code_disclosure | w3af - Open Source Web Application Security Scanner

Description

This plugin greps every page in order to find code disclosures. Basically it greps for ‘<?.*?>’ and ‘<%.*%>’ using the re module and reports findings. Code disclosures are usually generated due to web server misconfigurations, or wierd web application “features”.

Plugin type

Grep

Options

This plugin doesn’t have any user configured options.

Source

For more information about this plugin and the associated tests, there’s always the source code to understand exactly what’s under the hood:
Plugin source code
Unittest source code

Dependencies

This plugin has no dependencies.