Merge pull request #591 from Relkci/categoryupdates11042022

Category additions + array index fixes in categories and signatures

Python/categories.txt

@@ -95,7 +95,7 @@ Cisco Systems, Inc. IP Phone CP-7960G;<title>Cisco Systems, Inc.</title>;<img a=
 <strong>Cisco IP Conference Station CP-7937G</strong>;<img border="0" align="bottom" hspace="0" alt="Cisco Systems, Inc." src="/Logo" />;<a href="localmenus.cgi?func=604">|voip
 <p align="center"><b><font color="#FFFFFF" size="4">Cisco Unified IP Phone CP-7962G;<a href="/CGI/Java/Serviceability?|voip
 <p align="center"><b><font size="4" color="#FFFFFF">Cisco Unified IP Phone CP-7975G;/CGI/Java/Serviceability?adapter|voip
-<div id="product"><span>Xirrus XN8 WiFi Array;<div onclick="window.open('http://www.xirrus.com/feedback')";if ( key_code &lt; 0x20 | key_code &gt|highval
+<div id="product"><span>Xirrus XN8 WiFi Array;<div onclick="window.open('http://www.xirrus.com/feedback')";if ( key_code &lt; 0x20; key_code &gt|highval
 <p>If you've forgotten your username or password, please contact your Splunk administrator.<br /><br />username <span>admin</span><br />password <span>changeme</span></p><p></p>;MRSPARKLE;<meta content="Splunk Inc." name="author" />|highval
 dummyActiveXObject = new ActiveXObject('Msxml2.XMLHTTP');<td class="mastheadTitle">HP Designjet T1200</td>|printer
 <strong class="product">HP LaserJet 600 M602</strong>;<link href="/hp/device/theme/onevoice/;action="/hp/device/DeviceStatus/Save">|printer
@@ -135,7 +135,7 @@ div.hpGasGaugeBlock;div.hpPageText;HP LaserJet;MFP Series</title>|printer
 Polycom '+GetCurrentPageName ()+'</title>');document.title = sysName+' - Polycom '+model|voip
 <a href="http://solutions.brother.com/cgi-bin/solutions.cgi?;alt="Brother"|printer
 <img src="iis-85.png";go.microsoft.com/fwlink;IIS Windows|crap
-jenkins;yuiResizeMonitor;projectstatus|highval
+jenkins;yuiResizeMonitor;projectstatus|devops
 <frame src="/index_top.htm" name="Banner" leftmargin="5" noresize="";<frame src="/index_top_2.htm" name="Tabs" leftmargin="25" noresize="";<frame src="/index_down.htm" name="Main";|printer
 Apache2 Ubuntu Default Page;This is the default welcome page|crap
 Dell;status/status.htm;frametop.htm|printer
@@ -250,7 +250,7 @@ a class="login-page-logo" title="Go to;CA Performance Center;form id="frmSignIn"
 <title>AppInternals Xpert;Transaction Trace Warehouse;<div id="login-nav-menu"><div><div class="productSuiteName">APM Xpert|infrastructure
 <title>Avocent DSView 4</title>;Avocent DSView 4 Software End User License Agreement;Point and Click Access and Control|infrastructure
 <title>Axeda Policy Server</title>;Please log in.</td>;EMC Corporation|infrastructure
-<title>Cisco Secure ACS Login</title>;function checkBroserCompatability();Cisco Secure ACS||netdev
+<title>Cisco Secure ACS Login</title>;function checkBroserCompatability();Cisco Secure ACS|netdev
