id: shellscripts info: name: Public shellscripts author: panch0r3d severity: low tags: bash,exposure,files requests: - method: GET path: - "{{BaseURL}}/.build.sh" - "{{BaseURL}}/.jenkins.sh" - "{{BaseURL}}/.travis.sh" - "{{BaseURL}}/install.sh" - "{{BaseURL}}/update.sh" - "{{BaseURL}}/config.sh" - "{{BaseURL}}/build.sh" - "{{BaseURL}}/setup.sh" - "{{BaseURL}}/run.sh" - "{{BaseURL}}/backup.sh" - "{{BaseURL}}/compile.sh" - "{{BaseURL}}/env.sh" - "{{BaseURL}}/init.sh" - "{{BaseURL}}/startup.sh" - "{{BaseURL}}/wp-setup.sh" - "{{BaseURL}}/deploy.sh" - "{{BaseURL}}/aws.sh" - "{{BaseURL}}/reminder.sh" - "{{BaseURL}}/mysqlbackup.sh" - "{{BaseURL}}/dev2local.sh" - "{{BaseURL}}/local2dev.sh" - "{{BaseURL}}/local2prod.sh" - "{{BaseURL}}/prod2local.sh" matchers-condition: and matchers: - type: regex part: body regex: - ".*?bin.*?sh" - ".*?bin.*?bash" condition: or - type: word part: header words: - "application/x-sh" - "text/plain" - "text/x-sh" condition: or - type: status status: - 200