diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index b44db4f..a79f785 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -35,11 +35,11 @@ jobs:
           git diff --name-only $PREV_SHA $GITHUB_SHA | grep '^poc/' && POC_CHANGED=true || true
           
           if $FINGER_CHANGED && $POC_CHANGED; then
-            ./xlint_linux_amd64 -f "./finger/*.yml" -f "./poc/*.yml" | tee xlint_output
+            ./xlint_linux_amd64 -f "./finger/**/*.yml" -f "./poc/**/*.yml" | tee xlint_output
           elif $FINGER_CHANGED; then
-            ./xlint_linux_amd64 -f "./finger/*.yml" | tee xlint_output
+            ./xlint_linux_amd64 -f "./finger/**/*.yml" | tee xlint_output
           elif $POC_CHANGED; then
-            ./xlint_linux_amd64 -f "./poc/*.yml" | tee xlint_output
+            ./xlint_linux_amd64 -f "./poc/**/*.yml" | tee xlint_output
           fi
 
       - name: Check for lint errors
diff --git a/README.md b/README.md
index 3f86a1e..92bea20 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,10 @@
 ## 🎉 欢迎来到插件存储库！🎉
 
-我们为各类插件创建了一个专门的存储库，旨在方便大家共享和使用各种插件。我们会不定期地往这里推送一些新的插件，同时也非常欢迎各位贡献者提交自己的插件，共同丰富这个仓库。
+我们为各类插件创建了一个专门的存储库，旨在方便大家共享和使用各种插件。
+
+这里主要收录的是开源的、转化成 xray格式的脚本，以供大家使用。
+
+我们会不定期地往这里推送一些新的插件，同时也希望大家能积极踊跃的优化或者提交插件，共同丰富这个仓库。
 
 [English Version of README](./README_EN.md)
 
@@ -10,6 +14,7 @@
 
 - 指纹：推荐使用 xapp 运行
 - POC：推荐使用 xpoc 运行
+- Group List：其中存放着一些梳理过的指定运行的文件列表，推荐使用xapp、xpoc -g 运行。
 
 ## ⚠️ 使用须知
 
@@ -17,7 +22,7 @@
 
 ## ✔️ 插件质量
 
-为了确保插件的质量和一致性，我们会在本项目的 [release](https://github.com/chaitin/xray-plugins/releases) 中及时发布最新的 XLint，专门用于 lint 插件。存放在本仓库的插件唯一要求就是通过 XLint 的检查。
+为了确保插件的质量和一致性，我们会在本项目的 [release](https://github.com/chaitin/xray-plugins/releases) 中及时发布最新的 XLint，专门用于 lint 插件。存放在本仓库的插件唯一要求就是通过 CI 中的 lint 检查。
 
 ### 使用指南
 
@@ -27,18 +32,36 @@ xlint -f "./finger/*"
 xlint -f "./finger/*" -f "./poc/*"
 ```
 
-更多关于插件修复的指南，请参考 [插件修复指南](https://docs.xray.cool/plugins/yaml/Fix)。
+## 📜 收录标准
 
-## 🎁 贡献奖励
+本仓库收录的内容包括：
 
-我们非常感谢每一位插件贡献者的努力！为了表达我们的感谢，我们会不定期地对插件贡献者发放一些周边礼品。如果你有兴趣贡献插件，请随时提交 PR 或联系项目维护者。
+1. 插件优化：对现有插件进行优化，或者将不同来源但检测同一产品或漏洞的插件进行优化合并。
+2. Group List：提交自用的好用的 Group List。
+3. 新的插件。
 
-## 📜 仓库结构
+更多关于插件修复的指南，请参考 [插件修复指南](https://docs.xray.cool/plugins/yaml/Fix)。
 
-- `finger/`：存放指纹。
-- `poc/`：存放 POC。
+###  仓库结构
+
+- `finger/`：存放指纹，分为 `web` 和 `service` 两个文件夹。
+    - `manual/`：存放手工编写的指纹。
+      - `web/`：存放 Web 指纹。
+      - `service/`：存放服务指纹。
+    - `xxx/`：存放xxx来源的指纹。
+    - ...
+- `poc/`：存放 POC，按不同来源分类。
+    - `manual/`：存放手工编写的poc。
+    - `xxx/`：存放xxx来源的poc。
+    - ...
 - `group/`：存放一些指定运行的文件列表。
 
+> 注意：在提交指纹或 POC 时，应明确具体的来源。如果是自己编写的，可以将其存放到manual文件夹中，如果是指纹，请确保其中包含cpe信息。
+> 
+> 如果某个插件被优化合并了，应将其从原来源的文件夹中移除，并合并到 `finger|poc/manual/web|service` 文件夹中，表示该插件经过人工确认。
+
+提交时请确认仓库中没有同产品或漏洞的插件，避免重复提交。
+
 ## 🛠️ 如何贡献
 
 1. **Fork** 本仓库。
@@ -46,9 +69,40 @@ xlint -f "./finger/*" -f "./poc/*"
 3. **Commit** 你的更改，并推送到你的 Fork 仓库。
 4. 提交 **Pull Request**，我们会尽快审核并合并你的贡献。
 
+### 贡献奖励
+
+> **如果您希望通过提交或者优化指纹获取奖励，请确保您提交或者优化的指纹中包含cpe信息**
+
+#### 积分发放：
+
+|  分类  |  积分  |  说明  |
+| --- | --- | --- |
+|  GroupList提交  |  20-500/个  |  视GroupList的时效性、完整度、可利用度、价值高低等方面综合评定，给予20-500不等的积分奖励  |
+|  新插件提交  |  20/个  |  提交符合插件收录标准且包含准确cpe信息的新插件，给予20积分奖励  |
+|  插件优化  |  5/个  |  对现有插件进行优化，或者将不同来源但检测同一产品或漏洞的插件进行优化合并，给予5积分奖励  |
+
+#### 奖励兑换：
+
+每季度开放一次奖励兑换窗口
+
+所有本季度积分在500以上的用户均可以进入排名，不同排名奖励如下：
+
+|  名次  |  荣誉证书  |  xray高级版  |  周边礼品  |  惊喜奖品  |   |
+| --- | --- | --- | --- | --- | --- |
+|  Top1  |  实体荣誉证书  |  xray高级版（90天）  |  xray社区定制周边（5选3）  |  京东卡100元  |  奖励不定时更新  |
+|  Top2-5  |  电子荣誉证书  |  xray高级版（60天）  |  xray社区定制周边（2选5）  |  京东卡50元  |
+|  Top6-10  |  电子荣誉证书  |  xray高级版（30天）  |  xray社区定制周边（1选5）  |  /  |
+|  Top11-20  |  电子荣誉证书  |  xray高级版（15天）  |  xray社区定制周边指定1款  |  /  |
+|  Top21-  |  电子荣誉证书  |  xray高级版（7天）  |  /  |  /  |
+
+兑换方式：
+
+成功提交后添加微信群，进群验证github用户名；每个季度结算并公开排名，用户可在社群提示的兑换时间，联系工作人员进行奖励兑换。
+
+
 ## 📞 联系我们
 
-如果你在使用过程中有任何问题或建议，欢迎通过 [xray 仓库](https://github.com/chaitin/xray/issues) 页面进行反馈。
+如果你在使用过程中有任何问题或建议，欢迎通过 [xray 仓库](https://github.com/chaitin/xray/issues) 页面进行反馈，或通过[帮助页面](https://docs.xray.cool/help/index)添加微信公众号，加入 xray 社区交流群。
 
 感谢你的参与和支持！我们期待与你共同打造一个强大且实用的插件库。
 
diff --git a/README_EN.md b/README_EN.md
index 891f45d..ec827e9 100644
--- a/README_EN.md
+++ b/README_EN.md
@@ -1,23 +1,28 @@
-# 🎉 Welcome to the xray-plugins! 🎉
+## 🎉 Welcome to the Plugin Repository! 🎉
 
-We have created a dedicated repository for various plugins to facilitate sharing and using different plugins. We will periodically push new plugins here, and we warmly welcome contributors to submit their plugins to enrich this repository together.
+We have created a dedicated repository for various plugins, aiming to facilitate the sharing and use of different plugins.
 
-[中文版本](./README.md)
+This repository primarily includes open-source scripts converted to the xray format for everyone to use.
 
-## 📂 Plugin File Formats
+We will periodically push new plugins here, and we encourage everyone to actively optimize or submit plugins to enrich this repository together.
 
-The plugins in this repository include fingerprints, POCs, and some specific runtime file lists. It is recommended to use the following tools to run these plugins:
+[中文版 README](./README.md)
+
+## 📂 Plugin File Format
+
+The plugins in this repository include fingerprints, POCs, and some specific run file lists. We recommend using the following tools to run these plugins:
 
 - Fingerprints: Recommended to run with xapp
 - POCs: Recommended to run with xpoc
+- Group List: Contains curated lists of specific run files, recommended to run with xapp or xpoc -g.
 
 ## ⚠️ Usage Notice
 
-Please note that the plugins in this repository have only been verified with xlint and have not been tested on actual targets. Therefore, the content of these plugins may not be fully usable. We recommend verifying their effectiveness before use.
+Please note that the plugins in this repository have only passed xlint validation and have not been tested on actual targets. Therefore, the content of these plugins may not be fully usable. We recommend verifying their effectiveness before use.
 
 ## ✔️ Plugin Quality
 
-To ensure the quality and consistency of the plugins, we will promptly release the latest xlint in the [release](https://github.com/chaitin/xray-plugins/releases) section of this project, specifically for linting plugins. The only requirement for plugins stored in this repository is to pass the xlint check.
+To ensure the quality and consistency of the plugins, we will promptly release the latest XLint in the [release](https://github.com/chaitin/xray-plugins/releases) section of this project for linting plugins. The only requirement for plugins stored in this repository is to pass the lint check in the CI.
 
 ### Usage Guide
 
@@ -27,37 +32,85 @@ xlint -f "./finger/*"
 xlint -f "./finger/*" -f "./poc/*"
 ```
 
+## 📜 Inclusion Criteria
+
+The content included in this repository includes:
+
+1. Plugin Optimization: Optimize existing plugins or merge plugins from different sources that detect the same product or vulnerability.
+2. Group List: Submit useful personal Group Lists.
+3. New Plugins.
+
 For more guidelines on plugin fixes, please refer to [Plugin Fix Guide](https://docs.xray.cool/plugins/yaml/Fix).
 
-## 🎁 Contribution Rewards
+### Repository Structure
 
-We greatly appreciate the efforts of every plugin contributor! To express our gratitude, we will occasionally send some peripheral gifts to plugin contributors. If you are interested in contributing plugins, please feel free to submit a PR or contact the project maintainers.
+- `finger/`: Stores fingerprints, divided into `web` and `service` folders.
+    - `manual/`: Stores manually written fingerprints.
+        - `web/`: Stores web fingerprints.
+        - `service/`: Stores service fingerprints.
+    - `xxx/`: Stores fingerprints from xxx source.
+    - ...
+- `poc/`: Stores POCs, categorized by different sources.
+    - `manual/`: Stores manually written POCs.
+    - `xxx/`: Stores POCs from xxx source.
+    - ...
+- `group/`: Stores curated run file lists.
 
-## 📜 Repository Structure
+> Note: When submitting fingerprints or POCs, the specific source should be clearly stated. If it is self-written, it can be stored in the manual folder. If it is a fingerprint, ensure it contains CPE information.
+>
+> If a plugin has been optimized and merged, it should be removed from the original source folder and merged into the `finger|poc/manual/web|service` folder, indicating that the plugin has been manually verified.
 
-- `finger/`: Stores fingerprints.
-- `poc/`: Stores POCs.
-- `group/`: Stores some specific runtime file lists.
+Before submission, please ensure there are no duplicate plugins for the same product or vulnerability in the repository.
 
 ## 🛠️ How to Contribute
 
 1. **Fork** this repository.
-2. **Clone** it locally for modification.
-3. **Commit** your changes and push them to your Fork repository.
-4. Submit a **Pull Request**, and we will review and merge your contribution as soon as possible.
+2. **Clone** it locally to make modifications.
+3. **Commit** your changes and push them to your Forked repository.
+4. Submit a **Pull Request**. We will review and merge your contributions as soon as possible.
+
+### Contribution Rewards
+
+> **If you wish to receive rewards for submitting or optimizing fingerprints, please ensure that the fingerprints you submit or optimize include CPE information.**
+
+#### Points Distribution:
+
+|  Category  |  Points  |  Description  |
+| --- | --- | --- |
+|  GroupList Submission  |  20-500/each  |  Points awarded based on the timeliness, completeness, usability, and overall value of the GroupList, ranging from 20 to 500 points.  |
+|  New Plugin Submission  |  20/each  |  Submit new plugins that meet the inclusion criteria and include accurate CPE information for 20 points.  |
+|  Plugin Optimization  |  5/each  |  Optimize existing plugins or merge plugins from different sources that detect the same product or vulnerability for 5 points.  |
+
+#### Reward Redemption:
+
+The reward redemption window opens once per quarter.
+
+All users with over 500 points in the current quarter can enter the ranking, with different rewards for each rank as follows:
+
+|  Rank  |  Honor Certificate  |  xray Pro Version  |  Merchandise  |  Surprise Prize  |   |
+| --- | --- | --- | --- | --- | --- |
+|  Top1  |  Physical Honor Certificate  |  xray Pro Version (90 days)  |  xray Community Custom Merchandise (choose 3 out of 5)  |  100 RMB JD Card  |  Rewards updated periodically  |
+|  Top2-5  |  Electronic Honor Certificate  |  xray Pro Version (60 days)  |  xray Community Custom Merchandise (choose 2 out of 5)  |  50 RMB JD Card  |
+|  Top6-10  |  Electronic Honor Certificate  |  xray Pro Version (30 days)  |  xray Community Custom Merchandise (choose 1 out of 5)  |  /  |
+|  Top11-20  |  Electronic Honor Certificate  |  xray Pro Version (15 days)  |  Specified xray Community Custom Merchandise  |  /  |
+|  Top21-  |  Electronic Honor Certificate  |  xray Pro Version (7 days)  |  /  |  /  |
+
+Redemption Method:
+
+After successfully submitting, join the WeChat group and verify your GitHub username in the group; points are settled and rankings are made public each quarter. Users can contact staff for reward redemption during the specified redemption time announced in the community.
 
 ## 📞 Contact Us
 
-If you have any questions or suggestions during use, please feel free to provide feedback through the [xray repository](https://github.com/chaitin/xray/issues) page.
+If you have any questions or suggestions during use, feel free to provide feedback via the [xray repository](https://github.com/chaitin/xray/issues) page, or join the xray community discussion group through the [Help Page](https://docs.xray.cool/help/index) by adding the official WeChat account.
 
-Thank you for your participation and support! We look forward to working with you to build a powerful and practical plugin library.
+Thank you for your participation and support! We look forward to working with you to create a powerful and practical plugin library.
 
 ---
 
 ## 📢 Disclaimer
 
-All content in this repository is for learning and research purposes only. Please do not use it for illegal purposes. We are not responsible for any direct or indirect damages caused by using these plugins.
+All content in this repository is for learning and research purposes only. Do not use it for illegal purposes. We are not responsible for any direct or indirect damage caused by the use of these plugins.
 
