, target_url)
         return results
 
-    def _process_ssl_request(self, template_id, template_info, request_config, target_url):
-        paths = request_config.get("path", []) # TODO : Strip this to just domain name in case any path exists 
-        matchers_config = request_config.get("matchers", [])
-        for path in paths:
-            url = path.replace("{{BaseURL}}", target_url).strip("/")
-            try:
-                response = requests.get(url, verify=True)
-                if response.url.startswith("https://"):
-                    return {
-                        "template_id": template_id,
-                        "name": template_info.get("name"),
-                        "author": template_info.get("author"),
-                        "severity": template_info.get("severity"),
-                        "url": url,
-                        "status_code": response.status_code,
-                        "matched": "Flase", # As a postive result
-                    }
-                else:
-                    return {
-                        "template_id": template_id,
-                        "name": template_info.get("name"),
-                        "author": template_info.get("author"),
-                        "severity": template_info.get("severity"),
-                        "url": url,
-                        "status_code": response.status_code,
-                        "matched": "True", # As a negetive result
-                    }
-            except requests.exceptions.SSLError:
-                return {
-                        "template_id": template_id,
-                        "name": template_info.get("name"),
-                        "author": template_info.get("author"),
-                        "severity": template_info.get("severity"),
-                        "url": url,
-                        "status_code": response.status_code,
-                        "matched": "True", # As a negetive result
-                    }
-            except requests.exceptions.RequestException as e:
-                print("The request was errored out ", str(e))
-
+    
 
     def _process_http_request(self, template_id, template_info, request_config, target_url):
         """

From d00f8258d3cf63c9a5980971de813475bbdfd2e4 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Sun, 19 Jan 2025 23:04:57 +0530
Subject: [PATCH 39/65] Create scannerssl.py

---
 engine/scannerssl.py | 39 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)
 create mode 100644 engine/scannerssl.py

diff --git a/engine/scannerssl.py b/engine/scannerssl.py
new file mode 100644
index 0000000..d738015
--- /dev/null
+++ b/engine/scannerssl.py
@@ -0,0 +1,39 @@
+def _process_ssl_request(self, template_id, template_info, request_config, target_url):
+        paths = request_config.get("path", []) # TODO : Strip this to just domain name in case any path exists 
+        matchers_config = request_config.get("matchers", [])
+        for path in paths:
+            url = path.replace("{{BaseURL}}", target_url).strip("/")
+            try:
+                response = requests.get(url, verify=True)
+                if response.url.startswith("https://"):
+                    return {
+                        "template_id": template_id,
+                        "name": template_info.get("name"),
+                        "author": template_info.get("author"),
+                        "severity": template_info.get("severity"),
+                        "url": url,
+                        "status_code": response.status_code,
+                        "matched": "Flase", # As a postive result
+                    }
+                else:
+                    return {
+                        "template_id": template_id,
+                        "name": template_info.get("name"),
+                        "author": template_info.get("author"),
+                        "severity": template_info.get("severity"),
+                        "url": url,
+                        "status_code": response.status_code,
+                        "matched": "True", # As a negetive result
+                    }
+            except requests.exceptions.SSLError:
+                return {
+                        "template_id": template_id,
+                        "name": template_info.get("name"),
+                        "author": template_info.get("author"),
+                        "severity": template_info.get("severity"),
+                        "url": url,
+                        "status_code": response.status_code,
+                        "matched": "True", # As a negetive result
+                    }
+            except requests.exceptions.RequestException as e:
+                print("The request was errored out ", str(e))

From 233680a81f3d1565f186d85b62f611cf489a354f Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Wed, 22 Jan 2025 14:24:53 +0530
Subject: [PATCH 40/65] changed

---
 engine/matchers.py | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/engine/matchers.py b/engine/matchers.py
index 5cbbe3a..4ad164f 100644
--- a/engine/matchers.py
+++ b/engine/matchers.py
@@ -66,19 +66,27 @@ def regex_match(response: Response, matcher: Dict[str, Any]) -> bool:
 
 def word_match(response: Response, matcher: Dict[str, Any]) -> bool:
     """ 
-    Checks if th respose body contains the word
+    Checks if the response body contains the specified words.
     """
     words_to_search = matcher.get("words", [])
     condition = matcher.get("condition", "or").lower()
 
-    if not words_to_search or not isinstance(words_to_search, list):
+    # Validate that `words_to_search` contains strings
+    words_to_search = [str(word) for word in words_to_search if isinstance(word, (str, int, float))]
+
+    # Return False if no valid words are available
+    if not words_to_search:
         return False
 
     pool_of_response_text = response.text
+
+    # Check based on the specified condition
     if condition == "and":
         return all(word in pool_of_response_text for word in words_to_search)
     elif condition == "or":
         return any(word in pool_of_response_text for word in words_to_search)
+    else:
+        return False  # Default case if an unknown condition is provided
 
 
 def status_match(response: Response, matcher: Dict[str, Any]) -> bool:
@@ -89,4 +97,3 @@ def status_match(response: Response, matcher: Dict[str, Any]) -> bool:
     return response.status_code in statuses
 
 
-

From 7b08d44a91830de5d029da3e377d57b89f6b3fb2 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Wed, 22 Jan 2025 14:35:13 +0530
Subject: [PATCH 41/65] Delete templates/network/exposed-zookeeper.yaml

---
 templates/network/exposed-zookeeper.yaml | 27 ------------------------
 1 file changed, 27 deletions(-)
 delete mode 100644 templates/network/exposed-zookeeper.yaml

diff --git a/templates/network/exposed-zookeeper.yaml b/templates/network/exposed-zookeeper.yaml
deleted file mode 100644
index f94c485..0000000
--- a/templates/network/exposed-zookeeper.yaml
+++ /dev/null
@@ -1,27 +0,0 @@
-id: exposed-zookeeper
-
-info:
-  name: Apache ZooKeeper - Unauthenticated Access
-  author: pdteam
-  severity: high
-  description: Apache ZooKeeper was able to be accessed without any required authentication.
-  reference:
-    - https://zookeeper.apache.org/security.html
-  metadata:
-    max-request: 1
-  tags: network,zookeeper,unauth,exposure,tcp
-
-tcp:
-  - inputs:
-      - data: "envi\r\nquit\r\n"
-
-    host:
-      - "{{Hostname}}"
-    port: 2181
-    read-size: 2048
-
-    matchers:
-      - type: word
-        words:
-          - "zookeeper.version"
-# digest: 490a0046304402201f3b10c29fa1cd3d672e47a1ee0ba3e03ad1cb39c48e79402cd9f95be773584102201e8c95b99057a1d116218a6528bfdec925523bb7946f6882c3ca4576c27cb3ab:922c64590222798bb761d5b6d8e72950

From e586615d349dc2cb462de538de8289d6a65e7b7f Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Wed, 22 Jan 2025 14:37:35 +0530
Subject: [PATCH 42/65] xss problrm solved

---
 main.py | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/main.py b/main.py
index 2adef09..781420a 100644
--- a/main.py
+++ b/main.py
@@ -5,6 +5,7 @@
 from colorama import Fore, Style, init  # Import colorama
 sys.path.append(os.path.dirname(os.path.abspath(__file__)))
 import yaml
+import html
 from engine.template_parser import load_templates_from_directory
 from engine.scanner import Scanner
 from banner import show_banner
@@ -90,12 +91,12 @@ def main():
 
