id: go-pprof-debug

info:
  name: Go pprof Debug Page
  author: w8ay
  severity: low
  description: go pprof debug page was exposed.
  tags: logs,exposure,go,pprof

http:
  - method: GET
    path:
      - "{{BaseURL}}/debug/pprof/heap?debug=1"
      - "{{BaseURL}}/pprof/heap?debug=1"

    stop-at-first-match: true
    matchers-condition: and
    matchers:
      - type: word
        words:
          - 'heap profile:'
          - 'Alloc'
        condition: and

      - type: word
        words:
          - "text/plain"
        part: header

      - type: status
        status:
          - 200
# digest: 490a004630440220693988cf65c1e8338eaaa6f52fcee6af2d64476dc7116ffd74889bc31f69ea3302206342a09474c89b295474a1691c74da4e9dacd4e9d4a725d65e078a5b4d104fbf:922c64590222798bb761d5b6d8e72950