Skip to content

Sensitive Data: Exposed JSON Configuration Files¶

Identifier: config_json_exposure_fuzz

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner	ASM Scanner

Description¶

Detects exposed JSON configuration files containing sensitive information including API keys, access tokens, AWS credentials, database configurations, base URLs, file paths, and application settings. These files often contain production configurations and credentials that should not be publicly accessible.

Configuration¶

Example¶

Example configuration:

---
security_tests:
  config_json_exposure_fuzz:
    skip: false

Reference¶

`skip`¶

Type : boolean

Skip the test if true.