         # Store the result in the scan_results list
         scan_results.append({
-            "name": result['name'],
-            "matched": result['matched'],
-            "severity": result['severity'],
-            "url": result.get('url', 'N/A'),  # Example to capture URL if available
-            "description": result.get('description', 'No description'),
-            "recommendation": result.get('recommendation', 'No recommendation')
+        "name": html.escape(result['name']),
+        "matched": result['matched'],
+        "severity": html.escape(result['severity']),
+        "url": html.escape(result.get('url', 'N/A')),  # Escape URL
+        "description": html.escape(result.get('description', 'No description')),  # Escape description
+        "recommendation": html.escape(result.get('recommendation', 'No recommendation'))  # Escape recommendation
         })
     
     # Structure data for the report

From 0bfc180b4e2577e468d32d45962529584e75e00f Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Fri, 24 Jan 2025 09:22:13 +0530
Subject: [PATCH 43/65] added weasyprint

---
 jinja.py | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/jinja.py b/jinja.py
index afb76b0..abe6692 100644
--- a/jinja.py
+++ b/jinja.py
@@ -1,5 +1,6 @@
 from typing import Dict, Any
 from jinja2 import Template
+from weasyprint import HTML
 
 def generate_html_report(data: Dict[str, Any], template_path: str = "scan_report.html"):
     # Load HTML template
@@ -47,8 +48,16 @@ def generate_html_report(data: Dict[str, Any], template_path: str = "scan_report
     # Render the template with data
     html_report = template.render(data)
 
-    # Save the report to a file
+     # Save the HTML report to a file
     with open(template_path, "w") as file:
         file.write(html_report)
 
-    print(f"Report generated successfully: {template_path}")
+    print(f"HTML report generated successfully: {template_path}")
+
+def convert_html_to_pdf(html_path: str, pdf_path: str = "scan_report.pdf"):
+    """Convert an HTML report to a PDF using WeasyPrint."""
+    try:
+        HTML(html_path).write_pdf(pdf_path)
+        print(f"PDF report generated successfully: {pdf_path}")
+    except Exception as e:
+        print(f"Error converting HTML to PDF: {e}")

From ea24193a193e25b6bd413da96e502bdd78122130 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Fri, 24 Jan 2025 09:22:51 +0530
Subject: [PATCH 44/65] Update main

---
 main.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/main.py b/main.py
index 781420a..97d3d4b 100644
--- a/main.py
+++ b/main.py
@@ -9,7 +9,7 @@
 from engine.template_parser import load_templates_from_directory
 from engine.scanner import Scanner
 from banner import show_banner
-from jinja import generate_html_report  # Import the generate_html_report function
+from jinja import generate_html_report, convert_html_to_pdf  # Import the generate_html_report and pdf function
 
 def main():
     # Initialize colorama
@@ -109,6 +109,6 @@ def main():
 
     # Generate HTML report with the scan_results
     generate_html_report(data, "scan_report.html")
-
+    convert_html_to_pdf("scan_report.html", "scan_report.pdf")
 if __name__ == "__main__":
     main()

From fa56905ac576539a709987a39b5218b0d0a96786 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Fri, 31 Jan 2025 13:56:22 +0530
Subject: [PATCH 45/65] Create dns-record-check

---
 templates/dns/dns-record-check.yaml | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 templates/dns/dns-record-check.yaml

diff --git a/templates/dns/dns-record-check.yaml b/templates/dns/dns-record-check.yaml
new file mode 100644
index 0000000..84d3487
--- /dev/null
+++ b/templates/dns/dns-record-check.yaml
@@ -0,0 +1,17 @@
+id: dns-record-check
+
+info:
+  name: DNS Record Check
+  author: AliceW
+  severity: medium
+  description: |
+    Check if specific DNS records (A, MX, TXT) are present for a domain.
+  tags: dns,records,misconfiguration
+
+dns:
+  - type: a
+    name: "{{BaseURL}}"
+    matchers:
+      - type: value
+        value: "192.168.0.1"
+

From 26749856b07051abced188f0b318d286e5e36e6e Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Fri, 31 Jan 2025 13:56:48 +0530
Subject: [PATCH 46/65] Delete templates/dns/detect-dangling-cname

---
 templates/dns/detect-dangling-cname.yaml | 38 ------------------------
 1 file changed, 38 deletions(-)
 delete mode 100644 templates/dns/detect-dangling-cname.yaml

diff --git a/templates/dns/detect-dangling-cname.yaml b/templates/dns/detect-dangling-cname.yaml
deleted file mode 100644
index 03d7a24..0000000
--- a/templates/dns/detect-dangling-cname.yaml
+++ /dev/null
@@ -1,38 +0,0 @@
-id: detect-dangling-cname
-
-info:
-  name: CNAME Detect Dangling
-  author: pdteam,nytr0gen
-  severity: info
-  description: A CNAME detect dangling condition was discovered. Most commonly this relates to failing to remove records from the zone once they are no longer needed.
-  reference:
-    - https://securitytrails.com/blog/subdomain-takeover-tips
-    - https://nominetcyber.com/dangling-dns-is-no-laughing-matter/
-    - https://nabeelxy.medium.com/dangling-dns-records-are-a-real-vulnerability-361f2a29d37f
-    - https://docs.microsoft.com/en-us/azure/security/fundamentals/subdomain-takeover
-  classification:
-    cwe-id: CWE-200
-  metadata:
-    max-request: 1
-  tags: dns,takeover
-
-dns:
-  - name: "{{FQDN}}"
-    type: A
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "NXDOMAIN"
-
-      - type: regex
-        part: answer
-        regex:
-          - "IN\tCNAME\t(.+)$"
-
-    extractors:
-      - type: dsl
-        dsl:
-          - cname
-# digest: 4a0a00473045022068970462c003171d31d9f5968e26d73eb7435bea738ae8753ec21bb6a7416028022100ac969c65486f52dcac005333256eeb722f1d1bad1ca642e5ebfb9166891dd1a1:922c64590222798bb761d5b6d8e72950

From b33fb9abe29e7ce9fe04bfd3abf9a300c38f0b57 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Fri, 31 Jan 2025 14:00:20 +0530
Subject: [PATCH 47/65] Create ec2-detection

---
 templates/dns/ec2-detection.yaml | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 templates/dns/ec2-detection.yaml

diff --git a/templates/dns/ec2-detection.yaml b/templates/dns/ec2-detection.yaml
new file mode 100644
index 0000000..a62f050
--- /dev/null
+++ b/templates/dns/ec2-detection.yaml
@@ -0,0 +1,22 @@
+id: ec2-detection
+
+info:
+  name: AWS EC2 Detection
+  author: melbadry9
+  severity: info
+  classification:
+    cwe-id: CWE-200
+  metadata:
+    max-request: 1
+  tags: dns,ec2,aws
+
+dns:
+  - name: "{{BaseURL}}"
+    type: CNAME
+
+    extractors:
+      - type: regex
+        regex:
+          - "ec2-[-\\d]+\\.compute[-\\d]*\\.amazonaws\\.com"
+          - "ec2-[-\\d]+\\.[\\w\\d\\-]+\\.compute[-\\d]*\\.amazonaws\\.com"
+# digest: 490a0046304402200db5f928a66a67c8574159c33c8864f0db076d31b7c6ab658cd792accad1d65702201ccf0864bea4e34bab0d1aff2c6a1ee6ce984c5b87d009e3c0ad918d415ef0d9:922c64590222798bb761d5b6d8e72950

From 5f33f6d61b91e52a23be3925f5b9f342c27dbc0c Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Fri, 31 Jan 2025 14:01:32 +0530
Subject: [PATCH 48/65] dns