-## 📄 License
+## 📄 Open Source License
 
 This project is released under the [GPL License 3.0](./LICENSE). You are free to use, modify, and distribute this project, but please retain the original author information.
\ No newline at end of file
diff --git a/finger/Apache-Struts.yml b/finger/Apache-Struts.yml
deleted file mode 100644
index 02d933a..0000000
--- a/finger/Apache-Struts.yml
+++ /dev/null
@@ -1,30 +0,0 @@
-name: fingerprint-yaml-Apache-Struts
-manual: false
-detail:
-    fingerprint:
-        name: Apache-Struts
-    fofa: body="org.apache.struts2" || body="org.apache.struts." || body="content=\"Struts2 Showcase for Apache Struts Project\""
-transport: http
-rules:
-    r0:
-        request:
-            cache: true
-            method: GET
-            path: /
-            follow_redirects: true
-        expression: response.body_string.contains("org.apache.struts2")
-    r1:
-        request:
-            cache: true
-            method: GET
-            path: /
-            follow_redirects: true
-        expression: response.body_string.contains("org.apache.struts.")
-    r2:
-        request:
-            cache: true
-            method: GET
-            path: /
-            follow_redirects: true
-        expression: response.body_string.contains('content="Struts2 Showcase for Apache Struts Project"')
-expression: r0() || r1() || r2()
diff --git a/finger/manual/service/tcp-openbsd-openssh.yml b/finger/manual/service/tcp-openbsd-openssh.yml
new file mode 100644
index 0000000..958cc1e
--- /dev/null
+++ b/finger/manual/service/tcp-openbsd-openssh.yml
@@ -0,0 +1,301 @@
+name: fingerprint-yaml-tcp-openbsd-openssh
+manual: false
+transport: tcp
+set:
+    re1: '"^SSH-([\\d.]+)-OpenSSH_(?P<version0>[\\w._-]+) Debian-(?P<version1>\\S*maemo\\S*)\\r?\\n"'
+    re2: '"^SSH-([\\d.]+)-OpenSSH_(?P<version0>[\\w._-]+)[ -]{1,2}Debian[ -_](?P<version1>.*ubuntu.*)\\r\\n"'
+    re3: '"^SSH-([\\d.]+)-OpenSSH_(?P<version0>[\\w._-]+)[ -]{1,2}Ubuntu[ -_](?P<version1>[^\\r\\n]+)\\r?\\n"'
+
+    re4: '"^SSH-([\\d.]+)-OpenSSH_(?P<version0>[\\w._-]+)[ -]{1,2}Debian[ -_](?P<version1>[^\\r\\n]+)\\r?\\n"'
+    re5: '"^SSH-([\\d.]+)-OpenSSH_[\\w.]+-FC-(?P<version>[\\w.-]+)\\.fc(\\d+)\\r\\n"'
+    re6: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w._-]+) FreeBSD-([\\d]+)\\r?\\n"'
+    re7: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w._-]+) FreeBSD localisations (\\d+)\\r?\\n"'
+    re8: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w._-]+) FreeBSD-openssh-portable-(?:base-|amd64-)?[\\w.,]+\\r?\\n"'
+    re9: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w._-]+) FreeBSD-openssh-portable-overwrite-base"'
+    re10: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w._-]+) FreeBSD-openssh-gssapi-"'
+    re11: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w._-]+) FreeBSD\\n"'
+    re12: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w._-]+) miniBSD-([\\d]+)\\r?\\n"'
+    re13: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w._-]+) NetBSD_Secure_Shell-([\\w._+-]+)\\r?\\n"'
+    re14: '"^SSH-([\\d.]+)-OpenSSH_(?P<version0>[\\w._-]+)_Mikrotik_v(?P<version1>[\\d.]+)\\r?\\n"'
+    re15: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w._-]+) in RemotelyAnywhere ([\\d.]+)\\r?\\n"'
+    re16: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w._-]+)\\+CAN-2004-0175\\r?\\n"'
+    re17: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w._-]+) NCSA_GSSAPI_20040818 KRB5\\r?\\n"'
+    re18: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w._-]+)[-_]hpn(\\w+) *(?:\\\"\\\")?\\r?\\n"'
+    re19: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w._-]+\\+sftpfilecontrol-v[\\d.]+-hpn\\w+)\\r?\\n"'
+    re20: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w._-]+-hpn) NCSA_GSSAPI_\\d+ KRB5\\r?\\n"'
+    re21: '"^SSH-([\\d.]+)-OpenSSH_3\\.4\\+p1\\+gssapi\\+OpenSSH_3\\.7\\.1buf_fix\\+2006100301\\r?\\n"'
+    re22: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w._-]+\\.RL)\\r?\\n"'
+    re23: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w._-]+-CERN\\d+)\\r?\\n"'
+    re24: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w._-]+\\.cern-hpn)"'
+    re25: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w._-]+-hpn)\\r?\\n"'
+    re26: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w._-]+-pwexp\\d+)\\r?\\n"'
+    re27: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w._-]+)-chrootssh\\n"'
+    re28: '"^SSH-([\\d.]+)-Nortel\\r?\\n"'
+    re29: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w.]+)[-_]hpn(\\w+) DragonFly-"'
+    re30: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w.]+) DragonFly-"'
+    re31: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w_.-]+) FIPS\\n"'
+    re32: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w_.-]+) FIPS\\r\\n"'
+    re33: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w_.-]+) NCSA_GSSAPI_GPT_([-\\w_.]+) GSI\\n"'
+    re34: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w._-]+) \\.\\n"'
+    re35: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w._-]+) PKIX\\r\\n"'
+    re36: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w._-]+)-FIPS\\(capable\\)\\r\\n"'
+    re37: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w._-]+)-sshjail\\n"'
+    re38: '"^SSH-([\\d.]+)-OpenSSH_(?P<version0>[\\w._-]+) Raspbian-(?P<version1>[^\\r\\n]+)\\r?\\n"'
+    re39: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w._-]+) OVH-rescue\\r\\n"'
+    re40: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w._-]+) Trisquel_GNU/linux_([\\d.]+)(?:-\\d+)?\\r\\n"'
+    re41: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w._-]+) \\+ILOM\\.2015-5600\\r\\n"'
+    re42: '"^SSH-([\\d.]+)-OpenSSH_(?P<version>[\\w._-]+) SolidFire Element \\r\\n"'
+    re43: '"(?i)^SSH-([\\d.]+)-OpenSSH[_-](?P<version>[\\w.]+)\\s*\\r?\\n"'
+    re44: '"^SSH-([\\d.]+)-OpenSSH\\r?\\n$"'
+    re45: '"^Access to service sshd from [-\\w_.]+@[-\\w_.]+ has been denied\\.\\r\\n"'
+rules:
+    r1:
+        expression: re1.bmatches(response.raw)
+        output:
+            re1_result: re1.bsubmatch(response.raw)
+            osname: '"Linux"'
+            version: '"" + re1_result["version0"] + " Debian " + re1_result["version1"] + ""'
+    r2:
+        expression: re2.bmatches(response.raw)
+        output:
+            re2_result: re2.bsubmatch(response.raw)
+            osname: '"Linux"'
+            version: '"" + re2_result["version0"] + " Debian " + re2_result["version1"] + ""'
+    r3:
+        expression: re3.bmatches(response.raw)
+        output:
+            re3_result: re3.bsubmatch(response.raw)
+            osname: '"Linux"'
+            version: '"" + re3_result["version0"] + " Ubuntu " + re3_result["version1"] + ""'
+    r4:
+        expression: re4.bmatches(response.raw)
+        output:
+            re4_result: re4.bsubmatch(response.raw)
+            osname: '"Linux"'
+            version: '"" + re4_result["version0"] + " Debian " + re4_result["version1"] + ""'
+    r5:
+        expression: re5.bmatches(response.raw)
+        output:
+            re5_result: re5.bsubmatch(response.raw)
+            osname: '"Linux"'
+            version: '"" + re5_result["version"] + " Fedora"'
+    r6:
+        expression: re6.bmatches(response.raw)
+        output:
+            re6_result: re6.bsubmatch(response.raw)
+            osname: '"FreeBSD"'
+            version: re6_result["version"]
+    r7:
+        expression: re7.bmatches(response.raw)
+        output:
+            re7_result: re7.bsubmatch(response.raw)
+            osname: '"FreeBSD"'
+            version: re7_result["version"]
+    r8:
+        expression: re8.bmatches(response.raw)
+        output:
+            re8_result: re8.bsubmatch(response.raw)
+            osname: '"FreeBSD"'
+            version: re8_result["version"]
+    r9:
+        expression: re9.bmatches(response.raw)
+        output:
+            re9_result: re9.bsubmatch(response.raw)
+            osname: '"FreeBSD"'
+            version: re9_result["version"]
+    r10:
+        expression: re10.bmatches(response.raw)
+        output:
+            re10_result: re10.bsubmatch(response.raw)
+            osname: '"FreeBSD"'
+            version: re10_result["version"]
+    r11:
+        expression: re11.bmatches(response.raw)
+        output:
+            re11_result: re11.bsubmatch(response.raw)
+            osname: '"FreeBSD"'
+            version: re11_result["version"]
+    r12:
+        expression: re12.bmatches(response.raw)
+        output:
+            re12_result: re12.bsubmatch(response.raw)
+            osname: '"MiniBSD"'
+            version: re12_result["version"]
+    r13:
+        expression: re13.bmatches(response.raw)
+        output:
+            re13_result: re13.bsubmatch(response.raw)
+            osname: '"NetBSD"'
+            version: re13_result["version"]
+    r14:
+        expression: re14.bmatches(response.raw)
+        output:
+            re14_result: re14.bsubmatch(response.raw)
+            device: '"router"'
+            version: '"" + re14_result["version0"] + " mikrotik " + re14_result["version1"] + ""'
+    r15:
+        expression: re15.bmatches(response.raw)
+        output:
+            re15_result: re15.bsubmatch(response.raw)
+            osname: '"Windows"'
+            version: re15_result["version"]
+    r16:
+        expression: re16.bmatches(response.raw)
+        output:
+            re16_result: re16.bsubmatch(response.raw)
+            version: '"" + re16_result["version"] + " CAN-2004-0175"'
+    r17:
+        expression: re17.bmatches(response.raw)
+        output:
+            re17_result: re17.bsubmatch(response.raw)
+            version: '"" + re17_result["version"] + " NCSA_GSSAPI_20040818 KRB5"'
+    r18:
+        expression: re18.bmatches(response.raw)
+        output:
+            re18_result: re18.bsubmatch(response.raw)
+            version: re18_result["version"]
+    r19:
+        expression: re19.bmatches(response.raw)
+        output:
+            re19_result: re19.bsubmatch(response.raw)
+            version: re19_result["version"]
+    r20:
+        expression: re20.bmatches(response.raw)
+        output:
+            re20_result: re20.bsubmatch(response.raw)
+            version: re20_result["version"]
+    r21:
+        expression: re21.bmatches(response.raw)
+        output:
+            version: '"3.4p1 with CMU Andrew patches"'
+    r22:
+        expression: re22.bmatches(response.raw)
+        output:
+            re22_result: re22.bsubmatch(response.raw)
+            device: '"switch"'
+            version: '"" + re22_result["version"] + " Allied Telesis"'
+    r23:
+        expression: re23.bmatches(response.raw)
+        output:
+            re23_result: re23.bsubmatch(response.raw)
+            version: re23_result["version"]
+    r24:
+        expression: re24.bmatches(response.raw)
+        output:
+            re24_result: re24.bsubmatch(response.raw)
+            version: re24_result["version"]
+    r25:
+        expression: re25.bmatches(response.raw)
+        output:
+            re25_result: re25.bsubmatch(response.raw)
+            version: re25_result["version"]
+    r26:
+        expression: re26.bmatches(response.raw)
+        output:
+            re26_result: re26.bsubmatch(response.raw)
+            osname: '"AIX"'
+            version: re26_result["version"]
+    r27:
+        expression: re27.bmatches(response.raw)
+        output:
+            re27_result: re27.bsubmatch(response.raw)
+            version: re27_result["version"]
+    r28:
+        expression: re28.bmatches(response.raw)
+        output:
+            device: '"switch"'
+    r29:
+        expression: re29.bmatches(response.raw)
+        output:
+            re29_result: re29.bsubmatch(response.raw)
+            osname: '"DragonFlyBSD"'
+            version: re29_result["version"]
+    r30:
+        expression: re30.bmatches(response.raw)
+        output:
+            re30_result: re30.bsubmatch(response.raw)
+            osname: '"DragonFlyBSD"'
+            version: re30_result["version"]
+    r31:
+        expression: re31.bmatches(response.raw)
+        output:
+            re31_result: re31.bsubmatch(response.raw)
+            device: '"firewall"'
+            version: re31_result["version"]
+    r32:
+        expression: re32.bmatches(response.raw)
+        output:
+            re32_result: re32.bsubmatch(response.raw)
+            device: '"switch"'
+            version: re32_result["version"]
+    r33:
+        expression: re33.bmatches(response.raw)
+        output:
+            re33_result: re33.bsubmatch(response.raw)
+            version: re33_result["version"]
+    r34:
+        expression: re34.bmatches(response.raw)
+        output:
+            re34_result: re34.bsubmatch(response.raw)
+            version: re34_result["version"]
+    r35:
+        expression: re35.bmatches(response.raw)
+        output:
+            re35_result: re35.bsubmatch(response.raw)
+            version: re35_result["version"]
+    r36:
+        expression: re36.bmatches(response.raw)
+        output:
+            re36_result: re36.bsubmatch(response.raw)
+            version: re36_result["version"]
+    r37:
+        expression: re37.bmatches(response.raw)
+        output:
+            re37_result: re37.bsubmatch(response.raw)
+            version: re37_result["version"]
+    r38:
+        expression: re38.bmatches(response.raw)
+        output:
+            re38_result: re38.bsubmatch(response.raw)
+            osname: '"Linux"'
+            version: '"" + re38_result["version0"] + " Raspbian " + re38_result["version1"] + ""'
+    r39:
+        expression: re39.bmatches(response.raw)
+        output:
+            re39_result: re39.bsubmatch(response.raw)
+            version: re39_result["version"]
+    r40:
+        expression: re40.bmatches(response.raw)
+        output:
+            re40_result: re40.bsubmatch(response.raw)
+            osname: '"Linux"'
+            version: re40_result["version"]
+    r41:
+        expression: re41.bmatches(response.raw)
+        output:
+            re41_result: re41.bsubmatch(response.raw)
+            version: re41_result["version"]
+    r42:
+        expression: re42.bmatches(response.raw)
+        output:
+            re42_result: re42.bsubmatch(response.raw)
+            version: re42_result["version"]
+    r43:
+        expression: re43.bmatches(response.raw)
+        output:
+            re43_result: re43.bsubmatch(response.raw)
+            version: re43_result["version"]
+    r44:
+        expression: re44.bmatches(response.raw)
+        output:
+            device: '"terminal server"'
+    r45:
+        expression: re45.bmatches(response.raw)
+expression: r1() || r2() || r3() || r4() || r5() || r6() || r7() || r8() || r9() || r10() || r11() || r12() || r13() || r14() || r15() || r16() || r17() || r18() || r19() || r20() || r21() || r22() || r23() || r24() || r25() || r26() || r27() || r28() || r29() || r30() || r31() || r32() || r33() || r34() || r35() || r36() || r37() || r38() || r39() || r40() || r41() || r42() || r43() || r44() || r45()
+detail:
+    fingerprint:
+        name: openssh
+        version: '{{version}}'
+        cpe: openssl:openssl
+        os_name: '{{osname}}'
+        device_type: '{{device}}'
\ No newline at end of file
diff --git a/finger/Apache-RocketMQ.yml b/finger/manual/web/Apache-RocketMQ.yml
similarity index 97%
rename from finger/Apache-RocketMQ.yml
rename to finger/manual/web/Apache-RocketMQ.yml
index 61d9967..da234f1 100644
--- a/finger/Apache-RocketMQ.yml
+++ b/finger/manual/web/Apache-RocketMQ.yml
@@ -3,6 +3,7 @@ manual: false
 detail:
     fingerprint:
         name: Apache-RocketMQ
+    cpe: apache:rocketmq
     fofa: 'body="title>RocketMq" || header="X-Application-Context: rocketmq-console" || title="RocketMq-console-ng"'
 transport: http
 rules:
diff --git a/finger/Apache-Spark.yml b/finger/manual/web/Apache-Spark.yml
similarity index 98%
rename from finger/Apache-Spark.yml
rename to finger/manual/web/Apache-Spark.yml
index f3854e8..cc6a2e0 100644
--- a/finger/Apache-Spark.yml
+++ b/finger/manual/web/Apache-Spark.yml
@@ -3,6 +3,7 @@ manual: false
 detail:
     fingerprint:
         name: Apache-Spark
+    cpe: apache:spark
     version: '{{version}}'
 transport: http
 rules:
