id: sendgrid-env

info:
  name: SendGrid Env File Exposure
  author: DhiyaneshDk
  severity: medium
  description: SendGrid file is exposed containing environment variables.
  metadata:
    verified: true
    max-request: 1
    shodan-query: html:"sendgrid.env"
  tags: exposure,sendgrid,key,api,files

http:
  - method: GET
    path:
      - "{{BaseURL}}/sendgrid.env"

    extractors:
      - type: regex
        part: body
        regex:
          - 'SG\.[a-zA-Z0-9-_]{22}\.[a-zA-Z0-9_-]{43}'
# digest: 490a00463044022033f2cda8d56c0ee6e11544acd36f9b4de05eb5a416f31b97c5be85d60d4bad210220347c49282a6f53c12d84fd1639b7f9f5e1e19e993a7171265c5490a36ed1c0e1:922c64590222798bb761d5b6d8e72950