---
 templates/dns/dnssec-detection.yaml          |  22 ++
 templates/dns/nameserver-fingerprint.yaml    |  27 +++
 templates/dns/spoofable-spf-records-ptr.yaml |  22 ++
 templates/dns/txt-fingerprint.yaml           |  27 +++
 templates/dns/txt-service-detect.yaml        | 217 +++++++++++++++++++
 templates/dns/worksites-detection.yaml       |  20 ++
 6 files changed, 335 insertions(+)
 create mode 100644 templates/dns/dnssec-detection.yaml
 create mode 100644 templates/dns/nameserver-fingerprint.yaml
 create mode 100644 templates/dns/spoofable-spf-records-ptr.yaml
 create mode 100644 templates/dns/txt-fingerprint.yaml
 create mode 100644 templates/dns/txt-service-detect.yaml
 create mode 100644 templates/dns/worksites-detection.yaml

diff --git a/templates/dns/dnssec-detection.yaml b/templates/dns/dnssec-detection.yaml
new file mode 100644
index 0000000..c1edaa2
--- /dev/null
+++ b/templates/dns/dnssec-detection.yaml
@@ -0,0 +1,22 @@
+id: dnssec-detection
+
+info:
+  name: DNSSEC Detection
+  author: pdteam
+  severity: info
+  
+  classification:
+    cwe-id: CWE-200
+  metadata:
+    max-request: 1
+  tags: dns,dnssec
+
+dns:
+  - name: "{{BaseURL}}"
+    type: DS
+    matchers:
+      - type: regex
+        part: answer
+        regex:
+          - "IN\tDS\\t(.+)$"
+# digest: 4a0a004730450220290ab8ad56a2744d90235725b83a26a9cba804533fd7b4b022016afc1c0ac870022100b9a60da058fee3dd3ee0423ab9760ab1d11352e69b6d0afe695b77b849826f99:922c64590222798bb761d5b6d8e72950
\ No newline at end of file
diff --git a/templates/dns/nameserver-fingerprint.yaml b/templates/dns/nameserver-fingerprint.yaml
new file mode 100644
index 0000000..166500a
--- /dev/null
+++ b/templates/dns/nameserver-fingerprint.yaml
@@ -0,0 +1,27 @@
+id: nameserver-fingerprint
+
+info:
+  name: NS Record Detection
+  author: pdteam
+  severity: info
+  classification:
+    cwe-id: CWE-200
+  metadata:
+    max-request: 1
+  tags: dns,ns
+
+dns:
+  - name: "{{BaseURL}}"
+    type: NS
+    matchers:
+      - type: regex
+        part: answer
+        regex:
+          - "IN\tNS\\t(.+)$"
+
+    extractors:
+      - type: regex
+        group: 1
+        regex:
+          - "IN\tNS\t(.+)"
+# digest: 490a0046304402204c8549e5c2a45732f218c404c2f4d49ed740bb91f27dab259f710952fc089496022058f7dc0d477f9b990d5fac516e5aba8552b222b9b4a1dd17491a4011ffa4ad34:922c64590222798bb761d5b6d8e72950
\ No newline at end of file
diff --git a/templates/dns/spoofable-spf-records-ptr.yaml b/templates/dns/spoofable-spf-records-ptr.yaml
new file mode 100644
index 0000000..97e32eb
--- /dev/null
+++ b/templates/dns/spoofable-spf-records-ptr.yaml
@@ -0,0 +1,22 @@
+id: spoofable-spf-records-ptr
+
+info:
+  name: Spoofable SPF Records with PTR Mechanism
+  author: binaryfigments
+  severity: info
+  classification:
+    cwe-id: CWE-200
+  metadata:
+    max-request: 1
+  tags: dns,spf
+
+dns:
+  - name: "{{BaseURL}}"
+    type: TXT
+    matchers:
+      - type: word
+        words:
+          - "v=spf1"
+          - " ptr "
+        condition: and
+# digest: 490a0046304402205db2464b5a702857d30775b25f61f312a8fb1e6586cef7fd3e226b1e68202d9d02203ce1ee037b0e8c4be474aa4730a60fe546824f5f8e5a942f2f0d2ee2165bfd11:922c64590222798bb761d5b6d8e72950
\ No newline at end of file
diff --git a/templates/dns/txt-fingerprint.yaml b/templates/dns/txt-fingerprint.yaml
new file mode 100644
index 0000000..7294df5
--- /dev/null
+++ b/templates/dns/txt-fingerprint.yaml
@@ -0,0 +1,27 @@
+id: txt-fingerprint
+
+info:
+  name: DNS TXT Record Detected
+  author: pdteam
+  severity: info
+  classification:
+    cwe-id: CWE-200
+  metadata:
+    max-request: 1
+  tags: dns,txt
+
+dns:
+  - name: "{{BaseURL}}"
+    type: TXT
+    matchers:
+      - type: regex
+        part: answer
+        regex:
+          - "IN\tTXT\\t(.+)$"
+
+    extractors:
+      - type: regex
+        group: 1
+        regex:
+          - "IN\tTXT\t(.+)"
+# digest: 4b0a00483046022100d9ea414760699f0839a5d1807d059209634442c29976b88728fb98ad68b09a67022100f4c11f94fc53c6ec41a3754a908d54c67b96f34b730f32d26557adacb1692a9b:922c64590222798bb761d5b6d8e72950
\ No newline at end of file
diff --git a/templates/dns/txt-service-detect.yaml b/templates/dns/txt-service-detect.yaml
new file mode 100644
index 0000000..f5e310d
--- /dev/null
+++ b/templates/dns/txt-service-detect.yaml
@@ -0,0 +1,217 @@
+id: txt-service-detect
+
+info:
+  name: DNS TXT Service - Detect
+  author: rxerium
+  severity: info
+  metadata:
+    verified: true
+    max-request: 1
+  tags: dns,txt
+
+dns:
+  - name: "{{BaseURL}}"
+    type: TXT
+
+    matchers-condition: or
+    matchers:
+      - type: word
+        name: "keybase"
+        words:
+          - "keybase-site-verification"
+
+      - type: word
+        name: "proton-mail"
+        words:
+          - "protonmail-verification"
+
+      - type: word
+        name: "webex"
+        words:
+          - "webexdomainverification"
+
+      - type: word
+        name: "apple"
+        words:
+          - "apple-domain-verification"
+
+      - type: word
+        name: "facebook"
+        words:
+          - "facebook-domain-verification"
+
+      - type: word
+        name: "autodesk"
+        words:
+          - "autodesk-domain-verification"
+
+      - type: word
+        name: "stripe"
+        words:
+          - "stripe-verification"
+
+      - type: word
+        name: "atlassian"
+        words:
+          - "atlassian-domain-verification"
+
+      - type: word
+        name: "adobe-sign"
+        words:
+          - "adobe-sign-verification"
+
+      - type: word
+        name: "zoho"
+        words:
+          - "zoho-verification"
+
+      - type: word
+        name: "have-i-been-pwned"
+        words:
+          - "have-i-been-pwned-verification"
+
+      - type: word
+        name: "knowbe4"
+        words:
+          - "knowbe4-site-verification"
+
+      - type: word
+        name: "jamf"
+        words:
+          - "jamf-site-verification"
+
+      - type: word
+        name: "parallels"
+        words:
+          - "parallels-domain-verification"
+
+      - type: word
+        name: "dropbox"
+        words:
+          - "dropbox-domain-verification"
+
+      - type: word
+        name: "vmware-cloud"
+        words:
+          - "vmware-cloud-verification"
+
+      - type: word
+        name: "canva"
+        words:
+          - "canva-site-verification"
+
+      - type: word
+        name: "mongodb"
+        words:
+          - "mongodb-site-verification"
+
+      - type: word
+        name: "slack"
+        words:
+          - "slack-domain-verification"
+
+      - type: word
+        name: "teamViewer"
+        words:
+          - "teamviewer-sso-verification"
+
+      - type: word
+        name: "bugcrowd"
+        words:
+          - "bugcrowd-verification"
+
+      - type: word
+        name: "cisco"
+        words:
+          - "cisco-site-verification"
+
+      - type: word
+        name: "palo-alto-networks"
+        words:
+          - "paloaltonetworks-site-verification"
+
+      - type: word
+        name: "twilio"
+        words:
+          - "twilio-domain-verification"
+
+      - type: word
+        name: "dell-technologies"
+        words:
+          - "dell-technologies-domain-verification"
+
+      - type: word
+        name: "1password"
+        words:
+          - "1password-site-verification"
+
+      - type: word
+        name: "duo"
+        words:
+          - "duo_sso_verification"
+
+      - type: word
+        name: "sophos"
+        words:
+          - "sophos-domain-verification"
+
+      - type: word
+        name: "pinterest"
+        words:
+          - "pinterest-site-verification"
+
+      - type: word
+        name: "citrix"
+        words:
+          - "citrix-verification-code"
+
+      - type: word
+        name: "zapier"
+        words:
+          - "zapier-domain-verification-challenge"
+
+      - type: word
+        name: "uber"
+        words:
+          - "uber-domain-verification"
+
+      - type: word
+        name: "zoom"
+        words:
+          - "zoom-domain-verification"
+
+      - type: word
+        name: "lastpass"
+        words:
+          - "lastpass-verification-code"
+
+      - type: word
+        name: "google-workspace"
+        words:
+          - "google-site-verification"
+
+      - type: word
+        name: "flexera"
+        words:
+          - "flexera-domain-verification"
+
+      - type: word
+        name: "yandex"
+        words:
+          - "yandex-verification"
+
+      - type: word
+        name: "calendly"
+        words:
+          - "calendly-site-verification"
+
+      - type: word
+        name: "docusign"
+        words:
+          - "docusign"
+
+      - type: word
+        name: "whimsical"
+        words:
+          - "whimsical"
+# digest: 4a0a0047304502207f3cfebafdde23640010064ce8dc4fa58a20de6e4a65a43c34cc8f99c992a055022100b8625de624e659dfec53c13473213e9a95620b0cd42914dab9d4a3b1f7832320:922c64590222798bb761d5b6d8e72950
\ No newline at end of file
diff --git a/templates/dns/worksites-detection.yaml b/templates/dns/worksites-detection.yaml
new file mode 100644
index 0000000..70b087b
--- /dev/null
+++ b/templates/dns/worksites-detection.yaml
@@ -0,0 +1,20 @@
+id: detect-worksites
+
+info:
+  name: Worksites.net Service Detection
+  author: melbadry9
+  severity: info
+  classification:
+    cwe-id: CWE-200
+  metadata:
+    max-request: 1
+  tags: dns,service
+
+dns:
+  - name: "{{BaseURL}}"
+    type: A
+    matchers:
+      - type: word
+        words:
+          - "69.164.223.206"
+# digest: 4a0a0047304502206f1d69edc61a00493a4e9228339de95b5c081cc3f997bdc28f784c9719de70b1022100f2b09e254a96166ed72130fc3ad13401d5e75cb6c2146ae8d8ad6aa8d18438c2:922c64590222798bb761d5b6d8e72950
\ No newline at end of file

