DefectDojo Login Panel - Detect

What is the "DefectDojo Login Panel - Detect?"

The "DefectDojo Login Panel - Detect" module is designed to detect the presence of the DefectDojo login panel. DefectDojo is a software application used for managing and tracking security vulnerabilities. This module focuses on identifying the login panel of DefectDojo, which allows users to access the application and its features.

This module has an informative severity level, meaning it provides valuable information without indicating any immediate security risks or vulnerabilities.

Impact

The impact of this module is limited to providing information about the presence of the DefectDojo login panel. It does not directly impact the security or functionality of the application.

How the module works?

The "DefectDojo Login Panel - Detect" module works by sending an HTTP GET request to the "/login?next=" path of the target application. It then checks the response for a specific HTML code snippet that indicates the presence of the DefectDojo login panel.

The matching condition used in this module is a word matcher that looks for the following code snippet:

<img src="/static/dojo/img/logo.png" alt="DefectDojo Logo"

If this code snippet is found in the response, the module considers the DefectDojo login panel to be present.

It's important to note that this module does not perform any active actions or exploit any vulnerabilities. It solely focuses on detecting the login panel of DefectDojo.