id: jwt-token

info:
  name: JWT Token Disclosure
  author: Ice3man
  severity: info
  tags: exposure,token

requests:
  - method: GET
    path:
      - "{{BaseURL}}"

    extractors:
      - type: regex
        part: body
        regex:
          - 'eyJ[a-zA-Z0-9]{10,}\.eyJ[a-zA-Z0-9]{10,}\.[a-zA-Z0-9_\-]{10,}'