From c92176e0225359f56811151cd7611aeca230a7f8 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Fri, 31 Jan 2025 14:04:14 +0530
Subject: [PATCH 49/65] Delete templates/http/insecure-deserialization.yaml

---
 templates/http/insecure-deserialization.yaml | 25 --------------------
 1 file changed, 25 deletions(-)
 delete mode 100644 templates/http/insecure-deserialization.yaml

diff --git a/templates/http/insecure-deserialization.yaml b/templates/http/insecure-deserialization.yaml
deleted file mode 100644
index ca4358d..0000000
--- a/templates/http/insecure-deserialization.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-id: insecure-deserialization-test
-info:
-  name: Insecure Deserialization Vulnerability Test
-  description: Test for insecure deserialization vulnerabilities in user inputs.
-  severity: High
-  author: Project
-  tags:
-    - deserialization
-    - security
-
-
-http:
-  - method: POST
-    path:
-      - "{{BaseURL}}/deserialize"
-    body:
-      - "username=admin&password=test&data=%s"  # Potential for insecure deserialization payload
-    headers:
-      Content-Type: application/x-www-form-urlencoded
-    matchers:
-      - type: word
-        words:
-          - "Object"
-          - "deserialization"
-        condition: or

From 3cb6d47bd66e87cc2332ab6f7a5bafff1d5a8bd5 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Fri, 31 Jan 2025 14:05:53 +0530
Subject: [PATCH 50/65] Update banner

---
 banner.py | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/banner.py b/banner.py
index b6f5b7a..f6406be 100644
--- a/banner.py
+++ b/banner.py
@@ -1,22 +1,28 @@
 import logging
 from updateutils import get_update_tool_callback
 from auth.pdcpauth import check_and_validate_credentials
+from colorama import Fore, Style, init
 
+# Initialize colorama
+init(autoreset=True)
 
-# Define the banner
-banner = '''
+# Define the banner with magenta color and green for the version
+banner = f'''
+{Fore.MAGENTA}
              __________________
   ____  ____/_  __/ ____/ ____/
  / __ \/ __ \/ / / __/ / /
 / /_/ / /_/ / / / /___/ /___
 \____/ .___/_/ /_____/\____/
-    /_/                          1.0.0
+    /_/                         {Fore.GREEN}ver 1.0.0{Style.RESET_ALL}
+    
+{Style.RESET_ALL}
 '''
 
 # Show the banner to the user
 def show_banner():
     print(f"{banner}")
-    print("\t\toptec.example.com\n")
+    print("\t\toptec.asfaad.com\n")
 
 # Update nuclei binary/tool to the latest version
 def nuclei_tool_update_callback():

From e16f627b938edba5bd5c135b9f545c945e02dfdd Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Fri, 31 Jan 2025 21:18:17 +0530
Subject: [PATCH 51/65] Update template_parser

---
 engine/template_parser.py | 33 ++++++++++++++++++---------------
 1 file changed, 18 insertions(+), 15 deletions(-)

diff --git a/engine/template_parser.py b/engine/template_parser.py
index 6634742..4b483d4 100644
--- a/engine/template_parser.py
+++ b/engine/template_parser.py
@@ -5,22 +5,25 @@
 
 def load_templates_from_directory(directory: str) -> List[Dict[str, Any]]:
     """
-    Loads all YAML files from the specified directory and returns
-    them as a list of parsed dictionaries.
+    Loads all YAML files from the specified directory and its subdirectories
+    and returns them as a list of parsed dictionaries.
 