diff --git a/finger/Apache-Struts2.yml b/finger/manual/web/Apache-Struts2.yml
similarity index 99%
rename from finger/Apache-Struts2.yml
rename to finger/manual/web/Apache-Struts2.yml
index a1a36c0..3b300e0 100644
--- a/finger/Apache-Struts2.yml
+++ b/finger/manual/web/Apache-Struts2.yml
@@ -3,6 +3,7 @@ manual: false
 detail:
     fingerprint:
         name: Apache-Struts2
+    cpe: apache:struts
     fofa: body="struts problem report" && body="there is no action mapped for namespace" && body="no result defined for action and result input" && body="<a href=(.*\\.action(.*</a>" && body="<form id=(.*\\.action(.*" && body="<a href=(.*\\.do(.*</a>" && body="(.*\\.action" && body="(.*\\.do" || header="jsessionid" || body="struts problem report" || body="there is no action mapped for namespace" || body="no result defined for action and result input"
 transport: http
 set:
diff --git a/finger/Azure.yml b/finger/manual/web/Azure.yml
similarity index 94%
rename from finger/Azure.yml
rename to finger/manual/web/Azure.yml
index 94e3078..24041d7 100644
--- a/finger/Azure.yml
+++ b/finger/manual/web/Azure.yml
@@ -3,6 +3,7 @@ manual: false
 detail:
     fingerprint:
         name: Azure
+    cpe: microsoft:azure
     fofa: header="azure-webrole-instance-id"
 transport: http
 rules:
diff --git a/finger/nmap/fingerprint-yaml-tcp-mysql.yml b/finger/nmap/fingerprint-yaml-tcp-mysql.yml
new file mode 100644
index 0000000..72e4cf6
--- /dev/null
+++ b/finger/nmap/fingerprint-yaml-tcp-mysql.yml
@@ -0,0 +1,259 @@
+# # This is the NULL probe that just compares any banners given to us
+# ##############################NEXT PROBE##############################
+# Probe TCP NULL q||
+# totalwaitms 6000
+# tcpwrappedms 3000
+# # MySQL Handshake packet ( .\0\0\0\x0a ) reference - http://dev.mysql.com/doc/internals/en/connection-phase-packets.html#packet-Protocol::Handshake
+# #       Error packet     ( .\0\0\0\xff ) reference - http://dev.mysql.com/doc/internals/en/packet-ERR_Packet.html#cs-packet-err-header
+# match mysql m|^.\0\0\0\xff..Host .* is not allowed to connect to this MySQL server$|s p/MySQL/ i/unauthorized/ cpe:/a:mysql:mysql/
+# match mysql m|^.\0\0\0\xff..Host .* is not allowed to connect to this MariaDB server$|s p/MariaDB/ i/unauthorized/ cpe:/a:mariadb:mariadb/
+# match mysql m|^.\0\0\0\xff..Too many connections|s p/MySQL/ i/Too many connections/ cpe:/a:mysql:mysql/
+# match mysql m|^.\0\0\0\xff..Host .* is blocked because of many connection errors|s p/MySQL/ i/blocked - too many connection errors/ cpe:/a:mysql:mysql/
+# match mysql m|^.\0\0\0\xff..Le h\xf4te '[-.\w]+' n'est pas authoris\xe9 \xe0 se connecter \xe0 ce serveur MySQL$| p/MySQL/ i/unauthorized; French/ cpe:/a:mysql:mysql::::fr/
+# match mysql m|^.\0\0\0\xff..Host hat keine Berechtigung, eine Verbindung zu diesem MySQL Server herzustellen\.|s p/MySQL/ i/unauthorized; German/ cpe:/a:mysql:mysql::::de/
+# match mysql m|^.\0\0\0\xff..Host '[-\w_.]+' hat keine Berechtigung, sich mit diesem MySQL-Server zu verbinden|s p/MySQL/ i/unauthorized; German/ cpe:/a:mysql:mysql::::de/
+# match mysql m|^.\0\0\0\xff..Al sistema '[-.\w]+' non e` consentita la connessione a questo server MySQL$|s p/MySQL/ i/unauthorized; Italian/ cpe:/a:mysql:mysql::::it/
+# match mysql m|^.\0\0\0...Servidor '[-.\w]+' est\xe1 bloqueado por muchos errores de conexi\xf3n\.  Desbloquear con 'mysqladmin flush-hosts'|s p/MySQL/ i/blocked - too many connection errors; Spanish/ cpe:/a:mysql:mysql::::es/
+# match mysql m|^.\0\0\0...'Host' '[-.\w]+' n\xe3o tem permiss\xe3o para se conectar com este servidor MySQL| p/MySQL/ i/unauthorized; Spanish/ cpe:/a:mysql:mysql::::es/
+# match mysql m|^.\0\0\0\x0a([\w._-]+)\0............\0\x5f\xd3\x2d\x02\0\0\0\0\0\0\0\0\0\0\0\0\0\0............\0$|s p/Drizzle/ v/$1/
+# match mysql m|^.\0\0\0\x0a([\w._-]+)\0............\0\x5f\xd1\x2d\x02\0\0\0\0\0\0\0\0\0\0\0\0\0\0............\0$|s p/Drizzle/ v/$1/
+# #MariaDB
+# match mysql m|^.\0\0\0\x0a(5\.[-_~.+:\w]+MariaDB-[-_~.+:\w]+~bionic)\0|s p/MySQL/ v/$1/ cpe:/a:mariadb:mariadb:$1/ o/Linux/ cpe:/o:canonical:ubuntu_linux:18.04/
+# match mysql m|^.\0\0\0\x0a(5\.[-_~.+:\w]+MariaDB-[-_~.+:\w]+)\0|s p/MySQL/ v/$1/ cpe:/a:mariadb:mariadb:$1/
+# match mysql m|^.\0\0\0.(3\.[-_~.+\w]+)\0.*\x08\x02\0\0\0\0\0\0\0\0\0\0\0\0\0\0$|s p/MySQL/ v/$1/ cpe:/a:mysql:mysql:$1/
+# match mysql m|^.\0\0\0\x0a(3\.[-_~.+\w]+)\0...\0|s p/MySQL/ v/$1/ cpe:/a:mysql:mysql:$1/
+# match mysql m|^.\0\0\0\x0a(4\.[-_~.+\w]+)\0|s p/MySQL/ v/$1/ cpe:/a:mysql:mysql:$1/
+# match mysql m|^.\0\0\0\x0a(5\.[-_~.+\w]+)\0|s p/MySQL/ v/$1/ cpe:/a:mysql:mysql:$1/
+# match mysql m|^.\0\0\0\x0a(6\.[-_~.+\w]+)\0...\0|s p/MySQL/ v/$1/ cpe:/a:mysql:mysql:$1/
+# match mysql m|^.\0\0\0\x0a(8\.[-_~.+\w]+)\0...\0|s p/MySQL/ v/$1/ cpe:/a:mysql:mysql:$1/
+# match mysql m|^.\0\0\0\xffj\x04'[\d.]+' .* MySQL|s p/MySQL/ cpe:/a:mysql:mysql/
+# # This will get awkward if Sphinx goes to version 3.
+# match mysql m|^.\0\0\0.([012]\.[\w.-]+)(?: \([0-9a-f]+\))?\0|s p/Sphinx Search SphinxQL/ v/$1/ cpe:/a:sphinx:sphinx_search:$1/
+# match mysql m|^.\0\0\0\x0a(0[\w._-]+)\0| p/MySQL instance manager/ v/$1/ cpe:/a:mysql:mysql:$1/
+# ##############################NEXT PROBE##############################
+# Probe TCP GenericLines q|\r\n\r\n|
+# rarity 1
+# ports 21,23,35,43,79,98,110,113,119,199,214,264,449,505,510,540,587,616,628,666,731,771,782,1000,1010,1040-1043,1080,1212,1220,1248,1302,1400,1432,1467,1501,1505,1666,1687-1688,2010,2024,2600,3000,3005,3128,3310,3333,3940,4155,5000,5400,5432,5555,5570,6112,6432,6667-6670,7144,7145,7200,7780,8000,8138,9000-9003,9801,11371,11965,13720,15000-15002,18086,19150,26214,26470,31416,30444,34012,56667
+# sslports 989,990,992,995
+# match mysql m|^\x10\0\0\x01\xff\x13\x04Bad handshake$| p/MySQL/ cpe:/a:mysql:mysql/
+# # MySQL Handshake packet ( .\0\0\0\x0a ) reference - http://dev.mysql.com/doc/internals/en/connection-phase-packets.html#packet-Protocol::Handshake
+# #       Error packet     ( .\0\0\0\xff ) reference - http://dev.mysql.com/doc/internals/en/packet-ERR_Packet.html#cs-packet-err-header
+# match mysql m|^.\0\0\0\xff..Host .* is not allowed to connect to this MySQL server$|s p/MySQL/ i/unauthorized/ cpe:/a:mysql:mysql/
+# match mysql m|^.\0\0\0\xff..Host .* is not allowed to connect to this MariaDB server$|s p/MariaDB/ i/unauthorized/ cpe:/a:mariadb:mariadb/
+# match mysql m|^.\0\0\0\xff..Too many connections|s p/MySQL/ i/Too many connections/ cpe:/a:mysql:mysql/
+# match mysql m|^.\0\0\0\xff..Host .* is blocked because of many connection errors|s p/MySQL/ i/blocked - too many connection errors/ cpe:/a:mysql:mysql/
+# match mysql m|^.\0\0\0\xff..Le h\xf4te '[-.\w]+' n'est pas authoris\xe9 \xe0 se connecter \xe0 ce serveur MySQL$| p/MySQL/ i/unauthorized; French/ cpe:/a:mysql:mysql::::fr/
+# match mysql m|^.\0\0\0\xff..Host hat keine Berechtigung, eine Verbindung zu diesem MySQL Server herzustellen\.|s p/MySQL/ i/unauthorized; German/ cpe:/a:mysql:mysql::::de/
+# match mysql m|^.\0\0\0\xff..Host '[-\w_.]+' hat keine Berechtigung, sich mit diesem MySQL-Server zu verbinden|s p/MySQL/ i/unauthorized; German/ cpe:/a:mysql:mysql::::de/
+# match mysql m|^.\0\0\0\xff..Al sistema '[-.\w]+' non e` consentita la connessione a questo server MySQL$|s p/MySQL/ i/unauthorized; Italian/ cpe:/a:mysql:mysql::::it/
+# match mysql m|^.\0\0\0...Servidor '[-.\w]+' est\xe1 bloqueado por muchos errores de conexi\xf3n\.  Desbloquear con 'mysqladmin flush-hosts'|s p/MySQL/ i/blocked - too many connection errors; Spanish/ cpe:/a:mysql:mysql::::es/
+# match mysql m|^.\0\0\0...'Host' '[-.\w]+' n\xe3o tem permiss\xe3o para se conectar com este servidor MySQL| p/MySQL/ i/unauthorized; Spanish/ cpe:/a:mysql:mysql::::es/
+# match mysql m|^.\0\0\0\x0a([\w._-]+)\0............\0\x5f\xd3\x2d\x02\0\0\0\0\0\0\0\0\0\0\0\0\0\0............\0$|s p/Drizzle/ v/$1/
+# match mysql m|^.\0\0\0\x0a([\w._-]+)\0............\0\x5f\xd1\x2d\x02\0\0\0\0\0\0\0\0\0\0\0\0\0\0............\0$|s p/Drizzle/ v/$1/
+# #MariaDB
+# match mysql m|^.\0\0\0\x0a(5\.[-_~.+:\w]+MariaDB-[-_~.+:\w]+~bionic)\0|s p/MySQL/ v/$1/ cpe:/a:mariadb:mariadb:$1/ o/Linux/ cpe:/o:canonical:ubuntu_linux:18.04/
+# match mysql m|^.\0\0\0\x0a(5\.[-_~.+:\w]+MariaDB-[-_~.+:\w]+)\0|s p/MySQL/ v/$1/ cpe:/a:mariadb:mariadb:$1/
+# match mysql m|^.\0\0\0.(3\.[-_~.+\w]+)\0.*\x08\x02\0\0\0\0\0\0\0\0\0\0\0\0\0\0$|s p/MySQL/ v/$1/ cpe:/a:mysql:mysql:$1/
+# match mysql m|^.\0\0\0\x0a(3\.[-_~.+\w]+)\0...\0|s p/MySQL/ v/$1/ cpe:/a:mysql:mysql:$1/
+# match mysql m|^.\0\0\0\x0a(4\.[-_~.+\w]+)\0|s p/MySQL/ v/$1/ cpe:/a:mysql:mysql:$1/
+# match mysql m|^.\0\0\0\x0a(5\.[-_~.+\w]+)\0|s p/MySQL/ v/$1/ cpe:/a:mysql:mysql:$1/
+# match mysql m|^.\0\0\0\x0a(6\.[-_~.+\w]+)\0...\0|s p/MySQL/ v/$1/ cpe:/a:mysql:mysql:$1/
+# match mysql m|^.\0\0\0\x0a(8\.[-_~.+\w]+)\0...\0|s p/MySQL/ v/$1/ cpe:/a:mysql:mysql:$1/
+# match mysql m|^.\0\0\0\xffj\x04'[\d.]+' .* MySQL|s p/MySQL/ cpe:/a:mysql:mysql/
+# # This will get awkward if Sphinx goes to version 3.
+# match mysql m|^.\0\0\0.([012]\.[\w.-]+)(?: \([0-9a-f]+\))?\0|s p/Sphinx Search SphinxQL/ v/$1/ cpe:/a:sphinx:sphinx_search:$1/
+# match mysql m|^.\0\0\0\x0a(0[\w._-]+)\0| p/MySQL instance manager/ v/$1/ cpe:/a:mysql:mysql:$1/
+name: fingerprint-yaml-tcp-mysql-
+manual: false
+detail:
+    fingerprint:
+        name: mysql
+        version: '{{version}}'
+        os_name: '{{osname}}'
+        cpe: oracle:mysql
+transport: tcp
+set:
+    GenericLines: b"\r\n\r\n"
+    re1: '"^\\x10\\0\\0\\x01\\xff\\x13\\x04Bad handshake$"'
+    re10: '"(?s)^.\\0\\0\\0...Servidor ''[-.\\w]+'' est\\xe1 bloqueado por muchos errores de conexi\\xf3n\\.  Desbloquear con ''mysqladmin flush-hosts''"'
+    re11: '"^.\\0\\0\\0...''Host'' ''[-.\\w]+'' n\\xe3o tem permiss\\xe3o para se conectar com este servidor MySQL"'
+    re12: '"(?s)^.\\0\\0\\0\\x0a(?P<version>[\\w._-]+)\\0............\\0\\x5f\\xd3\\x2d\\x02\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0............\\0$"'
+    re13: '"(?s)^.\\0\\0\\0\\x0a(?P<version>[\\w._-]+)\\0............\\0\\x5f\\xd1\\x2d\\x02\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0............\\0$"'
+    re14: '"(?s)^.\\0\\0\\0\\x0a(?P<version>5\\.[-_~.+:\\w]+MariaDB-[-_~.+:\\w]+~bionic)\\0"'
+    re15: '"(?s)^.\\0\\0\\0\\x0a(?P<version>5\\.[-_~.+:\\w]+MariaDB-[-_~.+:\\w]+)\\0"'
+    re16: '"(?s)^.\\0\\0\\0.(?P<version>3\\.[-_~.+\\w]+)\\0.*\\x08\\x02\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0\\0$"'
+    re17: '"(?s)^.\\0\\0\\0\\x0a(?P<version>3\\.[-_~.+\\w]+)\\0...\\0"'
+    re18: '"(?s)^.\\0\\0\\0\\x0a(?P<version>4\\.[-_~.+\\w]+)\\0"'
+    re19: '"(?s)^.\\0\\0\\0\\x0a(?P<version>5\\.[-_~.+\\w]+)\\0"'
+    re2: '"(?s)^.\\0\\0\\0\\xff..Host .* is not allowed to connect to this MySQL server$"'
+    re20: '"(?s)^.\\0\\0\\0\\x0a(?P<version>6\\.[-_~.+\\w]+)\\0...\\0"'
+    re21: '"(?s)^.\\0\\0\\0\\x0a(?P<version>8\\.[-_~.+\\w]+)\\0...\\0"'
+    re22: '"(?s)^.\\0\\0\\0\\xffj\\x04''[\\d.]+'' .* MySQL"'
+    re23: '"(?s)^.\\0\\0\\0.(?P<version>[012]\\.[\\w.-]+)(?: \\([0-9a-f]+\\))?\\0"'
+    re24: '"^.\\0\\0\\0\\x0a(?P<version>0[\\w._-]+)\\0"'
+    re3: '"(?s)^.\\0\\0\\0\\xff..Host .* is not allowed to connect to this MariaDB server$"'
+    re4: '"(?s)^.\\0\\0\\0\\xff..Too many connections"'
+    re5: '"(?s)^.\\0\\0\\0\\xff..Host .* is blocked because of many connection errors"'
+    re6: '"^.\\0\\0\\0\\xff..Le h\\xf4te ''[-.\\w]+'' n''est pas authoris\\xe9 \\xe0 se connecter \\xe0 ce serveur MySQL$"'
+    re7: '"(?s)^.\\0\\0\\0\\xff..Host hat keine Berechtigung, eine Verbindung zu diesem MySQL Server herzustellen\\."'
+    re8: '"(?s)^.\\0\\0\\0\\xff..Host ''[-\\w_.]+'' hat keine Berechtigung, sich mit diesem MySQL-Server zu verbinden"'
+    re9: '"(?s)^.\\0\\0\\0\\xff..Al sistema ''[-.\\w]+'' non e` consentita la connessione a questo server MySQL$"'
+rules:
+    r1:
+        request:
+            cache: true
+            content: '{{GenericLines}}'
+        expression: re1.bmatches(response.raw)
+    r2:
+        request:
+            cache: true
+            content: '{{GenericLines}}'
+        expression: re2.bmatches(response.raw)
+    r3:
+        request:
+            cache: true
+            content: '{{GenericLines}}'
+        expression: re3.bmatches(response.raw)
+    r4:
+        request:
+            cache: true
+            content: '{{GenericLines}}'
+        expression: re4.bmatches(response.raw)
+    r5:
+        request:
+            cache: true
+            content: '{{GenericLines}}'
+        expression: re5.bmatches(response.raw)
+    r6:
+        request:
+            cache: true
+            content: '{{GenericLines}}'
+        expression: re6.bmatches(response.raw)
+    r7:
+        request:
+            cache: true
+            content: '{{GenericLines}}'
+        expression: re7.bmatches(response.raw)
+    r8:
+        request:
+            cache: true
+            content: '{{GenericLines}}'
+        expression: re8.bmatches(response.raw)
+    r9:
+        request:
+            cache: true
+            content: '{{GenericLines}}'
+        expression: re9.bmatches(response.raw)
+    r10:
+        request:
+            cache: true
+            content: '{{GenericLines}}'
+        expression: re10.bmatches(response.raw)
+    r11:
+        request:
+            cache: true
+            content: '{{GenericLines}}'
+        expression: re11.bmatches(response.raw)
+    r12:
+        request:
+            cache: true
+            content: '{{GenericLines}}'
+        expression: re12.bmatches(response.raw)
+        output:
+            r12_result: re12.bsubmatch(response.raw)
+            version: r12_result['version']
+    r13:
+        request:
+            cache: true
+            content: '{{GenericLines}}'
+        expression: re13.bmatches(response.raw)
+        output:
+            r13_result: re13.bsubmatch(response.raw)
+            version: r13_result['version']
+    r14:
+        request:
+            cache: true
+            content: '{{GenericLines}}'
+        expression: re14.bmatches(response.raw)
+        output:
+            r14_result: re14.bsubmatch(response.raw)
+            osname: '''Linux'''
+            version: r14_result['version']
+    r15:
+        request:
+            cache: true
+            content: '{{GenericLines}}'
+        expression: re15.bmatches(response.raw)
+        output:
+            r15_result: re15.bsubmatch(response.raw)
+            version: r15_result['version']
+    r16:
+        request:
+            cache: true
+            content: '{{GenericLines}}'
+        expression: re16.bmatches(response.raw)
+        output:
+            r16_result: re16.bsubmatch(response.raw)
+            version: r16_result['version']
+    r17:
+        request:
+            cache: true
+            content: '{{GenericLines}}'
+        expression: re17.bmatches(response.raw)
+        output:
+            r17_result: re17.bsubmatch(response.raw)
+            version: r17_result['version']
+    r18:
+        request:
+            cache: true
+            content: '{{GenericLines}}'
+        expression: re18.bmatches(response.raw)
+        output:
+            r18_result: re18.bsubmatch(response.raw)
+            version: r18_result['version']
+    r19:
+        request:
+            cache: true
+            content: '{{GenericLines}}'
+        expression: re19.bmatches(response.raw)
+        output:
+            r19_result: re19.bsubmatch(response.raw)
+            version: r19_result['version']
+    r20:
+        request:
+            cache: true
+            content: '{{GenericLines}}'
+        expression: re20.bmatches(response.raw)
+        output:
+            r20_result: re20.bsubmatch(response.raw)
+            version: r20_result['version']
+    r21:
+        request:
+            cache: true
+            content: '{{GenericLines}}'
+        expression: re21.bmatches(response.raw)
+        output:
+            r21_result: re21.bsubmatch(response.raw)
+            version: r21_result['version']
+    r22:
+        request:
+            cache: true
+            content: '{{GenericLines}}'
+        expression: re22.bmatches(response.raw)
+    r23:
+        request:
+            cache: true
+            content: '{{GenericLines}}'
+        expression: re23.bmatches(response.raw)
+        output:
+            r23_result: re23.bsubmatch(response.raw)
+            version: r23_result['version']
+    r24:
+        request:
