Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Redis Enterprise - Detect

By kannthu

Vidoc logoVidoc Module

Redis Enterprise - Detect

What is Redis Enterprise - Detect?

Redis Enterprise - Detect is a module designed to detect misconfigurations in Redis Enterprise, an enterprise-class Redis database for developers. This module focuses on identifying potential vulnerabilities and providing informative results.

Severity: Informative

Author: tess


This module helps identify misconfigurations in Redis Enterprise, which can have various impacts depending on the specific vulnerabilities found. By detecting these issues, organizations can take appropriate measures to secure their Redis databases and prevent potential data breaches or unauthorized access.

How does the module work?

The Redis Enterprise - Detect module utilizes HTTP request templates and matching conditions to perform its scanning. It sends HTTP requests to specific endpoints and applies matching conditions to determine if misconfigurations or vulnerabilities exist.

Example HTTP request:

GET /#/login

Matching conditions:

- Body contains the words "Enterprise-Class Redis for Developers" and "cm/config/environment" - Response status is 200

If these conditions are met, the module will report the identified misconfiguration or vulnerability.

Note: The actual JSON definitions of the module are not shown here for simplicity.

Module preview

Concurrent Requests (1)
1. HTTP Request template
Matching conditions
word: Enterprise-Class Redis for Developers, c...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability