Skip to content

Comments

Adding config_file_scan #1051

Merged
securestep9 merged 4 commits intoOWASP:masterfrom
Manushya-a:config-scan
May 5, 2025
Merged

Adding config_file_scan #1051
securestep9 merged 4 commits intoOWASP:masterfrom
Manushya-a:config-scan

Conversation

@Manushya-a
Copy link
Contributor

Proposed change

This PR aims to add a scan module config_file_scan which searches for configuration file in a website and adds a wordlist for the same

Type of change

  • New core framework functionality
  • Bugfix (non-breaking change which fixes an issue)
  • Code refactoring without any functionality changes
  • New or existing module/payload change
  • Localization improvement
  • Dependency upgrade
  • Documentation improvement

Checklist

  • I've followed the contributing guidelines
  • I've run make pre-commit, it didn't generate any changes
  • I've run make test, all tests passed locally

Adding possible configuration file names
@pUrGe12
Copy link
Contributor

pUrGe12 commented Mar 22, 2025

Hey, while you're at it, I think creating something like an extension adder would also make sense? For example, using the '-x' flag and specifying extensions to add onto the words in the wordlist file you're using while doing a scan would be cool and would probably help in config scans.

@Manushya-a
Copy link
Contributor Author

ya makes sense. I will get to it :D

Updating the wordlist to remove spaces in the urls
@Manushya-a
Copy link
Contributor Author

Manushya-a commented Mar 24, 2025

maybe we should tackle that in a separate pr?

@securestep9 securestep9 added the new module pull request with new module(s) label May 5, 2025
@securestep9 securestep9 self-assigned this May 5, 2025
@securestep9
Copy link
Collaborator

Thank you for your contribution @Manushya-a ! 🚀

@securestep9 securestep9 added this pull request to the merge queue May 5, 2025
Merged via the queue into OWASP:master with commit 423f661 May 5, 2025
17 checks passed
@Manushya-a Manushya-a deleted the config-scan branch May 5, 2025 16:07
pUrGe12 pushed a commit to pUrGe12/Nettacker that referenced this pull request May 23, 2025
* Config-scan

* Update config_wordlist.txt

Adding possible configuration file names

* Update config_wordlist.txt

Updating the wordlist to remove spaces in the urls

---------

Co-authored-by: Sam Stepanyan <sam.stepanyan@owasp.org>
pUrGe12 pushed a commit to pUrGe12/Nettacker that referenced this pull request May 24, 2025
* Config-scan

* Update config_wordlist.txt

Adding possible configuration file names

* Update config_wordlist.txt

Updating the wordlist to remove spaces in the urls

---------

Co-authored-by: Sam Stepanyan <sam.stepanyan@owasp.org>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

new module pull request with new module(s)

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants