From 326eba57080e5e08195b7d00ca096969590fe950 Mon Sep 17 00:00:00 2001
From: Ali <46873759+Ghoreish@users.noreply.github.com>
Date: Sat, 6 Jan 2024 09:58:34 +0330
Subject: [PATCH 1/3] Create keycloak.txt

check keycloak for sensitive paths.
---
 Discovery/keycloak.txt | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 Discovery/keycloak.txt

diff --git a/Discovery/keycloak.txt b/Discovery/keycloak.txt
new file mode 100644
index 00000000..4c574f36
--- /dev/null
+++ b/Discovery/keycloak.txt
@@ -0,0 +1,12 @@
+/admin
+/admin/console
+/realms/{realm-name}/
+/realms/{realm-name}/users
+/realms/{realm-name}/groups
+/realms/{realm-name}/clients
+/realms/{realm-name}/flows
+/realms/{realm-name}/protocol-mappers
+/realms/{realm-name}/sessions
+/admin/realms/{realm-name}/events
+/realms/{realm-name}/scripts
+/realms/{realm-name}/client-scopes

From e3b87367d3fe1d428f6555b5287ed9ed0d65815d Mon Sep 17 00:00:00 2001
From: Ali <46873759+Ghoreish@users.noreply.github.com>
Date: Sat, 6 Jan 2024 10:01:07 +0330
Subject: [PATCH 2/3] Rename Discovery/keycloak.txt to
 Discovery/Web-Content/keycloak.txt

---
 Discovery/{ => Web-Content}/keycloak.txt | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename Discovery/{ => Web-Content}/keycloak.txt (100%)

diff --git a/Discovery/keycloak.txt b/Discovery/Web-Content/keycloak.txt
similarity index 100%
rename from Discovery/keycloak.txt
rename to Discovery/Web-Content/keycloak.txt

From 0b23b9e80299d88655412f55d0cff4d0269c62f5 Mon Sep 17 00:00:00 2001
From: Ali <46873759+Ghoreish@users.noreply.github.com>
Date: Sat, 6 Jan 2024 10:21:48 +0330
Subject: [PATCH 3/3] Update keycloak.txt

updated
---
 Discovery/Web-Content/keycloak.txt | 35 ++++++++++++++++++++----------
 1 file changed, 24 insertions(+), 11 deletions(-)

diff --git a/Discovery/Web-Content/keycloak.txt b/Discovery/Web-Content/keycloak.txt
index 4c574f36..83466512 100644
--- a/Discovery/Web-Content/keycloak.txt
+++ b/Discovery/Web-Content/keycloak.txt
@@ -1,12 +1,25 @@
 /admin
-/admin/console
-/realms/{realm-name}/
-/realms/{realm-name}/users
-/realms/{realm-name}/groups
-/realms/{realm-name}/clients
-/realms/{realm-name}/flows
-/realms/{realm-name}/protocol-mappers
-/realms/{realm-name}/sessions
-/admin/realms/{realm-name}/events
-/realms/{realm-name}/scripts
-/realms/{realm-name}/client-scopes
+/admin/realms/{realm-name}/
+/admin/realms/{realm-name}/clients
+/admin/realms/{realm-name}/users
+/admin/realms/{realm-name}/groups
+/admin/realms/{realm-name}/roles
+/admin/realms/{realm-name}/users/{user-id}
+/admin/realms/{realm-name}/clients/{client-id}
+/admin/realms/{realm-name}/roles/{role-name}
+/admin/realms/{realm-name}/roles/{role-name}/users
+/admin/realms/{realm-name}/roles/{role-name}/clients
+/admin/realms/{realm-name}/users/{user-id}/role-mappings
+/admin/realms/{realm-name}/users/{user-id}/role-mappings/clients/{client-id}
+/admin/realms/{realm-name}/clients/{client-id}/roles/{role-name}
+/realms/{realm-name}/account
+/realms/{realm-name}/protocol/openid-connect/token
+/realms/{realm-name}/protocol/openid-connect/auth
+/realms/{realm-name}/protocol/openid-connect/userinfo
+/realms/{realm-name}/protocol/openid-connect/logout
+/realms/{realm-name}/protocol/openid-connect/certs
+/realms/{realm-name}/protocol/saml/metadata
+/realms/{realm-name}/protocol/saml/clients
+/realms/{realm-name}/protocol/saml/roles
+/realms/{realm-name}/protocol/saml/descriptor
+/realms/{realm-name}/protocol/saml/flows