更新: 359 个文件 - 2026-03-16 23:30:01

08-threat-intel/repro-profiles/family-generic/proxy-boundary-generic.yaml

@@ -0,0 +1,40 @@
+profile_id: proxy-boundary-generic
+match_rules:
+  keywords:
+    - proxy
+    - middleware
+    - header trust
+vuln_family: proxy-boundary
+provisioning_mode: real
+artifact_source:
+  strategy: official-image-or-source
+required_services:
+  - app
+seed_actions:
+  - kind: note
+    message: Log reverse-proxy and application headers before any trust-boundary test.
+baseline_actions:
+  - kind: tool
+    tool: site-scope-mapper
+    args:
+      - "--target"
+      - "127.0.0.1"
+      - "--evidence-dir"
+      - "{evidence_dir}"
+      - "--run-id"
+      - "{run_id}"
+      - "--case-id"
+      - "{case_id}"
+attack_actions:
+  - kind: note
+    message: Perform minimal forwarded-header manipulation only inside isolated lab paths.
+browser_assertions:
+  required: false
+success_criteria:
+  - Header trust discrepancy is captured with upstream/downstream logs.
+cleanup_policy: destroy
+destructive_risk: medium
+allowed_target_types:
+  - lab-local
+  - lab-public
+  - authorized-third-party