id: composer-auth-json info: name: Composer-auth Json File Disclosure author: DhiyaneshDK severity: low reference: https://www.exploit-db.com/ghdb/5768 metadata: verified: true google-query: intext:"index of /" ".composer-auth.json" tags: exposure,devops,files requests: - method: GET path: - "{{BaseURL}}/.composer-auth.json" - "{{BaseURL}}/vendor/webmozart/assert/.composer-auth.json" stop-at-first-match: true matchers-condition: and matchers: - type: word words: - 'github-oauth' - 'github.com' condition: and - type: status status: - 200