 <title>Cisco Systems Login</title>;<input type="button" onclick="loginAction()" name="bSubmit " value="Login" style="cursor:pointer;<meta name="GENERATOR" content=|netdev
 <title>Dell OpenManage </title>;<frame src="/servlet/Login?omacmd=getlogin&amp;page=Login"|highval
 EMC SourceOne Search Logon;<div class="aspNetHidden">;function __doPostBack(eventTarget, eventArgument)|infrastructure
@@ -324,7 +324,7 @@ Management Studio - Redirection;Refresh;ManagementStudio|redirector
 <title>Log In</title>;title="Go to CA Network Flow Analysis" class="login-page-logo";Network Flow Analysis</span>|infrastructure
 <p id="powered">Powered by <a href="http://www.ruckuswireless.com">Ruckus Wireless</a></p>;<tr><th>Admin Name</th><td><input class="login_input";<tr><th>Password</th><td><input class="login_input";<title>Log In</title>|infrastructure
 <link rel="stylesheet" href="resources/webLogin-all.css">;<title>Polycom Login</title>;<meta http-equiv="X-UA-Compatible" content="IE=edge">;Password:</label></div></div></div>;type="text" role="textbox" size="1" name="userName" class="x-form-field x-form-text|infrastructure
-<title>WebTools | Home</title>;<td align="left" valign="middle" class="name">XeroxC70;set_status_refresh_interval|printer
+<title>WebTools;Home</title>;<td align="left" valign="middle" class="name">XeroxC70;set_status_refresh_interval|printer
 <title>S2 Netbox Login</title>;<!--License IFRAME HERE GOES HERE-->;div id="headerframe"|infrastructure
 <title>Remote Support Portal;Powered by BOMGAR</title>;exitSurveyBox;Show Representatives Help Window;/content/access_key_input.js|infrastructure
 <title>Pritunl</title>;<link rel="icon" type="image/x-icon" href;onSubmit();login-form;var duoUserInput = document.getElementById('duo-username')|infrastructure
@@ -431,7 +431,7 @@ Internet Services;window.document.body.scrollTop;href="JavaScript:parent.fflip;p
 <title>Altova LicenseServer</title>;<span>Please wait...</span>;<div id="statusErrorMessage";<p class="legalese">|infrastructure
 Nimble Storage;/assets/vendor;/oem/settings.js;<!-- Username field -->;data-ember-modal-dialog-overlay|netdev
 <title>Welcome to JBoss™</title>;JBoss Online Resources;<h3>JBoss Management</h3>;href="/status">Tomcat status</a>|highval
-<title>APC | Log On</title>;function isValidBrowser();class="applyCancel"|infrastructure
+<title>APC;Log On</title>;function isValidBrowser();class="applyCancel"|infrastructure
 <head><title>U</title></head>;client-side JavaScript client sniff;client-side JavaScript client sniff|voip
 <title>Liebert IntelliSlot Web Card</title>;var appObj = new Object();document.appObj= appObj|infrastructure
 <title>Lexmark CS725</title>;<img src="/images/printer_logo.png";role="heading">Embedded Web Server</div>|printer
@@ -452,7 +452,7 @@ var jumpProt = jumpURL.substr(0,6).toLowerCase();var argc = setCookie.arguments.
