Depending on the technologies used for the website tested, there will be many sensitive files that should not
be accessible via the main visitor or web client. A typical List of sensitive files:
- Log Files
- Backup Files
- Source Code Files
- Email files
- Config files
- Text files
- Settings files
- Database log/backup files
- Versioned Files(index_old.html etc)
- Commonly targeted directories(CSS, JS)
WebSafe will test for Sensitive Files:
By generating a large database of file types and common names through years of experience, WebSafe can test
every file scanned for relevancy and sensitivity. Based on a probability, a file can be detected as sensitive.