id: application-yaml info: name: application.yaml detection author: Cristi vlad (@cristivlad25) severity: info description: Finds Application YAML files which often contain sensitive information. metadata: max-request: 4 tags: misconfig http: - method: GET path: - "{{BaseURL}}/app.yaml" - "{{BaseURL}}/app.yml" - "{{BaseURL}}/application.yaml" - "{{BaseURL}}/application.yml" stop-at-first-match: true matchers-condition: and matchers: - type: word condition: or words: - "runtime:" - "spring:" - "datasource:" - "platform:" - "server:" - "job:" - type: status status: - 200 - type: dsl condition: or dsl: - "!contains(tolower(body), '')" - "!contains(tolower(body), '')" - "!contains(tolower(body), '')" - "!contains(tolower(body), '