🟩Information Disclosure

When a website unintentionally reveals sensitive information

Test for information disclosure

• Fuzzing

• Using Burp's engagement tools, Search/Find comments/Discover content

• Engineering informative responses

Common sources of information disclosure

Files for Web Crawlers Check /robots.txt or /sitemap.xml

Directory Listings Web servers can be configured to automatically list the contents of directories that do not have an index page present

Developer Comments Interesting things on in-line HTML/JavaScript comments

Error Messages Reveal information in errors

Debugging Data Interesting thins in custom error messages for developer debugs

User Account Pages Like IDOR vulnerabilities, attacker can access to other user information

Backup Files Sensitive data is sometimes even hard-coded within the source code in the backup files

Insecure Configuration Test HTTP "TRACE" method because sometimes "/admin" path will be enable if you send a special header like: X-Custom-IP-Authorization: 127.0.0.1

Version Control History Check ".git" folder and find sensitive data hard-coded within some of the changed lines. Useful command: $ git status $ git log $ git checkout