 <title>Netman 204 login</title>;<form id="login" action="cgi-bin/login.cgi";onsubmit="this.submit.disabled='disabled';action="cgi-bin/view.cgi"|infrastructure
 <title>DS-510</title>;<frameset rows="90,*" frameborder="0" framespacing="0" border="0">;<frameset rows="90,*" frameborder="0" framespacing="0" border="0">;<frame src="/en/top.htm" name="top" noresize="" scrolling="no">|printer
 <title>AlienVault OSSIM;<title>AlienVault OSSIM;form name="f_login" id="f_login" method="POST"|infrastructure
-<base href="/sysmgr/">;nwf-loading-indicator class="nwf-loading";upport-href="{{ 'supportHref' | Vendorizer }}|infrastructure
+<base href="/sysmgr/">;nwf-loading-indicator class="nwf-loading";upport-href="{{ 'supportHref'|infrastructure
 <h1>Welcome to nginx!</h1>;<title>Welcome to nginx!</title>;<p>For online documentation and support please refer|crap
 <title>IBM TS7700</title>;<div class="deviceImage"></div>;"productnameLabelSpan">Storage Management|nas
 <title>Login</title>;function initDHTMLAPI() {;var cacUserName = "";hideElement("trInitName", "trInitPwd");name="login_saml" id="login_saml_form"|netdev
@@ -528,4 +528,108 @@ g_strLanguage;g_bHasNote;g_strFirmware;<title>Yealink;loginbox|voip
 IBM FlashSystem 5200;lib-prod/assets/css/Aspen;FlashCopyMappingsSnapshot|nas
 <title>Welcome to Service Assistant</title>;svg focusable;mg alt="Java"|nas
 <title>Top Page - MX-M453N</title>;function loginSubmit(mode);class="invisible"|printer
-<title>KONICA MINOLTA PageScope Web Connection</title>;popupCopyright;index.cgi|printer
+<title>KONICA MINOLTA PageScope Web Connection</title>;popupCopyright;index.cgi|printer
+<title>Kibana</title>|secops
+<title>Log in - Bitbucket</title>|devops
+<title>Home - Grafana</title>|devops
+<title>JBoss Management</title>|devops
+<title>JFrog</title>|devops
+<title>Log in to Fisheye |devops
+<title>Chef Infra Server API</title>|devops
+<title>Login&nbsp;- BigFix Web Reports</title>|secops
+<title> BigFix </title>|secops
+<title>Nessus Professional / Login</title>|secops
+<title>Nessus Scanner (SC) / Login</title>|secops
+<title>Nessus</title>|secops
+<title>Oracle HTTP Server|appops
+<title>Outlook;owa|comms
+<title>Query Monitor Welcome;ibm|appops
+<title>RMF Data Portal;ibm|appops
+<title>RabbitMQ Management|devops
+<title>Red Hat Satellite - Login</title>|secops
+<title>Remote Support Portal;Powered by BOMGAR</title>|secops
+<title>Rubrik</title>;appliance|secops
+<title>Sign in - Matomo</title>|devops
+<title>Sign in;GitLab</title>|devops
+<title>Spring Boot Admin</title>;apache|appops
+<title>VMware vRealize Automation Appliance|virtualization
+<title>VMware vRealize Orchestrator</title>|virtualization
+<title>vRealize Log Insight - Login</title>|virtualization
+<title>vRealize Operations Manager</title>|virtualization
+<title>WebSphere Liberty;ibm|appops
+<title>Welcome to WildFly</title>|appops
+Vormetric Data Security Management Console</title>|secops
+<pre>Jenkins-Agent-Protocols:|devops
+<title>Dashboard [Jenkins]</title>|devops
+<title>CA Privileged Access Manager</title>;CA Technologies|secops
+<title>BigFix Inventory: Login</title>|secops
+<title>BMC ProactiveNet|secops
+BMC Discovery:|secops
+<title>BMC Smart Reporting</title>|secops
+<title>BigFix Compliance: Login</title>|secops
+<title>BIG-IP;F5, Inc., Seattle, Washington. All rights reserved|netdev
+<title>502 - Web server received an invalid response while acting as a gateway or proxy server.</title>|badgw
+<title>503 Service Temporarily Unavailable</title>|serviceunavailable
+<html><head></head><body><h1>503 Service Unavailable</h1>|serviceunavailable
