Awesome

laravelN00b

Incorrect configuration allows you to access .env files or reading env variables. LaravelN00b automated scan .env files and checking debug mode in victim host.

Scan rationale

• Scan host.
• Resolve IP adress and check .env file in IP Adress
• Checking debug mode Laravel ( Read .env variables )

Installation

1 - Install with installer.sh

chmod +x installer.sh

./installer.sh

2 - Install manual

go get github.com/briandowns/spinner

go get github.com/christophwitzko/go-curl

go run main.go --hostname victim.host

or

go build laravelN00b main.go

Run

./laravelN00b --hostname victim.host