id: exposed-gitignore

info:
  name: Exposed Gitignore
  author: TheZakMan
  severity: info
  tags: config,git,exposure
  reference: |
      - https://twitter.com/pratiky9967/status/1230001391701086208
      - https://www.tenable.com/plugins/was/98595

requests:
  - method: GET
    path:
      - "{{BaseURL}}/.gitignore"
      - "{{BaseURL}}/assets/.gitignore"
      - "{{BaseURL}}/includes/.gitignore"

    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200

      - type: dsl
        dsl:
          - '!contains(tolower(body), "<html") && !contains(tolower(body), "<!doctype") &&  !contains(tolower(body), "<script")'

      - type: dsl
        dsl:
          - 'contains(tolower(all_headers), "binary/octet-stream")'

      - type: dsl
        dsl:
          - "len(body) > 50 "