nuclei-templates/exposures/configs/webpack-config.yaml

id: webpack-config

info:
  name: webpack config disclosure
  author: ambassify
  severity: info
  description: A lot of web projects use webpack these days to bundle their project to publish it online - this file holds various metadata relevant to the project.
  metadata:
    shodan-query: html:"webpack.config.js"
  tags: config,exposure

requests:
  - method: GET
    path:
      - "{{BaseURL}}/webpack.config.js"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "module.exports"
          - "const"
        condition: or

      - type: word
        part: header
        words:
          - "application/javascript"
          - "text/javascript"
        condition: or

      - type: status
        status:
          - 200
Add detection template for webpack config files (#4218) * Add detection template for webpack config files * minor matcher update Co-authored-by: sandeep <sandeep@projectdiscovery.io> 2022-04-24 10:32:27 +00:00			`id: webpack-config`

			`info:`
			`name: webpack config disclosure`
			`author: ambassify`
			`severity: info`
			`description: A lot of web projects use webpack these days to bundle their project to publish it online - this file holds various metadata relevant to the project.`
			`metadata:`
			`shodan-query: html:"webpack.config.js"`
			`tags: config,exposure`

			`requests:`
			`- method: GET`
			`path:`
			`- "{{BaseURL}}/webpack.config.js"`

			`matchers-condition: and`
			`matchers:`
			`- type: word`
			`words:`
			`- "module.exports"`
			`- "const"`
			`condition: or`

			`- type: word`
			`part: header`
			`words:`
			`- "application/javascript"`
			`- "text/javascript"`
			`condition: or`

			`- type: status`
			`status:`
			`- 200`