Skip to content

[SignatureBot] Add or update signature nucleitemplates_aws-bucket-takeover.yml#883

Open
liquidsec wants to merge 1 commit into
devfrom
new-signature-nucleitemplates_aws-bucket-takeover.yml
Open

[SignatureBot] Add or update signature nucleitemplates_aws-bucket-takeover.yml#883
liquidsec wants to merge 1 commit into
devfrom
new-signature-nucleitemplates_aws-bucket-takeover.yml

Conversation

@liquidsec
Copy link
Copy Markdown
Collaborator

@liquidsec liquidsec commented Apr 27, 2026

Add or update signature: nucleitemplates_aws-bucket-takeover.yml

This PR adds or updates the follow signature:

identifiers:
  cnames: []
  ips: []
  nameservers: []
  not_cnames:
  - type: word
    value: amazonaws.com
  - type: word
    value: ks3.ksyun.com
  - type: word
    value: kss.ksyun.com
  - type: word
    value: kss3.ksyun.com
  - type: word
    value: ks3-cn-beijing.ksyun.com
  - type: word
    value: ks3-cn-guangzhou.ksyun.com
  - type: word
    value: ks3-cn-hk-1.ksyun.com
  - type: word
    value: ks3-cn-shanghai.ksyun.com
  - type: word
    value: ks3-jr-beijing.ksyun.com
  - type: word
    value: ks3-jr-shanghai.ksyun.com
  - type: word
    value: ks3-rus.ksyun.com
  - type: word
    value: ks3-sgp.ksyun.com
  - type: word
    value: obs.jrzq.huaweicloud.com
  - type: word
    value: obs.petalpay.huaweicloud.com
  - type: word
    value: oss-cn-hangzhou.aliyuncs.com
  - type: word
    value: oss-cn-shanghai.aliyuncs.com
  - type: word
    value: oss-cn-qingdao.aliyuncs.com
  - type: word
    value: oss-cn-beijing.aliyuncs.com
  - type: word
    value: oss-cn-zhangjiakou.aliyuncs.com
  - type: word
    value: oss-cn-huhehaote.aliyuncs.com
  - type: word
    value: oss-cn-shenzhen.aliyuncs.com
  - type: word
    value: oss-cn-hongkong.aliyuncs.com
  - type: word
    value: oss-us-west-1.aliyuncs.com
  - type: word
    value: oss-us-east-1.aliyuncs.com
  - type: word
    value: oss-ap-southeast-1.aliyuncs.com
  - type: word
    value: oss-ap-southeast-2.aliyuncs.com
  - type: word
    value: oss-ap-southeast-3.aliyuncs.com
  - type: word
    value: oss-ap-southeast-5.aliyuncs.com
  - type: word
    value: oss-ap-south-1.aliyuncs.com
  - type: word
    value: oss-ap-northeast-1.aliyuncs.com
  - type: word
    value: oss-eu-central-1.aliyuncs.com
  - type: word
    value: oss-me-east-1.aliyuncs.com
matcher_rule:
  matchers:
  - dsl:
    - Host != ip
    type: dsl
  - condition: and
    part: body
    type: word
    words:
    - The specified bucket does not exist
    - BucketName
  - dsl:
    - contains(tolower(header), 'x-guploader-uploadid')
    - contains(tolower(header), "aliyunoss")
    negative: true
    type: dsl
  - negative: true
    part: host
    regex:
    - ^[a-z0-9][a-z0-9-]+-[0-9]{12}-[a-z0-9-]+-an\.s3\.[a-z0-9-]+\.amazonaws\.com
    type: regex
  matchers-condition: and
mode: http
negative_signature: false
service_name: AWS Bucket Takeover Detection
source: nucleitemplates

@github-actions
Copy link
Copy Markdown

github-actions Bot commented Apr 27, 2026


Thank you for your submission, we really appreciate it. Like many open-source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution. You can sign the CLA by just posting a Pull Request Comment same as the below format.

I have read the CLA Document and I hereby sign the CLA

You can retrigger this bot by commenting recheck in this Pull Request. Posted by the CLA Assistant Lite bot.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@liquidsec @actions-user