Hunting for configuration files is one of the favorite tricks we typically see used against our honeypots. Traditionally, standard and more generic configuration files like “.env” or “.config” are the target, with some cloud-specific configuration files sprinkled in.
This article has been indexed from SANS Internet Storm Center, InfoCON: green