Github Recon
While developing a project, some developers forget to hide the sensitive file in the repository.
Vulnerability Name: Sensitive information exposed on GitHub
Vulnerability Description: Here while enumerating the target, I found a public repository of the [Company name] leaking the sensitive information.
Steps to Reproduce:
  1. 1.
    Go to the [URL].
  2. 2.
    There you can the sensitive data exposed.
Proof-of-concept: Snapshots or video link attached.
Impact: [Create your own attack scenario according to the workflow of website]
Attack Scenario: [Create your own attack scenario according to the workflow of website]
Remediation: Make the repository private or delete that vulnerable code.
Copy link