-    The directory needs to be till yaml or else nothing at all 
-    incase of no  directory is passed, load all yaml 
-    TODO: Handled by another function - Who will take care of this ?
+    If no directory is passed, it defaults to the current directory.
     """
     templates = []
-    for filename in os.listdir(directory):
-        if filename.endswith(".yaml") or filename.endswith(".yml"):
-            filepath = os.path.join(directory, filename)
-            with open(filepath, "r", encoding="utf-8") as f:
-                try:
-                    data = yaml.safe_load(f) # Using safe load here, I dont want deserialization attack happening here !
-                    if data:
-                        templates.append(data) # TODO : Handle else case YAML errors may need a blank
-                except yaml.YAMLError as e:
-                    print(f"[ERROR] Failed to parse YAML file {filename}: {e}")
+    for root, _, files in os.walk(directory):  # Use os.walk for recursive traversal
+        for filename in files:
+            if filename.endswith(".yaml") or filename.endswith(".yml"):
+                filepath = os.path.join(root, filename)
+                with open(filepath, "r", encoding="utf-8") as f:
+                    try:
+                        data = yaml.safe_load(f)  # Safe load to avoid deserialization attacks
+                        if data:
+                            templates.append(data)
+                    except yaml.YAMLError as e:
+                        print(f"[ERROR] Failed to parse YAML file {filename}: {e}")
     return templates
+
+
+
+

From f74dddde7d897c86a136a41a977716e1d24a5346 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Fri, 31 Jan 2025 21:18:35 +0530
Subject: [PATCH 52/65] Delete engine/scannerssl.py

---
 engine/scannerssl.py | 39 ---------------------------------------
 1 file changed, 39 deletions(-)
 delete mode 100644 engine/scannerssl.py

diff --git a/engine/scannerssl.py b/engine/scannerssl.py
deleted file mode 100644
index d738015..0000000
--- a/engine/scannerssl.py
+++ /dev/null
@@ -1,39 +0,0 @@
-def _process_ssl_request(self, template_id, template_info, request_config, target_url):
-        paths = request_config.get("path", []) # TODO : Strip this to just domain name in case any path exists 
-        matchers_config = request_config.get("matchers", [])
-        for path in paths:
-            url = path.replace("{{BaseURL}}", target_url).strip("/")
-            try:
-                response = requests.get(url, verify=True)
-                if response.url.startswith("https://"):
-                    return {
-                        "template_id": template_id,
-                        "name": template_info.get("name"),
-                        "author": template_info.get("author"),
-                        "severity": template_info.get("severity"),
-                        "url": url,
-                        "status_code": response.status_code,
-                        "matched": "Flase", # As a postive result
-                    }
-                else:
-                    return {
-                        "template_id": template_id,
-                        "name": template_info.get("name"),
-                        "author": template_info.get("author"),
-                        "severity": template_info.get("severity"),
-                        "url": url,
-                        "status_code": response.status_code,
-                        "matched": "True", # As a negetive result
-                    }
-            except requests.exceptions.SSLError:
-                return {
-                        "template_id": template_id,
-                        "name": template_info.get("name"),
-                        "author": template_info.get("author"),
-                        "severity": template_info.get("severity"),
-                        "url": url,
-                        "status_code": response.status_code,
-                        "matched": "True", # As a negetive result
-                    }
-            except requests.exceptions.RequestException as e:
-                print("The request was errored out ", str(e))

From 7668d8291b1744de6ec76779c2325ace2bec2d6b Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Fri, 31 Jan 2025 21:19:14 +0530
Subject: [PATCH 53/65] Update scanner.py

---
 engine/scanner.py | 146 ++++++++++++++++++++++++++++++++++++++++++----
 1 file changed, 135 insertions(+), 11 deletions(-)

diff --git a/engine/scanner.py b/engine/scanner.py
index 053fb0a..ff7194c 100644
--- a/engine/scanner.py
+++ b/engine/scanner.py
@@ -1,7 +1,9 @@
 import requests  # Alternative to a browser in real lyf
 from typing import Dict, Any, List
+import dns.resolver
+from urllib.parse import urlparse
 from .matchers import run_matchers
-from .scannerssl import _process_ssl_request
+
 
 class Scanner:
     """
@@ -14,20 +16,15 @@ def __init__(self, templates: List[Dict[str, Any]]):
         self.logged_urls = set()  # Set to track already logged URLs for warnings
 
     def scan(self, target_url: str):
-        """
-        Scan a single target URL with all loaded templates.
-        """
+     #Scan a single target URL with all loaded templates.
+     
         results = []
-    
 
-        
         for template in self.templates:
             template_id = template.get("id", "unknown-id")
             template_info = template.get("info", {})
             for key, value in template.items():
-                if key == "id":
-                    continue
-                elif key == "info":
+                if key in {"id", "info"}:
                     continue
                 elif key == "http":
                     template_requests = template.get("http", [])
@@ -37,8 +34,17 @@ def scan(self, target_url: str):
                             results.append(result)
                 elif key == "ssl":
                     template_requests = template.get("ssl", [])
-                    for request_config in template_requests: # SSL
-                        results = self._process_ssl_request(template_id, template_info, request_config, target_url)
+                    for request_config in template_requests:
+                        result = self._process_ssl_request(template_id, template_info, request_config, target_url)
+                        if result:
+                            results.append(result)
+                elif key == "dns":
+                    template_requests = template.get("dns", [])
+                    for request_config in template_requests:
+                        result = self._process_dns_request(template_id, template_info, request_config, target_url)
+                        if result:
+                            results.append(result)
+
         return results
 
     
@@ -91,3 +97,121 @@ def _process_http_request(self, template_id, template_info, request_config, targ
         return None
 
   
+
+    def _process_dns_request(self, template_id, template_info, request_config, target_url):
+        """
+        Process DNS-related requests from a template.
+        """
+        # Extract domain from target_url
+        parsed_url = urlparse(target_url)
+        url = parsed_url.netloc  # Use netloc to get the domain (e.g., 'example.com')
+        
+        query_type = request_config.get("type", "A").upper()  # Default to A record
+        query_url = request_config.get("query", "").replace("{{BaseDomain}}", url)
+        matchers_config = request_config.get("matchers", [])
+        
+        try:
+            # Perform DNS query
+            answers = dns.resolver.resolve(query_url, query_type)
+            response_data = [answer.to_text() for answer in answers]
+
+            # Inline evaluation of matchers
+            matched_result = True
+            for matcher in matchers_config:
+                matcher_type = matcher.get("matcher_type")
+                if matcher_type == "value":
+                    expected_value = matcher.get("value", "")
+                    if expected_value not in response_data:
+                        matched_result = False
+                        break
+                elif matcher_type == "exists":
+                    if not response_data:  # Fail if there are no DNS results
+                        matched_result = False
+                        break
+
+            return {
+                "template_id": template_id,
+                "name": template_info.get("name"),
+                "author": template_info.get("author"),
+                "severity": template_info.get("severity"),
+                "url": query_url,
+                "query_type": query_type,
+                "response_data": response_data,
+                "matched": matched_result,
+            }
+
+        except dns.resolver.NoAnswer:
+            # Handle NoAnswer gracefully, similar to NXDOMAIN
+            return {
+                "template_id": template_id,
+                "name": template_info.get("name"),
+                "author": template_info.get("author"),
+                "severity": template_info.get("severity"),
+                "url": query_url,
+                "query_type": query_type,
+                "response_data": [],
+                "matched": False,
+            }
+        except dns.resolver.NXDOMAIN:
+            print(f"Domain {query_url} does not exist.")
+            return {
+                "template_id": template_id,
+                "name": template_info.get("name"),
+                "author": template_info.get("author"),
+                "severity": template_info.get("severity"),
+                "url": query_url,
+                "query_type": query_type,
+                "response_data": [],
+                "matched": False,
+            }
+        except Exception as e:
+            print(f"[ERROR] DNS query failed for {query_url}: {e}")
+            return {
+                "template_id": template_id,
+                "name": template_info.get("name"),
+                "author": template_info.get("author"),
+                "severity": template_info.get("severity"),
+                "url": query_url,
+                "query_type": query_type,
+                "response_data": [],
+                "matched": False,
+            }
+    def _process_ssl_request(self, template_id, template_info, request_config, target_url):
+        paths = request_config.get("path", []) # TODO : Strip this to just domain name in case any path exists 
+        matchers_config = request_config.get("matchers", [])
+        for path in paths:
+            url = path.replace("{{BaseURL}}", target_url).strip("/")
+            try:
+                response = requests.get(url, verify=True)
+                if response.url.startswith("https://"):
+                    return {
+                        "template_id": template_id,
+                        "name": template_info.get("name"),
+                        "author": template_info.get("author"),
+                        "severity": template_info.get("severity"),
+                        "url": url,
+                        "status_code": response.status_code,
+                        "matched": "True", # As a postive result
+                    }
+                else:
+                    return {
+                        "template_id": template_id,
+                        "name": template_info.get("name"),
+                        "author": template_info.get("author"),
+                        "severity": template_info.get("severity"),
+                        "url": url,
+                        "status_code": response.status_code,
+                        "matched": "False", # As a negetive result
+                    }
+            except requests.exceptions.SSLError:
+                return {
+                        "template_id": template_id,
+                        "name": template_info.get("name"),
+                        "author": template_info.get("author"),
+                        "severity": template_info.get("severity"),
+                        "url": url,
+                        "status_code": response.status_code,
+                        "matched": "False", # As a negetive result
+                    }
+            except requests.exceptions.RequestException as e:
+                print("The request was errored out ", str(e))

