Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

application.yaml detection

By kannthu

Vidoc logoVidoc Module

What is the "application.yaml detection?"

The "application.yaml detection" module is designed to detect misconfigurations in the YAML files used by applications. It focuses on finding Application YAML files that often contain sensitive information. The severity of this module is classified as informative. This module targets applications that use YAML files for configuration.


This module helps identify potential misconfigurations in application YAML files, which can lead to security vulnerabilities. By detecting these misconfigurations, it allows developers and administrators to take appropriate actions to secure their applications and protect sensitive information.

How does the module work?

The "application.yaml detection" module works by sending HTTP requests to specific paths commonly used for application YAML files, such as "/app.yaml", "/app.yml", "/application.yaml", and "/application.yml". It then applies matching conditions to identify misconfigurations. The matching conditions include:

- Checking for specific keywords in the YAML file, such as "runtime:", "spring:", "datasource:", "platform:", "server:", and "job:". - Verifying that the HTTP response status is 200. - Applying a DSL (Domain Specific Language) condition to ensure that the response body does not contain certain HTML or XML elements.

By combining these matching conditions, the module can effectively detect misconfigurations in application YAML files.

Example HTTP request:

GET /app.yaml

Note: The actual module definition is not shown here for simplicity. The provided example demonstrates the general concept of how the module works.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/app.yaml/app.yml/application.yaml(+1 paths)
Matching conditions
word: runtime:, spring:, datasource:, platform...and
status: 200and
dsl: !contains(toLower(body), `<html`), !cont...
Passive global matcher
No matching conditions.
On match action
Report vulnerability