Directory listing vulnerabilities exposed FTP Exposed configuration file File upload endpoints Exposed database Exposed Log Backup & Old files Publicly exposed documents Find emails Find password 1 Find password 2 Find password emails Sensitive Documents #1 Apache config Files Apache STRUTS RCE Robots.txt phpinfo Apache Server Status .htaccess sensitive files Install/Setup Files 3rd Party Exposure Finding exposed cloud service credentials Digital Ocean Spaces Firebase s3 Bucket Google APIs Google drive Azure OneDrive DropBox Google Docs Reverse IP Lookup Source Code-Public[WWW] securityheaders.com Check Website OS Login/Admin finder Finding Backdoors Employees on LinkedIn Employees on facebook Employees on twitter

SQLi Parameters (51) SQLi Parameters (68) Error SQLIs (71) Error SQLIs (16) Post Parameters (3) Open Redirects (41) Open Redirects (18) SSRF Params (24) RCE Params (23) XSS Params (27) Idor Params (12) LFI Params (24) 信息泄露 ext (58)

GitLab .git API_KEY/api_key/API_SECRET/api_secret DB_PASSWORD/DATABASE_URL/DATABASE_Password AWS_ACCESS_KEY_ID/aws_access_key_id/aws_secret_access_key filename:.env password/secrat/credential BEGIN OPENSSH PRIVATE KEY confidential/sensitive fatal/error/exception password/secret/credential/in:file branch.* extension:json/yml/xml/config BEGIN CERTFICATE BEGIN PRIVATE KEY token/access_token filename:config/settings secrets.