+<title>site unavailable</title>|serviceunavailable
+OpsHub</title>;admin|appops
+<title>Symantec Privileged Access Manager</title>|secops
+<title>windows_exporter</title></head>;<a href="/metrics">|dataops
+<title>Zabbix</title>|secops
+<title>tomcat;installed to|dataops
+</head><body><pre>&lt;s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/|dataops
+<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body>|dataops
+<html><head></head><body>{"result":"Page not found"}</body></html>|notfound
+<title>404 - File or directory not found.</title>|notfound
+<title id="loginTitle"></title>;by Cisco Systems, Inc|netdev
+<html><head></head><body>Tomcat-down for maintenance|serviceunavailable
+<html><head><link rel="stylesheet" href="resource://content-accessible/plaintext.css"></head><body><pre>Listening to;messages.</pre></body></html>|dataops
+<html><head></head><body></body></html>|empty
+<html><head><link rel="stylesheet" href="resource://content-accessible/plaintext.css"></head><body><pre></pre></body></html>|empty
+<html><head></head><body>test</body></html>|empty
+<html><head><link rel="stylesheet" href="resource://content-accessible/plaintext.css"></head><body><pre>{"|dataops
+<parsererror xmlns="http://www.mozilla.org/newlayout/xml/parsererror.xml">XML Parsing Error|dataops
+<html><head></head><body>Kibana server is not ready yet</body></html>|serviceunavailable
+<vasa-provider>;<supported-versions>|dataops
+xmlns:s="http://schemas.xmlsoap.org/soap/envelope/|dataops
+<title>Alertmanager</title>;prometh|secops
+<title>Application Express;oracle|appops
+<title>Checkmarx</title>|secops
+<title>CodeTableDashboard</title>|devops
+<title>Consul by HashiCorp</title>|secops
+<title>DCS Event Manager: Home</title>|dataops
+www.solarwinds.com/documentation/dpa;action="login.iwc"|devops
+<title>E-Business Suite Home Page Redirect</title>|redirector
+<title>Elastic</title>|secops
+<title>Enterprise-Class Redis for Developers</title>|devops
+<title>Error response</title>;501|inerror
+<title>HAL Management Console</title>|devops
+<title>Home Page - My ASP.NET Application</title>|crap
+<title>NETFLOW Server</title>;Queue|dataops
+<title>Oracle HTTP Server|appops
+<title>Outlook</title>|comms
+<title>Output Manager: Home</title>;mutex|dataops
+<title>Task Manager: Home</title>;mutex|dataops
+<title>Overview – Hangfire Dashboard</title>|appops
+<title>Pivotal tc Server — Standard Edition</title>|appops
+Bitbucket</title>|devops
+<title>Qlik Sense login page</title>|appops
+<title>Red Hat</title>;Where to go from here|crap
+<title>Report and Dashboard Server - Log In</title>|devops
+<title>SOAP RPC Server</title>|dataops
+<title>SYSLOG Server</title>|dataops
+<title>Selenium Grid Hub</title></head>|appops
+<title>Sign in - Matomo</title>|devops
+<title>Solr Admin</title>|appops
+<title>Spring Boot Admin</title>|devops
+<title>TIBCO WebFOCUS ;Reporting Server</title>|secops
+<title>TSM Web</title>|appops
+<title>Vault</title>;vault/config/environment|secops
+title>Web Administration has moved</title>|redirect
+<title>Welcome to Keycloak</title>|secops
+<title>cAdvisor -|appops
+python_gc_objects_collected_total{generation;RMF_performance_procu|dataops
+<html><head></head><body>Tomcat-up</body></html>|crap
+<a href="http://nats.io/documentation/server/gnatsd-monitoring/>help</a>|dataops
+<meta name="author" content="VMware, Inc.">|virtualization
+<body><pre>ERROR: Please retry or contact support</pre></body></html>|serviceunavailable

Python/modules/reporting.py

@@ -74,24 +74,31 @@ def sort_data_and_write(cli_parsed, data):
     total_results = len(data)