+            cache: true
+            content: '{{GenericLines}}'
+        expression: re24.bmatches(response.raw)
+        output:
+            r24_result: re24.bsubmatch(response.raw)
+            version: r24_result['version']
+expression: r1() || r2() || r3() || r4() || r5() || r6() || r7() || r8() || r9() || r10() || r11() || r12() || r13() || r14() || r15() || r16() || r17() || r18() || r19() || r20() || r21() || r22() || r23() || r24()
diff --git a/group/test.list b/group/test.list
new file mode 100644
index 0000000..3d02c21
--- /dev/null
+++ b/group/test.list
@@ -0,0 +1,2 @@
+{{path}}/../finger/manual/web/Azure.yml
+{{path}}/../finger/manual/web/Apache-Struts2.yml
\ No newline at end of file
diff --git a/poc/74cms-sqli-1.yml b/poc/manual/74cms-sqli-1.yml
similarity index 100%
rename from poc/74cms-sqli-1.yml
rename to poc/manual/74cms-sqli-1.yml
diff --git a/poc/74cms-sqli-2.yml b/poc/manual/74cms-sqli-2.yml
similarity index 100%
rename from poc/74cms-sqli-2.yml
rename to poc/manual/74cms-sqli-2.yml
diff --git a/poc/74cms-sqli.yml b/poc/manual/74cms-sqli.yml
similarity index 100%
rename from poc/74cms-sqli.yml
rename to poc/manual/74cms-sqli.yml
diff --git a/poc/activemq-cve-2016-3088.yml b/poc/manual/activemq-cve-2016-3088.yml
similarity index 100%
rename from poc/activemq-cve-2016-3088.yml
rename to poc/manual/activemq-cve-2016-3088.yml
diff --git a/poc/activemq-default-password.yml b/poc/manual/activemq-default-password.yml
similarity index 100%
rename from poc/activemq-default-password.yml
rename to poc/manual/activemq-default-password.yml
diff --git a/poc/airflow-unauth.yml b/poc/manual/airflow-unauth.yml
similarity index 100%
rename from poc/airflow-unauth.yml
rename to poc/manual/airflow-unauth.yml
diff --git a/poc/alibaba-canal-default-password.yml b/poc/manual/alibaba-canal-default-password.yml
similarity index 100%
rename from poc/alibaba-canal-default-password.yml
rename to poc/manual/alibaba-canal-default-password.yml
diff --git a/poc/alibaba-canal-info-leak.yml b/poc/manual/alibaba-canal-info-leak.yml
similarity index 100%
rename from poc/alibaba-canal-info-leak.yml
rename to poc/manual/alibaba-canal-info-leak.yml
diff --git a/poc/alibaba-nacos-v1-auth-bypass.yml b/poc/manual/alibaba-nacos-v1-auth-bypass.yml
similarity index 100%
rename from poc/alibaba-nacos-v1-auth-bypass.yml
rename to poc/manual/alibaba-nacos-v1-auth-bypass.yml
diff --git a/poc/amtt-hiboss-server-ping-rce.yml b/poc/manual/amtt-hiboss-server-ping-rce.yml
similarity index 100%
rename from poc/amtt-hiboss-server-ping-rce.yml
rename to poc/manual/amtt-hiboss-server-ping-rce.yml
diff --git a/poc/apache-ambari-default-password.yml b/poc/manual/apache-ambari-default-password.yml
similarity index 100%
rename from poc/apache-ambari-default-password.yml
rename to poc/manual/apache-ambari-default-password.yml
diff --git a/poc/apache-druid-cve-2021-36749.yml b/poc/manual/apache-druid-cve-2021-36749.yml
similarity index 100%
rename from poc/apache-druid-cve-2021-36749.yml
rename to poc/manual/apache-druid-cve-2021-36749.yml
diff --git a/poc/apache-flink-upload-rce.yml b/poc/manual/apache-flink-upload-rce.yml
similarity index 100%
rename from poc/apache-flink-upload-rce.yml
rename to poc/manual/apache-flink-upload-rce.yml
diff --git a/poc/apache-httpd-cve-2021-40438-ssrf.yml b/poc/manual/apache-httpd-cve-2021-40438-ssrf.yml
similarity index 100%
rename from poc/apache-httpd-cve-2021-40438-ssrf.yml
rename to poc/manual/apache-httpd-cve-2021-40438-ssrf.yml
diff --git a/poc/apache-httpd-cve-2021-41773-path-traversal.yml b/poc/manual/apache-httpd-cve-2021-41773-path-traversal.yml
similarity index 100%
rename from poc/apache-httpd-cve-2021-41773-path-traversal.yml
rename to poc/manual/apache-httpd-cve-2021-41773-path-traversal.yml
diff --git a/poc/apache-httpd-cve-2021-41773-rce.yml b/poc/manual/apache-httpd-cve-2021-41773-rce.yml
similarity index 100%
rename from poc/apache-httpd-cve-2021-41773-rce.yml
rename to poc/manual/apache-httpd-cve-2021-41773-rce.yml
diff --git a/poc/apache-kylin-unauth-cve-2020-13937.yml b/poc/manual/apache-kylin-unauth-cve-2020-13937.yml
similarity index 100%
rename from poc/apache-kylin-unauth-cve-2020-13937.yml
rename to poc/manual/apache-kylin-unauth-cve-2020-13937.yml
diff --git a/poc/apache-nifi-api-unauthorized-access.yml b/poc/manual/apache-nifi-api-unauthorized-access.yml
similarity index 100%
rename from poc/apache-nifi-api-unauthorized-access.yml
rename to poc/manual/apache-nifi-api-unauthorized-access.yml
diff --git a/poc/apache-ofbiz-cve-2018-8033-xxe.yml b/poc/manual/apache-ofbiz-cve-2018-8033-xxe.yml
similarity index 100%
rename from poc/apache-ofbiz-cve-2018-8033-xxe.yml
rename to poc/manual/apache-ofbiz-cve-2018-8033-xxe.yml
diff --git a/poc/apache-ofbiz-cve-2020-9496-xml-deserialization.yml b/poc/manual/apache-ofbiz-cve-2020-9496-xml-deserialization.yml
similarity index 100%
rename from poc/apache-ofbiz-cve-2020-9496-xml-deserialization.yml
rename to poc/manual/apache-ofbiz-cve-2020-9496-xml-deserialization.yml
diff --git a/poc/apache-storm-unauthorized-access.yml b/poc/manual/apache-storm-unauthorized-access.yml
similarity index 100%
rename from poc/apache-storm-unauthorized-access.yml
rename to poc/manual/apache-storm-unauthorized-access.yml
diff --git a/poc/aspcms-backend-leak.yml b/poc/manual/aspcms-backend-leak.yml
similarity index 100%
rename from poc/aspcms-backend-leak.yml
rename to poc/manual/aspcms-backend-leak.yml
diff --git a/poc/bash-cve-2014-6271.yml b/poc/manual/bash-cve-2014-6271.yml
similarity index 100%
rename from poc/bash-cve-2014-6271.yml
rename to poc/manual/bash-cve-2014-6271.yml
diff --git a/poc/bt742-pma-unauthorized-access.yml b/poc/manual/bt742-pma-unauthorized-access.yml
similarity index 100%
rename from poc/bt742-pma-unauthorized-access.yml
rename to poc/manual/bt742-pma-unauthorized-access.yml
diff --git a/poc/cacti-weathermap-file-write.yml b/poc/manual/cacti-weathermap-file-write.yml
similarity index 100%
rename from poc/cacti-weathermap-file-write.yml
rename to poc/manual/cacti-weathermap-file-write.yml
diff --git a/poc/chinaunicom-modem-default-password.yml b/poc/manual/chinaunicom-modem-default-password.yml
similarity index 100%
rename from poc/chinaunicom-modem-default-password.yml
rename to poc/manual/chinaunicom-modem-default-password.yml
diff --git a/poc/cisco-cve-2020-3452-readfile.yml b/poc/manual/cisco-cve-2020-3452-readfile.yml
similarity index 100%
rename from poc/cisco-cve-2020-3452-readfile.yml
rename to poc/manual/cisco-cve-2020-3452-readfile.yml
diff --git a/poc/citrix-cve-2019-19781-path-traversal.yml b/poc/manual/citrix-cve-2019-19781-path-traversal.yml
similarity index 100%
rename from poc/citrix-cve-2019-19781-path-traversal.yml
rename to poc/manual/citrix-cve-2019-19781-path-traversal.yml
diff --git a/poc/citrix-cve-2020-8191-xss.yml b/poc/manual/citrix-cve-2020-8191-xss.yml
similarity index 100%
rename from poc/citrix-cve-2020-8191-xss.yml
rename to poc/manual/citrix-cve-2020-8191-xss.yml
diff --git a/poc/citrix-cve-2020-8193-unauthorized.yml b/poc/manual/citrix-cve-2020-8193-unauthorized.yml
similarity index 100%
rename from poc/citrix-cve-2020-8193-unauthorized.yml
rename to poc/manual/citrix-cve-2020-8193-unauthorized.yml
diff --git a/poc/citrix-xenmobile-cve-2020-8209.yml b/poc/manual/citrix-xenmobile-cve-2020-8209.yml
similarity index 100%
rename from poc/citrix-xenmobile-cve-2020-8209.yml
rename to poc/manual/citrix-xenmobile-cve-2020-8209.yml
diff --git a/poc/coldfusion-cve-2010-2861-lfi.yml b/poc/manual/coldfusion-cve-2010-2861-lfi.yml
similarity index 100%
rename from poc/coldfusion-cve-2010-2861-lfi.yml
rename to poc/manual/coldfusion-cve-2010-2861-lfi.yml
diff --git a/poc/confluence-cve-2015-8399.yml b/poc/manual/confluence-cve-2015-8399.yml
similarity index 100%
rename from poc/confluence-cve-2015-8399.yml
rename to poc/manual/confluence-cve-2015-8399.yml
diff --git a/poc/confluence-cve-2019-3396-lfi.yml b/poc/manual/confluence-cve-2019-3396-lfi.yml
similarity index 100%
rename from poc/confluence-cve-2019-3396-lfi.yml
rename to poc/manual/confluence-cve-2019-3396-lfi.yml
diff --git a/poc/confluence-cve-2021-26084.yml b/poc/manual/confluence-cve-2021-26084.yml
similarity index 100%
rename from poc/confluence-cve-2021-26084.yml
rename to poc/manual/confluence-cve-2021-26084.yml
diff --git a/poc/confluence-cve-2021-26085-arbitrary-file-read.yml b/poc/manual/confluence-cve-2021-26085-arbitrary-file-read.yml
similarity index 100%
rename from poc/confluence-cve-2021-26085-arbitrary-file-read.yml
rename to poc/manual/confluence-cve-2021-26085-arbitrary-file-read.yml
diff --git a/poc/consul-rexec-rce.yml b/poc/manual/consul-rexec-rce.yml
similarity index 100%
rename from poc/consul-rexec-rce.yml
rename to poc/manual/consul-rexec-rce.yml
diff --git a/poc/consul-service-rce.yml b/poc/manual/consul-service-rce.yml
similarity index 100%
rename from poc/consul-service-rce.yml
rename to poc/manual/consul-service-rce.yml
diff --git a/poc/coremail-cnvd-2019-16798.yml b/poc/manual/coremail-cnvd-2019-16798.yml
similarity index 100%
rename from poc/coremail-cnvd-2019-16798.yml
rename to poc/manual/coremail-cnvd-2019-16798.yml
diff --git a/poc/couchcms-cve-2018-7662.yml b/poc/manual/couchcms-cve-2018-7662.yml
similarity index 100%
rename from poc/couchcms-cve-2018-7662.yml
rename to poc/manual/couchcms-cve-2018-7662.yml
diff --git a/poc/couchdb-cve-2017-12635.yml b/poc/manual/couchdb-cve-2017-12635.yml
similarity index 100%
rename from poc/couchdb-cve-2017-12635.yml
rename to poc/manual/couchdb-cve-2017-12635.yml
diff --git a/poc/couchdb-unauth.yml b/poc/manual/couchdb-unauth.yml
similarity index 100%
rename from poc/couchdb-unauth.yml
rename to poc/manual/couchdb-unauth.yml
diff --git a/poc/craftcms-seomatic-cve-2020-9757-rce.yml b/poc/manual/craftcms-seomatic-cve-2020-9757-rce.yml
similarity index 100%
rename from poc/craftcms-seomatic-cve-2020-9757-rce.yml
rename to poc/manual/craftcms-seomatic-cve-2020-9757-rce.yml
diff --git a/poc/dahua-cve-2021-33044-authentication-bypass.yml b/poc/manual/dahua-cve-2021-33044-authentication-bypass.yml
similarity index 100%
rename from poc/dahua-cve-2021-33044-authentication-bypass.yml
rename to poc/manual/dahua-cve-2021-33044-authentication-bypass.yml
diff --git a/poc/datang-ac-default-password-cnvd-2021-04128.yml b/poc/manual/datang-ac-default-password-cnvd-2021-04128.yml
similarity index 100%
rename from poc/datang-ac-default-password-cnvd-2021-04128.yml
rename to poc/manual/datang-ac-default-password-cnvd-2021-04128.yml
diff --git a/poc/dedecms-carbuyaction-fileinclude.yml b/poc/manual/dedecms-carbuyaction-fileinclude.yml
similarity index 100%
rename from poc/dedecms-carbuyaction-fileinclude.yml
rename to poc/manual/dedecms-carbuyaction-fileinclude.yml
diff --git a/poc/dedecms-cve-2018-6910.yml b/poc/manual/dedecms-cve-2018-6910.yml
similarity index 100%
rename from poc/dedecms-cve-2018-6910.yml
rename to poc/manual/dedecms-cve-2018-6910.yml
diff --git a/poc/dedecms-cve-2018-7700-rce.yml b/poc/manual/dedecms-cve-2018-7700-rce.yml
similarity index 100%
rename from poc/dedecms-cve-2018-7700-rce.yml
rename to poc/manual/dedecms-cve-2018-7700-rce.yml
diff --git a/poc/dedecms-guestbook-sqli.yml b/poc/manual/dedecms-guestbook-sqli.yml
similarity index 100%
rename from poc/dedecms-guestbook-sqli.yml
rename to poc/manual/dedecms-guestbook-sqli.yml
diff --git a/poc/dedecms-membergroup-sqli.yml b/poc/manual/dedecms-membergroup-sqli.yml
similarity index 100%
rename from poc/dedecms-membergroup-sqli.yml
rename to poc/manual/dedecms-membergroup-sqli.yml
diff --git a/poc/dedecms-url-redirection.yml b/poc/manual/dedecms-url-redirection.yml
similarity index 100%
rename from poc/dedecms-url-redirection.yml
rename to poc/manual/dedecms-url-redirection.yml
diff --git a/poc/discuz-ml3x-cnvd-2019-22239.yml b/poc/manual/discuz-ml3x-cnvd-2019-22239.yml
similarity index 100%
rename from poc/discuz-ml3x-cnvd-2019-22239.yml
rename to poc/manual/discuz-ml3x-cnvd-2019-22239.yml
diff --git a/poc/discuz-v72-sqli.yml b/poc/manual/discuz-v72-sqli.yml
similarity index 100%
rename from poc/discuz-v72-sqli.yml
rename to poc/manual/discuz-v72-sqli.yml
diff --git a/poc/discuz-wechat-plugins-unauth.yml b/poc/manual/discuz-wechat-plugins-unauth.yml
similarity index 100%
rename from poc/discuz-wechat-plugins-unauth.yml
rename to poc/manual/discuz-wechat-plugins-unauth.yml
diff --git a/poc/discuz-wooyun-2010-080723.yml b/poc/manual/discuz-wooyun-2010-080723.yml
similarity index 100%
rename from poc/discuz-wooyun-2010-080723.yml
rename to poc/manual/discuz-wooyun-2010-080723.yml
diff --git a/poc/dlink-850l-info-leak.yml b/poc/manual/dlink-850l-info-leak.yml
similarity index 100%
rename from poc/dlink-850l-info-leak.yml
rename to poc/manual/dlink-850l-info-leak.yml
diff --git a/poc/dlink-cve-2019-16920-rce.yml b/poc/manual/dlink-cve-2019-16920-rce.yml
similarity index 100%
rename from poc/dlink-cve-2019-16920-rce.yml
rename to poc/manual/dlink-cve-2019-16920-rce.yml
diff --git a/poc/dlink-cve-2019-17506.yml b/poc/manual/dlink-cve-2019-17506.yml
similarity index 100%
rename from poc/dlink-cve-2019-17506.yml
rename to poc/manual/dlink-cve-2019-17506.yml
diff --git a/poc/dlink-cve-2020-25078-account-disclosure.yml b/poc/manual/dlink-cve-2020-25078-account-disclosure.yml
similarity index 100%
rename from poc/dlink-cve-2020-25078-account-disclosure.yml
rename to poc/manual/dlink-cve-2020-25078-account-disclosure.yml
diff --git a/poc/dlink-cve-2020-9376-dump-credentials.yml b/poc/manual/dlink-cve-2020-9376-dump-credentials.yml
similarity index 100%
rename from poc/dlink-cve-2020-9376-dump-credentials.yml
rename to poc/manual/dlink-cve-2020-9376-dump-credentials.yml
diff --git a/poc/dlink-dsl-2888a-rce.yml b/poc/manual/dlink-dsl-2888a-rce.yml
similarity index 100%
rename from poc/dlink-dsl-2888a-rce.yml
rename to poc/manual/dlink-dsl-2888a-rce.yml
diff --git a/poc/docker-api-unauthorized-rce.yml b/poc/manual/docker-api-unauthorized-rce.yml
similarity index 100%
rename from poc/docker-api-unauthorized-rce.yml
rename to poc/manual/docker-api-unauthorized-rce.yml
diff --git a/poc/docker-registry-api-unauth.yml b/poc/manual/docker-registry-api-unauth.yml
similarity index 100%
rename from poc/docker-registry-api-unauth.yml
rename to poc/manual/docker-registry-api-unauth.yml
diff --git a/poc/dotnetcms-sqli.yml b/poc/manual/dotnetcms-sqli.yml
similarity index 100%
rename from poc/dotnetcms-sqli.yml
rename to poc/manual/dotnetcms-sqli.yml
diff --git a/poc/draytek-cve-2020-8515.yml b/poc/manual/draytek-cve-2020-8515.yml
similarity index 100%
rename from poc/draytek-cve-2020-8515.yml
rename to poc/manual/draytek-cve-2020-8515.yml
diff --git a/poc/druid-monitor-unauth.yml b/poc/manual/druid-monitor-unauth.yml
similarity index 100%
rename from poc/druid-monitor-unauth.yml
rename to poc/manual/druid-monitor-unauth.yml
diff --git a/poc/drupal-cve-2014-3704-sqli.yml b/poc/manual/drupal-cve-2014-3704-sqli.yml
similarity index 100%
rename from poc/drupal-cve-2014-3704-sqli.yml
rename to poc/manual/drupal-cve-2014-3704-sqli.yml
diff --git a/poc/drupal-cve-2018-7600-rce.yml b/poc/manual/drupal-cve-2018-7600-rce.yml
similarity index 100%
rename from poc/drupal-cve-2018-7600-rce.yml
rename to poc/manual/drupal-cve-2018-7600-rce.yml
diff --git a/poc/drupal-cve-2019-6340.yml b/poc/manual/drupal-cve-2019-6340.yml
similarity index 100%
rename from poc/drupal-cve-2019-6340.yml
rename to poc/manual/drupal-cve-2019-6340.yml
diff --git a/poc/dubbo-admin-default-password.yml b/poc/manual/dubbo-admin-default-password.yml
similarity index 100%
rename from poc/dubbo-admin-default-password.yml
rename to poc/manual/dubbo-admin-default-password.yml
diff --git a/poc/duomicms-sqli.yml b/poc/manual/duomicms-sqli.yml
similarity index 100%
rename from poc/duomicms-sqli.yml
rename to poc/manual/duomicms-sqli.yml
diff --git a/poc/dvr-cve-2018-9995.yml b/poc/manual/dvr-cve-2018-9995.yml
similarity index 100%
rename from poc/dvr-cve-2018-9995.yml
rename to poc/manual/dvr-cve-2018-9995.yml
diff --git a/poc/e-zkeco-cnvd-2020-57264-read-file.yml b/poc/manual/e-zkeco-cnvd-2020-57264-read-file.yml
similarity index 100%
rename from poc/e-zkeco-cnvd-2020-57264-read-file.yml
rename to poc/manual/e-zkeco-cnvd-2020-57264-read-file.yml
diff --git a/poc/ecology-arbitrary-file-upload.yml b/poc/manual/ecology-arbitrary-file-upload.yml
similarity index 100%
