id: git-exposure info: name: Git Metadata Directory Exposure author: tess severity: medium metadata: verified: true max-request: 1 tags: logs,git,exposure http: - method: GET path: - "{{BaseURL}}/.git/" host-redirects: true max-redirects: 2 matchers-condition: and matchers: - type: word part: body words: - "403 Forbidden" - "You do not have permission to access /.git/" condition: and - type: status status: - 403