vpatch-symfony-profiler AppSec Rule

« vpatch-symfony-profiler »
v0.1 by crowdsecurity
AppSec rule

Detect abuse of symfony profiler

Installation

cscli appsec-rules install crowdsecurity/vpatch-symfony-profiler

YAML Configuration

1name: crowdsecurity/vpatch-symfony-profiler
2description: "Detect abuse of symfony profiler"
3rules:
4  - zones:
5    - URI
6    transform:
7    - lowercase
8    match:
9      type: contains
10      value: /_profiler/phpinfo
11  - zones:
12    - URI
13    transform:
14    - lowercase
15    match:
16      type: contains
17      value: /_profiler/open
18labels:
19  type: scan
20  service: http
21  confidence: 3
22  spoofable: 0
23  behavior: "http:scan"
24  label: "Access to symfony profiler"
25  classification:
26   - attack.T1595
27   - attack.T1190
28

Hub Appsec rule

« vpatch-symfony-profiler »v0.1 by crowdsecurityAppSec rule

« vpatch-symfony-profiler »
v0.1 by crowdsecurity
AppSec rule