Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Zuul Panel - Detect

By kannthu

Vidoc logoVidoc Module

What is the "Zuul Panel - Detect" module?

The "Zuul Panel - Detect" module is designed to detect the presence of the ZUUL panel, a component of the Zuul CI/CD system. This module focuses on identifying misconfigurations, vulnerabilities, or specific software fingerprints related to the Zuul panel. It provides informative insights into the detected issues, allowing users to take appropriate actions to address them. The severity of the detected issues is classified as informative, providing valuable information without indicating immediate threats.

This module was authored by Yuzhe-zhang-0.


The impact of the detected issues depends on the specific misconfigurations, vulnerabilities, or software fingerprints found in the Zuul panel. It is crucial to address these issues promptly to ensure the proper functioning and security of the Zuul CI/CD system.

How does the module work?

The "Zuul Panel - Detect" module utilizes HTTP request templates and matching conditions to identify the presence of the Zuul panel. It sends specific HTTP requests to the target system and analyzes the responses based on predefined criteria.

One example of an HTTP request used by this module is:

GET /api/tenants
GET /api/status

The module applies the following matching conditions:

- Matcher 1: Looks for specific words in the response body, including "name," "projects," and "queue." - Matcher 2: Searches for the word "zuul_version" in any part of the response.

The module considers a match if any of the matching conditions are met (matchers-condition: "or").

By analyzing the responses and matching conditions, the module determines whether the Zuul panel is present on the target system.

For more information about the Zuul panel, you can refer to the official Zuul repository.


- Max Request: 2 - Shodan Query: http.favicon.hash:-1127895693

Module preview

Concurrent Requests (1)
1. HTTP Request template
Matching conditions
word: "name":, "projects":, "queue":or
word: zuul_version
Passive global matcher
No matching conditions.
On match action
Report vulnerability