From 52ffcdea4de262281246e1e790761f6f561707c4 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Fri, 31 Jan 2025 21:20:13 +0530
Subject: [PATCH 54/65] Update utils.py

---
 engine/utils.py | 34 ++++++++++++++++++++++++++++------
 1 file changed, 28 insertions(+), 6 deletions(-)

diff --git a/engine/utils.py b/engine/utils.py
index eab47ec..d75eee3 100644
--- a/engine/utils.py
+++ b/engine/utils.py
@@ -1,11 +1,33 @@
-import json
 from typing import List, Dict, Any
+import datetime
 
-
-def print_results(results: List[Dict[str, Any]]):
+def process_scan_results(results: List[Dict[str, Any]], target_url: str) -> Dict[str, Any]:
     """
-    Print or store the results of the scanning in a desired format.
-    Here, we do a simple JSON dump to console.
+    Process scan results to prepare data for reporting.
+
+    Args:
+        results (List[Dict[str, Any]]): List of scan result dictionaries.
+        target_url (str): The URL that was scanned.
+
+    Returns:
+        Dict[str, Any]: Processed data for the report.
     """
+    vulnerabilities = []
     for res in results:
-        print(json.dumps(res, indent=2))
+        if res.get("matched"):
+            vulnerabilities.append({
+                "type": res.get("name", "Unknown"),
+                "severity": res.get("severity", "Unknown").capitalize(),
+                "url": res.get("url", "Unknown"),
+                "description": res.get("description", "No description available."),
+                "recommendation": res.get("recommendation", "No recommendation provided.")
+            })
+
+    report_data = {
+        "website": target_url,
+        "date": datetime.datetime.now().strftime("%Y-%m-%d %H:%M:%S"),
+        "total_vulnerabilities": len(vulnerabilities),
+        "vulnerabilities": vulnerabilities,
+    }
+
+    return report_data

From abc0ff114d27522d9214a1874b4437da75619c9e Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Fri, 31 Jan 2025 21:20:49 +0530
Subject: [PATCH 55/65] main.py

---
 main.py | 23 ++++++++++++++---------
 1 file changed, 14 insertions(+), 9 deletions(-)

diff --git a/main.py b/main.py
index 97d3d4b..228902f 100644
--- a/main.py
+++ b/main.py
@@ -9,7 +9,7 @@
 from engine.template_parser import load_templates_from_directory
 from engine.scanner import Scanner
 from banner import show_banner
-from jinja import generate_html_report, convert_html_to_pdf  # Import the generate_html_report and pdf function
+from jinja import generate_html_report, convert_html_to_pdf,fetch_description_and_recommendation # Import the generate_html_report and pdf function
 
 def main():
     # Initialize colorama
@@ -28,10 +28,10 @@ def main():
     )
     parser.add_argument(
         "-t", "--templates",
-        default="templates/http",
+        default="templates",
         help=(
             "Path to a specific template file or directory containing YAML templates. "
-            "Default: templates/http"
+            "Default: templates"
         ),
     )
     parser.add_argument(
@@ -45,6 +45,8 @@ def main():
     target_url = args.target_url
     templates_path = args.templates
     selected_tags = args.tag
+     # Updated templates path logic
+    templates_path = args.templates or os.getcwd() 
      
     # Check and load YAML templates
     if os.path.isfile(templates_path) and templates_path.endswith(".yaml"):
@@ -90,14 +92,17 @@ def main():
         )
 
         # Store the result in the scan_results list
+    for idx, result in enumerate(results):
+        chatgpt_data = fetch_description_and_recommendation(result['name'], result['severity'])
         scan_results.append({
-        "name": html.escape(result['name']),
-        "matched": result['matched'],
-        "severity": html.escape(result['severity']),
-        "url": html.escape(result.get('url', 'N/A')),  # Escape URL
-        "description": html.escape(result.get('description', 'No description')),  # Escape description
-        "recommendation": html.escape(result.get('recommendation', 'No recommendation'))  # Escape recommendation
+            "name": html.escape(result['name']),
+            "matched": result['matched'],
+            "severity": html.escape(result['severity']),
+            "url": html.escape(result.get('url', 'N/A')),
+            "description": html.escape(chatgpt_data["description"]),
+            "recommendation": html.escape(chatgpt_data["recommendation"])
         })
+
     
     # Structure data for the report
     data = {

From a0cbfb3ee831f1d57b78cc4ea022c4f98ef01497 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Fri, 31 Jan 2025 21:21:19 +0530
Subject: [PATCH 56/65] Update jinja.py

---
 jinja.py | 59 +++++++++++++++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 56 insertions(+), 3 deletions(-)

diff --git a/jinja.py b/jinja.py
index abe6692..a76aef2 100644
--- a/jinja.py
+++ b/jinja.py
@@ -1,7 +1,59 @@
 from typing import Dict, Any
 from jinja2 import Template
+import re
 from weasyprint import HTML
+import google.generativeai as genai
 
+# Set up the API key
+genai.configure(api_key="AIzaSyDQPrM4ZlRoVkOhVh4Ern1imsd5bNtESt8")
+
+# Function to fetch description and recommendation using Google's AI
+def fetch_description_and_recommendation(vuln_name: str, severity: str) -> Dict[str, str]:
+    """Fetch vulnerability description and recommendation using Google's Gemini AI."""
+    try:
+        # Structured prompt for Gemini AI
+        prompt = (
+            f"Explain the cybersecurity issue called '{vuln_name}' with a severity level of '{severity}'. "
+            f"Provide:\n\n"
+            f"1. A detailed description.\n"
+            f"2. A recommended solution.\n\n"
+            f"Format your response as:\n"
+            f"Description: <your description>\n"
+            f"Recommendation: <your recommendation>"
+        )
+
+        # Generate response using Google's AI
+        model = genai.GenerativeModel("gemini-pro")
+        response = model.generate_content(prompt)
+
+        # Validate response structure
+        if response and response.candidates:
+            ai_response = response.candidates[0].content.parts[0].text.strip() if response.candidates[0].content.parts else ""
+
+            if not ai_response:
+                raise ValueError("AI response is empty or incomplete.")
+
+            # Extract description and recommendation
+            description_match = re.search(r"Description:\s*(.*?)\s*(Recommendation:|$)", ai_response, re.DOTALL)
+            recommendation_match = re.search(r"Recommendation:\s*(.*?)$", ai_response, re.DOTALL)
+
+            description = description_match.group(1).strip() if description_match else "No description available."
+            recommendation = recommendation_match.group(1).strip() if recommendation_match else "No recommendation available."
+
+            return {"description": description, "recommendation": recommendation}
+        
+        else:
+            raise ValueError("Google AI response is empty or flagged.")
+
+    except Exception as e:
+        print(f"Error fetching data from Google AI: {e}")
+        return {
+            "description": "Error fetching description.",
+            "recommendation": "Error fetching recommendation."
+        }
+
+
+# Function to generate an HTML report using Jinja2
 def generate_html_report(data: Dict[str, Any], template_path: str = "scan_report.html"):
     # Load HTML template
     template = Template("""
@@ -23,6 +75,7 @@ def generate_html_report(data: Dict[str, Any], template_path: str = "scan_report
             <thead>
                 <tr>
                     <th>Vulnerability</th>
+                    <th>Result</th>
                     <th>Severity</th>
                     <th>Affected URL</th>
                     <th>Description</th>
@@ -33,6 +86,7 @@ def generate_html_report(data: Dict[str, Any], template_path: str = "scan_report
                 {% for vuln in vulnerabilities %}
                 <tr>
                     <td>{{ vuln.name }}</td>
+                    <td>{{ vuln.matched }}</td>
                     <td>{{ vuln.severity }}</td>
                     <td>{{ vuln.url }}</td>
                     <td>{{ vuln.description }}</td>
@@ -48,12 +102,11 @@ def generate_html_report(data: Dict[str, Any], template_path: str = "scan_report
     # Render the template with data
     html_report = template.render(data)
 
