vpatch-env-access AppSec Rule

« vpatch-env-access »
v0.2 by crowdsecurity
AppSec rule

Detect access to .env files

Installation

cscli appsec-rules install crowdsecurity/vpatch-env-access

YAML Configuration

1name: crowdsecurity/vpatch-env-access
2description: "Detect access to .env files"
3rules:
4  - zones:
5    - URI
6    transform:
7    - lowercase
8    match:
9      type: endsWith
10      value: .env
11labels:
12  type: scan
13  service: http
14  confidence: 3
15  spoofable: 0
16  behavior: "http:scan"
17  label: "Access to .env file"
18  classification:
19   - attack.T1595
20   - attack.T1190
21

Hub Appsec rule

« vpatch-env-access »v0.2 by crowdsecurityAppSec rule

« vpatch-env-access »
v0.2 by crowdsecurity
AppSec rule