id: npm-debug-log info: name: NPM Debug Log Disclosure author: Hardik-Solanki severity: low description: NPM Debug log file exposed. reference: - https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt - https://docs.npmjs.com/generating-and-locating-npm-debug.log-files metadata: verified: true max-request: 2 github-query: filename:npm-debug.log tags: exposure,npm,logs,debug http: - method: GET path: - "{{BaseURL}}/npm-debug.log" - "{{BaseURL}}/assets/npm-debug.log" stop-at-first-match: true matchers-condition: and matchers: - type: word part: body words: - 'verbose cli' - 'verbose stack' condition: and - type: status status: - 200 # digest: 4a0a00473045022067ac9b9b5b4180d43755571a3f37e4af5eb7bec80ea9093e0362750fdaf36a4c022100ae9e2d86fbd99b36c77eaadcdf4a76fcc23c18eece43f7b227b3328361a4f937:922c64590222798bb761d5b6d8e72950