rules:
- name: "spring_actuator"
path: "/actuator"
signature: "Spring Boot"
description: "Spring Boot Actuator base endpoint"
severity: "high"
- name: "spring_env"
path: "/actuator/env"
signature: "Spring Boot"
description: "Spring environment variables (may contain secrets)"
severity: "critical"
- name: "spring_beans"
path: "/actuator/beans"
signature: "Spring Boot"
description: "Spring beans configuration"
severity: "high"
- name: "spring_heapdump"
path: "/actuator/heapdump"
signature: "Spring Boot"
description: "JVM heap dump (may contain secrets)"
severity: "critical"
- name: "spring_jolokia"
path: "/actuator/jolokia"
signature: "Spring Boot"
description: "Jolokia JMX access"
severity: "critical"
- name: "spring_logfile"
path: "/actuator/logfile"
signature: "Spring Boot"
description: "Application log file"
severity: "high"
- name: "spring_mappings"
path: "/actuator/mappings"
signature: "Spring Boot"
description: "Request mapping details"
severity: "high"
- name: "spring_shutdown"
path: "/actuator/shutdown"
signature: "Spring Boot"
description: "Shutdown endpoint"
severity: "critical"
- name: "java_jndi"
path: "/jndi"
signature: "Java JNDI"
description: "Java JNDI lookup endpoint"
severity: "critical"
- name: "java_jmx"
path: "/jmx"
signature: "JMX"
description: "Java Management Extensions"
severity: "high"
- name: "tomcat_manager"
path: "/manager/html"
signature: "Tomcat"
description: "Tomcat Manager application"
severity: "critical"
- name: "jenkins_dashboard"
path: "/jenkins"
signature: "Jenkins"
description: "Jenkins CI/CD dashboard"
severity: "high"
- name: "solr_admin"
path: "/solr/admin"
signature: "Solr"
description: "Apache Solr admin interface"
severity: "high"
- name: "elastic_search"
path: "/_search"
signature: "Elasticsearch"
description: "Elasticsearch search endpoint"
severity: "high"
- name: "elastic_cat"
path: "/_cat"
signature: "Elasticsearch"
description: "Elasticsearch cat API"
severity: "high"
- name: "web_inf"
path: "/WEB-INF"
signature: "Java Web"
description: "Exposed WEB-INF directory"
severity: "critical"
- name: "web_inf_web_xml"
path: "/WEB-INF/web.xml"
signature: "Java Web"
description: "Exposed web.xml configuration"
severity: "critical"
- name: "meta_inf"
path: "/META-INF"
signature: "Java Web"
description: "Exposed META-INF directory"
severity: "critical"
- name: "classes_directory"
path: "/WEB-INF/classes"
signature: "Java Web"
description: "Exposed Java classes directory"
severity: "critical"
- name: "lib_directory"
path: "/WEB-INF/lib"
signature: "Java Web"
description: "Exposed Java library directory"
severity: "high"
- name: "jsessionid_exposure"
path: ";jsessionid="
signature: "Java Session"
description: "JSESSIONID in URL"
severity: "medium"