.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).
They store information about the files within a folder, including display options of folders, such as icon positions and view settings.
It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.
Severity: low
Fingerprint: 5f32cf5d6962f09c026392ab026392ab8b46cfcb81a6192abdcb706bd5260232
Found 7 files trough .DS_Store spidering: /css /css/style.css /images /images/instant-gaming-box-favicon.png /images/instant-gaming-box-logo.png /index.html /js
The following URL (usually /.git/config
) is publicly accessible and is leaking source code and repository configuration.
Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a65224400cb39
[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = git@github.com:stringsn88keys/tp88.us.git fetch = +refs/heads/*:refs/remotes/origin/* [branch "main"] remote = origin merge = refs/heads/main
Severity: medium
Fingerprint: 2580fa947178c88602b1737db148c044baa2727ab8135b5bbc521bbb3f0e61e1
[core] repositoryformatversion = 0 filemode = false bare = false logallrefupdates = true symlinks = false ignorecase = true [remote "origin"] url = git@github.com:stringsn88keys/tp88.us.git fetch = +refs/heads/*:refs/remotes/origin/* [pull] rebase = false [branch "main"] remote = origin merge = refs/heads/main rebase = true
A JSON configuration file has been found at config.json
.
It may contains application configuration such as credentials.
False positive might happen when hitting a JSON API endpoint.
Fingerprint: b18befd9dd6536aa30550de5e99d74065db4e4ab72247dcf03f33f6460c28618
{ "apiEndpoint": "https://5d27wdk3yi.execute-api.eu-central-1.amazonaws.com/test/", "cognitoPoolId": "eu-central-1_0AHKq5Asr", "cognitoWebClientId": "3ht95l77mogddmp79u5p5igslt", "cognitoRegion": "eu-central-1", "creatorWebsocketUrl": "wss://it4obs06ra.execute-api.eu-central-1.amazonaws.com/test/", "myzeWebsocketUrl": "wss://0tsyywls31.execute-api.eu-central-1.amazonaws.com/test/", "stripePublicApiKey": "pk_live_51K3dUPDjSbv1QBFnCkHiOlLPfLfEtaUMNp8x8hpSvRG3jaM3fuSMllzQLTW17yr1pAcUGxNIUrGyFUESrX2utM3a00QGZdYWjG", "stripeReadPricesApiKey": "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", "rutterPublicKey": "sandbox_pk_647697eb-d37f-4120-a57a-122989cbe226", "deployment": "official" }