rename from poc/ecology-arbitrary-file-upload.yml
rename to poc/manual/ecology-arbitrary-file-upload.yml
diff --git a/poc/ecology-filedownload-directory-traversal.yml b/poc/manual/ecology-filedownload-directory-traversal.yml
similarity index 100%
rename from poc/ecology-filedownload-directory-traversal.yml
rename to poc/manual/ecology-filedownload-directory-traversal.yml
diff --git a/poc/ecology-javabeanshell-rce.yml b/poc/manual/ecology-javabeanshell-rce.yml
similarity index 100%
rename from poc/ecology-javabeanshell-rce.yml
rename to poc/manual/ecology-javabeanshell-rce.yml
diff --git a/poc/ecology-springframework-directory-traversal.yml b/poc/manual/ecology-springframework-directory-traversal.yml
similarity index 100%
rename from poc/ecology-springframework-directory-traversal.yml
rename to poc/manual/ecology-springframework-directory-traversal.yml
diff --git a/poc/ecology-syncuserinfo-sqli.yml b/poc/manual/ecology-syncuserinfo-sqli.yml
similarity index 100%
rename from poc/ecology-syncuserinfo-sqli.yml
rename to poc/manual/ecology-syncuserinfo-sqli.yml
diff --git a/poc/ecology-v8-sqli.yml b/poc/manual/ecology-v8-sqli.yml
similarity index 100%
rename from poc/ecology-v8-sqli.yml
rename to poc/manual/ecology-v8-sqli.yml
diff --git a/poc/ecology-validate-sqli.yml b/poc/manual/ecology-validate-sqli.yml
similarity index 100%
rename from poc/ecology-validate-sqli.yml
rename to poc/manual/ecology-validate-sqli.yml
diff --git a/poc/ecology-workflowcentertreedata-sqli.yml b/poc/manual/ecology-workflowcentertreedata-sqli.yml
similarity index 100%
rename from poc/ecology-workflowcentertreedata-sqli.yml
rename to poc/manual/ecology-workflowcentertreedata-sqli.yml
diff --git a/poc/ecshop-cnvd-2020-58823-sqli.yml b/poc/manual/ecshop-cnvd-2020-58823-sqli.yml
similarity index 100%
rename from poc/ecshop-cnvd-2020-58823-sqli.yml
rename to poc/manual/ecshop-cnvd-2020-58823-sqli.yml
diff --git a/poc/ecshop-collection-list-sqli.yml b/poc/manual/ecshop-collection-list-sqli.yml
similarity index 100%
rename from poc/ecshop-collection-list-sqli.yml
rename to poc/manual/ecshop-collection-list-sqli.yml
diff --git a/poc/ecshop-rce.yml b/poc/manual/ecshop-rce.yml
similarity index 100%
rename from poc/ecshop-rce.yml
rename to poc/manual/ecshop-rce.yml
diff --git a/poc/eea-info-leak-cnvd-2021-10543.yml b/poc/manual/eea-info-leak-cnvd-2021-10543.yml
similarity index 100%
rename from poc/eea-info-leak-cnvd-2021-10543.yml
rename to poc/manual/eea-info-leak-cnvd-2021-10543.yml
diff --git a/poc/elasticsearch-cve-2014-3120.yml b/poc/manual/elasticsearch-cve-2014-3120.yml
similarity index 100%
rename from poc/elasticsearch-cve-2014-3120.yml
rename to poc/manual/elasticsearch-cve-2014-3120.yml
diff --git a/poc/elasticsearch-cve-2015-1427.yml b/poc/manual/elasticsearch-cve-2015-1427.yml
similarity index 100%
rename from poc/elasticsearch-cve-2015-1427.yml
rename to poc/manual/elasticsearch-cve-2015-1427.yml
diff --git a/poc/elasticsearch-cve-2015-3337-lfi.yml b/poc/manual/elasticsearch-cve-2015-3337-lfi.yml
similarity index 100%
rename from poc/elasticsearch-cve-2015-3337-lfi.yml
rename to poc/manual/elasticsearch-cve-2015-3337-lfi.yml
diff --git a/poc/elasticsearch-cve-2015-5531.yml b/poc/manual/elasticsearch-cve-2015-5531.yml
similarity index 100%
rename from poc/elasticsearch-cve-2015-5531.yml
rename to poc/manual/elasticsearch-cve-2015-5531.yml
diff --git a/poc/elasticsearch-unauth.yml b/poc/manual/elasticsearch-unauth.yml
similarity index 100%
rename from poc/elasticsearch-unauth.yml
rename to poc/manual/elasticsearch-unauth.yml
diff --git a/poc/etcd-unauth.yml b/poc/manual/etcd-unauth.yml
similarity index 100%
rename from poc/etcd-unauth.yml
rename to poc/manual/etcd-unauth.yml
diff --git a/poc/etouch-v2-sqli.yml b/poc/manual/etouch-v2-sqli.yml
similarity index 100%
rename from poc/etouch-v2-sqli.yml
rename to poc/manual/etouch-v2-sqli.yml
diff --git a/poc/exchange-cve-2021-26855-ssrf.yml b/poc/manual/exchange-cve-2021-26855-ssrf.yml
similarity index 100%
rename from poc/exchange-cve-2021-26855-ssrf.yml
rename to poc/manual/exchange-cve-2021-26855-ssrf.yml
diff --git a/poc/exchange-cve-2021-41349-xss.yml b/poc/manual/exchange-cve-2021-41349-xss.yml
similarity index 100%
rename from poc/exchange-cve-2021-41349-xss.yml
rename to poc/manual/exchange-cve-2021-41349-xss.yml
diff --git a/poc/f5-cve-2021-22986.yml b/poc/manual/f5-cve-2021-22986.yml
similarity index 100%
rename from poc/f5-cve-2021-22986.yml
rename to poc/manual/f5-cve-2021-22986.yml
diff --git a/poc/f5-tmui-cve-2020-5902-rce.yml b/poc/manual/f5-tmui-cve-2020-5902-rce.yml
similarity index 100%
rename from poc/f5-tmui-cve-2020-5902-rce.yml
rename to poc/manual/f5-tmui-cve-2020-5902-rce.yml
diff --git a/poc/fangweicms-sqli.yml b/poc/manual/fangweicms-sqli.yml
similarity index 100%
rename from poc/fangweicms-sqli.yml
rename to poc/manual/fangweicms-sqli.yml
diff --git a/poc/feifeicms-lfr.yml b/poc/manual/feifeicms-lfr.yml
similarity index 100%
rename from poc/feifeicms-lfr.yml
rename to poc/manual/feifeicms-lfr.yml
diff --git a/poc/finecms-sqli.yml b/poc/manual/finecms-sqli.yml
similarity index 100%
rename from poc/finecms-sqli.yml
rename to poc/manual/finecms-sqli.yml
diff --git a/poc/finereport-directory-traversal.yml b/poc/manual/finereport-directory-traversal.yml
similarity index 100%
rename from poc/finereport-directory-traversal.yml
rename to poc/manual/finereport-directory-traversal.yml
diff --git a/poc/flexpaper-cve-2018-11686.yml b/poc/manual/flexpaper-cve-2018-11686.yml
similarity index 100%
rename from poc/flexpaper-cve-2018-11686.yml
rename to poc/manual/flexpaper-cve-2018-11686.yml
diff --git a/poc/flink-jobmanager-cve-2020-17519-lfi.yml b/poc/manual/flink-jobmanager-cve-2020-17519-lfi.yml
similarity index 100%
rename from poc/flink-jobmanager-cve-2020-17519-lfi.yml
rename to poc/manual/flink-jobmanager-cve-2020-17519-lfi.yml
diff --git a/poc/fortigate-cve-2018-13379-readfile.yml b/poc/manual/fortigate-cve-2018-13379-readfile.yml
similarity index 100%
rename from poc/fortigate-cve-2018-13379-readfile.yml
rename to poc/manual/fortigate-cve-2018-13379-readfile.yml
diff --git a/poc/frp-dashboard-unauth.yml b/poc/manual/frp-dashboard-unauth.yml
similarity index 100%
rename from poc/frp-dashboard-unauth.yml
rename to poc/manual/frp-dashboard-unauth.yml
diff --git a/poc/gateone-cve-2020-35736.yml b/poc/manual/gateone-cve-2020-35736.yml
similarity index 100%
rename from poc/gateone-cve-2020-35736.yml
rename to poc/manual/gateone-cve-2020-35736.yml
diff --git a/poc/gilacms-cve-2020-5515.yml b/poc/manual/gilacms-cve-2020-5515.yml
similarity index 100%
rename from poc/gilacms-cve-2020-5515.yml
rename to poc/manual/gilacms-cve-2020-5515.yml
diff --git a/poc/gitlab-graphql-info-leak-cve-2020-26413.yml b/poc/manual/gitlab-graphql-info-leak-cve-2020-26413.yml
similarity index 100%
rename from poc/gitlab-graphql-info-leak-cve-2020-26413.yml
rename to poc/manual/gitlab-graphql-info-leak-cve-2020-26413.yml
diff --git a/poc/gitlab-ssrf-cve-2021-22214.yml b/poc/manual/gitlab-ssrf-cve-2021-22214.yml
similarity index 100%
rename from poc/gitlab-ssrf-cve-2021-22214.yml
rename to poc/manual/gitlab-ssrf-cve-2021-22214.yml
diff --git a/poc/gitlist-rce-cve-2018-1000533.yml b/poc/manual/gitlist-rce-cve-2018-1000533.yml
similarity index 100%
rename from poc/gitlist-rce-cve-2018-1000533.yml
rename to poc/manual/gitlist-rce-cve-2018-1000533.yml
diff --git a/poc/glassfish-cve-2017-1000028-lfi.yml b/poc/manual/glassfish-cve-2017-1000028-lfi.yml
similarity index 100%
rename from poc/glassfish-cve-2017-1000028-lfi.yml
rename to poc/manual/glassfish-cve-2017-1000028-lfi.yml
diff --git a/poc/go-pprof-leak.yml b/poc/manual/go-pprof-leak.yml
similarity index 100%
rename from poc/go-pprof-leak.yml
rename to poc/manual/go-pprof-leak.yml
diff --git a/poc/gocd-cve-2021-43287.yml b/poc/manual/gocd-cve-2021-43287.yml
similarity index 100%
rename from poc/gocd-cve-2021-43287.yml
rename to poc/manual/gocd-cve-2021-43287.yml
diff --git a/poc/grafana-default-password.yml b/poc/manual/grafana-default-password.yml
similarity index 100%
rename from poc/grafana-default-password.yml
rename to poc/manual/grafana-default-password.yml
diff --git a/poc/h2-database-web-console-unauthorized-access.yml b/poc/manual/h2-database-web-console-unauthorized-access.yml
similarity index 100%
rename from poc/h2-database-web-console-unauthorized-access.yml
rename to poc/manual/h2-database-web-console-unauthorized-access.yml
diff --git a/poc/h3c-imc-rce.yml b/poc/manual/h3c-imc-rce.yml
similarity index 100%
rename from poc/h3c-imc-rce.yml
rename to poc/manual/h3c-imc-rce.yml
diff --git a/poc/h3c-secparh-any-user-login.yml b/poc/manual/h3c-secparh-any-user-login.yml
similarity index 100%
rename from poc/h3c-secparh-any-user-login.yml
rename to poc/manual/h3c-secparh-any-user-login.yml
diff --git a/poc/h5s-video-platform-cnvd-2020-67113-unauth.yml b/poc/manual/h5s-video-platform-cnvd-2020-67113-unauth.yml
similarity index 100%
rename from poc/h5s-video-platform-cnvd-2020-67113-unauth.yml
rename to poc/manual/h5s-video-platform-cnvd-2020-67113-unauth.yml
diff --git a/poc/hadoop-yarn-unauth.yml b/poc/manual/hadoop-yarn-unauth.yml
similarity index 100%
rename from poc/hadoop-yarn-unauth.yml
rename to poc/manual/hadoop-yarn-unauth.yml
diff --git a/poc/hanming-video-conferencing-file-read.yml b/poc/manual/hanming-video-conferencing-file-read.yml
similarity index 100%
rename from poc/hanming-video-conferencing-file-read.yml
rename to poc/manual/hanming-video-conferencing-file-read.yml
diff --git a/poc/harbor-cve-2019-16097.yml b/poc/manual/harbor-cve-2019-16097.yml
similarity index 100%
rename from poc/harbor-cve-2019-16097.yml
rename to poc/manual/harbor-cve-2019-16097.yml
diff --git a/poc/hikvision-cve-2017-7921.yml b/poc/manual/hikvision-cve-2017-7921.yml
similarity index 100%
rename from poc/hikvision-cve-2017-7921.yml
rename to poc/manual/hikvision-cve-2017-7921.yml
diff --git a/poc/hikvision-info-leak.yml b/poc/manual/hikvision-info-leak.yml
similarity index 100%
rename from poc/hikvision-info-leak.yml
rename to poc/manual/hikvision-info-leak.yml
diff --git a/poc/hikvision-intercom-service-default-password.yml b/poc/manual/hikvision-intercom-service-default-password.yml
similarity index 100%
rename from poc/hikvision-intercom-service-default-password.yml
rename to poc/manual/hikvision-intercom-service-default-password.yml
diff --git a/poc/hikvision-unauthenticated-rce-cve-2021-36260.yml b/poc/manual/hikvision-unauthenticated-rce-cve-2021-36260.yml
similarity index 100%
rename from poc/hikvision-unauthenticated-rce-cve-2021-36260.yml
rename to poc/manual/hikvision-unauthenticated-rce-cve-2021-36260.yml
diff --git a/poc/hjtcloud-arbitrary-fileread.yml b/poc/manual/hjtcloud-arbitrary-fileread.yml
similarity index 100%
rename from poc/hjtcloud-arbitrary-fileread.yml
rename to poc/manual/hjtcloud-arbitrary-fileread.yml
diff --git a/poc/hjtcloud-directory-file-leak.yml b/poc/manual/hjtcloud-directory-file-leak.yml
similarity index 100%
rename from poc/hjtcloud-directory-file-leak.yml
rename to poc/manual/hjtcloud-directory-file-leak.yml
diff --git a/poc/huawei-home-gateway-hg659-fileread.yml b/poc/manual/huawei-home-gateway-hg659-fileread.yml
similarity index 100%
rename from poc/huawei-home-gateway-hg659-fileread.yml
rename to poc/manual/huawei-home-gateway-hg659-fileread.yml
diff --git a/poc/ifw8-router-cve-2019-16313.yml b/poc/manual/ifw8-router-cve-2019-16313.yml
similarity index 100%
rename from poc/ifw8-router-cve-2019-16313.yml
rename to poc/manual/ifw8-router-cve-2019-16313.yml
diff --git a/poc/iis-put-getshell.yml b/poc/manual/iis-put-getshell.yml
similarity index 100%
rename from poc/iis-put-getshell.yml
rename to poc/manual/iis-put-getshell.yml
diff --git a/poc/influxdb-unauth.yml b/poc/manual/influxdb-unauth.yml
similarity index 100%
rename from poc/influxdb-unauth.yml
rename to poc/manual/influxdb-unauth.yml
diff --git a/poc/inspur-tscev4-cve-2020-21224-rce.yml b/poc/manual/inspur-tscev4-cve-2020-21224-rce.yml
similarity index 100%
rename from poc/inspur-tscev4-cve-2020-21224-rce.yml
rename to poc/manual/inspur-tscev4-cve-2020-21224-rce.yml
diff --git a/poc/jboss-cve-2010-1871.yml b/poc/manual/jboss-cve-2010-1871.yml
similarity index 100%
rename from poc/jboss-cve-2010-1871.yml
rename to poc/manual/jboss-cve-2010-1871.yml
diff --git a/poc/jboss-unauth.yml b/poc/manual/jboss-unauth.yml
similarity index 100%
rename from poc/jboss-unauth.yml
rename to poc/manual/jboss-unauth.yml
diff --git a/poc/jeewms-showordownbyurl-fileread.yml b/poc/manual/jeewms-showordownbyurl-fileread.yml
similarity index 100%
rename from poc/jeewms-showordownbyurl-fileread.yml
rename to poc/manual/jeewms-showordownbyurl-fileread.yml
diff --git a/poc/jellyfin-cve-2021-29490.yml b/poc/manual/jellyfin-cve-2021-29490.yml
similarity index 100%
rename from poc/jellyfin-cve-2021-29490.yml
rename to poc/manual/jellyfin-cve-2021-29490.yml
diff --git a/poc/jellyfin-file-read-cve-2021-21402.yml b/poc/manual/jellyfin-file-read-cve-2021-21402.yml
similarity index 100%
rename from poc/jellyfin-file-read-cve-2021-21402.yml
rename to poc/manual/jellyfin-file-read-cve-2021-21402.yml
diff --git a/poc/jenkins-cve-2018-1000600.yml b/poc/manual/jenkins-cve-2018-1000600.yml
similarity index 100%
rename from poc/jenkins-cve-2018-1000600.yml
rename to poc/manual/jenkins-cve-2018-1000600.yml
diff --git a/poc/jenkins-cve-2018-1000861-rce.yml b/poc/manual/jenkins-cve-2018-1000861-rce.yml
similarity index 100%
rename from poc/jenkins-cve-2018-1000861-rce.yml
rename to poc/manual/jenkins-cve-2018-1000861-rce.yml
diff --git a/poc/jenkins-unauthorized-access.yml b/poc/manual/jenkins-unauthorized-access.yml
similarity index 100%
rename from poc/jenkins-unauthorized-access.yml
rename to poc/manual/jenkins-unauthorized-access.yml
diff --git a/poc/jetty-cve-2021-28164.yml b/poc/manual/jetty-cve-2021-28164.yml
similarity index 100%
rename from poc/jetty-cve-2021-28164.yml
rename to poc/manual/jetty-cve-2021-28164.yml
diff --git a/poc/jinher-oa-c6-default-password.yml b/poc/manual/jinher-oa-c6-default-password.yml
similarity index 100%
rename from poc/jinher-oa-c6-default-password.yml
rename to poc/manual/jinher-oa-c6-default-password.yml
diff --git a/poc/jira-cve-2019-11581.yml b/poc/manual/jira-cve-2019-11581.yml
similarity index 100%
rename from poc/jira-cve-2019-11581.yml
rename to poc/manual/jira-cve-2019-11581.yml
diff --git a/poc/jira-cve-2019-8442.yml b/poc/manual/jira-cve-2019-8442.yml
similarity index 100%
rename from poc/jira-cve-2019-8442.yml
rename to poc/manual/jira-cve-2019-8442.yml
diff --git a/poc/jira-cve-2019-8449.yml b/poc/manual/jira-cve-2019-8449.yml
similarity index 100%
rename from poc/jira-cve-2019-8449.yml
rename to poc/manual/jira-cve-2019-8449.yml
diff --git a/poc/jira-cve-2020-14179.yml b/poc/manual/jira-cve-2020-14179.yml
similarity index 100%
rename from poc/jira-cve-2020-14179.yml
rename to poc/manual/jira-cve-2020-14179.yml
diff --git a/poc/jira-cve-2020-14181.yml b/poc/manual/jira-cve-2020-14181.yml
similarity index 100%
rename from poc/jira-cve-2020-14181.yml
rename to poc/manual/jira-cve-2020-14181.yml
diff --git a/poc/jira-ssrf-cve-2019-8451.yml b/poc/manual/jira-ssrf-cve-2019-8451.yml
similarity index 100%
rename from poc/jira-ssrf-cve-2019-8451.yml
rename to poc/manual/jira-ssrf-cve-2019-8451.yml
diff --git a/poc/joomla-cnvd-2019-34135-rce.yml b/poc/manual/joomla-cnvd-2019-34135-rce.yml
similarity index 100%
rename from poc/joomla-cnvd-2019-34135-rce.yml
rename to poc/manual/joomla-cnvd-2019-34135-rce.yml
diff --git a/poc/joomla-component-vreview-sql.yml b/poc/manual/joomla-component-vreview-sql.yml
similarity index 100%
rename from poc/joomla-component-vreview-sql.yml
rename to poc/manual/joomla-component-vreview-sql.yml
diff --git a/poc/joomla-cve-2015-7297-sqli.yml b/poc/manual/joomla-cve-2015-7297-sqli.yml
similarity index 100%
rename from poc/joomla-cve-2015-7297-sqli.yml
rename to poc/manual/joomla-cve-2015-7297-sqli.yml
diff --git a/poc/joomla-cve-2017-8917-sqli.yml b/poc/manual/joomla-cve-2017-8917-sqli.yml
similarity index 100%
rename from poc/joomla-cve-2017-8917-sqli.yml
rename to poc/manual/joomla-cve-2017-8917-sqli.yml
diff --git a/poc/joomla-cve-2018-7314-sql.yml b/poc/manual/joomla-cve-2018-7314-sql.yml
similarity index 100%
rename from poc/joomla-cve-2018-7314-sql.yml
