Github Recon

While developing a project, some developers forget to hide the sensitive file in the repository.

Vulnerability Name: Sensitive information exposed on GitHub

Vulnerability Description: Here while enumerating the target, I found a public repository of the [Company name] leaking the sensitive information.

Steps to Reproduce:

  1. Go to the [URL].

  2. There you can the sensitive data exposed.

Proof-of-concept: Snapshots or video link attached.

Impact: [Create your own attack scenario according to the workflow of website]

Attack Scenario: [Create your own attack scenario according to the workflow of website]

Remediation: Make the repository private or delete that vulnerable code.

‚Äč