Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Prometheus Panel - Detect

By kannthu

Vidoc logoVidoc Module

What is the "Prometheus Panel - Detect" module?

The "Prometheus Panel - Detect" module is designed to detect the presence of the Prometheus panel. Prometheus is a time series collection and processing server used for monitoring and alerting in modern cloud-native environments. This module focuses on identifying instances of the Prometheus panel, which can help in assessing the security posture of a target system.

This module has an informative severity level, meaning it provides valuable information without indicating a specific vulnerability or misconfiguration.

This module was authored by organiccrap.


The impact of detecting the Prometheus panel is primarily informational. It does not indicate any specific security vulnerabilities or misconfigurations. Instead, it provides insights into the presence of Prometheus, which can be useful for further analysis and assessment of the target system's security.

How does the module work?

The "Prometheus Panel - Detect" module operates by sending an HTTP GET request to the target system's "/graph" path. It then applies a matching condition to check if the response contains the HTML title tag "<title>Prometheus Time Series Collection and Processing Server</title>". If this condition is met, the module considers the Prometheus panel to be present.

By analyzing the response of the HTTP request, the module can determine if the target system hosts a Prometheus panel.

It's important to note that this module is just one test case within the Vidoc platform, which utilizes multiple modules to perform comprehensive scanning and assessment.

The maximum number of requests made by this module is limited to 1.

Module preview

Concurrent Requests (1)
1. HTTP Request template
Matching conditions
word: <title>Prometheus Time Series Collection...
Passive global matcher
No matching conditions.
On match action
Report vulnerability