rename to poc/manual/joomla-cve-2018-7314-sql.yml
diff --git a/poc/joomla-ext-zhbaidumap-cve-2018-6605-sqli.yml b/poc/manual/joomla-ext-zhbaidumap-cve-2018-6605-sqli.yml
similarity index 100%
rename from poc/joomla-ext-zhbaidumap-cve-2018-6605-sqli.yml
rename to poc/manual/joomla-ext-zhbaidumap-cve-2018-6605-sqli.yml
diff --git a/poc/jumpserver-unauth-rce.yml b/poc/manual/jumpserver-unauth-rce.yml
similarity index 100%
rename from poc/jumpserver-unauth-rce.yml
rename to poc/manual/jumpserver-unauth-rce.yml
diff --git a/poc/jupyter-notebook-unauthorized-access.yml b/poc/manual/jupyter-notebook-unauthorized-access.yml
similarity index 100%
rename from poc/jupyter-notebook-unauthorized-access.yml
rename to poc/manual/jupyter-notebook-unauthorized-access.yml
diff --git a/poc/kafka-manager-unauth.yml b/poc/manual/kafka-manager-unauth.yml
similarity index 100%
rename from poc/kafka-manager-unauth.yml
rename to poc/manual/kafka-manager-unauth.yml
diff --git a/poc/kibana-cve-2018-17246.yml b/poc/manual/kibana-cve-2018-17246.yml
similarity index 100%
rename from poc/kibana-cve-2018-17246.yml
rename to poc/manual/kibana-cve-2018-17246.yml
diff --git a/poc/kibana-unauth.yml b/poc/manual/kibana-unauth.yml
similarity index 100%
rename from poc/kibana-unauth.yml
rename to poc/manual/kibana-unauth.yml
diff --git a/poc/kingdee-eas-directory-traversal.yml b/poc/manual/kingdee-eas-directory-traversal.yml
similarity index 100%
rename from poc/kingdee-eas-directory-traversal.yml
rename to poc/manual/kingdee-eas-directory-traversal.yml
diff --git a/poc/kingsoft-v8-default-password.yml b/poc/manual/kingsoft-v8-default-password.yml
similarity index 100%
rename from poc/kingsoft-v8-default-password.yml
rename to poc/manual/kingsoft-v8-default-password.yml
diff --git a/poc/kingsoft-v8-file-read.yml b/poc/manual/kingsoft-v8-file-read.yml
similarity index 100%
rename from poc/kingsoft-v8-file-read.yml
rename to poc/manual/kingsoft-v8-file-read.yml
diff --git a/poc/kong-cve-2020-11710-unauth.yml b/poc/manual/kong-cve-2020-11710-unauth.yml
similarity index 100%
rename from poc/kong-cve-2020-11710-unauth.yml
rename to poc/manual/kong-cve-2020-11710-unauth.yml
diff --git a/poc/kubernetes-unauth.yml b/poc/manual/kubernetes-unauth.yml
similarity index 100%
rename from poc/kubernetes-unauth.yml
rename to poc/manual/kubernetes-unauth.yml
diff --git a/poc/kyan-network-monitoring-account-password-leakage.yml b/poc/manual/kyan-network-monitoring-account-password-leakage.yml
similarity index 100%
rename from poc/kyan-network-monitoring-account-password-leakage.yml
rename to poc/manual/kyan-network-monitoring-account-password-leakage.yml
diff --git a/poc/landray-oa-custom-jsp-fileread.yml b/poc/manual/landray-oa-custom-jsp-fileread.yml
similarity index 100%
rename from poc/landray-oa-custom-jsp-fileread.yml
rename to poc/manual/landray-oa-custom-jsp-fileread.yml
diff --git a/poc/lanproxy-cve-2021-3019-lfi.yml b/poc/manual/lanproxy-cve-2021-3019-lfi.yml
similarity index 100%
rename from poc/lanproxy-cve-2021-3019-lfi.yml
rename to poc/manual/lanproxy-cve-2021-3019-lfi.yml
diff --git a/poc/laravel-cve-2021-3129.yml b/poc/manual/laravel-cve-2021-3129.yml
similarity index 100%
rename from poc/laravel-cve-2021-3129.yml
rename to poc/manual/laravel-cve-2021-3129.yml
diff --git a/poc/laravel-debug-info-leak.yml b/poc/manual/laravel-debug-info-leak.yml
similarity index 100%
rename from poc/laravel-debug-info-leak.yml
rename to poc/manual/laravel-debug-info-leak.yml
diff --git a/poc/laravel-improper-webdir.yml b/poc/manual/laravel-improper-webdir.yml
similarity index 100%
rename from poc/laravel-improper-webdir.yml
rename to poc/manual/laravel-improper-webdir.yml
diff --git a/poc/maccms-rce.yml b/poc/manual/maccms-rce.yml
similarity index 100%
rename from poc/maccms-rce.yml
rename to poc/manual/maccms-rce.yml
diff --git a/poc/maccmsv10-backdoor.yml b/poc/manual/maccmsv10-backdoor.yml
similarity index 100%
rename from poc/maccmsv10-backdoor.yml
rename to poc/manual/maccmsv10-backdoor.yml
diff --git a/poc/metinfo-cve-2019-16996-sqli.yml b/poc/manual/metinfo-cve-2019-16996-sqli.yml
similarity index 100%
rename from poc/metinfo-cve-2019-16996-sqli.yml
rename to poc/manual/metinfo-cve-2019-16996-sqli.yml
diff --git a/poc/metinfo-cve-2019-16997-sqli.yml b/poc/manual/metinfo-cve-2019-16997-sqli.yml
similarity index 100%
rename from poc/metinfo-cve-2019-16997-sqli.yml
rename to poc/manual/metinfo-cve-2019-16997-sqli.yml
diff --git a/poc/metinfo-cve-2019-17418-sqli.yml b/poc/manual/metinfo-cve-2019-17418-sqli.yml
similarity index 100%
rename from poc/metinfo-cve-2019-17418-sqli.yml
rename to poc/manual/metinfo-cve-2019-17418-sqli.yml
diff --git a/poc/metinfo-file-read.yml b/poc/manual/metinfo-file-read.yml
similarity index 100%
rename from poc/metinfo-file-read.yml
rename to poc/manual/metinfo-file-read.yml
diff --git a/poc/metinfo-lfi-cnvd-2018-13393.yml b/poc/manual/metinfo-lfi-cnvd-2018-13393.yml
similarity index 100%
rename from poc/metinfo-lfi-cnvd-2018-13393.yml
rename to poc/manual/metinfo-lfi-cnvd-2018-13393.yml
diff --git a/poc/minio-default-password.yml b/poc/manual/minio-default-password.yml
similarity index 100%
rename from poc/minio-default-password.yml
rename to poc/manual/minio-default-password.yml
diff --git a/poc/mongo-express-cve-2019-10758.yml b/poc/manual/mongo-express-cve-2019-10758.yml
similarity index 100%
rename from poc/mongo-express-cve-2019-10758.yml
rename to poc/manual/mongo-express-cve-2019-10758.yml
diff --git a/poc/mpsec-isg1000-file-read.yml b/poc/manual/mpsec-isg1000-file-read.yml
similarity index 100%
rename from poc/mpsec-isg1000-file-read.yml
rename to poc/manual/mpsec-isg1000-file-read.yml
diff --git a/poc/msvod-sqli.yml b/poc/manual/msvod-sqli.yml
similarity index 100%
rename from poc/msvod-sqli.yml
rename to poc/manual/msvod-sqli.yml
diff --git a/poc/myucms-lfr.yml b/poc/manual/myucms-lfr.yml
similarity index 100%
rename from poc/myucms-lfr.yml
rename to poc/manual/myucms-lfr.yml
diff --git a/poc/nagio-cve-2018-10735.yml b/poc/manual/nagio-cve-2018-10735.yml
similarity index 100%
rename from poc/nagio-cve-2018-10735.yml
rename to poc/manual/nagio-cve-2018-10735.yml
diff --git a/poc/nagio-cve-2018-10736.yml b/poc/manual/nagio-cve-2018-10736.yml
similarity index 100%
rename from poc/nagio-cve-2018-10736.yml
rename to poc/manual/nagio-cve-2018-10736.yml
diff --git a/poc/nagio-cve-2018-10737.yml b/poc/manual/nagio-cve-2018-10737.yml
similarity index 100%
rename from poc/nagio-cve-2018-10737.yml
rename to poc/manual/nagio-cve-2018-10737.yml
diff --git a/poc/nagio-cve-2018-10738.yml b/poc/manual/nagio-cve-2018-10738.yml
similarity index 100%
rename from poc/nagio-cve-2018-10738.yml
rename to poc/manual/nagio-cve-2018-10738.yml
diff --git a/poc/natshell-arbitrary-file-read.yml b/poc/manual/natshell-arbitrary-file-read.yml
similarity index 100%
rename from poc/natshell-arbitrary-file-read.yml
rename to poc/manual/natshell-arbitrary-file-read.yml
diff --git a/poc/netentsec-icg-default-password.yml b/poc/manual/netentsec-icg-default-password.yml
similarity index 100%
rename from poc/netentsec-icg-default-password.yml
rename to poc/manual/netentsec-icg-default-password.yml
diff --git a/poc/netentsec-ngfw-rce.yml b/poc/manual/netentsec-ngfw-rce.yml
similarity index 100%
rename from poc/netentsec-ngfw-rce.yml
rename to poc/manual/netentsec-ngfw-rce.yml
diff --git a/poc/netgear-cve-2017-5521.yml b/poc/manual/netgear-cve-2017-5521.yml
similarity index 100%
rename from poc/netgear-cve-2017-5521.yml
rename to poc/manual/netgear-cve-2017-5521.yml
diff --git a/poc/nextjs-cve-2017-16877.yml b/poc/manual/nextjs-cve-2017-16877.yml
similarity index 100%
rename from poc/nextjs-cve-2017-16877.yml
rename to poc/manual/nextjs-cve-2017-16877.yml
diff --git a/poc/nexus-cve-2019-7238.yml b/poc/manual/nexus-cve-2019-7238.yml
similarity index 100%
rename from poc/nexus-cve-2019-7238.yml
rename to poc/manual/nexus-cve-2019-7238.yml
diff --git a/poc/nexus-cve-2020-10199.yml b/poc/manual/nexus-cve-2020-10199.yml
similarity index 100%
rename from poc/nexus-cve-2020-10199.yml
rename to poc/manual/nexus-cve-2020-10199.yml
diff --git a/poc/nexus-cve-2020-10204.yml b/poc/manual/nexus-cve-2020-10204.yml
similarity index 100%
rename from poc/nexus-cve-2020-10204.yml
rename to poc/manual/nexus-cve-2020-10204.yml
diff --git a/poc/nexus-default-password.yml b/poc/manual/nexus-default-password.yml
similarity index 100%
rename from poc/nexus-default-password.yml
rename to poc/manual/nexus-default-password.yml
diff --git a/poc/nexusdb-cve-2020-24571-path-traversal.yml b/poc/manual/nexusdb-cve-2020-24571-path-traversal.yml
similarity index 100%
rename from poc/nexusdb-cve-2020-24571-path-traversal.yml
rename to poc/manual/nexusdb-cve-2020-24571-path-traversal.yml
diff --git a/poc/nhttpd-cve-2019-16278.yml b/poc/manual/nhttpd-cve-2019-16278.yml
similarity index 100%
rename from poc/nhttpd-cve-2019-16278.yml
rename to poc/manual/nhttpd-cve-2019-16278.yml
diff --git a/poc/node-red-dashboard-file-read-cve-2021-3223.yml b/poc/manual/node-red-dashboard-file-read-cve-2021-3223.yml
similarity index 100%
rename from poc/node-red-dashboard-file-read-cve-2021-3223.yml
rename to poc/manual/node-red-dashboard-file-read-cve-2021-3223.yml
diff --git a/poc/novnc-url-redirection-cve-2021-3654.yml b/poc/manual/novnc-url-redirection-cve-2021-3654.yml
similarity index 100%
rename from poc/novnc-url-redirection-cve-2021-3654.yml
rename to poc/manual/novnc-url-redirection-cve-2021-3654.yml
diff --git a/poc/nps-default-password.yml b/poc/manual/nps-default-password.yml
similarity index 100%
rename from poc/nps-default-password.yml
rename to poc/manual/nps-default-password.yml
diff --git a/poc/ns-asg-file-read.yml b/poc/manual/ns-asg-file-read.yml
similarity index 100%
rename from poc/ns-asg-file-read.yml
rename to poc/manual/ns-asg-file-read.yml
diff --git a/poc/nsfocus-uts-password-leak.yml b/poc/manual/nsfocus-uts-password-leak.yml
similarity index 100%
rename from poc/nsfocus-uts-password-leak.yml
rename to poc/manual/nsfocus-uts-password-leak.yml
diff --git a/poc/nuuo-file-inclusion.yml b/poc/manual/nuuo-file-inclusion.yml
similarity index 100%
rename from poc/nuuo-file-inclusion.yml
rename to poc/manual/nuuo-file-inclusion.yml
diff --git a/poc/odoo-file-read.yml b/poc/manual/odoo-file-read.yml
similarity index 100%
rename from poc/odoo-file-read.yml
rename to poc/manual/odoo-file-read.yml
diff --git a/poc/openfire-cve-2019-18394-ssrf.yml b/poc/manual/openfire-cve-2019-18394-ssrf.yml
similarity index 100%
rename from poc/openfire-cve-2019-18394-ssrf.yml
rename to poc/manual/openfire-cve-2019-18394-ssrf.yml
diff --git a/poc/opentsdb-cve-2020-35476-rce.yml b/poc/manual/opentsdb-cve-2020-35476-rce.yml
similarity index 100%
rename from poc/opentsdb-cve-2020-35476-rce.yml
rename to poc/manual/opentsdb-cve-2020-35476-rce.yml
diff --git a/poc/panabit-gateway-default-password.yml b/poc/manual/panabit-gateway-default-password.yml
similarity index 100%
rename from poc/panabit-gateway-default-password.yml
rename to poc/manual/panabit-gateway-default-password.yml
diff --git a/poc/panabit-ixcache-default-password.yml b/poc/manual/panabit-ixcache-default-password.yml
similarity index 100%
rename from poc/panabit-ixcache-default-password.yml
rename to poc/manual/panabit-ixcache-default-password.yml
diff --git a/poc/pandorafms-cve-2019-20224-rce.yml b/poc/manual/pandorafms-cve-2019-20224-rce.yml
similarity index 100%
rename from poc/pandorafms-cve-2019-20224-rce.yml
rename to poc/manual/pandorafms-cve-2019-20224-rce.yml
diff --git a/poc/pbootcms-database-file-download.yml b/poc/manual/pbootcms-database-file-download.yml
similarity index 100%
rename from poc/pbootcms-database-file-download.yml
rename to poc/manual/pbootcms-database-file-download.yml
diff --git a/poc/pentaho-cve-2021-31602-authentication-bypass.yml b/poc/manual/pentaho-cve-2021-31602-authentication-bypass.yml
similarity index 100%
rename from poc/pentaho-cve-2021-31602-authentication-bypass.yml
rename to poc/manual/pentaho-cve-2021-31602-authentication-bypass.yml
diff --git a/poc/php-cgi-cve-2012-1823.yml b/poc/manual/php-cgi-cve-2012-1823.yml
similarity index 100%
rename from poc/php-cgi-cve-2012-1823.yml
rename to poc/manual/php-cgi-cve-2012-1823.yml
diff --git a/poc/phpcms-cve-2018-19127.yml b/poc/manual/phpcms-cve-2018-19127.yml
similarity index 100%
rename from poc/phpcms-cve-2018-19127.yml
rename to poc/manual/phpcms-cve-2018-19127.yml
diff --git a/poc/phpmyadmin-cve-2018-12613-file-inclusion.yml b/poc/manual/phpmyadmin-cve-2018-12613-file-inclusion.yml
similarity index 100%
rename from poc/phpmyadmin-cve-2018-12613-file-inclusion.yml
rename to poc/manual/phpmyadmin-cve-2018-12613-file-inclusion.yml
diff --git a/poc/phpmyadmin-setup-deserialization.yml b/poc/manual/phpmyadmin-setup-deserialization.yml
similarity index 100%
rename from poc/phpmyadmin-setup-deserialization.yml
rename to poc/manual/phpmyadmin-setup-deserialization.yml
diff --git a/poc/phpok-sqli.yml b/poc/manual/phpok-sqli.yml
similarity index 100%
rename from poc/phpok-sqli.yml
rename to poc/manual/phpok-sqli.yml
diff --git a/poc/phpshe-sqli.yml b/poc/manual/phpshe-sqli.yml
similarity index 100%
rename from poc/phpshe-sqli.yml
rename to poc/manual/phpshe-sqli.yml
diff --git a/poc/phpstudy-backdoor-rce.yml b/poc/manual/phpstudy-backdoor-rce.yml
similarity index 100%
rename from poc/phpstudy-backdoor-rce.yml
rename to poc/manual/phpstudy-backdoor-rce.yml
diff --git a/poc/phpstudy-nginx-wrong-resolve.yml b/poc/manual/phpstudy-nginx-wrong-resolve.yml
similarity index 100%
rename from poc/phpstudy-nginx-wrong-resolve.yml
rename to poc/manual/phpstudy-nginx-wrong-resolve.yml
diff --git a/poc/phpunit-cve-2017-9841-rce.yml b/poc/manual/phpunit-cve-2017-9841-rce.yml
similarity index 100%
rename from poc/phpunit-cve-2017-9841-rce.yml
rename to poc/manual/phpunit-cve-2017-9841-rce.yml
diff --git a/poc/powercreator-arbitrary-file-upload.yml b/poc/manual/powercreator-arbitrary-file-upload.yml
similarity index 100%
rename from poc/powercreator-arbitrary-file-upload.yml
rename to poc/manual/powercreator-arbitrary-file-upload.yml
diff --git a/poc/prometheus-url-redirection-cve-2021-29622.yml b/poc/manual/prometheus-url-redirection-cve-2021-29622.yml
similarity index 100%
rename from poc/prometheus-url-redirection-cve-2021-29622.yml
rename to poc/manual/prometheus-url-redirection-cve-2021-29622.yml
diff --git a/poc/pulse-cve-2019-11510.yml b/poc/manual/pulse-cve-2019-11510.yml
similarity index 100%
rename from poc/pulse-cve-2019-11510.yml
rename to poc/manual/pulse-cve-2019-11510.yml
diff --git a/poc/pyspider-unauthorized-access.yml b/poc/manual/pyspider-unauthorized-access.yml
similarity index 100%
rename from poc/pyspider-unauthorized-access.yml
rename to poc/manual/pyspider-unauthorized-access.yml
diff --git a/poc/qibocms-sqli.yml b/poc/manual/qibocms-sqli.yml
similarity index 100%
rename from poc/qibocms-sqli.yml
rename to poc/manual/qibocms-sqli.yml
diff --git a/poc/qilin-bastion-host-rce.yml b/poc/manual/qilin-bastion-host-rce.yml
similarity index 100%
rename from poc/qilin-bastion-host-rce.yml
rename to poc/manual/qilin-bastion-host-rce.yml
diff --git a/poc/qizhi-fortressaircraft-unauthorized.yml b/poc/manual/qizhi-fortressaircraft-unauthorized.yml
similarity index 100%
rename from poc/qizhi-fortressaircraft-unauthorized.yml
rename to poc/manual/qizhi-fortressaircraft-unauthorized.yml
diff --git a/poc/qnap-cve-2019-7192.yml b/poc/manual/qnap-cve-2019-7192.yml
similarity index 100%
rename from poc/qnap-cve-2019-7192.yml
rename to poc/manual/qnap-cve-2019-7192.yml
diff --git a/poc/rabbitmq-default-password.yml b/poc/manual/rabbitmq-default-password.yml
similarity index 100%
rename from poc/rabbitmq-default-password.yml
rename to poc/manual/rabbitmq-default-password.yml
diff --git a/poc/rails-cve-2018-3760-rce.yml b/poc/manual/rails-cve-2018-3760-rce.yml
similarity index 100%
rename from poc/rails-cve-2018-3760-rce.yml
rename to poc/manual/rails-cve-2018-3760-rce.yml
diff --git a/poc/razor-cve-2018-8770.yml b/poc/manual/razor-cve-2018-8770.yml
similarity index 100%
rename from poc/razor-cve-2018-8770.yml
rename to poc/manual/razor-cve-2018-8770.yml
diff --git a/poc/rconfig-cve-2019-16663.yml b/poc/manual/rconfig-cve-2019-16663.yml
similarity index 100%
rename from poc/rconfig-cve-2019-16663.yml
rename to poc/manual/rconfig-cve-2019-16663.yml