     categories = [('highval', 'High Value Targets', 'highval'),
                   ('dirlist', 'Directory Listings', 'dirlist'),
-                  (None, 'Uncategorized', 'uncat'),
                   ('cms', 'Content Management System (CMS)', 'cms'),
                   ('idrac', 'IDRAC/ILo/Management Interfaces', 'idrac'),
                   ('nas', 'Network Attached Storage (NAS)', 'nas'),
-                  ('construction', 'Under Construction', 'construction'),
+                  ('comms', 'Communications', 'comms'),
+                  ('devops', 'Development Operations', 'devops'),
+                  ('secops', 'Security Operations', 'secops'),
+                  ('appops', 'Application Operations', 'appops'),
+                  ('dataops', 'Data Operations', 'dataops'),
                   ('netdev', 'Network Devices', 'netdev'),
                   ('voip', 'Voice/Video over IP (VoIP)', 'voip'),
+                  ('printer', 'Printers', 'printer'),
+                  ('infrastructure', 'Infrastructure', 'infrastructure'),
+                  (None, 'Uncategorized', 'uncat'),
                   ('unauth', '401/403 Unauthorized', 'unauth'),
                   ('notfound', '404 Not Found', 'notfound'),
                   ('crap', 'Splash Pages', 'crap'),
-                  ('printer', 'Printers', 'printer'),
+                  ('empty', 'No Significant Content', 'empty'),
+                  ('construction', 'Under Construction', 'construction'),
                   ('successfulLogin', 'Successful Logins', 'successfulLogin'),
                   ('identifiedLogin', 'Identified Logins', 'identifiedLogin'),
-                  ('infrastructure', 'Infrastructure', 'infrastructure'),
                   ('redirector', 'Redirecting Pages', 'redirector'),
                   ('badhost', 'Invalid Hostname', 'badhost'),
                   ('inerror', 'Internal Error', 'inerror'),
                   ('badreq', 'Bad Request', 'badreq'),
+                  ('badgw', 'Bad Gateway', 'badgw'),
                   ('serviceunavailable', 'Service Unavailable', 'serviceunavailable'),
                   ]
     if total_results == 0:

Python/signatures.txt

@@ -215,7 +215,7 @@ parse the RedirectUrl;RedirectQueryString;nameArray;nameArray["RedirectQueryStri
 <title>Log In</title>;title="Go to CA Network Flow Analysis" class="login-page-logo";Network Flow Analysis</span>|CA Network Flow Analysis admin/admin
 <p id="powered">Powered by <a href="http://www.ruckuswireless.com">Ruckus Wireless</a></p>;<tr><th>Admin Name</th><td><input class="login_input";<tr><th>Password</th><td><input class="login_input";<title>Log In</title>|Ruckus Wireless admin/password or super/sp-admin
 <link rel="stylesheet" href="resources/webLogin-all.css">;<title>Polycom Login</title>;<meta http-equiv="X-UA-Compatible" content="IE=edge">;Password:</label></div></div></div>;type="text" role="textbox" size="1" name="userName" class="x-form-field x-form-text|Polycom Wireless Polycom/123 (user) Polycom/456 (admin)
-<title>WebTools | Home</title>;<td align="left" valign="middle" class="name">XeroxC70;set_status_refresh_interval|Xerox C70 Printer admin/1111
+<title>WebTools;Home</title>;<td align="left" valign="middle" class="name">XeroxC70;set_status_refresh_interval|Xerox C70 Printer admin/1111
 <title>S2 Netbox Login</title>;<!--License IFRAME HERE GOES HERE-->;div id="headerframe"|S2 Netbox admin/admin
 <title>Remote Support Portal;Powered by BOMGAR</title>;exitSurveyBox;Show Representatives Help Window;/content/access_key_input.js|Bomgar Device admin/password
