Typescript Express Directory Listing
Description
This vulnerability detector identifies Express.js applications that have directory listing enabled, which can expose the internal structure and sensitive files of the web application to attackers. When directory listing is enabled in Express, users can browse directories and view file listings when accessing URLs that correspond to directories without index files, potentially revealing configuration files, source code, or other sensitive information.
Detection Strategy
• The detector scans JavaScript source code for Express.js applications
• It identifies when Express.js is configured to serve static files with directory listing enabled
• Specifically looks for calls to serve-index
• Triggers a vulnerability report when directory browsing capabilities are explicitly enabled in the Express configuration
Vulnerable code example
import express from "express";
import serveIndex from "serve-index";
const app = express();
// Exposes directory listing - security vulnerability
app.use("/uploads", serveIndex("uploads", { icons: true }));
...✅ Secure code example
import express from "express";
import serveIndex from "serve-index";
const app = express();
// Authentication middleware
function requireAuth(req: any, res: any, next: any) {
if (req.headers.authorization === "Bearer valid-token") {...Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.