-
Notifications
You must be signed in to change notification settings - Fork 46
/
Copy pathqueries.txt
138 lines (122 loc) · 3.28 KB
/
queries.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
Simple
======
All responses that set cookies:
response.headernames:"Set-Cookie"
All responses without X-Frame-Options header:
NOT response.headernames:"X-Frame-Options"
All detected HTML responses:
response.inferred_content_type:html
Detected and declared HTML responses:
response.inferred_content_type:html OR response.content_type:html
All request with a particular parameter:
request.parameternames:csrftoken
All request without a particular parameter:
NOT request.parameternames:csrftoken
...only POST requests:
request.method:POST -request.parameternames.raw:"csrftoken"
All responses without a doctype definition:
response.inferred_content_type:html -doctype
...and only 200 responses:
response.status:200 AND response.inferred_content_type:html -doctype
All responses that were recognized as HTML but declared as something different:
response.inferred_content_type:html -response.content_type:html
JSON
====
All requests with HEADERNAME header:
{
"query": {
"nested": {
"path": "response.headers",
"query": {
"match_phrase": {
"response.headers.name": "HEADERNAME"
}
}
}
}
}
All requests without HEADERNAME header:
{
"query": {
"bool": {
"must_not": {
"nested": {
"path": "response.headers",
"query": {
"match_phrase": {
"response.headers.name": "HEADERNAME"
}
}
}
}
}
}
}
All requests with HEADERNAME header with value VALUE:
{
"query": {
"nested": {
"path": "response.headers",
"query": {
"bool": {
"must_not": {
"match_phrase": {
"response.headers.name": "X-Frame-Options"
},
"match_phrase": {
"response.headers.value": "SAMEORIGIN"
}
}
}
}
}
}
}
All requests without HEADERNAME header with value VALUE:
{
"query": {
"bool": {
"must_not": {
"nested": {
"path": "response.headers",
"query": {
"match_phrase": {
"response.headers.name": "HEADERNAME",
"response.headers.value": "VALUE"
}
}
}
}
}
}
}
All POST requests:
{
"query": {
"match_phrase": {
"request.method": "POST"
}
}
}
All POST requests without parameter PARAMNAME:
{
"query": {
"bool": {
"must": {
"match_phrase": {
"request.method": "POST"
}
},
"must_not": {
"nested": {
"path": "request.parameters",
"query": {
"match_phrase": {
"request.parameters.name": "PARAMNAME"
}
}
}
}
}
}
}