-     # Save the HTML report to a file
+    # Save the HTML report to a file
     with open(template_path, "w") as file:
         file.write(html_report)
 
-    print(f"HTML report generated successfully: {template_path}")
-
+# Function to convert HTML report to PDF
 def convert_html_to_pdf(html_path: str, pdf_path: str = "scan_report.pdf"):
     """Convert an HTML report to a PDF using WeasyPrint."""
     try:

From ab185b8807023c8ab94d58009d47be3b042def3f Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Fri, 31 Jan 2025 22:04:02 +0530
Subject: [PATCH 57/65] Update setup.py

---
 setup.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/setup.py b/setup.py
index 8137264..ff91648 100644
--- a/setup.py
+++ b/setup.py
@@ -1,7 +1,7 @@
 from setuptools import setup
 
 setup(
-    name="opTech",
+    name="optec",
     version="1.0.0",
     description="A tool for scanning a target URL using YAML templates.",
     author="X",
@@ -9,7 +9,7 @@
     py_modules=["main"],  # Assuming your file is named main.py
     entry_points={
         "console_scripts": [
-            "optech=main:main",  # Maps the `optech` command to the `main()` function in `main.py`
+            "optec=main:main",  # Maps the `optech` command to the `main()` function in `main.py`
         ],
     },
     install_requires=["pyyaml"],  # Add other dependencies as needed

From d088e3c7097472059f7a51498dff6a7794035f54 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Fri, 31 Jan 2025 22:12:21 +0530
Subject: [PATCH 58/65] Update jinja.py

---
 jinja.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/jinja.py b/jinja.py
index a76aef2..ffbc553 100644
--- a/jinja.py
+++ b/jinja.py
@@ -5,7 +5,7 @@
 import google.generativeai as genai
 
 # Set up the API key
-genai.configure(api_key="AIzaSyDQPrM4ZlRoVkOhVh4Ern1imsd5bNtESt8")
+genai.configure(api_key="API_KEY")
 
 # Function to fetch description and recommendation using Google's AI
 def fetch_description_and_recommendation(vuln_name: str, severity: str) -> Dict[str, str]:

From 6cbab0ec3220ba8397fef766401722acbb3cbb78 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Sun, 23 Mar 2025 23:32:59 +0530
Subject: [PATCH 59/65] Create expired-ssl.yaml

---
 templates/ssl/expired-ssl.yaml | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 templates/ssl/expired-ssl.yaml

diff --git a/templates/ssl/expired-ssl.yaml b/templates/ssl/expired-ssl.yaml
new file mode 100644
index 0000000..61f7629
--- /dev/null
+++ b/templates/ssl/expired-ssl.yaml
@@ -0,0 +1,19 @@
+id: ssl-expiry
+
+info:
+  name: SSL Certificate Expiry Check
+  author: project
+  severity: high
+  description: |
+    Checks the expiration date of an SSL certificate to determine if it is still valid.
+  tags: ssl,tls,certificate,expiry
+
+ssl:
+  - path:
+      - "{{BaseURL}}"
+    
+    
+    matchers:
+      - type: ssl
+        ssl:
+          - "not_expired"

From 44e608749ca658c340489f31b3ceea58146c4bc8 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Sun, 23 Mar 2025 23:33:44 +0530
Subject: [PATCH 60/65] Create self-signed-ssl.yaml

---
 templates/ssl/self-signed-ssl.yaml | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 templates/ssl/self-signed-ssl.yaml

diff --git a/templates/ssl/self-signed-ssl.yaml b/templates/ssl/self-signed-ssl.yaml
new file mode 100644
index 0000000..10807b1
--- /dev/null
+++ b/templates/ssl/self-signed-ssl.yaml
@@ -0,0 +1,18 @@
+id: self-signed-ssl
+
+info:
+  name: Self-Signed SSL Certificate Check
+  author: Project
+  severity: medium
+  description: |
+    Detects if a domain is using a self-signed SSL certificate.
+  tags: ssl,tls,self-signed,security
+
+ssl:
+  - path:
+      - "{{BaseURL}}"
+    
+    matchers:
+      - type: ssl
+        ssl:
+          - "self_signed"

From 0b0c0873cc1a2279b7c640c5ef3b604f2db6e04a Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Sun, 6 Apr 2025 11:10:28 +0530
Subject: [PATCH 61/65] Update jinja.py

---
 jinja.py | 66 ++++++++++++++++++++++++++++++++++++++++----------------
 1 file changed, 47 insertions(+), 19 deletions(-)

diff --git a/jinja.py b/jinja.py
index ffbc553..abb6f53 100644
--- a/jinja.py
+++ b/jinja.py
@@ -1,3 +1,4 @@
+import time
 from typing import Dict, Any
 from jinja2 import Template
 import re
@@ -5,25 +6,27 @@
 import google.generativeai as genai
 
 # Set up the API key
-genai.configure(api_key="API_KEY")
+genai.configure(api_key="apikey")
+
 
-# Function to fetch description and recommendation using Google's AI
 def fetch_description_and_recommendation(vuln_name: str, severity: str) -> Dict[str, str]:
     """Fetch vulnerability description and recommendation using Google's Gemini AI."""
     try:
         # Structured prompt for Gemini AI
         prompt = (
-            f"Explain the cybersecurity issue called '{vuln_name}' with a severity level of '{severity}'. "
-            f"Provide:\n\n"
-            f"1. A detailed description.\n"
-            f"2. A recommended solution.\n\n"
-            f"Format your response as:\n"
-            f"Description: <your description>\n"
-            f"Recommendation: <your recommendation>"
-        )
+        f"Explain the cybersecurity issue called '{vuln_name}' with a severity level of '{severity}'. "
+        f"Provide the following in bullet points, without using asterisks or paragraph formatting:\n\n"
+        f"1. A detailed description.\n"
+        f"2. A recommended solution.\n\n"
+        f"Format your response as:\n"
+        f"Description:\n- <bullet points here>\n"
+        f"Recommendation:\n- <bullet points here>"
+    )
+        
+       
 
         # Generate response using Google's AI
-        model = genai.GenerativeModel("gemini-pro")
+        model = genai.GenerativeModel("gemini-2.0-flash")
         response = model.generate_content(prompt)
 
         # Validate response structure
@@ -53,9 +56,11 @@ def fetch_description_and_recommendation(vuln_name: str, severity: str) -> Dict[
         }
 