diff --git a/poc/resin-cnnvd-200705-315.yml b/poc/manual/resin-cnnvd-200705-315.yml
similarity index 100%
rename from poc/resin-cnnvd-200705-315.yml
rename to poc/manual/resin-cnnvd-200705-315.yml
diff --git a/poc/resin-inputfile-fileread-or-ssrf.yml b/poc/manual/resin-inputfile-fileread-or-ssrf.yml
similarity index 100%
rename from poc/resin-inputfile-fileread-or-ssrf.yml
rename to poc/manual/resin-inputfile-fileread-or-ssrf.yml
diff --git a/poc/resin-viewfile-fileread.yml b/poc/manual/resin-viewfile-fileread.yml
similarity index 100%
rename from poc/resin-viewfile-fileread.yml
rename to poc/manual/resin-viewfile-fileread.yml
diff --git a/poc/rockmongo-default-password.yml b/poc/manual/rockmongo-default-password.yml
similarity index 100%
rename from poc/rockmongo-default-password.yml
rename to poc/manual/rockmongo-default-password.yml
diff --git a/poc/ruijie-eg-cli-rce.yml b/poc/manual/ruijie-eg-cli-rce.yml
similarity index 100%
rename from poc/ruijie-eg-cli-rce.yml
rename to poc/manual/ruijie-eg-cli-rce.yml
diff --git a/poc/ruijie-eg-file-read.yml b/poc/manual/ruijie-eg-file-read.yml
similarity index 100%
rename from poc/ruijie-eg-file-read.yml
rename to poc/manual/ruijie-eg-file-read.yml
diff --git a/poc/ruijie-eg-info-leak.yml b/poc/manual/ruijie-eg-info-leak.yml
similarity index 100%
rename from poc/ruijie-eg-info-leak.yml
rename to poc/manual/ruijie-eg-info-leak.yml
diff --git a/poc/ruijie-eweb-rce-cnvd-2021-09650.yml b/poc/manual/ruijie-eweb-rce-cnvd-2021-09650.yml
similarity index 100%
rename from poc/ruijie-eweb-rce-cnvd-2021-09650.yml
rename to poc/manual/ruijie-eweb-rce-cnvd-2021-09650.yml
diff --git a/poc/ruijie-nbr1300g-cli-password-leak.yml b/poc/manual/ruijie-nbr1300g-cli-password-leak.yml
similarity index 100%
rename from poc/ruijie-nbr1300g-cli-password-leak.yml
rename to poc/manual/ruijie-nbr1300g-cli-password-leak.yml
diff --git a/poc/ruijie-uac-cnvd-2021-14536.yml b/poc/manual/ruijie-uac-cnvd-2021-14536.yml
similarity index 100%
rename from poc/ruijie-uac-cnvd-2021-14536.yml
rename to poc/manual/ruijie-uac-cnvd-2021-14536.yml
diff --git a/poc/ruoyi-management-fileread.yml b/poc/manual/ruoyi-management-fileread.yml
similarity index 100%
rename from poc/ruoyi-management-fileread.yml
rename to poc/manual/ruoyi-management-fileread.yml
diff --git a/poc/saltstack-cve-2020-16846.yml b/poc/manual/saltstack-cve-2020-16846.yml
similarity index 100%
rename from poc/saltstack-cve-2020-16846.yml
rename to poc/manual/saltstack-cve-2020-16846.yml
diff --git a/poc/saltstack-cve-2021-25282-file-write.yml b/poc/manual/saltstack-cve-2021-25282-file-write.yml
similarity index 100%
rename from poc/saltstack-cve-2021-25282-file-write.yml
rename to poc/manual/saltstack-cve-2021-25282-file-write.yml
diff --git a/poc/samsung-wea453e-default-pwd.yml b/poc/manual/samsung-wea453e-default-pwd.yml
similarity index 100%
rename from poc/samsung-wea453e-default-pwd.yml
rename to poc/manual/samsung-wea453e-default-pwd.yml
diff --git a/poc/samsung-wea453e-rce.yml b/poc/manual/samsung-wea453e-rce.yml
similarity index 100%
rename from poc/samsung-wea453e-rce.yml
rename to poc/manual/samsung-wea453e-rce.yml
diff --git a/poc/samsung-wlan-ap-wea453e-rce.yml b/poc/manual/samsung-wlan-ap-wea453e-rce.yml
similarity index 100%
rename from poc/samsung-wlan-ap-wea453e-rce.yml
rename to poc/manual/samsung-wlan-ap-wea453e-rce.yml
diff --git a/poc/sangfor-ba-rce.yml b/poc/manual/sangfor-ba-rce.yml
similarity index 100%
rename from poc/sangfor-ba-rce.yml
rename to poc/manual/sangfor-ba-rce.yml
diff --git a/poc/sangfor-edr-arbitrary-admin-login.yml b/poc/manual/sangfor-edr-arbitrary-admin-login.yml
similarity index 100%
rename from poc/sangfor-edr-arbitrary-admin-login.yml
rename to poc/manual/sangfor-edr-arbitrary-admin-login.yml
diff --git a/poc/sangfor-edr-cssp-rce.yml b/poc/manual/sangfor-edr-cssp-rce.yml
similarity index 100%
rename from poc/sangfor-edr-cssp-rce.yml
rename to poc/manual/sangfor-edr-cssp-rce.yml
diff --git a/poc/sangfor-edr-tool-rce.yml b/poc/manual/sangfor-edr-tool-rce.yml
similarity index 100%
rename from poc/sangfor-edr-tool-rce.yml
rename to poc/manual/sangfor-edr-tool-rce.yml
diff --git a/poc/satellian-cve-2020-7980-rce.yml b/poc/manual/satellian-cve-2020-7980-rce.yml
similarity index 100%
rename from poc/satellian-cve-2020-7980-rce.yml
rename to poc/manual/satellian-cve-2020-7980-rce.yml
diff --git a/poc/seacms-before-v992-rce.yml b/poc/manual/seacms-before-v992-rce.yml
similarity index 100%
rename from poc/seacms-before-v992-rce.yml
rename to poc/manual/seacms-before-v992-rce.yml
diff --git a/poc/seacms-rce.yml b/poc/manual/seacms-rce.yml
similarity index 100%
rename from poc/seacms-rce.yml
rename to poc/manual/seacms-rce.yml
diff --git a/poc/seacms-sqli.yml b/poc/manual/seacms-sqli.yml
similarity index 100%
rename from poc/seacms-sqli.yml
rename to poc/manual/seacms-sqli.yml
diff --git a/poc/seacms-v654-rce.yml b/poc/manual/seacms-v654-rce.yml
similarity index 100%
rename from poc/seacms-v654-rce.yml
rename to poc/manual/seacms-v654-rce.yml
diff --git a/poc/seacmsv645-command-exec.yml b/poc/manual/seacmsv645-command-exec.yml
similarity index 100%
rename from poc/seacmsv645-command-exec.yml
rename to poc/manual/seacmsv645-command-exec.yml
diff --git a/poc/secnet-ac-default-password.yml b/poc/manual/secnet-ac-default-password.yml
similarity index 100%
rename from poc/secnet-ac-default-password.yml
rename to poc/manual/secnet-ac-default-password.yml
diff --git a/poc/seeyon-a6-employee-info-leak.yml b/poc/manual/seeyon-a6-employee-info-leak.yml
similarity index 100%
rename from poc/seeyon-a6-employee-info-leak.yml
rename to poc/manual/seeyon-a6-employee-info-leak.yml
diff --git a/poc/seeyon-ajax-unauthorized-access.yml b/poc/manual/seeyon-ajax-unauthorized-access.yml
similarity index 100%
rename from poc/seeyon-ajax-unauthorized-access.yml
rename to poc/manual/seeyon-ajax-unauthorized-access.yml
diff --git a/poc/seeyon-cnvd-2020-62422-readfile.yml b/poc/manual/seeyon-cnvd-2020-62422-readfile.yml
similarity index 100%
rename from poc/seeyon-cnvd-2020-62422-readfile.yml
rename to poc/manual/seeyon-cnvd-2020-62422-readfile.yml
diff --git a/poc/seeyon-oa-cookie-leak.yml b/poc/manual/seeyon-oa-cookie-leak.yml
similarity index 100%
rename from poc/seeyon-oa-cookie-leak.yml
rename to poc/manual/seeyon-oa-cookie-leak.yml
diff --git a/poc/seeyon-session-leak.yml b/poc/manual/seeyon-session-leak.yml
similarity index 100%
rename from poc/seeyon-session-leak.yml
rename to poc/manual/seeyon-session-leak.yml
diff --git a/poc/seeyon-wooyun-2015-0108235-sqli.yml b/poc/manual/seeyon-wooyun-2015-0108235-sqli.yml
similarity index 100%
rename from poc/seeyon-wooyun-2015-0108235-sqli.yml
rename to poc/manual/seeyon-wooyun-2015-0108235-sqli.yml
diff --git a/poc/seeyon-wooyun-2015-148227.yml b/poc/manual/seeyon-wooyun-2015-148227.yml
similarity index 100%
rename from poc/seeyon-wooyun-2015-148227.yml
rename to poc/manual/seeyon-wooyun-2015-148227.yml
diff --git a/poc/shiziyu-cms-apicontroller-sqli.yml b/poc/manual/shiziyu-cms-apicontroller-sqli.yml
similarity index 100%
rename from poc/shiziyu-cms-apicontroller-sqli.yml
rename to poc/manual/shiziyu-cms-apicontroller-sqli.yml
diff --git a/poc/shopxo-cnvd-2021-15822.yml b/poc/manual/shopxo-cnvd-2021-15822.yml
similarity index 100%
rename from poc/shopxo-cnvd-2021-15822.yml
rename to poc/manual/shopxo-cnvd-2021-15822.yml
diff --git a/poc/showdoc-default-password.yml b/poc/manual/showdoc-default-password.yml
similarity index 100%
rename from poc/showdoc-default-password.yml
rename to poc/manual/showdoc-default-password.yml
diff --git a/poc/showdoc-uploadfile.yml b/poc/manual/showdoc-uploadfile.yml
similarity index 100%
rename from poc/showdoc-uploadfile.yml
rename to poc/manual/showdoc-uploadfile.yml
diff --git a/poc/skywalking-cve-2020-9483-sqli.yml b/poc/manual/skywalking-cve-2020-9483-sqli.yml
similarity index 100%
rename from poc/skywalking-cve-2020-9483-sqli.yml
rename to poc/manual/skywalking-cve-2020-9483-sqli.yml
diff --git a/poc/solarwinds-cve-2020-10148.yml b/poc/manual/solarwinds-cve-2020-10148.yml
similarity index 100%
rename from poc/solarwinds-cve-2020-10148.yml
rename to poc/manual/solarwinds-cve-2020-10148.yml
diff --git a/poc/solr-cve-2017-12629-xxe.yml b/poc/manual/solr-cve-2017-12629-xxe.yml
similarity index 100%
rename from poc/solr-cve-2017-12629-xxe.yml
rename to poc/manual/solr-cve-2017-12629-xxe.yml
diff --git a/poc/solr-cve-2019-0193.yml b/poc/manual/solr-cve-2019-0193.yml
similarity index 100%
rename from poc/solr-cve-2019-0193.yml
rename to poc/manual/solr-cve-2019-0193.yml
diff --git a/poc/solr-fileread.yml b/poc/manual/solr-fileread.yml
similarity index 100%
rename from poc/solr-fileread.yml
rename to poc/manual/solr-fileread.yml
diff --git a/poc/solr-velocity-template-rce.yml b/poc/manual/solr-velocity-template-rce.yml
similarity index 100%
rename from poc/solr-velocity-template-rce.yml
rename to poc/manual/solr-velocity-template-rce.yml
diff --git a/poc/sonarqube-cve-2020-27986-unauth.yml b/poc/manual/sonarqube-cve-2020-27986-unauth.yml
similarity index 100%
rename from poc/sonarqube-cve-2020-27986-unauth.yml
rename to poc/manual/sonarqube-cve-2020-27986-unauth.yml
diff --git a/poc/sonicwall-ssl-vpn-rce.yml b/poc/manual/sonicwall-ssl-vpn-rce.yml
similarity index 100%
rename from poc/sonicwall-ssl-vpn-rce.yml
rename to poc/manual/sonicwall-ssl-vpn-rce.yml
diff --git a/poc/spark-api-unauth.yml b/poc/manual/spark-api-unauth.yml
similarity index 100%
rename from poc/spark-api-unauth.yml
rename to poc/manual/spark-api-unauth.yml
diff --git a/poc/spark-webui-unauth.yml b/poc/manual/spark-webui-unauth.yml
similarity index 100%
rename from poc/spark-webui-unauth.yml
rename to poc/manual/spark-webui-unauth.yml
diff --git a/poc/spon-ip-intercom-file-read.yml b/poc/manual/spon-ip-intercom-file-read.yml
similarity index 100%
rename from poc/spon-ip-intercom-file-read.yml
rename to poc/manual/spon-ip-intercom-file-read.yml
diff --git a/poc/spon-ip-intercom-ping-rce.yml b/poc/manual/spon-ip-intercom-ping-rce.yml
similarity index 100%
rename from poc/spon-ip-intercom-ping-rce.yml
rename to poc/manual/spon-ip-intercom-ping-rce.yml
diff --git a/poc/spring-cloud-cve-2020-5405.yml b/poc/manual/spring-cloud-cve-2020-5405.yml
similarity index 100%
rename from poc/spring-cloud-cve-2020-5405.yml
rename to poc/manual/spring-cloud-cve-2020-5405.yml
diff --git a/poc/spring-cloud-cve-2020-5410.yml b/poc/manual/spring-cloud-cve-2020-5410.yml
similarity index 100%
rename from poc/spring-cloud-cve-2020-5410.yml
rename to poc/manual/spring-cloud-cve-2020-5410.yml
diff --git a/poc/spring-cve-2016-4977.yml b/poc/manual/spring-cve-2016-4977.yml
similarity index 100%
rename from poc/spring-cve-2016-4977.yml
rename to poc/manual/spring-cve-2016-4977.yml
diff --git a/poc/springboot-env-unauth.yml b/poc/manual/springboot-env-unauth.yml
similarity index 100%
rename from poc/springboot-env-unauth.yml
rename to poc/manual/springboot-env-unauth.yml
diff --git a/poc/springcloud-cve-2019-3799.yml b/poc/manual/springcloud-cve-2019-3799.yml
similarity index 100%
rename from poc/springcloud-cve-2019-3799.yml
rename to poc/manual/springcloud-cve-2019-3799.yml
diff --git a/poc/supervisord-cve-2017-11610.yml b/poc/manual/supervisord-cve-2017-11610.yml
similarity index 100%
rename from poc/supervisord-cve-2017-11610.yml
rename to poc/manual/supervisord-cve-2017-11610.yml
diff --git a/poc/tamronos-iptv-rce.yml b/poc/manual/tamronos-iptv-rce.yml
similarity index 100%
rename from poc/tamronos-iptv-rce.yml
rename to poc/manual/tamronos-iptv-rce.yml
diff --git a/poc/telecom-gateway-default-password.yml b/poc/manual/telecom-gateway-default-password.yml
similarity index 100%
rename from poc/telecom-gateway-default-password.yml
rename to poc/manual/telecom-gateway-default-password.yml
diff --git a/poc/tensorboard-unauth.yml b/poc/manual/tensorboard-unauth.yml
similarity index 100%
rename from poc/tensorboard-unauth.yml
rename to poc/manual/tensorboard-unauth.yml
diff --git a/poc/terramaster-cve-2020-15568.yml b/poc/manual/terramaster-cve-2020-15568.yml
similarity index 100%
rename from poc/terramaster-cve-2020-15568.yml
rename to poc/manual/terramaster-cve-2020-15568.yml
diff --git a/poc/terramaster-tos-rce-cve-2020-28188.yml b/poc/manual/terramaster-tos-rce-cve-2020-28188.yml
similarity index 100%
rename from poc/terramaster-tos-rce-cve-2020-28188.yml
rename to poc/manual/terramaster-tos-rce-cve-2020-28188.yml
diff --git a/poc/thinkadmin-v6-readfile.yml b/poc/manual/thinkadmin-v6-readfile.yml
similarity index 100%
rename from poc/thinkadmin-v6-readfile.yml
rename to poc/manual/thinkadmin-v6-readfile.yml
diff --git a/poc/thinkcmf-lfi.yml b/poc/manual/thinkcmf-lfi.yml
similarity index 100%
rename from poc/thinkcmf-lfi.yml
rename to poc/manual/thinkcmf-lfi.yml
diff --git a/poc/thinkcmf-write-shell.yml b/poc/manual/thinkcmf-write-shell.yml
similarity index 100%
rename from poc/thinkcmf-write-shell.yml
rename to poc/manual/thinkcmf-write-shell.yml
diff --git a/poc/thinkphp-v6-file-write.yml b/poc/manual/thinkphp-v6-file-write.yml
similarity index 100%
rename from poc/thinkphp-v6-file-write.yml
rename to poc/manual/thinkphp-v6-file-write.yml
diff --git a/poc/thinkphp5-controller-rce.yml b/poc/manual/thinkphp5-controller-rce.yml
similarity index 100%
rename from poc/thinkphp5-controller-rce.yml
rename to poc/manual/thinkphp5-controller-rce.yml
diff --git a/poc/thinkphp5023-method-rce.yml b/poc/manual/thinkphp5023-method-rce.yml
similarity index 100%
rename from poc/thinkphp5023-method-rce.yml
rename to poc/manual/thinkphp5023-method-rce.yml
diff --git a/poc/tianqing-info-leak.yml b/poc/manual/tianqing-info-leak.yml
similarity index 100%
rename from poc/tianqing-info-leak.yml
rename to poc/manual/tianqing-info-leak.yml
diff --git a/poc/tomcat-cve-2017-12615-rce.yml b/poc/manual/tomcat-cve-2017-12615-rce.yml
similarity index 100%
rename from poc/tomcat-cve-2017-12615-rce.yml
rename to poc/manual/tomcat-cve-2017-12615-rce.yml
diff --git a/poc/tomcat-cve-2018-11759.yml b/poc/manual/tomcat-cve-2018-11759.yml
similarity index 100%
rename from poc/tomcat-cve-2018-11759.yml
rename to poc/manual/tomcat-cve-2018-11759.yml
diff --git a/poc/tongda-meeting-unauthorized-access.yml b/poc/manual/tongda-meeting-unauthorized-access.yml
similarity index 100%
rename from poc/tongda-meeting-unauthorized-access.yml
rename to poc/manual/tongda-meeting-unauthorized-access.yml
diff --git a/poc/tongda-user-session-disclosure.yml b/poc/manual/tongda-user-session-disclosure.yml
similarity index 100%
rename from poc/tongda-user-session-disclosure.yml
rename to poc/manual/tongda-user-session-disclosure.yml
diff --git a/poc/tpshop-directory-traversal.yml b/poc/manual/tpshop-directory-traversal.yml
similarity index 100%
rename from poc/tpshop-directory-traversal.yml
rename to poc/manual/tpshop-directory-traversal.yml
diff --git a/poc/tpshop-sqli.yml b/poc/manual/tpshop-sqli.yml
similarity index 100%
rename from poc/tpshop-sqli.yml
rename to poc/manual/tpshop-sqli.yml
diff --git a/poc/tvt-nvms-1000-file-read-cve-2019-20085.yml b/poc/manual/tvt-nvms-1000-file-read-cve-2019-20085.yml
similarity index 100%
rename from poc/tvt-nvms-1000-file-read-cve-2019-20085.yml
rename to poc/manual/tvt-nvms-1000-file-read-cve-2019-20085.yml
diff --git a/poc/typecho-rce.yml b/poc/manual/typecho-rce.yml
similarity index 100%
rename from poc/typecho-rce.yml
rename to poc/manual/typecho-rce.yml
diff --git a/poc/ueditor-cnvd-2017-20077-file-upload.yml b/poc/manual/ueditor-cnvd-2017-20077-file-upload.yml
similarity index 100%
rename from poc/ueditor-cnvd-2017-20077-file-upload.yml
rename to poc/manual/ueditor-cnvd-2017-20077-file-upload.yml
diff --git a/poc/uwsgi-cve-2018-7490.yml b/poc/manual/uwsgi-cve-2018-7490.yml
similarity index 100%
rename from poc/uwsgi-cve-2018-7490.yml
rename to poc/manual/uwsgi-cve-2018-7490.yml
diff --git a/poc/vbulletin-cve-2019-16759-bypass.yml b/poc/manual/vbulletin-cve-2019-16759-bypass.yml
similarity index 100%
rename from poc/vbulletin-cve-2019-16759-bypass.yml
rename to poc/manual/vbulletin-cve-2019-16759-bypass.yml
diff --git a/poc/vbulletin-cve-2019-16759.yml b/poc/manual/vbulletin-cve-2019-16759.yml
similarity index 100%
rename from poc/vbulletin-cve-2019-16759.yml
rename to poc/manual/vbulletin-cve-2019-16759.yml
diff --git a/poc/vmware-vcenter-arbitrary-file-read.yml b/poc/manual/vmware-vcenter-arbitrary-file-read.yml
