Look for these file extensions in your pentests and appsec assessments.
(thread)
(thread)
1. .env - commonly used to store environment variables, including sensitive information such as passwords and tokens.
2. .yml/.yaml - commonly used in configuration files for software written in programming languages like Ruby, Python and JavaScript.
3. .properties - commonly used to store configuration settings in Java-based applications.
4. .ini - configuration files used in Windows and other operating systems.
5. .config/.cfg/.conf/.cnf - configuration files used in Windows and other operating systems.
6. .plist - Property list files used in macOS and iOS to store application preferences and configuration settings.
7. .xml - commonly used for configuration and data exchange in various apps.
8. .json - commonly used for configuration and data exchange in various apps.
9. .key - commonly used to store private encryption keys.
10. .aws (folder) - used to store configuration settings for the AWS command-line interface (CLI).
11. .netrc - used to store login information for various network protocols, commonly used by the curl and wget command-line tools.
12. There are many more, yes! You can contribute to the list. Reply and let me know of others.
#pentesting #infosec #cybersecurity #hacking #bugbounty #bugbountytips #infosec #appsec
#pentesting #infosec #cybersecurity #hacking #bugbounty #bugbountytips #infosec #appsec
• • •
Missing some Tweet in this thread? You can try to
force a refresh