 <title>Pritunl</title>;<link rel="icon" type="image/x-icon" href;onSubmit();login-form;var duoUserInput = document.getElementById('duo-username')|Pritunl VPN pritunl/pritunl
@@ -313,7 +313,7 @@ Internet Services;window.document.body.scrollTop;href="JavaScript:parent.fflip;p
 <title>Altova LicenseServer</title>;<span>Please wait...</span>;<div id="statusErrorMessage";<p class="legalese">|Altova License Server <nousername>/default
 Nimble Storage;/assets/vendor;/oem/settings.js;<!-- Username field -->;data-ember-modal-dialog-overlay|Nimble Storage admin/admin
 <title>Welcome to JBoss™</title>;JBoss Online Resources;<h3>JBoss Management</h3>;href="/status">Tomcat status</a>|JBOSS JMX Console superadmin/superadmin
-<title>APC | Log On</title>;function isValidBrowser();class="applyCancel"|APC Smart UPS readonly/apc
+<title>APC;Log On</title>;function isValidBrowser();class="applyCancel"|APC Smart UPS readonly/apc
 <head><title>U</title></head>;client-side JavaScript client sniff;client-side JavaScript client sniff|Sensaphone IMS-4000 admin/ims1k
 <title>Liebert IntelliSlot Web Card</title>;var appObj = new Object();document.appObj= appObj|Liebert IntelliSlot Web Card Liebert/Liebert
 <title>Lexmark CS725</title>;<img src="/images/printer_logo.png";role="heading">Embedded Web Server</div>|Lexmark CS725 <nousername>/00000
@@ -334,7 +334,7 @@ var jumpProt = jumpURL.substr(0,6).toLowerCase();var argc = setCookie.arguments.
 <title>Netman 204 login</title>;<form id="login" action="cgi-bin/login.cgi";onsubmit="this.submit.disabled='disabled';action="cgi-bin/view.cgi"|NetMan 204 admin/admin fwupgrade/fwupgrade user/user
 <title>DS-510</title>;<frameset rows="90,*" frameborder="0" framespacing="0" border="0">;<frameset rows="90,*" frameborder="0" framespacing="0" border="0">;<frame src="/en/top.htm" name="top" noresize="" scrolling="no">|Silex Print Server root/<nopassword>
 <title>AlienVault OSSIM;<title>AlienVault OSSIM;form name="f_login" id="f_login" method="POST"|Alienvault admin/admin
-<base href="/sysmgr/">;nwf-loading-indicator class="nwf-loading";upport-href="{{ 'supportHref' | Vendorizer }}|NetApp OnCommand System Manager admin/admin123
+<base href="/sysmgr/">;nwf-loading-indicator class="nwf-loading";upport-href="{{ 'supportHref'|NetApp OnCommand System Manager admin/admin123
 <title>IBM TS7700</title>;<div class="deviceImage"></div>;"productnameLabelSpan">Storage Management|IBM TS7700 admin/admin
 <title>Login</title>;function initDHTMLAPI() {;var cacUserName = "";hideElement("trInitName", "trInitPwd");name="login_saml" id="login_saml_form"|Palo Alto Firewall admin/admin
 <title>NETGEAR ProSAFE Plus Switch</title>;<div id="mainArea" class="mainArea";<a id="loginBtn" class="loginBtnStyle"|NetGear Switch nousername/password
@@ -401,4 +401,7 @@ g_strLanguage;g_bHasNote;g_strFirmware;<title>Yealink;loginbox| admin / admin
 IBM FlashSystem 5200;lib-prod/assets/css/Aspen;FlashCopyMappingsSnapshot| superuser / passw0rd
 <title>Welcome to Service Assistant</title>;svg focusable;mg alt="Java"| superuser / passw0rd
 <title>Top Page - MX-M453N</title>;function loginSubmit(mode);class="invisible"| administrator / admin
-<title>KONICA MINOLTA PageScope Web Connection</title>;popupCopyright;index.cgi| 12345678
+<title>KONICA MINOLTA PageScope Web Connection</title>;popupCopyright;index.cgi| 12345678
+<title>windows_exporter</title></head>;<a href="/metrics">| Prometheus Metrics no auth /metrics
+www.solarwinds.com/documentation/dpa;action="login.iwc"| Solar Winds Database Performance Analyzer / admin / blank
+<title>RabbitMQ Management| guest /guest - admin / changeme