similarity index 100%
rename from poc/vmware-vcenter-arbitrary-file-read.yml
rename to poc/manual/vmware-vcenter-arbitrary-file-read.yml
diff --git a/poc/vmware-vcenter-cve-2021-21985-rce.yml b/poc/manual/vmware-vcenter-cve-2021-21985-rce.yml
similarity index 100%
rename from poc/vmware-vcenter-cve-2021-21985-rce.yml
rename to poc/manual/vmware-vcenter-cve-2021-21985-rce.yml
diff --git a/poc/vmware-vcenter-unauthorized-rce-cve-2021-21972.yml b/poc/manual/vmware-vcenter-unauthorized-rce-cve-2021-21972.yml
similarity index 100%
rename from poc/vmware-vcenter-unauthorized-rce-cve-2021-21972.yml
rename to poc/manual/vmware-vcenter-unauthorized-rce-cve-2021-21972.yml
diff --git a/poc/vmware-vrealize-cve-2021-21975-ssrf.yml b/poc/manual/vmware-vrealize-cve-2021-21975-ssrf.yml
similarity index 100%
rename from poc/vmware-vrealize-cve-2021-21975-ssrf.yml
rename to poc/manual/vmware-vrealize-cve-2021-21975-ssrf.yml
diff --git a/poc/weaver-ebridge-file-read.yml b/poc/manual/weaver-ebridge-file-read.yml
similarity index 100%
rename from poc/weaver-ebridge-file-read.yml
rename to poc/manual/weaver-ebridge-file-read.yml
diff --git a/poc/weblogic-cve-2017-10271.yml b/poc/manual/weblogic-cve-2017-10271.yml
similarity index 100%
rename from poc/weblogic-cve-2017-10271.yml
rename to poc/manual/weblogic-cve-2017-10271.yml
diff --git a/poc/weblogic-cve-2019-2725.yml b/poc/manual/weblogic-cve-2019-2725.yml
similarity index 100%
rename from poc/weblogic-cve-2019-2725.yml
rename to poc/manual/weblogic-cve-2019-2725.yml
diff --git a/poc/weblogic-cve-2019-2729-1.yml b/poc/manual/weblogic-cve-2019-2729-1.yml
similarity index 100%
rename from poc/weblogic-cve-2019-2729-1.yml
rename to poc/manual/weblogic-cve-2019-2729-1.yml
diff --git a/poc/weblogic-cve-2019-2729-2.yml b/poc/manual/weblogic-cve-2019-2729-2.yml
similarity index 100%
rename from poc/weblogic-cve-2019-2729-2.yml
rename to poc/manual/weblogic-cve-2019-2729-2.yml
diff --git a/poc/weblogic-cve-2020-14750.yml b/poc/manual/weblogic-cve-2020-14750.yml
similarity index 100%
rename from poc/weblogic-cve-2020-14750.yml
rename to poc/manual/weblogic-cve-2020-14750.yml
diff --git a/poc/weblogic-ssrf.yml b/poc/manual/weblogic-ssrf.yml
similarity index 100%
rename from poc/weblogic-ssrf.yml
rename to poc/manual/weblogic-ssrf.yml
diff --git a/poc/webmin-cve-2019-15107-rce.yml b/poc/manual/webmin-cve-2019-15107-rce.yml
similarity index 100%
rename from poc/webmin-cve-2019-15107-rce.yml
rename to poc/manual/webmin-cve-2019-15107-rce.yml
diff --git a/poc/weiphp-path-traversal.yml b/poc/manual/weiphp-path-traversal.yml
similarity index 100%
rename from poc/weiphp-path-traversal.yml
rename to poc/manual/weiphp-path-traversal.yml
diff --git a/poc/weiphp-sql.yml b/poc/manual/weiphp-sql.yml
similarity index 100%
rename from poc/weiphp-sql.yml
rename to poc/manual/weiphp-sql.yml
diff --git a/poc/wifisky-default-password-cnvd-2021-39012.yml b/poc/manual/wifisky-default-password-cnvd-2021-39012.yml
similarity index 100%
rename from poc/wifisky-default-password-cnvd-2021-39012.yml
rename to poc/manual/wifisky-default-password-cnvd-2021-39012.yml
diff --git a/poc/wordpress-cve-2019-19985-infoleak.yml b/poc/manual/wordpress-cve-2019-19985-infoleak.yml
similarity index 100%
rename from poc/wordpress-cve-2019-19985-infoleak.yml
rename to poc/manual/wordpress-cve-2019-19985-infoleak.yml
diff --git a/poc/wordpress-ext-adaptive-images-lfi.yml b/poc/manual/wordpress-ext-adaptive-images-lfi.yml
similarity index 100%
rename from poc/wordpress-ext-adaptive-images-lfi.yml
rename to poc/manual/wordpress-ext-adaptive-images-lfi.yml
diff --git a/poc/wordpress-ext-mailpress-rce.yml b/poc/manual/wordpress-ext-mailpress-rce.yml
similarity index 100%
rename from poc/wordpress-ext-mailpress-rce.yml
rename to poc/manual/wordpress-ext-mailpress-rce.yml
diff --git a/poc/wuzhicms-v410-sqli.yml b/poc/manual/wuzhicms-v410-sqli.yml
similarity index 100%
rename from poc/wuzhicms-v410-sqli.yml
rename to poc/manual/wuzhicms-v410-sqli.yml
diff --git a/poc/xdcms-sql.yml b/poc/manual/xdcms-sql.yml
similarity index 100%
rename from poc/xdcms-sql.yml
rename to poc/manual/xdcms-sql.yml
diff --git a/poc/xiuno-bbs-cvnd-2019-01348-reinstallation.yml b/poc/manual/xiuno-bbs-cvnd-2019-01348-reinstallation.yml
similarity index 100%
rename from poc/xiuno-bbs-cvnd-2019-01348-reinstallation.yml
rename to poc/manual/xiuno-bbs-cvnd-2019-01348-reinstallation.yml
diff --git a/poc/xunchi-cnvd-2020-23735-file-read.yml b/poc/manual/xunchi-cnvd-2020-23735-file-read.yml
similarity index 100%
rename from poc/xunchi-cnvd-2020-23735-file-read.yml
rename to poc/manual/xunchi-cnvd-2020-23735-file-read.yml
diff --git a/poc/yapi-rce.yml b/poc/manual/yapi-rce.yml
similarity index 100%
rename from poc/yapi-rce.yml
rename to poc/manual/yapi-rce.yml
diff --git a/poc/yccms-rce.yml b/poc/manual/yccms-rce.yml
similarity index 100%
rename from poc/yccms-rce.yml
rename to poc/manual/yccms-rce.yml
diff --git a/poc/yongyou-u8-oa-sqli.yml b/poc/manual/yongyou-u8-oa-sqli.yml
similarity index 100%
rename from poc/yongyou-u8-oa-sqli.yml
rename to poc/manual/yongyou-u8-oa-sqli.yml
diff --git a/poc/yonyou-grp-u8-sqli-to-rce.yml b/poc/manual/yonyou-grp-u8-sqli-to-rce.yml
similarity index 100%
rename from poc/yonyou-grp-u8-sqli-to-rce.yml
rename to poc/manual/yonyou-grp-u8-sqli-to-rce.yml
diff --git a/poc/yonyou-grp-u8-sqli.yml b/poc/manual/yonyou-grp-u8-sqli.yml
similarity index 100%
rename from poc/yonyou-grp-u8-sqli.yml
rename to poc/manual/yonyou-grp-u8-sqli.yml
diff --git a/poc/yonyou-nc-arbitrary-file-upload.yml b/poc/manual/yonyou-nc-arbitrary-file-upload.yml
similarity index 100%
rename from poc/yonyou-nc-arbitrary-file-upload.yml
rename to poc/manual/yonyou-nc-arbitrary-file-upload.yml
diff --git a/poc/yonyou-nc-bsh-servlet-bshservlet-rce.yml b/poc/manual/yonyou-nc-bsh-servlet-bshservlet-rce.yml
similarity index 100%
rename from poc/yonyou-nc-bsh-servlet-bshservlet-rce.yml
rename to poc/manual/yonyou-nc-bsh-servlet-bshservlet-rce.yml
diff --git a/poc/youphptube-encoder-cve-2019-5127.yml b/poc/manual/youphptube-encoder-cve-2019-5127.yml
similarity index 100%
rename from poc/youphptube-encoder-cve-2019-5127.yml
rename to poc/manual/youphptube-encoder-cve-2019-5127.yml
diff --git a/poc/youphptube-encoder-cve-2019-5128.yml b/poc/manual/youphptube-encoder-cve-2019-5128.yml
similarity index 100%
rename from poc/youphptube-encoder-cve-2019-5128.yml
rename to poc/manual/youphptube-encoder-cve-2019-5128.yml
diff --git a/poc/youphptube-encoder-cve-2019-5129.yml b/poc/manual/youphptube-encoder-cve-2019-5129.yml
similarity index 100%
rename from poc/youphptube-encoder-cve-2019-5129.yml
rename to poc/manual/youphptube-encoder-cve-2019-5129.yml
diff --git a/poc/yungoucms-sqli.yml b/poc/manual/yungoucms-sqli.yml
similarity index 100%
rename from poc/yungoucms-sqli.yml
rename to poc/manual/yungoucms-sqli.yml
diff --git a/poc/zabbix-authentication-bypass.yml b/poc/manual/zabbix-authentication-bypass.yml
similarity index 100%
rename from poc/zabbix-authentication-bypass.yml
rename to poc/manual/zabbix-authentication-bypass.yml
diff --git a/poc/zabbix-cve-2016-10134-sqli.yml b/poc/manual/zabbix-cve-2016-10134-sqli.yml
similarity index 100%
rename from poc/zabbix-cve-2016-10134-sqli.yml
rename to poc/manual/zabbix-cve-2016-10134-sqli.yml
diff --git a/poc/zabbix-default-password.yml b/poc/manual/zabbix-default-password.yml
similarity index 100%
rename from poc/zabbix-default-password.yml
rename to poc/manual/zabbix-default-password.yml
diff --git a/poc/zcms-v3-sqli.yml b/poc/manual/zcms-v3-sqli.yml
similarity index 100%
rename from poc/zcms-v3-sqli.yml
rename to poc/manual/zcms-v3-sqli.yml
diff --git a/poc/zeit-nodejs-cve-2020-5284-directory-traversal.yml b/poc/manual/zeit-nodejs-cve-2020-5284-directory-traversal.yml
similarity index 100%
rename from poc/zeit-nodejs-cve-2020-5284-directory-traversal.yml
rename to poc/manual/zeit-nodejs-cve-2020-5284-directory-traversal.yml
diff --git a/poc/zeroshell-cve-2019-12725-rce.yml b/poc/manual/zeroshell-cve-2019-12725-rce.yml
similarity index 100%
rename from poc/zeroshell-cve-2019-12725-rce.yml
rename to poc/manual/zeroshell-cve-2019-12725-rce.yml
diff --git a/poc/zimbra-cve-2019-9670-xxe.yml b/poc/manual/zimbra-cve-2019-9670-xxe.yml
similarity index 100%
rename from poc/zimbra-cve-2019-9670-xxe.yml
rename to poc/manual/zimbra-cve-2019-9670-xxe.yml
diff --git a/poc/zzcms-zsmanage-sqli.yml b/poc/manual/zzcms-zsmanage-sqli.yml
similarity index 100%
rename from poc/zzcms-zsmanage-sqli.yml
rename to poc/manual/zzcms-zsmanage-sqli.yml
diff --git a/schema.json b/schema.json
new file mode 100644
index 0000000..bf2d2cd
--- /dev/null
+++ b/schema.json
@@ -0,0 +1,259 @@
+{
+  "$schema": "https://json-schema.org/draft/2019-09/schema",
+  "$id": "https://raw.githubusercontent.com/chaitin/gamma/master/static/schema/schema-v2.json",
+  "title": "POC Check",
+  "definitions": {
+    "kv": {
+      "description": "variables",
+      "type": "object",
+      "additionalProperties": {
+        "type": "string"
+      }
+    },
+    "raw_request": {
+      "description": "tcp or udp request",
+      "type": "object",
+      "properties": {
+        "cache": {
+          "description": "cache package",
+          "type": "boolean"
+        },
+        "content": {
+          "description": "raw package content",
+          "type": "string"
+        },
+        "read_timeout": {
+          "description": "raw read timeout",
+          "type": "string"
+        },
+        "connection_id": {
+          "description": "raw send package use which connection",
+          "type": "string"
+        }
+      },
+      "required": ["content"],
+      "additionalProperties": false
+    },
+    "http_request": {
+      "description": "http request",
+      "type": "object",
+      "properties": {
+        "cache": {
+          "description": "cache package",
+          "type": "boolean"
+        },
+        "method": {
+          "description": "request method",
+          "type": "string",
+          "enum": ["HEAD", "GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS", "CONNECT", "MOVE", "TRACE", "PROPFIND"]
+        },
+        "path": {
+          "description": "request path",
+          "type": "string",
+          "pattern": "^[/^].*"
+        },
+        "headers": {
+          "description": "request HTTP headers",
+          "type": "object",
+          "additionalProperties": {
+            "type": "string"
+          }
+        },
+        "body": {
+          "description": "request body",
+          "type": "string"
+        },
+        "follow_redirects": {
+          "description": "This option determines whether the HTTP request will follow the jump",
+          "type": "boolean"
+        },
+        "read_timeout": {
+          "description": "http response read timeout",
+          "type": "string"
+        },
+        "no_cookie": {
+            "description": "This option determines whether the HTTP request will not use the cookie",
+            "type": "boolean"
+        }
+      },
+      "required": ["method"],
+      "additionalProperties": false
+    },
+    "rule": {
+      "description": "A rule",
+      "type": "object",
+      "properties": {
+        "request": {
+          "description": "request object is related with transport",
+          "type": "object",
+          "oneOf": [{ "$ref": "#/definitions/raw_request" }, { "$ref": "#/definitions/http_request" }]
+        },
+        "expression": {
+          "description": "a CEL expression what determines whether the vulnerability exists",
+          "type": "string"
+        },
+        "output": { "$ref": "#/definitions/kv" }
+      },
+      "required": ["expression"],
+      "additionalProperties": false
+    },
+    "product": {
+      "description": "fingerprint info",
+      "type": "object",
+      "properties": {
+        "id": {
+          "description": "ct product id",
+          "type": "string"
+        },
+        "name": {
+          "description": "product name",
+          "type": "string"
+        },
+        "version": {
+          "description": "product version",
+          "type": "string"
+        },
+        "cpe": {
+          "description": "product cpe identifier",
+          "type": "string"
+        }
+      }
+    },
+    "detail": {
+      "description": "output details",
+      "type": "object",
+      "properties": {
+        "author": {
+          "description": "POC author",
+          "type": "string"
+        },
+        "links": {
+          "description": "some links that describe or reproduce the vulnerability",
+          "type": "array",
+          "items": {
+            "description": "link",
+            "type": "string",
+            "format": "iri"
+          },
+          "minItems": 0
+        },
+        "vulnerability": {
+          "description": "vulnerability info",
+          "type": "object",
+          "properties": {
+            "id": {
+              "description": "ct vulnerability id",
+              "type": "string"
+            },
+            "match": {
+              "description": "vulnerability match result",
+              "type": "string"
+            },
+            "level": {
+              "description": "vulnerability level",
+              "type": "string"
+            }
+          },
+          "additionalProperties": true
+        },
+        "fingerprint": {
+          "description": "fingerprint product",
+          "type": "object",
+          "allOf": [
+            { "$ref": "#/definitions/product" }
+          ],
+          "properties": {
+            "os": {
+              "description": "os product",
+              "type": "object",
+              "allOf": [
+                { "$ref": "#/definitions/product" }
+              ]
+            },
+            "hardware": {
+              "description": "hardware product",
+              "type": "object",
+              "allOf": [
+                { "$ref": "#/definitions/product" }
+              ]
+            }
+          },
+          "additionalProperties": true
+        }
+      },
+      "additionalProperties": true
+    },
+    "info": {
+      "description": "info definition",
+      "type": "object",
+      "properties":{
+        "name": {
+          "description": "POC name",
+          "type": "string",
+          "pattern": "^(?:poc-yaml|custom|fingerprint-yaml)-.+$"
+        },
+        "binding": {
+          "description": "binding uuid",
+          "type": "string",
+          "pattern": "^[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$"
+        },
+        "manual": {
+          "description": "manual write",
+          "type": "boolean"
+        },
+        "detail": { "$ref": "#/definitions/detail" }
+      },
+      "required": ["name"]
+    },
+    "script": {
+      "description": "script definition",
+      "type": "object",
+      "properties":{
+        "transport": {
+          "description": "transport",
+          "type": "string",
+          "enum": ["tcp", "udp", "http"]
+        },
+        "set": { "$ref": "#/definitions/kv" },
+        "rules": {
+          "description": "Rules",
+          "type": "object",
+          "additionalProperties": {
+            "$ref": "#/definitions/rule"
+          }
+        },
+        "expression": {
+          "description": "expression",
+          "type": "string"
+        },
+        "payloads": {
+          "description": "payloads variables",
+          "type": "object",
+          "properties": {
+            "continue": {
+              "description": "get result payload continue",
+              "type": "boolean"
+            },
+            "payloads": {
+              "description": "This option determines whether the test is skip",
+              "type": "object",
+              "additionalProperties": { "$ref": "#/definitions/kv" }
+            }
+          },
+          "additionalProperties": false
+        }
+      },
+      "required": ["transport", "rules", "expression"]
+    },
+    "poc": {
+      "description": "A tool that checks XRay POC",
+      "type": "object",
+      "allOf": [
+        { "$ref": "#/definitions/info" },
+        { "$ref": "#/definitions/script" }
+      ],
+      "unevaluatedProperties": false
+    }
+  },
+  "$ref": "#/definitions/poc"
+}