Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "SonarQube Panel - Detect" module is designed to detect the presence of the SonarQube panel. SonarQube is a software platform used for continuous code quality inspection to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities. This module focuses on identifying the SonarQube panel and provides informative results about its presence.
This module has an informative severity level, which means it provides valuable information but does not indicate a direct security threat.
Author: dhiyaneshDk
The impact of detecting the SonarQube panel is primarily informational. It helps users identify if SonarQube is being used in their environment and provides insights into the code quality and security practices being followed.
The "SonarQube Panel - Detect" module works by sending an HTTP request to the target system and analyzing the response. It looks for a specific HTML element, in this case, the <title> tag containing the text "SonarQube". If the response contains this element, the module considers the SonarQube panel to be present.
Example HTTP request:
GET /sessions/new
The module matches the response body against the specified condition, which checks for the presence of the <title> tag with the text "SonarQube". If the condition is met, the module reports the detection of the SonarQube panel.
Metadata:
- max-request: 1