.txt -ai "Find exposed AI/ML model files (.pkl, .h5, .pt) that may leak proprietary algorithms or sensitive training data"
.txt -ai "Find exposed automation scripts (.sh, .ps1, .bat) revealing internal tooling or credentials"
.txt -ai "Identify misconfigured CSP headers allowing 'unsafe-inline' or wildcard sources"
.txt -ai "Detect pages leaking JWT tokens in URLs or cookies"
.txt -ai "Identify overly verbose error messages revealing framework or library details"
.txt -ai "Find application endpoints with verbose stack traces or source code exposure"
.txt -ai "Find sensitive information in HTML comments (debug notes, API keys, credentials)"
.txt -ai "Find exposed .env files leaking credentials, API keys, and database passwords"
.txt -ai "Find exposed configuration files such as config.json, config.yaml, config.php, application.properties containing API keys and database credentials."
.txt -ai "Find exposed configuration files containing sensitive information such as credentials, API keys, database passwords, and cloud service secrets."
.txt -ai "Find database configuration files such as database.yml, db_config.php, .pgpass, .my.cnf leaking credentials."
.txt -ai "Find exposed Docker and Kubernetes configuration files such as docker-compose.yml, kubeconfig, .dockercfg, .docker/config.json containing cloud credentials and secrets."
.txt -ai "Find exposed SSH keys and configuration files such as id_rsa, authorized_keys, and ssh_config."
.txt -ai "Find exposed WordPress configuration files (wp-config.php) containing database credentials and authentication secrets."
.txt -ai "Identify exposed .npmrc and .yarnrc files leaking NPM authentication tokens"
.txt -ai "Identify open directory listings exposing sensitive files"
.txt -ai "Find exposed .git directories allowing full repo download"
.txt -ai "Find exposed .svn and .hg repositories leaking source code"
.txt -ai "Identify open FTP servers allowing anonymous access"
.txt -ai "Find GraphQL endpoints with introspection enabled"
.txt -ai "Identify exposed .well-known directories revealing sensitive data"
.txt -ai "Find publicly accessible phpinfo() pages leaking environment details"
.txt -ai "Find exposed Swagger, Redocly, GraphiQL, and API Blueprint documentation"
.txt -ai "Identify exposed .vscode and .idea directories leaking developer configs"
.txt -ai "Detect internal IP addresses (10.x.x.x, 192.168.x.x, etc.) in HTTP responses"
.txt -ai "Find exposed WordPress debug.log files leaking credentials and error messages"
.txt -ai "Detect misconfigured CORS allowing wildcard origins ('*')"
.txt -ai "Find publicly accessible backup and log files (.log, .bak, .sql, .zip, .dump)"
.txt -ai "Find exposed admin panels with default credentials"
.txt -ai "Identify commonly used API endpoints that expose sensitive user data, returning HTTP status 200 OK."
.txt -ai "Detect web applications running in debug mode, potentially exposing sensitive system information."