 
-# Function to generate an HTML report using Jinja2
+
+# Function to generate HTML report
 def generate_html_report(data: Dict[str, Any], template_path: str = "scan_report.html"):
-    # Load HTML template
+   
+
     template = Template("""
     <!DOCTYPE html>
     <html lang="en">
@@ -70,6 +75,33 @@ def generate_html_report(data: Dict[str, Any], template_path: str = "scan_report
         <p><strong>Scan Date:</strong> {{ date }}</p>
         <h2>Summary</h2>
         <p>Total vulnerabilities found: {{ total_vulnerabilities }}</p>
+        <p>This report presents the results of a comprehensive penetration test conducted on {{website}} internal network and publicly accessible web applications. The objective of this engagement was to assess the security posture of the infrastructure and applications by identifying vulnerabilities, evaluating their potential impact, and providing recommendations for remediation.</p>
+        <h2>Scope of testing</h2>
+        <p>This penetration test focused on evaluating the security of specific components within the network and web application environment. The defined scope included:
+
+1. Network Penetration Testing
+Targeted Services:
+
+DNS (Domain Name System):
+
+DNS zone transfer testing
+
+Cache poisoning checks
+
+DNS enumeration and misconfiguration analysis
+
+SSL/TLS (Secure Sockets Layer / Transport Layer Security):
+
+Certificate validation
+
+SSL/TLS version and cipher suite analysis
+
+Configuration flaws (e.g., support for deprecated protocols, weak ciphers, lack of forward secrecy)
+
+Exclusions: No other network services, hosts, or internal infrastructure were included in the test scope.
+
+2. Web Application Penetration Testing
+Full assessment of the specified web application(s) for vulnerabilities based on the OWASP Top 10 and other common security flaws.</p>
         <h2>Vulnerability Details</h2>
         <table border="1">
             <thead>
@@ -99,18 +131,14 @@ def generate_html_report(data: Dict[str, Any], template_path: str = "scan_report
     </html>
     """)
 
-    # Render the template with data
     html_report = template.render(data)
-
-    # Save the HTML report to a file
     with open(template_path, "w") as file:
         file.write(html_report)
 
 # Function to convert HTML report to PDF
 def convert_html_to_pdf(html_path: str, pdf_path: str = "scan_report.pdf"):
-    """Convert an HTML report to a PDF using WeasyPrint."""
     try:
         HTML(html_path).write_pdf(pdf_path)
-        print(f"PDF report generated successfully: {pdf_path}")
+        print(f"PDF report generated: {pdf_path}")
     except Exception as e:
-        print(f"Error converting HTML to PDF: {e}")
+        print(f"Error converting to PDF: {e}")

From 65612cd91142803f95f2a3c32d7745e64d0a46f5 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Sun, 6 Apr 2025 11:11:35 +0530
Subject: [PATCH 62/65] Update main.py


From f48fd337998755505e83e352a46138e1d5b19351 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Wed, 9 Apr 2025 07:52:55 +0530
Subject: [PATCH 63/65] Update requirments.txt

---
 requirments.txt | Bin 220 -> 127 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)

diff --git a/requirments.txt b/requirments.txt
index c5c6ca4aeab141005fe7ca08a91b65f6fa060866..ad26fcf2f47fbeeb6d36e224b7e94cded4d3ee13 100644
GIT binary patch
literal 127
zcmW-ZO$&oC5Jc~R{FE;F!rLBtSLn6JR9CtX)4GWi`|FLu9OezY8A&S7jOdIDU>(??
z)%cE5sNV8NmYDcYg6JWD(Tb-WPq3{&_UC=*5j!y8v=Ul3Dz&sP@GV+xk`llCIb8gs
MSoW`Qu1&g}129n|(*OVf

literal 220
zcmXYru?~Vj5JX>X;-^S}BX$<{n$S`rXe2?692D~L$n0t^dzagtH?!ZR;mW{B$4zz6
z$w^fO37KBI3$|=%xKm3TMU3ot^3w02UN3TXALD}<qf@6kS}ALHwn_Hymwc!=a^~c-
my%UKNEo+e5n@M+6R&<5!5`3fJnn|kOvoGrZHaFf>=CJ})NgyKt


From e4cfff329f7ce4f7ce09c8c592945835afcec0a5 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Thu, 10 Apr 2025 06:22:54 +0530
Subject: [PATCH 64/65]  dmarc added

---
 templates/dns/dmarc-detection.yaml  | 19 +++++++++++++++++++
 templates/dns/dnssec-detection.yaml | 22 ----------------------
 2 files changed, 19 insertions(+), 22 deletions(-)
 create mode 100644 templates/dns/dmarc-detection.yaml
 delete mode 100644 templates/dns/dnssec-detection.yaml

diff --git a/templates/dns/dmarc-detection.yaml b/templates/dns/dmarc-detection.yaml
new file mode 100644
index 0000000..b82c362
--- /dev/null
+++ b/templates/dns/dmarc-detection.yaml
@@ -0,0 +1,19 @@
+id: dmarc-detection
+
+info:
+  name: DMARC Record Detection
+  severity: info
+  classification:
+    cwe-id: CWE-200
+  metadata:
+    max-request: 1
+  tags: dns,dmarc,email,security,spf
+
+dns:
+  - name: "_dmarc.{{BaseURL}}"
+    type: TXT
+
+    matchers:
+      - type: word
+        words:
+          - "v=DMARC1"
diff --git a/templates/dns/dnssec-detection.yaml b/templates/dns/dnssec-detection.yaml
deleted file mode 100644
index c1edaa2..0000000
--- a/templates/dns/dnssec-detection.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-id: dnssec-detection
-
-info:
-  name: DNSSEC Detection
-  author: pdteam
-  severity: info
-  
-  classification:
-    cwe-id: CWE-200
-  metadata:
-    max-request: 1
-  tags: dns,dnssec
-
-dns:
-  - name: "{{BaseURL}}"
-    type: DS
-    matchers:
-      - type: regex
-        part: answer
-        regex:
-          - "IN\tDS\\t(.+)$"
-# digest: 4a0a004730450220290ab8ad56a2744d90235725b83a26a9cba804533fd7b4b022016afc1c0ac870022100b9a60da058fee3dd3ee0423ab9760ab1d11352e69b6d0afe695b77b849826f99:922c64590222798bb761d5b6d8e72950
\ No newline at end of file

From c2d3a4c3e212baae28b6407d839ca64f6bdb9ba9 Mon Sep 17 00:00:00 2001
From: Fathima Firoz <98166163+mynameisfathima@users.noreply.github.com>
Date: Thu, 10 Apr 2025 06:23:43 +0530
Subject: [PATCH 65/65] DKIM added

---
 templates/dns/dns-record-check.yaml | 26 ++++++++++++++------------
 1 file changed, 14 insertions(+), 12 deletions(-)

diff --git a/templates/dns/dns-record-check.yaml b/templates/dns/dns-record-check.yaml
index 84d3487..9523357 100644
--- a/templates/dns/dns-record-check.yaml
+++ b/templates/dns/dns-record-check.yaml
@@ -1,17 +1,19 @@
-id: dns-record-check
+id: dkim-detection
 
 info:
-  name: DNS Record Check
-  author: AliceW
-  severity: medium
-  description: |
-    Check if specific DNS records (A, MX, TXT) are present for a domain.
-  tags: dns,records,misconfiguration
+  name: DKIM Record Detection
+  severity: info
+  classification:
+    cwe-id: CWE-200
+  metadata:
+    max-request: 1
+  tags: dns,dkim,email,security
 
 dns:
-  - type: a
-    name: "{{BaseURL}}"
-    matchers:
-      - type: value
-        value: "192.168.0.1"
+  - name: "default._domainkey.{{BaseURL}}"
+    type: TXT
 
+    matchers:
+      - type: word
+        words:
+          - "v=DKIM1"