wanderer/ PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-05-10 12:46:15 +02:00
Code Issues Releases Activity
PayloadsAllTheThings/Insecure Management Interface
History
Swissky 404afd1d71 Fix name's capitalization 2019-03-07 00:07:55 +01:00
..
Intruder Fix name's capitalization 2019-03-07 00:07:55 +01:00
README.md Fix name's capitalization 2019-03-07 00:07:55 +01:00

README.md

Insecure management interface

Springboot-Actuator

Actuator endpoints let you monitor and interact with your application. Spring Boot includes a number of built-in endpoints and lets you add your own. For example, the health endpoint provides basic application health information. Some of them contains sensitive info such as :

  • /trace (by default the last 100 HTTP requests with headers)
  • /env (the current environment properties)
  • /heapdump (builds and returns a heap dump from the JVM used by our application).

These endpoints are enabled by default in Springboot 1.X. Since Springboot 2.x only /health and /info are enabled by default.

References