-
Notifications
You must be signed in to change notification settings - Fork 551
Evaluate: Sensitive Files
cdxy edited this page Nov 24, 2020
·
1 revision
进行全盘路径扫描,在路径中匹配敏感词来识别敏感文件,识别到的敏感文件如 docker.sock, .git, .kube 等将对后续渗透带来帮助。
Deploy a full-disk file path scan, matched sensitive files will do a great help to further pentest.
cdk evaluate --full
Edit this file and rebuild CDK. https://github.com/Xyntax/CDK/blob/main/conf/evaluate_conf.go
var SensitiveFileConf = sensitiveFileRules{
StartDir: "/",
NameList: []string{
`docker.sock`,
`.kube/`,
`.git/`,
`.svn/`,
`.pip/`,
`/.bash_history`,
`/.bash_profile`,
`/.bashrc`,
`/.ssh/`,
`.token`,
`/serviceaccount`,
`.dockerenv`,
`/config.json`,
},
}