From ee0e0b01a5920e8b9b1716c958d33e48574b935e Mon Sep 17 00:00:00 2001
From: Alexander Bridges <a.yakovlev911@gmail.com>
Date: Fri, 5 Jul 2019 18:50:29 +0300
Subject: [PATCH 1/3] few login endpoints

---
 Discovery/Web-Content/Logins.fuzz.txt | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/Discovery/Web-Content/Logins.fuzz.txt b/Discovery/Web-Content/Logins.fuzz.txt
index 6681546d..89aa67f6 100644
--- a/Discovery/Web-Content/Logins.fuzz.txt
+++ b/Discovery/Web-Content/Logins.fuzz.txt
@@ -11,6 +11,8 @@
 /admin-login
 /admin-login/
 /admin/
+/admin/auth.inc
+/admin/auth.inc.php
 /administrator
 /administrator/
 /administrator.asp
@@ -23,6 +25,12 @@
 /administrator.py
 /administrator.rb
 /admnistrator.php3
+/auth
+/auth/
+/auth.inc
+/auth.inc.php
+/authentication
+/authentication/
 /backend
 /backend/
 /cgi-bin/sqwebmail?noframes=1
@@ -57,6 +65,9 @@
 /logon.pl
 /logon.py
 /logon.rb
+/?page=admin.auth.inc
+/?page=auth.inc
+/?page=auth.inc.php
 /signin
 /signin/
 /signin.php?ret=

From eae5072a6e641864d02a923cbe3e019453ef54b7 Mon Sep 17 00:00:00 2001
From: Alexander Bridges <a.yakovlev911@gmail.com>
Date: Fri, 5 Jul 2019 18:53:08 +0300
Subject: [PATCH 2/3] add bower.json dependencies file

Contains sensitive info
https://zellwk.com/blog/bower/
---
 Discovery/Web-Content/quickhits.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Discovery/Web-Content/quickhits.txt b/Discovery/Web-Content/quickhits.txt
index 17279cf2..98ab379b 100644
--- a/Discovery/Web-Content/quickhits.txt
+++ b/Discovery/Web-Content/quickhits.txt
@@ -810,6 +810,7 @@
 /blog/wp-content/backup-db/
 /blog/wp-content/backups/
 /bot.txt
+/bower.json
 /buck.sql
 /build.gradle
 /build.local.xml

From c5c705134f09d77c26ca11fbd72d73e825390cd1 Mon Sep 17 00:00:00 2001
From: Alexander Bridges <a.yakovlev911@gmail.com>
Date: Fri, 5 Jul 2019 19:14:54 +0300
Subject: [PATCH 3/3] Sitecore CMS endpoints

#### Sources:

Sitecore CMS:  https://www.sitecore.com/

Sensitive endpoints: https://doc.sitecore.com/developers/90/platform-administration-and-architecture/en/deny-anonymous-users-access-to-a-folder.html

Sitecore docs:
https://doc.sitecore.com/legacy-docs/SC72/sitecore-web-service-sc65-a4.pdf
https://doc.sitecore.com/SdnArchive/upload/sitecore7/75/sitecore_security_hardening_guide-sc75-usletter.pdf
---
 Discovery/Web-Content/CMS/sitecore | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 Discovery/Web-Content/CMS/sitecore

diff --git a/Discovery/Web-Content/CMS/sitecore b/Discovery/Web-Content/CMS/sitecore
new file mode 100644
index 00000000..00b44c04
--- /dev/null
+++ b/Discovery/Web-Content/CMS/sitecore
@@ -0,0 +1,16 @@
+/App_Config
+/App_Config/ConnectionStrings.config
+/sitecore/
+/sitecore/admin
+/sitecore/admin/login.aspx
+/sitecore/debug
+/sitecore/default.aspx
+/sitecore/login
+/sitecore/login.aspx
+/sitecore/login/default.aspx
+/sitecore/shell/WebService
+/sitecore/shell/webservice/service.asmx
+/sitecore/shell/webservice/service2.asmx
+/sitecore/shell/sitecore.version.xml
+/sitecore/service
+/sitecore/service/nolayout.aspx