id: dockercfg-config info: name: Detect .dockercfg author: geeknik severity: high description: Docker registry authentication data tags: docker,exposure,config http: - method: GET path: - "{{BaseURL}}/.dockercfg" - "{{BaseURL}}/.docker/config.json" matchers-condition: and matchers: - type: word words: - '"email":' - '"auth":' condition: and - type: word part: header words: - "text/plain" - type: status status: - 200