hao/websafe-kb
1
0
派生 0
代码 工单 合并请求 1 工作流 软件包 项目 发布 百科 活动
文件
d6b20c098b0b283be1c17ed59763e4c48ae042b1
websafe-kb/08-threat-intel/repro-profiles/family-generic/path-traversal-generic.yaml

31 行
781 B
YAML
原始文件 Blame 文件历史

profile_id: path-traversal-generic
match_rules:
keywords:
- path traversal
- directory traversal
vuln_family: path-traversal
provisioning_mode: real
artifact_source:
strategy: official-image-or-source
required_services:
- app
seed_actions:
- kind: note
message: Use inert marker files inside isolated volume mounts only.
baseline_actions:
- kind: http-get
path: /
attack_actions:
- kind: note
message: Validate canonicalization failures with marker files rather than real secrets.
browser_assertions:
required: false
success_criteria:
- Marker file outside intended root becomes reachable or denial path is confirmed.
cleanup_policy: destroy
destructive_risk: medium
allowed_target_types:
- lab-local
- lab-public
- authorized-third-party
在新工单中引用 查看 Git Blame 复制永久链接